Browsing category
Syhunt ScanTools 6.0 adds advanced fingerprinting capabilities, enhanced spidering, injection and code scan capabilities, and a large number of improved checks. Adds the display of Hybrid, Dynamic and Code detailed scan statistics to the command-line tools. New fingerprinting capabilities – Because of the so many vulnerability checks and mutations added to this version, we developed an advanced […]
This tool is related to ACM CCS 2017 conference paper #124 Return of the Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli. It enables you to test public RSA keys for a presence of the described vulnerability. Update: The paper of the attack is already online, ACM version. Currently the tool supports the following […]
This small script will simulate fake processes of analysis, sandbox and/or VM software that some malware will try to avoid. You can download the original script (made by @x0rz ) in the orig directory. You can also download my slightly optimized script in the main directory. The file is named fsp.ps1. Script-Features Some (good) spyware […]
Faraday is the Integrated Multiuser Risk Environment you have always been looking for! It maps and leverages all the data you generate in real time, letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the risks and impacts and risks being assessed by the audit in real-time without a single email. Developed with a specialized […]
A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis. Also, the inspiration for another Android deobfuscator: Simplify. Before After sha1: a68d5d2da7550d35f7dbefc21b7deebe3f4005f3md5: 2dd2eeeda08ac8c15be8a9f2d01adbe8 Installation Step 1. Install Smali / Baksmali Since you’re an elite Android reverser, I’m sure you already have Smali and Baksmali on your path. If for some strange reason […]
Striker is an offensive information and vulnerability scanner. Features Just supply a domain name to Striker and it will automatically do the following for you: Check and Bypass Cloudflare Retrieve Server and Powered by Headers Fingerprint the operating system of Web Server Detect CMS (197+ CMSs are supported) Launch WPScan if target is using WordPress […]
nullinux is an internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB null sessions. Unlike many of the enumeration tools out there already, nullinux can enumerate multiple targets at once and when finished, creates a users.txt file of all users found on […]
TROMMEL sifts through directories of files to identify indicators that may contain vulnerabilities. TROMMEL identifies the following indicators related to: Secure Shell (SSH) key files Secure Socket Layer (SSL) key files Internet Protocol (IP) addresses Uniform Resource Locator (URL) email addresses shell scripts web server binaries configuration files database files specific binaries files (i.e. Dropbear, […]
cve-search is a tool to import CVE (Common Vulnerabilities and Exposures) and CPE (Common Platform Enumeration) into a MongoDB to facilitate search and processing of CVEs. The main objective of the software is to avoid doing direct and public lookup into the public CVE databases. This is usually faster to do local lookups and limits […]
Across the Internet, hundreds of thousands of sites rely on Google’s reCaptcha system for defense against bots (in fact, Devpost uses reCaptcha when creating a new account). After a Google research team demonstrated a near complete defeat of the text reCaptcha in 2012, the reCaptcha system evolved to rely on audio and image challenges, historically more difficult […]
Paskto will passively scan the web using the Common Crawl internet index either by downloading the indexes on request or parsing data from your local system. URLs are then processed through Nikto and known URL lists to identify interesting content. Hash signatures are also used to identify known default content for some IoT devices or […]
A Tool To Help You Manage Your Leaks Install sudo apt-get install mongodb-org screen pip3 install -r requeriments.txt Usage screen -S leakManager hug -f index.py -p 1337 OR gunicorn index:__hug_wsgi__ -b 0.0.0.0:1337 OR uwsgi –http 0.0.0.0:1337 –wsgi-file index.py –callable __hug_wsgi__ ctrl + a + d Change user/passwd edit etc/LeakManager.conf file MassInsert CSV Format email,username,password,database CSV […]
Burp Suite extension is able to find reflected XSS on page in real-time while browsing on web-site and include some features as: Highlighting of reflection in the response tab. Test which symbols is allowed in this reflection. Analyze of reflection context. Content-Type whitelist. How to use After plugin install you just need to start work […]
Bash script purposed for system enumeration, vulnerability identification and privilege escalation. MIDA Multitool draws functionality from several of my previous scripts namely SysEnum and RootHelper and is in many regards RootHelpers successor. Besides functionality from these two previous scripts it incorporates some of it’s own and as such aims to be a comprehensive assistant for […]
KRACK Detector is a Python script to detect possible KRACK attacks against client devices on your network. The script is meant to be run on the Access Point rather than the client devices. It listens on the Wi-Fi interface and waits for duplicate message 3 of the 4-way handshake. It then disconnects the suspected device, […]
Blazy is a modern login page bruteforcer. Features Easy target selections Smart form and error detection CSRF and Clickjacking Scanner Cloudflare and WAF Detector 90% accurate results Checks for login bypass via SQL injection Multi-threading 100% accurate results Better form detection and compatibility Requirements Beautiful Soup Mechanize Usages Open your terminal and enter git clone […]
Selenium powered Python script to automate searching the web for vulnerable applications. DorkNet can take a single dork or a list of dorks as arguments. After the proper command line arguments have been passed, the script will use Selenium and Geckodriver to find the results we want and save them to a textfile for further […]
cve-search is a tool to import CVE (Common Vulnerabilities and Exposures) and CPE (Common Platform Enumeration) into a MongoDB to facilitate search and processing of CVEs. The main objective of the software is to avoid doing direct and public lookup into the public CVE databases. This is usually faster to do local lookups and limits […]
CyberScan is an open source penetration testing tool that can analyse packets , decoding , scanning ports, pinging and geolocation of an IP including (latitude, longitude , region , country …) Operating Systems Supported Windows XP/7/8/8.1/10 GNU/Linux MacOSX Installation You can download CyberScan by cloning the Git repository: git clone https://github.com/medbenali/CyberScan.git cd CyberScan/ python CyberScan.py […]
ACLight is a tool for discovering privileged accounts through advanced ACLs (Access Lists) analysis. It includes the discovery of Shadow Admins in the scanned network. The tool queries the Active Directory (AD) for its objects’ ACLs and then filters and analyzes the sensitive permissions of each one. The result is a list of domain privileged […]
A virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages. First presented at SecTalks BNE in September 2017 (slidedeck). Key Benefits Quickly highlight unique content in catch-all scenarios Locate the outliers in catch-all scenarios where results have dynamic content on the page (such as the time) […]