JSshell - A JavaScript Reverse Shell For Exploiting XSS Remotely Or Finding Blind XSS, Working With Both Unix And Windows OS

JSshell - a JavaScript reverse shell. This using for exploit XSS remotely, help to find blind XSS, ... This tool works for both Unix and Windows operating system and it can running with both Python 2 and Python 3. This is a big update of JShell - a tool to get a JavaScript shell with XSS by...

Astsu - A Network Scanner Tool

How it works Scan common ports Send a TCP Syn packet to the destination on the defined port, if the port is open, use an nmap scan to check the service running on the port and prints all the ports found. Discover hosts in network Uses as a base the router's ip to map all possible ips. It then sen...

Git-Scanner - A Tool For Bug Hunting Or Pentesting For Targeting Websites That Have Open .git Repositories Available In Public

This tool can scan websites with open .git repositories for Bug Hunting/ Pentesting Purposes and can dump the content of the .git repositories from webservers that found from the scanning method. This tool works with the provided Single target or Mass Target from a file list. Installation - git...

Recox - Master Script For Web Reconnaissance

The script aims to help in classifying vulnerabilities in web applications. The methodology RecoX is arising can spot weaknesses other than OWASP top ten. The script presents information against the target system. It gathers the information recursively over each subdomain, and IP addr for a...

Jshole - A JavaScript Components Vulnrability Scanner, Based On RetireJS

A JavaScript components vulnrability scanner, based on RetireJS. Why use JShole instead of RetireJS? By default, RetireJS only searches one page, but JShole tries to crawl all pages. How it works? Get Started Requirements requests Install git clone https://github.com/callforpapers-source/jshole.g...

GitMonitor - A Github Scanning System To Look For Leaked Sensitive Information Based On Rules

GitMonitor is a Github scanning system to look for leaked sensitive information based on rules. I know that there are a lot of very good other tools for finding sensitive information leaked on Github right now, I myself currently still use some of them. However, I think they still lack some...

Eviloffice - Inject Macro And DDE Code Into Excel And Word Documents (Reverse Shell)

Win python script to inject Macro and DDE code into Excel and Word documents reverse shell Features: Inject malicious Macro on formats: docm, dotm, xlsm, xltm Inject malicious DDE code on formats: doc, docx, dot, xls, xlsx, xlt, xltx Python2/Python3 Compatible Tested: Win10 MS Office 14.0...

Ligolo - Reverse Tunneling Made Easy For Pentesters, By Pentesters

Ligolo is a simple and lightweight tool for establishing SOCKS5 or TCP tunnels from a reverse connection in complete safety TLS certificate with elliptical curve. It is comparable to Meterpreter with Autoroute + Socks4a , but more stable and faster. Use case You compromised a Windows / Linux / Ma...

Inshackle - Instagram Hacks: Track Unfollowers, Increase Your Followers, Download Stories, Etc

Instagram hacks: Track unfollowers, Increase your followers, Download Stories, etc Features: Unfollow Tracker Increase Followers Download: Stories, Saved Content, Following/followers list, Profile Info Unfollow all your following Usage: git clone https://github.com/thelinuxchoice/inshackle cd...

GhostShell - Malware Indetectable, With AV Bypass Techniques, Anti-Disassembly, And More

In this malware, are used some techniques to try bypass the AVs, VMs, and Sandboxes, with only porpuse to learning more. I'm not responsible for your actions. Bypass Techniques Anti-Debugger To try bypass the Debuggers, I'm using the "IsDebuggerPresent" of "Windows.h" librarie to checks if a...

Forerunner - Fast And Extensible Network Scanning Library Featuring Multithreading, Ping Probing, And Scan Fetchers

The Forerunner library is a fast, lightweight, and extensible networking library created to aid in the development of robust network centric applications such as: IP Scanners, Port Knockers, Clients, Servers, etc. In it's current state, the Forerunner library is able to both synchronously and...

Enumy - Linux Post Exploitation Privilege Escalation Enumeration

Enumy is portable executable that you drop on target Linux machine during a pentest or CTF in the post exploitation phase. Running enumy will enumerate the box for common security vulnerabilities. Enumy has a Htop like Ncurses interface or a standard interface for dumb reverse shells. Installatio...

Bing-Ip2Hosts - Bingip2Hosts Is A Bing.com Web Scraper That Discovers Websites By IP Address

Bing-ip2hosts is a Bing.com web scraper to discover hostnames by IP address. Description Bing-ip2hosts is a Bing.com web scraper that discovers hostnames by IP address. Bing is the flagship Microsoft search engine formerly known as MSN Search and Live Search. It provides a feature unique to searc...

Vault - A Tool For Secrets Management, Encryption As A Service, And Privileged Access Management

Please note : We take Vault's security and our users' trust very seriously. If you believe you have found a security issue in Vault, please responsibly disclose by contacting us at [email protected]. Website: https://www.vaultproject.io IRC: vault-tool on Freenode Announcement list: Google...

ADCollector - A Lightweight Tool To Quickly Extract Valuable Information From The Active Directory Environment For Both Attacking And Defending

ADCollector is a lightweight tool that enumerates the Active Directory environment to identify possible attack vectors. It will give you a basic understanding of the configuration/deployment of the environment as a starting point. Notes: ADCollector is not an alternative to the powerful PowerView...

ANDRAX v5R NH-Killer - Penetration Testing on Android

ANDRAX is a Penetration Testing platform developed specifically for Android smartphones, ANDRAX has the ability to run natively on Android so it behaves like a common Linux distribution, But more powerful than a common distribution! The development of ANDRAX began on 08/09/2016 DD/MM/YYYY only fo...

DroidFiles - Get Files From Android Directories

Get files from Android directories, internal and external storage Pictures, Downloads, Whatsapp, Videos, ... Legal disclaimer: Usage of DroidFiles for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws...

Purify - All-in-one Tool For Managing Vulnerability Reports From AppSec Pipelines

All-in-one tool for managing vulnerability reports Why The goal of Purify to be an easy-in-use and efficient tool to simplify a workflow of managing vulnerabilities delivered from various tools. Purify is designed to analyze the report of any tool , if the report is in JSON or XML format. This...

MemoryMapper - Lightweight Library Which Allows The Ability To Map Both Native And Managed Assemblies Into Memory

Memory Mapper is a lightweight library which allows the ability to map both native and managed assemblies into memory by either using process injection of a process specified by the user or self-injection; the technique of injecting an assembly into the currently running process attempting to do...

Project iKy v2.6.0 - Tool That Collects Information From An Email And Shows Results In A Nice Visual Interface

Project iKy is a tool that collects information from an email and shows results in a nice visual interface. Visit the Gitlab Page of the Project Installation Clone repository git clone https://gitlab.com/kennbroorg/iKy.git Install Backend Redis You must install Redis wget...

RepoPeek - A Python Script To Get Details About A Repository Without Cloning It

RepoPeek is a Python script to get details about a repository without cloning it. All the information are retrieved using the GitHub API. Please Note: API requests made by this module aren't using basic authentication or OAuth. Therefore the rate limit allows for up to 60 requests per hour...

Pivotnacci - A Tool To Make Socks Connections Through HTTP Agents

Pivot into the internal network by deploying HTTP agents. Pivotnacci allows you to create a socks server which communicates with HTTP agents. The architecture looks like the following: This tool was inspired by the great reGeorg. However, it includes some improvements: Support for balanced server...

OhMyQR - Hijack Services That Relies On QR Code Authentication

QRLJacking or Quick Response Code Login Jacking is a simple social engineering attack vector capable of session hijacking affecting all applications that rely on the “Login with QR code” feature as a secure way to login into accounts. In a nutshell, the victim scans the attacker’s QR code which...

FinalRecon - The Last Web Recon Tool You'll Need

FinalRecon is a fast and simple python script for web reconnaissance. It follows a modular structure so in future new modules can be added with ease. Featured NullByte https://null-byte.wonderhowto.com/how-to/conduct-recon-web-target-with-python-tools-0198114/...

Jaeles v0.9 - The Swiss Army Knife For Automated Web Application Testing

Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner. Installation Download precompiled version here. If you have a Go environment, make sure you have Go = 1.13 with Go Modules enable and run the following command. GO111MODULE=...

Game-based learning platform provides full immersion into cybersecurity

Working and learning have gone remote, and we have to come to terms with this new reality. Nowadays, several organizations allow their staff to work from home permanently. Most universities consider reducing classroom time wherever possible, and now we are seeing the demand for online courses sky...

AutoRDPwn v5.1 - The Shadow Attack Framework

AutoRDPwn is a post-exploitation framework created in Powershell, designed primarily to automate the Shadow attack on Microsoft Windows computers. This vulnerability listed as a feature by Microsoft allows a remote attacker to view his victim's desktop without his consent, and even control it on...

EvilApp - Phishing Attack Using An Android App To Grab Session Cookies For Any Website (ByPass 2FA)

Man-in-the-middle phishing attack using an Android app to grab session cookies for any website, which in turn allows to bypass 2-factor authentication protection. EvilApp brings as an example the hijacking and injection of cookies for authenticated instagram sessions. Legal disclaimer: Usage of...

S3BucketList - Firefox Plugin The Lists Amazon S3 Buckets Found In Requests

S3BucketList is a Firefox plugin that records S3 Buckets found in requests. It is currently a work in progress and additional features will be added in the future. This plugin will also be ported to other browsers in the future. Stay tuned! Installation This plugin is already available in Firefox...

Locator - Geolocator, Ip Tracker, Device Info By URL (Serveo And Ngrok)

Geolocator, Ip Tracker, Device Info by URL Serveo and Ngrok. It uses tinyurl to obfuscate the Serveo link. Legal disclaimer: Usage of Locator for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws...

Guardedbox - Online Client-Side Manager For Secure Storage And Secrets Sharing

GuardedBox is an open-source online client-side manager for secure storage and secrets sharing. It allows users to upload secrets to a centralized server and retrieve them at anytime and from anywhere. It also allows users to share their secrets with other users, individually or via groups. Secre...

Faraday v3.11 - Collaborative Penetration Test and Vulnerability Management Platform

This new release brings strong improvements to your security team’s daily performance , allowing them to operate quicker and smarter by increasing accessibility and stabilizing usual functionality. Major enhancements are focused on providing global visualization of findings , improvements on our...

Minimalistic-offensive-security-tools - A Repository Of Tools For Pentesting Of Restricted And Isolated Environments

Minimalistic SMB loginbruteforcer smblogin.ps1 A simple SMB login attack and password spraying tool. It takes a list of targets and credentials username and password as parameters and it tries to authenticate against each target using the provided credentials. Despite its minimalistic design, the...

Carina - Webshell, Virtual Private Server (VPS) And cPanel Database

Carina is a web application used to store webshell, Virtual Private Server VPS and cPanel data. Carina is made so that we don't need to store webshell, VPS or cPanel data in "strange places". Screenshots Install Carina 1. $ git clone https://github.com/c0delatte/carina && cd carina 2. Run compose...

Nishang - Offensive PowerShell For Red Team, Penetration Testing And Offensive Security

Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security, penetration testing and red teaming. Nishang is useful during all phases of penetration testing. By nikhilmitt Usage Import all the scripts in the current PowerShell session...

Web Hacker's Weapons - A Collection Of Cool Tools Used By Web Hackers

A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting. Weapons Type | Name | Description ---|---|--- Army-Knife/ALL | BurpSuite | the BurpSuite project Army-Knife/SCAN | jaeles | The Swiss Army knife for automated Web Application Testing Army-Knife/ALL | zaproxy | The...

Spray - A Password Spraying Tool For Active Directory Credentials By Jacob Wilkin(Greenwolf)

A Password Spraying tool for Active Directory Credentials by Jacob WilkinGreenwolf Getting Started These instructions will show you the requirements for and how to use Spray. Prerequisites All requirements come preinstalled on Kali Linux, to run on other flavors or Mac just make sure curlowa & ly...

Self-XSS - Self-XSS Attack Using Bit.Ly To Grab Cookies Tricking Users Into Running Malicious Code

Self-XSS attack using bit.ly to grab cookies tricking users into running malicious code How it works? Self-XSS is a social engineering attack used to gain control of victims' web accounts by tricking users into copying and pasting malicious content into their browsers. Since Web browser vendors a...

Open Sesame - A Tool Which Runs To Display Random Publicly Disclosed Hackerone Reports When Bored

A python tool which runs to display random publicly disclosed Hackerone reports when bored. Automatically opens the report in browser. Contains Over 8k Publicly disclosed Hackerone reports and addtl. wordlist of 700 bug bounty writeups. This is a productivity tool for security enthusiasts and bug...

BlackDir-Framework - Web Application Vulnerability Scanner

Web Application Vulnerability Scanner. 1. Spider Directories 2. Find Sub Domain 3. Advanced Dorks Search 4. Scan list of Dorks 5. Scan WebSites Xss,Sql 6. Reverse Ip Lookup 7. Port Scan Installation: git clone https://github.com/RedVirus0/BlackDir-Framework.git cd BlackDir pip3 install -r...

Sharingan - Offensive Security Recon Tool

Sharingan is a recon multitool for offensive security / bug bounty This is very much a work in progress and I'm relatively new to offensive security in general so if you see something that can be improved please open an issue or PR with suggested changes. Cloning for development Outside of your...

BADlnk - Reverse Shell In Shortcut File (.lnk)

Reverse Shell in Shortcut File .lnk How it works? Shortcut file Microsoft Windows 9.x LNK is a file extension for a shortcut file used by Microsoft Windows to point to an executable file. LNK stands for LiNK. Shortcut files are used as a direct link to an executable file, instead of having to...

ParamKit - A Small Library Helping To Parse Commandline Parameters

A small library helping to parse commandline parameters for Windows. Objectives "like Python's argparse but for C/C++" compact and minimalistic easy to use extendable Demo Print help for each parameter: Easily store values of popular types, and verify if all required parameters are filled: Verify...

Hidden-Cry - Windows Crypter/Decrypter Generator With AES 256 Bits Key

Windows Crypter/Decrypter Generator with AES 256 bits key Features: Works on WAN: Port Forwarding by Serveo.net Fully Undetectable FUD - Don't Upload to virustotal.com! Legal disclaimer: Usage of Hidden-Cry for attacking targets without prior mutual consent is illegal. It's the end user's...

Evilreg - Reverse Shell Using Windows Registry Files (.Reg)

Reverse shell using Windows Registry file .reg. Features: Reverse TCP Port Forwarding using Ngrok.io Requirements: Ngrok Authtoken for TCP Tunneling: Sign up at: https://ngrok.com/signup Your authtoken is available on your dashboard: https://dashboard.ngrok.com Install your auhtoken: ./ngrok...

URLBrute - Tool To Brute Website Sub-Domains And Dirs

What is this URLBrute is a tool to help you brute forcing website sub-domains and dirs. Can be used with python3 and python2. Dependencies urlbrute.py requests = 2.21.0 bs4 = 0.0.1 datetime = 4.3 How to install In Linux: chmod +x install.sh sudo ./install.sh In Windows, install python 3.7, then r...

Getdroid - FUD Android Payload And Listener

FUD Android Payload And Listener Read the license before using any part from this code Malicious Android apk generator Reverse Shell Legal disclaimer: Usage of GetDroid for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local,...

DiscordRAT - Discord Remote Administration Tool Fully Written In Python

Discord Remote Administration Tool fully written in Python3. This is a RAT controlled over Discord with over 20 post exploitation modules. Disclaimer: This tool is for educational use only, the author will not be held responsible for any misuse of this tool. This is my first project on github as...

Lockphish - A Tool For Phishing Attacks On The Lock Screen, Designed To Grab Windows Credentials, Android PIN And iPhone Passcode

Lockphish it's the first tool 05/13/2020 for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode using a https link. Features: Lockscreen phishing page for Windows, Android and iPhone Auto detect device Port Forwarding by Ngrok IP Tracker Leg...

DalFox (Finder Of XSS) - Parameter Analysis And XSS Scanning Tool Based On Golang

Finder Of XSS, and Dal is the Korean pronunciation of moon. What is DalFox Just, XSS Scanning and Parameter Analysis tool. I previously developed XSpear, a ruby-based XSS tool, and this time, a full change occurred during the process of porting with golang!!! and created it as a new project. The...