Offensive Security Tools

Explore our collection of offensive security tools developed and released over the years. Written in scripting languages like Python, these cross-platform tools are designed for security professionals.


May 03

nullsploit engine

Author: TheXero | Category: tools

The nullsploit engine is a work in progress exploitation framework. Currently only a limited number of exploits are available, but these should be stable across multiple Windows installations. Features...


Read More
Aug 31

SSL Private Key Password Cracker

Author: TheXero | Category: tools

Following a recent pentest I performed for a client I stumbled upon their private SSL certificate. The SSL key was password encrypted, thus could not be used directly without knowing...


Read More
Apr 15

Automated HTTP Enumeration

Author: TheXero | Category: tools

A tool I’ve been writing to enumerate the enabled HTTP methods supported on a webserver. Currently only in the initial beta stage, but includes basic checking of files including the...


Read More
Mar 25

TFTP Fuzzer

Author: TheXero | Category: tools

A simple TFTP Fuzzer I wrote to discover undisclosed bugs within TFTP servers and other simple UDP based protocols. The project is hosted on GitHub and can be found at...


Read More
Jan 27

FTP Fuzzer

Author: TheXero | Category: tools

This FTP fuzzer has been used to fuzz and discover a number of previously undisclosed bugs with FTP server software and other plain-text protocols. The project is hosted on GitHub...


Read More