Browsing category
LockDoor is a Framework aimed at helping penetration testers, bug bounty hunters And cyber security engineers. This tool is designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. But containing the favorite and the most used tools by Pentesters. As pentesters, most of us has his personal ‘ /pentest/ […]
Automate the automation with rebel framework. Install Rebel Framework git clone https://github.com/rebellionil/rebel-framework.git cd rebel-framework bash setup.sh bash rebel.sh MODULES SCREENSHOTS DEMOS SUPPORTED DISTRIBUTIONS Distribution Version Check supported dependencies already installed status Kali Linux 4.4.0 yes yes working Parrot OS 4.14.0 yes yes working PORT YOUR OWN TOOLS TO REBEL ! scan.py ┌─[root@parrot]─[~] └──╼ #python scan.py […]
APT Simulator is a Windows Batch script that uses a set of tools and output files to make a system look as if it was compromised. In contrast to other adversary simulation tools, APT Simulator is designed to make the application as simple as possible. You don’t need to run a web server, database or […]
Fudge is a Python3/Flask web-based C2 framework and Powershell implant designed to facilitate purple teaming activities, post-campaign review and timelining. Note: FudgeC2 is currently in alpha stage, and should be used with caution in non-test environments. Beta will be released at BlackHat Arsenal, the 8th of August 2019. Fudges’ inception is based on 3 main […]
The Infection Monkey is an open source security tool for testing a data center’s resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self propagate across a data center and reports success to a centralized Monkey Island server. The Infection Monkey is comprised of two parts: Monkey – A tool […]
Kaboom is a bash script that automates the first two phases of a penetration test. All informations collected are saved into a directory hierarchy very simple to browser (also in the case of multiple targets). Kaboom performs several tasks: Information Gathering Port scan (Nmap) Web resources enumeration (Dirb) Vulnerability assessment Web vulnerability assessment (Nikto – […]
EasySploit v3.1 (Linux) – Metasploit automation (EASIER and FASTER than EVER) Options: (1) Windows –> test.exe (payload and listener) (2) Android –> test.apk (payload and listener) (3) Linux –> test.py (payload and listener) (4) MacOS –> test.jar (payload and listener) (5) Web –> test.php (payload and listener) (6) Scan if a target is vulnerable to […]
On March 27 and 28, 2019, Paula presented Briefings and Arsenal sessions at Black Hat Asia 2019 in Singapore. CQURE Team has written over 200 hacking tools during penetration testing. They decided to choose the top 39 tools and pack them in a toolkit called CQTools. This toolkit allows you to deliver complete attacks within […]
Legion, a fork of SECFORCE’s Sparta, is an open source, easy-to-use, super-extensible and semi-automated network penetration testing framework that aids in discovery, reconnaissance and exploitation of information systems. Legion is developed and maintained by GoVanguard. Features Automatic recon and scanning with NMAP, whataweb, nikto, Vulners, Hydra, SMBenum, dirbuster, sslyzer, webslayer and more (with […]
Kaboom is a script that automates the penetration test. It performs several tasks for each phases of pentest: Information gathering [nmap-unicornscan] TCP scan UDP scan Vulnerability assessment [nmap-nikto-dirb-searchsploit-msfconsole] It tests several services: smb ssh snmp smtp ftp tftp ms-sql mysql rdp http https and more…It finds the CVEs and then searchs them on exploit-db or […]
Mec is a collection of hacking tools with a command line graphic user interface.Features an easy-to-use cli ui execute any adpated exploits with process-level concurrency some built-in exploits (automated) hide your ip addr using proxychains4 and ss-proxy (built-in) zoomeye host scan (10 threads) a simple baidu crawler (multi-threaded) censys host scan Getting started git clone […]
Jok3r is a Python3 CLI application which is aimed at helping penetration testers for network infrastructure and web black-box security tests. Its main goal is to save time on everything that can be automated during network/web pentest in order to enjoy more time on more interesting and challenging stuff. To achieve that, it combines open-source […]
A penetration testing framework for Linux and Windows systems. What is DarkSpiritz? Created by the SynTel Team it was a project of one of the owners to update and clean-up an older pentesting framework he had created to something updated and modern. DarkSpiritz is a re-vamp of the very popular framework known as “Roxysploit”. You […]
Exploit Pack contains a full set of 38000+ exploits, you can be sure that your next pentest will become unstoppable. All operating systems are supported as targets, including: Windows, Linux, Unix, Minix, SCO, Solaris, OSX, etc. and even mobile and web platforms. Exploit Pack is an integrated environment for performing and conducting professional penetration tests. […]
Laforge enables rapid development of infrastructure for the purpose of information security competitions. Using a simple and intuitive configuration language, Laforge manages a dependency graph and state management and allows for highly productive remote collaboration. The Laforge engine uses a custom loader to do multi-dimensional, non-destructive configuration overlay. A good analogy to this is Docker […]
TIDoS Framework is a comprehensive web-app audit framework. Highlights :- The main highlights of this framework is: TIDoS Framework now boasts of a century+ of modules. A complete versatile framework to cover up everything from Reconnaissance to Vulnerability Analysis. Has 5 main phases, subdivided into 14 sub-phases consisting a total of 104 modules. Reconnaissance Phase […]
As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets can be collected automatically through Shodan, Censys or Zoomeye. But options to add your custom targets and host lists have been included as well. The available Metasploit modules have been selected to facilitate Remote Code Execution and to attempt to […]
DELTA is a penetration testing framework that regenerates known attack scenarios for diverse test cases. This framework also provides the capability of discovering unknown security problems in SDN by employing a fuzzing technique. Agent-Manager is the control tower. It takes full control over all the agents deployed to the target SDN network. Application-Agent is a […]
We create a way to automate doing the window sticky keys hack from a bootable USB. Then, we automate getting as many saved passwords as possible, drop a listener, and delete all traces that we were there.. All without being detected by antivirus, we should add a mimikittenz option if the computer was found running […]
Trity is an advanced pentesting framework dedicated to everything from vulnerability testing to cryptography. Installation & Usage In order to install this program, it is crucial that you are on a Linux-based distro, preferably Kali-Linux or BackBox. First, git clone. git clone https://github.com/toxic-ig/Trity.git Change directory, and then run the installer script (Must be root or […]
DeepExploit is fully automated penetration tool linked with Metasploit. It identifies the status of all opened ports on the target server and executes the exploit at pinpoint using Machine Learning. DeepExploit consists of the machine learning model (A3C) and Metasploit. The A3C executes exploit to the target servers via RPC API. The A3C is developped by Keras and Tensorflow […]