Flux-Keylogger - Modern Javascript Keylogger With Web Panel

Modern javascript keylogger with web panel Web panel: Logging: Keylogger Cookies Location Remote IP User-Agents Installation server files: Upload files from server directory to you server Change default username, password in flux.php Go to http://you.host/flux.php Click build Now inject script ta...

Nessus Map - Parse .Nessus File(S) And Shows Output In Interactive UI

Nessus XML Praser Requirements Python3 Django Tested on Ubuntu 18.04 What it does Vulnerability based parsing Service based parsing Host bases parsing Unsupported OS parsing Generate Executive Summary of scan Export parsed .nessuss to JSON files Import JSON file in NessusMap How it works Create X...

DNS Rebinding Tool - DNS Rebind Tool With Custom Scripts

Inspired by @tavisio This project is meant to be an All-in-one Toolkit to test further DNS rebinding attacks and my take on understanding these kind of attacks. It consists of a web server and pseudo DNS server that only responds to A queries. The root index of the web server allowes to configure...

Findomain v0.2.1 - The Fastest And Cross-Platform Subdomain Enumerator

The fastest and cross-platform subdomain enumerator. Comparision It comparision gives you a idea why you should use findomain instead of another tools. The domain used for the test was microsoft.com in the following BlackArch virtual machine: Host: KVM/QEMU Standard PC i440FX + PIIX, 1996...

Parrot Security 4.7 - Security GNU/Linux Distribution Designed with Cloud Pentesting and IoT Security in Mind

Parrot is a GNU/Linux distribution based on Debian Testing and designed with Security, Development and Privacy in mind. It includes a full portable laboratory for security and digital forensics experts, but it also includes all you need to develop your own software or protect your privacy while...

Bandit - Tool Designed To Find Common Security Issues In Python Code

Bandit is a tool designed to find common security issues in Python code. To do this Bandit processes each file, builds an AST from it, and runs appropriate plugins against the AST nodes. Once Bandit has finished scanning all the files it generates a report. Bandit was originally developed within...

DCOMrade - Powershell Script For Enumerating Vulnerable DCOM Applications

DCOMrade is a Powershell script that is able to enumerate the possible vulnerable DCOM applications that might allow for lateral movement, code execution, data exfiltration, etc. The script is build to work with Powershell 2.0 but will work with all versions above as well. The script currently...

SQLMap v1.2.8 - Automatic SQL Injection And Database Takeover Tool

SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...

Browser-password-stealer - Get All The Saved Passwords, Credit Cards And Bookmarks From Chromium Based Browsers Supports Chromium 80 And Above!

This python program gets all the saved passwords, credit cards and bookmarks from chromium based browsers supports chromium 80 and above! Modules Required To install all the required modules use the following code: pip install -r requirements.txt Supported browsers Chromium Based Browsers ✔ Amigo...

Log4J-Detector - Detects Log4J versions on your file-system within any application that are vulnerable to CVE-2021-44228 and CVE-2021-45046

Detects Log4J versions on your file-system within any application that are vulnerable to CVE-2021-44228 and CVE-2021-45046. It is able to even find instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! Currently reports log4j-core...

Krane - Kubernetes RBAC Static Analysis And Visualisation Tool

Krane is a simple Kubernetes RBAC static analysis tool. It identifies potential security risks in K8s RBAC design and makes suggestions on how to mitigate them. Krane dashboard presents current RBAC security posture and lets you navigate through its definition. Features RBAC Risk rules - Krane...

CDK - Zero Dependency Container Penetration Toolkit

CDK is an open-sourced container penetration toolkit, designed for offering stable exploitation in different slimmed containers without any OS dependency. It comes with useful net-tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily. Currently still unde...

Zip Cracker - Python Script To Crack Zip Password With Dictionary Attack And Also Use Crunch As Pipeline

This Script Supports Only Zip File in This Version You Can Also Use This Script With crunch Cross-platform Supported Usage: zipcracker.py options Options: --version show program's version number and exit -h, --help show this help message and exit -f FILENAME, --file=FILENAME Please Specify Path o...

shuffleDNS - Wrapper Around Massdns Written In Go That Allows You To Enumerate Valid Subdomains

shuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support. Based on the work on massdns project by @blechschmidt. Features Simple and modular code ba...

Multi-Juicer - Run Capture The Flags And Security Trainings With OWASP Juice Shop

Running CTFs and Security Trainings with OWASP Juice Shop is usually quite tricky, Juice Shop just isn't intended to be used by multiple users at a time. Instructing everybody how to start Juice Shop on their own machine works ok, but takes away too much valuable time. MultiJuicer gives you the...

Faraday v3.6 - Collaborative Penetration Test and Vulnerability Management Platform

Here are the main new features and improvements in Faraday v3.6: WelcomeService Now A new way to send vulnerabilities is available! We integrated Faraday with Service Now, giving you more options to work with. Burp plugin was totally revamped We have been working hard to make several changes to...

Frameless-Bitb - A New Approach To Browser In The Browser (BITB) Without The Use Of Iframes, Allowing The Bypass Of Traditional Framebusters Implemented By Login Pages Like Microsoft And The Use With Evilginx

A new approach to Browser In The Browser BITB without the use of iframes, allowing the bypass of traditional framebusters implemented by login pages like Microsoft. This POC code is built for using this new BITB with Evilginx, and a Microsoft Enterprise phishlet. Before diving deep into this, I...

SharpStrike - A Post Exploitation Tool Written In C# Uses Either CIM Or WMI To Query Remote Systems

SharpStrike is a post-exploitation tool written in C that uses either CIM or WMI to query remote systems. It can use provided credentials or the current user's session. Note: Some commands will use PowerShell in combination with WMI, denoted with in the --show-commands command. Introduction...

Threatspec - Continuous Threat Modeling, Through Code

Threatspec is an open source project that aims to close the gap between development and security by bringing the threat modelling process further into the development process. This is achieved by having developers and security engineers write threat modeling annotations as comments inside source...

InQL Scanner - A Burp Extension For GraphQL Security Testing

A security testing tool to facilitate GraphQL technology security auditing efforts. InQL can be used as a stand-alone script, or as a Burp Suite extension. InQL Stand-Alone Running inql from Python will issue an Introspection query to the target GraphQL endpoint in order fetch metadata informatio...

JSONBee - A Ready To Use JSONP Endpoints/Payloads To Help Bypass Content Security Policy Of Different Websites

A ready to use JSONP endpoints to help bypass content security policy of different websites. The tool was presented during HackIT 2018 in Kiev. The presentation can be found here not sure why format of the slides is screwed :D:...

Intensio-Obfuscator - Obfuscate A Python Code 2.X And 3.X

Takes a python source code and transform it into an obfuscated python code, replace name of variables - classes - functions to random chars and defined length, removes comments, line breaks and add to each line a random script with an always differents values. Requirement Python = 3.5 Files...

Linkedin2Username - Generate Username Lists For Companies On LinkedIn (OSINT Tool)

OSINT Tool: Generate username lists from companies on LinkedIn. Works with Python2. This is a pure web-scraper, no API key required. You use your valid LinkedIn username and password to login, it will create several lists of possible username formats for all employees of a company you point it at...

SauronEye - Search Tool To Find Specific Files Containing Specific Words, I.E. Files Containing Passwords

SauronEye is a search tool built to aid red teams in finding files containing specific keywords. Features : Search multiple network drives Search contents of files Search contents of Microsoft Office files .doc, .docx, .xls, .xlsx Find VBA macros in old 2003 .xls and .doc files Search multiple...

Pypykatz - Mimikatz Implementation In Pure Python

Mimikatz implementation in pure Python. At least a part of it : Runs on all OS's which support python=3.6 WIKI Since version 0.1.1 the command line changed a little. Worry not, I have an awesome WIKI for you. Installing Install it via pip or by cloning it from github. The installer will create a...

Aircrack-ng 1.6 - Complete Suite Of Tools To Assess WiFi Network Security

Aircrack-ng is a complete suite of tools to assess WiFi network security. It focuses on different areas of WiFi security: Monitoring: Packet capture and export of data to text files for further processing by third party tools. Attacking: Replay attacks, deauthentication, fake access points and...

Lsassy - Extract Credentials From Lsass Remotely

Python library to remotely extract credentials. This blog post explains how it works. You can check the wiki This library uses impacket project to remotely read necessary bytes in lsass dump and pypykatz to extract credentials. Requirements Python = 3.6 pypykatz = 0.3.0 impacket Installation From...

CHAPS - Configuration Hardening Assessment PowerShell Script

CHAPS is a PowerShell script for checking system security settings where additional software and assessment tools, such as Microsoft Policy Analyzer, cannot be installed. The purpose of this script is to run it on a server or workstation to collect configuration information about that system. The...

Functrace - A Function Tracer

functrace is a tool that helps to analyze a binary file with dynamic instrumentation using DynamoRIO http://dynamorio.org/. These are some implemented features based on DynamoRIO: disassemble all the executed code disassemble a specific function dump if these are addresses get arguments of a...

Solarflare - SolarWinds Orion Account Audit / Password Dumping Utility

Credential Dumping Tool for SolarWinds Orion Blog post: https://malicious.link/post/2020/solarflare-release-password-dumper-for-solarwinds-orion/ Credit to @asolino, @gentilkiwi, and @skelsec for helping me figuring out DPAPI. ============================================ | Collecting RabbitMQ...

PwnXSS - Vulnerability XSS Scanner Exploit

A powerful XSS scanner made in python 3.7 Installing Requirements: BeautifulSoup4 pip install bs4 requests pip install requests python 3.7 Commands: git clone https://github.com/pwn0sec/PwnXSS chmod 755 -R PwnXSS cd PwnXSS python3 pwnxss.py --help Usage Basic usage: python3 pwnxss.py -u...

DroidFiles - Get Files From Android Directories

Get files from Android directories, internal and external storage Pictures, Downloads, Whatsapp, Videos, ... Legal disclaimer: Usage of DroidFiles for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws...

PowerShellArsenal - A PowerShell Module Dedicated To Reverse Engineering

PowerShellArsenal is a PowerShell module used to aid a reverse engineer. The module can be used to disassemble managed and unmanaged code, perform .NET malware analysis, analyze/scrape memory, parse file formats and memory structures, obtain internal system information, etc. PowerShellArsenal is...

[zAnti] Android Network Toolkit

Anti consists of 2 parts: The Anti version itself and extendable plugins. Upcoming updates will add functionality, plugins or vulnerabilities/exploits to Anti Using Anti is very intuitive - on each run, Anti will map your network, scan for active devices and vulnerabilities, and will display the...

[Nmap v6.40] Free Security Scanner For Network Exploration & Security Audits

Nmap “ Network Mapper ” is a free and open source license utility for network discovery and security auditing. Many systems and network administrators also find it useful for network inventory, managing service upgrade schedules, monitoring host or service uptime, and many other tasks. Nmap uses...

Nebula - Cloud C2 Framework, Which At The Moment Offers Reconnaissance, Enumeration, Exploitation, Post Exploitation On AWS

Nebula is a Cloud and hopefully DevOps Penetration Testing framework. It is build with modules for each provider and each functionality. As of April 2021, it only covers AWS, but is currently an ongoing project and hopefully will continue to grow to test GCP, Azure, Kubernetes, Docker, or...

SlackPirate - Slack Enumeration And Extraction Tool - Extract Sensitive Information From A Slack Workspace

This is a tool developed in Python which uses the native Slack APIs to extract 'interesting' information from a Slack workspace given an access token. As of May 2018, Slack has over 8 million customers and that number is rapidly rising - the integration and 'ChatOps' possibilities are endless and...

OWASP ASST (Automated Software Security Toolkit) - A Novel Open Source Web Security Scanner

OWASP ASST Automated Software Security Toolkit | A Novel Open Source Web Security Scanner. Note: AWSS is the older name of ASST Introduction Web applications have become an integral part of everyday life, but many of these applications are deployed with critical vulnerabilities that can be fatall...

DetectionLab - Vagrant And Packer Scripts To Build A Lab Environment Complete With Security Tooling And Logging Best Practices

DetectionLab is tested weekly on Saturdays via a scheduled CircleCI workflow to ensure that builds are passing. Purpose This lab has been designed with defenders in mind. Its primary purpose is to allow the user to quickly build a Windows domain that comes pre-loaded with security tooling and som...

Reverse Shell Cheat Sheet

If you’re lucky enough to find a command execution vulnerability during a penetration test, pretty soon afterwards you’ll probably want an interactive shell. If it’s not possible to add a new account / SSH key / .rhosts file and just log in, your next step is likely to be either trowing back a...

Simple SQLi Dumper v5.1 - Tool to find bugs, errors or vulnerabilities in MySQL database

SSDp is an usefull penetration tool to find bugs, errors or vulnerabilities in MySQL database. Functions SQL Injection Operation System Function Dump Database Extract Database Schema Search Columns Name Read File read only Create File read only Brute Table & Column Download Simple SQLi Dumper v5....

[Linux Exploit Suggester] Grab the Linux Operating Systems release version, and return a suggestive list of possible exploits

Linux Exploit Suggester; based on operating system release number. This program run without arguments will perform a 'uname -r' to grab the Linux Operating Systems release version, and return a suggestive list of possible exploits. Nothing fancy, so a patched/back-ported patch may fool this scrip...

[Netsparker Community Edition v2.5.2.0] Released!

Netsparker Community Edition is a SQL Injection Scanner. It’s a free edition of our web vulnerability scanner for the community so you can start securing your website now. It’s user friendly, fast, smart and as always False-Positive-Free. It shares many features with professional edition. It can...

O365-Attack-Toolkit - A Toolkit To Attack Office365

o365-attack-toolkit allows operators to perform an OAuth phishing attack and later on use the Microsoft Graph API to extract interesting information. Some of the implemented features are : Extraction of keyworded e-mails from Outlook. Creation of Outlook Rules. Extraction of files from...

Miteru - An Experimental Phishing Kit Detection Tool

Miteru is an experimental phishing kit detection tool. How it works It collects phishy URLs from the following feeds: CertStream-Suspicious feed via urlscan.io OpenPhish feed via urlscan.io PhishTank feed via urlscan.io Ayashige feed It checks each phishy URL whether it enables directory listing...

Chkdfront - Check Domain Fronting

chkdfront checks if your domain fronting is working by testing the targeted domain fronted domain against your domain front domain. Features Checking your domain fronted against the domain front. Searching an expected string in the response to indicate success. Showing troubleshooting suggestions...

V3n0M-Scanner - Popular Pentesting scanner for SQLi/XSS/LFI/RFI and other Vulns

V3n0M is a free and open source scanner. Evolved from baltazar's scanner, it has adapted several new features that improve fuctionality and usability. It is mostly experimental software. This program is for finding and executing various vulnerabilities. It scavenges the web using dorks and...

Faraday v2.7 - Collaborative Penetration Test and Vulnerability Management Platform

Faraday is the Integrated Multiuser Risk Environment you have alwasy been looking for! It maps and leverages all the data you generate in real time , letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the risks and impacts and risks being assessed by the...

RootHelper - A Bash Script That Downloads And Unzips Scripts That Will Aid With Privilege Escalation On A Linux System

RootHelper Roothelper will aid in the process of privilege escalation on a Linux system that has been compromised, by fetching a number of enumeration and exploit suggestion scripts. The latest version downloads four scripts. Two enumeration shellscripts and two exploit suggesters, one written in...

[Outlook Password Dump] Tool to quickly recover lost email passwords from all versions of Microsoft Outlook

Outlook Password Dump is the free command-line tool to quickly recover lost email passwords from all versions of Microsoft Outlook. Outlook stores passwords for all the configured mail accounts on your system. These passwords are stored in the encrypted format and only respective user can decrypt...