OWASP Nettacker project is created to automate information gathering, vulnerability scanning and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and other information. This software will utilize TCP, SYN, ACK, ICMP and many other protocols in order to detect and bypass Firewall/IDS/IPS devices. By leveraging a unique method in OWASP Nettacker for […]
The Automated Collection and Enrichment (ACE) platform is a suite of tools for threat hunters to collect data from many endpoints in a network and automatically enrich the data. The data is collected by running scripts on each computer without installing any software on the target. ACE supports collecting from Windows, macOS, and Linux hosts. […]
Commix (short for [comm]and [i]njection e[x]ploiter) is an automated tool that you can use to test web-based applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using this tool, it is very easy to find and exploit a command injection vulnerability in a certain vulnerable parameter or HTTP […]
Wifiphisher is a security tool that mounts automated victim-customized phishing attacks against WiFi clients in order to obtain credentials or infect the victims with malwares. It is primarily a social engineering attack that unlike other methods it does not include any brute forcing. It is an easy way for obtaining credentials from captive portals and […]
CALDERA is an automated adversary emulation system that performs post-compromise adversarial behavior within enterprise networks. It generates plans during operation using a planning system and a pre-configured adversary model based on the Adversarial Tactics, Techniques & Common Knowledge (ATT&CK™) project. These features allow CALDERA to dynamically operate over a set of systems using variable behavior, which better represents how […]
Wi-fEye is an automated wireless penetration testing tool written in python , its designed to simplify common attacks that can be performed on wifi networks so that they can be executed quickly and easily. Wi feye has three main menus : Cracking menu: contains attacks that could allow us to crack wifi passwords weather is […]
Automated script to search in SMB protocol for availables pipe names. Requirements metasploit-framework wget pipe_audit_v2.rb module (https://github.com/peterpt/pipe_auditor_fb) – It will be installed on first run How to Run git clone https://github.com/peterpt/pipe_finder.git cd pipe_finder && ./pipef Screenshots Notes: This script can be copied to a system path , it will run independently . Download […]
Sn1per is an automated pentest recon scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Features: Automatically collects basic recon (ie. whois, ping, DNS, etc.) Automatically launches Google hacking queries against a target domain Automatically enumerates open ports via NMap port scanning Automatically brute forces sub-domains, gathers DNS info […]
##Infernal-Wireless v2.6Release 2.6.11 ##Features added and improved: Menu to retrieve logs are added ##Infernal-Wireless v2.6 Release 2.6.10 ##Features added and improved: Added BeeF XSS framework Integration Added HTTP Traffic View within tool Improved Infenral Wireless Attack Visual View of some of the panel improved Improved Basic Authentication during Social engineering assessment over wireless network Infernal-Wireless […]
complete re-write of wifite, a Python script for auditing wireless networks. What’s new? Lots of files instead of “one big script”. Cleaner process management — No longer leaves processes running in the background. UX: Target access points are refreshed every second instead of every 5 seconds. UX: Displays realtime Power level (in db) of currently-attacked […]
Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised Privilege escalation Lateral movement Convenience modules Portia is a genus of jumping spider that feeds on other spiders – known for their intelligent hunting behaviour and problem solving capabilities usually only found […]
LFiFreak is a tool for exploiting local file inclusions using PHP Input, PHP Filter and Data URI methods. Features Works with Windows, Linux and OS X Includes bind and reverse shell for both Windows and Linux Written in Python 2.7 Dependencies BeautifulSoup Download LFiFreak Download Premium WordPress Themes Free Premium WordPress Themes Download Download […]
Hey Guys, In this video i show you a great tool called Yuki Chan. The Yuki Chan is an Automated Penetration Testing tool this tool will auditing all standard security test method for you. Yuki Chan:https://github.com/Yukinoshita47/Yuki-Chan-The-Auto-Pentest Features: • Automated • Intel-Gathering • Vulnerability Analysis • Security Auditing • OSINT • Tracking • System Enumeration • […]
An OSINT Framework to perform various recon techniques, aggregate all the raw data, and give data in multiple formats. Overview Performs automated OSINT on a domain / email / username / phone and find out relevant information from different sources. Useful for Pen-testers, Cyber Investigators, Product companies, defensive security professionals, etc. Correlates and collaborate the […]
Ghiro is an open source software for digital photo and digital image forensics. The forensic analysis is fully automated, report data can be searched or aggregated in different perspectives. It is designed to assist you in the process of analyzing a massive amount of images, it could become an essential tool in your forensic lab.Since […]
Automated Mongo database and NoSQL web application exploitation tool http://www.nosqlmap.net DOWNLOAD NOSQL https://github.com/tcstool/NoSQLMap NoSQLMap NoSQLMap v0.7 Introduction NoSQLMap is an open source Python tool designed to audit for as well as automate injection attacks and exploit default configuration weaknesses in NoSQL databases as well as web applications using NoSQL in order to disclose data from […]
Commix, other wise known as [ comm ]and [ i ]njection e[ x ]ploiter is an automated tool written by that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using […]
Morpheus is a framework tool which automates TCP/UDP packet manipulation tasks by using etter filters to manipulate target requests/responses under MitM attacks replacing the TCP/UDP packet contents by our contents before forward the packet back to the target host. t will be as simple as Occidental; in fact, it will be Occidental. To an English […]
Morpheus is a framework tool which automates TCP/UDP packet manipulation tasks by using etter filters to manipulate target requests/responses under MitM attacks replacing the TCP/UDP packet contents by our contents before forward the packet back to the target host. This tool comes with pre-configured filters but it will allow users to improve them when lunching the […]
Wifiphisher is a security tool that mounts automated victim-customized phishing attacks against WiFi clients in order to obtain credentials or infect the victims with malwares. It is primarily a social engineering attack that unlike other methods it does not include any brute forcing. It is an easy way for obtaining credentials from captive portals and […]
This tool will perform an NMap scan, or import the results of a scan from Nexpose, Nessus, or NMap. The processesd results will be used to launch exploit and enumeration modules according to the configurable Safe Level and enumerated service information. All module results are stored on localhost and are part of APT2’s Knowledge Base […]