6011 matches found
Iptable_Evil - An Evil Bit Backdoor For Iptables
iptableevil is a very specific backdoor for iptables that allows all packets with the evil bit set, no matter the firewall rules. The initial implementation is in iptableevil.c, which adds a table to iptables and requires modifying a kernel header to insert a spot for it. The second implementatio...
Koppeling - Adaptive DLL Hijacking / Dynamic Export Forwarding
This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking" blog post. I recommend you start there to contextualize this code. This project is comprised of the following elements: Harness.exe: The "victim" application which i...
SharpHook - Tool Tath Uses Various API Hooks In Order To Give Us The Desired Credentials
SharpHook is inspired by the SharpRDPThief project, It uses various API hooks in order to give us the desired credentials. In the background it uses the EasyHook project, Once the desired process is up and running SharpHook will automatically inject its dependencies into the target process and...
CTF-Party - A Ruby Library To Enhance And Speed Up Script/Exploit Writing For CTF Players
A library to enhance and speed up script/exploit writing for CTF players or security researchers, bug bounty hunters, pentesters but mostly focused on CTF by patching the String class to add a short syntax of usual code patterns. The philosophy is also to keep the library to be pure ruby no...
packetStrider - A Network Packet Forensics Tool For SSH
packetStrider for SSH is a packet forensics tool that aims to provide valuable insight into the nature of SSH traffic, shining a light into the corners of SSH network traffic where golden nuggets of information previously lay in the dark. The problem that packet strider aims to help with AKA Why?...
Perfusion - Exploit For The RpcEptMapper Registry Key Permissions Vulnerability (Windows 7 / 2088R2 / 8 / 2012)
On Windows 7 , Windows Server 2008R2 , Windows 8 , and Windows Server 2012 , the registry key of the RpcEptMapper and DnsCache 7/2008R2 only services is configured with weak permissions. Any local user can create a Performance subkey and then leverage the WindowsPerformance Counters to load an...
Uroboros - A GNU/Linux Monitoring And Profiling Tool Focused On Single Processes
Uroboros is a GNU/Linux monitoring tool focused on single processes. While utilities like top, ps and htop provide great overall details, they often lack useful temporal representation for specific processes, such visual representation of the process data points can be used to profile, debug and...
JWT Key ID Injector - Simple Python Script To Check Against Hypothetical JWT Vulnerability
Simple python script to check against hypothetical JWT vulnerability. Let's say there is an application that uses JWT tokens signed HS256 algorithm. An example token looks like the follow:...
Js-X-Ray - JavaScript And Node.js Open-Source SAST Scanner (A Static Analysis Of Detecting Most Common Malicious Patterns)
JavaScript AST analysis. This package has been created to export the Node-Secure AST Analysis to enable better code evolution and allow better access to developers and researchers. The goal is to quickly identify dangerous code and patterns for developers and Security researchers. Interpreting th...
Webshell-Analyzer - Web Shell Scanner And Analyzer
Web shell analyzer is a cross platform stand-alone binary built solely for the purpose of identifying, decoding, and tagging files that are suspected to be web shells. The web shell analyzer is the bigger brother to the web shell scanner project http://github.com/tstillz/webshell-scan, which only...
Apk-Medit - Memory Search And Patch Tool On Debuggable Apk Without Root & Ndk
Apk-medit is a memory search and patch tool for debuggable apk without root & ndk. It was created for mobile game security testing. Motivation Memory modification is the easiest way to cheat in games, it is one of the items to be checked in the security test. There are also cheat tools that can b...
Moriarty-Project - This Tool Gives Information About The Phone Number That You Entered
What IS Moriarty? Advanced Information Gathering And Osint Tool Moriarty is a tool that tries to find good information about the phone number that you provieded; -Tries To Find Owner Of The Number -Tries To Find Risk Level Of The Number -Tries To Find Location,Time Zone Of The Number,Carrier -Tri...
PENIOT - Penetration Testing Tool for IoT
PENIOT is a penetration testing tool for Internet of Things IoT devices. It helps you to test/penetrate your devices by targeting their internet connectivity with different types of security attacks. In other words, you can expose your device to both active and passive security attacks. After...
Bramble - A Hacking Open Source Suite
Bramble software has been designed for the bramble project. It incorporates many features of pentesting and IT Security. It's easy to use and completely editable. It allows beginners to learn hacking and gives more experienced users a customisable plug and play hacking tools so they can add their...
OWASP Threat Dragon - Cross-Platform Threat Modeling Application
Threat Dragon is a free, open-source, cross-platform threat modeling application including system diagramming and a rule engine to auto-generate threats/mitigations. It is an OWASP Incubator Project. The focus of the project is on great UX, a powerful rule engine and integration with other...
Shodanfy.py - Get Ports, Vulnerabilities, Informations, Banners, ..Etc For Any IP With Shodan (No Apikey! No Rate-Limit!)
Get ports,vulnerabilities,informations,banners,..etc for any IP with Shodan no apikey! no rate limit! Usage python3 shodanfy.py OPTIONS e.g: python3 shodanfy.py 111.111.111.111 python3 shodanfy.py 111.111.111.111 --getports python3 shodanfy.py 111.111.111.111 --getvuln python3 shodanfy.py...
Crescendo - A Swift Based, Real Time Event Viewer For macOS - It Utilizes Apple's Endpoint Security Framework
Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple's Endpoint Security Framework. Getting Started Apple has introduced some new security mechanisms that we need to enable to get Crescendo running. 1.- Ensure that you have moved the app to your /Applications director o...
FuzzBench - Fuzzer Benchmarking As A Service
FuzzBench is a free service that evaluates fuzzers on a wide variety of real-world benchmarks, at Google scale. The goal of FuzzBench is to make it painless to rigorously evaluate fuzzing research and make fuzzing research easier for the community to adopt. We invite members of the research...
Kali Linux 2020.1 Release - Penetration Testing and Ethical Hacking Linux Distribution
We are incredibly excited to announce the first release of 2020, Kali Linux 2020.1. 2020.1 includes some exciting new updates: Non-Root by default Kali single installer image Kali NetHunter Rootless Improvements to theme & kali-undercover New tools Non-Root Throughout the history of Kali and its...
PrivExchange - Exchange Your Privileges For Domain Admin Privs By Abusing Exchange
POC tools accompanying the blog Abusing Exchange: One API call away from Domain Admin. Requirements These tools require impacket. You can install it from pip with pip install impacket, but it is recommended to use the latest version from GitHub. privexchange.py This tool simply logs in on Exchang...
Parrot Security 4.5 - Security GNU/Linux Distribution Designed with Cloud Pentesting and IoT Security in Mind
Parrot 4.5 is officially released, and there are some major changes under the hood, powered by the long-term supported Linux 4.19 kernel series, preparing the project for the upcoming Parrot 5.0 LTS release. For future releases, Parrot Security plans to a support two kernels, stable kernel and a...
Aztarna - A Footprinting Tool For Robots
This repository contains Alias Robotics' aztarna, a footprinting tool for robots. Alias Robotics supports original robot manufacturers assessing their security and improving their quality of software. By no means we encourage or promote the unauthorized tampering with running robotic systems. Thi...
PiKarma - Detects Wireless Network Attacks
Detects wireless network attacks performed by KARMA module fake AP. Starts deauthentication attack for fake access points Working Principle for PiKarma Collects all the packets from Wireless Network. Probe Response Analyses all the packets in real time. If PiKarma finds more than one SSID info fr...
DSSS - Damn Small SQLi Scanner
Damn SmallSQLi Scanner DSSS is a fully functional SQL injection vulnerability scanner supporting GET and POST parameters written in under 100 lines of code. As of optional settings it supports HTTP proxy together with HTTP header values User-Agent, Referer and Cookie. Sample runs $ python dsss.py...
RED HAWK - All In One Tool For Information Gathering, SQL Vulnerability Scannig and Crawling
RED HAWK is An All In One Tool For Information Gathering, SQL Vulnerability Scannig and Crawling. Coded In PHP. Features Of The Tool: Server detection Cloudflare detector robots scanner CMS Detector WordPress Joomla Drupal Magento Whois GEO-IP Scan NMAP Port Scan DNS Lookup SubNet Calculator...
HashPump - A Tool To Exploit The Hash Length Extension Attack In Various Hashing Algorithms
A tool to exploit the hash length extension attack in various hashing algorithms. Currently supported algorithms: MD5, SHA1, SHA256, SHA512. Help Menu $ hashpump -h HashPump -h help -t test -s signature -d data -a additional -k keylength HashPump generates strings to exploit signatures vulnerable...
Al-Khaser v0.65 - Public Malware Techniques Used In The Wild
al-khaser is a PoC malware with good intentions that aimes to stress your anti-malware system. It performs a bunch of nowadays malwares tricks and the goal is to see if you stay under the radar. Possible uses You are making an anti-debug plugin and you want to check its effectiveness. You want to...
Whitewidow 1.5.0 - SQL Vulnerability Scanner
Whitewidow is an open source automated SQL vulnerability scanner, that is capable of running through a file list, or can scrape Google for potential vulnerable websites. It allows automatic file formatting, random user agents, IP addresses, server information, multiple SQL injection syntax, and a...
WSSAT - Web Service Security Assessment Tool
WSSAT is an open source web service security scanning tool which provides a dynamic environment to add, update or delete vulnerabilities by just editing its configuration files. This tool accepts WSDL address list as input file and for each service, it performs both static and dynamic tests again...
PowerUpSQL - A PowerShell Toolkit for Attacking SQL Server
The PowerUpSQL module includes functions that support SQL Server discovery, auditing for common weak configurations, and privilege escalation on scale. It is intended to be used during internal penetration tests and red team engagements. However, PowerUpSQL also includes many functions that could...
Tor Browser 6.0 - Everything you Need to Safely Browse the Internet
The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical...
Wireless Network Watcher v1.81 - Show Who is Connected to your Wireless Network
Wireless Network Watcher is a small utility that scans your wireless network and displays the list of all computers and devices that are currently connected to your network. For every computer or device that is connected to your network, the following information is displayed: IP address, MAC...
Maligno v2.0 - Metasploit Payload Server
Maligno is an open source penetration testing tool written in Python that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded prior to transmission. Maligno also comes with a client tool, which...
ZMap 1.2.1 - The Internet Scanner
ZMap is an open-source network scanner that enables researchers to easily perform Internet-wide network studies. With a single machine and a well provisioned network uplink, ZMap is capable of performing a complete scan of the IPv4 address space in under 45 minutes, approaching the theoretical...
ODAT - Oracle Database Attacking Tool
ODAT Oracle Database Attacking Tool is an open source penetration testing tool that test the security of Oracle Databases remotely. Usage examples of ODAT: You have an Oracle database listening remotely and want to find valid SIDs and credentials in order to connect to the database You have a val...
Python tools for Pentesters
If you are involved in vulnerability research, reverse engineering or penetration testing, I suggest to try out the Python programming language. It has a rich set of useful libraries and programs. This page lists some of them. Most of the listed tools are written in Python, others are just Python...
[TCHead] TrueCrypt Password Cracking Tool
TCHead is software that decrypts and verifies TrueCrypt headers. TCHead supports all the current hashes, individual ciphers, standard volume headers, hidden volume headers and system drive encrypted headers preboot authentication. Brute-force TrueCrypt : However, TrueCrypt passwords go through ma...
Raven - CI/CD Security Analyzer
RAVEN Risk Analysis andVulnerability Enumeration for CI/CD is a powerful security tool designed to perform massive scans for GitHub Actions CI workflows and digest the discovered data into a Neo4j database. Developed and maintained by the Cycode research team. With Raven, we were able to identify...
Afuzz - Automated Web Path Fuzzing Tool For The Bug Bounty Projects
Afuzz is an automated web path fuzzing tool for the Bug Bounty projects. Afuzz is being actively developed by @rapiddns Features Afuzz automatically detects the development language used by the website, and generates extensions according to the language Uses blacklist to filter invalid pages Uses...
AiCEF - An AI-assisted cyber exercise content generation framework using named entity recognition
AiCEF is a tool implementing the accompanying framework 1 in order to harness the intelligence that is available from online resources, as well as threat groups' activities, arsenal eg. MITRE, to create relevant and timely cybersecurity exercise content. This way, we abstract the events from the...
Hidden - Windows Driver With Usermode Interface Which Can Hide Processes, File-System And Registry Objects, Protect Processes And Etc
Hidden has been developed like a solution for reverse engineering and researching tasks. This is a windows driver with a usermode interface which is used for hiding specific environment on your windows machine, like installed RCE programs ex. procmon, wireshark, vm infrastructure ex. vmware tools...
Bearer - Code Security Scanning Tool (SAST) That Discover, Filter And Prioritize Security Risks And Vulnerabilities Leading To Sensitive Data Exposures (PII, PHI, PD)
Discover, filter, and prioritize security risks and vulnerabilities impacting your code. Bearer is a static application security testing SAST tool that scans your source code and analyzes your data flows to discover, filter and prioritize security risks and vulnerabilities leading to sensitive da...
Faraday - Open Source Vulnerability Management Platform
Security has two difficult tasks: designing smart ways of getting new information, and keeping track of findings to improve remediation efforts. With Faraday, you may focus on discovering vulnerabilities while we help you with the rest. Just use it in your terminal and get your work organized on...
S3Crets_Scanner - Hunting For Secrets Uploaded To Public S3 Buckets
S3cret Scanner tool designed to provide a complementary layer for the Amazon S3 Security Best Practices by proactively hunting secrets in public S3 buckets. Can be executed as scheduled task or On-Demand Automation workflow The automation will perform the following actions: 1. List the public...
AzureGraph - Azure AD Enumeration Over MS Graph
AzureGraph is an Azure AD information gathering tool over Microsoft Graph. Thanks to Microsoft Graph technology, it is possible to obtain all kinds of information from Azure AD, such as users, devices, applications, domains and much more. This application, allows you to query this data through th...
TripleCross - A Linux eBPF Rootkit With A Backdoor, C2, Library Injection, Execution Hijacking, Persistence And Stealth Capabilities.
TripleCross is a Linux eBPF rootkit that demonstrates the offensive capabilities of the eBPF technology. TripleCross is inspired by previous implant designs in this area, notably the works of Jeff Dileo at DEFCON 271, Pat Hogan at DEFCON 292, Guillaume Fournier and Sylvain Afchain also at DEFCON...
Usbsas - Tool And Framework For Securely Reading Untrusted USB Mass Storage Devices
usbsas is a free and open source GPLv3 tool and framework for securely reading untrusted USB mass storage devices. Description Following the concept of defense in depth and the principle of least privilege, usbsas's goal is to reduce the attack surface of the USB stack. To achieve this, most of t...
pyFlipper - Unoffical Flipper Zero Cli Wrapper Written In Python
Unoffical Flipper Zero cli wrapper written in Python Functions and characteristics: Flipper serial CLI wrapper Websocket client interface Setup instructions: $ git clone https://github.com/wh00hw/pyFlipper.git $ cd pyFlipper $ python3 -m venv venv $ source venv/bin/activate $ pip install -r...
Bpflock - eBPF Driven Security For Locking And Auditing Linux Machines
bpflock - eBPF driven security for locking and auditing Linux machines. Note: bpflock is currently in experimental stage , it may break, options and security semantics may change, some BPF programs will be updated to use Cilium ebpf library. 1. Introduction bpflock uses eBPF to strength Linux...
linWinPwn - A Bash Script That Automates A Number Of Active Directory Enumeration And Vulnerability Checks
linWinPwn is a bash script that automates a number of Active Directory Enumeration and Vulnerability checks. The script leverages and is dependent of a number of tools including: impacket, bloodhound, crackmapexec, ldapdomaindump, lsassy, smbmap, kerbrute, adidnsdump. Setup Git clone the reposito...