Amass is the subdomain enumeration tool with the greatest number of disparate data sources that performs analysis of the resolved names in order to deliver the largest number of quality results. Amass performs scraping of data sources, recursive brute forcing, crawling of web archives, permuting and altering of names, reverse DNS sweeping, and machine learning […]
Raccoon is an offensive security tool known for reconnaissance and information gathering. The tool can extract useful information about the target host, such as DNS details, DNS mapping, WHOIS record, Port Scanning, TLS data (TLS version, supported ciphers, certificates), URL fuzzing, subdomains enumeration, and Web Application Firewall (WAF) information. Moreover, the tool is capable of […]
Social Mapper is a Social Media Mapping Tool that correlates profiles via facial recognition by Jacob Wilkin(Greenwolf). Social Mapper is an Open Source Intelligence Tool that uses facial recognition to correlate social media profiles across different sites on a large scale. It takes an automated approach to search popular social media sites for targets names […]
Dnsenum is a tool for DNS enumeration, which is the process of locating all DNS servers and DNS entries for an organization. DNS enumeration will allow us to gather critical information about the organization such as usernames, computer names, IP addresses, and so on. DNSENUM OPTIONS –dnsserver <server> Use this DNS server for A, NS and MX […]
An information security professional wrote a list of the most popular methods, the expert tried to make a list of some tools and online resources to exploit them. Of course this list is far from exhaustive, there is much new stuff every day, but it’s still a good start. Methods Brute force This is the easiest way. […]
This repository has the unified data required to perform user and username enumeration on various websites. Content is in a JSON file and can easily be used in other projects such as the ones below: Recon-ng – The Profiler Module grabs this JSON file and uses it. See https://webbreacher.com/2014/12/11/recon-ng-profiler-module/ for details. Spiderfoot uses this in the sfp_account module. Download git clone https://github.com/WebBreacher/WhatsMyName.git Usage $ […]
SNMP brute force, enumeration, CISCO config downloader and password cracking script. Listens for any responses to the brute force community strings, effectively minimising wait time. Requirements metasploit snmpwalk snmpstat john the ripper Usage python snmp-brute.py -t [IP] Options–help, -h show this help message and exit–file=DICTIONARY, -f DICTIONARY Dictionary file–target=IP, -t IP Host IP–port=PORT, -p PORT […]
Anubis is a subdomain enumeration and information gathering tool. Anubis collates data from a variety of sources, including HackerTarget, DNSDumpster, x509 certs, VirusTotal, Google, Pkey, and NetCraft. Anubis also has a sister project, AnubisDB, which serves as a centralized repository of subdomains. Subdomains are automatically sent to AnubisDB – to disable this functionality, pass the […]
Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Sublist3r enumerates subdomains using many search engines such as Google, Yahoo, Bing, Baidu, and Ask. Sublist3r also enumerates subdomains using Netcraft, Virustotal, ThreatCrowd, DNSdumpster, and […]
kernelpop is a framework for performing automated kernel exploit enumeration on Linux, Mac, and Windows hosts. Requirementspython3 Currently supported CVE’s: *CVE-2017-1000367 *CVE-2017-1000112 *CVE-2017-7308 *CVE-2017-6074 *CVE-2017-5123 *CVE-2016-5195 *CVE-2016-2384 *CVE-2016-0728 *CVE-2015-7547 *CVE-2015-1328 *CVE-2014-4699 *CVE-2014-4014 *CVE-2014-3153 *CVE-2014-0196 *CVE-2009-1185 Run modes default mode The default mode runs with the command python3 kernelpop.py. This processes information about the host kernel […]
nullinux is an internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB null sessions. Unlike many of the enumeration tools out there already, nullinux can enumerate multiple targets at once and when finished, creates a users.txt file of all users found on […]
Bash script purposed for system enumeration, vulnerability identification and privilege escalation. MIDA Multitool draws functionality from several of my previous scripts namely SysEnum and RootHelper and is in many regards RootHelpers successor. Besides functionality from these two previous scripts it incorporates some of it’s own and as such aims to be a comprehensive assistant for […]
BaRMIe is a tool for enumerating and attacking Java RMI (Remote Method Invocation) services. RMI services often expose dangerous functionality without adequate security controls, however RMI services tend to pass under the radar during security assessments due to the lack of effective testing tools. In 2008 Adam Boulton spoke at AppSec USA (YouTube) and released […]
Vanquish is a Kali Linux based Enumeration Orchestrator built in Python. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases. The results of each phase are fed into the next phase to identify vulnerabilities that could be leveraged for a remote shell. Vanquish Features So what is so special […]
BaRMIe is a tool for enumerating and attacking Java RMI (Remote Method Invocation) services. RMI services often expose dangerous functionality without adequate security controls, however RMI services tend to pass under the radar during security assessments due to the lack of effective testing tools. In 2008 Adam Boulton spoke at AppSec USA (YouTube) and released […]
A New version of Banking Trojan Trickbot Trojan “1000029″ Spreading Via new Module “worm64Dll” via Email Champaign that imitates as an invoice of largest Financial Institution via Local SMB It performs scanning to find the list of servers using NetServerEnum Windows API that spread locally via Server Message Block (SMB). it also has the ability to performing an […]
Fierce is an open source active information gathering tool to identify subdomains of a target website. This tool was written by Robert Hansen. It’s a PERL script that quickly scans domains (usually in just a few minutes, assuming no network lag) using several tactics. The tool comes pre-installed by default in Kali Linux from Offensive-Security. The […]
User Enumeration is the capacity to automatically figure out if a given account is valid on a system. By enumerating client accounts, you are at danger of locking out accounts after a predefined number of failed attempts. Stop User Enumeration is a module stops client count dead , and furthermore it will log an event in your System […]