Browsing category
A stealthy Python based backdoor that uses Gmail as a command and control server. Requirements A Gmail account (Use a dedicated account! Do not use your personal one!) Turn on “Allow less secure apps” under the security settings of the account This repo contains two files: gcat.py a script that’s used to enumerate and issue […]
A tool that transforms Firefox Browsers into a penetration testing suite How ? It downloads the most important extensions, and install it on your browser. The used extensions has been chosen by a survey among the information security community. Based on it’s results, Firefox Security Toolkit was made. Also, it allows you to download Burp […]
Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship almost anywhere you go and on any computer but leaving no trace unless you ask it to explicitly. It is a complete operating system designed to be used from a DVD, […]
bt2 is a Python-based backdoor in form of a IM bot that uses the infrastructure and the feature-rich bot API provided by Telegram, slightly repurposing its communication platform to act as a C&C. Dependencies Telepot requests Installation $ sudo pip install telepot $ sudo pip install requests PS: Telepot requires minimum of requests 2.9.1 to […]
Intercepter-NG is a multifunctional network toolkit for various types of IT specialists. It has functionality of several famous separate tools and more over offers a good and unique alternative of Wireshark for android. The main features are: Network discovery with OS detection Network traffic analysis Passwords recovery Files recovery WARNING! You need ROOT access (SUPERSU ONLY) […]
The WarBerry was built with one goal in mind; to be used in red teaming engagement where we want to obtain as much information as possible in a short period of time with being as stealth as possible. Just find a network port and plug it in. The scripts have been designed in a way […]
Shellsploit let’s you generate customized shellcodes, backdoors, injectors for various operating system and let’s you obfuscate every byte via encoders. Install/Uninstall If you want to use Shellsploit, you have to install Capstone first. For the Capstone’s installation: root$ sudo pip install capstone Also pyreadline for tab completion: root$ sudo pip install readline (Not necessary for […]
SpiderFoot is an open source intelligence automation tool. Its goal is to automate the process of gathering intelligence about a given target. Purpose There are three main areas where SpiderFoot can be useful: If you are a pen-tester, SpiderFoot will automate the reconnaisance stage of the test, giving you a rich set of data to […]
WiFi-Pumpkin is a security tool that provides the Rogue access point to Man-In-The-Middle and network attacks. Installation Kali 2.0/WifiSlax 4.11.1/Parrot 2.0.5 Python 2.7 git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git cd WiFi-Pumpkin chmod +x installer.sh ./installer.sh –install refer to the wiki for Installation Features Rogue Wi-Fi Access Point Deauth Attack Clients AP Probe Request Monitor DHCP Starvation Attack Credentials […]
CJExploiter is drag and drop ClickJacking exploit development assistance tool. First open the “index.html” with your browser locally and enter target URL and click on “View Site”. You can dynamically create your own inputs. Finally by click the “Exploit It” you can see the P0C. Summary Clickjacking, also known as a “UI redress attack”, is […]
A tool to retrieve IP Geolocation information Powered by ip-api Requirements Python 3.x Features Retrieve IP or Domain Geolocation. Retrieve your own IP Geolocation. Retrieve Geolocation for IPs or Domains loaded from file. Each target in new line. Define your own custom User Agent string. Select random User-Agent strings from file. Each User Agent string […]
Litesploit is a library and intepreter for penetration testing tools. This includes exploits, tools and litepreter. Litesploit support for Linux like ubuntu or debian, and more distro penetration testing like BackBox and Kali Linux Platform Support Linux Ubuntu Yes Linux Debian Yes Microsoft Windows No Installation Requirements PHP 5 or higher GCC Zephir […]
Spooftooph is designed to automate spoofing or cloning Bluetooth device Name, Class, and Address. Cloning this information effectively allows Bluetooth device to hide in plain site. Bluetooth scanning software will only list one of the devices if more than one device in range shares the same device information when the devices are in Discoverable Mode […]
CANToolz is a framework for analysing CAN networks and devices. This tool based on different modules which can be assembled in pipe together and can be used by security researchers and automotive/OEM security testers for black-box analysis and etc. You can use this software for ECU discovery, MITM testing, fuzzing, bruteforcing, scanning or R&D testing […]
PenQ is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre-configured with security tools for spidering, advanced web searching, fingerprinting, anonymous browsing, web server scanning, fuzzing, report generating and many more. PenQ is not just a mix of addons but it comes preconfigured with some very powerful open […]
Whitewidow is an open source automated SQL vulnerability scanner, that is capable of running through a file list, or can scrape Google for potential vulnerable websites. It allows automatic file formatting, random user agents, IP addresses, server information, multiple SQL injection syntax, and a fun environment. This program was created for learning purposes, and is […]
Virtual Private Networks (vpn) create an encrypted ‘tunnel’ between your computer and the host server, with the internet traffic going in and out of the host server. Your ISP or government can only see that you have connected to the VPN server and nothing else – your activities, IP addresses you have visited etc. are […]
BlackArch Linux version 2016.04.28 released for ethical hackers and security researchers with 1400 pentesting tools If you are an ethical hacker or a security researcher, this news will undoubtedly interest you. The BlackArch Linux devs have released-the new ISO image of the Arch Linux-based operating system designed for designed specially for hackers and security professionals. After being […]
WhatsSpy Public is an web-oriented application that tracks every move of whoever you like to follow. This application is setup as an Proof of Concept that Whatsapp is broken in terms of privacy. Once you’ve setup this application you can track users that you want to follow on Whatsapp. Once it’s running it keeps track […]
Sidedoor maintains a reverse tunnel to provide a backdoor. sidedoor can be used to remotely control a device behind a NAT. Sidedoor is packaged for Debian-based systems with systemd or upstart. It has been used on Debian 8 (jessie) and Ubuntu 14.04 LTS (trusty). The sidedoor user has full root access configured in /etc/sudoers.d. If […]
The purpose of this tool is to make you a better onion service provider. You owe it to yourself and your users to ensure that attackers cannot easily exploit and de-anonymize. Go Dependencies h12.me/socks – For the Tor SOCKS Proxy connection. github.com/xiam/exif – For EXIF data extraction. github.com/mvdan/xurls – For some URL parsing. OS Package […]