Stefano Ratto's repositories
bbot
OSINT automation for hackers.
chisel
A fast TCP/UDP tunnel over HTTP
Detect-It-Easy
Program for determining types of files for Windows, Linux and MacOS.
Empire
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
flask_tmicroblog
Implementation based on the "The Flask Mega-Tutorial" by Miguel Grinberg
hakrevdns
Small, fast tool for performing reverse DNS lookups en masse.
Havoc
The Havoc Framework
havoc-py
Havoc python api
ImHex
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
JS-Tap
JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targeted application.
Modules
Modules used by the Havoc Framework
Oak-Grabber-V2
Oak Token Grabber V2
OneListForAll
Rockyou for web fuzzing
opencanary
Modular and decentralised honeypot
osintui
Open Source Intelligence Terminal User Interface
PasteBomb
PasteBomb C2-less RAT
PCredz
This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
PurpleCloud
A little tool to play with Azure Identity - Azure Active Directory lab creation tool
ROADtools
A collection of Azure AD tools for offensive and defensive security purposes
shortscan
An IIS short filename enumeration tool
Talon
(Demo) 3rd party agent for Havoc
TeamFiltration
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
xzbot
notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)