Open-source tools
TrustedSec open-source tools are available to anyone so we can do our part to educate others in the community and move the industry ahead. See what we’ve created and learn how our tools can help you. Get started today.

Browse our tools
The Social Engineering Toolkit (SET)
SET is a powerful tool for social-engineering.
Specula
Specula is a C2 framework that operates via the Outlook home page feature.
JS-Tap
JS-Tap provides a generic JavaScript payload and supporting software to help red teams attack web applications. This tool captures sensitive data as users…
WPUPDATE
WPUpdate is a simple Linux service that automatically checks for a new version of Wordpress each night at 2AM.
TSCOPY
TScopy is a Python script used to parse the NTFS $MFT file to locate and copy specific files.
TRUSTEDSEC ATTACK PLATFORM (TAP)
The TrustedSec Attack Platform (TAP) is a reliable method for droppers on an infrastructure in order to ensure established connections to an organization.
SPRAYWMI
SprayWMI is an easy way to get mass shells on systems that support WMI. Much more effective than PSEXEC as it does not leave remnants on a system.
SPOONMAP
SpooNMAP is a wrapper script implements all of the IDS evasion techniques and service discovery methodologies that we've learned over my years of pentesting.
SIMPLYEMAIL
SimplyEmail is simple yet effective way to get what Recon-Ng gets and theHarvester gets.
SHARED HOST INTEGRATED PASSWORD SYSTEM (SHIPS)
SHIPS is a local super user or administrator password manager.
RISINGSUN
This is a SUNBURST C2 decoder and Host ID encoder which can be used to attribute C2 domains to specific SolarWinds servers when network telemetry is…
RID_ENUM
Rid_enum is a null session RID cycle attack for brute forcing domain controllers.
Loading...
Learn how our solutions enable business.
Let our experts tailor solutions to your security challenges.
