Paskto will passively scan the web using the Common Crawl internet index either by downloading the indexes on request or parsing data from your local system. URLs are then processed through Nikto and known URL lists to identify interesting content. Hash signatures are also used to identify known default content for some IoT devices or […]
Hey Guys, In this video i show you a cool tool called SQLiv which used to scan websites for sql injection. SQLiv:https://github.com/Hadesy2k/sqliv Features: multiple domain scanning with SQL injection dork by Bing, Google, or Yahoo targetted scanning by providing specific domain (with crawling) reverse domain scanning both SQLi scanning and domain info checking are done […]
Massive SQL Injection Vulnerability Scanner Features multiple domain scanning with SQL injection dork by Bing, Google, or Yahoo targetted scanning by providing specific domain (with crawling) reverse domain scanning both SQLi scanning and domain info checking are done in multiprocessing so the script is super fast at scanning many urls quick tutorial & screenshots are […]
Passive web scanner. EllaScanner is a simple passive web scanner. Using this tool you can simply check your site’s security state. Usage: ./Start.py https:// or http:// Scanning of the site consists several phases: At the first phase, you can get recommendations related to http/https headers. The Second phase depends on information gather in the first […]
About Getting default credentials added to commercial scanners is often difficult and slow. changeme is designed to be simple to add new credentials without having to write any code or modules. changeme keeps credential data separate from code. All credentials are stored in yaml files so they can be both easily read by humans and […]
A virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages. First presented at SecTalks BNE in September 2017 (slidedeck). Key Benefits Quickly highlight unique content in catch-all scenarios Locate the outliers in catch-all scenarios where results have dynamic content on the page (such as the time) […]
Hey Guys, In this video i show you a great Web Application Security Scanner called Spaghetti. Spaghetti is a web application security scanner tool. It is designed to find various default and insecure files, configurations and misconfigurations. Spaghetti is built on python2.7 and can run on any platform which has a Python environment. Spaghetti:https://github.com/m4ll0k/Spaghetti Installation: […]
Eternal scanner is an network scanner for Eternal Blue exploit CVE-2017-0144 (Eternal Blue). Eternal Scanner:https://github.com/peterpt/eternal_sc… Requirements: • masscan • metasploit-framework Install Requirements: • apt-get install masscan metasploit-framework How to Install: • git clone https://github.com/peterpt/eternal_sc… • cd eternal_scanner && ./escan • OR ./escan -h (to change scanner speed) Video Tutorial: Download Premium WordPress Themes Free Download […]
Hey Guys, In this video i show you a fast and small SQL Injection Scanner. Damn Small SQLi Scanner (DSSS) is a fully functional SQL injection vulnerability scanner (supporting GET and POST parameters) written in under 100 lines of code. Damn Small SQLi Scanner (DSSS):https://github.com/stamparm/DSSS Blog Post:http://pentesttools.net/2017/09/damn… Requirements: Python version 2.6.x or 2.7.x is required […]
Zeus is a advanced dork searching tool that is capable of bypassing search engine API calls, search engine captchas, and IP address blocking from sending many requests to the search engine itself. Zeus can use three different search engines to do the search (default is Google). Zeus has a powerful built in engine, automates a […]
Scannerl is a modular distributed fingerprinting engine implemented by Kudelski Security. Scannerl can fingerprint thousands of targets on a single host, but can just as easily be distributed across multiple hosts. Scannerl is to fingerprinting what zmap is to port scanning. Scannerl works on Debian/Ubuntu (but will probably work on other distributions as well). It uses […]
A virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages. First presented at SecTalks BNE in September 2017 Key Benefits Quickly highlight unique content in catch-all scenarios Locate the outliers in catch-all scenarios where results have dynamic content on the page (such as the time) […]
A BLE scanner for “smart” devices hacking based on the bluepy library, dead easy to use because retarded devices should be dead easy to hack. How to Install Install bluepy from source: git clone https://github.com/IanHarvey/bluepy.git cd bluepy python setup.py build sudo python setup.py install Then install bleah: git clone https://github.com/evilsocket/bleah.git cd bleah python setup.py build sudo python setup.py […]
Bluetooth scanner for local devices that may be vulnerable to Blueborne exploit VPN Gate auto-grabber Greetz shouts to sh3llg0d, an0n_l1t3, daemochi, akatz!!!! Overview Bluetooth scanner for blueborne-vulnerable devices, Android only for the moment Quickstart git clone https://github.com/hook-s3c/blueborne-scanner.git cd blueborne-scanner sudo chmod +x ./bluebornescan.py pip install -r ./requirements.txt ./bluebornescan.py Breakdown Scans for local bluetooth devices Looks […]
Wapiti is an open source command-line application that you can use to audit the security of your web applications. It performs “black-box” scans, i.e. it does not study the source code of the application but will scan the webpages of the deployed web app, looking for scripts and forms where it can inject data. Once it […]
Synopsis Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. It is smart, it trains itself by monitoring and learning from the web application’s behavior during the scan process and is able to perform meta-analysis using a number of factors in order to […]
German Firm Siemens will Update PET Scanner Software as DHS Issues Security Threat to Machines. Cyber-attacks on medical equipment are intensifying every passing day. The latest to join the list of unsecured medical equipment is the Positron Emission Tomography scanners or PET scanners manufactured by the Munich based company Siemens. These scanners require Microsoft Windows […]
Atscan is a Perl script for finding vulnerabilities in servers and sites, as well as a dork scanner. The tool contains the following ● Search engine Google / Bing / Ask / Yandex / Sogou ● Mass Dork Search ● Multiple instant scans. ● Mass Exploitation ● Use proxy. ● Random user agent. ● Random […]
Let’s go over some basics to start off – a port is a place where information is transferred in and out of a computer. A port scanner is a software application intended to analyze a server or host for open ports. Most commonly, port scanners are used by IT professionals in order to validate the […]
A new tool is making the rounds on the criminal underground. Called Katyusha Scanner, this is a hybrid between a classic SQL injection (SQLi) vulnerability scanner and Anarchi Scanner, an open-source penetration testing tool. Discovered by security researchers from Recorded Future on an underground hacking forum, the tool was put together by a Russian-speaking criminal and […]
Acunetix Vulnerability Scanner uses automated tools to detect security vulnerabilities that affect a given system or application. Acunetix Vulnerability Scanner typically works fingerprinting a target operating system (ie, recognizing the type and version), and services running. Once you have taken the fingerprints from your target operating system, use the vulnerability scan tool to run specific […]