InfectPE - Inject Custom Code into PE File

Using this tool you can inject x-code/shellcode into PE file. InjectPE works only with 32-bit executable files. Why you need InjectPE? You can test your security products. Use in a phishing campaign. Learn how PE injection works. ...and so on. In the project, there is hardcoded x-code of...

Kali Linux 2017.1 Release

As with all new releases, you have the common denominator of updated packages, an updated kernel that provides more and better hardware support, as well as a slew of updated tools – but this release has a few more surprises up its sleeve. Support for RTL8812AU Wireless Card Injection These driver...

WPSeku - Simple Wordpress Security Scanner

WPSeku is a black box WordPress vulnerability scanner that can be used to scan remote WordPress installations to find security issues. Usage | | \ \ /\ / / ' / |/ \ |/ / | | | \ V V /| | \ \ / | || | // | ./|/||\,| || -- WPSeku - Wordpress Security Scanner -- WPSeku - v0.1.0 -- Momo Outaadi...

PowerMeta - PowerShell Script to Search Publicly Files for a Particular Domain and Get the Associated MetaData

PowerMeta searches for publicly available files hosted on various websites for a particular domain by using specially crafted Google, and Bing searches. It then allows for the download of those files from the target domain. After retrieving the files, the metadata associated with them can be...

Blindy - Simple Script for running BruteForce Blind MySql Injection

Simple script for running bruteforce blind MySql injection The script will run through queries listed in sets in provided file default-queries.json as default and try to bruteforce places with placeholder. If no placeholder present, the script will simply make request with current query. command...

DBShield - Database Firewall Written In Go

Protects your data by inspecting incoming queries from your application server and rejecting abnormal ones. How it works? For example, this is how web server normally interacts with database server: By adding DBShield in front of database server we can protect it against abnormal queries. To dete...

Truehunter - Tool to detect TrueCrypt containers

The goal of Truehunter is to detect TrueCrypt containers using a fast and memory efficient approach. It was designed as a PoC some time ago as I couldn't find any open source tool with the same functionality. Installation Just use with Python 2.7, it does not need any additional libraries. usage:...

MultiScanner - Modular File Scanning/Analysis Framework

MultiScanner is a file analysis framework that assists the user in evaluating a set of files by automatically running a suite of tools for the user and aggregating the output. Tools can be custom built python scripts, web APIs, software running on another machine, etc. Tools are incorporated by...

Ad-LDAP-Enum - Active Directory LDAP Enumerator

ad-ldap-enum is a Python script that was developed to discover users and their group memberships from Active Directory. In large Active Directory environments, tools such as NBTEnum were not performing fast enough. By executing LDAP queries against a domain controller, ad-ldap-enum is able to...

TaBi - Track BGP Hijacks

Developed since 2011 for the needs of the French Internet Resilience Observatory , TaBi is a framework that ease the detection of BGP IP prefixes conflicts, and their classification into BGP hijacking events. The term prefix hijacking refers to an event when an AS, called an hijacking AS ,...

BeRoot - Windows Privilege Escalation Tool

BeRoots is a post exploitation tool to check commun Windows misconfigurations to find a way to escalate our privilege. A compiled version is available here. It will be added to the pupy project as a post exploitation module so it will be executed all in memory without touching the disk. Except on...

Evilginx - MITM Attack Framework [Advanced Phishing With Two-factor Authentication Bypass]

Evilginx is a man-in-the-middle attack framework used for phishing credentials and session cookies of any web service. It's core runs on Nginx HTTP server, which utilizes proxypass and subfilter to proxy and modify HTTP content, while intercepting traffic between client and server. You can learn...

ShodanHat - Search For Hosts Info With Shodan

Search For Hosts Info With Shodan. Dependencies You need to install shodan with pip install shodan or easyinstall shodan. You need to install python-nmap with pip install python-nmap. You need to set your API Key in the 'constantes.py' file. Options -h, --help show this help message and exit -i I...

shARP - anti-ARP-spoofing application software and uses active scanning method to detect any ARP-spoofing incidents

ARP spoofing allows an attacker to intercept data frames on a network, modify the traffic, or stop all traffic. Often the attack is used as an opening for other attacks, such as denial of service, man in the middle, or session hijacking attacks.Our anti- ARP spoofing program, shARP detects the...

pwdlyser - Python-based CLI Password Analyser (Reporting Tool)

The 'pwdlyser' tool is a Python-based CLI script that automates the arduous process of manually reviewing cracked passwords during password audits following security assessments or penetration tests. There are likely some false positives/negatives, so please use at your own discretion. Installati...

HashPump - A Tool To Exploit The Hash Length Extension Attack In Various Hashing Algorithms

A tool to exploit the hash length extension attack in various hashing algorithms. Currently supported algorithms: MD5, SHA1, SHA256, SHA512. Help Menu $ hashpump -h HashPump -h help -t test -s signature -d data -a additional -k keylength HashPump generates strings to exploit signatures vulnerable...

Mousejack Transmit - Wireless Mouse/Keyboard Attack With Replay/Transmit PoC

This is code extending the mousejack tools https://github.com/RFStorm/mousejack. Replay/transmit tools have been added to the original tools. POC packets based on a Logitech Wireless Combo MK220 which consists of a K220 wireless keyboard and an M150 wireless mouse are included in the logs folder...

PoshC2 - Powershell C2 Server and Implants

PoshC2 is a proxy aware C2 framework written completely in PowerShell to aid penetration testers with red teaming, post-exploitation and lateral movement. The tools and modules were developed off the back of our successful PowerShell sessions and payload types for the Metasploit Framework...

ssh_scan - A prototype SSH Configuration and Policy Scanner

A SSH configuration and policy scanner Key Benefits Minimal Dependancies - Uses native Ruby and BinData to do its work, no heavy dependancies. Not Just a Script - Implementation is portable for use in another project or for automation of tasks. Simple - Just point sshscan at an SSH service and...

Nix-Auditor - Nix Audit Made Easier

A script to audit linux and unix distributions based mainly on the CIS standards and universal linux hardening guidelines. The value it brings to your auditing set of tools is: Speed - one can audit OS in less than 120 seconds and get report Accuracy - tested on CentOS and RedHat with 100% accura...

Securitybot - Distributed alerting for the masses!

Distributed alerting for the masses! Securitybot is an open-source implementation of a distributed alerting chat bot, as described in Ryan Huber's blog post. Distributed alerting improves the monitoring efficiency of your security team and can help you catch security incidents faster and more...

oletools - Tools to analyze MS OLE2 files and MS Office documents, for malware analysis, forensics and debugging

oletools is a package of python tools to analyze Microsoft OLE2 files also called Structured Storage, Compound File Binary Format or Compound Document File Format, such as Microsoft Office documents or Outlook messages, mainly for malware analysis, forensics and debugging. It is based on the...

Sherlock - Tool to find missing Windows patches for Local Privilege Escalation Vulnerabilities

PowerShell script to quickly find missing Microsoft patches for local privilege escalation vulnerabilities. Currently looks for: MS10-015 : User Mode to Ring KiTrap0D MS10-092 : Task Scheduler MS13-053 : NTUserMessageCall Win32k Kernel Pool Overflow MS13-081 : TrackPopupMenuEx Win32k NULL Page...

netattack - Scan and Attack Wireless Networks

The netattack.py is a python script that allows you to scan your local area for WiFi Networks and perform deauthentification attacks. The effectiveness and power of this script highly depends on your wireless card. USAGE EASY SCANNING FOR WIFI NETWORKS python netattack.py -scan -mon This example...

morty - Privacy aware web content sanitizer proxy as a service

Web content sanitizer proxy as a service. Morty rewrites web pages to exclude malicious HTML tags and attributes. It also replaces external resource references to prevent third party information leaks. The main goal of morty is to provide a result proxy for searx , but it can be used as a...

EaST - Exploits and Security Tools Framework

Pentest framework environment is the basis of IT security specialist’s toolkit. This software is essential as for learning and improving of knowledge in IT systems attacks and for inspections and proactive protection. The need of native comprehensive open source pen test framework with high level...

nRF24 Playset - Software tools for Nordic Semiconductor nRF24-based Devices like Wireless Keyboards, Mice, and Presenters

The nRF24 Playset is a collection of software tools for wireless input devices like keyboards, mice, and presenters based on Nordic Semiconductor nRF24 transceivers, e.g. nRF24LE1 and nRF24LU1+. All software tools support USB dongles with the nrf-research-firmware by the Bastille Threat...

DNSControl - Synchronize your DNS to multiple providers from a simple DSL

DNSControl is a system for maintaining DNS zones. It has two parts: a domain specific language DSL for describing DNS zones plus software that processes the DSL and pushes the resulting zones to DNS providers such as Route53, CloudFlare, and Gandi. It can talk to Microsoft ActiveDirectory and it...

WPForce - Wordpress Attack Suite

WPForce is a suite of Wordpress Attack tools. Currently this contains 2 scripts - WPForce, which brute forces logins via the API, and Yertle, which uploads shells once admin credentials have been found. Yertle also contains a number of post exploitation modules. For more information, visit the bl...

Exploit Database - The official Exploit Database Repository

The Exploit Database is an archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. Its aim is to serve as the most comprehensive collection of exploits gathered through direct submissions, mailing lists, and other...

Radio Hack Box - Tool to Demonstrate Vulnerabilities in Wireless Input Devices

The SySS Radio Hack Box is a proof-of-concept software tool to demonstrate the replay and keystroke injection vulnerabilities of the wireless keyboard Cherry B.Unlimited AES. Requirements Raspberry Pi Raspberry Pi Radio Hack Box shield a LCD, some LEDs, and some buttons nRF24LU1+ USB radio dongle...

Lynis 2.4.7 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

DblTekGoIPPwn - Tool to check if an IP of a DblTek GoIP is vulnerable to a challenge-response login system, execute remote commands botnet style, and generate responses to challenges

Tool to exploit challenge response system in vulnerable DblTek GoIP devices. Can generate responses to specified challenges, test hosts for the vulnerability, run commands on vulnerable hosts, and drop into a root shell on any vulnerable host. The Vulnerability On March 2nd, 2017, Trustwave...

wuzz - Interactive CLI Tool for HTTP Inspection

Interactive cli tool for HTTP inspection Wuzz command line arguments are similar to cURL's arguments, so it can be used to inspect/modify requests copied from the browser's network inspector with the "copy as cURL" feature. Installation and usage $ go get github.com/asciimoo/wuzz $...

inquisitor - OSINT Gathering Tool for Companies and Organizations

Inquisitor is a simple for gathering information on companies and organizations through the use of Open Source Intelligence OSINT sources. The key features of Inquisitor include: 1. The ability to cascade the ownership label of an asset e.g. if a Registrant Name is known to belong to the target...

mosh - Mobile Shell replacement for SSH (more robust and responsive, especially over Wi-Fi, cellular, and long-distance links)

Mosh is a remote terminal application that supports intermittent connectivity, allows roaming, and provides speculative local echo and line editing of user keystrokes. It aims to support the typical interactive uses of SSH, plus: Mosh keeps the session alive if the client goes to sleep and wakes ...

droopescan - A plugin-based scanner that aids security researchers in identifying issues with several CMSs (Drupal, Silverstripe & Wordpress)

A plugin-based scanner that aids security researchers in identifying issues with several CMS: Drupal. SilverStripe. Wordpress. Partial functionality for: Joomla version enumeration and interesting URLs only. Moodle identification doesn't work yet. You need to force 'scan moodle'...

FalconGate - A smart gateway to stop hackers and Malware attacks

A smart gateway to stop hackers, Malware and more... Motivation Cyber attacks are on the raise. Hacker and cyber criminals are continuously improving their methods and building new tools and Malware with the purpose of hacking your network, spying on you and stealing valuable data. Recently a new...

Faraday v2.4 - Collaborative Penetration Test and Vulnerability Management Platform

Faraday is the Integrated Multiuser Risk Environment you were looking for! It maps and leverages all the knowledge you generate in real time, letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the impact and risk being assessed by the audit in real-time...

ooniprobe - Measure Internet Censorship & Speed

Interested in collecting evidence of Internet censorship? Curious about the speed and performance of the network that you are using? By running the tests in this app, you will examine the following: Blocking of websites Presence of systems that could be responsible for censorship and/or...

Dr0p1t-Framework 1.2 - A Framework That Creates An Advanced FUD Dropper With Some Tricks

Have you ever heard about trojan droppers ? In short dropper is type of trojans that downloads other malwares and Dr0p1t gives you the chance to create a dropper that bypass most AVs and have some tricks ; Features Framework works with Windows and Linux Download executable on target system and...

PloitKit - The Hacker's ToolBox

PloitKit is a Python based GUI tool designed as one-stop for all other softwares. I was facing these kinds of problem, when I need to switch to different system, or I lost my pen-drive. I have to go to google, and search every tool and download every tool and so on. So I decided to create a tool,...

gdbgui - A browser-based frontend/gui for GDB

A modern, browser-based frontend to gdb gnu debugger. Add breakpoints, view stack traces, and more in C, C++, Go, and Rust! Simply run gdbgui from the terminal and a new tab will open in your browser. Install sudo pip install gdbgui --upgrade Since gdbgui is under active development, consider...

squidmagic - Analyze a Web-Based Network Traffic to Detect Central Command and Control (C&C) Servers and Malicious Site

squidmagic is a tool designed to analyze a web-based network traffic to detect central command and control C&C servers and Malicious site, using Squid proxy server and Spamhaus. usage squidmagic python squidmagic.py /var/log/squid3/access.log | | | | / |/ | | | | |/ | ' \ / |/ | |/ | \ \ | | || |...

Struts2Shell - Interactive Shell Command to Exploit Apache Struts CVE-2017-5638

Improves manipulation and sending commands to the vulnerable Apache Struts server using a shell. Usage: python Struts2Shell.py Download Struts2Shell...

SSLsplit - transparent SSL/TLS interception

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. It is intended to be useful for network forensics, application security analysis and penetration testing. SSLsplit is designed to transparently terminate connections that are redirected to it using a...

BrainDamage - A fully featured backdoor that uses Telegram as a C&C server

A python based backdoor which uses Telegram as C&C server. /\ /.\ ,.-'/ ",'-., -^ /-^: | \ | \ | | | | | | | | Coded by: Mehul [email protected] -- Github: https://github.com/mehulj94 -- Twitter: https://twitter.com/wayfarermj -- For windows only | | | | | | | | | / / | | | | | '/ / |...

HatCloud - Tool for identify real IP of CloudFlare (Bypass CloudFlare)

HatCloud build in Ruby. It makes bypass in CloudFlare for discover real IP. This can be useful if you need test your server and website. Testing your protection against Ddos Denial of Service or Dos. CloudFlare is services and distributed domain name server services, sitting between the visitor a...

strutszeiro - Telegram Bot to manage botnets created with struts vulnerability (CVE-2017-5638)

Telegram Bot to manage botnets created with struts vulnerabilityCVE-2017-5638 Dependencies pip install -r requeriments.txt Config Create a telegram bot, save the API token in config/token.conf Create a telegram group, save the group id in config/group.conf Start python strutszeiro.py Telegram Usa...

struts-pwn - An exploit for Apache Struts CVE-2017-5638

An exploit for Apache Struts CVE-2017-5638 Usage Testing a single URL. python struts-pwn.py --url 'http://example.com/struts2-showcase/index.action' -c 'id' Testing a list of URLs. python struts-pwn.py --list 'urls.txt' -c 'id' Checking if the vulnerability exists against a single URL. python...