ItsCrem
Follow
Stars
Burp Suite extension for testing Passkey systems.
A comprehensive list of usable Entra ID first-party clients with pre-consented Microsoft Graph scopes, in a simple YAML-file explorable with a simple HTML GUI.
Secure Code Review AI Agent (SeCoRA) - AI SAST
All-sources tool to search websites by favicons
Bandit is a tool designed to find common security issues in Python code.
a prompt injection scanner for custom LLM applications
An NFC research toolkit application for Android
Chrome extension for automating CSPT discovery
CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.
An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !
A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints
PoC for CVE-2025-0282: A remote unauthenticated stack based buffer overflow affecting Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA gateways
Offensive MSSQL toolkit written in Python, based off SQLRecon
WolfPack combines the capabilities of Terraform and Packer to streamline the deployment of red team redirectors on a large scale.
Burp suite extension to find sensitive information by checking incoming text OR binary websocket messages
A project that demonstrates embedding shellcode payloads into image files (like PNGs) using Python and extracting them using C/C++. Payloads can be retrieved directly from the file on disk or from …
A tool for automating cracking methodologies through Hashcat from the TrustedSec team.
A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and indirect NTAPIs for core operations.
A distributed hashcat implementation using Salad Cloud and Hashtopolis
A research project to add some brrrrrr to Burp
Obtain GraphQL API schema even if the introspection is disabled