Browsing category
shimit is a python tool that implements the Golden SAML attack. python .shimit.py -h usage: shimit.py [-h] -pk KEY [-c CERT] [-sp SP] -idp IDP -u USER [-reg REGION] [–SessionValidity SESSION_VALIDITY] [–SamlValidity SAML_VALIDITY] -n SESSION_NAME -r ROLES -id ARN [-o OUT_FILE] [-l LOAD_FILE] [-t TIME] ██╗ ███████╗██╗ ██╗██╗███╗ ███╗██╗████████╗ ██╗ ██╗ ██╔╝ ██╔════╝██║ ██║██║████╗ ████║██║╚══██╔══╝ ██╔╝ […]
Defeating Google’s audio reCaptcha system with 85% accuracy. Inspiration Across the Internet, hundreds of thousands of sites rely on Google’s reCaptcha system for defense against bots (in fact, Devpost uses reCaptcha when creating a new account). After a Google research team demonstrated a near complete defeat of the text reCaptcha in 2012, the reCaptcha system […]
This version of the application is written with Python programming language,which is used to crack the Restriction PassCode of iphone/ipad. Brute Force Get the Base64 key and salt from the backup file in Computer. Decode the Base64 key and salt. Try from 1 to 9999 to with the pbkdf2-hmac-sha1 hash with passlib (passlib moudle need […]
Instagram-Py is a simple python script to perform basic brute force attack against Instagram , this script can bypass login limiting on wrong passwords , so basically it can test infinite number of passwords. Instagram-Py is proved and can test over 6M passwords on a single instagram account with less resource as possible This script […]
Relayer is an SMB relay Attack Script that automates all the necessary steps to scan for systems with SMB signing disabled and relaying authentication request to these systems with the objective of gaining a shell. Great when performing Penetration testing. Relayer makes use of Unicorn from trustedsec to create the payload that is executed on […]
Tools for generating usernames when penetration testing. Usernames are half the password brute force problem. This is useful for user account/password brute force guessing and username enumeration when usernames are based on the users’ names. By attempting a few weak passwords across a large set of user accounts, user account lockout thresholds can be avoided. […]
BruteSpray takes nmap GNMAP/XML output and automatically brute-forces services with default credentials using Medusa. BruteSpray can even find non-standard ports by using the -sV inside Nmap. Installation pip install -r requirements.txt On Kali: apt-get install brutespray Usage First do an nmap scan with -oG nmap.gnmap or -oX nmap.xml. Command: python brutespray.py -h Command: python brutespray.py –file nmap.gnmap […]
Invoke-PSImage takes a PowerShell script and embeds the bytes of the script into the pixels of a PNG image. It generates a oneliner for executing either from a file of from the web (when the -Web flag is passed). The least significant 4 bits of 2 color values in each pixel are used to hold […]
XAttacker is a Website Vulnerability Scanner & Auto Exploiter developed by Mohamed Riahi Auto Cms Detect [1] WordPress : [+] Adblock Blocker [+] WP All Import [+] Blaze [+] Catpro [+] Cherry Plugin [+] Download Manager [+] Formcraft [+] levoslideshow [+] Power Zoomer [+] Gravity Forms [+] Revslider Upload Shell [+] Revslider Dafece Ajax [+] […]
The macro_pack is a tool used to automatize obfuscation and generation of MS Office documents for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify antimalware solutions bypass and automatize the process from vba generation to final Office document generation. It is very simple to use: No configuration Everything can be […]
Invoke-MacroCreator is a powershell Cmdlet that allows for the creation of an MS-Word document embedding a VBA macro with various payload delivery and execution capabilities. Description Basically the script supports three types of payload that you MUST specify using the -t argument: shellcode: any raw shellcode (for instance created with msfvenom). The shellcode is loaded into memory then […]
A FrameWork For NoSQL Scanning and Exploitation Framework Authored By Francis Alexander. Added Features: First Ever Tool With Added Support For Mongo,Couch,Redis,H-Base,Cassandra Support For NoSQL WebAPPS Added payload list for JS Injection,Web application Enumeration. Scan Support for Mongo,CouchDB and Redis Dictionary Attack Support for Mongo,Cocuh and Redis Enumeration Module added for the DB’s,retrieves data in […]
JexBoss is a tool for testing and exploiting vulnerabilities in JBoss Application Server and others Java Platforms, Frameworks, Applications, etc. Requirements Python >= 2.7.x urllib3 ipaddress Installation on LinuxMac To install the latest version of JexBoss, please use the following commands: git clone https://github.com/joaomatosf/jexboss.git cd jexboss pip install -r requires.txt python jexboss.py -h python jexboss.py […]
Have you ever heard about trojan droppers ? In short dropper is type of malware that downloads other malwares and Dr0p1t gives you the chance to create a stealthy dropper that bypass most AVs and have a lot of tricks. Features+ Generated executable properties: The executable size is smaller compared to other droppers generated the […]
XSSSNIPER is an handy xss discovery tool with mass scanning functionalities. Usage: Usage: xsssniper.py [options] Options: -h, –help show this help message and exit -u URL, –url=URL target URL –post try a post request to target url –data=POST_DATA post data to use –threads=THREADS number of threads –http-proxy=HTTP_PROXY scan behind given proxy (format: 127.0.0.1:80) –tor scan […]
Amber is a proof of concept packer, it can pack regularly compiled PE files into reflective PE files that can be used as multi stage infection payloads. If you want to learn the packing methodology used inside the Amber check out below. PS: This is not a complete tool some things may break so take […]
Advanced Telegram Desktop Session Hijacker! Stealing desktop telegrams has never been so easy ! Set the email and sender details of the sender and recipient and send it to the victim after compiling. How do I use the session file? Delete everything inside folder at “C:UsersYourNameAppDataRoamingTelegram Desktoptdata” Then Replace Uncompressed files inside tdata folder who […]
A proof-of-concept tool for generating payloads that exploit unsafe .NET object deserialization. Description ysoserial.net is a collection of utilities and property-oriented programming “gadget chains” discovered in common .NET libraries that can, under the right conditions, exploit .NET applications performing unsafe deserialization of objects. The main driver program takes a user-specified command and wraps it in […]
Written by Amit Serper, @0xAmit DDEtector is a simple DDE object detector written in python Currently supports only word DOCX and legacy DOC files Prints the contents of the DDE payloads (Note: In some cases DDEtect won’t print the entire DDE payload. I’m working on writing a better matching algorithm) More features coming soon… Running […]
Excalibur is an Eternalblue exploit based “Powershell” for the Bashbunny project. It’s purpose is to reflect on how a “simple” USB drive can execute the 7 cyber kill chain. Excalibur may be used only for demostrations purposes only, and the developers are not responsible to any misuse or illeagal usage. What does it do? When […]
SpookFlare has a different perspective to bypass security measures and it gives you the opportunity to bypass the endpoint countermeasures at the client-side detection and network-side detection. SpookFlare is a loader generator for Meterpreter Reverse HTTP and HTTPS stages. SpookFlare has custom encrypter with string obfuscation and run-time code compilation features so you can bypass […]