Onex - A Library Of Hacking Tools For Termux And Other Linux Distributions

"onex a hacking tools library." Onex is a kali linux hacking tools installer for termux and other linux distribution. It's package manager for hacker's. onex manage large number's of hacking tools that can be installed on single click.Using onex, you can install all hacking tools in Termux and...

Kali-Linux-Tools-Interface - Graphical Web Interface Developed To Facilitate The Use Of Security Information Tools

A graphical interface to use information security tools by the browser. Getting Started Kali Linux Tools Interface is a graphical interface to use information security tools by the browser. The project uses the Kali Linux tools as a reference because it is the distribution that has the largest...

Lazybee - Wordlist Generator Tool for Termux

Lazybee tool is a python based script from which you can generate random wordlist for brutefocre attacks. This tool has a unique features like wordlist generating time calculation and direct .txt saving in current directory. This tool works on both rooted Android device and Non-rooted Android...

NTLMRecon - A Tool To Enumerate Information From NTLM Authentication Enabled Web Endpoints

A fast and flexible NTLM reconnaissance tool without external dependencies. Useful to find out information about NTLM endpoints when working with a large set of potential IP addresses and domains. NTLMRecon is built with flexibilty in mind. Need to run recon on a single URL, an IP address, an...

ADB-Toolkit - Tool for testing your Android device

ADB-Toolkit is a BASH Script with 28 options and an METASPLOIT Section which has 6 options which is made to do easypenetration testing in Android Device. You can do preety much any thing with this script and test your android device is it safe or not. This script is made with the help of ADB...

hackerEnv - An Automation Tool That Quickly And Easily Sweep IPs And Scan Ports, Vulnerabilities And Exploit Them

hackerEnv is an automation tool that quickly and easily sweep IPs and scan ports, vulnerabilities and exploit them. Then, it hands you an interactive shell for further testing. Also, it generates HTML and docx reports. It uses other tools such as nmap, nikto, metasploit and hydra. Works in kali...

PENIOT - Penetration Testing Tool for IoT

PENIOT is a penetration testing tool for Internet of Things IoT devices. It helps you to test/penetrate your devices by targeting their internet connectivity with different types of security attacks. In other words, you can expose your device to both active and passive security attacks. After...

Lazymux - A Huge List Of Many Hacking Tools And PEN-TESTING Tools

Lazymux tools installer is very easy to use, only provided for lazy termux users; it's huge list of Many Hacking tools and PEN TESTING! NOTE: Am not Responsible of bad use of this project. Requirements • Linux environment • Python 2.x • git Installation and Using Lazymux git clone...

Keylogger - Get Keyboard, Mouse, ScreenShot, Microphone Inputs From Target Computer And Send To Your Mail

Inputs To Mail. Get Keyboard,Mouse,ScreenShot,Microphone Inputs and Send to your Mail. Purpose of the project is testing the security of information systems INSTALLATION pip install pynput USAGE •Set your own MAIL and PASSWORD on "keylogger.py". •Run main.py on Target Computer •Every 10 seconds,Y...

Bramble - A Hacking Open Source Suite

Bramble software has been designed for the bramble project. It incorporates many features of pentesting and IT Security. It's easy to use and completely editable. It allows beginners to learn hacking and gives more experienced users a customisable plug and play hacking tools so they can add their...

Docker for Pentest - Image With The More Used Tools To Create A Pentest Environment Easily And Quickly

Docker for pentest is an image with the more used tools to create an pentest environment easily and quickly. Features OS, networking, developing and pentesting tools installed. Connection to HTB Hack the Box vpn to access HTB machines. Popular wordlists installed: SecLists, dirb, dirbuster, fuzzd...

T14M4T - Automated Brute-Forcing Attack Tool

t14m4t is an automated brute-forcing attack tool, wrapper of THC-Hydra and Nmap Security Scanner. t14m4t is scanning an user defined target or a document containing targets for open ports of services supported by t14m4t , and then starting brute-forcing attack against the services running on...

Steganographer - Hide Files Or Data In Image Files

This Module will hide files inside images currenlty PNG and export the modified image to disk The maximum size of file which can be hidden inside an image depends on the dimension of the image. maxfilesize = heightofimage widthofimage 6 / 8 bytes '100k words.txt' is hidden in 'originalimage.png'...

Tsunami - A General Purpose Network Security Scanner With An Extensible Plugin System For Detecting High Severity Vulnerabilities With High Confidence

Tsunami is a general-purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence. To learn more about Tsunami, visit our documentations. Tsunami relies heavily on its plugin system to provide basic scanning capabilities. All...

Saferwall - A Hackable Malware Sandbox For The 21St Century

Saferwall is an open source malware analysis platform. It aims for the following goals: Provide a collaborative platform to share samples among malware researchers. Acts as a system expert, to help researchers generates an automated malware analysis report. Hunting platform to find new malwares...

WiFi Passview v4.0 - An Open Source Batch Script Based WiFi Passview For Windows!

WiFi Passview is an open-source batch script-based program that can recover your WiFi Password easily in seconds. This is for Windows OS only. Basically, this scripted program has the same function as other passview software such as webpassview and mailpassview. Visit Wiki Disclaimer : WiFi...

Capsulecorp-Pentest - Vagrant VirtualBox Environment For Conducting An Internal Network Penetration Test

Vagrant VirtualBox Environment For Conducting An Internal Network Penetration Test. 1. Capsulecorp Pentest The Capsulecorp Pentest is a small virtual network managed by vagrant and ansible. It contains five virtual machines, including one Linux attacking system running xubuntu and 4 Windows 2019...

Natlas - Scaling Network Scanning

You've got a lot of maps and they are getting pretty unruly. What do you do? You put them in a book and call it an atlas. This is like that, except it's a website and it's a collection of nmaps. The Natlas server doubles as a task manager for the agents to get work, allowing you to control the...

Maskprocessor - High-Performance Word Generator With A Per-Position Configureable Charset

High-Performance word generator with a per-position configureable charset Mask attack Try all combinations from a given keyspace just like in Brute-Force attack, but more specific. Advantage over Brute-Force The reason for doing this and not to stick to the traditional Brute-Force is that we want...

X64Dbg - An Open-Source X64/X32 Debugger For Windows

An open-source binary debugger for Windows, aimed at malware analysis and reverse engineering of executables you do not have the source code for. There are many features available and a comprehensive plugin system to add your own. You can find more information on the blog! Screenshots Installatio...

DroneSploit - Drone Pentesting Framework Console

This CLI framework is based on sploitkit and is an attempt to gather hacking techniques and exploits especially focused on drone hacking. For the ease of use, the interface has a layout that looks like Metasploit. Black Hat Europe Arsenal 2019 presentation Also see articles: Black Hat Europe: New...

Padding-Oracle-Attacker - CLI Tool And Library To Execute Padding Oracle Attacks Easily

CLI tool and library to execute padding oracle attacks easily, with support for concurrent network requests and an elegant UI. Install Make sure Node.js is installed, then run $ npm install --global padding-oracle-attacker or $ yarn global add padding-oracle-attacker CLI Usage Usage $...

Debotnet - A Tiny Portable Tool For Controlling Windows 10's Many Privacy-Related Settings And Keep Your Personal Data Private

A free and portable tool for controlling Windows 10's many privacy-related settings and keep your personal data private. Your preparation for the Net! The Windows 10 default privacy settings leave a lot to be desired when it comes to protecting you and your private information. Whenever I set up ...

Santa - A Binary Whitelisting/Blacklisting System For macOS

Santa is a binary whitelisting/blacklisting system for macOS. It consists of a kernel extension or a system extension on macOS 10.15+ that monitors for executions, a userland daemon that makes execution decisions based on the contents of a SQLite database, a GUI agent that notifies the user in ca...

FinDOM-XSS - A Fast DOM Based XSS Vulnerability Scanner With Simplicity

FinDOM-XSS is a tool that allows you to finding for possible and/ potential DOM based XSS vulnerability in a fast manner. Installation $ git clone https://github.com/dwisiswant0/findom-xss.git Dependencies: LinkFinder Configuration Change the value of LINKFINDER variable on line 3 with your main...

ParamSpider - Mining Parameters From Dark Corners Of Web Archives

ParamSpider : Parameter miner for humans. Key Features : Finds parameters from web archives of the entered domain. Finds parameters from subdomains as well. Gives support to exclude urls with specific extensions. Saves the output result in a nice and clean manner. It mines the parameters from web...

OWASP Threat Dragon - Cross-Platform Threat Modeling Application

Threat Dragon is a free, open-source, cross-platform threat modeling application including system diagramming and a rule engine to auto-generate threats/mitigations. It is an OWASP Incubator Project. The focus of the project is on great UX, a powerful rule engine and integration with other...

GIVINGSTORM - Infection Vector That Bypasses AV, IDS, And IPS

The beginnings of a C2 framework. Currently without all the C2 stuff so far. Generates a dual stage VBS infection vector, and a dual stage HTA infection vector. The variables take into account C2 addresses, Koadic/Empire payloads, and a few delivery mechanisms. The payload files are output to an...

Converting MBOX to Outlook Easily

Mail transfer is a common search query. Most commonly, users may migrate due to personal preferences, corporate policies, or support issues. Systems based on the MBOX format are tricky: you may easily export the files, but direct import to Outlook is impossible. That is unless you use the right...

WordListGen - Super Simple Python Word List Generator For Fuzzing And Brute Forcing In Python

Super Simple Python Word List Generator for Password Cracking Hashcat! I know what your are thinking. Why create another word list generator? Well, I needed something very simple I could modify on the fly to get the exact character generators for the task at hand. This script is fully functional ...

dorkScanner - A Typical Search Engine Dork Scanner Scrapes Search Engines With Dorks That You Provide In Order To Find Vulnerable URLs

A typical search engine dork scanner that scrapes search engines with queries that you provide in order to find vulnerable URLs. Introduction Dorking is a technique used by newsrooms, investigative organisations, security auditors as well as tech savvy criminals to query various search engines fo...

Harbian-Audit - Hardened Debian GNU/Linux Distro Auditing

Hardened Debian GNU/Linux and CentOS 8 distro auditing. The main test environment is in debian GNU/Linux 9/10 and CentOS 8, and other versions are not fully tested. There are no implementations of desktop and SELinux related items in this release. The code framework is based on the OVH-debian-cis...

Shhgit - Find GitHub Secrets In Real Time

Shhgit finds secrets and sensitive files across GitHub code and Gists committed in near real time by listening to the GitHub Events API. NEW: LIVE VERSION. Find GitHub secrets straight from your browser! Finding secrets in GitHub is nothing new. There are many great tools available to help with...

Scant3R - Web Security Scanner

ScanT3r - Web Security Scanner / / / / / \ / / / / / / / / / / // // / / / / / / / / ///,// /// /// Coded By : Khaled Nassar @knassar702 Detect This vulnerabilities Remote Code Execution Linux XSS Reflected Template Injection Jinja2 ERB Java Twig Freemarker SQlInjection ScreenShot: GIF...

Airshare - Cross-platform Content Sharing In A Local Network

Airshare is a Python-based CLI tool and module that lets you transfer data between two machines in a local network, P2P, using Multicast-DNS. It also opens an HTTP gateway for other non-CLI external interfaces. It works completely offline! Built with aiohttp and zeroconf. Checkout the demo...

Git All The Payloads! A Collection Of Web Attack Payloads

Git All the Payloads! A collection of web attack payloads. Pull requests are welcome! Usage run ./get.sh to download external payloads and unzip any payload files that are compressed. Payload Credits fuzzdb - https://github.com/fuzzdb-project/fuzzdb SecLists -...

Faxhell - A Bind Shell Using The Fax Service And A DLL Hijack

A Proof-of-Concept bind shell using the Fax service and a DLL hijack based on Ualapi.dll. See our writeup at: https://windows-internals.com/faxing-your-way-to-system/ How to use Build Ualapi.dll and place in c:\windows\system32 Start the Fax service, which will load the DLL and call the export...

Exe_To_Dll - Converts A EXE Into DLL

Converts an EXE, so that it can be loaded like a DLL. Supports both 32 and 64 bit DLLs Inspired by the idea of@guywhataguy. Read more here. Download: Fresh builds can be downloaded from the build server click on the build and choose the "Artifacts" tab Clone: Use recursive clone to get the repo...

HackingTool - ALL IN ONE Hacking Tool For Hackers

This project still in BETA so you may face problems, Please open an issue so i'll fix them..!! Hackingtool Menu AnonSurf Information Gathering Password Attack Wireless Attack SQL Injection Tools Phishing Attack Web Attack Tool Post exploitation Forensic Tools Payload Creator Router Exploit Wifi...

FastNetMon Community - Very Fast DDoS Analyzer With Sflow/Netflow/Mirror Support

FastNetMon - A high performance DoS/DDoS load analyzer built on top of multiple packet capture engines NetFlow, IPFIX, sFlow, AFPACKET, SnabbSwitch, netmap, PFRING obsoleted, PCAP. What do we do? We detect hosts in the deployed network sending or receiving large volumes of traffic,...

GoGhost - High Performance, Lightweight, Portable Open Source Tool For Mass SMBGhost Scan

GoGhost is a High Performance, lightweight, portable Open Source tool for mass SMBGhost Scan. Installation You can download Windows Binary or Linux Binary. Alternatively, GoGhost uses native Golang libraries so the line above would be fine to compile it: go build GoGhost.go Usage Options GoGhost...

How to Report IP Addresses

Spam is a common nuisance for users of the Internet. However, it is not just annoying - these messages may cause substantial harm. While businesses use spam as a cheap way of promotion, criminals send it to snatch sensitive data. Fortunately, there is a quick way to counteract the offenders. Ever...

Server Side Template Injection Payloads

Server-side template injection is when an attacker is able to use native template syntax to inject a malicious payload into a template, which is then executed server-side. Template engines are designed to generate web pages by combining fixed templates with volatile data. Server-side template...

Behave - A Monitoring Browser Extension For Pages Acting As Bad Boys

A Still in Development monitoring browser extension for pages acting as bad boys. NB : This is the code repository of the project, if you're looking for the packed extensions: Firefox: https://addons.mozilla.org/en-US/firefox/addon/behave/ Chrome:...

ShellGen - Reverse shell generator

This is a simple script that will generate a specific or all shellcodes for CTFs using the VPN IP address on tun0 the IPv4. INFORMATION Update has been made from sys library to argparse library done in version 0.8 Usage For help: shellgen -h shellgen --help If you want to skip update and just get...

KITT-Lite - Python-Based Pentesting CLI Tool

The KITT Penetration Testing Framework was developed as an open source solution for pentesters and programmers alike to compile the tools they use with what they know into an open source project. With KITT, users are able to easily access a list of commonly used tools to their profession which ar...

How AI and Voice Technology is Similar to a Service Dog

Can a more complex comparison be made? AI and voice assistance are similar to a seeing-eye dog. Throwing the duties of a service dog into the same court as technology is outlandish as things get, even in the middle of an ever-shifting pandemic. But with retail software development services workin...

IIS-Raid - A Native Backdoor Module For Microsoft IIS (Internet Information Services)

IS Raid is a native IIS module that abuses the extendibility of IIS to backdoor the web server and carry out custom actions defined by an attacker. Documentation When installed, IIS-Raid will process every request and method, check if the X-Password header exists and compare it against the...

UsoDllLoader - Windows - Weaponizing Privileged File Writes With The Update Session Orchestrator Service

2020-06-06 Update: this trick no longer works on the latest builds of Windows 10 Insider Preview. This means that, although it still works on the mainstream version ofWindows 10, you should expect it to be patched in the coming months. Description This PoC shows a technique that can be used to...

Basecrack - Best Decoder Tool For Base Encoding Schemes

BaseCrack is a tool written in Python that can decode all alphanumeric base encoding schemes. This tool can accept single user input, multiple inputs from a file, input from argument, multi-encoded bases and decode them incredibly fast. Decode Base16, Base32, Base36, Base58, Base62, Base64,...