Sarenka - OSINT Tool - Data From Services Like Shodan, Censys Etc. In One Place

SARENKA is an Open Source Intelligence OSINT tool which helps you obtaining and understanding Attack Surface. The main goal is to gathering infromation from search engines for Internet-connected devices https://censys.io/ , https://www.shodan.io/. It scraps data about Common Vulnerabilities and...

Project iKy - Tool That Collects Information From An Email And Shows Results In A Nice Visual Interface

Project iKy is a tool that collects information from an email and shows results in a nice visual interface. Visit the Gitlab Page of the Project Project First of all we want to advice you that we have changed the Frontend from AngularJS to Angular 7. For this reason we left the project with...

IntruderPayloads - A Collection Of Burpsuite Intruder Payloads, Fuzz Lists And File Uploads

A collection of Burpsuite Intruder payloads and fuzz lists and pentesting methodology. To pull down all 3rd party repos, run install.sh in the same directory of the IntruderPayloads folder. Author: 1N3@CrowdShield https://crowdshield.com PENTEST METHODOLOGY v2.0 BASIC PASSIVE AND ACTIVE CHECKS:...

Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking

The Damn Vulnerable Drone is an intentionally vulnerable drone hacking simulator based on the popular ArduPilot/MAVLink architecture, providing a realistic environment for hands-on drone hacking. About the Damn Vulnerable Drone What is the Damn Vulnerable Drone? The Damn Vulnerable Drone is a...

Lynis 2.7.5 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

ByeDPIAndroid - App To Bypass Censorship On Android

Android application that runs a local VPN service to bypass DPI Deep Packet Inspection and censorship. This application runs a SOCKS5 proxy ByeDPI and redirects all traffic through it. Installation Or use Obtainium 1. Install Obtainium 2. Add the app by URL:...

grapheneX - Automated System Hardening Framework

grapheneX In computing, hardening is usually the process of securing a system by reducing its surface of vulnerability, which is larger when a system performs more functions; in principle a single-function system is more secure than a multipurpose one. Reducing available ways of attack typically...

CamPhish - Grab Cam Shots From Target'S Phone Front Camera Or PC Webcam Just Sending A Link.

Grab cam shots from target's phone front camera or PC webcam just sending a link. What is CamPhish? CamPhish is techniques to take cam shots of target's phone fornt camera or PC webcam. CamPhish Hosts a fake website on in built PHP server and uses ngrok & serveo to generate a link which we will...

DiscordRAT - Discord Remote Administration Tool Fully Written In Python

Discord Remote Administration Tool fully written in Python3. This is a RAT controlled over Discord with over 20 post exploitation modules. Disclaimer: This tool is for educational use only, the author will not be held responsible for any misuse of this tool. This is my first project on github as...

Shellphish - Phishing Tool For 18 Social Media (Instagram, Facebook, Snapchat, Github, Twitter...)

Phishing Tool for 18 social media: Instagram, Facebook, Snapchat, Github, Twitter, Yahoo, Protonmail, Spotify, Netflix, Linkedin, Wordpress, Origin, Steam, Microsoft, InstaFollowers, Gitlab, Pinterest. This script uses some webpages generated bySocialFish Tool...

Ponce - IDA Plugin For Symbolic Execution Just One-Click Away!

Ponce pronounced 'poN θe pon-they is an IDA Pro plugin that provides users the ability to perform taint analysis and symbolic execution over binaries in an easy and intuitive fashion. With Ponce you are one click away from getting all the power from cutting edge symbolic execution. Entirely writt...

Keyhacks - A Repository Which Shows Quick Ways In Which API Keys Leaked By A Bug Bounty Program Can Be Checked To See If They'Re Valid

KeyHacks shows ways in which particular API keys found on a Bug Bounty Program can be used, to check if they are valid. @Gwen001 has scripted the entire process available here and it can be found here Table of Contents ABTasty API Key Algolia API key Amplitude API Keys Asana Access token AWS Acce...

Lockphish - The First Tool For Phishing Attacks On The Lock Screen, Designed To Grab Windows Credentials, Android PIN And iPhone Passcode

Lockphish it's the first tool 07/04/2020 for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode using a https link. LockPhish Tutorial:https://www.kalilinux.in/2020/05/lockphish.html Author: The Linux Choice Who deleted his GitHub repository...

mongoaudit - A Powerful MongoDB Auditing and Pentesting Tool

mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing. Installing with pip This is the recommended installation method in case you have python and pip . pip install mongoaudit Alternative installer Use this if and only...

Ghidra_Kernelcache - A Ghidra Framework For iOS Kernelcache Reverse Engineering

This framework is the end product of my experience in reverse engineering iOS kernelcache,I do manually look for vulnerabilities in the kernel and have automated most of the things I really wanted to see in Ghidra to speed up the process of reversing, and this proven to be effective and saves a l...

Fuzzilli - A JavaScript Engine Fuzzer

A coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language "FuzzIL" which can be mutated and translated to JavaScript. Usage The basic steps to use this fuzzer are: 1. Download the source code for one of the supported JavaScript engines. See the Targets/...

DVWA - Damn Vulnerable Web Application

Damn Vulnerable Web Application DVWA is a PHP/MySQL web application that is damn vulnerable. Its main goal is to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and to aid...

Emp3R0R - Linux Post-Exploitation Framework Made By Linux User

linux post-exploitation framework made by linux user Still under active development 中文介绍 check my blog for updates how to use what to expect in future releases packer: cryptor + memfdcreate packer: use shmopen in older Linux kernels dropper: shellcode injector - python injector: inject shellcode...

ADBSploit - A Python Based Tool For Exploiting And Managing Android Devices Via ADB

A python based tool for exploiting and managing Android devices via ADB Currently on development Screenrecord Stream Screenrecord Extract Contacts Extract SMS Extract Messasing App Chats WhatsApp/Telegram/Line Install Backdoor And more... Installation First Download or clone repo git clone...

Zphisher - Automated Phishing Tool

Zphisher is an upgraded form of Shellphish. The main source code is fromShellphish . But I have not fully copied it . I have upgraded it & cleared the Unnecessary Files . Zphisher has 37 Phishing Page Templates ; including Facebook , Twitter & Paypal . It also has 4 Port Forwarding Tools . You ca...

Universal Radio Hacker - Investigate Wireless Protocols Like A Boss

The Universal Radio Hacker is a software for investigating unknown wireless protocols. Features include hardware interfaces for common Software Defined Radios easy demodulation of signals assigning participants to keep overview of your data customizable decodings to crack even sophisticated...

Gotestwaf - Go Test WAF Is A Tool To Test Your WAF Detection Capabilities Against Different Types Of Attacks And By-Pass Techniques

An open-source Go project to test different web application firewalls WAF for detection logic and bypasses. How it works It is a 3-steps requests generation process that multiply amount of payloads to encoders and placeholders. Let's say you defined 2 payloads, 3 encoders Base64, JSON, and...

slopShell - The Only Php Webshell You Need

php webshell Since I derped, and forgot to talk about usage. Here goes. For this shell to work, you need 2 things, a victim that allows php file uploadyourself, in an educational environment and a way to send http requests to this webshell. Basic Usage VideoHosted on Youtube: Current VT Detection...

CQTools - The New Ultimate Windows Hacking Toolkit

CQURE Team has prepared tools used during penetration testing and packed those in a toolkit named CQTools. This toolkit allows to deliver complete attacks within the infrastructure, starting with sniffing and spoofing activities, going through information extraction, password extraction, custom...

GitDump - A Pentesting Tool That Dumps The Source Code From .Git Even When The Directory Traversal Is Disabled

GitDump dumps the source code from .git when thedirectory traversal is disabled Requirements Python3 Tested on Windows Kali Linux What it does Dump source code from website/.git directory when directory traversal is disabled. How it works Fetch all common files .git/index, .git/HEAD, .git/ORIGHEA...

Infoga - Email OSINT

Infoga is a tool gathering email accounts informations ip,hostname,country,... from different public source search engines, pgp key servers and shodan and check if emails was leaked using haveibeenpwned.com API. Is a really simple tool, but very effective for the early stages of a penetration tes...

[Facebook Password Decryptor v5.5 ] Facebook Password Recovery Software

Facebook Password Decryptor is the FREE software to instantly recover Facebook account passwords stored by popular Web Browsers and Messengers. It is one of our most popular software with over One Million Downloads worldwide. Here is the complete list of supported applications. Internet Explorer...

pwnedOrNot v1.1.7 - OSINT Tool To Find Passwords For Compromised Email Addresses

pwnedOrNot uses haveibeenpwned v2 api to test email accounts and tries to find the password in Pastebin Dumps. Features haveibeenpwned offers a lot of information about the compromised email, some useful information is displayed by this script: Name of Breach Domain Name Date of Breach Fabricatio...

SocialFish v2 - Educational Phishing Tool & Information Collector

Ultimate phishing tool with Ngrok integrated. Are you looking for SF's mobile controller? UndeadSec/SocialFishMobile PREREQUISITES Python 2.7 Wget from Python PHP TESTED ON Kali Linux - ROLLING EDITION CLONE git clone https://github.com/UndeadSec/SocialFish.git RUNNING cd SocialFish sudo pip...

Kali Linux 2018.4 Release - Penetration Testing and Ethical Hacking Linux Distribution

Welcome to our fourth and final release of 2018, Kali Linux 2018.4, which is available for immediate download. This release brings kernel up to version 4.18.10, fixes numerous bugs, includes many updated packages, and a very experimental 64-bit Raspberry Pi 3 image. New Tools and Tool Upgrades...

PyRDP - RDP Monster-In-The-Middle (Mitm) And Library For Python With The Ability To Watch Connections Live Or After The Fact

PyRDP is a Python Remote Desktop Protocol RDP Monster-in-the-Middle MITM tool and library. It features a few tools: RDP Monster-in-the-Middle Logs credentials used when connecting Steals data copied to the clipboard Saves a copy of the files transferred over the network Crawls shared drives in th...

Hatch - Tool To Brute Force Most Websites

Hatch is a brute force tool that is used to brute force most websites Installation Instructions git clone https://github.com/MetaChar/Hatch python2 main.py Requirements pip2 install selenium pip2 install pyvirtualdisplay pip2 install requests sudo apt-get install xserver-xephyr chrome driver and...

NodeJsScan - A Static Security Code Scanner For Node.js Applications

Static security code scanner SAST for Node.js applications. Configure & Run NodeJsScan Install Postgres and configure SQLALCHEMYDATABASEURI in core/settings.py pip3 install -r requirements.txt python3 migrate.py Run once to create database entries required python3 app.py Testing Environment...

XSStrike v3.0 - Most Advanced XSS Detection Suite

Why XSStrike? Every XSS scanner out there has a list of payloads, they inject the payloads and if the payload is reflected into the webpage, it is declared vulnerable but that's just stupid. XSStrike on the other hand analyses the response with multiple parsers and then crafts payloads that are...

QRLJacker v2.0 - QRLJacking Exploitation Framework

QRLJacker is a highly customizable exploitation framework to demonstrate "QRLJacking Attack Vector" to show how it is easy to hijack services that depend on the QR Code as an authentication and login method, Mainly it aims to raise security awareness regarding all the services using the QR Code a...

CamOver - A Camera Exploitation Tool That Allows To Disclosure Network Camera Admin Password

CamOver is a camera exploitation tool that allows to disclosure network camera admin password. Features Exploits vulnerabilities in most popular camera models such as CCTV, GoAhead and Netwave. Optimized to exploit multiple cameras at one time from list with threading enabled. Simple CLI and API...

Regexploit - Find Regular Expressions Which Are Vulnerable To ReDoS (Regular Expression Denial Of Service)

Find regexes which are vulnerable to Regular Expression Denial of Service ReDoS. More info onthe Doyensec blog Many default regular expression parsers have unbounded worst-case complexity. Regex matching may be quick when presented with a matching input string. However, certain non-matching input...

Seatbelt - A C# Project That Performs A Number Of Security Oriented Host-Survey "Safety Checks" Relevant From Both Offensive And Defensive Security Perspectives

Seatbelt is a C project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives. @andrewchiles' HostEnum.ps1 script and @tifkin's Get-HostProfile.ps1 provided inspiration for many of the artifacts to collect. @harmj0...

BYOB - Build Your Own Botnet

BYOB Build Your Own Botnet Disclaimer : This project should be used for authorized testing or educational purposes only. BYOB is an open-source project that provides a framework for security researchers and developers to build and operate a basic botnet to deepen their understanding of the...

Sudomy - Subdomain Enumeration & Analysis

Sudomy is a subdomain enumeration tool, created using a bash script, to analyze domains and collect subdomains in fast and comprehensive way. Features For recent time,Sudomy has these 9 features: Easy, light, fast and powerful. Bash script is available by default in almost all Linux distributions...

Hashcat v4.2.1 - World's Fastest and Most Advanced Password Recovery Utility

hashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable...

gdbgui - A browser-based frontend/gui for GDB

A modern, browser-based frontend to gdb gnu debugger. Add breakpoints, view stack traces, and more in C, C++, Go, and Rust! Simply run gdbgui from the terminal and a new tab will open in your browser. Install sudo pip install gdbgui --upgrade Since gdbgui is under active development, consider...

MemProcFS - The Memory Process File System

The Memory Process File System is an easy and convenient way of accessing physical memory as files a virtual file system. Easy trivial point and click memory analysis without the need for complicated commandline arguments! Access memory content and artifacts via files in a mounted virtual file...

pwnedOrNot v1.1.0 - Tool To Find Passwords For Compromised Email Accounts Using HaveIBeenPwned API

pwnedOrNot uses haveibeenpwned v2 api to test email accounts and tries to find the password in Pastebin Dumps. Features haveibeenpwned offers a lot of information about the compromised email, some useful information is displayed by this script: Name of Breach Domain Name Date of Breach Fabricatio...

TeleShadow - Telegram Desktop Session Stealer (Windows)

Stealing desktop telegrams has never been so easy ! Set the email and sender details of the sender and recipient and send it to the victim after compiling. How do I use the session file? Delete everything inside folder at "C:\Users\YourName\AppData\Roaming\Telegram Desktop\tdata" Then Replace...

rootOS - macOS Root Helper

Tries to use various CVEs to gain sudo or root access. All exploits have an end goal of adding ALL ALL=ALL NOPASSWD: ALL to /etc/sudoers allowing any user to run sudo commands. Exploits CVE-2008-2830 CVE-2015-3760 CVE-2015-5889 CVE-2017-13872 AppleScript Dynamic Phishing Sudo Piggyback Link Run...

Collection Of Awesome Honeypots

A curated list of awesome honeypots, tools, components and much more. The list is divided into categories such as web, services, and others, focusing on open source projects. Honeypots Database Honeypots Elastic honey - A Simple Elasticsearch Honeypot mysql - A mysql honeypot, still very very...

Kube-Bench - Checks Whether Kubernetes Is Deployed According To Security Best Practices As Defined In The CIS Kubernetes Benchmark

kube-bench is a Go application that checks whether Kubernetes is deployed securely by running the checks documented in the CIS Kubernetes Benchmark. Tests are configured with YAML files, making this tool easy to update as test specifications evolve. Please Note 1. kube-bench implements the CIS...

Hash-Buster v3.0 - Crack Hashes In Seconds

Why crack hashes when you can bust them? Features Automatic hash type identification Supports MD5, SHA1, SHA256, SHA384, SHA512 Can extract & crack hashes from a file Can find hashes from a directory, recursively Multi-threading Insallation & Usage Note: Hash Buster isn't compatible with python2,...

WinPwn - Automation For Internal Windows Penetrationtest / AD-Security

In many past internal penetration tests I often had problems with the existing Powershell Recon / Exploitation scripts due to missing proxy support. I often ran the same scripts one after the other to get information about the current system and/or the domain. To automate as many internal...