Hi there! 👋
I'm a hacker who loves building things.
Below are some of my creations. I hope you'll find them useful!
BBOT (Bighuge BLS OSINT Tool) is a swiss army knife for OSINT and bug bounties. Thanks to its recursion it is the most effective subdomain enumeration tool available (I periodically benchmark it to make sure). It was inspired by Spiderfoot but is much faster and supports multiple targets. It was a lot of fun to write and I am still constantly adding modules to it.
TrevorSpray is a password spraying tool armed with a suite of MFA bypasses and a clever IPv6 proxy that lets you load-balance your logins between billions of different source IP addresses.
Manspider will recursively crawl SMB shares for goodies. It can search by file name, extension, or content (and can read text inside PDFs, msoffice documents, and even images). Basically, it is grep -R
for the entire network.
WriteHat was born out of frustration with Microsoft word for pentest report writing. It has a nice report-building interface and allows you to write in markdown and render straight to html/PDF.