Browsing tag
Auto_EAP.py is a script designed to perform automated brute-force authentication attacks against various types of EAP networks. These types of wireless networks provide an interface to facilitate password guessing of domain credentials as radius servers check authentication against Active Directory. Install: ./Auto_EAP.py -s HoneyPot -K WPA-EAP -E PEAP -U test.txt -p Summer2016 -i wlan0 Initialized… […]
BBQSQL is a blind SQL injection framework written in Python. It is extremely useful when attacking tricky SQL injection vulnerabilities. BBQSQL is also a semi-automatic tool, allowing quite a bit of customization for those hard to trigger SQL injection findings. The tool is built to be database agnostic and is extremely versatile. It also has […]
OWASP VBScan ([VB]ulletin Vulnerability [Scan]ner) is an open-source project in Perl programming language to detect VBulletin CMS vulnerabilities and analyses them. How to use: ./vbscan.pl ./vbscan.pl http://target.com/vbulletin OWASP VBScan 0.1.7 introduction – YouTube video Updated exploit database Compatible With Windows [Linux,OSX,Windows] Added Full Path Disclosure (FPD) module Added firewall detect/bypass module Optimized version checker module […]
How to Install: Install ruby, bundler and rails. https://gorails.com/setup/ubuntu/16.04 Install redis-server and nmap. sudo apt-get update sudo apt-get install redis-server nmap Clone HellRaiser repository, change to hellraiser web app directory and run bundle install. git clone https://github.com/m0nad/HellRaiser/ cd HellRaiser/hellraiser/ bundle install How to Start: Start redis server. redis-server Go to the hellraiser […]
Quick and handy APK backdoor embedder with metasploit android payloads. Requirements: metasploit Installation and execution: Then you can download smap by cloning the Git repository: git clone https://github.com/suraj-root/spade.git cd spade/ ./spade.py
Transparent Proxy through TOR, I2P, Privoxy, Polipo and modify DNS, for a simple and better privacy and security; Include Anonymizing Relay Monitor (arm), macchanger, hostname and wipe (Cleans ram/cache & swap-space) features. Tested on Debian, Kali, Parrot to use the graphical interface, you’ll need to install separately GTKdialog and libvte.so.9 and i2p Requirements: Tor […]
Sandcat is a lightweight multi-tabbed web browser that combines the speed and power of Chromium and Lua. Sandcat comes with built-in live headers, an extensible user interface and resource viewer ,command line console and many other features that are useful for web developers and pen-testers and when you need to examine live web applications. For […]
sudo-snooper acts like the original sudo binary to fool users into entering their passwords. It will show a fake prompt just like the original to the user to enter their sudo password. This can be useful in penetration tests or security evaluations for testing user knowledge. Installation steps Option 1 – Install in place of […]
Fluxion is a remake of linset by vk496 with less bugs and more features. It’s compatible with the latest release of Kali (Rolling). Latest builds (stable) and (beta) HERE . If you new, please start reading the wiki How it works: Step 1: Scan the networks.Step 2: Capture a handshake (can’t be used without a […]
Short Bytes: A developer has created a command line utility which can give you the feel of Hollywood movie hacker. His tool replicates the decrypting text seen from the 1992 hacker movie Sneakers. The code is freely available on his GitHub page. We have seen how the hackers in movies do some over-the-edge stuff when […]
Recently we have been posting lot of new tools related to ‘steganography‘, a tool which is used to hide images or text in images. Matroschka, a steganography tool written in pure Python. You can use this tool to hide and encrypt images or text in the least significant bits of pixels in an image. HMAC-SHA256 […]
Short Bytes: Googler allows you to use Google search in the Linux command line. This Linux command line utility can be used as a standalone tool or in combination with a text-based web browser. Developed using Python, Googler can be found on its developer’s GitHub repository. For Linux users, most of their daily activities revolve around […]
WAS, is a simple automatic USB drive malware scanning tool that helps for people who often be in a hurry or absent minded to scan the USB drive before opening files from it. You may have an anti-virus with real time protection, but if it doesn’t able to identify new virus that it will be […]
Short Bytes: At its GitHub Universe conference, GitHub released some interesting data in a report. The data shows that Microsoft has the most open source contributors on GitHub, followed by the likes of Facebook, Docker, Angular, and Google. For those wondering how it happened, over the course of past couple of years, Redmond has been open sourcing tons […]
Short Bytes: GitHub Showcases is an anthology of popular open source project repositories. It consists of different projects that are categorized under different interests. You can explore GitHub Showcases and get acquainted with the hottest trends in programming and open source software development. GitHub is one of the most popular Git repository hosting service that […]
XssPy, a python tool for detecting Cross Site Scripting vulnerabilities in websites. Instead of just checking one page as most of the tools do, this tool traverses the website and find all the links and sub-domains first. After that, it starts scanning each and every input on each and every page that it found while its traversal. […]
Lalin, remake of Lazykali by bradfreda with fixed bugs, new features and updated tools. Lain is compatible with the latest Kali Linux version. Updates: Lalin gets weekly updates with new features, improvements and bug fixes. How to: Download Lalin from github and enter the following command given below to use Lalin. $ sudo […]
Pythem, a python pentesting tool developed in the hope that it will be useful and not for any illegal activities and works only for GNU/Linux OS. Also Read: Learn Python for FREE with this course How to: $sudo git clone https://github.com/m4n3dw0lf/PytheM/ $cd PytheM $sudo pip install -r requirements.txt $sudo ./pythem Also Read: The best python […]
OpenStego is a steganography application that can be used for data hiding and watermarking. Steganography tool is mostly used by hackers to hide secret messages inside another larger and harmless looking message. Hide data: Hide data into an image Extract data: Extract data from a image Generate signature Embed watermark Verify watermark […]
PenBox – A Penetration Testing Framework, (the hacker’s repo) is the last version of script that a hacker needs. Information Gathering: nmap Setoolkit Port Scanning Host To IP wordpress user enumeration CMS scanner XSStracer – checks remote web servers for Clickjacking, Cross-Frame Scripting, Cross-Site Tracing and Host Header Injection Doork – Google Dorks Passive […]
Short Bytes: An unofficial Android Nougat port has been released by an Android developer named Peter Yoon. The port is available for the credit card-sized single board computer Raspberry Pi 3. You can check the source code on Peter’s Github page and try out Android 7.0 on your Raspberry Pi right away. An unofficial port of […]