Discover sensepost/6thSense Open Source project

🔍 gowitness - a golang, web screenshot utility using Chrome Headless

7,492

gowitness

3,159

reGeorg

The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.

A tool to abuse Exchange services

3,015

ruler

2,164

mana

*DEPRECATED* mana toolkit for wifi rogue AP attacks and MitM

HTML

1,087

DET

(extensible) Data Exfiltration Toolkit (DET)

🕳 godoh - A DNS-over-HTTPS C2

819

godoh

752

kwetza

Python script to inject existing Android applications with a Meterpreter payload.

Smali

638

Snoopy

Snoopy: A distributed tracking and data interception framework

SensePost's modified hostapd for wifi attacks.

597

hostapd-mana

543

rattler

Automated DLL Enumerator

DNS-Shell is an interactive Shell over DNS channel

522

DNS-Shell

Universal Serial aBUSe is a project to demonstrate the risks of hardware bypasses of software security by Rogan Dawes at SensePost.

521

USaBUSe

493

snoopy-ng

Snoopy v2.0 - modular digital terrestrial tracking framework

Create a TCP circuit through validly formed HTTP requests

430

reDuh

Frack - Keep and Maintain your breach data

343

Frack

Auto Domain Admin and Network Exploitation.

309

autoDANE

A windows token impersonation tool

295

impersonate

Frontpage and Sharepoint fingerprinting and attack tool.

279

SPartan

A sock, with a wire, so you can tunnel all you desire.

277

wiresocks

Shell

272

mallet

Mallet is an intercepting proxy for arbitrary protocols

Domain user enumeration tool

262

UserEnum

Drag and Drop ClickJacking PoC development assistance tool.

212

jack

CSS

190

wpa_sycophant

Evil client portion of EAP relay attack

189

wikto

Nikto for Windows with some extra features.

175

routopsy

Routopsy - Hacking Routers with Routers

Test for SSL heartbeat vulnerability (CVE-2014-0160)

167

heartbleed-poc

Ruby

159

dwn

d(ockerp)wn - a docker pwn tool manager

DC25 5A1F - Demystifying Windows Kernel Exploitation by Abusing GDI Objects

156

gdi-palettes-exp

Crack MSCHAPv2 challenge/responses quickly using a database of NT hashes

143

assless-chaps

wadi

birp

Big Iron Recon & Pwnage

☄️ go-out - A Golang egress buster.

123

go-out

122

mail-in-the-middle

Liniaal - A communication extension to Ruler

100

mydumbedr

liniaal

frida-windows-playground

A collection of Frida hooks for experimentation on Windows platforms.

ms16-098

Windows 8.1 x64 Exploit for MS16-098 RNGOBJ_Integer_Overflow

notruler

The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.

offensive-rpc

Offensive RPC PoC

Toolset for writing shellcode in Python's Pickle language and for manipulating pickles to inject shellcode.

anapickle

Quick python script to automatically load NTLM hashes from Responder logs and fires up Hashcat to crack them

autoresponder

A rudimentary remote desktop tool for the X11 protocol exploiting unauthenticated x11 sessions

xrdp

apostille

Peanuts is a free and open source wifi tracking tool. Based on the SensePosts Snoopy-NG project that is now closed.

peanuts

Creating a wireless rifle de-authentication gun, which utilized a yagi antenna and a Raspberry Pi.

WiFi-Rifle

👊 A small utility to play with IBM MQ

punch-q

Script to perform some hashcracking logic automagically

hash-cracker

common-substr

Simple tool to extract the most common substrings from an input text. Built for password cracking.

shinai-fi

Docker images for learning wifi hacking

Shell

thumbscr-ews

Exchangelib wrapper for pentesting

The Bi-directional Link Extractor.

wsproxy

A websocket proxy

JavaScript

BiLE-suite

SensePost's network footprinting and enumeration tool. You can't pwn what you don't know about.

go-derper

Memcache hacking tool.

Ruby

yeti

A repository with toy implementations of MSCHAPv2, MPEE and WPA/2 to understand EAP better

understanding-eap

Left To My Own Devices - NT hash tools

sockstlsproxy

ntcrack

Rust

dual-pod-shock

policies

Collection of information security policies.

Suru

Suru is one of the original Man In The Middle (MITM) proxies that sits between the user's browser and the web application.

steampipe-plugin-projectdiscovery

A steampipe plugin to query projectdiscovery.io tools.

squeeza

SQL Injection without the pain of syringes.

Ruby

x11-active-displays

Checks X11 and outputs a screenshot to of the display if allowed and the display is active

Lua

wpa3-vuln

hostapd and wpa_supplicant 2.7 vulnerable to Mathy's WPA3 bugs

SapCap

SApCap is a SAP packet sniffer and decompression tool for analysing SAP GUI (DIAG) traffic

Tools to combine MVS data with external sources and visualise the output in Maltego.

maltego-mvs

Service desk password tools.

password-tools

JavaScript

cipherchecks

visually see issues with supported cipher suites

Basic script to pull addresses from a NTP server using the monlist command.

ntp_monlist

Runtime analysis of windows phone 7 applications.

XAPSpy

esp-vnc

Our fork of the esp-link firmware with a built in VNC server for passing input events to an AVR. Part of our Universal Serial aBUSe project.

casper

Casper is a tiny system tray application that can be used to view the invisible windows on your desktop.

SAPProx

SAPProx is a proof of concept tool for intercepting and modifying SAP GUI (DIAG protocol) traffic.

HTTP Brute Forcer (Java replacement for SP's CrowBar).

JBaah

Google DNS name / sub domain miner.

SP-DNS-mine

SensePost Unified Data API (SPUD) is a wrapper for apps requiring use of the deprecated Google API.

SpUD

neverevercookie

GUI for cleaning out evercookie persistence locations.

dresscode

Alpine hostapd-mana based RADIUS server

berate_radius

Shell

Manifestor

Android Manifest.xml tool

ClashofSpamTitan

BiLE stands for Bi-directional Link Extraction. It is used in the footprinting process to find non-obvious relationships between different web sites.

BilePublic

Port scan through Glype proxies.

glypeahead

PHP

finder

Finder.pl remotely checks IIS Servers for most of the methods used by WebDAV.

JCertChecker is used to check HTTPS certificates.

jcertchecker

desperate

Proxy Server network scanner and tunnelling tool.

MonSoen

Scully is a client interface to MSSQL and MySQL database servers.

Scully

hash-cracker-apple-silicon

Script to perform some hashcracking logic automagically

a bring your own client programming game

sconwar

CarbanakCheck

Check squid logs for possible Carbanak malware.

Seriously primitive portscanner using Squid proxy.

IDS evasion for web-based exploits via encoding built into a "proxy"

pudding

gr-protocoldecoder

A simple way to decode a known protocol in GRC in real time.

CMake

mpdchecker

Confirm the presence of HTTP methods per directory.

For working with IIS servers with the Unicode bug

unitools

A few short scripts to look at the performance of various file read strategies.

file-read-experiments

Rust

ctf-challenges

A collection of CTF challenges

CSS

100

sensedecode

Sensedecode includes 2 perl scripts which exploit the IIS url decoding bug.