Tested on Kali Linux. Should work with all Debian based distros (and other ones if you have the right packages installed) BabySploit is a penetration testing framework aimed at making it easy to learn how to use bigger, more complicated frameworks like Metasploit. With a very easy to use UI and toolkit, anybody from any […]
Automatic Reconnaisance and Scanning in Penetration Testing What is Osmedeus? Osmedeus allow you to doing boring stuff in Pentesting automatically like reconnaissance and scanning the target by run the collection of awesome tools. Installation git clone https://github.com/j3ssie/Osmedeus cd Osmedeus chmod +x install.sh ./install.sh How to use Doing normal routine include: Subdomain Scanning, Subdomain TakeOver Scanning, […]
SniffAir is an open-source wireless security framework which provides the ability to easily parse passively collected wireless data as well as launch sophisticated wireless attacks. SniffAir takes care of the hassle associated with managing large or multiple pcap files while thoroughly cross-examining and analyzing the traffic, looking for potential security flaws. Along with the prebuilt […]
Automates some pentesting work via an nmap XML file. As soon as each command finishes it writes its output to the terminal and the files in output-by-service/ and output-by-host/. Runs fast-returning commands first. Please send me protocols/commands/options that you would like to see included. HTTP whatweb WPScan (only if whatweb returns a WordPress result) EyeWitness […]
ANDRAX The first and unique Penetration Testing platform for Android smartphones What is ANDRAX ANDRAX is a penetration testing platform developed specifically for Android smartphones, ANDRAX has the ability to run natively on Android so it behaves like a common Linux distribution, But more powerful than a common distribution! Why is Android so powerful? Simple, […]
A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter Menu Web Pentest | Banner Grab | Whois | Traceroute | DNS Record | Reverse DNS Lookup | Zone Transfer Lookup | Port Scan | Admin Panel Scan | Subdomain Scan | CMS Identify | Reverse IP Lookup | Subnet Lookup | Extract […]
Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security’s premium reporting addon for Professional Penetration Testers, Bug Bounty Researchers and Corporate Security teams to manage large environments and pentest scopes. SN1PER PROFESSIONAL FEATURES: Professional reporting interface Slideshow […]
Trity is an advanced pentesting framework dedicated to everything from vulnerability testing to cryptography. Installation & Usage In order to install this program, it is crucial that you are on a Linux-based distro, preferably Kali-Linux or BackBox. First, git clone. git clone https://github.com/toxic-ig/Trity.git Change directory, and then run the installer script (Must be root or […]
msploitego leverages the data gathered in a Metasploit database by enumerating and creating specific entities for services. Services like samba, smtp, snmp, http have transforms to enumerate even further. Entities can either be loaded from a Metasploit XML file or taken directly from the Postgres msf database. Requirements Python 2.7 Has only been tested on […]
Parrot 4.0 is now available for download. The development process of this version required a lot of time, and many important updates make this release an important milestone in the history of our project. This release includes all the updated packages and bug fixes released since the last version (3.11), and it marks the end […]
After a fairly long development process and quite a few updates, the release is ready; Parrot 4.0 is now available for download. According to information security experts, the new version includes the updated packages and bug fixes released in the latest version (3.11), this marks the end of the development process and testing of features experienced in […]
Technology is pulsing all around you, and in the short amount of time that you are hosted in this network that you must try to understand its inner workings. Fortunately or unfortunately, most network and system administrators are persons of habit. All you have to do is listen for long enough, and more often than […]
Xiaopan OS is an easy to use software package for beginners and experts that includes a number of advanced hacking tools to penetrate WPA/WPA2/WPS/WEP wireless networks. Based on the Tiny Core Linux (TCL) operating system (OS), it has a slick graphical user interface (GUI) requiring no need for typing Linux commands. Xiaopan OS is Windows, […]
MOTIVATION Soon after releasing the build for the Budget Cracking Rig, I received a lot of community feedback. Most feedback circled around one main issue: Cost. Reality is that not many small companies or enthusiasts can stomach dumping $5000 into a Budget Cracking Rig nor $15,000 into an 8 GPU rig. Even so, most security professionals would still not […]
Proxenet is a hacker-friendly DIY web proxy for pentesters. It is a C-based proxy that allows you to interact with higher level languages (like Python, Ruby, Java, etc.) for modifying on-the-fly requests/responses sent by your Web browser. It allows you to make fine grain plugins to manipulate HTTP requests and/or responses in the language of […]
Security researchers have long maintained that malware is a problem on Android, the Google operating system that’s on 80% of the world’s smartphones. In extreme cases, hackers with malicious intent can do much more than send premium text messages. In this post, we will see various apps for web application penetration testing, network penetration testing, […]
Sn1per is an automated pentest recon scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Features: Automatically collects basic recon (ie. whois, ping, DNS, etc.) Automatically launches Google hacking queries against a target domain Automatically enumerates open ports via NMap port scanning Automatically brute forces sub-domains, gathers DNS info […]
OWASP Mutillidae II is a free, open source, deliberately vulnerable web-application providing a target for web-security enthusiest.Mutillidae can be installed on Linux and Windows using LAMP, WAMP, and XAMMP for users who do not want to administrate a webserver. It is pre-installed on SamuraiWTF, Rapid7 Metasploitable-2, and OWASP BWA. The existing version can be updated on […]
v3n0m is a free and open source scanner. Evolved from baltazar’s scanner, it has adapted several new features that improve functionality and usability. This program is for finding and executing various vulnerabilities. It scavenges the web using dorks and organizes the URLs it finds. Very useful for executing: Cloudflare Resolver[Cloudbuster] Metasploit Modules Scans[To be released] […]
Security GNU/Linux distribution designed with cloud pentesting and IoT security in mind. It includes a full portable laboratory for security and digital forensics experts, but it also includes all you need to develop your own softwares or protect your privacy with anonymity and crypto tools. Details Security Parrot Security includes a full arsenal of security […]
A Simple tool for installing pentest tools and forensic tools on Debian / Ubuntu Based OS Tested on Linux Mint And Kali Linux How To Do ?? Change Your Privileges Terminal to Root Mode [email protected]:~$ sudo su And Then Clone This [email protected]:~# git clone https://github.com/Yukinoshita47/Pentest-Tools-Auto-Installer.git Get Inside Dir [email protected]:~# cd Pentest-Tools-Auto-Installer Give Chmod Access Level […]