Offensive Security Tool: Pypykatz
PyPyKatz is the Mimikatz implementation in pure Python. It can parse the secrets hidden in the LSASS process. This is just like mimikatz’s sekurlsa:: but with different commands. The main difference here is that all the parsing logic is separated from the data source, so if you define a new reader object you can basically perform the parsing of LSASS from anywhere but has even more features
Offensive Security Tool: Pyramid
Pyramid is a tool to perform post-exploitation task in an evasive manner, executing offensive tooling from a signed binary (e.g. python.exe) by importing their dependencies in memory.
Recon Tool: Dome
Dome is a fast and reliable Subdomain Enumeration Tool that facilitates active and passive scanning to discover subdomains and identify open ports.
OSINT Tool: GooFuzz
GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target’s server.
Recon Tool: Sniffer
Sniffer is a network troubleshooting tool that lets you analyze network traffic and processes without loading any kernel modules. With a user-friendly TUI interface, Sniffer captures and records packet information using gopacket.
Malware Analysis Tool: retoolkit
Retoolkit is a Reverse Engineering and Malware Analysis collection of tools on x86 and x64 Windows systems. It aims to provide a set of useful utilities for binary analysis and reverse engineering which includes various tools such as disassemblers, debuggers, and more.
Offensive Security Tool: Go365
Go365 is an Office365 user attack tool and its designed to help security professionals and researchers perform user enumeration and password guessing attacks on organizations that use Office365.
OSINT Tool: wholeaked
wholeaked is designed to help individuals and organizations identify if their email addresses have been exposed in a data breach. The tool works by searching through a database of leaked email addresses and cross-referencing them with the email addresses provided by the user.
Offensive Security Tool: dontgo403
DontGo403 is a tool designed to help Pentesters and Red Teams identify vulnerabilities in web servers that could be exploited to gain unauthorized access to resources. The tool does this by bypassing HTTP error code 403 responses, which are typically used to indicate that a user is not authorized to access a particular resource or webpage.