6011 matches found
Multi-Juicer - Run Capture The Flags And Security Trainings With OWASP Juice Shop
Running CTFs and Security Trainings with OWASP Juice Shop is usually quite tricky, Juice Shop just isn't intended to be used by multiple users at a time. Instructing everybody how to start Juice Shop on their own machine works ok, but takes away too much valuable time. MultiJuicer gives you the...
Lsassy - Extract Credentials From Lsass Remotely
Python library to remotely extract credentials. This blog post explains how it works. You can check the wiki This library uses impacket project to remotely read necessary bytes in lsass dump and pypykatz to extract credentials. Requirements Python = 3.6 pypykatz = 0.3.0 impacket Installation From...
Intensio-Obfuscator - Obfuscate A Python Code 2.X And 3.X
Takes a python source code and transform it into an obfuscated python code, replace name of variables - classes - functions to random chars and defined length, removes comments, line breaks and add to each line a random script with an always differents values. Requirement Python = 3.5 Files...
Faraday v3.6 - Collaborative Penetration Test and Vulnerability Management Platform
Here are the main new features and improvements in Faraday v3.6: WelcomeService Now A new way to send vulnerabilities is available! We integrated Faraday with Service Now, giving you more options to work with. Burp plugin was totally revamped We have been working hard to make several changes to...
DCOMrade - Powershell Script For Enumerating Vulnerable DCOM Applications
DCOMrade is a Powershell script that is able to enumerate the possible vulnerable DCOM applications that might allow for lateral movement, code execution, data exfiltration, etc. The script is build to work with Powershell 2.0 but will work with all versions above as well. The script currently...
Winpayloads - Undetectable Windows Payload Generation
Undetectable Windows Payload Generation with extras Running on Python2.7 Getting Started git clone https://github.com/Charliedean/Winpayloads cd WinPayloads sudo ./setup.sh python WinPayloads.py Menu 1 Windows Reverse ShellStageless Shellter 2 Windows Reverse MeterpreterStaged Shellter, UacBypass...
CHAPS - Configuration Hardening Assessment PowerShell Script
CHAPS is a PowerShell script for checking system security settings where additional software and assessment tools, such as Microsoft Policy Analyzer, cannot be installed. The purpose of this script is to run it on a server or workstation to collect configuration information about that system. The...
SlackPirate - Slack Enumeration And Extraction Tool - Extract Sensitive Information From A Slack Workspace
This is a tool developed in Python which uses the native Slack APIs to extract 'interesting' information from a Slack workspace given an access token. As of May 2018, Slack has over 8 million customers and that number is rapidly rising - the integration and 'ChatOps' possibilities are endless and...
Solarflare - SolarWinds Orion Account Audit / Password Dumping Utility
Credential Dumping Tool for SolarWinds Orion Blog post: https://malicious.link/post/2020/solarflare-release-password-dumper-for-solarwinds-orion/ Credit to @asolino, @gentilkiwi, and @skelsec for helping me figuring out DPAPI. ============================================ | Collecting RabbitMQ...
DroidFiles - Get Files From Android Directories
Get files from Android directories, internal and external storage Pictures, Downloads, Whatsapp, Videos, ... Legal disclaimer: Usage of DroidFiles for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws...
InQL Scanner - A Burp Extension For GraphQL Security Testing
A security testing tool to facilitate GraphQL technology security auditing efforts. InQL can be used as a stand-alone script, or as a Burp Suite extension. InQL Stand-Alone Running inql from Python will issue an Introspection query to the target GraphQL endpoint in order fetch metadata informatio...
Functrace - A Function Tracer
functrace is a tool that helps to analyze a binary file with dynamic instrumentation using DynamoRIO http://dynamorio.org/. These are some implemented features based on DynamoRIO: disassemble all the executed code disassemble a specific function dump if these are addresses get arguments of a...
O365-Attack-Toolkit - A Toolkit To Attack Office365
o365-attack-toolkit allows operators to perform an OAuth phishing attack and later on use the Microsoft Graph API to extract interesting information. Some of the implemented features are : Extraction of keyworded e-mails from Outlook. Creation of Outlook Rules. Extraction of files from...
PowerShellArsenal - A PowerShell Module Dedicated To Reverse Engineering
PowerShellArsenal is a PowerShell module used to aid a reverse engineer. The module can be used to disassemble managed and unmanaged code, perform .NET malware analysis, analyze/scrape memory, parse file formats and memory structures, obtain internal system information, etc. PowerShellArsenal is...
Nim-Shell - Reverse Shell That Can Bypass Windows Defender Detection
Reverse shell that can bypass windows defender detection $ apt install nim Compilation nim c -d:mingw --app:gui nimshell.nim Change the IP address and port number you want to listen to in the nimshell.nim file according to your device. and listen $ nc -nvlp 4444 Download Nim-Shell...
LFI-FINDER - Tool Focuses On Detecting Local File Inclusion (LFI) Vulnerabilities
Written by TMRSWRR Version 1.0.0 Instagram: TMRSWRR How to use LFI-FINDER is an open-source tool available on GitHub that focuses on detecting Local File Inclusion LFI vulnerabilities. Local File Inclusion is a common security vulnerability that allows an attacker to include files from a web serv...
Nebula - Cloud C2 Framework, Which At The Moment Offers Reconnaissance, Enumeration, Exploitation, Post Exploitation On AWS
Nebula is a Cloud and hopefully DevOps Penetration Testing framework. It is build with modules for each provider and each functionality. As of April 2021, it only covers AWS, but is currently an ongoing project and hopefully will continue to grow to test GCP, Azure, Kubernetes, Docker, or...
Cutter - Free And Open-Source GUI For Radare2 Reverse Engineering Framework
Cutter is a free and open-source GUI for radare2 reverse engineering framework. Its goal is making an advanced, customizable and FOSS reverse-engineering platform while keeping the user experience at mind. Cutter is created by reverse engineers for reverse engineers. Downloading a release Cutter ...
[Nmap v6.40] Free Security Scanner For Network Exploration & Security Audits
Nmap “ Network Mapper ” is a free and open source license utility for network discovery and security auditing. Many systems and network administrators also find it useful for network inventory, managing service upgrade schedules, monitoring host or service uptime, and many other tasks. Nmap uses...
PANO - Advanced OSINT Investigation Platform Combining Graph Visualization, Timeline Analysis, And AI Assistance To Uncover Hidden Connections In Data
PANO is a powerful OSINT investigation platform that combines graph visualization, timeline analysis, and AI-powered tools to help you uncover hidden connections and patterns in your data. Getting Started 1. Clone the repository: bash git clone https://github.com/ALW1EZ/PANO.git cd PANO 2. Run th...
FalconEye - Real-time detection software for Windows process injections
FalconEye is a windows endpoint detection software for real-time process injections. It is a kernel-mode driver that aims to catch process injections as they are happening real-time. Since FalconEye runs in kernel mode, it provides a stronger and reliable defense against process injection...
RedWarden - Flexible CobaltStrike Malleable Redirector
RedWarden - Flexible CobaltStrike Malleable Redirector previously known as proxy2's malleableredirector plugin Let's raise the bar in C2 redirectors IR resiliency, shall we? Red Teaming business has seen several different great ideas on how to combat incident responders and misdirect them while...
Paragon - Red Team Engagement Platform With The Goal Of Unifying Offensive Tools Behind A Simple UI
Paragon is a Red Team engagement platform. It aims to unify offensive tools behind a simple UI, abstracting much of the backend work to enable operators to focus on writing implants and spend less time worrying about databases and css. The repository also provides some offensive tools already...
Miteru - An Experimental Phishing Kit Detection Tool
Miteru is an experimental phishing kit detection tool. How it works It collects phishy URLs from the following feeds: CertStream-Suspicious feed via urlscan.io OpenPhish feed via urlscan.io PhishTank feed via urlscan.io Ayashige feed It checks each phishy URL whether it enables directory listing...
Reverse Shell Cheat Sheet
If you’re lucky enough to find a command execution vulnerability during a penetration test, pretty soon afterwards you’ll probably want an interactive shell. If it’s not possible to add a new account / SSH key / .rhosts file and just log in, your next step is likely to be either trowing back a...
WSSAT v2.0 - Web Service Security Assessment Tool
WSSAT is an open source web service security scanning tool which provides a dynamic environment to add, update or delete vulnerabilities by just editing its configuration files. This tool accepts WSDL address list as input file and for each service, it performs both static and dynamic tests again...
RootHelper - A Bash Script That Downloads And Unzips Scripts That Will Aid With Privilege Escalation On A Linux System
RootHelper Roothelper will aid in the process of privilege escalation on a Linux system that has been compromised, by fetching a number of enumeration and exploit suggestion scripts. The latest version downloads four scripts. Two enumeration shellscripts and two exploit suggesters, one written in...
[Outlook Password Dump] Tool to quickly recover lost email passwords from all versions of Microsoft Outlook
Outlook Password Dump is the free command-line tool to quickly recover lost email passwords from all versions of Microsoft Outlook. Outlook stores passwords for all the configured mail accounts on your system. These passwords are stored in the encrypted format and only respective user can decrypt...
ARTIF - An Advanced Real Time Threat Intelligence Framework To Identify Threats And Malicious Web Traffic On The Basis Of IP Reputation And Historical Data.
ARTIF is a new advanced real time threat intelligence framework built that adds another abstraction layer on the top of MISP to identify threats and malicious web traffic on the basis of IP reputation and historical data. It also performs automatic enrichment and threat scoring by collecting,...
BabyShark - Basic C2 Server
This is a basic C2 generic server written in Python and Flask. This code has based ideia to GTRS, which uses Google Translator as a proxy for sending commands to the infected host. The BabyShark project aims to centralize reverse connections with agents, creating a way to centralize several types...
Manul - A Coverage-Guided Parallel Fuzzer For Open-Source And Blackbox Binaries On Windows, Linux And MacOS
Manul is a coverage-guided parallel fuzzer for open-source and black-box binaries on Windows, Linux and macOS beta written in pure Python. Quick Start pip3 install psutil git clone https://github.com/mxmssh/manul cd manul mkdir in mkdir out echo "AAAAAA" in/test python3 manul.py -i in -o out -n 4...
Flare-Emu - Powered by IDA Pro and the Unicorn emulation framework that provides scriptable emulation features for the x86, x86_64, ARM, and ARM64 architectures to reverse engineers
flare-emu marries IDA Pro’s binary analysis capabilities with Unicorn’s emulation framework to provide the user with an easy to use and flexible interface for scripting emulation tasks. It is designed to handle all the housekeeping of setting up a flexible and robust emulator for its supported...
Stardox - Github Stargazers Information Gathering Tool
Stardox is an advanced github stargazers information gathering tool. It scraps Github for information and display them in list tree view.It can be used for collecting information of your's/someones repository stargazers details. What data it fetchs : 1. Total repsitories 2. Total stars 3. Total...
Barq - The AWS Cloud Post Exploitation Framework!
barq: The AWS Cloud Post Exploitation framework! What is it? barq is a post-exploitation framework that allows you to easily perform attacks on a running AWS infrastructure. It allows you to attack running EC2 instances without having the original instance SSH keypairs. It also allows you to...
Chkdfront - Check Domain Fronting
chkdfront checks if your domain fronting is working by testing the targeted domain fronted domain against your domain front domain. Features Checking your domain fronted against the domain front. Searching an expected string in the response to indicate success. Showing troubleshooting suggestions...
PF_RING - High-Speed Packet Capture, Filtering And Analysis
PFRING™ is a new type of network socket that dramatically improves the packet capture speed, and that’s characterized by the following properties: 1. Available for Linux kernels 2.6.32 and newer. 2. No need to patch the kernel: just load the kernel module. 3. 10 Gbit Hardware Packet Filtering usi...
Goscan - Interactive Network Scanner
GoScan is an interactive network scanner client, featuring auto-completion, which provides abstraction and automation over nmap. Although it started as a small side-project I developed in order to learn @golang, GoScan can now be used to perform host discovery, port scanning, and service...
V3n0M-Scanner - Popular Pentesting scanner for SQLi/XSS/LFI/RFI and other Vulns
V3n0M is a free and open source scanner. Evolved from baltazar's scanner, it has adapted several new features that improve fuctionality and usability. It is mostly experimental software. This program is for finding and executing various vulnerabilities. It scavenges the web using dorks and...
Pickl3 - Windows Active User Credential Phishing Tool
Pickl3 is Windows active user credential phishing tool. You can execute the Pickl3 and phish the target user credential. Operational Usage - 1 Nowadays, since the operating system of many end users is Windows 10, we cannot easily steal account information with Mimikatz-like projects like the old...
Konan - Advanced Web Application Dir Scanner
Konan is an advanced open source tool designed to brute force directories and files names on web/application servers. Installation Download Konan by cloning the Git repository: git clone https://github.com/m4ll0k/Konan.git konan Install requirements with pip cd konan && pip install -r...
Brutality - A Fuzzer For Any GET Entries
A fuzzer for any GET entries. Features Multi-threading on demand Fuzzing, bruteforcing GET params Find admin panels Colored output Hide results by return code, word numbers Proxy support Big wordlist Colored Usages Install git clone https://github.com/ManhNho/brutality.git chmod 755 -R brutality/...
Sniffglue - Secure Multithreaded Packet Sniffer
sniffglue is a network sniffer written in rust. Network packets are parsed concurrently using a thread pool to utilize all cpu cores. Project goals are that you can run sniffglue securely on untrusted networks and that it must not crash when processing packets. The output should be as useful as...
CredSniper - Phishing Framework which supports SSL and capture credentials with 2FA tokens
Easily launch a new phishing site fully presented with SSL and capture credentials along with 2FA tokens using CredSniper. The API provides secure access to the currently captured credentials which can be consumed by other applications using a randomly generated API token. Benefits Fully supporte...
Karton - Distributed Malware Processing Framework Based On Python, Redis And MinIO
Distributed malware processing framework based on Python, Redis and MinIO. The idea Karton is a robust framework for creating flexible and lightweight malware analysis backends. It can be used to connect malware analysis systems into a robust pipeline with very little effort. We've been in the...
Tscopy - Tool to parse the NTFS $MFT file to locate and copy specific files
Introducing TScopy It is a requirement during an Incident Response IR engagement to have the ability to analyze files on the filesystem. Sometimes these files are locked by the operating system OS because they are in use, which is particularly frustrating with event logs and registry hives. TScop...
mongoBuster - Hunt Open MongoDB Instances
Hunt Open MongoDB instances! Features Worlds fastest and most efficient scanner Uses Masscan . Scans entire internet by default, So fire the tool and chill. Hyper efficient - Uses Go-routines which are even lighter than threads. Pre-Requisites - Go language sudo apt install golang Masscan sudo ap...
Scanner-Cli - A Project Security/Vulnerability/Risk Scanning Tool
The Hawkeye scanner-cli is a project security, vulnerability and general risk highlighting tool. It is meant to be integrated into your pre-commit hooks and your pipelines. Running and configuring the scanner The Hawkeye scanner-cli assumes that your directory structure is such that it keeps the...
HashPump - A Tool To Exploit The Hash Length Extension Attack In Various Hashing Algorithms
A tool to exploit the hash length extension attack in various hashing algorithms. Currently supported algorithms: MD5, SHA1, SHA256, SHA512. Help Menu $ hashpump -h HashPump -h help -t test -s signature -d data -a additional -k keylength HashPump generates strings to exploit signatures vulnerable...
BypassFuzzer - Fuzz 401/403/404 Pages For Bypasses
The original 403fuzzer.py : Fuzz 401/403ing endpoints for bypasses This tool performs various checks via headers, path normalization, verbs, etc. to attempt to bypass ACL's or URL validation. It will output the response codes and length for each request, in a nicely organized, color coded way so...
HTTP Bridge - Send TCP Stream Packets Over Simple HTTP Request
I've wrote this program as a proof of concept to test the idea of be able to send tcp stream packets over simple http request like PUT, PATCH, POST, GET, without use a proxy way like CONNECT method. Also as a practice exercise to train my novice skill on rust language. Description These tool is...