DBC2 (DropboxC2) - A Modular Post-Exploitation Tool, Composed Of An Agent Running On The Victim'S Machine

DBC2 DropboxC2 is a modular post-exploitation tool, composed of an agent running on the victim's machine, a controler, running on any machine, powershell modules, and Dropbox servers as a means of communication. This project was initially inspired by the fantastic Empire framework, but also as an...

DDEtect - Simple DDE Object Detector

Written by Amit Serper, @0xAmit DDEtector is a simple DDE object detector written in python Currently supports only word DOCX and legacy DOC files Prints the contents of the DDE payloads Note: In some cases DDEtect won't print the entire DDE payload. I'm working on writing a better matching...

sAINT - A Spyware Generator for Windows systems written in Java

sAINT is a Spyware Generator for Windows systems written in Java. Features Keylogger Take Screenshot Webcam Capture Persistence Tested On KaliLinux - ROLLING EDITION How To Use Install dependencies you need Maven and JDK 8 package installed $ apt install maven default-jdk default-jre openjdk-8-jd...

IP-Biter - The Hacker-friendly E-Mail Tracking Framework

IP-Biter is an open source, easy to deploy, tracking framework that generate high configurables and uniques tracking images and links to embed in e-mails, sites or chat systems and visualize, in an hacker-friendly dashboard, high detailed reports of the tracked users who visualize the image or op...

WSC2 - A WebSocket C2 Tool

WSC2 is a PoC of using the WebSockets and a browser process to serve as a C2 communication channel between an agent, running on the target system, and a controller acting as the actuel C2 server. Background information Check this blog post to get some context and insight on the developpment of th...

Kali Linux 2017.3 Release - The Best Penetration Testing Distribution

Kali Linux 2017.3 released , which includes all patches, fixes, updates, and improvements since our last release. In this release, the kernel has been updated to 4.13.10 and it includes some notable improvements: CIFS now uses SMB 3.0 by default EXT4 directories can now contain 2 billion entries...

PortEx - Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness

PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. Features Reading header information from: MSDOS Header, COFF File Header,...

Skype Log Viewer - Download and View Skype History Without Skype

Download and View Skype History Without Skype. This program allows you to view all of your skype chat logs and then easily export them as text files. It correctly organizes them by conversation, and makes sure that group conversations do not get jumbled with one on one chats. Features Download...

OnionShare - Securely and anonymously share a file of any size

OnionShare lets you securely and anonymously share files of any size. It works by starting a web server, making it accessible as a Tor onion service, and generating an unguessable URL to access and download the files. It doesn't require setting up a server on the internet somewhere or using a thi...

SimpleWall - Simple tool to configure Windows Filtering Platform (WFP)

Simple tool to configure Windows Filtering Platform WFP which can configure network activity on your computer. The lightweight application is less than a megabyte, and it is compatible with Windows Vista and higher operating systems. You can download either the installer or portable version. For...

Tilt - Terminal Ip Lookup Tool

Tilt: Terminal ip lookup tool, is an easy and simple open source tool implemented in Python for ip/host passive reconnaissance. It's very handy for first reconnaissance approach and for host data retrieval. Features Host to IP conversion IP to Host conversion DNS to IPs GeoIP Translation Extensiv...

Excalibur - An Eternalblue exploit payload based Powershell

Excalibur is an Eternalblue exploit based "Powershell" for the Bashbunny project. It's purpose is to reflect on how a "simple" USB drive can execute the 7 cyber kill chain. Excalibur may be used only for demostrations purposes only, and the developers are not responsible to any misuse or illeagal...

Phishing Catcher - Catching malicious phishing domain names using Certstream SSL certificates live stream

Catching malicious phishing domain names using certstream SSL certificates live stream. This is just a working PoC, feel free to contribute and tweak the code to fit your needs. Installation The script should work fine using Python2 or Python3. You will need the following python packages installe...

SpookFlare - Meterpreter Loader Generator With Multiple Features For Bypassing Client-Side And Network-Side Countermeasures

SpookFlare has a different perspective to bypass security measures and it gives you the opportunity to bypass the endpoint countermeasures at the client-side detection and network-side detection. SpookFlare is a loader generator for Meterpreter Reverse HTTP and HTTPS stages. SpookFlare has custom...

Enigma - Multiplatform Payload Dropper

Enigma is a Multiplatform payload dropper. Run git clone https://github.com/UndeadSec/Enigma.git cd Enigma python enigma.py or python3 enigma3.py Prerequisites python 2.7 for enigma.py python 3.x for enigma.py metasploit Tested on Kali Linux - ROLLING EDITION Video Download Enigma...

DumpsterFire - Security Incidents In A Box!

DumpsterFire Toolset - "Security Incidents In A Box!" The DumpsterFire Toolset is a modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create...

ROC - Infineon RSA Vulnerability

This tool is related to ACM CCS 2017 conference paper 124 Return of the Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli. It enables you to test public RSA keys for a presence of the described vulnerability. Update : The paper of the attack is already online, ACM version...

Fake Sandbox Processes (FSP) - Tool to simulate fake processes of analysis sandbox/VM software

This small script will simulate fake processes of analysis, sandbox and/or VM software that some malware will try to avoid. You can download the original script made by @x0rz in the orig directory. You can also download my slightly optimized script in the main directory. The file is named fsp.ps1...

cmsPoc - A CMS Exploit Framework

A CMS Exploit Framework. Requirements python2.7 Works on Linux, Windows Usage usage: cmspoc.py -h -t TYPE -s SCRIPT -u URL optional arguments: -h, --help show this help message and exit -t TYPE, --type TYPE e.g.,phpcms -s SCRIPT, --script SCRIPT Select script -u URL, --url URL Input a target url...

MHA - Mail Header Analyzer

Mail header analyzer is a tool written in flask for parsing email headers and converting them to a human readable format and it also can: Identify hop delays. Identify the source of the email. Identify hop country. MHA is an alternative for the following: Name | Dev | Issues ---|---|---...

Cr3dOv3r - Know The Dangers Of Credential Reuse Attacks

Your best friend in credential reuse attacks. Cr3dOv3r simply you give it an email then it does two simple jobs but useful : Search for public leaks for the email and if it any, it returns with all available details about the leak Using hacked-emails site API. Now you give it this email's old or...

Faraday v2.7 - Collaborative Penetration Test and Vulnerability Management Platform

Faraday is the Integrated Multiuser Risk Environment you have alwasy been looking for! It maps and leverages all the data you generate in real time , letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the risks and impacts and risks being assessed by the...

Mentalist - Graphical Tool For Custom Wordlist Generation

Mentalist is a graphical tool for custom wordlist generation. It utilizes common human paradigms for constructing passwords and can output the full wordlist as well as rules compatible with Hashcat and John the Ripper. Install from Source Prerequisites Linux APT package manager Check if Python 3 ...

fatcat - FAT Filesystems Explore, Extract, Repair, And Forensic Tool

This tool is designed to manipulate FAT filesystems, in order to explore, extract, repair, recover and forensic them. It currently supports FAT12, FAT16 and FAT32. Tutorials & examples Building and installing You can build fatcat this way: mkdir build cd build cmake .. make And then install it:...

CredSniper - Phishing Framework which supports SSL and capture credentials with 2FA tokens

Easily launch a new phishing site fully presented with SSL and capture credentials along with 2FA tokens using CredSniper. The API provides secure access to the currently captured credentials which can be consumed by other applications using a randomly generated API token. Benefits Fully supporte...

Dex-Oracle - A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis

A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis. Also, the inspiration for another Android deobfuscator: Simplify. Before After sha1: a68d5d2da7550d35f7dbefc21b7deebe3f4005f3 md5: 2dd2eeeda08ac8c15be8a9f2d01adbe8 Installation Step 1. Install Smali /...

TrevorC2 - Command and Control via Legitimate Behavior over HTTP

TrevorC2 is a client/server model for masking command and control through a normally browsable website. Detection becomes much harder as time intervals are different and does not use POST requests for data exfil. There are two components to TrevorC2 - the client and the server. The client can be...

docker-onion-nmap - Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container

Use nmap to scan hidden "onion" services on the Tor network. Minimal image based on alpine, using proxychains to wrap nmap. Tor and dnsmasq are run as daemons via s6, and proxychains wraps nmap to use the Tor SOCKS proxy on port 9050. Tor is also configured via DNSPort to anonymously resolve DNS...

Paskto - Passive Web Scanner

Paskto will passively scan the web using the Common Crawl internet index either by downloading the indexes on request or parsing data from your local system. URLs are then processed through Nikto and known URL lists to identify interesting content. Hash signatures are also used to identify known...

EvilURL - An Unicode Domain Phishing Generator for IDN Homograph Attack

An unicode domain phishing generator for IDN Homograph Attack. VIDEO DEMO CLONE git clone https://github.com/UndeadSec/EvilURL.git RUNNING cd EvilURL python evilurl.py PREREQUISITES python 2.7 TESTED ON Kali Linux - ROLLING EDITION Download EvilURL...

enum4linux - Tool for Enumerating Information from Windows and Samba Systems

A Linux alternative to enum.exe for enumerating data from Windows and Samba hosts. Enum4linux is a tool for enumerating information from Windows and Samba systems. It is written in Perl and is basically a wrapper around the Samba tools smbclient, rpclient, net and nmblookup. Key features RID...

Parrot Security 3.9 - Security GNU/Linux Distribution Designed with Cloud Pentesting and IoT Security in Mind

Security GNU/Linux distribution designed with cloud pentesting and IoT security in mind. It includes a full portable laboratory for security and digital forensics experts, but it also includes all you need to develop your own softwares or protect your privacy with anonymity and crypto tools...

Cromos - Download and Inject code into Google Chrome extensions

Cromos is a tool for downloading legitimate extensions of the Chrome Web Store and inject codes in the background of the application and more cromos create executable files to force installation via PowerShell for example, and also upload files to dropbox to host the malicious files. Download...

pcc - PHP Secure Configuration Checker

Check current PHP configuration for potential security flaws. Simply access this file from your webserver or run on CLI. Author This software was written by Ben Fuhrmannek, SektionEins GmbH, in an effort to automate php.ini checks and spend more time on cheerful tasks. Idea one single file for ea...

Evil-Droid - Framework to Create, Generate & Embed APK Payloads

Evil-Droid is a framework that create & generate & embed apk payload to penetrate android platforms. Screenshot: Dependencies : 1 - metasploit-framework 2 - xterm 3 - Zenity 4 - Aapt 5 - Apktool 6 - Zipalign Download/Config/Usage: 1 - Download the tool from github git clone...

CrunchRAT - HTTPS-based Remote Administration Tool (RAT)

CrunchRAT currently supports the following features: File upload File download Command execution It is currently single-threaded only one task at a time, but multi-threading or multi-tasking is currently in the works. Additional features will be included at a later date. Server The server-side of...

Linux Soft Exploit Suggester - Search Exploitable Software On Linux

linux-soft-exploit-suggester finds exploits for all vulnerable software in a system helping with the privilege escalation. It focuses on software packages instead of Kernel vulnerabilities. python linux-soft-exploit-suggester.py -h | | | | | |·| || |/ | || |- //| || |·|- | || | / |- /| ||| |||/...

KRACK Detector - Detect and prevent KRACK attacks in your network

KRACK Detector is a Python script to detect possible KRACK attacks against client devices on your network. The script is meant to be run on the Access Point rather than the client devices. It listens on the Wi-Fi interface and waits for duplicate message 3 of the 4-way handshake. It then...

wig - WebApp Information Gatherer

wig is a web application information gathering tool, which can identify numerous Content Management Systems and other administrative applications. The application fingerprinting is based on checksums and string matching of known files for different versions of CMSes. This results in a score being...

Striker - Offensive Information And Vulnerability Scanner

Striker is an offensive information and vulnerability scanner. Features Just supply a domain name to Striker and it will automatically do the following for you: Check and Bypass Cloudflare Retrieve Server and Powered by Headers Fingerprint the operating system of Web Server Detect CMS 197+ CMSs a...

Kernelpop - Kernel Privilege Escalation Enumeration And Exploitation Framework

kernelpop is a framework for performing automated kernel exploit enumeration on Linux, Mac, and Windows hosts. Requirements python3 Currently supported CVE's: CVE-2017-1000367 CVE-2017-1000112 CVE-2017-7308 CVE-2017-6074 CVE-2017-5123 CVE-2016-5195 CVE-2016-2384 CVE-2016-0728 CVE-2015-7547...

Trape - People tracker on the Internet (The evolution of phishing attacks) OSINT

Trape is a recognition tool that allows you to track people , the information you can get is very detailed. We want to teach the world through this, as large Internet companies could monitor you, obtaining information beyond your IP. Some benefits One of its most enticing functions is the remote...

Telnet IoT Honeypot - Python Telnet Honeypot For Catching Botnet Binaries

This project implements a python telnet server trying to act as a honeypot for IoT Malware which spreads over horribly insecure default passwords on telnet servers on the internet. Other than https://github.com/stamparm/hontel or https://github.com/micheloosterhof/cowrie examples, which provides...

HouseProxy - HTTP proxy focused on block phishing URL's

Protect your parents from phishing, HTTP proxy focused on block phishing URL's Install git clone https://github.com/mthbernardes/HouseProxy.git cd HouseProxy/ pip install -r requeriments.txt Config Edit etc/HouseProxy.conf to change de default user and password Create a entry in your DNS to...

nullinux - SMB null Session Identification and Enumeration Tool

nullinux is an internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB null sessions. Unlike many of the enumeration tools out there already, nullinux can enumerate multiple targets at once and when...

Phishruffus - Intelligent Threat Hunter And Phishing Servers

Phishruffus is a tool designed to identify threats and malicious DNS servers on the Internet that are used for the illicit practice of bank phishing. Usage: $ pip install -r requirements.txt $ ./phishruffus.py –listdns dnsservers.txt –timeout 5 Read more here. Download Phishruffus...

Diamorphine - LKM Rootkit for Linux Kernels 2.6.x/3.x/4.x

Diamorphine is a LKM rootkit for Linux Kernels 2.6.x/3.x/4.x Features When loaded, the module starts invisible; Hide/unhide any process by sending a signal 31; Sending a signal 63to any pid makes the module become invisible; Sending a signal 64to any pid makes the given user become root; Files or...

TROMMEL - Sift Through Directories of Files to Identify Indicators That May Contain Vulnerabilities

TROMMEL sifts through directories of files to identify indicators that may contain vulnerabilities. TROMMEL identifies the following indicators related to: Secure Shell SSH key files Secure Socket Layer SSL key files Internet Protocol IP addresses Uniform Resource Locator URL email addresses shel...

Hashcat v4.0 - World's Fastest and Most Advanced Password Recovery Utility

hashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable...

Lynis 2.5.7 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...