Browsing category
REST API penetration testing is complex due to continuous changes in existing APIs and newly added APIs. Astra can be used by security engineers or developers as an integral part of their process, so they can detect and patch vulnerabilities early during development cycle. Astra can automatically detect and test login & logout (Authentication API), […]
GyoiThon is a growing penetration test tool using Deep Learning. Deep Learning improves classification accuracy in proportion to the amount of learning data. Therefore, GyoiThon will be taking in new learning data during every scan. Since GyoiThon uses various features of software included in HTTP response as learning data, the more you scan, the more […]
ODIN [ Observe, Detect, and Investigate Networks ] is a Python tool for automating intelligence gathering, testing and reporting. ODIN is still in active development. ODIN is designed to be run on Linux. About 90% of it will absolutely work on Windows or MacOS with Python 3 and a copy of urlcrazy, but `extract`, used […]
InfernalWireless is a Python-based automated wireless hacking tool. Usage: python InfernalWireless.py Features: GUI Wireless security assessment SUIT WPA2 hacking WEP Hacking WPA2 Enterprise hacking Wireless Social Engineering SSL Strip Report generation PDF Report HTML Report Note taking function Data is saved into Database Network mapping MiTM Probe Request Menu to retrieve logs BeeF XSS framework […]
Automates network attacks against Active Directory to deliver you piping hot plaintext credentials when you’re inside the network but outside of the Active Directory environment. Performs 5 different network attacks for plaintext credentials as well as hashes. Autocracks hashes found with JohnTheRipper and the top 10 million most common passwords. RID cycling Uses Nmap to […]
As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets are collected automatically as well by employing the Shodan.io API. The program allows the user to enter their platform specific search query such as; Apache, IIS, etc, upon which a list of candidates will be retrieved. After this operation has been completed […]
Sn1per is an automated pentest recon scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Features: Automatically collects basic recon (ie. whois, ping, DNS, etc.) Automatically launches Google hacking queries against a target domain Automatically enumerates open ports via NMap port scanning Automatically brute forces sub-domains, gathers DNS info […]
The LAZY script will make your life easier, and of course faster by launching and installing any tool. Custom keyboard shortcuts!! Launch any tool within lscript , with your own shortcuts!!! (type ks to set your shortcuts) Enabling-Disabling interfaces faster Changing Mac faster Anonymizing yourself faster View your public IP faster View your MAC faster […]
Yuki Chan is an Automated Penetration Testing tool this tool will audit all standard security methods for you. WARNING By using this tool you agree that use for legitimate security testing not for crime the use of this tool solely for educational reasons only By using this tool you agree that You are willing to […]
SecLists is a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and much more. The goal is to enable a security tester to pull this repo onto a new testing box and have access to every […]
Now you can say “Alexa, hacker mode!” and ask her a series of questions about encodings, command line help for programs like Metasploit(tm), Nmap, NetCat. Like: “How do you do a services fingerprint scan with Nmap?” Or “What is the HTML encoding for double-quote?” etc. The app will be submitted for free public use, but […]
SPARTA is a python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. It allows the tester to save time by having point-and-click access to his toolkit and by displaying all tool output in a convenient way. If little time is spent setting up commands […]
Nozes is a Pentest cmd manager. You can automate your pentest attacks in one click and get results. Read the docs: https://github.com/CoolerVoid/nozes/blob/master/doc/nozes_apresentation1.pdf Install To install: Need: * httpd server with TLS/SSL * SQLite3 * php5 and php5-sqlite and PDO driver of sqlite I test at nginx + php + fastcgi.. 1-step $ git clone https://github.com/CoolerVoid/nozes […]
This tool will perform an NMap scan, or import the results of a scan from Nexpose, Nessus, or NMap. The processesd results will be used to launch exploit and enumeration modules according to the configurable Safe Level and enumerated service information. All module results are stored on localhost and are part of APT2’s Knowledge Base […]