Common Weakness Enumeration (CWE) is Managed by MITRE and it a released top 25 Most Dangerous Software vulnerabilities list. This list shows the currently most common and impactful vulnerabilities. Often easy to find and exploit, these can be exploited that can allow threat actors to completely take over a system, steal data, or bring down […]
WordPress user enumeration and login Brute Force tool for Windows and Linux With the Brute Force tool, you can control how aggressive an attack you want to perform, and this affects the attack time required. The tool makes it possible to adjust the number of threads as well as how large password batches each […]
nmapAutomatorA script that you can run in the background! SummaryThe main goal for this script is to automate all of the process of recon/enumeration that is run every time, and instead focus our attention on real pen testing.This will ensure two things:1) Automate nmap scans. 2) Always have some recon running in the background.Once you […]
The OWASP Amass tool suite obtains subdomain names by scraping data sources, recursive brute forcing, crawling web archives, permuting/altering names and reverse DNS sweeping. Additionally, Amass uses the IP addresses obtained during resolution to discover associated netblocks and ASNs. All the information is then used to build maps of the target networks. Changelog v3.4.1 2452c61 Document […]
FDsploit FDsploit is a File inclusion & Directory Traversal fuzzer, enumeration & exploitation tool. Features The LFI-shell interface provides only the output of the file read or the command issued and not all the html code. 3 different types of LFI-shells can be specified. Both GET/POST requests are supported. Automatic detection of GET parameters. Certain parameters can be […]
linux-smart-enumeration Linux enumeration tools for pentesting and CTFs This project was inspired by LinEnum and uses many of its tests. Unlike LinEnum, lse tries to gradually expose the information depending on its importance from a privesc… The post linux-smart-enumeration v1.9 releases: Linux enumeration tools for pentesting and CTFs appeared first on Penetration Testing.
Introduction Dr. ROBOT is a tool for Domain Reconnaissance and Enumeration. By utilizing containers to reduce the overhead of dealing with dependencies, inconsistency across operating sytems, and different languages, Dr. ROBOT is built to be highly portable and configurable. Use Case: Gather as many public facing servers that a target organization possesses. Querying DNS resources […]
A tool to automate Active Directory enumeration. Tool Prereq This tool requires that you have a runas /netonly shell. Functions Start-PreReqCheck Install-Tools Start-ADEnum Start-PreReqCheck This function determines if the current Windows 10 OS is 1809+ and installs all the prerequisites. The list of prerequisites includes the following: Identifies if current Windows 10 host is on […]
Sudomy is a subdomain enumeration tool, created using a bash script, to analyze domains and collect subdomains in fast and comprehensive way. Features For recent time, Sudomy has these 9 features: Easy, light, fast and powerful. Bash script is available by default in almost all Linux distributions. By using bash script multiprocessing feature, all processors […]
Reconnoitre is a reconnaissance tool made for the OSCP labs to automate information gathering and service enumeration whilst creating a directory structure to store results, findings and exploits used for each host, recommended commands to execute and directory structures for storing loot and flags. Ways to use this tool: Scan a single host, create a […]
AutoRecon is an enumeration tool that performs automated enumeration with multi-threaded capabilities. It is purposely built to be used for CTFs, exams (like OSCP) and other penetration testing environments for saving as much time as possible. This tool works by performing port scans/service detection scans, and then as per the result of the scan, it […]
WeebDNS is an ‘Asynchronous’ DNS Enumeration Tool made with Python3 which makes it much faster than normal Tools. PREREQUISITES Python 3.x pip3 git PYTHON 3 PREREQUISITES aiohttp asyncio aiodns Installation Resolve dependencies Ubuntu/Debian System $ sudo apt-get install git python3 python3-pip -y Getting and Running WeebDNS $ git clone https://github.com/WeebSec/weebdns.git $ cd weebdns $ sudo […]
Reconnoitre is a tool that was created to automate routine actions within the OSCP lab environment. It is a simple script, which can automate information gathering and service enumeration. It searches for the live hosts, and performs a scan on the hosts that are found, enumerates its detected services and sends commands to it. The […]
Using 0xsp mongoose you will be able to scan targeted operating system for any possible way for privilege escalation attacks,starting from collecting information stage unitl reporting information through 0xsp Web Application API . Users will be able to scan different linux os system at same time with high perfromance , with out spending time looking […]
Linux enumeration tools for pentesting and CTFs. This project was inspired by https://github.com/rebootuser/LinEnum and uses many of its tests. Unlike LinEnum, lse tries to gradualy expose the information depending on its importance from a privesc point of view. What is it? This script will show relevant information about the security of the local Linux system. […]
Synopsisbscan is a command-line utility to perform active information gathering and service enumeration. At its core, bscan asynchronously spawns processes of well-known scanning utilities, repurposing scan results into highlighted console output and a well-defined directory structure. Installationbscan was written to be run on Kali Linux, but there is nothing inherently preventing it from running on […]
celerystalk helps you automate your network scanning/enumeration process with asynchronous jobs (aka tasks) while retaining full control of which tools you want to run. Configurable – Some common tools are in the default config, but you can add any tool you want Service Aware – Uses nmap/nessus service names rather than port numbers to decide […]
PrivilegeEsc-Linux is a simple script which checks the security on a Linux machine. It can run many different options, such as for checking the OS version, the environment , the apps and services, the upload options and more. Mainly focus is to enumerate everything it can in a Linux Machine and with this information you […]
DNSENUM. Dnsenum which is used to gather information about the target. Quite similar to (DIG) Domain information groper. Each of the DNS records can give bit of information about the target. The more information attacker get from the upfront, the better attacker is prepared for the attack. DNS security should not be left unattended and […]
A Python script for AWS S3 bucket enumeration. Inspired by a conversation with Instacart’s @nickelser on HackerOne, I’ve optimized and published Sandcastle – a Python script for AWS S3 bucket enumeration, formerly known as bucketCrawler. The script takes a target’s name as the stem argument (e.g. shopify) and iterates through a file of bucket name permutations, such as […]
DNSRecon is a python script used for DNS information gathering. DNS information about a target is an essential requirement for every penetration tester. DNS information helps in mapping the network infrastructure of the target host. DNSRecon is a DNS reconnaissance tool that can perform a variety of enumerations, such as standard record enumeration, Zone transfer, […]