Browsing tag
The purpose of this tool is to help penetration testers identify potentially valuable targets on the internal network environment. By aggregating netstat routes from multiple hosts, you can easily figure out what’s going on within. Getting StartedThese instructions will get you a copy of the project up and running on your local machine for development […]
RdpThief by itself is a standalone DLL that when injected in the mstsc.exe process, will perform API hooking, extract the clear-text credentials and save them to a file.An aggressor script accompanies it, which is responsible for managing the state, monitoring for new processes and injecting the shellcode in mstsc.exe. The DLL has been converted to […]
DNCI allows the injection of .Net code (.exe or .dll) remotely in unmanaged processes in windows. 1. Project StructureThe project is structured in: DNCI.Injector.Library – Injection library. Contains all injection components and logic; DNCI.Injector.Runner – Command line utility for injection; DNCIClrLoader – C++ MicroCode to Load the .NET assembly into memory; InjectDemo.Console.ClassicNet – Demo Classic […]
Being able to hide or continually rotate the source IP address when making web calls can be difficult or expensive. A number of tools have existed for some time but they were either limited with the number of IP addresses, were expensive, or required deployment of lots of VPS’s. FireProx leverages the AWS API Gateway […]
Tooling that automates your social media interactions to collect posts, photos, videos, friends, followers and much more on Facebook. FeaturesA bot which scrapes almost everything about a facebook user’s profile including uploaded photos tagged photos videos friends list and their profile photos (including Followers, Following, Work Friends, College Friends etc) and all public posts/statuses available […]
Fileless lateral movement tool that relies on ChangeServiceConfigA to run command. The beauty of this tool is that it doesn’t perform authentication against SMB everything is performed over DCERPC.The utility can be used remotely WITHOUT registering a service or creating a service. It also doesn’t have to drop any file on the remote system* (Depend […]
This Burp Suite extension allows you to customize header with put a new header into HTTP REQUEST BurpSuite (Scanner, Intruder, Repeater, Proxy History) and also you can choose whatever HTTP VERB what do you want to customize.Usage Easy to use ! ? Don’t forget to click save button ! Changelog24 October 2019 – v1.0 First […]
Cross-platform backdoor using dns txt records. What is ddor?ddor is a cross platform light weight backdoor that uses txt records to execute commands on infected machines.Features Allows a single txt record to have seperate commands for both linux and windows machines List of around 10 public DNS servers that it randomly chooses from Unpredictable call […]
In many past internal penetration tests I often had problems with the existing Powershell Recon / Exploitation scripts due to missing proxy support. I often ran the same scripts one after the other to get information about the current system and/or the domain. To automate as many internal penetrationtest processes (reconnaissance as well as exploitation) […]
SQL InjectionIn this section, we’ll explain what SQL injection is, describe some common examples, explain how to find and exploit various kinds of SQL injection vulnerabilities, and summarize how to prevent SQL injection. What is SQL injection (SQLi)?SQL injection is a web security vulnerability that allows an attacker to interfere with the queries that an […]
Blind SQL Injection Tool with Golang.UsageDownload andor.go and go to the folder where the file andor.go located. And type this to command promt:go run andor.go –url “http://deneme.com/index.php?id=1″** Note: Get parameter value must be correct, otherwise it will not work. Download Andor
DetectionLab is tested weekly on Saturdays via a scheduled CircleCI workflow to ensure that builds are passing. PurposeThis lab has been designed with defenders in mind. Its primary purpose is to allow the user to quickly build a Windows domain that comes pre-loaded with security tooling and some best practices when it comes to system […]
[*] RedPeanut is a small RAT developed in .Net Core 2 and its agent in .Net 3.5 / 4.0. RedPeanut code execution is based on shellcode generated with DonutCS. It is therefore a hybrid, although developed in .Net it does not rely solely on the Assembly.Load. This increases the detection surface, but allows us to […]
Concept behind Seeker is simple, just like we host phishing pages to get credentials why not host a fake page that requests your location like many popular location based websites.Seeker Hosts a fake website on In Built PHP Server and uses Serveo to generate a link which we will forward to the target, website asks […]
Vulnx is An Intelligent Bot Auto Shell Injector that detect vulnerabilities in multiple types of Cms, fast cms detection,informations gathering and vulnerabilitie Scanning of the target like subdomains, ipaddresses, country, org, timezone, region, ans and more …Instead of injecting each and every shell manually like all the other tools do, VulnX analyses the target website […]
Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner.Installation go get -u github.com/jaeles-project/jaeles Please visit the Official Documention for more details.Checkout Signature Repo for base signature. UsageMore usage hereExample commands. jaeles scan -u http://example.comjaeles scan -s signatures/common/phpdebug.yaml -U /tmp/list_of_urls.txtjaeles scan –retry 3 –verbose -s “signatures/cves/jira-*” […]
As with many exploits, remote and local file inclusions are only a problem at the end of the encoding. Of course it takes a second person to have it. Now this article will hopefully give you an idea of protecting your website and most importantly your code from a file iclusion exploit. I’ll give code […]
This shell is the ultimate WinRM shell for hacking/pentesting. WinRM (Windows Remote Management) is the Microsoft implementation of WS-Management Protocol. A standard SOAP based protocol that allows hardware and operating systems from different vendors to interoperate. Microsoft included it in their Operating Systems in order to make life easier to system administrators. This program can […]
This project produces open-source code to generate rainbow tables as well as use them to look up password hashes. While the current release only supports NTLM, future releases aim to support MD5, SHA-1, SHA-256, and possibly more. Both Linux and Windows are supported!For more information, see the project website: https://www.rainbowcrackalack.com/VolunteeringThe project for generating NTLM 9-character […]
The Brave Privacy Browser is your fast, safe private web browser with ad blocker, private tabs and pop-up blocker. Browse without being tracked by advertisers, malware and pop-ups. Fast & Secure Web Browser No external plugins or settings! Brave privacy browser simply provides the most secure, lightning fast web browser for Android. Enjoy browsing without […]
Burp Suite extension to discover assets from HTTP response using passive scanning. Refer our blog Asset Discovery using Burp Suite for more details.The extension is now part of the BApp store and can be installed directly from the Burp Suite. https://portswigger.net/bappstore/d927f0065171485981d6eb49a860fc3eDescriptionPassively parses HTTP response of the URLs in scope and identifies different type assets such […]