Cybercriminals execute malware attacks using different attack vectors and using different methods. The number of malware strains is increasing in an unprecedented manner and hence malware analysis today is not an easy job. In the present context, automated malware analysis is a necessity. Let’s discuss today the different aspects of automated malware analysis in the […]
Sn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Let’s get started To clone the tool, type the following command: git clone https://github.com/1N3/Sn1per.git Then you type the following commands to change the directory to Sn1per, change mode of install.sh, and to list the files of […]
Osmedeus allows you to run a collection of tools to simplify the reconnaissance and vulnerability scanning phase against the target. Features Subdomain Scan. Subdomain TakeOver Scan. Screenshot the target. Basic recon like Whois, Dig info. IP Discovery. CORS Scan. SSL Scan. Headers Scan. Port Scan. Vulnerable Scan. Seperate workspaces to store all scan output and […]
Osmedeus is a fully automated tool that allows you to run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. How to use If you have no idea what are you doing just type the command below or check out the Advance Usage. ./osmedeus.py -t example.com Installation in detail For Kali Linux […]
Legion, a fork of SECFORCE’s Sparta, is an open source, easy-to-use, super-extensible and semi-automated network penetration testing framework that aids in discovery, reconnaissance and exploitation of information systems. Legion is developed and maintained by GoVanguard. Features Automatic recon and scanning with NMAP, whataweb, nikto, Vulners, Hydra, SMBenum, dirbuster, sslyzer, webslayer and more (with […]
Webvulnscan is a web application scanner that automates vulnerability assessment tasks. The tool can automatically detect different web application vulnerabilities including Cross Site Scripting (XSS), Click-jacking, Breach, Cross Site Request Forgery (CSRF), and cacheable cookies. Apart from vulnerabilities assessment, Webvulnscan can be used for other web related tasks, such as links crawling, form crawling, white- […]
stoQ is a automation framework that helps to simplify the more mundane and repetitive tasks an analyst is required to do. It allows analysts and DevSecOps teams the ability to quickly transition from different data sources, databases, decoders/encoders, and numerous other tasks. stoQ was designed to be enterprise ready and scalable, while also being lean […]
stoQ is an automation framework that helps to simplify the more mundane and repetitive tasks an analyst is required to do. It allows analysts and DevSecOps team the ability to quickly transition from different data sources, databases, decoders/encoders, and numerous other tasks. It was designed to be enterprise-ready and scalable, while also being lean enough […]
Looking for an automated malware analysis software? Something like a 1-click solution that doesn’t require any installation or configuration…a platform that can scale up your research time… technology that can provide data-driven explanations… well, your search is over! Israeli cybersecurity and malware researchers today at Black Hat conference launch a revolutionary machine learning and […]
As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets can be collected automatically through Shodan, Censys or Zoomeye. But options to add your custom targets and host lists have been included as well. The available Metasploit modules have been selected to facilitate Remote Code Execution and to attempt to […]
We create a way to automate doing the window sticky keys hack from a bootable USB. Then, we automate getting as many saved passwords as possible, drop a listener, and delete all traces that we were there.. All without being detected by antivirus, we should add a mimikittenz option if the computer was found running […]
Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security’s premium reporting addon for Professional Penetration Testers, Bug Bounty Researchers and Corporate Security teams to manage large environments and pentest scopes. SN1PER PROFESSIONAL FEATURES: Professional reporting interface Slideshow […]
Metateta Automated Tool For Scanning And Exploiting Network Protocols Using Metasploit For faster pen testing for large networks What You Can Do Scanning with all metasploit modules for specific network Protocol like smb,smtp,snmp Run all Auxiliary modules against specific network Protocol Run all Possible Metasploit Exploits for specific network Protocol That’s is not recommended for […]
Airbash is a POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing. It is compatible with Bash and Android Shell (tested on Kali Linux and Cyanogenmod 10.2) and uses aircrack-ng to scan for clients that are currently connected to access points (AP). Those clients are then deauthenticated in order to capture the […]
Zizzania sniffs wireless traffic listening for WPA handshakes and dumping only those frames suitable to be decrypted (one beacon + EAPOL frames + data). In order to speed up the process, Zizzania sends IEEE 802.11 DeAuth frames to the stations whose handshake is needed, properly handling retransmissions and reassociations and trying to limit the number […]
Flashlight is an automated information gathering tool that allows you to scan networks and gather information. For more information about using Flashlight, “-h” or “-help” option can be used. Parameters for the usage of this application can be listed below: -h, –help: It shows the information about using the Flashlight application. -p <ProjectName> or –project […]
JSHielder is an Open Source tool developed to help SysAdmin and developers secure their Linux Servers in which they will be deploying any web application or services. According to information security experts this tool automates the process of installing all the necessary packages to host a web application and Hardening a Linux server with little interaction from […]
InfernalWireless is a Python-based automated wireless hacking tool. Usage: python InfernalWireless.py Features: GUI Wireless security assessment SUIT WPA2 hacking WEP Hacking WPA2 Enterprise hacking Wireless Social Engineering SSL Strip Report generation PDF Report HTML Report Note taking function Data is saved into Database Network mapping MiTM Probe Request Menu to retrieve logs BeeF XSS framework […]
Wifite is a Python script for auditing wireless networks which aims to be the “set it and forget it” wireless auditing tool. What’s new in Wifite 2? Lots of files instead of “one big script”. Cleaner process management — No longer leaves processes running in the background. UX: Target access points are refreshed every second […]
As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets are collected automatically as well by employing the Shodan.io API. The program allows the user to enter their platform specific search query such as; Apache, IIS, etc, upon which a list of candidates will be retrieved. After this operation has been completed […]
CuckooDroid is an extension of Cuckoo Sandbox the Open Source software for automating analysis of suspicious files. CuckooDroid brigs to cuckoo the capabilities of execution and analysis of android application. CuckooDroid is an automated, cross-platform, emulation and analysis framework based on the popular Cuckoo sandbox and several other open source projects – providing both static […]