Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

A next-generation crawling and spidering framework.

In-depth attack surface mapping and asset discovery

A Workflow Engine for Offensive Security

Monitor linux processes without root permissions

Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application

Digging Deeper....

Take a list of domains and probe for working HTTP and HTTPS servers

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud

Small, fast tool for performing reverse DNS lookups en masse.

FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log ag…

An Office365 User Attack Tool

TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and penetration tests with the tokens generated working out of t…

Establishes persistence on a Linux system by creating a udev rule that triggers the execution of a specified payload (binary or script)