Browsing category
Enigma is a Multiplatform payload dropper. Run git clone https://github.com/UndeadSec/Enigma.git cd Enigma python enigma.py or python3 enigma3.py Prerequisites python 2.7 for enigma.py python 3.x for enigma.py metasploit Tested on Kali Linux – ROLLING EDITION Download Enigma Download WordPress Themes Premium WordPress Themes Download Download WordPress Themes Download Premium WordPress Themes Free online free course download huawei […]
A CMS Exploit Framework. Requirements python2.7 Works on Linux, Windows Usage usage: cmspoc.py [-h] -t TYPE -s SCRIPT -u URL optional arguments: -h, –help show this help message and exit -t TYPE, –type TYPE e.g.,phpcms -s SCRIPT, –script SCRIPT Select script -u URL, –url URL Input a target url Examples python cmspoc.py -t phpcms -s […]
CrunchRAT currently supports the following features: File upload File download Command execution It is currently single-threaded (only one task at a time), but multi-threading (or multi-tasking) is currently in the works. Additional features will be included at a later date. Server The server-side of the RAT uses PHP and MySQL. The server-side of the RAT […]
Evil-Droid is a framework that create & generate & embed apk payload to penetrate android platforms. Screenshot: Dependencies : 1 – metasploit-framework 2 – xterm 3 – Zenity 4 – Aapt 5 – Apktool 6 – Zipalign Download/Config/Usage: 1 – Download the tool from github git clone https://github.com/M4sc3r4n0/Evil-Droid.git 2 – Set script execution permission cd […]
This project implements a python telnet server trying to act as a honeypot for IoT Malware which spreads over horribly insecure default passwords on telnet servers on the internet. Other than https://github.com/stamparm/hontel or https://github.com/micheloosterhof/cowrie (examples), which provides full (via chroot) or simulated behaviour of a linux system this honeypots goal is just to collect statistics […]
Linux ELF x32 and x64 ASLR bypass exploit with stack-spraying. Properties: ASLR bypass Cross-platform Minimalistic Simplicity Unpatchable Dependencies: Linux 2.6.12+ – will work on any x86-64 Debian-based OS BASH – the whole script Limitations: Stack needs to be executable (-z execstack) Binary has to be exploited through arguments locally (not file, socket or input) No […]
A Simple tool for installing pentest tools and forensic tools on Debian / Ubuntu Based OS Tested on Linux Mint And Kali Linux How To Do ?? Change Your Privileges Terminal to Root Mode [email protected]:~$ sudo su And Then Clone This [email protected]:~# git clone https://github.com/Yukinoshita47/Pentest-Tools-Auto-Installer.git Get Inside Dir [email protected]:~# cd Pentest-Tools-Auto-Installer Give Chmod Access Level […]
There are some features that we think SQLMap should have. Like finding admin panel of the target, better hash cracking etc. If you think the same, SQLMate is for you. What it does? Feed it a SQL injection dork via –dork option and it will find vulnerable sites for you. After that, it will try […]
A script written lazily for generating reverse shell backdoors on the go whenever you need without any hassle for your daily penetration needs . These backdoors are not James Bond high tech stuff but rather simple ones to prevent over exploitation and limited capabilities Once you generate the payload somehow execute on the concerned system […]
Reptile is a LKM rootkit for evil purposes. If you are searching stuff only for study purposes, see the demonstration codes. Features Give root to unprivileged users Hide files and directories Hide files contents Hide processes Hide himself Boot persistence Heaven’s door – A ICMP/UDP port-knocking backdoor Client to knock on heaven’s door ? Install […]
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its also a great tool for experienced pentesters to use […]
Exploit Pack has been designed by an experienced team of software developers and exploit writers to automate processes so penetration testers can focus on what’s really important. The threat. This blend of software engineers and subject matter experts provides an unique advantage by combining technical know-how with true insight into the problem set, resulting in […]
A wrapper tool for shadowsocks to consistently bypass firewalls. Quick start Automatically connect The easiest way to run this tool is just type ssct in terminal, and ssct will acquire available shadowsocks servers from ishadowsocks and connect to it automatically. Connect to a specific server First, show all ss servers by –list option. ssct –list […]
subjack is a Hostile Subdomain Takeover tool written in Go designed to scan a list of subdomains concurrently and identify ones that are able to be hijacked. With Go’s speed and efficiency, this tool really stands out when it comes to mass-testing. Always double check the results manually to rule out false positives. Installing You […]
PowerSAP is a simple powershell re-implementation of popular & effective techniques of all public tools such as Bizploit, Metasploit auxiliary modules, or python scripts available on the Internet. This re-implementation does not contain any new or undisclosed vulnerability. PowerSAP allows to reach SAP RFC with .Net connector ‘NCo’. What is this repository for? Quick summary: […]
A slow data siphon for MySQL/MariaDB using bitwise operation on printable ASCII characters, via a blind-SQL injection. Usage USAGE: blisqy.py –server <Web Server> –port <port> –header <vulnerable header> –hvalue <header value> –inject <point of injection> –payload <custom sql payload> –dig <yes/no> –sleeptime <default 0.5> Options: -h, –help show this help message and exit –server=WEBSERVER Specify […]
Stealing desktop telegrams has never been so easy ! Set the email and sender details of the sender and recipient and send it to the victim after compiling. How do I use the session file? Delete everything inside folder at “C:UsersYourNameAppDataRoamingTelegram Desktoptdata” Then Replace Uncompressed files inside tdata folder who resiver from victim to your […]
LFiFreak is a tool for exploiting local file inclusions using PHP Input, PHP Filter and Data URI methods. Features Works with Windows, Linux and OS X Includes bind and reverse shell for both Windows and Linux Written in Python 2.7 Dependencies BeautifulSoup Download LFiFreak Download Premium WordPress Themes Free Premium WordPress Themes Download Download […]
Hey Guys, In this video i show you how to generate shellcodes and Backdoors using ShellSploit Framework and Kali Linux 2017.2. ShellSploit: https://github.com/vasco2016/shellsploit-framework Shellsploit let’s you generate customized shellcodes, backdoors, injectors for various operating system. And let’s you obfuscation every byte via encoders. Dependences root$ sudo pip install capstone root$ sudo pip install readline(Not necessary […]
Hey Guys, In this video i show you how to use PasteJacking to hack any operating system using PasteZort and Kali Linux 2017.1. PasteZort:https://github.com/ZettaHack/PasteZort Installation and Usage: git clone https://github.com/ZettaHack/PasteZort.git cd PasteZort && ls chmod +x PasteZ0rt.py encode.rb ./PasteZort.py What is Pastejacking? Nearly all browsers allow websites to run commands on the users’ computers. This […]
pythem is a multi-purpose pentest framework written in Python. It has been developed to be used by security researchers and security professionals. The tool intended to be used only for acts within the law. I am not liable for any undue and unlawful act practiced by this tool, for more information, read the license. Only […]