Pinned repositories

  1. mana

    Our mana toolkit for wifi rogue AP attacks and MitM - see hostapd-mana too

    HTML 574 160

  2. reGeorg

    The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.

    Python 476 225

  3. USaBUSe

    Universal Serial aBUSe is a project to demonstrate the risks of hardware bypasses of software security by Rogan Dawes at SensePost.

    C 150 28

  4. ruler

    A tool to abuse Exchange services

    Go 189 60

  5. kwetza

    Python script to inject existing Android applications with a Meterpreter payload.

    Smali 116 50

  6. wadi

    Wadi Fuzzing Harness

    JavaScript 60 33

  • SensePost's patches to hostapd for rogue access points. First presented at Defcon 22

    C 71 36 Updated Jan 12, 2017
  • Windows 8.1 x64 Exploit for MS16-098 RNGOBJ_Integer_Overflow

    C 40 22 Updated Jan 11, 2017
  • A rudimentary remote desktop tool for the X11 protocol exploiting unauthenticated x11 sessions

    Python 32 15 Updated Jan 10, 2017
  • Python script to inject existing Android applications with a Meterpreter payload.

    Smali 116 50 Updated Jan 9, 2017
  • Automated DLL Enumerator

    C++ 45 10 Updated Jan 9, 2017
  • A tool to abuse Exchange services

    Go 189 60 Updated Jan 3, 2017
  • Checks X11 and outputs a screenshot to of the display if allowed and the display is active

    Lua 11 3 Updated Dec 12, 2016
  • Our fork of the esp-link firmware with a built in VNC server for passing input events to an AVR. Part of our Universal Serial aBUSe project.

    C 1 1 Updated Dec 7, 2016
  • Universal Serial aBUSe is a project to demonstrate the risks of hardware bypasses of software security by Rogan Dawes at SensePost.

    C 150 28 Updated Nov 28, 2016
  • Miscellaneous projects related to attacking Windows.

    C++ 9 32 Updated Nov 17, 2016
  • A websocket proxy

    JavaScript 9 6 Updated Oct 11, 2016
  • The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.

    Python 476 223 Updated Oct 7, 2016
  • Big Iron Recon & Pwnage

    Python 53 7 Updated Oct 7, 2016
  • DNS-Shell is an interactive Shell over DNS channel

    Python 50 21 Updated Oct 5, 2016
  • Drag and Drop ClickJacking PoC development assistance tool.

    CSS 86 32 Updated Sep 23, 2016
  • (extensible) Data Exfiltration Toolkit (DET)

    Python 437 90 Updated Sep 16, 2016
  • Proxy Server network scanner and tunnelling tool.

    Python 3 1 Updated Sep 11, 2016
  • Memcache hacking tool.

    Ruby 21 13 Updated Sep 8, 2016
  • Wadi Fuzzing Harness

    JavaScript 60 33 Updated Aug 11, 2016
  • Auto Domain Admin and Network Exploitation.

    Python 130 26 Updated Aug 3, 2016
  • Local Transform Wrapper for Maltego

    Go 6 9 Updated May 24, 2016
  • Our mana toolkit for wifi rogue AP attacks and MitM - see hostapd-mana too

    HTML 574 158 Updated May 20, 2016
  • Frontpage and Sharepoint fingerprinting and attack tool.

    Python 78 25 Updated Mar 10, 2016
  • Quick python script to automatically load NTLM hashes from Responder logs and fires up Hashcat to crack them

    Python 49 16 Updated Dec 11, 2015
  • A set of local skype transforms for Maltego to utilise Skype and search the directory

    Python 18 10 Updated Oct 28, 2015
  • Updated Sep 28, 2015
  • Snoopy v2.0 - modular digital terrestrial tracking framework

    Python 296 89 Updated Sep 15, 2015
  • Creating a wireless rifle de-authentication gun, which utilized a yagi antenna and a Raspberry Pi.

    Python 25 9 Updated Sep 9, 2015
  • Hippy tool for interaction with "modern" databases.

    JavaScript 2 2 Updated May 12, 2015
  • HTTP Brute Forcer (Java replacement for SP's CrowBar).

    Java 3 3 Updated Apr 24, 2015