Browsing tag
Telecommunication, media, internet service providers (ISPs), information technology (IT)-service providers, and Kurdish websites in the Netherlands have been targeted as part of a new cyber espionage campaign undertaken by a Türkiye-nexus threat actor known as Sea Turtle. “The infrastructure of the targets was susceptible to supply chain and island-hopping attacks, which the attack group used […]
Lockdoor Framework : A Penetration Testing Framework With Cyber Security Resources. 09/2019 : 1.0Beta Information Gathring Tools (21) Web Hacking Tools(15) Reverse Engineering Tools (15) Exploitation Tools (6) Pentesting & Security Assessment Findings Report Templates (6) Password Attack Tools (4) Shell Tools + Blackarch’s Webshells Collection (4) Walk Throughs & Pentest Processing Helpers (3) […]
Synopsisbscan is a command-line utility to perform active information gathering and service enumeration. At its core, bscan asynchronously spawns processes of well-known scanning utilities, repurposing scan results into highlighted console output and a well-defined directory structure. Installationbscan was written to be run on Kali Linux, but there is nothing inherently preventing it from running on […]
Information gathering is a long process in pentesting. There are various tools which gather information from various social media platforms and many other web platforms. But sometimes it is required to gather information from GITHUB, explain ethical hacking professionals. Github as you know a platform for developers where they upload their tools and codes. According […]
Pentesting is all about showing and reporting problems in web/mobile applications. This is the most popular part of cyber security which every researcher/security enthusiast want to do. Because it gives a brief knowledge how to penetrate any web application. Pentesting is done by information gathering. There are many tools/scripts available over the internet which can […]
A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner Why KillShot ? You Can use this tool to Spider your website and get important information and gather information automaticaly using whatweb-host-traceroute-dig-fierce-wafw00f or to Identify the cms and to find the vulnerability in your website using Cms Exploit Scanner && WebApp Vul Scanner Also […]
Quasar Is An Information Gathering Framework For Penetration Testers Coded By Belahsan Ouerghi: Website Informations E-mail Address Checker Phone Number Information Credit Card Bin Checker Ip Locator Port Scanner Installation sudo apt-get install git git clone https://github.com/TunisianEagles/quasar.git cd quasar chmod +x install.sh chmod +x quasar.sh sudo ./install.sh sudo ./quasar.sh Screenshots Tested On : Backbox […]
roxysploit is a community-supported, open-source and penetration testing suite that supports attacks for numerous scenarios. conducting attacks in the field. Some containing Plugins in roxysploit Scan is a automated Information gathering plugin it gives the user the ability to have a rest while the best Information gathering plugin can be executed. Jailpwn is a useful plugin for […]
The Nmap Scanner for Telco. With the current focus on telecom security, there used tools in day to day IT side penetration testing should be extended to telecom as well. From here came the motivation for an nmap-like scanner but for telco The current security interconnect security controls might fail against reconnaissance , although mobile […]
Anubis is a subdomain enumeration and information gathering tool. Anubis collates data from a variety of sources, including HackerTarget, DNSDumpster, x509 certs, VirusTotal, Google, Pkey, and NetCraft. Anubis also has a sister project, AnubisDB, which serves as a centralized repository of subdomains. Subdomains are automatically sent to AnubisDB – to disable this functionality, pass the […]
Web Privacy Measurement is the observation of websites and serves to detect, characterize and quantify privacy-impacting behaviors. Applications of Web Privacy Measurement include the detection of price discrimination, targeted news articles and new forms of browser fingerprinting. Although originally focused solely on privacy violations, WPM now encompasses measuring security violations on the web as well. […]
Nishang is an open source framework and collection of powerful PowerShell scripts and payloads that you can use during penetration testing audit, post exploitation phase or other stages of offensive security auditing. Nishang is useful during various phases of a security auditing process and has many scripts categorized into logical categories such as information gathering, scanning, privilege […]
PowerSAP is a simple powershell re-implementation of popular & effective techniques of all public tools such as Bizploit, Metasploit auxiliary modules, or python scripts available on the Internet. This re-implementation does not contain any new or undisclosed vulnerability. PowerSAP allows to reach SAP RFC with .Net connector ‘NCo’. What is this repository for? Quick summary: […]
Vanquish is a Kali Linux based Enumeration Orchestrator built in Python. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases. The results of each phase are fed into the next phase to identify vulnerabilities that could be leveraged for a remote shell. Vanquish Features So what is so special […]
Hey Guys, In this video i show you a great tool called Yuki Chan. The Yuki Chan is an Automated Penetration Testing tool this tool will auditing all standard security test method for you. Yuki Chan:https://github.com/Yukinoshita47/Yuki-Chan-The-Auto-Pentest Features: • Automated • Intel-Gathering • Vulnerability Analysis • Security Auditing • OSINT • Tracking • System Enumeration • […]
pythem is a multi-purpose pentest framework written in Python. It has been developed to be used by security researchers and security professionals. The tool intended to be used only for acts within the law. I am not liable for any undue and unlawful act practiced by this tool, for more information, read the license. Only […]
The objective of this program is to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database. This tool is intended to help Penetration testers in the early stages of the penetration test in order to understand the customer footprint on […]
Tinfoleak is a simple Python script that allow to obtain detailed information about a Twitter user activity Detailed information about any Twitter user: basic information about a Twitter user (name, picture, location, followers, etc.) devices and operating systems used by the Twitter user applications and social networks used by the Twitter user place and geolocation […]
Penetration testing (otherwise known as pentesting, or the more general security testing) is the process of testing your applications for vulnerabilities, and answering a simple question: “What could a hacker do to harm my application, or organization, out in the real world?”. An effective penetration test will usually involve a skilled hacker, or team of […]