script – MrHacker

Information Gathering

Oct 02, 2019

Sub.Sh – Online Subdomain Detect Script

Online Subdomain Detect Script. USAGE Script bash sub.sh webscantest.com ./sub.sh webscantest.com Curl curl -s -L https://raw.githubusercontent.com/cihanmehmet/sub.sh/master/sub.sh | bash -s webscantest.com Subdomain Alive Check bash sub_alive.sh bing.com curl -s -L https://raw.githubusercontent.com/cihanmehmet/sub.sh/master/sub_alive.sh | bash -s bing.com” ‼️fping required Nmap -sn (No port scan) scan live IP detection script fping -f ip.txt Usage bash nmap_sn.sh ip.txt […]

root

Information Gathering

Oct 18, 2018

TakeOver v1 – Extracts CNAME Record Of All Subdomains At Once

What is Subdomain Takeover? Subdomain takeover is a class of vulnerability where subdomain points to an external service that has been deleted. The external services are Github, Heroku, Gitlab, Tumblr and so on. Let’s assume we have a subdomain sub.example.com that points to an external service such as GitHub. If the Github page is removed […]

root

Password Attacks

Jul 06, 2018

TP-Link-defaults – Python Script For Trying Default Passwords For Some TP-Link Hotspots

Python script for trying default passwords for some TP-Link Hotspots Inspired by Usage usage: scan.py [-h] [-p] Python script for trying default passwords for some TP-Link Hotspots optional arguments: -h, –help show this help message and exit -p, –print-all print all found ssid’s FOR EDUCATIONAL USE ONLY Config timeout stop sniffing after a given time […]

root

Cryptocurrency

Feb 21, 2018

Hackers Spreading Cryptocurrency Mining scripts via videos that Embedded in MS Office Word Documents

Microsoft word documents abused by Cryptocurrency Mining script embedded phishing Videos and victims tricked into watching an “innocent” video that leads to performing a crypto-Jacking Attack on victims PC. Nowadays Hackers always finding a new malicious way to mining Cryptocurrency by abusing various legitimate platform. Usually, Browser-based cryptocurrency mining is performed by injecting crypto-jacking script and once […]

root

Information Gathering

Jan 14, 2018

Halcyon – NSE Nmap Script Development IDE

Halcyon IDE lets you quickly and easily develop scripts for performing advanced scans on applications and infrastructures with a range from recon to exploitation capabilities. It is the first IDE released exclusively for Nmap script development. Halcyon IDE is free and open source project (always will be) to provide an easier development interface to rapidly growing […]

root

Information Gathering

Jan 07, 2018

Reposcanner – Python Script To Scan Git Repos For Interesting Strings

Reposcanner is a python script to search through the commit history of Git repositories looking for interesting strings such as API keys, inspires by truffleHog. Installation The python Git module is required (python-git on Debian). Usage ./reposcanner -r <repository> Options: optional arguments: -h, –help show this help message and exit -r REPO, –repo REPO Repo to […]

root

Exploitation Tools

Dec 28, 2017

Relayer – SMB Relay Attack Script

Relayer is an SMB relay Attack Script that automates all the necessary steps to scan for systems with SMB signing disabled and relaying authentication request to these systems with the objective of gaining a shell. Great when performing Penetration testing. Relayer makes use of Unicorn from trustedsec to create the payload that is executed on […]

root