GitHub hack tools

Turbolist3r is a subdomain enumeration tool which can identify subdomain takeovers. It is heavily based on sublist3r: https://latesthackingnews.com/2016/01/27/sublist3r-free-tool-to-enumerate-subdomains-for-pentester/ Installation and usage git clone https://github.com/fleetcaptain/Turbolist3r cd Turbolist3r/ pip3 install -r requirements.txt There are various options such as port scanning, brute force on subdomains, input and output files, dns resolvers: The following command shows how a typical […]

Salsa-tools is a collection of three tools  programmed with C# used to take over a windows machine and bypass AV and get a reverse shell without the need for PowerShell on the victim machine. Salsa-Tools combines three different ingredients: – EvilSalsa – EncrypterAssembly – SalseoLoader Installation To install the Tool we will need a machine that […]

Powershell-RAT is a Python and Powershell script tool that has been made to help a pen tester during red team engagements to backdoor Windows machines. It tracks user activity using screen capture and sends the information to an attacker as an e-mail attachment. The tool is FUD as of Black Hat 2019, you can find the […]

Definition Whatweb is web scanner written in Ruby to identify and recognise technologies used by a website including CMS, blogging platforms, statistic/analytics packages, Javascript libraries and much more interesting stuff, The best thing about Whatweb is that it contains more than 1800 plugins each one is specialized and grabbing some kind of information mentioned above,This […]

Wifi Pumpkin is a security audit framework used to test the security of wifi against threats like man in the middle attacks. The tool also can  create rogue Wi-Fi access points, deauth attacks on client APs, a probe request and credentials monitor, transparent proxy, Windows update attack, phishing manager, ARP Poisoning, DNS Spoofing, Pumpkin-Proxy, and […]

TheFatRat is an easy to use tool which helps in generating backdoors, system exploitation, post exploitation attacks, browser attacks, DLL files, FUD payloads against Linux, Mac OS X, Windows, and Android. It can be combined with msfvenom (Metasploit framework) which can be then utilized to utilise a reverse shell. It offers a lot of features, […]

Spiderfoot is an open-source tool used for reconnaissance. It is capable of gathering open-source information which can be further used for investigations and red teaming exercises. Spiderfoot has a multitude of scanning options and modules available, it utilizes more than 100 OSINT data sources to collect information automatically. It can capture information like domains, IP addresses, emails, DNS […]

Reconnoitre is a tool that was created to automate routine actions within the OSCP lab environment. It is a simple script, which can automate information gathering and service enumeration. It searches for the live hosts, and performs a scan on the hosts that are found, enumerates its detected services and sends commands to it. The […]

Today, we talk about SSLyze. SSLyze is a Python tool that can analyze the SSL configuration of a server. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL servers. Key features include: Multi-processed and multi-threaded scanning (it’s fast) SSL 2.0/3.0 and TLS 1.0/1.1/1.2 compatibility Performance […]

Photon is a relatively fast crawler designed for automating OSINT (Open Source Intelligence) with a simple interface and tons of customization options. It’s designed by S0md3v and is written in one of my most favorite language, Python. Photon essentially acts as a web crawler which is able to extract URLs with parameters, also able to […]

KillShot is a penetration testing tool that can be used to gather useful information and scan vulnerabilities in target host devices and web applications. KillShot makes use of the Shodan search engine to find information about target devices. Web application information gathering process is carried out by using inbuilt scripts. The KillShot tool can crawl […]

Every reconnaissance phase has a standard checklist that is to be followed. If you’ve ever conducted or been a part of target recon you’ve most likely encountered, these steps: Network Scanning Directory Brute forcing Subdomain Brute forcing Target Mapping Today, we’ll be focusing on the the 2nd and 3rd contenders, with an awesome utility written […]

Tmux is a terminal multiplexer: which in lamen terms means it is able to create a number of terminals, inside a session, with the ability to install and attach multiple sessions to it. Sounds kind of overwhelming doesn’t it? Well it isn’t, let me show you. What is Tmux? Tmux, in the simplest of terms […]

MassBleed is an open source tool used for scanning SSL vulnerabilities in web applications. The tool can scan Heartbleed, CCS, Poodle, Winshock, and DROWN attack vulnerabilities in target web applications. MassBleed Installation MassBleed requires the following scripts to perform its scan. Heartbleed POC OpenSSL CCS script Winshock Script Unicornscan Nmap sslscan Heartbleed, OpenSSL, and Winshock […]

YAWAST is a web application penetration testing toolkit that can perform information gathering and basic vulnerabilities (misconfiguration) assessment tasks related to TLS/SSL, Files, directories, and application headers. Regarding SSL/TLS, the toolkit gathers information like certificate details, supported ciphers, and DNS CAA record. The SSL issues detected by YAWAST include expired certificates, self-signed certificates, MD5 signature […]

Tulpar is an open source penetration testing tool that can find web application vulnerabilities such as SQL injection, Cross-site Scripting (XSS), Command injection, Directory traversal, E-mail disclosure, Credit card disclosure, and File inclusion attacks. Apart from these vulnerabilities assessments, Tulpar can do the following tests. Web crawling Whois information Server information Certification information Technology information […]

With Sherlock you can search across a vast number of social platforms for a username. This is useful for information gathering purposes, if you want to perform a sophisticated social engineering attack against a specific target or if you want to test if a password has been used in another platform by the same user. […]

Webvulnscan is a web application scanner that automates vulnerability assessment tasks. The tool can automatically detect different web application vulnerabilities including Cross Site Scripting (XSS), Click-jacking, Breach, Cross Site Request Forgery (CSRF), and cacheable cookies. Apart from vulnerabilities assessment, Webvulnscan can be used for other web related tasks, such as links crawling, form crawling, white- […]

Modlishka is a go based phishing proxy that takes your phishing campaigns to the next level. The main feature that makes it different from the other phishing tools, is that it supports 2FA authentication. It is easy to configure with great flexibility that allows the attacker to control all the traffic from a target’s browser. […]

Sitadel is a python based web application scanner. It’s flexible and has many different scanning options. It can get a full fingerprint of a server and bruteforce directories, admin pages, files etc. Also, it can search for injection type attacks (slq, html, xss, rfi, ldap and more), other information disclosures and popular vulnerabilities. Installing Sitadel […]