Browsing tag
Short Bytes: If you regularly forget the passwords for your online accounts, then a Facebook tool, known as Delegated Recovery, might be able to help you. Currently, implemented on GitHub, the tool uses a recovery token saved with Facebook to authenticate your identity and retrieve your account. Facebook has open sourced Delegated Recovery, and it’s […]
FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more. The features will continue to be expanded and will include website spoofing, click tracking, and extensive notification options. Note: This tool is used only for educational purpose. We […]
OWASP Passfault evaluates passwords and enforces password policy in a completely different way. Running the Command-line Interface Step 1: install javaStep 2: cd coreStep 3: gradlew installDistStep 4: run build/install/core/bin/core Step 1: cd jsonServiceStep 2: gradlew build jettyRunWarStep 3: browse to localhost:8080/jsonService Note the war will be located in jsonService/build/lib/passfault-jsonService-[version].war
Chisel is a fast TCP tunnel, transported over HTTP. Single executable including both client and server. Written in Go (Golang). Chisel is mainly useful for passing through firewalls, though it can also be used to provide a secure endpoint into your network. Chisel is very similar to crowbar though achieves much higher performance. Features Easy […]
It can perform a lockdown. Unlike some other scripts it has the capability to backout changes. Files are backed up using cpio to a directory based on the date. Although it can perform a lockdown, as previously stated, we would recommend you address the warnings via policy, documentation and configuration management. Linux RHEL 5,6,7 Centos 5,6,7 […]
rePy2exe, a Reverse Engineering Tool for py2exe applications. cmake git python 2.7 Enter the following command to download rePy2exe file git clone https://github.com/4w4k3/rePy2exe.git Now to run rePy2exe type python rePy2exe.py python2.7 rePy2exe.py Download now – rePy2exe
This is a framework based on fingerprint action, this tool is used for get information on website or enterprise target pip install -r requirements.txt python operative.py core/modules/cms_gathering core/modules/domain_search core/modules/email_to_domain core/modules/https_gathering core/modules/linkedin_search core/modules/reverse_ipdomain core/modules/search_db core/modules/waf_gathering core/modules/whois_domain core/modules/generate_email core/modules/viadeo_search import database in core/dbs/ read table read columns search information with pattern Download now – Operative Framework
A tool to kick devices out of your network and enjoy all the bandwidth for yourself. It allows you to select specific or all devices and ARP spoofs them off your local area network. Python 2.6 & 2.7 git clone https://github.com/k4m4/kickthemout.git cd kickthemout pip install -r requirements.txt Download now – KickThemOut
Short Bytes: A hacker has published an open source tool for helping administrators strengthen the security of their networks. Dubbed TruffleHog, this tool scans the commit history and branches for high entropy keys, and prints them. A similar tool is already used by Amazon to scan leaked AWS keys, a Reddit user claimed. A security researcher […]
Hakku Framework is been made for penetration testing. It offers simple structure, basic CLI, and useful features for penetration testing tools developing. Hakku is written in python 3.5, and developed mainly on Arch Linux. Python 3.5 and the dependencies Linux operating system Hakku framework Ethtool Aircrack-ng Ettercap-text-only Dsniff Xterm Driftnet Tcpdump Basic CLI Penetration testing […]
Wifijammer, is a tool that blocks all wifi clients and access points within range. The effectiveness of this script is constrained by your wireless card. Alfa cards seem to effectively jam within about a block radius with heavy access point saturation. Granularity is given in the options for more effective targeting. System Requirement Python 2.7 […]
Steghide, is a tool that executes a brute force attack to file with hide information and password established. Linux operating system Steghide Python Step 1: Download and install Steghide from GitHub or enter the following command on your Linux terminal: git clone https://github.com/Va5c0/Steghide-Brute-Force-Tool.git Step 2: Now run the script by typing: python steg_brute.py [option] […]
Commix, other wise known as [ comm ]and [ i ]njection e[ x ]ploiter is an automated tool written by that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using […]
Lobotomy is a command line based Android reverse engineering tool. Components: Permission Strings Attack Surface Surgical Interact UI De-compile De-buggable Dextra Socket OSX Components required for python-adb brew install openssl brew install swig env LDFLAGS=”-L$(brew –prefix openssl)/lib” CFLAGS=”-I$(brew –prefix openssl)/include” SWIG_FEATURES=”-cpperraswarn -includeall -I$(brew –prefix openssl)/include” Now enter the following code […]
Raptor WAF is a simple web application firewall made in C, using KISS principle, to make poll use select() function, is not better than epoll() or kqueue() from *BSD but is portable, the core of match engine using DFA to detect XSS, SQLi and path traversal. Short video: WAF stands for Web Application Firewall. It […]
Hijacker is a Graphical User Interface for the wireless auditing tools airodump-ng, aireplay-ng and mdk3. It offers a simple and easy UI to use these tools without typing commands in a console and copy&pasting MAC addresses. Supporting Device Device that uses the BCM4339 chipset will work with Nexmon. Device that uses the BCM4330 chipset will […]
A remote msfconsole written in Python 2.7 to connect to the msfrcpd server of metasploit. This tool gives you the ability to load modules permanently as daemon on your server like autopwn2. Although it gives you the ability to remotely use the msfrpcd server it is recommended to use it locally with a ssh or […]
Morpheus is a framework tool which automates TCP/UDP packet manipulation tasks by using etter filters to manipulate target requests/responses under MitM attacks replacing the TCP/UDP packet contents by our contents before forward the packet back to the target host. This tool comes with pre-configured filters but it will allow users to improve them when lunching the […]
Wifiphisher is a security tool that mounts automated victim-customized phishing attacks against WiFi clients in order to obtain credentials or infect the victims with malwares. It is primarily a social engineering attack that unlike other methods it does not include any brute forcing. It is an easy way for obtaining credentials from captive portals and […]
PyJFuzz is a small, extensible and ready-to-use framework used to fuzz JSON inputs , such as mobile endpoint REST API, JSON implementation, browsers, cli executable and much more. It is shipped with a built-in tool called PyJFuzz Web Fuzzer , this tool will provide an automatic fuzzing console via HTTP and HTTPS server, it can be […]
FileBuster, a free tool to fuzz a website faster & flexible based on a dictionary using regex patterns. FileBuster was built based on one of the fastest HTTP classes in the world. Furl::HTTP. Also the thread modelling is a bit optimized to run as fast as possible. This tool is created using Perl language. Features: […]