Browsing tag
Wondering which is the best operating system for ethical hacking and pen testing purposes? Trying to solve this problem, Fossbytes has prepared a list of the most efficient Linux distros for hacking purposes that you need to check out in 2018. It’s time to pause the archaic Windows vs. OS X vs. Linux discussion and switch […]
MAC Changer is an utility that makes the maniputation of MAC addresses of network interfaces easier. A media access control (Mac) address of a device is a unique identifier assigned to network interface controllers for communications at the data link layer of a network segment. MAC address spoofing is a technique for temporarily changing your […]
The official blog of jQuery—most popular JavaScript library used by millions of websites—has been hacked by some unknown hackers, using the pseudonym “str0ng” and “n3tr1x.” jQuery’s blog website (blog.jquery.com) runs on WordPress—the world’s most popular content management system (CMS) used by millions of websites. While there is no evidence yet if the server (code.jquery.com) that […]
Bash script purposed for system enumeration, vulnerability identification and privilege escalation. MIDA Multitool draws functionality from several of my previous scripts namely SysEnum and RootHelper and is in many regards RootHelpers successor. Besides functionality from these two previous scripts it incorporates some of it’s own and as such aims to be a comprehensive assistant for […]
Selenium powered Python script to automate searching the web for vulnerable applications. DorkNet can take a single dork or a list of dorks as arguments. After the proper command line arguments have been passed, the script will use Selenium and Geckodriver to find the results we want and save them to a textfile for further […]
Shadow is a unique discrete-event network simulator that runs real applications like Tor and Bitcoin, and distributed systems of thousands of nodes on a single machine. Shadow combines the accuracy of emulation with the efficiency and control of simulation, achieving the best of both approaches. Shadow was developed because there was a recognized need for […]
CyberScan is an open source penetration testing tool that can analyse packets , decoding , scanning ports, pinging and geolocation of an IP including (latitude, longitude , region , country …) Operating Systems Supported Windows XP/7/8/8.1/10 GNU/Linux MacOSX Installation You can download CyberScan by cloning the Git repository: git clone https://github.com/medbenali/CyberScan.git cd CyberScan/ python CyberScan.py […]
PowerSAP is a simple powershell re-implementation of popular & effective techniques of all public tools such as Bizploit, Metasploit auxiliary modules, or python scripts available on the Internet. This re-implementation does not contain any new or undisclosed vulnerability. PowerSAP allows to reach SAP RFC with .Net connector ‘NCo’. What is this repository for? Quick summary: […]
DET (is provided AS IS), is a proof of concept to perform Data Exfiltration using either single or multiple channel(s) at the same time. This is a Proof of Concept aimed at identifying possible DLP failures. This should never be used to exfiltrate sensitive/live data (say on an assessment) The idea was to create a […]
A virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages. First presented at SecTalks BNE in September 2017 (slidedeck). Key Benefits Quickly highlight unique content in catch-all scenarios Locate the outliers in catch-all scenarios where results have dynamic content on the page (such as the time) […]
drinkme is a shellcode test harness. It reads shellcode from stdin and executes it. This allows pentesters to quickly test their payloads before deployment. Formatsdrinkme can handle shellcode in the following formats: “0x##” “x##” “x##” “##” For example, NOP could be represented as any of “0x90”, “x90”, “x90”, or “90”. When processing the input drinkme […]
Reverse Engineer .NET Assemblies dnSpy is a tool to reverse engineer .NET assemblies. It includes a decompiler, a debugger and an assembly editor (and more) and can be easily extended by writing your own extension. It uses dnlib to read and write assemblies so it can handle obfuscated assemblies (eg. malware) without crashing. Features […]
The project is designed as a file resource cloner. Metadata, including digital signature, is extracted from one file and injected into another. Note: The signature is added, but not valid. ================================================================= ___ ___ ___ ______ ____ ______ __ __ ____ ____ | | | / _] | / | | || |__| || || […]
Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised Privilege escalation Lateral movement Convenience modules Portia is a genus of jumping spider that feeds on other spiders – known for their intelligent hunting behaviour and problem solving capabilities usually only found […]
Tallow is a small program that redirects all outbound traffic from a Windows machine via the Tor anonymity network. Any traffic that cannot be handled by Tor, e.g. UDP, is blocked. Tallow also intercepts and handles DNS requests preventing potential leaks. Tallow has several applications, including: “Tor-ifying” applications there were never designed to use Tor […]
LFiFreak is a tool for exploiting local file inclusions using PHP Input, PHP Filter and Data URI methods. Features Works with Windows, Linux and OS X Includes bind and reverse shell for both Windows and Linux Written in Python 2.7 Dependencies BeautifulSoup Download LFiFreak Download Premium WordPress Themes Free Premium WordPress Themes Download Download […]
Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship almost anywhere you go and on any computer but leaving no trace unless you ask it to explicitly. It is a complete operating system designed to be used from a DVD, […]
Hey Guys, In this video i show you a fast and small SQL Injection Scanner. Damn Small SQLi Scanner (DSSS) is a fully functional SQL injection vulnerability scanner (supporting GET and POST parameters) written in under 100 lines of code. Damn Small SQLi Scanner (DSSS):https://github.com/stamparm/DSSS Blog Post:http://pentesttools.net/2017/09/damn… Requirements: Python version 2.6.x or 2.7.x is required […]
pythem is a multi-purpose pentest framework written in Python. It has been developed to be used by security researchers and security professionals. The tool intended to be used only for acts within the law. I am not liable for any undue and unlawful act practiced by this tool, for more information, read the license. Only […]
A python program to create a fake AP and sniff data new in 2.0: SSLstrip2 for HSTS bypass Image capture with Driftnet TShark for command line .pcap capture Features: SSLstrip2 Driftnet Tshark Full featured access point, with configurable speed limit mitmproxy Wireshark DNS Spoofing Saving results to file Requirements: Kali Linux / Raspbian with root […]
Xerosploit is a penetration testing toolkit whose goal is to perform man in the middle attacks for penetration testing purposes. It brings various modules together that will help you perform very efficient attacks. You can also use it to perform denial of service attacks and port scanning. Powered by bettercap and nmap. Dependencies nmap hping3 build-essential ruby-dev libpcap-dev […]