6011 matches found
Nikto2 - Web Server Scanner
Nikto is an Open Source GPL web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks...
Cupp - Common User Passwords Profiler
The most common form of authentication is the combination of a username and a password or passphrase. If both match values stored within a locally stored table, the user is authenticated for a connection. Password strength is a measure of the difficulty involved in guessing or breaking the passwo...
BypassWAF - Burp Plugin to Bypass Some WAF Devices
Add headers to all Burp requests to bypass some WAF products. This extension will automatically add the following headers to all requests. X-Originating-IP: 127.0.0.1 X-Forwarded-For: 127.0.0.1 X-Remote-IP: 127.0.0.1 X-Remote-Addr: 127.0.0.1 Usage Steps include: 1. Add extension to burp 2. Create...
DAws - Advanced Web Shell (Windows/Linux)
There's multiple things that makes DAws better than every Web Shell out there: 1. Bypasses Disablers; DAws isn't just about using a particular function to get the job done, it uses up to 6 functions if needed, for example, if shellexec was disabled it would automatically use exec or passthru or...
Windows Password Kracker - Free Windows Password Recovery Software
Windows Password Kracker is a free software to recover the lost or forgotten Windows password. It can quickly recover the original windows password from either LM LAN Manager or NTLM NT LAN Manager Hash. Windows encrypts the login password using LM or NTLM hash algorithm. Since these are one way...
THC-Hydra 8.1 - Network Logon Cracker
A very fast network logon cracker which support many different services. See feature sets and services coverage page - incl. a speed comparison against ncrack and medusa.Number one of the biggest security holes are passwords, as every password security study shows. This tool is a proof of concept...
Netsparker v3.5.5 - Web Application Security Scanner
Netsparker Web Application Security Scanner can find and report web application vulnerabilities such as SQL Injection and Cross-site Scripting XSS and security issues on all web applications and websites regardless of the platform and the technology they are built on. Netsparker is very easy to u...
Shellter v1.7 - Dynamic ShellCode Injector Tool
Shellter is a dynamic shellcode injection tool, and probably the first dynamic PE infector ever created. It can be used in order to inject shellcode into native Windows applications currently 32-bit apps only. The shellcode can be something yours or something generated through a framework, such a...
PwnPi - A Pen Test Drop Box distro for the Raspberry Pi
PwnPi is a Linux-based penetration testing dropbox distribution for the Raspberry Pi. It currently has 200+ network security tools pre-installed to aid the penetration tester. It is built a stripped down version of the Debian Wheezy image from the Raspberry Pi foundation's website and uses Openbo...
Hooker - Automated Dynamic Analysis of Android Applications
Hooker is an opensource project for dynamic analysis of Android applications. This project provides various tools and applications that can be use to automaticaly intercept and modify any API calls made by a targeted application. It leverages Android Substrate framework to intercept these calls a...
Liffy - Local File Inclusion Exploitation Tool
Liffy is a tool written in Python designed to exploit local file inclusion vulnerabilities using three different techniques that will get you a working web shell. The first two make use of the built-in PHP wrappers php://input and data://. The third makes use of the process control extension call...
[SSLsplit] Transparent and scalable SSL/TLS interception
SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original...
[OutlookAttachView] View/Extract/Save Outlook Attachments
OutlookAttachView scans all messages stored in your Outlook, and displays the list of all attached files that it finds. You can easily select one or more attachments and save all of them into the desired folder, as well as you can delete unwanted large attachments that take too much disk space in...
[Wireless IDS] Ability to detect suspicious activity such as (WEP/WPA/WPS) attack by sniffing the air for wireless packets
Wireless IDS is an open source tool written in Python and work on Linux environment. This tool will sniff your surrounding air traffic for suspicious activities such as WEP/WPA/WPS attacking packets. It do the following Detect mass deauthentication sent to client / access point which unreasonable...
[Proxyp] Multithreaded Proxy Enumeration Utility
Proxyp is a small multithreaded Perl script written to enumerate latency, port numbers, server names, & geolocations of proxy IP addresses. This script started as a way to speed up use of proxychains, which is why I've added an append option for resulting live IP addresses to be placed at the end...
[flunym0us] Vulnerability Scanner for Wordpress and Moodle
Flunym0us is a Vulnerability Scanner for Wordpress and Moodle designed by Flu Project Team. Flunym0us has been developed in Python. Flunym0us performs dictionary attacks against Web sites. By default, Flunym0us includes a dictionary for Wordpress and other for Moodle. Operation Flunym0us requires...
[The Backdoor Factory] Backdoors win32 PE files
Backdoors win32 PE files, to continue normal file execution if the shellcode supports it, by patching the exe/dll directly. Some executables have built in protections, as such this will not work on all PE files. It is advisable that you test target PE files before deploying them to clients or usi...
[Hidden File Finder] Scan and discover all the Hidden files on your Windows
Hidden File Finder is the free software to quickly scan and discover all the Hidden files on your Windows system. It performs swift multi threaded scan of all the folders parallely and quickly uncovers all the hidden files. It automatically detects the Hidden Executable Files EXE, DLL, COM etc an...
[PyMal] The Malware Analysis Framework
PyMal is a python based interactive Malware Analysis Framework. It is built on the top of three pure python programes Pefile, Pydbg and Volatility. The main aim of the project is to combine all the Malware Analysis related tools into a single interface for rapid analysis. PyMal have several wrapp...
[Weevely] PHP Stealth Tiny Web Shell
Weevely is a stealth PHP web shell that provides a telnet-like console. It is an essential tool for web application post exploitation, and can be used as stealth backdoor or as a web shell to manage legit web accounts, even free hosted ones. Weevely is currently included in Backtrack and Backbox...
[NetworkMiner v1.4.1] Network Forensic Analysis Tool (NFAT)
NetworkMiner is a Network Forensic Analysis Tool NFAT for Windows but also works in Linux / Mac OS X / FreeBSD. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the...
ROPDump - A Command-Line Tool Designed To Analyze Binary Executables For Potential Return-Oriented Programming (ROP) Gadgets, Buffer Overflow Vulnerabilities, And Memory Leaks
ROPDump is a tool for analyzing binary executables to identify potential Return-Oriented Programming ROP gadgets, as well as detecting potential buffer overflow and memory leak vulnerabilities. Features Identifies potential ROP gadgets in binary executables. Detects potential buffer overflow...
ShellSweep - PowerShell/Python/Lua Tool Designed To Detect Potential Webshell Files In A Specified Directory
ShellSweep ShellSweeping the evil Why ShellSweep "ShellSweep" is a PowerShell/Python/Lua tool designed to detect potential webshell files in a specified directory. ShellSheep and it's suite of tools calculate the entropy of file contents to estimate the likelihood of a file being a webshell. High...
CloudGrappler - A purpose-built tool designed for effortless querying of high-fidelity and single-event detections related to well-known threat actors in popular cloud environments such as AWS and Azure
Permiso: https://permiso.io Read our release blog: https://permiso.io/blog/cloudgrappler-a-powerful-open-source-threat-detection-tool-for-cloud-environments CloudGrappler is a purpose-built tool designed for effortless querying of high-fidelity and single-event detections related to well-known...
BackDoorSim - An Educational Into Remote Administration Tools
BackdoorSim is a remote administration and monitoring tool designed for educational and testing purposes. It consists of two main components: ControlServer and BackdoorClient. The server controls the client, allowing for various operations like file transfer, system monitoring, and more. Disclaim...
FalconHound - A Blue Team Multi-Tool. It Allows You To Utilize And Enhance The Power Of Blo odHound In A More Automated Fashion
FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool. One of the challenging aspects of BloodHound is that it is a snapshot in time...
VED-eBPF - Kernel Exploit And Rootkit Detection Using eBPF
VED Vault Exploit Defense-eBPF leverages eBPF extended Berkeley Packet Filter to implement runtime kernel security monitoring and exploit detection for Linux systems. Introduction eBPF is an in-kernel virtual machine that allows code execution in the kernel without modifying the kernel source...
T3SF - Technical Tabletop Exercises Simulation Framework
T3SF is a framework that offers a modular structure for the orchestration of events based on a master scenario events list MSEL together with a set of rules defined for each exercise optional and a configuration that allows defining the parameters of the corresponding platform. The main module...
ModuleShifting - Stealthier Variation Of Module Stomping And Module Overloading Injection Techniques That Reduces Memory IoCs
ModuleShifting is stealthier variation of Module Stomping and Module overloading injection technique. It is actually implemented in Python ctypes so that it can be executed fully in memory via a Python interpreter and Pyramid, thus avoiding the usage of compiled loaders. The technique can be used...
Nodesub - Command-Line Tool For Finding Subdomains In Bug Bounty Programs
Nodesub is a command-line tool for finding subdomains in bug bounty programs. It supports various subdomain enumeration techniques and provides flexible options for customization. Features Perform subdomain enumeration using CIDR notation Support input list. Perform subdomain enumeration using AS...
WMIExec - Set Of Python Scripts Which Perform Different Ways Of Command Execution Via WMI Protocol
Set of python scripts which perform different ways of command execution via WMI protocol. Blog Post https://whiteknightlabs.com/2023/06/26/navigating-stealthy-wmi-lateral-movement/ Usage wmiexecscheduledjob.py Is a python script which authenticates to a remote WMI instance and execute commands vi...
Z9 - PowerShell Script Analyzer
Abstract This tools detects the artifact of the PowerShell based malware from the eventlog of PowerShell logging. Online Demo Install git clone https://github.com/Sh1n0g1/z9 How to use usage: z9.py -h --output OUTPUT -s --no-viewer --utf8 input positional arguments: input Input file path options:...
Redeye - A Tool Intended To Help You Manage Your Data During A Pentest Operation
This project was built by pentesters for pentesters. Redeye is a tool intended to help you manage your data during a pentest operation in the most efficient and organized way. The Developers Daniel Arad - @dandanarad && Elad Pticha - @eladpt Overview The Server panel will display all added server...
EndExt - Go Tool For Extracting All The Possible Endpoints From The JS Files
EndExt is a .go tool for extracting all the possible endpoints from the JS files Idea When you crawll all the JS files from waybackruls for example, or even collecting the JS files urls from your target website's home source page .. If the website was using API system and you wanna look for all t...
Firefly - Black Box Fuzzer For Web Applications
Firefly is an advanced black-box fuzzer and not just a standard asset discovery tool. Firefly provides the advantage of testing a target with a large number of built-in checks to detect behaviors in the target. Note: Firefly is in a very new stage v1.0 but works well for now, if the target does n...
TLDHunt - Domain Availability Checker
TLDHunt is a command-line tool designed to help users find available domain names for their online projects or businesses. By providing a keyword and a list of TLD top-level domain extensions, TLDHunt checks the availability of domain names that match the given criteria. This tool is particularly...
Sh4D0Wup - Signing-key Abuse And Update Exploitation Framework
Signing-key abuse and update exploitation framework. % docker run -it --rm ghcr.io/kpcyrd/sh4d0wup:edge -h Usage: sh4d0wup OPTIONS Commands: bait Start a malicious update server front Bind a http/https server but forward everything unmodified infect High level tampering, inject additional command...
PowerMeUp - A Small Library Of Powershell Scripts For Post Exploitation That You May Need Or Use!
This is a powershell reverse shell that executes the commands and or scripts that you add to the powerreverse.ps1 file as well as a small library of Post-Exploitation scripts. This also can be used for post exploitation and lateral movement even. Please use at your own risk I am not and will not ...
WindowSpy - A Cobalt Strike Beacon Object File Meant For Targetted User Surveillance
WindowSpy is a Cobalt Strike Beacon Object File meant for targetted user surveillance. The goal of this project was to trigger surveillance capabilities only on certain targets, e.g. browser login pages, confidential documents, vpn logins etc. The purpose was to increase stealth during user...
Tai-e - An Easy-To-Learn/Use Static Analysis Framework For Java
Tai-e What is Tai-e? Tai-e Chinese: 太阿; pronunciation: ˈtaɪə: is a new static analysis framework for Java please see our technical report for details, which features arguably the "best" designs from both the novel ones we proposed and those of classic frameworks such as Soot, WALA, Doop, and...
Monkey365 - Tool For Security Consultants To Easily Conduct Not Only Microsoft 365, But Also Azure Subscriptions And Azure Active Directory Security Configuration Reviews
Monkey365 is an Open Source security tool that can be used to easily conduct not only Microsoft 365, but also Azure subscriptions and Azure Active Directory security configuration reviews without the significant overhead of learning tool APIs or complex admin panels from the start. To help with...
Microsoft-365-Extractor-Suite - A Set Of PowerShell Scripts That Allow For Complete And Reliable Acquisition Of The Microsoft 365 Unified Audit Log
This suite of scripts contains two different scripts that can be used to acquire the Microsoft 365 Unified Audit Log Read the accompanying blog post on https://invictus-ir.medium.com/introduction-of-the-microsoft-365-extractor-suite-b85e148d4bfe 1. Microsoft365Extractor , the original script stem...
SharpEventPersist - Persistence By Writing/Reading Shellcode From Event Log
Persistence by writing/reading shellcode from Event Log. Usage The SharpEventPersist tool takes 4 case-sensitive parameters: -file "C:\path\to\shellcode.bin" -instanceid 1337 -source Persistence -eventlog "Key Management Service". The shellcode is converted to hex and written to the "Key Manageme...
Notionterm - Embed Reverse Shell In Notion Pages
Embedreverse shell in Notion pages. Hack while taking notes FOR: Hiding attacker IP in reverse shell No direct interaction between attacker and target machine. Notion is used as a proxy hosting the reverse shell Demo/Quick proof insertion within report High available and shareable reverse shell...
OffensiveNotion - Notion As A Platform For Offensive Operations
Notion yes, the notetaking app as a C2. Wait, What? Yes. But Why? What started as a meme grew into a full project. Just roll with it. Read more! Here's our blog post about it: We Put A C2 In Your Notetaking App: OffensiveNotion Features A full-featured C2 platform built on the Notion notetaking...
Request_Smuggler - Http Request Smuggling Vulnerability Scanner
Based on the amazing research by James Kettle. The tool can help to find servers that may be vulnerable to request smuggling vulnerability. Usage USAGE: requestsmuggler OPTIONS --url FLAGS: -h, --help Prints help information -V, --version Prints version information OPTIONS: --amount-of-payloads...
FACT - A Tool To Collect, Process And Visualise Forensic Data From Clusters Of Machines Running In The Cloud Or On-Premise
FACT is a tool to collect, process and visualise forensic data from clusters of machines running in the cloud or on-premise. Deployment For a basic single-node deployment, we recommend using Docker and Docker Compose. First, read docker-compose.yaml for configuration and requirements. Then, start...
WannaRace - WebApp Intentionally Made Vulnerable To Race Condition For Practicing Race Condition
WebApp intentionally made vulnerable to Race Condition Description Race Condition vulnerability can be practiced in the developed WebApp. Task is to buy a Mega Box using race condition that costs more than available vouchers. Two challenges are made for practice. Challenge B is to be solved when...
RiotPot - Resilient IoT And Operational Technology Honeypot
RIoTPot is an interoperable medium interaction honeypot, primarily focused on the emulation IoT and OT protocols, although, it is also capable of emulating other services. This services are loaded in the honeypot in the form of plugins, making RIoTPot a modular, and very transportable honeypot. T...
AirStrike - Automatically Grab And Crack WPA-2 Handshakes With Distributed Client-Server Architecture
Tool that automates cracking of WPA-2 Wi-Fi credentials using client-server architecture Requirements Airstrike uses Hashcat Brain Architecture, aircrack-ng suite, entr utility and some helper scripts. You can use install.sh script to download all dependencies if you're on system which has an...