Vulmap - Web Vulnerability Scanning And Verification Tools

Vulmap is a vulnerability scanning tool that can scan for vulnerabilities in Web containers, Web servers, Web middleware, and CMS and other Web programs, and has vulnerability exploitation functions. Relevant testers can use vulmap to detect whether the target has a specific vulnerability, and ca...

DVR-Exploiter - Bash Script Program Exploit The DVR's Based On CVE-2018-9995

DVR-Exploiter Exploit Title: DVR Credentials Exposed Date: 09/04/2018 Exploit Author: Fernandez Ezequiel DVR-Exploiter By: Belahsan Ouerghi Contact: www.facebook.com/ouerghi.belahsan Youtube Tutorial: https://www.youtube.com/watch?v=vdnATjE4II Dorks: intitle:"DVR Login" html:"/login.rsp" "Server:...

Rdpscan - A Quick Scanner For The CVE-2019-0708 "BlueKeep" Vulnerability

This is a quick-and-dirty scanner for the CVE-2019-0708 vulnerability in Microsoft Remote Desktop. Right now, there are about 900,000 machines on the public Internet vulnerable to this vulnerability, so many are to expect a worm soon like WannaCry and notPetya. Therefore, scan your networks and...

Android-PIN-Bruteforce - Unlock An Android Phone (Or Device) By Bruteforcing The Lockscreen PIN

Unlock an Android phone or device by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! How it works It uses a USB OTG cable to connect the locked phone to the Nethunter device. It emulates a keyboard, automatically tries PINs, and...

IPTV Brute-Force - Search And Brute Force Illegal IPTV Server

This program is just a demonstration. DO NOT USE IT FOR PERSONAL purpose What is this? IPTV is a simple python script that let you crawl the search engines in order to fetch those sites that stream illegal tv programs. This script leverage the fact the a lot of those sites use the same CMS to...

[Juniper Password Decryptor] Tool to Decode and Recover Juniper $9$ Passwords

Juniper Password Decryptor is a free desktop tool to instantly decode and recover Juniper $9$ Passwords. Juniper Router allows you to configure 2 types of passwords, Juniper $1$ Password: Here MD5 hash of the password is stored. It starts with $1$ and requires brute-force technique to recover the...

Killchain - A Unified Console To Perform The "Kill Chain" Stages Of Attacks

What is “Kill Chain”? From Wikipedia: The term kill chain was originally used as a military concept related to the structure of an attack; consisting of target identification, force dispatch to target, decision, order to attack the target, and finally the destruction of the target. Reconnaissance...

Open Redirect Payload List

Unvalidated redirects and forwards are possible when a web application accepts untrusted input that could cause the web application to redirect the request to a URL contained within untrusted input. By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishi...

AhMyth Android RAT - Android Remote Administration Tool

AhMyth Android RAT is an Android Remote Administration Tool Beta Version It consists of two parts: Server side: desktop application based on electron framework control panel Client side: Android application backdoor Getting Started From source code Prerequisite : Electron to start the app Java to...

Sn1per v7.0 - Automated Pentest Framework For Offensive Security Experts

Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security's premium reporting addon for Professional Penetration Testers, Bug Bounty Researchers and Corporate Security teams to manage...

Karma - Search of Emails and Passwords on Pwndb

API pwndb Karma is a tool written in python3 for the search of emails and passwords on the site: pwndb2am4tzkvold dot onion Install sudo apt install tor python3 python3-pip git clone https://github.com/decoxviii/karma.git ; cd karma sudo -H pip3 install -r requirements.txt python3 bin/karma.py...

SocialBox - A Bruteforce Attack Framework (Facebook, Gmail, Instagram, Twitter)

SocialBox is a Bruteforce Attack Framework Facebook, Gmail, Instagram,Twitter, Coded By Belahsan Ouerghi. Installation sudo apt-get install git sudo git clone https://github.com/TunisianEagles/SocialBox.git cd SocialBox chmod +x SocialBox.sh chmod +x install-sb.sh ./install-sb.sh ./SocialBox.sh...

Jok3R - Network And Web Pentest Framework

Jok3r is a Python3 CLI application which is aimed at helping penetration testers for network infrastructure and web black-box security tests. Its main goal is to save time on everything that can be automated during network/web pentest in order to enjoy more time on more interesting and challengin...

GPON - Python Exploit For Remote Code Executuion On GPON Home Routers (CVE-2018-10562)

RCE on GPON homerouters CVE-2018-10561 Vulnerability Many routers today use GPON internet, and a way to bypass all authentication on the devices CVE-2018-10561 was found by VPNMentor. With this authentication bypass, it's also possible to unveil another command injection vulnerability...

ysoserial.net - Deserialization payload generator for a variety of .NET formatters

A proof-of-concept tool for generating payloads that exploit unsafe .NET object deserialization. Description ysoserial.net is a collection of utilities and property-oriented programming "gadget chains" discovered in common .NET libraries that can, under the right conditions, exploit .NET...

MHDDoS - DDoS Attack Script With 56 Methods

Best DDoS Attack Script Python3, Cyber / DDos Attack With 56 Methods Please Don't Attack websites without the owners consent. Features And Methods Layer7 GET | GET Flood !Best DDoS Attack Script Python3, \Cyber / DDos\ Attack With 56 Methods...

Sn1per v5.0 - Automated Pentest Recon Scanner

Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security's premium reporting addon for Professional Penetration Testers, Bug Bounty Researchers and Corporate Security teams to manage...

CiLocks - Android LockScreen Bypass

CiLocks - Android LockScreen Bypass Features Brute Pin 4 Digit Brute Pin 6 Digit Brute LockScreen Using Wordlist Bypass LockScreen Antiguard Not Support All OS Version Root Android Supersu Not Support All OS Version Steal File Reset Data Required - Adb Android SDK - Cable Usb - Android Emulator...

Evilginx v2.0 - Standalone Man-In-The-Middle Attack Framework Used For Phishing Login Credentials Along With Session Cookies, Allowing For The Bypass Of 2-Factor Authentication

evilginx2 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection. This tool is a successor to Evilginx, released in 2017, which used a custom version of nginx HTTP server to provide...

BlackEye - The Most Complete Phishing Tool, With 32 Templates +1 Customizable

BLACKEYE is an upgrade from original ShellPhish Tool https://github.com/thelinuxchoice/shellphish by thelinuxchoice under GNU LICENSE. It is the most complete Phishing Tool, with 32 templates +1 customizable. WARNING: IT ONLY WORKS ON LAN! This tool was made for educational purposes! Phishing Pag...

sslscan - tests SSL/TLS enabled services to discover supported cipher suites

This is a fork of ioerror's version of sslscan the original readme of which is included below. Changes are as follows: Highlight SSLv2 and SSLv3 ciphers in output. Highlight CBC ciphers on SSLv3 POODLE. Highlight 3DES and RC4 ciphers in output. Highlight PFS+GCM ciphers as good in output. Highlig...

Seeker v1.0.7 - Get Accurate Location using a Fake Website

Concept behind Seeker is simple, just like we host phishing pages to get credentials why not host a fake page that requests your loction just like many popular location based websites. Seeker Hosts a fake website on Apache Server and uses Ngrok , website asks for Location Permission and if the us...

UACME - Defeating Windows User Account Control

Defeating Windows User Account Control by abusing built-in Windows AutoElevate backdoor. System Requirements x86-32/x64 Windows 7/8/8.1/10 client, some methods however works on server version too. Admin account with UAC set on default settings required. Usage Run executable from command line:...

AndroRat - Remote Administration Tool for Android

Androrat is a client/server application developed in Java Android for the client side and in Java/Swing for the Server. The name Androrat is a mix of Android and RAT Remote Access Tool. It has been developed in a team of 4 for a university project. It has been realised in one month. The goal of t...

Nginxpwner - Tool to look for common Nginx misconfigurations and vulnerabilities

Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities. Install: cd /opt git clone https://github.com/stark0de/nginxpwner cd nginxpwner chmod +x install.sh ./install.sh Usage: Target tab in Burp, select host, right click, copy all URLs in this host, copy to a...

ANDRAX - The First And Unique Penetration Testing Platform For Android Smartphones

ANDRAX The first and unique Penetration Testing platform for Android smartphones What is ANDRAX ANDRAX is a penetration testing platform developed specifically for Android smartphones, ANDRAX has the ability to run natively on Android so it behaves like a common Linux distribution, But more...

Heyserial - Programmatically Create Hunting Rules For Deserialization Exploitation With Multiple Keywords, Gadget Chains, Object Types, Encodings, And Rule Types

Programmatically create hunting rules for deserialization exploitation with multiple keywords e.g. cmd.exe gadget chains e.g. CommonsCollection object types e.g. ViewState, Java, Python Pickle, PHP encodings e.g. Base64, raw rule types e.g. Snort, Yara Disclaimer Rules generated by this tool are...

Fortiscan - A High Performance FortiGate SSL-VPN Vulnerability Scanning And Exploitation Tool

CVE-2018-13379 Exploitation Tool, You can use this tool to check the vulnerability in your FortiGate SSL-VPN. https://www.fortinet.com/blog/business-and-technology/fortios-ssl-vulnerability Usage v 0.6 File List ./fortiscan ip.txt Usage v 0.5 One Liner to Initiate theScan : Host|IP:Port443 or 104...

Pwndb - Search For Creadentials Leaked On Pwndb

A data leak differs from a data breach in that the former usually happens through omission or faulty practices rather than overt action, and may be so slight that it is never detected. While a data breach usually means that sensitive data has been harvested by someone who should not have accessed...

Impacket - Collection Of Python Classes For Working With Network Protocols

Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and for some protocols e.g. SMB1-3 and MSRPC the protocol implementation itself. Packets can be constructed from scratch, as well as parsed...

R00Kie-Kr00Kie - PoC Exploit For The CVE-2019-15126 Kr00K Vulnerability

Disclaimer This is a PoC exploit for the CVE-2019-15126 kr00k vulnerability. This project is intended for educational purposes only and cannot be used for law violation or personal gain. The author of this project is not responsible for any possible harm caused by the materials. Requirements To u...

Evil-Winrm - The Ultimate WinRM Shell For Hacking/Pentesting

The ultimate WinRM shell for hacking/pentesting. / | || || | / | | | | | | | | | | | | | | | | : | | | | | | |\ / | | | | || / |||| | || || || \ | \ | | | | | | | | | | || D | | | | | | | | | | || / | / | | ' | | | | | || \ | | | \ / | | | | || . | | | // ||||||||||| By: CyberVaca@HackPlayers...

WSuspicious - A Tool To Abuse Insecure WSUS Connections For Privilege Escalations

This is a proof of concept program to escalate privileges on a Windows host by abusing WSUS. Details in this blog post: https://www.gosecure.net/blog/2020/09/08/wsus-attacks-part-2-cve-2020-1013-a-windows-10-local-privilege-escalation-1-day/ It was inspired from the WSuspect proxy project:...

H8Mail v2.0 - Email OSINT And Password Breach Hunting

Powerful and user-friendly password finder. Use h8mail to find passwords through different breach and reconnaissance services, or using local breaches such as Troy Hunt's "Collection1" or the infamous "Breach Compilation" torrent. Features Email pattern matching reg exp, useful for reading from...

SecLists - A Collection Of Multiple Types Of Lists Used During Security Assessments, Collected In One Place (Usernames, Passwords, URLs, Sensitive Data Patterns, Fuzzing Payloads, Web Shells, And Many More)

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. The goal is to enable a security...

Shell Backdoor List - PHP / ASP Shell Backdoor List

What is a shell backdoor ? A backdoor shell is a malicious piece of code e.g. PHP, Python, Ruby that can be uploaded to a site to gain access to files stored on that site. Once it is uploaded, the hacker can use it to edit, delete, or download any files on the site, or upload their own. How to...

Ispy - Eternalblue (MS17-010) / Bluekeep (CVE-2019-0708) Scanner And Exploit

ispy : Eternalbluems17-010/BluekeepCVE-2019-0708 Scanner and exploiter Metasploit automation How to install : git clone https://github.com/Cyb0r9/ispy.git cd ispy chmod +x setup.sh ./setup.sh Screenshots : Tested On : Parrot OS Kali linux Tutorial How to use ispy...

JexBoss - JBoss (and others Java Deserialization Vulnerabilities) verify and EXploitation Tool

JexBoss is a tool for testing and exploiting vulnerabilities in JBoss Application Server and others Java Platforms, Frameworks, Applications, etc. Requirements Python = 2.7.x urllib3 ipaddress Installation on Linux\Mac To install the latest version of JexBoss, please use the following commands: g...

Okadminfinder3 - Admin Panel Finder / Admin Login Page Finder

OKadminFinder is an Apache2 Licensed utility, rewritten in Python 3.x , for admins/pentesters who want to find admin panel of a website. There are many other tools but not as effective and secure. Yeah, Okadminfinder has the the ability to use tor and hide your identity. Requirements Linux sudo a...

Instainsane - Multi-threaded Instagram Brute Forcer

Instainsane is a Shell Script to perform multi-threaded brute force attack against Instagram, this script can bypass login limiting and it can test infinite number of passwords with a rate of about 1000 passwords/min with 100 attemps at once. Legal disclaimer: Usage of InstaInsane for attacking...

Geowifi - Search WiFi Geolocation Data By BSSID And SSID On Different Public Databases

Search WiFi geolocation data by BSSID and SSID on different public databases. Databases: Wigle Apple OpenWifi Milnikov Prerequisites Python3. In order to display emojis on Windows , it is recommended to install the new Windows terminal. ⚠️ In order to use the Wigle service it is necessary to obtai...

CVE-2021-40444 PoC - Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution)

Malicious docx generator to exploit CVE-2021-40444 Microsoft Office Word Remote Code Execution Creation of this Script is based on some reverse engineering over the sample used in-the-wild: 938545f7bbe40738908a95da8cdeabb2a11ce2ca36b0f6a74deda9378d380a52 docx file You need to install lcab first...

MobSF (Mobile Security Framework) v1.0 - Mobile (Android/iOS) Automated Pen-Testing Framework

Mobile Security Framework MobSF is an automated, all-in-one mobile application Android/iOS/Windows pen-testing framework capable of performing static, dynamic and malware analysis. It can be used for effective and fast security analysis of Android, iOS and Windows mobile applications and support...

CVE-2020-0796 - Windows SMBv3 LPE Exploit #SMBGhost

Windows SMBv3 LPE Exploit Authors Daniel García Gutiérrez @danigargu Manuel Blanco Parajón @dialluvioso References https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796 https://www.synacktiv.com/posts/exploit/im-smbghost-daba-dee-daba-da.html...

Nexphisher - Advanced Phishing Tool For Linux & Termux

NexPhisher is an automated Phishing tool made for Termux & Linux .The phishing Pages are Taken from Zphisher under GNU General Public License v3.0 . This tool has 37 Phishing Page Templates of 30 Websites.There are 5 Port Forwarding Options including Localhost !! If you copy then give me the...

"Can I Take Over XYZ?" - A List Of Services And How To Claim (Sub)Domains With Dangling DNS Records

What is asubdomain takeover? Subdomain takeover vulnerabilities occur when a subdomain subdomain.example.com is pointing to a service e.g. GitHub pages, Heroku, etc. that has been removed or deleted. This allows an attacker to set up a page on the service that was being used and point their page ...

GameGuardian - Android Game Hack/Alteration Tool

GameGuardian is a game hack/alteration tool. With it, you can modify money, HP, SP, and much more. You can enjoy the fun part of a game without suffering from its unseasonable design. Requires Android: 2.3.3+ GameGuardian Features Summary Runs on ARM, x64 and x86 devices, including x86 emulators...

SUDO_KILLER - A Tool To Identify And Exploit Sudo Rules' Misconfigurations And Vulnerabilities Within Sudo

Linux Privilege Escalation through SUDO abuse. If you like the tool and for my personal motivation so as to develop other tools please a +1 star The tool can be used by pentesters, system admins, CTF players, students, System Auditors and trolls :. INTRO WARNING: SUDOKILLER is part of the KILLER...

PhoneSploit - Using Open Adb Ports We Can Exploit A Devive

Using open Adb ports we can exploit a device you can find open ports here https://www.shodan.io/search?query=android+debug+bridge+product%3A”Android+Debug+Bridge” To find out how to access a local device: I will soon make a tutorial on how to use PhoneSploit HOW TO INSTALL extract adb.rar to the...

Hackazon - A Modern Vulnerable Web App

Hackazon is a free, vulnerable test site that is an online storefront built with the same technologies used in today’s rich client and mobile applications. Hackazon has an AJAX interface, strict workflows and RESTful API’s used by a companion mobile app providing uniquely-effective training and...