DNS-Black-Cat(DBC) - Multi Platform Toolkit For An Interactive DNS Shell Commands Exfiltration, By Using DNS-Cat You Will Be Able To Execute System Commands In Shell Mode Over DNS Protocol

Multi-platform toolkit for an interactive C2C DNS shell, by using DNS-Black-Cat, you will be able to execute system commands in shell mode over a fully encrypted covert channel. Server ported as a python script, which acts as DNS server with required functionalities to provide interactive shell...

Qvm-Create-Windows-Qube - Spin Up New Windows Qubes Quickly, Effortlessly And Securely

qvm-create-windows-qube is a tool for quickly and conveniently installing fresh new Windows qubes with Qubes Windows Tools QWT drivers automatically. It officially supports Windows 7, 8.1 and 10 as well as Windows Server 2008 R2, 2012 R2, 2016 and 2019. The project emphasizes correctness, securit...

Php_Code_Analysis - San your PHP code for vulnerabilities

This script willscan your code the script can find 1. checkfileupload issues 2. hostheaderinjection 3. SQl injection 4. insecure deserialization 5. openredirect 6. SSRF 7. XSS 8. LFI 9. commandinjection features 1. fast 2. simple report usage: python code.py this will scan one file python code.py...

Solr-GRAB - Steal Apache Solr Instance Queries With Or Without A Username And Password

Steal Apache Solr instance Queries with or without a username and password. DISCLAIMER : This project should be used for authorized testing and educational purposes only. Download git clone https://github.com/GnosticPlayers/Solr-GRAB Usage You can search for Apache Solr Instances via Censys, with...

CiLocks - Android LockScreen Bypass

CiLocks - Android LockScreen Bypass Features Brute Pin 4 Digit Brute Pin 6 Digit Brute LockScreen Using Wordlist Bypass LockScreen Antiguard Not Support All OS Version Root Android Supersu Not Support All OS Version Steal File Reset Data Required - Adb Android SDK - Cable Usb - Android Emulator...

MurMurHash - Tool To Calculate A MurmurHash Value Of A Favicon To Hunt Phishing Websites On The Shodan Platform

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform. What is MurMurHash? MurmurHash is a non-cryptographic hash function suitable for general hash-based lookup. The name comes from two basic operations, multiply MU and rotate R, used i...

AMSITrigger - The Hunt For Malicious Strings

Hunting for Malicious Strings Usage: AMSI calls xmas tree mode -d, --debug Show Debug Info -m, --maxsiglength=VALUE Maximum signature Length to cater for, default=2048 -c, --chunksize=VALUE Chunk size to send to AMSIScanBuffer, default=4096 -h, -?, --help Show Help " -i, --inputfile=VALUE...

SQLFluff - A SQL Linter And Auto-Formatter For Humans

SQLFluff is a dialect-flexible and configurable SQL linter. Designed with ELT applications in mind, SQLFluff also works with jinja templating and dbt. SQLFluff will auto-fix most linting errors, allowing you to focus your time on what matters. Getting Started To get started, install the package a...

Charlotte - C++ Fully Undetected Shellcode Launcher

c++ fully undetected shellcode launcher ; releasing this to celebrate the birth of my newborn description 13/05/2021: 1. c++ shellcode launcher, fully undetected 0/26 as of 13th May 2021. 2. dynamic invoking of win32 api functions 3. XOR encryption of shellcode and function names 4. randomised XO...

GraphQLmap - A Scripting Engine To Interact With A Graphql Endpoint For Pentesting Purposes

GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. Install $ git clone https://github.com/swisskyrepo/GraphQLmap $ python graphqlmap.py / | | | / | | | | | | | | | | | | | | | '/ | ' | ' | | | | | | ' \ / | ' \ | || | | | | | | | | | | || | || | | | | |...

DivideAndScan - Divide Full Port Scan Results And Use It For Targeted Nmap Runs

DivideEt Impera And Scan and also merge the scan results D ivideA ndS can is used to efficiently automate port scanning routine by splitting it into 3 phases: 1. Discover open ports for a bunch of targets. 2. Run Nmap individually for each target with version grabbing and NSE actions. 3. Merge th...

AutoPentest-DRL - Automated Penetration Testing Using Deep Reinforcement Learning

AutoPentest-DRL is an automated penetration testing framework based on Deep Reinforcement Learning DRL techniques. The framework determines the most appropriate attack path for a given network, and can be used to execute a simulated attack on that network via penetration testing tools, such as...

ABPTTS - TCP Tunneling Over HTTP/HTTPS For Web Application Servers

A Black Path Toward The Sun TCP tunneling over HTTP for web application servers https://www.blackhat.com/us-16/arsenal.htmla-black-path-toward-the-sun Ben Lincoln, NCC Group, 2016 ABPTTS uses a Python client script and a web application server page/package1 to tunnel TCP traffic over an HTTP/HTTP...

Etherblob-Explorer - Search And Extract Blob Files On The Ethereum Blockchain Network

Search and extract blob files on the Ethereum network using Etherscan.io API. Introduction EtherBlob Explorer is a tool intended for researchers, analysts, CTF players or anyone curious enough wanting to search for different kinds of files or any meaningful human-supplied data on the Ethereum...

IPED - Digital Forensic Tool - Process And Analyze Digital Evidence, Often Seized At Crime Scenes By Law Enforcement Or In A Corporate Investigation By Private Examiners

IPED is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by private examiners. Introduction IPED - Digital Evidence Processor and Indexer translated from Portuguese is a tool implement...

Ghidra-Evm - Module For Reverse Engineering Smart Contracts

In the last few years, attacks on deployed smart contracts in the Ethereum blockchain have ended up in a significant amount of stolen funds due to programming mistakes. Since smart contracts, once compiled and deployed, are complex to modify and update different practitioners have suggested the...

Msldap - LDAP Library For Auditing MS AD

msldap LDAP library for MS AD Documentation Awesome documentation here! Features Comes with a built-in console LDAP client All parameters can be conrolled via a conveinent URL see below Supports integrated windows authentication SSPI both with NTLM and with KERBEROS Supports channel binding for...

Mediator - An Extensible, End-To-End Encrypted Reverse Shell With A Novel Approach To Its Architecture

Mediator is an end-to-end encrypted reverse shell in which the operator and the shell connect to a "mediator" server that bridges the connections. This removes the need for the operator/handler to set up port forwarding in order to listen for the connection. Mediator also allows you to create...

Corsair_Scan - A Security Tool To Test Cross-Origin Resource Sharing (CORS)

Corsairscan is a security tool to test Cross-Origin Resource Sharing CORS misconfigurations. CORS is a mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served. If this is not properly configured,...

Eyeballer - Convolutional Neural Network For Analyzing Pentest Screenshots

Eyeballer is meant for large-scope network penetration tests where you need to find "interesting" targets from a huge set of web-based hosts. Go ahead and use your favorite screenshotting tool like normal EyeWitness or GoWitness and then run them through Eyeballer to tell you what's likely to...

DFIR-O365RC - PowerShell Module For Office 365 And Azure AD Log Collection

PowerShell module for Office 365 and Azure AD log collection Module description The DFIR-O365RC PowerShell module is a set of functions that allow the DFIR analyst to collect logs relevant for Office 365 Business Email Compromise investigations. The logs are generated in JSON format and retrieved...

Red-Kube - Red Team K8S Adversary Emulation Based On Kubectl

Red Kube is a collection of kubectl commands written to evaluate the security posture of Kubernetes clusters from the attacker's perspective. The commands are either passive for data collection and information disclosure or active for performing real actions that affect the cluster. The commands...

CIMplant - C# Port Of WMImplant Which Uses Either CIM Or WMI To Query Remote Systems

C port of WMImplant which uses either CIM or WMI to query remote systems. It can use provided credentials or the current user's session. Note: Some commands will use PowerShell in combination with WMI, denoted with in the --show-commands command. Introduction CIMplant is a C rewrite and expansion...

Httpx - A Fast And Multi-Purpose HTTP Toolkit Allows To Run Multiple Probers Using Retryablehttp Library, It Is Designed To Maintain The Result Reliability With Increased Threads

httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads. Features Simple and modular code base making it easy to contribute. Fast And fully configurable flags to probe mutipl...

Mubeng - An Incredibly Fast Proxy Checker And IP Rotator With Ease

An incredibly fast proxy checker & IP rotator with ease. Features Proxy IP rotator : Rotates your IP address for every specific request. Proxy checker : Check your proxy IP which is still alive. All HTTP/S methods are supported. HTTP & SOCKSv5 proxy protocols apply. All parameters & URIs are...

R77-Rootkit - Fileless Ring 3 Rootkit With Installer And Persistence That Hides Processes, Files, Network Connections, Etc...

Ring 3 rootkit r77 is a ring 3 Rootkit that hides following entities from all processes: Files, directories, junctions, named pipes, scheduled tasks Processes CPU usage Registry keys & values Services TCP & UDP connections It is compatible with Windows 7 and Windows 10 in both x64 and x86 edition...

3klCon - Automation Recon Tool Which Works With Large And Medium Scope

Full Automation Recon tool which works with Small and Medium scopes. ّIt's recommended to use it on VPS, it'll discover secrets and searching for vulnerabilities So, Welcome and let's deep into it 3 Updates Version 1.1, what's new? Very Recommended 1. Fixing multiple issues with the used tools. 2...

Snuffleupagus - Security Module For Php7 And Php8 - Killing Bugclasses And Virtual-Patching The Rest!

Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest! Snuffleupagus is a PHP 7+ and 8+ module designed to drastically raise the cost of attacks against websites, by killing entire bug classes. It also provides a powerful virtual-patching system, allowing...

ByeIntegrity-UAC - Bypass UAC By Hijacking A DLL Located In The Native Image Cache

Bypass User Account Control UAC to gain elevated Administrator privileges to run any program at a high integrity level. Requirements Administrator account UAC notification level set to default or lower How it works ByeIntegrity hijacks a DLL located in the Native Image Cache NIC. The NIC is used ...

APSoft-Web-Scanner-v2 - Powerful Dork Searcher And Vulnerability Scanner For Windows Platform

APSoftWebscanner Version 2 new version of APSoft Webscanner Version 1 Software pictures What can i do with this ? with this software, you will be able to search your dorks in supported search engines and scan grabbed urls to find their vulnerabilities. in addition , you will be able to generate...

Short story about Clubhouse user scraping and social graphs

TL;DR During this RedTeam testing, Hexway team used Clubhouse as a social engineering tool to find out more about their client’s employees. UPDATE: While Hexway were preparing this article for publication, cybernews.com reported: 1.3 million scraped user records leaked online for free In this...

VAST - Visibility Across Space And Time

The network telemetry engine for data-driven security investigations. Getting Started — Installation — Documentation — Development — Changelog — License and Scientific Use Chat with us on Gitter, or join us on Matrix at tenzirvast:gitter.im. Key Features High-Throughput Ingestion : import numerou...

Baserunner - A Tool For Exploring Firebase Datastores

A tool for exploring and exploiting Firebase datastores. Set up 1. git clone https://github.com/iosiro/baserunner.git 2. cd baserunner 3. npm install 4. npm run build 5. npm start 6. Go to http://localhost:3000 in your browser. Usage The Baserunner interface looks like this: First, use the...

DNSObserver - A Handy DNS Service Written In Go To Aid In The Detection Of Several Types Of Blind Vulnerabilities

A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for out-of-band DNS interactions and sends notifications with the received request's details via Slack. DNSObserver can help you find bugs such as blind OS command...

CyberBattleSim - An Experimentation And Research Platform To Investigate The Interaction Of Automated Agents In An Abstract Simulated Network Environments

CyberBattleSim is an experimentation research platform to investigate the interaction of automated agents operating in a simulated abstract enterprise network environment. The simulation provides a high-level abstraction of computer networks and cyber security concepts. Its Python-based Open AI G...

Lucifer - A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration And More...

A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life Setup git clone https://github.com/Skiller9090/Lucifer.git cd Lucifer pip install -r...

Waybackurls - Fetch All The URLs That The Wayback Machine Knows About For A Domain

Accept line-delimited domains on stdin, fetch known URLs from the Wayback Machine for .domain and output them on stdout. Usage example: ▶ cat domains.txt | waybackurls urls Install: ▶ go get github.com/tomnomnom/waybackurls Credit This tool was inspired by @mhmdiaa's waybackurls.py script. Thanks...

Kiterunner - Contextual Content Discovery Tool

For the longest of times, content discovery has been focused on finding files and folders. While this approach is effective for legacy web servers that host static files or respond with 3xx’s upon a partial path, it is no longer effective for modern web applications, specifically APIs. Over time,...

Red-Detector - Scan Your EC2 Instance To Find Its Vulnerabilities Using Vuls.io

Scan your EC2 instance to find its vulnerabilities using Vuls https://vuls.io/en/. Audit your EC2 instance to find security misconfigurations using Lynis https://cisofy.com/solutions/lynis. Scan your EC2 instance for signs of a rootkit using Chkrootkit http://www.chkrootkit.org/. Requirements 1...

WordPress-Brute-Force - Super Fast Login WordPress Brute Force

WordPress Brute Force Super Fast Login .---. .----------- / \ / ------ / / \ / ----- ////// ' / --- //// / // : ★★ : --- // / / / '-- // //..\ WpCrack Brute Froce Tool™ ====UU====UU========================== '//||\ '' usage: python WpCrack.py options optional arguments: -h, --help show this help...

CANalyse - A Vehicle Network Analysis And Attack Tool

CANalyse is a tool built to analyze the log files to find out unique datasets automatically and able to connect to simple user interfaces such as Telegram. Basically, while using this tool the attacker can provide a bot-ID and use the tool over the internet through telegram-bot. CANalyse is made ...

Judge-Jury-and-Executable - A File System Forensics Analysis Scanner And Threat Hunting Tool

Features: Scan a mounted filesystem for threats right away Or gather a system baseline before an incident, for extra threat hunting ability Can be used before, during or after an incident For one to many workstations Scans the MFT, bypassing file permissions, file locks or OS file...

Priv2Admin - Exploitation Paths Allowing You To (Mis)Use The Windows Privileges To Elevate Your Rights Within The OS

The idea is to "translate" Windows OS privileges to a path leading to: 1. administrator, 2. integrity and/or confidentiality threat, 3. availability threat, 4. just a mess. Privileges are listed and explained at: https://docs.microsoft.com/en-us/windows/win32/secauthz/privilege-constants If the...

KubeArmor - Container-aware Runtime Security Enforcement System

Introduction to KubeArmor KubeArmor is a container-aware runtime security enforcement system that restricts the behavior such as process execution, file access, networking operation, and resource utilization of containers at the system level. KubeArmor operates with Linux security modules LSMs,...

Botkube - An App That Helps You Monitor Your Kubernetes Cluster, Debug Critical Deployments And Gives Recommendations For Standard Practices

For complete documentation visit www.botkube.io BotKube integration with Slack, Mattermost or Microsoft Teams helps you monitor your Kubernetes cluster, debug critical deployments and gives recommendations for standard practices by running checks on the Kubernetes resources. You can also ask...

Pystinger - Bypass Firewall For Traffic Forwarding Using Webshell

Pystinger implements SOCK4 proxy and port mapping through webshell. It can be directly used by metasploit-framework, viper, cobalt strike for session online. Pystinger is developed in python, and currently supports three proxy scripts: php, jspx and aspx. Usage Suppose the domain name of the serv...

LibAFL - Advanced Fuzzing Library - Slot Your Fuzzer Together In Rust! Scales Across Cores And Machines. For Windows, Android, MacOS, Linux, No_Std, ...

Advanced Fuzzing Library - Slot your own fuzzers together and extend their features using Rust. LibAFL is written and maintained by Andrea Fioraldi [email protected] and Dominik Maier [email protected]. Why LibAFL? LibAFL gives you many of the benefits of an off-the-shelf fuzzer, while...

Evasor - A Tool To Be Used In Post Exploitation Phase For Blue And Red Teams To Bypass APPLICATIONCONTROL Policies

The Evasor is an automated security assessment tool which locates existing executables on the Windows operating system that can be used to bypass any Application Control rules. It is very easy to use, quick, saves time and fully automated which generates for you a report including description,...

Duplicut - Remove Duplicates From MASSIVE Wordlist, Without Sorting It (For Dictionary-Based Password Cracking)

Quickly dedupe massive wordlists, without changing the order Created by nil0x42 and contributors Overview Modern password wordlist creation usually implies concatenating multiple data sources. Ideally, most probable passwords should stand at start of the wordlist, so most common passwords are...

WinPmem - The Multi-Platform Memory Acquisition Tool

The WinPmem memory acquisition driver and userspace WinPmem has been the default open source memory acquisition driver for windows for a long time. It used to live in the Rekall project, but has recently been separated into its own repository. Copyright This code was originally developed within...