6011 matches found
PasteJacker - Add PasteJacking To Web-Delivery Attacks
The main purpose of the tool is automating PasteJacking/Clipboard poisoning/whatever you name it attack with collecting all the known tricks used in this attack in one place and one automated job as after searching I found there's no tool doing this job the right way. Now while this attack depend...
Atlas - Quick SQLMap Tamper Suggester
Atlas is an open source tool that can suggest sqlmap tampers to bypass WAF/IDS/IPS, the tool is based on returned status code. Screen Installation $ git clone https://github.com/m4ll0k/Atlas.git atlas $ cd atlas $ python atlas.py Usage $ python atlas.py --url http://site.com/index.php?id=PriceASC...
Rosenbridge - Hardware Backdoors In Some X86 CPUs
project:rosenbridge reveals a hardware backdoor in some desktop, laptop, and embedded x86 processors. The backdoor allows ring 3 userland code to circumvent processor protections to freely read and write ring 0 kernel data. While the backdoor is typically disabled requiring ring 0 execution to...
XVNA - Extreme Vulnerable Node Application
XVNA is an extreme vulnerable node application coded in NodejsExpressjs/MongoDB that helps security enthusiasts to learn application security. it's not counseled to host this application online as it is intended to be Vulnerable. We tend to suggest hosting this application in native setting and...
Plecost v1.1.1 - Wordpress Finger Printer Tool
What's Plecost? Plecost is a vulnerability fingerprinting and vulnerability finder for Wordpress blog engine. Why? There are a huge number of Wordpress around the world. Most of them are exposed to be attacked and be converted into a virus, malware or illegal porn provider, without the knowledge ...
URLCrazy - Test domain typos and variations to detect typo squatting, URL hijacking, phishing, and corporate espionage
Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. Usage Detect typo squatters profiting from typos on your domain name Protect your brand by registering popular typos Identify typo domain names that will receive...
Snoop - OSINT Tool For Research Social Media Accounts By Username
OSINT Tool for research social media accounts by username Install Requests Install Requests pip install requests Install BeautifulSoup Install BeautifulSoup pip install beautifulsoup4 Execute the program Execute Snoop python3 snoop.py Download Snoop...
Upload_Bypass_Carnage - File Upload Restrictions Bypass, By Using Different Bug Bounty Techniques!
File Upload Restrictions Bypass, By Using Different Bug Bounty Techniques! POC video: File upload restrictions bypass by using different bug bounty techniques! Tool must be running with all its assets! Installation: pip3 install -r requirements.txt Usage: uploadbypass.py options Options: -h, --he...
Melody - A Transparent Internet Sensor Built For Threat Intelligence
Melody Monitor the Internet's background noise Melody is a transparent internet sensor built for threat intelligence and supported by a detection rule framework which allows you to tag packets of interest for further analysis and threat monitoring. Features Here are some key features of Melody :...
Onelinepy - Python Obfuscator To Generate One-Liners And FUD Payloads
Python Obfuscator To Generate One-Liners And FUD Payloads. Download & Run git clone https://github.com/spicesouls/onelinepy cd onelinepy chmod +x setup.sh ./setup.sh onelinepy Usage Guide | || | . | | -| | | | -| . | | | Python |||||||||| | | Obfustucator || || usage: oneline.py -h -m M -i I...
SQLFluff - A SQL Linter And Auto-Formatter For Humans
SQLFluff is a dialect-flexible and configurable SQL linter. Designed with ELT applications in mind, SQLFluff also works with jinja templating and dbt. SQLFluff will auto-fix most linting errors, allowing you to focus your time on what matters. Getting Started To get started, install the package a...
SharpSphere - .NET Project For Attacking vCenter
SharpSphere gives red teamers the ability to easily interact with the guest operating systems of virtual machines managed by vCenter. It uses the vSphere Web Services API and exposes the following functions: Command & Control - In combination with F-Secure's C3, SharpSphere provides C&C into VMs...
RESTler - The First Stateful REST API Fuzzing Tool For Automatically Testing Cloud Services Through Their REST APIs And Finding Security And Reliability Bugs In These Services
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services. For a given cloud service with an OpenAPI/Swagger specification, RESTler analyzes its entire specification, and then...
Pesidious - Malware Mutation Using Reinforcement Learning And Generative Adversarial Networks
Malware Mutation using Deep Reinforcement Learning and GANs The purpose of the tool is to use artificial intelligence to mutate a malware PE32 only sample to bypass AI powered classifiers while keeping its functionality intact. In the past, notable work has been done in this domain with researche...
Scan-For-Webcams - Scan For Webcams In The Internet
Automatically scan for publically accessible webcams around the internet Usage python MJPG.py : for public MJPG streamers around the internet python webcamXP.py : for public webcamXP streamers around the internet The program will output a list of links with the format of ipaddress:port If your...
Sandcastle - A Python Script For AWS S3 Bucket Enumeration
Inspired by a conversation with Instacart's @nickelser on HackerOne, I've optimised and published Sandcastle – a Python script for AWS S3 bucket enumeration, formerly known as bucketCrawler. The script takes a target's name as the stem argument e.g. shopify and iterates through a file of bucket...
PAKURI - Penetration Test Achieve Knowledge Unite Rapid Interface
What's PAKURI In Japanese, imitating is called “Pakuru”. ぱくる godan conjugation, hiragana and katakana パクる, rōmaji pakuru 1. eat with a wide open mouth 2. steal when one isn't looking, snatch, swipe 3. copy someone's idea or design 4. nab, be caught by the police Wiktionary:ぱくる Description...
CORStest - A Simple CORS Misconfiguration Scanner
A simple CORSmisconfiguration scanner Based on theresearch of James Kettle CORStest is a quick & dirty Python 2 tool to find Cross-Origin Resource Sharing CORS misconfigurations. It takes a text file as input which may contain a list of domain names or URLs. Currently, the following potential...
Glances - An Eye On Your System. A Top/Htop Alternative For GNU/Linux, BSD, Mac OS And Windows Operating Systems
Glances is a cross-platform monitoring tool which aims to present a large amount of monitoring information through a curses or Web based interface. The information dynamically adapts depending on the size of the user interface. It can also work in client/server mode. Remote monitoring could be do...
Hashcatch - Capture Handshakes Of Nearby WiFi Networks Automatically
Hashcatch deauthenticates clients connected to all nearby WiFi networks and tries to capture the handshakes. It can be used in any linux device including Raspberry Pi and Nethunter devices so that you can capture handshakes while walking your dog Written by @SivaneshAshok PoC of hashcatch running...
Bashter - Web Crawler, Scanner, And Analyzer Framework
Bashter is a tool for scanning a Web-based Application. Bashter is very suitable for doing Bug Bounty or Penentration Testing. It is designed like a framework so you can easily add a script for detect vulnerability. For Example You can add something script like this:...
Quasar - An Information Gathering Framework For Lazy Penetration Testers
Quasar Is An Information Gathering Framework For Penetration Testers Coded By Belahsan Ouerghi: Website Informations E-mail Address Checker Phone Number Information Credit Card Bin Checker Ip Locator Port Scanner Installation sudo apt-get install git git clone...
AES-Killer - Burp Plugin To Decrypt AES Encrypted Traffic Of Mobile Apps
Burpsuite Plugin to decrypt AES Encrypted mobile app traffic. Requirements Burpsuite Java Tested on Burpsuite 1.7.36 Windows 10 xubuntu 18.04 Kali Linux 2018 What it does Decrypt AES Encrypted traffic on proxy tab Decrypt AES Encrypted traffic on proxy, scanner, repeater and intruder How it works...
scanless - Public Port Scan Scrapper
Command-line utility for using websites that can perform port scans on your behalf. Useful for early stages of a penetration test or if you'd like to run a port scan on a host and have it not come from your IP address. scanless adj: lacking respectable morals. That girl is scanless! Public Port...
Crouton - Chromium OS Universal Chroot Environment
crouton is a set of scripts that bundle up into an easy-to-use, Chromium OS-centric chroot generator. Currently Ubuntu and Debian are supported using debootstrap behind the scenes, but "Chromium OS Debian, Ubuntu, and Probably Other Distros Eventually Chroot Environment" doesn't acronymize as wel...
Nimbo-C2 - Yet Another (Simple And Lightweight) C2 Framework
About Nimbo-C2 is yet another simple and lightweight C2 framework. Nimbo-C2 agent supports x64 Windows & Linux. It's written in Nim, with some usage of .NET on Windows by dynamically loading the CLR to the process. Nim is powerful, but interacting with Windows is much easier and robust using...
Scanmycode-Ce - Code Scanning/SAST/Static Analysis/Linting Using Many tools/Scanners With One Report - Scanmycode Community Edition (CE)
It is a Code Scanning/SAST/Static Analysis/Linting solution using many tools/Scanners with One Report. You can also add any tool to it. Currently, it supports many languages and tech stacks. Similar to SonarQube, but it is different. Fig. 1 Scanmycode concept diagram How is Scanmycode different...
Webscan - Browser-based Network Scanner And local-IP Detection
webscan is a browser-based network IP scanner and local IP detector. It detects IPs bound to the user/victim by listening on an RTP data channel via WebRTC and looping back to the port across any live IPs, as well as discovering all live IP addresses on valid subnets by monitoring for immediate...
Git All The Payloads! A Collection Of Web Attack Payloads
Git All the Payloads! A collection of web attack payloads. Pull requests are welcome! Usage run ./get.sh to download external payloads and unzip any payload files that are compressed. Payload Credits fuzzdb - https://github.com/fuzzdb-project/fuzzdb SecLists -...
BlackDir-Framework - Web Application Vulnerability Scanner
Web Application Vulnerability Scanner. 1. Spider Directories 2. Find Sub Domain 3. Advanced Dorks Search 4. Scan list of Dorks 5. Scan WebSites Xss,Sql 6. Reverse Ip Lookup 7. Port Scan Installation: git clone https://github.com/RedVirus0/BlackDir-Framework.git cd BlackDir pip3 install -r...
XSS-Freak - An XSS Scanner Fully Written In Python3 From Scratch
XSS-Freak is an XSS scanner fully written in python3 from scratch. It is one of its kind since it crawls the website for all possible links and directories to expand its attack scope. Then it searches them for input tags and then launches a bunch of XSS payloads. if an input is not sanitized and...
RedPeanut - A Small RAT Developed In .Net Core 2 And Its Agent In .Net 3.5/4.0
RedPeanut is a small RAT developed in .Net Core 2 and its agent in .Net 3.5 / 4.0. RedPeanut code execution is based on shellcode generated with DonutCS. It is therefore a hybrid, although developed in .Net it does not rely solely on the Assembly.Load. This increases the detection surface, but...
Snare - Super Next Generation Advanced Reactive honEypot
snare - Super Next generation Advanced Reactive honEypot Super Next generation Advanced Reactive honEypot About SNARE is a web application honeypot sensor attracting all sort of maliciousness from the Internet. Documentation The documentation can be found here. Basic Concepts Surface first. Focus...
CryptonDie - A Ransomware Developed For Study Purposes
CryptonDie is a ransomware developed for study purposes. Options --key key used to encrypt and decrypt files, default is random stringrecommended --dir Home directory for the attack, default is / --encrypt Encrypt all files --decrypt Decrypt all files --verbose Active verbose mode, default is Fal...
Osmedeus - Fully Automated Offensive Security Tool For Reconnaissance And Vulnerability Scanning
Osmedeus allows you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. How to use If you have no idea what are you doing just type the command below or check out the Advanced Usage ./osmedeus.py -t example.com Installation git clone...
PA Toolkit - A Collection Of Traffic Analysis Plugins Focused On Security
PA Toolkit is a collection of traffic analysis plugins to extend the functionality of Wireshark from a micro-analysis tool and protocol dissector to the macro analyzer and threat hunter. PA Toolkit contains plugins both dissectors and taps covering various scenarios for multiple protocols,...
CloudBunny - A Tool To Capture The Real IP Of The Server That Uses A WAF As A Proxy Or Protection
CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. How works In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye. To use the tools you need the API Keys, you can pick up the following links: Shodan -...
Getsploit v0.2.2 - Command Line Utility For Searching And Downloading Exploits
Command line search and download tool for Vulners Database inspired by searchsploit. It allows you to search online for the exploits across all the most popular collections: Exploit-DB , Metasploit , Packetstorm and others. The most powerful feature is immediate exploit source download right in...
Upload_Bypass - File Upload Restrictions Bypass, By Using Different Bug Bounty Techniques Covered In Hacktricks
UploadBypass is a powerful tool designed to assist Pentesters and Bug Hunters in testing file upload mechanisms. It leverages various bug bounty techniques to simplify the process of identifying and exploiting vulnerabilities, ensuring thorough assessments of web applications. Simplifies the...
Rz-Ghidra - Deep Ghidra Decompiler And Sleigh Disassembler Integration For Rizin
This is an integration of the Ghidra decompiler and Sleigh Disassembler for rizin. It is solely based on the decompiler part of Ghidra, which is written entirely in C++, so Ghidra itself is not required at all and the plugin can be built self-contained. This project was presented, initially for...
PoisonApple - macOS Persistence Tool
Command-line tool to perform various persistence mechanism techniques on macOS. This tool was designed to be used by threat hunters for cyber threat emulation purposes. Install Do it up: $ pip3 install poisonapple --user Note: PoisonApple was written & tested using Python 3.9, it should work usin...
Herpaderping - Process Herpaderping Bypasses Security Products By Obscuring The Intentions Of A Process
Process Herpaderping is a method of obscuring the intentions of a process by modifying the content on disk after the image has been mapped. This results in curious behavior by security products and the OS itself. Summary Generally, a security product takes action on process creation by registerin...
Thoron Framework - Tool To Generate Simple Payloads To Provide Linux TCP Attack
About Thoron Framework Thoron Framework is a Linux post-exploitation framework that exploit Linux tcp vulnerability to get shell-like connection. Thoron Framework is used to generate simple payloads to provide Linux tcp attack. Getting started Thoron installation cd thoron chmod +x install.sh...
Lk Scraper - An Fully Configurable Linkedin Scrape (Scrape Anything Within Linkedin)
Scrapes Any Linkedin Data Installation $ pip install git+git://github.com/jqueguiner/lkscraper Setup Using Docker compose $ docker-compose up -d $ docker-compose run lkscraper python3 Using Docker only forselenium server First, you need to run a selenium server $ docker run -d -p 4444:4444...
Frida API Fuzzer - This Experimetal Fuzzer Is Meant To Be Used For API In-Memory Fuzzing
This experimental fuzzer is meant to be used for API in-memory fuzzing. The design is highly inspired and based on AFL/AFL++. ATM the mutator is quite simple, just the AFL's havoc and splice stages. I tested only the examples under tests/, this is a WIP project but is known to works at least on...
BetterBackdoor - A Backdoor With A Multitude Of Features
A backdoor is a tool used to gain remote access to a machine. Typically, backdoor utilities such as NetCat have 2 main functions: to pipe remote input into cmd or bash and output the response. This is useful, but it is also limited. BetterBackdoor overcomes these limitations by including the...
PyCPU - Central Processing Unit Information Gathering Tool
With this tool you can access detailed information of your processor information. You can also check the security vulnerability based on the current processor information of the processor you have used. Programming Languages : Python System : Linux What is CPU Central Processing Unit ? A central...
Exploit CVE-2017-6079 - Blind Command Injection In Edgewater Edgemarc Devices
This exploit was developed based on the technical description by depthsecurity https://depthsecurity.com/blog/cve-2017-6079-blind-command-injection-in-edgewater-edgemarc-devices Description The HTTP web-management application on Edgewater Networks Edgemarc appliances has a hidden page that allows...
LinkFinder - A Python Script That Finds Endpoints In JavaScript Files
LinkFinder is a python script written to discover endpoints and their parameters in JavaScript files. This way penetration testers and bug hunters are able to gather new, hidden endpoints on the websites they are testing. Resulting in new testing ground, possibility containing new vulnerabilities...
DNSExfiltrator - Data exfiltration over DNS request covert channel
DNSExfiltrator allows for transfering exfiltrate a file over a DNS request covert channel. This is basically a data leak testing tool allowing to exfiltrate data over a covert channel. DNSExfiltrator has two sides: 1. The server side , coming as a single python script dnsexfiltrator.py, which act...