Pentestly - Python and Powershell internal Penetration Testing Framework

Pentestly is a combination of expanding Python tools for use in penetration tests. The goal is to utilize a familiar user interface while making contributions to the framework easy with the power of Python. Blog post: Pentestly Framework: When Pentesting Meets Python and Powershell Author:...

Nipe - Script To Redirect All Traffic From The Machine To The Tor Network

Script to redirect all the traffic from the machine to the Tor network. + AUTOR: Vinicius Gouvea + EMAIL: [email protected] + BLOG: https://medium.com/viniciusgouvea + GITHUB: https://github.com/HeitorG + FACEBOOK: https://fb.com/viniciushgouvea Installing: git clone...

JexBoss - Jboss Verify And Exploitation Tool

JexBoss is a tool for testing and exploiting vulnerabilities in JBoss Application Server. Requirements Python = 2.7.x Installation To install the latest version of JexBoss, please use the following commands: git clone https://github.com/joaomatosf/jexboss.git cd jexboss python jexboss.py Features...

PortDog - Simple Python Script to Detect Port Scanning Techniques

PortDog is a network anomaly detector aimed to detect port scanning techniques. It is entirely written in python and has easy-to-use interface. It was tested on Ubuntu 15. Please note that, it is not working on Windows OS due to suffering from capturing RAW packets.I am working on to write this...

InstaRecon - Automated Digital Reconnaissance

Automated basic digital reconnaissance. Great for getting an initial footprint of your targets and discovering additional subdomains. InstaRecon will do: DNS direct, PTR, MX, NS lookups Whois domains and IP lookups Google dorks in search of subdomains Shodan lookups Reverse DNS lookups on entire...

CuckooAutoInstall - Auto Installer Script for Cuckoo Sandbox

What is Cuckoo Sandbox? In three words, Cuckoo Sandbox is a malware analysis system. What does that mean? It simply means that you can throw any suspicious file at it and in a matter of seconds Cuckoo will provide you back some detailed results outlining what such file did when executed inside an...

[IDSwakeup] Collection of Tools to test network intrusion detection systems

IDSwakeup is a collection of tools that allows to test network intrusion detection systems. The main goal of IDSwakeup is to generate false attack that mimic well known ones, in order to see if NIDS detects them and generates false positives. This release of IDSwakeup includes: IDSwakeup The main...

[Weevely v1.1] Stealth tiny PHP web shell

Weevely is a stealth PHP web shell that provides a telnet-like console. It is an essential tool for web application post exploitation , and can be used as stealth backdoor or as a web shell to manage legit web accounts, even free hosted ones. Weevely is currently included in Backtrack and Backbox...

[Show Threads] Tool to list all the Threads in the running Process

Show Threads is the small command-line Tool to list all the Threads in the running Process. You can either specify the Process ID or Process Name to enumerate the threads. For each thread, it displays Thread ID and the Base Priority. Being a command-line tool makes it easy for automation. It can ...

[oclHashcat-plus v0.14] Worlds fastest md5crypt, phpass, mscash2 and WPA/WPA2 cracker

Features Worlds fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker Worlds first and only GPGPU based rule engine Free Multi-GPU up to 128 gpus Multi-Hash up to 15 million hashes Multi-OS Linux & Windows native binaries Multi-Platform OpenCL & CUDA support Multi-Algo see below Low resource...

Headerpwn - A Fuzzer For Finding Anomalies And Analyzing How Servers Respond To Different HTTP Headers

Install To install headerpwn, run the following command: go install github.com/devanshbatham/[email protected] Usage headerpwn allows you to test various headers on a target URL and analyze the responses. Here's how to use the tool: 1. Provide the target URL using the -url flag. 2. Create a...

Gftrace - A Command Line Windows API Tracing Tool For Golang Binaries

A command line Windows API tracing tool for Golang binaries. Note: This tool is a PoC and a work-in-progress prototype so please treat it as such. Feedbacks are always welcome! How it works? Although Golang programs contains a lot of nuances regarding the way they are built and their behavior in...

VectorKernel - PoCs For Kernelmode Rootkit Techniques Research

PoCs for Kernelmode rootkit techniques research or education. Currently focusing on Windows OS. All modules support 64bit OS only. NOTE Some modules use ExAllocatePool2 API to allocate kernel pool memory. ExAllocatePool2 API is not supported in OSes older than Windows 10 Version 2004. If you want...

CLZero - A Project For Fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors

A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors. About Thank you to @albinowax, @defparam and @d3d else this tool would not exist. Inspired by the tool Smuggler all attack gadgets adapted from Smuggler and...

AcuAutomate - Unofficial Acunetix CLI Tool For Automated Pentesting And Bug Hunting Across Large Scopes

AcuAutomate is an unofficial Acunetix CLI tool that simplifies automated pentesting and bug hunting across extensive targets. It's a valuable aid during large-scale pentests, enabling the easy launch or stoppage of multiple Acunetix scans simultaneously. Additionally, its versatile functionality...

Mass-Bruter - Mass Bruteforce Network Protocols

Mass bruteforce network protocols Info Simple personal script to quickly mass bruteforce common services in a large scale of network. It will check for default credentials on ftp, ssh, mysql, mssql...etc. This was made for authorized red team penetration testing purpose only. How it works 1. Use...

Utkuici - Nessus Automation

Today, with the spread of information technology systems, investments in the field of cyber security have increased to a great extent. Vulnerability management, penetration tests and various analyzes are carried out to accurately determine how much our institutions can be affected by cyber threat...

Aura - Python Source Code Auditing And Static Analysis On A Large Scale

Source code auditing and static code analysis Aura is a static analysis framework developed as a response to the ever-increasing threat of malicious packages and vulnerable code published on PyPI. Project goals: provide an automated monitoring system over uploaded packages to PyPI, alert on...

Concealed_Code_Execution - Tools And Technical Write-Ups Describing Attacking Techniques That Rely On Concealing Code Execution On Windows

Hunt& Hackett presents a set of tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows. Here you will find explanations of how these techniques work, receive advice on detection, and get sample source code for testing your detection coverag...

Pinecone - A WLAN Red Team Framework

Pinecone is a WLAN networks auditing tool, suitable for red team usage. It is extensible via modules, and it is designed to be run in Debian-based operating systems. Pinecone is specially oriented to be used with a Raspberry Pi, as a portable wireless auditing box. This tool is designed for...

Authcov - Web App Authorisation Coverage Scanning

Web app authorisation coverage scanning. Introduction AuthCov crawls your web application using a Chrome headless browser while logged in as a pre-defined user. It intercepts and logs API requests as well as pages loaded during the crawling phase. In the next phase it logs in under a different us...

AzureRT - A Powershell Module Implementing Various Azure Red Team Tactics

Powershell module implementing various cmdlets to interact with Azure and Azure AD from an offensive perspective. Helpful utilities dealing with access token based authentication, switching from Az to AzureAD and az cli interfaces, easy to use pre-made attacks such as Runbook-based command...

Labtainers - A Docker-based Cyber Lab Framework

Labtainers include more than 50 cyber lab exercises and tools to build your own. Import a single VM appliance or install on a Linux system and your students are done with provisioning and administrative setup, for these and future lab exercises. Consistent lab execution environments and automated...

Fb_Friend_List_Scraper - OSINT Tool To Scrape Names And Usernames From Large Friend Lists On Facebook, Without Being Rate Limited

OSINT tool to scrape names and usernames from large friend lists on Facebook, without being rate limited. Getting started: Install using pip: python -m pip install fb-friend-list-scraper Script is now installed as fbfriendlistscraper Run with -h or --help to show usage information. Usage: usage:...

KrbRelay - Framework For Kerberos Relaying

Relaying 3-headed dogs. More details at https://googleprojectzero.blogspot.com/2021/10/windows-exploitation-tricks-relaying.html and https://googleprojectzero.blogspot.com/2021/10/using-kerberos-for-authentication-relay.html This should be working on most fully patched Windows systems. There may ...

365Inspect - A PowerShell Script That Automates The Security Assessment Of Microsoft Office 365 Environments

Further the state of O365 security by authoring a PowerShell script that automates the security assessment of Microsoft Office 365 environments. Setup 365Inspect requires the administrative PowerShell modules for Microsoft Online, Azure AD We recommend installing the AzureADPreview module, Exchan...

Nosferatu - Lsass NTLM Authentication Backdoor

Lsass NTLM Authentication Backdoor How it Works First, the DLL is injected into the lsass.exe process, and will begin hooking authentication WinAPI calls. The targeted function is MsvpPasswordValidate, located in NtlmShared.dll. In the pursuit of not being detected, the hooked function will call...

Etl-Parser - Event Trace Log File Parser In Pure Python

Event Trace Log file reader in pure Python etl-parser is a pure Python 3 parser library for ETL Windows log files. ETL is the default format for ETW as well as the default format for the Kernel logger. etl-parser has no system dependencies, and will work well on both Windows and Linux. Since this...

Smuggler - An HTTP Request Smuggling / Desync Testing Tool

An HTTP Request Smuggling / Desync testing tool written in Python 3 Acknowledgements A special thanks to James Kettle for his research and methods into HTTP desyncs And a special thanks to Ben Sadeghipour for beta testing Smuggler and for allowing me to discuss my work at Nahamcon 2020 IMPORTANT...

Viper - Intranet Pentesting Tool With Webui

Viper is a graphical intranet penetration tool, which modularizes and weaponizes the tactics and technologies commonly used in the process of Intranet penetration Viper integrates basic functions such as bypass anti-virus software, intranet tunnel, file management, command line and so on Viper ha...

Reconky - A Great Content Discovery Bash Script For Bug Bounty Hunters Which Automate Lot Of Task And Organized It

Reconky is a script written in bash to automate the task of recon and information gathering.This Bash Script allows you to collect some information that will help you identify what to do next and where to look for the required target. Usage ./reconky.sh Main-Features It will Gathers Subdomains wi...

Assless-Chaps - Crack MSCHAPv2 Challenge/Responses Quickly Using A Database Of NT Hashes

Crack MSCHAPv2/NTLMv1 challenge/responses quickly using a database of NT hashes Introduction Assless CHAPs is an efficient way to recover the NT hash used in a MSCHAPv2/NTLMv1 exchange if you have the challenge and response e.g. from a WiFi EAP WPE attack. It requires a database of NT hashes,...

SharpEDRChecker - Checks Running Processes, Process Metadata, DLLs Loaded Into Your Current Process And The Each DLLs Metadata, Common Inst all Directories, Installed Services And Each Service Binaries Metadata, Installed Drivers And Each Drivers Metadata, All For The Presence Of Known Defensive Products Such As AV's, EDR's And Logging Tools

New and improved C Implementation of Invoke-EDRChecker. Checks running processes, process metadata, Dlls loaded into your current process and each DLLs metadata, common install directories, installed services and each service binaries metadata, installed drivers and each drivers metadata, all for...

Octopus WAF - Web Application Firewall Made In C Language And Use Libevent

OctopusWAF is a open source Web application firewall, is made in C language uses libevent to make multiple connections. First step Instal lib-pcre, if you use RPM based distros search pcre-devel package, in BSD based search in ports or brew... Need libevent-dev, on RPM distros libevent-devel,...

NoSQLi - NoSql Injection CLI Tool

NoSQL scanner and injector. About Nosqli I wanted a better nosql injection tool that was simple to use, fully command line based, and configurable. To that end, I began work on nosqli - a simple nosql injection tool written in Go. It aims to be fast, accurate, and highly usable, with an easy to...

SSJ - Your Everyday Linux Distribution Gone Super Saiyan

SSJ is s silly little script that relies on docker installed on your everyday Linux distribution Ubuntu, Debian, etc. and magically arms it with hundreds of penetration testing and forensics tools. All of these run with almost native performance as containers utilize the host kernel and thus is a...

Simple-Live-Data-Collection - Simple Live Data Collection Tool

How it works? 1- Build server 2- Connect with admin and client to server 3- To collect information, send the request to the server through the admin, and then to the client Installation git clone https://github.com/LetsDefend/Simple-Live-Data-Collection Server cd server python main.py Admin cd...

MEDUZA - A More Or Less Universal SSL Unpinning Tool For iOS

"MEDUZA" "медуза" means "jellyfish" in Ukrainian What is MEDUZA? It's a Frida-based tool, my replacement for SSLKillSwitch. I created it for in-house use, but then decided to opensource it. TBH, I hate open source, but the world is full of compromises... : How does it work? It's simple. First tim...

Enum4Linux - A Linux Alternative To Enum.Exe For Enumerating Data From Windows And Samba Hosts

A Linux alternative to enum.exe for enumerating data from Windows and Samba hosts. Enum4linux is a tool for enumerating information from Windows and Samba systems. It attempts to offer similar functionality to enum.exe formerly available from www.bindview.com. It is written in Perl and is basical...

Safety - Check Your Installed Dependencies For Known Security Vulnerabilities

Safety checks your installed dependencies for known security vulnerabilities. By default it uses the open Python vulnerability database Safety DB, but can be upgraded to use pyup.io's Safety API using the --key option. Installation Install safety with pip. Keep in mind that we support only Python...

Rakkess - Kubectl Plugin To Show An Access Matrix For K8S Server Resources

Review Access - kubectl plugin to show an access matrix for server resources Intro Have you ever wondered what access rights you have on a provided kubernetes cluster? For single resources you can use kubectl auth can-i list deployments, but maybe you are looking for a complete overview? This is...

Bbrecon - Python Library And CLI For The Bug Bounty Recon API

Bug Bounty Recon bbrecon is a free Recon-as-a-Service for bug bounty hunters and security researchers. The API aims to provide a continuously up-to-date map of the Internet "safe harbor" attack surface, excluding out-of-scope targets. It comes with an ergonomic CLI and Python library. This...

PivotSuite - A Network Pivoting Toolkit

PivotSuite is a portable, platform independent and powerful network pivoting toolkit, Which helps Red Teamers / Penetration Testers to use a compromised system to move around inside a network. It is a Standalone Utility, Which can use as a Server or as a Client. PivotSuite as a Server : If the...

SecureTea Project - The Purpose Of This Application Is To Warn The User (Via Various Communication Mechanisms) Whenever Their Laptop Accessed

Small IoT Internet of Things to notify users via Twitter, whenever someone accesses their laptop. This application uses the touchpad/mouse/wireless mouse to determine activity and is developed in Python and tested on Linux. The purpose of this application is to warn the user via various...

Faraday v3.2 - Collaborative Penetration Test and Vulnerability Management Platform

Here is a list of all the goodies in Faraday v3.2: Workspace names- with numbers! With this new version, workspaces’ names are now allowed to start with numbers before they could only start with letters. Search unconfirmed vulns In this version was added the filter to be able to show unconfirmed...

Cangibrina v0.8.7 - A Fast And Powerfull Dashboard (Admin) Finder

Dashboard Finder Cangibrina is a multi platform tool which aims to obtain the Dashboard of sites using brute-force over wordlist, google, nmap, and robots.txt Requirements: Python 2.7 mechanize PySocks beautifulsoup4 html5lib Nmap --nmap TOR --tor Install: Linux git clone...

MSDAT - Microsoft SQL Database Attacking Tool

MSDAT M icros oft SQL D atabase A ttacking T ool is an open source penetration testing tool that tests the security of Microsoft SQL Databases remotely. Usage examples of MSDAT: You have a Microsoft database listening remotely and you want to find valid credentials in order to connect to the...

Fi6S - IPv6 Network Scanner Designed To Be Fast

fi6s is a IPv6 port scanner designed to be fast. This is achieved by sending and processing raw packets asynchronously. The design and goal is pretty similar to Masscan, though it is not as full-featured yet. Building Building should be fairly easy on up-to-date distros. On Ubuntu 16.04 xenial it...

Powershell-RAT - Python Based Backdoor That Uses Gmail To Exfiltrate Data Through Attachment

Python based backdoor that uses Gmail to exfiltrate data as an e-mail attachment. This RAT will help someone during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends the information to an attacker as an e-mail attachment. Note: This...

Peanalyzer - Advanced Portable Executable File Analyzer And Disassembler

Advanced Portable Executable File Analyzer Python 3.6.4 Tested Working Usage python pyanalyzer.py --file file.exe --show all python pyanalyzer.py --file file.exe --disassemble all Video Dos Header File Header Optional Header Section Headers...