LaZagneForensic - Decrypt Windows Credentials From Another Host

LaZagne uses an internal Windows API called CryptUnprotectData to decrypt user passwords. This API should be called on the victim user session, otherwise, it does not work. If the computer has not been started when the analysis is realized on an offline mounted disk, or if we do not want to drop ...

AutoSploit - Automated Mass Exploiter

As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets are collected automatically as well by employing the Shodan.io API. The program allows the user to enter their platform specific search query such as; Apache, IIS, etc, upon which a list of...

CFC - Linux Centralized Firewall Control

Centralized firewall control provides a centralized way to manage the firewall on multiple servers or loadbalancers running iptables. This way you can quickly allow/block/del/search abuse ranges etc. with one command on several servers. It accesses those servers through ssh. It supports both IPv4...

Stacer - Linux System Optimizer and Monitoring

Linux System Optimizer And Monitoring. Required Packages curl systemd Debian x64 1. Download stacer1.0.8amd64.deb from the Stacer releases page. 2. Run sudo dpkg -i stacer.deb on the downloaded package. 3. Launch Stacer using the installed stacer command. Fedora x64 1. Download stacer1.0.8x64.rpm...

DVWA - Damn Vulnerable Web Application

Damn Vulnerable Web Application DVWA is a PHP/MySQL web application that is damn vulnerable. Its main goal is to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and to aid...

IDAsec - IDA plugin for reverse-engineering and dynamic interactions with the Binsec platform

IDA plugin for reverse-engineering and dynamic interactions with the Binsec platform Features Decoding an instruction in DBA IR Loading execution traces generated by Pinsec Triggering analyzes on Binsec and retrieving results Dependencies protobuf ZMQ capstone for trace disassembly graphviz to dr...

LSB-Steganography - Python program to steganography files into images using the Least Significant Bit

Python program based on stegonographical methods to hide files in images using the Least Significant Bit technique. I used the most basic method which is the least significant bit. A colour pixel is composed of red, green and blue, encoded on one byte. The idea is to store information in the firs...

ICMPExfil - Exfiltrate data with ICMP

ICMP Exfil allows you to transmit data via valid ICMP packets. You use the client script to pass in data you wish to exfiltrate, then on the device you're transmitting to you run the server. Anyone watching-- human or security system-- will just see valid ICMP packets, there's nothing malicious...

Minesweeper - A Burpsuite plugin (BApp) to aid in the detection of cryptocurrency mining domains (cryptojacking)

A Burpsuite plugin BApp to aid in the detection of scripts being loaded from over 3200 malicious cryptocurrency mining domains cryptojacking. Contributions are more than welcome! Summary Minesweeper will passively scan in-scope items looking for matches against more than 3000 known cryptojacking...

Evilgrade - Modular Framework To Take Advantage Of Poor Upgrade Implementations By Injecting Fake Updates

Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. It comes with pre-made binaries agents, a working default configuration for fast pentests, and has it's own WebServer and DNSServer modules. Easy to set up new...

RDPY - Remote Desktop Protocol in Twisted Python

RDPY is a pure Python implementation of the Microsoft RDP Remote Desktop Protocol protocol client and server side. RDPY is built over the event driven network engine Twisted. RDPY support standard RDP security layer, RDP over SSL and NLA authentication through ntlmv2 authentication protocol. RDPY...

PiDense - Monitor Illegal Wireless Network Activities (Fake Access Points)

Monitor illegal wireless network activities. Similar SSID broadcasts Same SSID broadcasts Calculates unencrypted wireless networks density Watches SSID broadcasts at the blacklist. Capabilities Now Calculates Unencrypted wireless network density Finds same ssid, different encryption Working...

Social Recon - Investigate The Online Presence And Footprint Of Someone

This application locates and compiles information about online personalities, given a username and/or email address. Use this to investigate your own online presence, summarize the digital footprint of someone you know, or uncover the person behind a specific username. Getting Started Clone or fo...

SocialFish - Ultimate phishing tool with Ngrok integrated

Ultimate phishing tool with Ngrok integrated. PREREQUISITES Python 2.7 Wget from Python PHP TESTED ON Kali Linux - ROLLING EDITION CLONE git clone https://github.com/UndeadSec/SocialFish.git RUNNING cd SocialFish sudo pip install -r requirements.txt python SocialFish.py AVAILABLE PAGES + Facebook...

lanGhost - A LAN dropbox chatbot controllable via Telegram

A LAN dropbox chatbot controllable via Telegram Installation: You will need a Raspberry Pi with fresh Raspbian/Kali on the SD card, because you don't want anything else running in the background. Boot up the Pi, get an SSH sell or connect a monitor and a keyboard and enter these commands: $ sudo...

Lynis 2.6.1 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

Nmap-Vulners - NSE Script Using Some Well-Known Service To Provide Info On Vulnerabilities

NSE script based on Vulners.com API. NSE script using some well-known service to provide info on vulnerabilities. Dependencies: nmap libraries: http json string The only thing you should always keep in mind is that the script depends on having software versions at hand, so it only works with -sV...

Injectify - Perform Advanced MiTM Attacks On Websites With Ease

A modern BeEF inspired framework for the 21st century. Cross-platform clients = Web in-browser and Desktop Electron. Created from-scratch using pure NodeJS and Typescript. What can it do? Create a reverse Javascript shell between the victim and the attacker. Records keystrokes and logs them to a...

DEScrypt-CPU-Collision-Cracker - DEScrypt CPU Collision Cracker

A linux based high performance DEScrypt CPU cracker written in c++, it deduces the salt and uses a password list to crack hashes. Why not use a rainbow table? DEScrypt uses by default a two byte saltcomprised of characters a-zA-Z0-9./ 1 which would mean that you would need to produce roughly 65,5...

Infoga - Email Information Gathering

Infoga is a tool for gathering e-mail accounts information ip,hostname,country,... from different public sources search engines, pgp key servers. Is a really simple tool, but very effective for the early stages of a penetration test or just to know the visibility of your company in the Internet...

Twebit - Bitcoin Analysis in Twitter With Machine Learning

Bitcoin analysis with machine learning. How it works? 1- Get tweets from twitter. 2- Filter tweets. 3- Tweet classification with naive bayes algorithm Positive,negative and neut. Installation git clone https://github.com/omergunal/twebit cd twebit pip3 install -r requirements.txt Update your api...

SQLmap Tamper-API - SQLMap Tamper API To Accept Tamper Scripts From All Languages

It's an API for SQLmap tamper scripts allows you to use your favorite programming language to write your tamper scripts. This API solves SQLmap limitation of accepting only python to write tamper scripts. How it works taper-api.py script sends the payload and kwargs in a JSON format "payload": ""...

Web Shell Detector - PHP Script That Helps You Find And Identify PHP / CGI (Perl) / ASP / ASPX Shells

Web Shell Detector is a php script that helps you find and identify php/cgiperl/asp/aspx shells. Web Shell Detector has a “web shells” signature database that helps to identify “web shell” up to 99%. By using the latest javascript and css technologies, web shell detector has a light weight and...

Wavecrack - Web Interface For Password Cracking With Hashcat

A user-friendly Web interface to share an hashcat cracking box among multiple users with some pre-defined options. Screenshots The homepage Adding an hash to crack Seeing the results and some stats Outline This Web application can be used to launch asynchronous password cracks with hashcat. The...

Al-Khaser v0.72 - Public malware techniques used in the wild (Virtual Machine, Emulation, Debuggers, Sandbox detection)

al-khaser is a PoC "malware" application with good intentions that aims to stress your anti-malware system. It performs a bunch of common malware tricks with the goal of seeing if you stay under the radar. Features Anti-debugging attacks IsDebuggerPresent CheckRemoteDebuggerPresent Process...

Domain Analyzer - Analyze The Security Of Any Domain By Finding All the Information Possible

Domain analyzer is a security analysis tool which automatically discovers and reports information about the given domain. Its main purpose is to analyze domains in an unattended way. How Domain analyzer takes a domain name and finds information about it, such as DNS servers, mail servers, IP...

Pupy - Opensource, Cross-Platform (Windows, Linux, OSX, Android) Remote Administration And Post-Exploitation Tool

Pupy is an opensource, cross-platform Windows, Linux, OSX, Android, multi function RAT Remote Administration Tool and post-exploitation tool mainly written in python. It features a all-in-memory execution guideline and leaves very low footprint. Pupy can communicate using various transports,...

rbndr - Simple DNS Rebinding Service

rbndr is a very simple, non-conforming, name server for testing software against DNS rebinding vulnerabilities. The server responds to queries by randomly selecting one of the addresses specified in the hostname and returning it as the answer with a very low ttl...

Trojanizer - Trojanize Your Payload (WinRAR [SFX] Automatization)

The Trojanizer tool uses WinRAR SFX to compress the two files input by user, and transforms it into an SFX executable.exe archive. The sfx archive when executed it will run both files our payload and the legit appl at the same time. To make the archive less suspicious to target at execution time,...

Enumdb - MySQL and MSSQL Brute Force And Post Exploitation Tool To Search Through Databases And Extract Sensitive Information

Enumdb is brute force and post exploitation tool for MySQL and MSSQL databases. When provided a list of usernames and/or passwords, it will cycle through each looking for valid credentials. By default enumdb will use newly found, or given, credentials to search the database and find tables...

FakeImageExploiter - Use a Fake image.jpg (hide known file extensions) to exploit targets

This module takes one existing image.jpg and one payload.ps1 input by user and builds a new payload agent.jpg.exe that if executed it will trigger the download of the 2 previous files stored into apache2 image.jpg + payload.ps1 and execute them. This module also changes the agent.exe Icon to matc...

SNMP-Brute - Fast SNMP brute force, enumeration, CISCO config downloader and password cracking script

SNMP brute force, enumeration, CISCO config downloader and password cracking script. Listens for any responses to the brute force community strings, effectively minimising wait time. Requirements metasploit snmpwalk snmpstat john the ripper Usage python snmp-brute.py -t IP Options --help, -h show...

Ketshash - A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs

A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs. The tool was published as part of the "Pass-The-Hash detection" research - more details on "Pass-The-Hash detection" are in the blog post:...

SwishDbgExt - Incident Response & Digital Forensics Debugging Extension

SwishDbgExt is a Microsoft WinDbg debugging extension that expands the set of available commands by Microsoft WinDbg, but also fixes and improves existing commands. This extension has been developed by Matt Suiche @msuiche – feel free to reach out on [email protected] ask for more features,...

macro_pack - Tool Used To Automatize Obfuscation And Generation Of Ms Office Documents For Pentest, Demo, And Social Engineering Assessments

The macropack is a tool used to automatize obfuscation and generation of retro formats such as MS Office documents or VBS like format. This tool can be used for redteaming, pentests, demos, and social engineering assessments. macropack will simplify antimalware solutions bypass and automatize the...

Autorize - Automatic Authorization Enforcement Detection Extension For Burp Suite

Autorize is an automatic authorization enforcement detection extension for Burp Suite. It was written in Python by Barak Tawily, an application security expert, and Federico Dotta, a security expert at Mediaservice.net. Autorize was designed to help security testers by performing automatic...

Hershell - Simple TCP reverse shell written in Go

Simple TCP reverse shell written in Go . It uses TLS to secure the communications, and provide a certificate public key fingerprint pinning feature, preventing from traffic interception. Supported OS are: Windows Linux Mac OS FreeBSD and derivatives Why ? Although meterpreter payloads are great,...

OnionHarvester - A small TOR Onion Address harvester for checking if the address is available or not

A small TOR Onion Address harvester for checking if the address is available or not. The program uses the TOR local socks5 proxy for finding all the Onion Addresses which are alive and ports 80 and 443 are available. Details about the project and TOR onion harvesting is published in this blog at:...

Vegile - Tool for Post exploitation Techniques in Linux

Vegile is a tool for Post exploitation Techniques in linux. Post Exploitation techniques will ensure that we maintain some level of access and can potentially lead to deeper footholds into our targets trusted network. How it works This tool will setting up your backdoor/rootkits when backdoor...

EvilURL v2.0 - An Unicode Domain Phishing Generator for IDN Homograph Attack

Generate unicode evil domains for IDN Homograph Attack and detect them. PREREQUISITES python 3.x for evilurl3.py TESTED ON:Kali Linux - ROLLING EDITION CLONE git clone https://github.com/UndeadSec/EvilURL.git RUNNING cd EvilURL python3 evilurl.py CHANGELOG Full script updated to Python 3.x Python...

gOSINT - Open Source Intelligence Framework

gOSINT is a small OSINT framework in golang, it's actually in development and still not ready for production if you want, feel free to contribute! What gOSINT can do Find mails from git repository Find Dumps for mail address Search for mail address linked to domain/mail address in PGP keyring...

One-Lin3r - Gives you one-liners that aids in penetration testing operations

One-Lin3r is simple and light-weight framework inspired by the web-delivery module in Metasploit. It consists of various one-liners that aids in penetration testing operations: Reverser: Give it IP & port and it returns a reverse shell liner ready for copy & paste. Dropper: Give it an...

GTScan - The Nmap Scanner for Telco

The Nmap Scanner for Telco. With the current focus on telecom security, there used tools in day to day IT side penetration testing should be extended to telecom as well. From here came the motivation for an nmap-like scanner but for telco The current security interconnect security controls might...

Cr3dOv3r v0.3 - Know The Dangers Of Credential Reuse Attacks

Your best friend in credential reuse attacks. Cr3dOv3r simply you give it an email then it does two simple jobs but useful : Search for public leaks for the email and if it any, it returns with all available details about the leak Using hacked-emails site API. Now you give it this email's old or...

Lynis 2.5.9 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

OWASP-Nettacker - Automated Penetration Testing Framework

OWASP Nettacker project is created to automate information gathering, vulnerability scanning and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and other information. This software will utilize TCP SYN, ACK, ICMP and many other protocols...

RFCrack - A Software Defined Radio Attack Tool

RFCrack is my personal RF test bench, it was developed for testing RF communications between any physical device that communicates over sub Ghz frequencies. IoT devices, Cars, Alarm Systems etc... Testing was done with the Yardstick One on OSX, but RFCrack should work fine in linux. Support for...

DNSExfiltrator - Data exfiltration over DNS request covert channel

DNSExfiltrator allows for transfering exfiltrate a file over a DNS request covert channel. This is basically a data leak testing tool allowing to exfiltrate data over a covert channel. DNSExfiltrator has two sides: 1. The server side , coming as a single python script dnsexfiltrator.py, which act...

sdrtrunk - Tool For Decoding, Monitoring, Recording And Streaming Trunked Mobile And Related Radio Protocols Using Software Defined Radios (SDR)

A cross-platform java application for decoding, monitoring, recording and streaming trunked mobile and related radio protocols using Software Defined Radios SDR. Getting Started User's Manual Version 0.3.0 Download Support Figure 1: sdrtrunk Version 0.3.0 Application Screenshot End User...

cSploit Android - The most complete and advanced IT security professional toolkit on Android

cSploit is a free/libre and open source GPLed Android network analysis and penetration suite which aims to be the most complete and advanced professional toolkit for IT security experts/geeks to perform network security assessments on a mobile device. See more at www.cSploit.org. Features Map you...