6011 matches found
Nidhogg - All-In-One Simple To Use Rootkit For Red Teams
Nidhogg is a multi-functional rootkit for red teams. The goal of Nidhogg is to provide an all-in-one and easy-to-use rootkit with multiple helpful functionalities for red team engagements that can be integrated with your C2 framework via a single header file with simple usage, you can see an...
Kali Linux 2023.1 - Penetration Testing and Ethical Hacking Linux Distribution
Time for another Kali Linux release! – Kali Linux 2023.1. This release has various impressive updates. he changelog summary since the 2022.4 release from December: Kali Purple - The dawn of a new era. Kali is not only Offense, but starting to be defense Python Changes - Python 3.11 & PIP changes...
Cypherhound - Terminal Application That Contains 260+ Neo4j Cyphers For BloodHound Data Sets
A Python3 terminal application that contains 260+ Neo4j cyphers for BloodHound data sets. Why? BloodHound is a staple tool for every red teamer. However, there are some negative side effects based on its design. I will cover the biggest pain points I've experienced and what this tool aims to...
FISSURE - Frequency Independent SDR-based Signal Understanding and Reverse Engineering
Frequency Independent SDR-based Signal Understanding and Reverse Engineering FISSURE is an open-source RF and reverse engineering framework designed for all skill levels with hooks for signal detection and classification, protocol discovery, attack execution, IQ manipulation, vulnerability...
Concealed_Code_Execution - Tools And Technical Write-Ups Describing Attacking Techniques That Rely On Concealing Code Execution On Windows
Hunt& Hackett presents a set of tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows. Here you will find explanations of how these techniques work, receive advice on detection, and get sample source code for testing your detection coverag...
Hoaxshell - An Unconventional Windows Reverse Shell, Currently Undetected By Microsoft Defender And Various Other AV Solutions, Solely Based On Http(S) Traffic
hoaxshell is an unconventional Windows reverse shell, currently undetected by Microsoft Defender and possibly other AV solutions as it is solely based on https traffic. The tool is easy to use, it generates it's own PowerShell payload and it supports encryption ssl. So far, it has been tested on...
Peetch - An eBPF Playground
peetch is a collection of tools aimed at experimenting with different aspects of eBPF to bypass TLS protocol protections. Currently, peetch includes two subcommands. The first called dump aims to sniff network traffic by associating information about the source process with each packet. The secon...
Zenbuster - Multi-threaded URL Enumeration/Brute-Forcing Tool
ZenBuster is a multi-threaded, multi-platform URL enumeration tool written in Python by Zach Griffin @0xTas. I wrote this tool as a way to deepen my familiarity with Python, and to help increase my understanding of Cybersecurity tooling in general. ZenBuster may not be the fastest or most...
Nightingale - Docker Environment For Pentesting Which Having All The Required Tool For VAPT
In today's technological era, docker is the most powerful technology in each and every domain, whether it is Development, cyber security, DevOps, Automation, or Infrastructure. Considering the demand of the industry, I would like to introduce my idea to create a NIGHTINGALE: docker image for...
Dontgo403 - Tool To Bypass 40X Response Codes
dontgo403 is a tool to bypass 40X errors. Installation git clone https://github.com/devploit/dontgo403; cd dontgo403; go get; go build Customization If you want to edit or add new bypasses, you can add it directly to the specific file in payloads folder and the tool will use it. Options custom...
Narthex - Modular Personalized Dictionary Generator
Narthex Greek: Νάρθηξ, νάρθηκας is a modular & minimal dictionary generator for Unix and Unix-like operating system written in C and Shell. It contains autonomous Unix-style programs for the creation of personalised dictionaries that can be used for password recovery & security assessment. The...
ADenum - A Pentesting Tool That Allows To Find Misconfiguration Through The The Protocol LDAP And Exploit Some Of Those Weaknesses With Kerberos
AD Enum is a pentesting tool that allows to find misconfiguration through the protocol LDAP and exploit some of those weaknesses with Kerberos. cracking john -jp path John binary path -w wordList The path of the wordlist to be used john Default:...
Msticpy - Microsoft Threat Intelligence Security Tools
Microsoft Threat Intelligence Python Security Tools. msticpy is a library for InfoSec investigation and hunting in Jupyter Notebooks. It includes functionality to: query log data from multiple sources enrich the data with Threat Intelligence, geolocations and Azure resource data extract Indicator...
CarPunk - The Car Hacking Toolkit
CARPUNK IS VERY SIMILAR TO CANghost, ONLY THE DEFFERENCE IS, IT COMES WITH OPTIONS TO ENABLE OR DISABLE INTERFACE AND BASIC SNIFFING AS EXTRA. IT WORKS ON BOTH SIMULATION & REAL CARS. HAS THE OPTIONS TO RECORD AND PLAY THE CAN PACKETS. NO ANY ARGUMENTS REQUIRED WHEN RUNNING BUT NEED...
efiXplorer - IDA Plugin For UEFI Firmware Analysis And Reverse Engineering Automation
efiXplorer - IDA plugin for UEFI firmware analysis and reverse engineering automation Supported versions of Hex-Rays products: everytime we focus on last versions of IDA and Decompiler because we try to use most recent features from new SDK releases. That means we tested only on recent versions o...
Weakpass - Rule-Based Online Generator To Create A Wordlist Based On A Set Of Words
The tool generates a wordlist based on a set of words entered by the user. For example, during penetration testing, you need to gain access to some service, device, account, or Wi-Fi network that is password protected. For example, let it be the Wi-Fi network of EvilCorp. Sometimes, a password is...
ClearURLs - An Add-On Based On The New WebExtensions Technology And Will Automatically Remove Tracking Elements From URLs To Help Protect Your Privacy
ClearURLs is an add-on based on the new WebExtensions technology and is optimized for Firefox and Chrome based browsers. This extension will automatically remove tracking elements from URLs to help protect your privacy when browse through the Internet, which is regularly updated by us and can be...
BugBountyScanner - A Bash Script And Docker Image For Bug Bounty Reconnaissance
A Bash script and Docker image for Bug Bounty reconnaissance, intended for headless use. Low on resources, high on information output. Helpful? BugBountyScanner helped you net a bounty? Description Note: Using the script over a VPN is highly recommended. It's recommended to run BugBountyScanner...
pongoOS - A Pre-Boot Execution Environment For Apple Boards
A pre-boot execution environment for Apple boards built on top of checkra1n. Building on macOS Install Xcode + command-line utilities make clean all Building on Linux Download Sam Bingner's iOS Toolchain Copy scripts/arm64-apple-ios12.0.0-clang to a directory in $PATH Adjust the TOOLCHAIN variabl...
Scilla - Information Gathering Tool (DNS/Subdomain/Port Enumeration)
Information Gathering Tool - Dns/Subdomain/Port Enumeration Installation First of all, clone the repo locally git clone https://github.com/edoardottt/scilla.git Scilla has external dependencies, so they need to be pulled in: go get Working on installation... See the open issue. For now you can ru...
vPrioritizer - Tool To Understand The Contextualized Risk (vPRisk) On Asset-Vulnerability Relationship Level Across The Organization
As indicated by sources like vulndb & cve, on a daily basis, approximately 50 new vulnerabilities become known to industry and it’s safe to assume that count is going to increase furthermore. It’s a huge number of vulnerabilities to assess and remediate effectively and quickly. So today...
MZAP - Multiple Target ZAP Scanning
Multiple target ZAP Scanning / mzap is a tool for scanning NN in ZAP. Concept Installation go-get $ go get -u github.com/hahwul/mzap snapcraft $ sudo snap install mzap --devmode homebrew $ brew tap hahwul/mzap $ brew install mzap Usage Usage: mzap command Available Commands: ajaxspider Add...
PurpleCloud - An Infrastructure As Code (IaC) Deployment Of A Small Active Directory Pentest Lab In The Cloud
Pentest Cyber Range for a small Active Directory Domain. Automated templates for building your own Pentest/Red Team/Cyber Range in the Azure cloud! Purple Cloud is a small Active Directory enterprise deployment automated with Terraform / Ansible Playbook templates to be deployed in Azure. Purple...
CorsMe - Cross Origin Resource Sharing MisConfiguration Scanner
A Misconfiguration Scanner cors misconfiguration scanner tool based on golang with speed and precision in mind ! Misconfiguration type thisscanner can check for Reflect Origin checks Prefix Match Suffix Match Not Esacped Dots Null ThirdParties Like = github.io, repl.it etc. Taken from Chenjj's...
Attacker-Group-Predictor - Tool To Predict Attacker Groups From The Techniques And Software Used
The tool predicts attacker groups from techniques and softwares used. It searches based on the MITRE ATT&CK framework How it works? 1- Collect data from https://attack.mitre.org/ about attacker groups 2- Get data from user about attack 3- Compare data and create result Installation git clone...
Atlas - Quick SQLMap Tamper Suggester
Atlas is an open source tool that can suggest sqlmap tampers to bypass WAF/IDS/IPS, the tool is based on returned status code. Screen Installation $ git clone https://github.com/m4ll0k/Atlas.git atlas $ cd atlas $ python atlas.py python3+ Usage $ python atlas.py --url...
Domain Hunter - Checks Expired Domains For Categorization/Reputation And Archive.org History To Determine Good Candidates For Phishing And C2 Domain Names
Domain name selection is an important aspect of preparation for penetration tests and especially Red Team engagements. Commonly, domains that were used previously for benign purposes and were properly categorized can be purchased for only a few dollars. Such domains can allow a team to bypass...
Novahot - A Webshell Framework For Penetration Testers
novahot is a webshell framework for penetration testers. It implements a JSON-based API that can communicate with trojans written in any language. By default, it ships with trojans written in PHP, ruby, and python. Beyond executing system commands, novahot is able to emulate interactive terminals...
XSStrike v2.0 - An Advanced XSS Detection And Exploitation Suit
XSStrike is an advanced XSS detection suite. It has a powerful fuzzing engine and provides zero false positive result using fuzzy matching. XSStrike is the first XSS scanner to generate its own payloads. It is intelligent enough to detect and break out of various contexts. Made by Somdev Sangwan...
BlackWidow - A Python Based Web Application Scanner To Gather OSINT And Fuzz For OWASP Vulnerabilities On A Target Website
BlackWidow is a python based web application spider to gather subdomains, URL's, dynamic parameters, email addresses and phone numbers from a target website. This project also includes Inject-X fuzzer to scan dynamic URL's for common OWASP vulnerabilities. DEMO VIDEO: FEATURES: Automatically...
SpookFlare - Meterpreter Loader Generator With Multiple Features For Bypassing Client-Side And Network-Side Countermeasures
SpookFlare has a different perspective to bypass security measures and it gives you the opportunity to bypass the endpoint countermeasures at the client-side detection and network-side detection. SpookFlare is a loader generator for Meterpreter Reverse HTTP and HTTPS stages. SpookFlare has custom...
Linux Soft Exploit Suggester - Search Exploitable Software On Linux
linux-soft-exploit-suggester finds exploits for all vulnerable software in a system helping with the privilege escalation. It focuses on software packages instead of Kernel vulnerabilities. python linux-soft-exploit-suggester.py -h | | | | | |·| || |/ | || |- //| || |·|- | || | / |- /| ||| |||/...
SMBMap - Samba Share Enumeration Tool
SMBMap allows users to enumerate samba share drives across an entire domain. List share drives, drive permissions, share contents, upload/download functionality, file name auto-download pattern matching, and even execute remote commands. This tool was designed with pen testing in mind, and is...
LFiFreak - An automated LFi Exploiter with Bind/Reverse Shells
LFiFreak is a tool for exploiting local file inclusions using PHP Input, PHP Filter and Data URI methods. Features Works with Windows, Linux and OS X Includes bind and reverse shell for both Windows and Linux Written in Python 2.7 Dependencies BeautifulSoup Download LFiFreak...
Hijacker v1.3 - All-in-One Wi-Fi Cracking Tools for Android
Hijacker is a Graphical User Interface for the penetration testing tools Aircrack-ng , Airodump-ng , MDK3 and Reaver. It offers a simple and easy UI to use these tools without typing commands in a console and copy&pasting MAC addresses. This application requires an ARM android device with a...
WMD (Weapon of Mass Destruction) - Python framework for IT security tools
This is a python tool with a collection of IT security software. The software is incapsulated in "modules". The modules does consist of pure python code and/or external third programs. Main functions 1 To use a module, run the command "use modulecall", e.g. "use apsniff", to activate the module. ...
FruityWifi v2.4 - Wireless Network Auditing Tool
FruityWifi is a wireless network auditing tool. The application can be installed in any Debian based system adding the extra packages. Tested in Debian, Kali Linux, Kali Linux ARM Raspberry Pi, Raspbian Raspberry Pi, Pwnpi Raspberry Pi, Bugtraq. v2.4 Utils have been added replaces "ifconfig -a"...
Cowrie - SSH Honeypot
Cowrie is a medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker. Cowrie is directly based on Kippo by Upi Tamminen desaster. Features Some interesting features: Fake filesystem with the ability to...
[Weevely v1.1] Stealth tiny PHP web shell
Weevely is a stealth PHP web shell that provides a telnet-like console. It is an essential tool for web application post exploitation , and can be used as stealth backdoor or as a web shell to manage legit web accounts, even free hosted ones. Weevely is currently included in Backtrack and Backbox...
[jSQL Injection v0.5] Java tool for automatic database injection
jSQL Injection is a lightweight application used to find database information from a distant server. jSQL is free, open source and cross-platform Windows, Linux, Mac OS X, Solaris. jSQL Injection change log - version 0.5 0.5 SQL shell Uploader 0.4 Admin page checker and preview Brute forcer md5...
Headerpwn - A Fuzzer For Finding Anomalies And Analyzing How Servers Respond To Different HTTP Headers
Install To install headerpwn, run the following command: go install github.com/devanshbatham/[email protected] Usage headerpwn allows you to test various headers on a target URL and analyze the responses. Here's how to use the tool: 1. Provide the target URL using the -url flag. 2. Create a...
HackerInfo - Infromations Web Application Security
Infromations Web Application Security install : sudo apt install python3 python3-pip pip3 install termcolor pip3 install google pip3 install optioncomplete pip3 install bs4 pip3 install prettytable...
ADOKit - Azure DevOps Services Attack Toolkit
Azure DevOps Services Attack Toolkit - ADOKit is a toolkit that can be used to attack Azure DevOps Services by taking advantage of the available REST API. The tool allows the user to specify an attack module, along with specifying valid credentials API key or stolen authentication cookie for the...
AcuAutomate - Unofficial Acunetix CLI Tool For Automated Pentesting And Bug Hunting Across Large Scopes
AcuAutomate is an unofficial Acunetix CLI tool that simplifies automated pentesting and bug hunting across extensive targets. It's a valuable aid during large-scale pentests, enabling the easy launch or stoppage of multiple Acunetix scans simultaneously. Additionally, its versatile functionality...
WebSecProbe - Web Security Assessment Tool, Bypass 403
A cutting-edge utility designed exclusively for web security aficionados, penetration testers, and system administrators. WebSecProbe is your advanced toolkit for conducting intricate web security assessments with precision and depth. This robust tool streamlines the intricate process of...
TEx - Telegram Monitor
TEx is a Telegram Explorer tool created to help Researchers, Investigators and Law Enforcement Agents to Collect and Process the Huge Amount of Data Generated from Criminal, Fraud, Security and Others Telegram Groups. BETA VERSION Please note that this project has been in beta for a few weeks, so...
DCVC2 - A Golang Discord C2 Unlike Any Other
This multi operating system compatible tool was created to leverage Discord's voice channels for command and control operations. This tool operates entirely over the Real-Time Protocol RTP primarily leveraging DiscordGo and leaves no pesky traces behind in text channels. It is a command line base...
Probable_Subdomains - Subdomains Analysis And Generation Tool. Reveal The Hidden!
Online tool: https://weakpass.com/generate/domains TL;DR During bug bounties, penetrations tests, red teams exercises, and other great activities, there is always a room when you need to launch amass, subfinder, sublister, or any other tool to find subdomains you can use to break through - like...
ProtectMyTooling - Multi-Packer Wrapper Letting Us Daisy-Chain Various Packers, Obfuscators And Other Red Team Oriented Weaponry
Script that wraps around multitude of packers, protectors, obfuscators, shellcode loaders, encoders, generators to produce complex protected Red Team implants. Your perfect companion in Malware Development CI/CD pipeline, helping watermark your artifacts, collect IOCs, backdoor and more...
FUD-UUID-Shellcode - Another shellcode injection technique using C++ that attempts to bypass Windows Defender using XOR encryption sorcery and UUID strings madness
Introduction Another shellcode injection technique using C++ that attempts to bypass Windows Defender using XOR encryption sorcery and UUID strings madness :. How it works Shellcode generation Firstly, generate a payload in binary format using either CobaltStrike or msfvenom for instance, in...