LinuxCatScale - Incident Response Collection And Processing Scripts With Automated Reporting Scripts

Linux CatScale is a bash script that uses live of the land tools to collect extensive data from Linux based hosts. The data aims to help DFIR professionals triage and scope incidents. An Elk Stack instance also is configured to consume the output and assist the analysis process. Usage This script...

Webstor - A Script To Quickly Enumerate All Websites Across All Of Your Organization'S Networks, Store Their Responses, And Query For Known Web Technologies, Such As Those With Zero-Day Vulnerabilities

WebStor is a tool implemented in Python under the MIT license for quickly enumerating all websites across all of your organization's networks, storing their responses, and querying for known web technologies and versions, such as those with zero-day vulnerabilities. It is intended, in particular,...

On-The-Fly - Tool Which Gives Capabilities To Perform Pentesting Tests In Several Domains (IoT, ICS & IT)

▒█████ ███▄ █ ▄▄▄█████▓ ██░ ██ ▓█████ █████ ██▓ ▓██ ██▓ ▒██▒ ██▒ ██ ▀█ █ ▓ ██▒ ▓▒▒▓██░ ██ ▓█ ▀ ▓██ ▓██▒ ▒██ ██▒ ▒██░ ██▒▓██ ▀█ ██▒ ▒ ▓██░ ▒░░▒██▀▀██ ▒███ ▒████ ▒██░ ▒██ ██░ ▒██ ██░▓██▒ ▐▌██▒ ░ ▓██▓ ░ ░▓█ ░██ ▒▓█ ▄ ░▓█▒ ▒██░ ░ ▐██▓░ ░ ████▓▒░▒██░ ▓██░ ▒██▒ ░ ░▓█▒░██▓▒░▒████ ▒░▒█░ ▒░██████ ░ ██▒▓░ ...

Plution - Prototype Pollution Scanner Using Headless Chrome

Plution is a convenient way to scan at scale for pages that are vulnerable to client side prototype pollution via a URL payload. In the default configuration, it will use a hardcoded payload that can detect 11 of the cases documented here:...

Brutus - An Educational Exploitation Framework Shipped On A Modular And Highly Extensible Multi-Tasking And Multi-Processing Architecture

An educational exploitation framework shipped on a modular and highly extensible multi-tasking and multi-processing architecture. Brutus: an Introduction Looking for version 1? See the branches in this repository. Brutus is an educational exploitation framework written in Python. It automates pre...

Eagle - Yet Another Vulnerability Scanner

Project Eagle is a plugin based vulnerabilities scanner with threading support used for detection of low-hanging bugs on mass scale .---. .----------- / \ / ------ / / \ / ----- ////// ' / --- Multipurpose vulnerability scanner //// / // : : --- v1.0b / / / / '-- 2019-2020 //..\ ====UU====UU====...

Browsertunnel - Surreptitiously Exfiltrate Data From The Browser Over DNS

Browsertunnel is a tool for exfiltrating data from the browser using the DNS protocol. It achieves this by abusing dns-prefetch, a feature intended to reduce the perceived latency of websites by doing DNS lookups in the background for specified domains. DNS traffic does not appear in the browser'...

Permission Manager - A Project That Brings Sanity To Kubernetes RBAC And Users Management, Web UI FTW

Welcome to the Permission Manager! Permission Manager is an application developed by SIGHUP that enables a super-easy and user-friendly RBACmanagement for Kubernetes. If you are looking for a simple and intuitive way of managing your users within a Kubernetes cluster, this is the right place. Wit...

T14M4T - Automated Brute-Forcing Attack Tool

t14m4t is an automated brute-forcing attack tool, wrapper of THC-Hydra and Nmap Security Scanner. t14m4t is scanning an user defined target or a document containing targets for open ports of services supported by t14m4t , and then starting brute-forcing attack against the services running on...

XposedOrNot - Tool To Search An Aggregated Repository Of Xposed Passwords Comprising Of ~850 Million Real Time Passwords

XposedOrNot XoN tool is to search an aggregated repository of xposed passwords comprising of 850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security. What is Xposed Passwords? The main aim of this project is to give a free platform for th...

FF Password Exporter - Easily Export Your Passwords From Firefox

It can be difficult to export your passwords from Firefox. Since version 57 of Firefox Quantum existing password export addons no longer work. Mozilla provides no other official alternatives. FF Password Exporter makes it quick and easy to export all of your passwords from Firefox. You can use FF...

RouterSploit v3.0 - Exploitation Framework For Embedded Devices

The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of various modules that aids penetration testing operations: exploits - modules that take advantage of identified vulnerabilities creds - modules designed to test credentials against...

Attackintel - Tool To Query The MITRE ATT&CK API For Tactics, Techniques, Mitigations, & Detection Methods For Specific Threat Groups

A simple python script to query the MITRE ATT&CK API for tactics, techniques, mitigations, & detection methods for specific threat groups. Goals Quickly align updated tactics, techniques, mitigation, and detection information from MITRE ATT&CK API for a specific threat Brush up on my python skill...

Whonow - A "Malicious" DNS Server For Executing DNS Rebinding Attacks On The Fly (Public Instance Running On Rebind.Network:53)

A malicious DNS server for executing DNS Rebinding attacks on the fly. whonow lets you specify DNS responses and rebind rules dynamically using domain requests themselves. respond to DNS queries for this domain with 52.23.194.42 the first time it is requested and then 192.168.1.1 every time after...

Bad-Pdf - Steal NTLM Hashes With A PDF From Windows Machines

Bad-PDF create malicious PDF to steal NTLM Hashes from windows machines, it utilize vulnerability disclosed by checkpoint team to create the malicious PDF file. Bad-Pdf reads the NTLM hashes using Responder listener. This method work on all PDF readersAny version and java scripts are not required...

LeakVM - Research & Pentesting Framework For Android, Run Security Tests Instantly

LeakVM: Run security tests instantly. Why LeakVM : LeakVM fast security test on Android, by skipping the time-consuming build pen-testing laboratories, you can test on real devices or virtual devices. LeakVM makes researchers and pen-testers more productive since they can run the test on real tim...

ipChecker - Check If A IP Is From Tor Or Is A Malicious Proxy

Tool to check if a given IP is a node tor or an open proxy. Why? Sometimes all your throttles are not enough to stop brute force attacks or any kind of massive attacks, so it can help you to drop, some attackers who use tor or open proxies. How it works The ipChecker has some plugins which scrap...

contact.sh - An OSINT tool to find contacts in order to report security vulnerabilities

An OSINT tool to find contacts in order to report security vulnerabilities. Installation Linux Make sure you have installed the whois and jq packages. $ git clone https://github.com/EdOverflow/contact.sh.git $ cd contact.sh/ $ chmod u+x contact.sh $ ./contact.sh -d google.com -c google OSX $ brew...

Stacer - Linux System Optimizer and Monitoring

Linux System Optimizer And Monitoring. Required Packages curl systemd Debian x64 1. Download stacer1.0.8amd64.deb from the Stacer releases page. 2. Run sudo dpkg -i stacer.deb on the downloaded package. 3. Launch Stacer using the installed stacer command. Fedora x64 1. Download stacer1.0.8x64.rpm...

SQLmap Tamper-API - SQLMap Tamper API To Accept Tamper Scripts From All Languages

It's an API for SQLmap tamper scripts allows you to use your favorite programming language to write your tamper scripts. This API solves SQLmap limitation of accepting only python to write tamper scripts. How it works taper-api.py script sends the payload and kwargs in a JSON format "payload": ""...

Wapiti 3.0.0 - The Web-Application Vulnerability Scanner

Wapiti allows you to audit the security of your websites or web applications. It performs "black-box" scans it does not study the source code of the web application by crawling the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets the list of...

WordPress Exploit Framework v1.8 - A Ruby Framework For Developing And Using Modules Which Aid In The Penetration Testing Of Wordpress

A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems. What do I need to run it? Ensure that you have Ruby = 2.4.2 installed on your system and then install all required dependencies by opening a command prompt / terminal ...

Crips - IP Tools To quickly get information about IP Address's, Web Pages and DNS records

This Tools is a collection of online IP Tools that can be used to quickly get information about IP Address's, Web Pages and DNS records. Menu Whois lookup Traceroute DNS Lookup Reverse DNS Lookup GeoIP Lookup Port Scan Reverse IP Lookup INSTALL & UPDATE Exit Whois lookup Determine the registered...

pcc - PHP Secure Configuration Checker

Check current PHP configuration for potential security flaws. Simply access this file from your webserver or run on CLI. Author This software was written by Ben Fuhrmannek, SektionEins GmbH, in an effort to automate php.ini checks and spend more time on cheerful tasks. Idea one single file for ea...

Exploit Pack - Penetration Testing Framework

Exploit Pack has been designed by an experienced team of software developers and exploit writers to automate processes so penetration testers can focus on what's really important. The threat. This blend of software engineers and subject matter experts provides an unique advantage by combining...

BaRMIe - Java RMI Enumeration And Attack Tool

BaRMIe is a tool for enumerating and attacking Java RMI Remote Method Invocation services. RMI services often expose dangerous functionality without adequate security controls, however RMI services tend to pass under the radar during security assessments due to the lack of effective testing tools...

DorkNet - Selenium Powered Python Script To Automate Searching For Vulnerable Web Apps

Selenium powered Python script to automate searching the web for vulnerable applications. DorkNet can take a single dork or a list of dorks as arguments. After the proper command line arguments have been passed, the script will use Selenium and Geckodriver to find the results we want and save the...

IntRec-Pack - Intelligence and Reconnaissance Package/Bundle installer

Intelligence and Reconnaissance Package/Bundle installer. IntRec-Pack is a Bash script designed to download, install and deploy several quality OSINT, Recon and Threat Intelligence tools. Due to the fact it manages the installation of the various dependencies related to these programs as well it...

ACLight - PowerShell Script for Advanced Discovery of Privileged Accounts (includes Shadow Admins)

ACLight is a tool for discovering privileged accounts through advanced ACLs Access Lists analysis. It includes the discovery of Shadow Admins in the scanned network. The tool queries the Active Directory AD for its objects' ACLs and then filters and analyzes the sensitive permissions of each one...

Cameradar v2.0 - Hack into RTSP CCTV cameras

An RTSP stream access tool that comes with its library. Cameradar allows you to Detect open RTSP hosts on any accessible target host Detect which device model is streaming Launch automated dictionary attacks to get their stream route e.g.: /live.sdp Launch automated dictionary attacks to get the...

FLOSS - FireEye Labs Obfuscated String Solver (Automatically extract obfuscated strings from malware)

Rather than heavily protecting backdoors with hardcore packers, many malware authors evade heuristic detections by obfuscating only key portions of an executable. Often, these portions are strings and resources used to configure domains, files, and other artifacts of an infection. These key...

raven - Linkedin Information Gathering Tool

raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin. Please do not use this program to do stupid things. The author does not keep any responsability of what damage has been done by this program...

Nili - Tool for Network Scan, Man in the Middle, Protocol Reverse Engineering and Fuzzing

Nili is a Tool for Network Scan, Man in the Middle, Protocol Reverse Engineering and Fuzzing. Prerequisites Python - Python Programming Language Scapy - Interactive Packet Manipulation Program Netzob - Protocol Reverse Engineering, Modeling and Fuzzing Installing Here is some Instructions for...

BoopSuite - A Suite of Tools for Wireless Auditing and Security Testing

BoopSuite is an up and coming suite of wireless tools designed to be easy to use and powerful in scope, that support both the 2 and 5 GHz spectrums. Written purely in python. A handshake sniffer CLI and GUI, a monitor mode enabling script and a deauth script are all parts of this suite with more ...

DAws - Advanced Web Shell

There's multiple things that makes DAws better than every Web Shell out there: 1. Bypasses Security SystemsIPS, WAFs,etc like Suhosinuses up to 20 php functions just to get a command executed. 2. Drops CGI Shells and communicate with them to bypass Security Systems. 3. Uses the SSH Authorized Key...

Steamer - Import, Search, and Manage Public Password Breach Data

Import, manage, search public dumps. Do you have massive amounts of CSV, .sql, .txt, that have credentials, passwords, and hashes inside? Use Steamer to manage them! Load them into a MongoDB database, and either uses the console directly or just use the handy web interface complete with JSON...

getsploit - Command line utility for searching and downloading exploits

Command line search and download tool for Vulners Database inspired by searchsploit. It allows you to search online for the exploits across all the most popular collections: Exploit-DB , Metasploit , Packetstorm and others. The most powerful feature is immediate exploit source download right in...

PowerStager - A payload stager using PowerShell

This script creates an executable stager that downloads a selected powershell payload, loads it into memory and executes it using obfuscated EC methods. The script will also encrypt the stager for dynamic signatures and some additional obfuscation. This enables the actual payload to be executed...

PowerMeta - PowerShell Script to Search Publicly Files for a Particular Domain and Get the Associated MetaData

PowerMeta searches for publicly available files hosted on various websites for a particular domain by using specially crafted Google, and Bing searches. It then allows for the download of those files from the target domain. After retrieving the files, the metadata associated with them can be...

netattack - Scan and Attack Wireless Networks

The netattack.py is a python script that allows you to scan your local area for WiFi Networks and perform deauthentification attacks. The effectiveness and power of this script highly depends on your wireless card. USAGE EASY SCANNING FOR WIFI NETWORKS python netattack.py -scan -mon This example...

BrainDamage - A fully featured backdoor that uses Telegram as a C&C server

A python based backdoor which uses Telegram as C&C server. /\ /.\ ,.-'/ ",'-., -^ /-^: | \ | \ | | | | | | | | Coded by: Mehul [email protected] -- Github: https://github.com/mehulj94 -- Twitter: https://twitter.com/wayfarermj -- For windows only | | | | | | | | | / / | | | | | '/ / |...

ansvif - An Advanced Fuzzing Framework Designed To Find Vulnerabilities In C/C++ Code.

ansvif, written primarily in C++, is designed to find code bugs by throwing garbage input at programs to see how they react. This is great for finding bugs, because not every type of input is always handled, and buffers are not always checked, etc. It also comes in handy when writing and protecti...

RogueSploit - Powerfull social engeering Wi-Fi trap!

RogueSploit is an open source automated script made to create a Fake Acces Point, with dhcpd server, dns spoofing, host redirection, browserautopwn1 or autopwn2 or beef+mitmf. TO DO LIST: Add BeEF;DONE Add MITMF;DONE Add BDFProxy; Add SeToolkit; Add Hostapd as fake ap; Add some features; What you...

Halcyon - IDE for Nmap Script (NSE) Development

Halcyon is the first IDE specifically focused on Nmap Script NSE Development. This research idea was originated while writing custom Nmap Scripts for Enterprise Penetration Testing Scenarios. The existing challenge in developing Nmap Scripts NSE was the lack of a development environment that give...

Cyber Probe - Capturing, Analysing and Responding to Cyber Attacks

Cyberprobe is a distributed software architecture for monitoring of networks against attack. It consists of two components: cyberprobe, which collects data packets and forwards them over a network in standard streaming protocols; and cybermon which decodes protocols, and invokes user-defined logi...

passfault - OWASP Passfault evaluates passwords and enforces password policy in a completely different way

Objective: Do Passwords Better! Running the Command-line Interface: 1. install java 2. cd core 3. gradlew installDist 4. run build/install/core/bin/core Running the jsonWebService: 1. cd jsonService 2. gradlew build jettyRunWar 3. browse to localhost:8080/jsonService Note the war will be located ...

Automato - Automating the user-focused enumeration tasks during an internal penetration test

automato should help with automating some of the user-focused enumeration tasks during an internal penetration test. automato is also capable of conducting limited brute force attacks such as: Testing to see if a list of users with a common password exists in the target domain Identifying if a...

KickThemOut - Kick Devices Off Your Network

A tool to kick devices out of your network and enjoy all the bandwidth for yourself. It allows you to select specific or all devices and ARP spoofs them off your local area network. Compatible with Python 2.6 & 2.7. Authors: Nikolaos Kamarinakis & David Schütz Installation You can download...

BARF - A multiplatform open source Binary Analysis and Reverse engineering Framework

The analysis of binary code is a crucial activity in many areas of the computer sciences and software engineering disciplines ranging from software security and program analysis to reverse engineering. Manual binary analysis is a difficult and time-consuming task and there are software tools that...

dedsploit - Framework For Attacking Network Protocols

Framework for attacking network protocols and network exploitation. I. Introduction I don't look back anymore. I don't regret. I look forward Aiden Pearce Yes, Watch Dogs has heavily influenced us when writing this framework. This entire project brought upon a lot of the ideals from the Watch Dog...