Repositories list

• TokenFlare

  Public

  JumpsecLabs/TokenFlare’s past year of commit activity
  Serverless AITM Simulation Framework for Entra ID and M365

  Python

  •

  GNU General Public License v3.0

  •25•187•1•0•Updated Dec 29, 2025Dec 29, 2025

• AsyncMailChecker

  Public
  A powerful SPF, DKIM and DMARC audit tool. It scans over 100 domains in seconds.

  Python

  •

  MIT License

  •1•3•0•0•Updated Apr 23, 2025Apr 23, 2025

• ExchangeOnline-MTRDomainsAnalyser

  Public

  JumpsecLabs/ExchangeOnline-MTRDomainsAnalyser’s past year of commit activity
  A PowerShell script that analyses approved and rejected domains specified via Mail Transport Rules in Exchange Online, leveraging the ExchangeOnline PowerShell Module.

  PowerShell

  •

  MIT License

  •0•1•0•0•Updated Apr 10, 2025Apr 10, 2025

• ExchangeOnline-MTRAnalyser

  Public

  JumpsecLabs/ExchangeOnline-MTRAnalyser’s past year of commit activity
  A PowerShell script that analyses Mail Transport Rules leveraging the Exchange Online PowerShell Module.

  PowerShell

  •

  MIT License

  •0•1•0•0•Updated Apr 10, 2025Apr 10, 2025

• AiTM-IoCs-Update

  Public
  This Repo Contains IoCs for a recently tracked phishing kit

  0•1•0•0•Updated Apr 1, 2025Apr 1, 2025

• TokenSmith

  Public
  TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and penetration tests with the tokens generated working out of the box with many popular Azure post exploitation tools.

  Go

  •

  GNU General Public License v3.0

  •43•349•0•0•Updated Jan 23, 2025Jan 23, 2025

• WALK_WebAssembly_Lure_Krafter

  Public

  JumpsecLabs/WALK_WebAssembly_Lure_Krafter’s past year of commit activity
  A web assembly (WASM) phishing lure generator based on pre-built templates and written in Rust with some GenAI assistance. W.A.L.K. aims at aiding with initial access during red teams and phishing exercises leveraging WASM smuggling techniques.

  wasmweb-assemblyrust-lang+ 8penetration-testingphishing-attackssecurity-toolsred-teamingpenetration-testing-toolsinitial-accesshtml-smuggling+ 1

  Rust

  •

  GNU General Public License v3.0

  •10•97•0•0•Updated Sep 5, 2024Sep 5, 2024

• Developer.Handbook

  Public

  JumpsecLabs/Developer.Handbook’s past year of commit activity
  Batchfile

  •

  MIT License

  •0•4•0•0•Updated Aug 1, 2024Aug 1, 2024

• CloudflareRedirector

  Public
  Putting the C2 in C2loudflare

  JavaScript

  •5•18•0•0•Updated Jun 28, 2024Jun 28, 2024

• Guidance-Advice

  Public

  JumpsecLabs/Guidance-Advice’s past year of commit activity
  Colection of different JUMPSEC advisories, guidance, and scripts for all of the latest vulnerabilities and adversaries

  PowerShell

  •7•13•0•0•Updated Oct 18, 2021Oct 18, 2021

• shad0w

  Public
  A post exploitation framework designed to operate covertly on heavily monitored enviroments

  C

  •

  MIT License

  •334•6•0•0•Updated Jul 20, 2021Jul 20, 2021

• PrintNightmare

  Public
  Information on the Windows Spooler vulnerability - CVE-2021-1675; CVE 2021 34527

  8•19•0•0•Updated Jul 12, 2021Jul 12, 2021

• python-burp

  Public
  Repository containing sample scripts for use with the Python Scripter Burp Suite extension.

  Python

  •5•6•0•0•Updated Apr 28, 2021Apr 28, 2021

• Rook

  Public
  A tool to Terraform and automate password cracking on AWS.

  Python

  •12•85•1•0•Updated Nov 13, 2019Nov 13, 2019