6011 matches found
Chomp Scan - A Scripted Pipeline Of Tools To Streamline The Bug Bounty/Penetration Test Reconnaissance Phase
A scripted pipeline of tools to simplify the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs. Scope Chomp Scan is a Bash script that chains together the fastest and most effective tools in my opinion/experience for doing the long and sometimes tedious process o...
IntelMQ - A solution for IT security teams for collecting and processing security feeds using a message queuing protocol
IntelMQ is a solution for IT security teams CERTs, CSIRTs, abuse departments,... for collecting and processing security feeds such as log files using a message queuing protocol. It's a community driven initiative called IHAP Incident Handling Automation Project which was conceptually designed by...
Browser-password-stealer - Get All The Saved Passwords, Credit Cards And Bookmarks From Chromium Based Browsers Supports Chromium 80 And Above!
This python program gets all the saved passwords, credit cards and bookmarks from chromium based browsers supports chromium 80 and above! Modules Required To install all the required modules use the following code: pip install -r requirements.txt Supported browsers Chromium Based Browsers ✔ Amigo...
CornerShot - Amplify Network Visibility From Multiple POV Of Other Hosts
In warfare, CornerShot is a weapon that allows a soldier to look past a corner and possibly take a shot, without risking exposure. Similarly, the CornerShot package allows one to look at a remote host’s network access without the need to have any special privileges on that host. Using CornerShot,...
Pytmipe - Python Library And Client For Token Manipulations And Impersonations For Privilege Escalation On Windows
PYTMIPE PYthon library for Token Manipulation and Impersonation for Privilege Escalation is a Python 3 library for manipulating Windows tokens and managing impersonations in order to gain more privileges on Windows. TMIPE is the python 3 client which uses the pytmipe library. Content A python...
Dockernymous - A Script Used To Create A Whonix Like Gateway/Workstation Environment With Docker Containers
Dockernymous is a start script for Docker that runs and configures two individual Linux containers in order act as a anonymisation workstation-gateway set up. It's aimed towards experienced Linux/Docker users, security professionals and penetration testers! The gateway container acts as a...
Metasploit Cheat Sheet
The Metasploit Project is a computer security project that provides information on vulnerabilities, helping in the development of penetration tests and IDS signatures. Metasploit is a popular tool used by pentest experts. Metasploit : Search for module: msf search regex Specify and exploit to use...
Cameradar v2.1.0 - Hacks Its Way Into RTSP Videosurveillance Cameras
An RTSP stream access tool that comes with its library Cameradar allows you to Detect open RTSP hosts on any accessible target host Detect which device model is streaming Launch automated dictionary attacks to get their stream route e.g.: /live.sdp Launch automated dictionary attacks to get the...
tplmap - Automatic Server-Side Template Injection Detection and Exploitation Tool
Tplmap short for Template Mapper is a tool that automate the process of detecting and exploiting Server-Side Template Injection vulnerabilities SSTI. This can be used by developers, penetration testers, and security researchers to detect and exploit vulnerabilities related to the template injecti...
[Netsparker Community Edition v2.5.2.0] Released!
Netsparker Community Edition is a SQL Injection Scanner. It’s a free edition of our web vulnerability scanner for the community so you can start securing your website now. It’s user friendly, fast, smart and as always False-Positive-Free. It shares many features with professional edition. It can...
NodeSecurityShield - A Developer And Security Engineer Friendly Package For Securing NodeJS Applications
A Developer and Security Engineer friendly package for Securing NodeJS Applications. Inspired by the log4J vulnerability CVE-2021-44228 which can be exploited because an application can make arbitrary network calls. We felt there is an need for an application to declare what privileges it can hav...
WdToggle - A Beacon Object File (BOF) For Cobalt Strike Which Uses Direct System Calls To Enable WDigest Credential Caching
A Proof of Concept Cobalt Strike Beacon Object File which uses direct system calls to enable WDigest credential caching and circumvent Credential Guard if enabled. Additional guidance can be found in this blog post: https://outflank.nl/blog/?p=1592 Background This PoC code is based on the followi...
Flux-Keylogger - Modern Javascript Keylogger With Web Panel
Modern javascript keylogger with web panel Web panel: Logging: Keylogger Cookies Location Remote IP User-Agents Installation server files: Upload files from server directory to you server Change default username, password in flux.php Go to http://you.host/flux.php Click build Now inject script ta...
JSONBee - A Ready To Use JSONP Endpoints/Payloads To Help Bypass Content Security Policy Of Different Websites
A ready to use JSONP endpoints to help bypass content security policy of different websites. The tool was presented during HackIT 2018 in Kiev. The presentation can be found here not sure why format of the slides is screwed :D:...
Vthunting - A Tiny Script Used To Generate Report About VirusTotal Hunting And Send It By Email, Slack Or Telegram
Virus Total Hunting is a tiny tool based on the VT api version 3 to run daily, weekly or monthly report about malware hunting. The report can be send via email, Slack channel or Telegram. The tool can also be used in cli to get a report anytime. The default number of result is 10 but it can be...
Kage - Graphical User Interface For Metasploit Meterpreter And Session Handler
Kage ka-geh is a tool inspired by AhMyth designed for Metasploit RPC Server to interact with meterpreter sessions and generate payloads. For now it only supports windows/meterpreter & android/meterpreter Getting Started Please follow these instructions to get a copy of Kage running on your local...
WPScan v3.4.0 - Black Box WordPress Vulnerability Scanner
WPScan is a free, for non-commercial use, black box WordPress vulnerability scanner written for security professionals and blog maintainers to test the security of their sites. INSTALL Prerequisites: Ruby = 2.2.2 - Recommended: 2.3.3 Curl = 7.21 - Recommended: latest - FYI the 7.29 has a segfault...
pydictor - A Powerful and Useful Hacker Dictionary Builder for a Brute-Force Attack
pydictor is a powerful and useful hacker dictionary builder for a brute-force attack. Why I need to use pydictor ? 1. it always can help you You can use pydictor to generate a general blast wordlist, a custom wordlist based on Web content, a social engineering wordlist, and so on. You can use the...
Simple SQLi Dumper v5.1 - Tool to find bugs, errors or vulnerabilities in MySQL database
SSDp is an usefull penetration tool to find bugs, errors or vulnerabilities in MySQL database. Functions SQL Injection Operation System Function Dump Database Extract Database Schema Search Columns Name Read File read only Create File read only Brute Table & Column Download Simple SQLi Dumper v5....
[Linux Exploit Suggester] Grab the Linux Operating Systems release version, and return a suggestive list of possible exploits
Linux Exploit Suggester; based on operating system release number. This program run without arguments will perform a 'uname -r' to grab the Linux Operating Systems release version, and return a suggestive list of possible exploits. Nothing fancy, so a patched/back-ported patch may fool this scrip...
Krane - Kubernetes RBAC Static Analysis And Visualisation Tool
Krane is a simple Kubernetes RBAC static analysis tool. It identifies potential security risks in K8s RBAC design and makes suggestions on how to mitigate them. Krane dashboard presents current RBAC security posture and lets you navigate through its definition. Features RBAC Risk rules - Krane...
Threatspec - Continuous Threat Modeling, Through Code
Threatspec is an open source project that aims to close the gap between development and security by bringing the threat modelling process further into the development process. This is achieved by having developers and security engineers write threat modeling annotations as comments inside source...
Xnuspy - An iOS Kernel Function Hooking Framework For Checkra1N'Able Devices
Output from the kernel log after compiling and running example/open1hook.c xnuspy is a pongoOS module which installs a new system call, xnuspyctl, allowing you to hook kernel functions from userspace. It supports iOS 13.x and 14.x on checkra1n 0.12.2 and up. 4K devices are not supported. Requires...
Zip Cracker - Python Script To Crack Zip Password With Dictionary Attack And Also Use Crunch As Pipeline
This Script Supports Only Zip File in This Version You Can Also Use This Script With crunch Cross-platform Supported Usage: zipcracker.py options Options: --version show program's version number and exit -h, --help show this help message and exit -f FILENAME, --file=FILENAME Please Specify Path o...
shuffleDNS - Wrapper Around Massdns Written In Go That Allows You To Enumerate Valid Subdomains
shuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support. Based on the work on massdns project by @blechschmidt. Features Simple and modular code ba...
Prithvi - Report Generation Tool
Prithvi is a report generation tool specially made for Security Assessment which is free to use and easy to use. It will generate high quality vulnerability assessment report for security controls. It got various features and majorly made for security assessment. You can easily find security...
H2Buster - A Threaded, Recursive, Web Directory Brute-Force Scanner Over HTTP/2
A threaded, recursive, web directory brute-force scanner over HTTP/2 using hyper, inspired by Gobuster. Features Fast and portable - install hyper and run. Multiconnection scanning. Multithreaded connections. Scalable: scans can be as docile or aggressive as you configure them to be. h2 and h2c...
Reload.sh - Reinstall, Restore And Wipe Your System Via SSH, Without Rebooting
Reinstall, restore and wipe your system from the level and in the place of the running GNU/Linux distribution without cd-rom, flash and other. Via SSH, without rebooting. How it works? Set your archive with system backup to restore: build="/mnt/system-backup.tgz" Set path to temporary system...
VSHG - Hardware resistance & enhanced security for GnuPG
VSHG aims to provide a memory / hardware resistant reinforcement to GnuPG's standared s2k key-derivation-function + a simplified interface for symmetric encryption . About VSHG VSHG Very secure hash generator is a standalone Addon for GnuPG Gnu privacy guard . It is written as a shell script and ...
GooFuzz - Tool To Perform Fuzzing With An OSINT Approach, Managing To Enumerate Directories, Files, Subdomains Or Parameters Without Leaving Evidence On The Target's Server With Google Dorking
Credits Author: M3n0sD0n4ld Twitter: @DavidUton Description: GooFuzz is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories without making requests to the web server. Download and install: $ git clone...
Snuffleupagus - Security Module For Php7 And Php8 - Killing Bugclasses And Virtual-Patching The Rest!
Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest! Snuffleupagus is a PHP 7+ and 8+ module designed to drastically raise the cost of attacks against websites, by killing entire bug classes. It also provides a powerful virtual-patching system, allowing...
CDK - Zero Dependency Container Penetration Toolkit
CDK is an open-sourced container penetration toolkit, designed for offering stable exploitation in different slimmed containers without any OS dependency. It comes with useful net-tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily. Currently still unde...
SauronEye - Search Tool To Find Specific Files Containing Specific Words, I.E. Files Containing Passwords
SauronEye is a search tool built to aid red teams in finding files containing specific keywords. Features : Search multiple network drives Search contents of files Search contents of Microsoft Office files .doc, .docx, .xls, .xlsx Find VBA macros in old 2003 .xls and .doc files Search multiple...
DNS Rebinding Tool - DNS Rebind Tool With Custom Scripts
Inspired by @tavisio This project is meant to be an All-in-one Toolkit to test further DNS rebinding attacks and my take on understanding these kind of attacks. It consists of a web server and pseudo DNS server that only responds to A queries. The root index of the web server allowes to configure...
Findomain v0.2.1 - The Fastest And Cross-Platform Subdomain Enumerator
The fastest and cross-platform subdomain enumerator. Comparision It comparision gives you a idea why you should use findomain instead of another tools. The domain used for the test was microsoft.com in the following BlackArch virtual machine: Host: KVM/QEMU Standard PC i440FX + PIIX, 1996...
Linkedin2Username - Generate Username Lists For Companies On LinkedIn (OSINT Tool)
OSINT Tool: Generate username lists from companies on LinkedIn. Works with Python2. This is a pure web-scraper, no API key required. You use your valid LinkedIn username and password to login, it will create several lists of possible username formats for all employees of a company you point it at...
Faraday v2.7 - Collaborative Penetration Test and Vulnerability Management Platform
Faraday is the Integrated Multiuser Risk Environment you have alwasy been looking for! It maps and leverages all the data you generate in real time , letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the risks and impacts and risks being assessed by the...
4nonimizer - A bash script for anonymizing the public IP managing the connection to TOR and different VPNs providers
What is 4nonimizer? It is a bash script for anonymizing the public IP used to browsing Internet, managing the connection to TOR network and to different VPNs providers OpenVPN, whether free or paid. By default, it includes several pre-configured VPN connections to different peers .ovpn files and...
Telegram-Checker - A Python Tool For Checking Telegram Accounts Via Phone Numbers Or Usernames
Enhanced version of bellingcat's Telegram Phone Checker! A Python script to check Telegram accounts using phone numbers or username. ✨ Features 🔍 Check single or multiple phone numbers and usernames 📁 Import numbers from text file 📸 Auto-download profile pictures 💾 Save results as JSON 🔐 Secure...
WFH - Windows Feature Hunter
Windows Feature Hunter WFH is a proof of concept python script that uses Frida, a dynamic instrumentation toolkit, to assist in potentially identifying common “vulnerabilities” or “features” within Windows executables. WFH currently has the capability to automatically identify potential Dynamic...
Shellex - C-shellcode To Hex Converter, Handy Tool For Paste And Execute Shellcodes In Gdb, Windbg, Radare2, Ollydbg, X64Dbg, Immunity Debugger And 010 Editor
C-shellcode to hex converter. Handy tool for paste & execute shellcodes in gdb, windbg, radare2, ollydbg, x64dbg, immunity debugger & 010 editor. Are you having problems converting C-shellcodes to HEX maybe c-comments+ASCII mixed? Here is shellex. If the shellcode can be compiled in a C compiler...
Nessus Map - Parse .Nessus File(S) And Shows Output In Interactive UI
Nessus XML Praser Requirements Python3 Django Tested on Ubuntu 18.04 What it does Vulnerability based parsing Service based parsing Host bases parsing Unsupported OS parsing Generate Executive Summary of scan Export parsed .nessuss to JSON files Import JSON file in NessusMap How it works Create X...
Parrot Security 4.7 - Security GNU/Linux Distribution Designed with Cloud Pentesting and IoT Security in Mind
Parrot is a GNU/Linux distribution based on Debian Testing and designed with Security, Development and Privacy in mind. It includes a full portable laboratory for security and digital forensics experts, but it also includes all you need to develop your own software or protect your privacy while...
Bandit - Tool Designed To Find Common Security Issues In Python Code
Bandit is a tool designed to find common security issues in Python code. To do this Bandit processes each file, builds an AST from it, and runs appropriate plugins against the AST nodes. Once Bandit has finished scanning all the files it generates a report. Bandit was originally developed within...
Infection Monkey v1.6 - An Automated Pentest Tool
The Infection Monkey is an open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self-propagate across a data center and reports success to a centralized Monkey Island server. The Infection Monkey i...
SQLMap v1.2.8 - Automatic SQL Injection And Database Takeover Tool
SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...
[zAnti] Android Network Toolkit
Anti consists of 2 parts: The Anti version itself and extendable plugins. Upcoming updates will add functionality, plugins or vulnerabilities/exploits to Anti Using Anti is very intuitive - on each run, Anti will map your network, scan for active devices and vulnerabilities, and will display the...
Jsfinder - Fetches JavaScript Files Quickly And Comprehensively
jsFinder is a command-line tool written in Go that scans web pages to find JavaScript files linked in the HTML source code. It searches for any attribute that can contain a JavaScript file e.g., src, href, data-main, etc. and extracts the URLs of the files to a text file. The tool is designed to ...
Log4J-Detector - Detects Log4J versions on your file-system within any application that are vulnerable to CVE-2021-44228 and CVE-2021-45046
Detects Log4J versions on your file-system within any application that are vulnerable to CVE-2021-44228 and CVE-2021-45046. It is able to even find instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! Currently reports log4j-core...
Pypykatz - Mimikatz Implementation In Pure Python
Mimikatz implementation in pure Python. At least a part of it : Runs on all OS's which support python=3.6 WIKI Since version 0.1.1 the command line changed a little. Worry not, I have an awesome WIKI for you. Installing Install it via pip or by cloning it from github. The installer will create a...