6011 matches found
JSFScan.sh - Automation For Javascript Recon In Bug Bounty
Blog can be found at https://medium.com/@patelkathan22/beginners-guide-on-how-you-can-use-javascript-in-bugbounty-492f6eb1f9ea?sk=21500dc4288281c7e6ed2315943269e7 Script made for all your javascript recon automation in bugbounty. Just pass subdomain list to it and options according to your...
Zap-Hud - The OWASP ZAP Heads Up Display (HUD)
The HUD is new interface that provides the functionality of ZAP directly in the browser. Learn more: Blog: Hacking with a Heads Up Display Video: The OWASP ZAP HUD - Usable Security Tooling Wiki: Inside the HUD Using the HUD Downloading You can try out ZAP enabled with the HUD via any of: Downloa...
Frp - A Fast Reverse Proxy To Help You Expose A Local Server Behind A NAT Or Firewall To The Internet
A Fast Reverse Proxy To Help You Expose A Local Server Behind A NAT Or Firewall To The Internet. Development Status frp is under development. Try the latest release version in the master branch, or use the dev branch for the version in development. The protocol might change at a release and we...
VPS-Docker-For-Pentest - Create A VPS On Google Cloud Platform Or Digital Ocean Easily With The Docker For Pentest
Create a VPS on Google Cloud Platform or Digital Ocean easily with the docker for pentest included to launch the assessment to the target. Requirements Terraform installed Ansible installed SSH private and public keys Google Cloud Platform or Digital Ocean account. Usage 1.- Clone the repository...
Carina - Webshell, Virtual Private Server (VPS) And cPanel Database
Carina is a web application used to store webshell, Virtual Private Server VPS and cPanel data. Carina is made so that we don't need to store webshell, VPS or cPanel data in "strange places". Screenshots Install Carina 1. $ git clone https://github.com/c0delatte/carina && cd carina 2. Run compose...
Lollipopz - Data Exfiltration Utility For Testing Detection Capabilities
Data exfiltration utility used for testing detection capabilities of security products. Obviously for legal purposes only. Exfiltration How-To /etc/shadow - HTTP GET requests Server ./lollipopz-cli.py -m lollipopz.methods.http.paramcipher.GETServer -lp 80 -o output.log Client $ ./lollipopz-cli.py...
ConEmu - Customizable Windows Terminal With Tabs, Splits, Quake-Style, Hotkeys And More
ConEmu-Maximus5 is a Windows console emulator with tabs, which represents multiple consoles as one customizable GUI window with various features. Initially, the program was created as a companion to Far Manager, my favorite shell replacement - file and archive management, command history and...
Aduket - Straight-forward HTTP Client Testing, Assertions Included
Straight-forward HTTP client testing, assertions included! Simple httptest.Server wrapper with a little request recorder spice on it. No special DSL, no complex API to learn. Just create a server and fire your request like an Hadouken then assert them. TODO Add example usages Add docs Add respons...
Goop - Google Search Scraper (Bypass CAPTCHA)
goop can perform google searches without being blocked by the CAPTCHA or hitting any rate limits. How it works? Facebook provides a debugger tool for its scraper. Interestingly, Google doesn't limit the requests made by this debugger whitelisted? and hence it can be used to scrap the google searc...
SharpSploitConsole - Console Application Designed To Interact With SharpSploit
Console Application designed to interact with SharpSploit released by @cobbrio SharpSploit is a tool written by @cobbrio that combines many techniques/C code from the infosec community and combines it into one sweet DLL. It's awesome so check it out! Description SharpSploit Console is just a quic...
PenCrawLer - An Advanced Web Crawler And DirBuster
An Advanced Web Crawler and DirBuster PeNCrawLer is an advanced webcrawler and dirbuster designed to using in penetration testing based on Windows Os. Web Crawler Features: Follow Redirects Rendering Javascript Extract links from custom HTML-Elements Extract links with Regex-Pattern Black-List...
XSSSNIPER - An Automatic XSS Discovery Tool
XSSSNIPER is an handy xss discovery tool with mass scanning functionalities. Usage: Usage: xsssniper.py options Options: -h, --help show this help message and exit -u URL, --url=URL target URL --post try a post request to target url --data=POSTDATA post data to use --threads=THREADS number of...
MHA - Mail Header Analyzer
Mail header analyzer is a tool written in flask for parsing email headers and converting them to a human readable format and it also can: Identify hop delays. Identify the source of the email. Identify hop country. MHA is an alternative for the following: Name | Dev | Issues ---|---|---...
FileBuster - An Extremely Fast And Flexible Web Fuzzer
An extremely fast and flexible web fuzzer. Why another fuzzer? My main motivation was to write a script that would allow me to fuzz a website based on a dictionary but that allowed me to filter words on that dictionary based on regex patterns. This necessity came from the frustration of trying to...
Fireaway - Next Generation Firewall Audit and Bypass Tool
Fireaway is a tool for auditing, bypassing, and exfiltrating data against layer 7/AppID inspection rules on next generation firewalls. These tactics are based on the principle of having to allow connections to establish through the NGFW in order to see layer 7 data to filter, as well as spoofing...
TestingWhiz - Codeless Software Testing Automation Tool
TestingWhiz is a test automation tool for web, database, cloud, mobile and web services/API testing from Cygnet Infotech. It has a codeless architecture based on FAST Automation Engine with 290+ readily available test commands that provide easy, intuitive and fast automation solution without...
CrackMapExec - A swiss army knife for pentesting Windows/Active Directory environments
CrackMapExec is your one-stop-shop for pentesting Windows/Active Directory environments! From enumerating logged on users and spidering SMB shares to executing psexec style attacks and auto-injecting Mimikatz into memory using Powershell! The biggest improvements over the above tools are: Pure...
Graudit - Find potential security flaws in source code using grep
Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It's comparable to other static analysis applications like RATS, SWAAT and flaw-finder while keeping the technical requirements to a minimum and being very...
[smbexec] A rapid psexec style attack with samba tools
smbexec A rapid psexec style attack with samba tools Original Concept and Script by PureHate & Brav0Hax Codename - Diamond in the Rough Gonna pha-q up - PurpleTeam Smash! Written because we got sick of Metasploit PSExec getting popped Special thanks to Carnal0wnage who's blog inspired us to go th...
Puncia - Subdomain And Exploit Hunter Powered By AI
Puncia utilizes two of our intelligent APIs - Subdomain Center & Exploit Observer, to gather the results. Please note that although these results can sometimes bepretty inaccurate & unreliable, they can greatly differ from time to time due to their self-improvement capabilities. 1. From PyPi - pi...
RedTeam-Physical-Tools - Red Team Toolkit - A Curated List Of Tools That Are Commonly Used In The Field For Physical Security, Red Teaming, And Tactical Covert Entry
Commonly used tools for Red Teaming Engagements, Physical Security Assessments, and Tactical Covert Entry. In this list I decided to share most of the tools I utilize in authorized engagements, along with my personal ranking of their value based on their usage and for you to consider if they shou...
Registry-Recon - Cobalt Strike Aggressor Script That Performs System/AV/EDR Recon
Cobalt Strike Aggressor Script that Performs System/AV/EDR Recon. Author: Jess Hires Description As a red-team practitioner, we are often using tools that attempt to fingerprint details about a compromised system, preferably in the most stealthy way possible. Some of our usual tooling for this...
SLSA - Supply-chain Levels For Software Artifacts
SLSA pronounced "salsa" is security framework from source to service, giving anyone working with software a common language for increasing levels of software security and supply chain integrity. The best way to read about SLSA is to visitslsa.dev. What's in this repo? The primary content of this...
SGXRay - Automating Vulnerability Detection for SGX Apps
Intel SGX protects isolated application logic and sensitive data inside an enclave with hardware-based memory encryption. To use such hardware-based security mechanism requires a strict programming model on memory usage, with complex APIs in and out the enclave boundary. Enclave developers are...
TeamsUserEnum - User Enumeration With Microsoft Teams API
Sometimes user enumeration could be sometimes useful during the reconnaissance of an assessment. This tool will determine if an email is registered on teams or not. More details on the immunIT's blog Usage Microsoft Teams with the search features. This tool validates an email address or a list of...
Scrying - A Tool For Collecting RDP, Web And VNC Screenshots All In One Place
A new tool for collecting RDP, web and VNC screenshots all in one place This tool is still a work-in-progress and should be mostly usable but is not yet complete. Please file any bugs or feature requests as GitHub issues Caveats Web screenshotting relies on Chromium or Google Chrome being install...
FLUFFI (Fully Localized Utility For Fuzzing Instantaneously) - A Distributed Evolutionary Binary Fuzzer For Pentesters
FLUFFI - A distributed evolutionary binary fuzzer for pentesters. About the project High level overview Getting started Usage HOWTOs Technical Details Contributing to FLUFFI LICENSE Bugs found So far, FLUFFI was almost exclusively used on SIEMENS products and solutions. Bugs found therein will no...
Gtunnel - A Robust Tunelling Solution Written In Golang
A TCP tunneling suite built with golang and gRPC. gTunnel can manage multiple forward and reverse tunnels that are all carried over a single TCP/HTTP2 connection. I wanted to learn a new language, so I picked go and gRPC. Client executables have been tested on windows and linux. Dependencies...
RepoPeek - A Python Script To Get Details About A Repository Without Cloning It
RepoPeek is a Python script to get details about a repository without cloning it. All the information are retrieved using the GitHub API. Please Note: API requests made by this module aren't using basic authentication or OAuth. Therefore the rate limit allows for up to 60 requests per hour...
Nishang - Offensive PowerShell For Red Team, Penetration Testing And Offensive Security
Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security, penetration testing and red teaming. Nishang is useful during all phases of penetration testing. By nikhilmitt Usage Import all the scripts in the current PowerShell session...
Betwixt - Web Debugging Proxy Based On Chrome DevTools Network Panel
Betwixt will help you analyze web traffic outside the browser using familiar Chrome DevTools interface. Installing Download the latest release for your operating system, build your own bundle or run Betwixt from the source code. Setting up In order to capture traffic, you'll have to direct it to...
LAVA - Large-scale Automated Vulnerability Addition
Evaluating and improving bug-finding tools is currently difficult due to a shortage of ground truth corpora i.e., software that has known bugs with triggering inputs. LAVA attempts to solve this problem by automatically injecting bugs into software. Every LAVA bug is accompanied by an input that...
DarkSpiritz v2.0 - A Penetration Testing Framework For Linux, MacOS, And Windows Systems
A penetration testing framework for Linux and Windows systems. What is DarkSpiritz? Created by the SynTel Team it was a project of one of the owners to update and clean-up an older pentesting framework he had created to something updated and modern. DarkSpiritz is a re-vamp of the very popular...
Infog - Information Gathering Tool
InfoG is a Shellscript to perform Information Gathering. Features Check Website info Check Phone info IP Tracker Check Valid E-mail Check if site is Up/Down Check internet speed Check Personal info Find IP behind Cloudflare Find Subdomains Port Scan Multi-threaded Check CMS Check DNS leaking Usag...
Ph0Neutria - A Malware Zoo Builder That Sources Samples Straight From The Wild
ph0neutria is a malware zoo builder that sources samples straight from the wild. Everything is stored in Viper for ease of access and manageability. This project was inspired by Ragpicker https://github.com/robbyFux/Ragpicker, formerly known as "Malware Crawler". However, ph0neutria aims to: Limi...
GlobaLeaks - The Open-Source Whistleblowing Software
GlobaLeaks is open-source / free software intended to enable secure and anonymous whistleblowing initiatives developed by the Hermes Center for Transparency and Digital Human Rights. For the user manual refer to the GlobaLeaks's User Manual. For the developer documentation refer to the GlobaLeaks...
Web Shell Detector - PHP Script That Helps You Find And Identify PHP / CGI (Perl) / ASP / ASPX Shells
Web Shell Detector is a php script that helps you find and identify php/cgiperl/asp/aspx shells. Web Shell Detector has a “web shells” signature database that helps to identify “web shell” up to 99%. By using the latest javascript and css technologies, web shell detector has a light weight and...
outis - Custom Remote Administration Tool (RAT)
outis is a custom Remote Administration Tool RAT or something like that. Think Meterpreter or Empire-Agent. However, the focus of this tool is neither an exploit toolkit there are no exploits nor persistent management of targets. The focus is to communicate between server and target system and to...
Hashcat v3.6.0 - World's Fastest and Most Advanced Password Recovery Utility
hashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable...
[iodine] Tunnel application to forward IPv4 traffic through DNS servers (IP over DNS)
iodine lets you tunnel IPv4 data through a DNS server. This can be usable in different situations where internet access is firewalled, but DNS queries are allowed. It runs on Linux, Mac OS X, FreeBSD, NetBSD, OpenBSD and Windows and needs a TUN/TAP device. The bandwidth is asymmetrical with limit...
Mhf - Mobile Helper Framework - A Tool That Automates The Process Of Identifying The Framework/Technology Used To Create A Mobile Application
Mobile Helper Framework is a tool that automates the process of identifying the framework/technology used to create a mobile application. Additionally, it assists in finding sensitive information or provides suggestions for working with the identified platform. How work? The tool searches for fil...
LightsOut - Generate An Obfuscated DLL That Will Disable AMSI And ETW
LightsOut will generate an obfuscated DLL that will disable AMSI & ETW while trying to evade AV. This is done by randomizing all WinAPI functions used, xor encoding strings, and utilizing basic sandbox checks. Mingw-w64 is used to compile the obfuscated C code into a DLL that can be loaded into a...
PersistenceSniper - Powershell Script That Can Be Used By Blue Teams, Incident Responders And System Administrators To Hunt Persistences Implanted In Windows Machines
PersistenceSniper is a Powershell script that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. The script is also available on Powershell Gallery. --- The Why Why writing such a tool, you might ask. Well, for starters, I...
Nipe - An Engine To Make Tor Network Your Default Gateway
The Tor project allows users to surf the Internet, chat and send instant messages anonymously through its own mechanism. It is used by a wide variety of people, companies and organizations, both for lawful activities and for other illicit purposes. Tor has been largely used by intelligence...
Tornado - Anonymously Reverse Shell Over Tor Network Using Hidden Services Without Portforwarding
anonymously reverse shell over onion network using hidden services without portfortwarding Explore the docs fully undetectable reverse shell · View Demo · bulletproof anonymity If you are having any operating system compatiblity issue, let me know. I will try to fix as soon as possible so let's...
NimPackt-v1 - Nim-based Assembly Packer And Shellcode Loader For Opsec And Profit
ByCas van Cooten @chvancooten With special thanks to Marcello Salvati @byt3bl33der and Fabian Mosch @S3cur3Th1sSh1t Description Update: NimPackt-v1 is among the worst code I have ever written I was just starting out learning Nim. Because of this, I started on a full rewrite of NimPackt, dubbed...
Rconn - Rconn Is A Multiplatform Program For Creating Generic Reverse Connections
rconn reverse connection is a multiplatform program for creating reverse connections. It lets you consume services that are behind NAT and/or firewall without adding firewall rules or port-forwarding. This is achieved by creating a connection from the node behind the firewall/NAT to a port on you...
Php_Code_Analysis - San your PHP code for vulnerabilities
This script willscan your code the script can find 1. checkfileupload issues 2. hostheaderinjection 3. SQl injection 4. insecure deserialization 5. openredirect 6. SSRF 7. XSS 8. LFI 9. commandinjection features 1. fast 2. simple report usage: python code.py this will scan one file python code.py...
Lucifer - A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration And More...
A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life Setup git clone https://github.com/Skiller9090/Lucifer.git cd Lucifer pip install -r...
MOSE - Post Exploitation Tool For Configuration Management Servers.
MOSE is a post exploitation tool that enables security professionals with little or no experience with configuration management CM technologies to leverage them to compromise environments. CM tools, such as Puppet, Chef, Salt, and Ansible are used to provision systems in a uniform manner based on...