Turbolist3r is a subdomain enumeration tool which can identify subdomain takeovers. It is heavily based on sublist3r: https://latesthackingnews.com/2016/01/27/sublist3r-free-tool-to-enumerate-subdomains-for-pentester/ Installation and usage git...
Salsa-tools is a collection of three tools programmed with C# used to take over a windows machine and bypass AV and get...
Powershell-RAT is a Python and Powershell script tool that has been made to help a pen tester during red team engagements to backdoor...
Definition Whatweb is web scanner written in Ruby to identify and recognise technologies used by a website including CMS, blogging platforms, statistic/analytics...
Wifi Pumpkin is a security audit framework used to test the security of wifi against threats like man in the middle attacks....
TheFatRat is an easy to use tool which helps in generating backdoors, system exploitation, post exploitation attacks, browser attacks, DLL files, FUD...
Spiderfoot is an open-source tool used for reconnaissance. It is capable of gathering open-source information which can be further used for investigations...
Reconnoitre is a tool that was created to automate routine actions within the OSCP lab environment. It is a simple script, which...
Today, we talk about SSLyze. SSLyze is a Python tool that can analyze the SSL configuration of a server. It is designed...
Photon is a relatively fast crawler designed for automating OSINT (Open Source Intelligence) with a simple interface and tons of customization options....
KillShot is a penetration testing tool that can be used to gather useful information and scan vulnerabilities in target host devices and...
Every reconnaissance phase has a standard checklist that is to be followed. If you’ve ever conducted or been a part of target...
Tmux is a terminal multiplexer: which in lamen terms means it is able to create a number of terminals, inside a session,...
MassBleed is an open source tool used for scanning SSL vulnerabilities in web applications. The tool can scan Heartbleed, CCS, Poodle, Winshock,...
YAWAST is a web application penetration testing toolkit that can perform information gathering and basic vulnerabilities (misconfiguration) assessment tasks related to TLS/SSL,...
Tulpar is an open source penetration testing tool that can find web application vulnerabilities such as SQL injection, Cross-site Scripting (XSS), Command...
With Sherlock you can search across a vast number of social platforms for a username. This is useful for information gathering purposes,...
Webvulnscan is a web application scanner that automates vulnerability assessment tasks. The tool can automatically detect different web application vulnerabilities including Cross...
Modlishka is a go based phishing proxy that takes your phishing campaigns to the next level. The main feature that makes it...
Sitadel is a python based web application scanner. It’s flexible and has many different scanning options. It can get a full fingerprint...
Winpayloads is a python based tool which combines some of the Powershell Empire features along with the metasploit framework to create windows...