Clik here to view.
Recon Using SubBrute and Eyewitness to perform OSINT on a supplied domain.
Recon Using SubBrute and Eyewitness to perform OSINT on a supplied domain. NOTE: The tools currently takes a target domain from the command line, runs Subbrute then imports that file into EyeWitness....
View ArticlePwaneddler is A script kiddie for perform MiTM attack.
pwaneddler is A script kiddie for perform MiTM attack and replace image in a host’s browser or for turn off a host’s internet connection Dependencies: + Ettercap (and Etterfilter) + Nmap + Php Replace...
View ArticleClik here to view.
3vilTwinAttacker v0.6.8 released – Framework for Rogue Wi-Fi Access Point...
CHANGELOG V-0.6.8: + fixed network card as wifi hotspot,some improvements — remove aircrack-ng dependency — added plus conf hostapd — fixed deauth Attack (o exercito BR deu like kkkk) + fixed run...
View ArticleClik here to view.
Router-Telnet-BadDay – tool to search_find_brute-force telnet servers with...
This tool is a part of biger framework. its designed to search_find_brute-force telnet servers. workiing with multithreads (default 5 threads). can be used as testing purpose on your company routers...
View ArticleClik here to view.
Updates Ora-PWN v1.2 – Oracle Attacks Tool.
Latest Change 5/12/2015: Invoke-CredentialsGuess & Invoke-ThreadedFunction.Ora-Pwn is An Oracle attack tool written in PowerShell and using the .NET OracleClient. Can be used to bruteforce SIDs,...
View ArticleClik here to view.
SimpleEmail v0.6 released – is a email recon tool that is fast and easy...
Changelog in v0.6 Modules Added: (x) GoogleDocSearch.py SimplyEmail-v-0-6 SimplyEmail What is the simple email recon tool? This tool was based off the work of theHarvester and kind of a port of the...
View ArticleClik here to view.
JSQL Injection v-0.72 released : a java tool for automatic database injection.
Roadmap and Changelog v-0.72: + Fix broken blind and time and some issues : fix #83, fix #82, fix #67, fix #60, fix #46 jSQL Injection Version-0.72 Changelog v-071: + Coder/Bruter for Adler32 Crc16...
View ArticleClik here to view.
Firecat is a penetration testing tool that allows you to punch reverse TCP...
Firecat is a penetration testing tool that allows you to punch reverse TCP tunnels out of a compromised network. After a tunnel is established, you can connect from an external host to any port on any...
View ArticleClik here to view.
Sawef – Send Attack Web Forms.
Has been tested on WIndows Xp/Vista/7/8.1/10, Kali 2.0, Ubuntu 14.04 The purpose of this tool is to be a Swiss army knife for anyone who works with HTTP, so far it she is basic, bringing only some of...
View ArticleClik here to view.
Lynis v-2.1.5 : is a system and security auditing tool for Unix/Linux.
= Changelog Lynis 2.1.5 = This is an major release, which includes both new features and enhancements to existing tests. * Automation tools —————— CFEngine detection has been further extended....
View ArticleClik here to view.
security-scripts : A collection of security related Bash shell scripts.
A collection of security related Bash shell scripts. No fancy programming framework required, all that is needed is a Bash shell. analyze-hosts.sh A simple wrapper script around several open source...
View Articlesslstrip_password_hijacker Automates sslstrip arp spoofing MITM attack.
Whats new 9/12/2015? Working on arch linux (python3.5) sslstrip_password_hijacker is a Automates sslstrip arp spoofing MITM attack. FOR TESTING PURPOSES ONLY. System Support: Arch, Debian, Ubuntu, Kali...
View ArticleClik here to view.
Updates domi-owned : IBM/Lotus Domino exploitation.
Domi-Owned is a tool used for compromising IBM/Lotus Domino servers. Tested on IBM/Lotus Domino 8.5.2, 8.5.3, 9.0.0, and 9.0.1 running on Windows and Linux. Domi-Owned is a tool used for compromising...
View ArticleClik here to view.
ATSCAN-v1 is a perl script for vulnerable Server, Site and dork scanner.
ATSCAN-V1 is a perl script with function Dork scanner. XSS scanner. LFI scanner. Filter wordpress and Joomla sites in the server. Find Admin page. Decode / Encode MD5 + Base64. Principal MENU: 1 = DORK...
View ArticleClik here to view.
al-khaser is a PoC malware with good intentions that aimes to stress your...
al-khaser is a PoC malware with good intentions that aimes to stress your anti-malware system. Latest Change 10/12/2012: + Fix Windows 10 detection -> RtlGetVersion + add NtQueryObject :...
View ArticleClik here to view.
Empire v1.3.7 released : PowerShell post-exploitation agent.
Changelog v-1.3.7: – Updated powerview.ps1 – Added situational_awareness/network/powerview/get_cached_rdpconnection – Added situational_awareness/network/powerview/set_ad_object – Added...
View ArticleClik here to view.
ATSCAN-v2 is a perl script for vulnerable Server, Site and dork scanner.
Changelog v-2: + Add option to scan from list: xss lfi rfi admin page (Mass Scan) + Add lists verification + Add input verification. + Optimize results. ATSCAN-v-2 ATSCAN is a perl script with function...
View ArticleClik here to view.
Exserial – Java Untrusted Deserialization Exploits Tools.
Disclaimer This tool is for learning and research purposes, not for commercial purposes, if there are any legal disputes therefore, without any relationship with the tool author. exserial is a Java...
View ArticleClik here to view.
Updates Blade – A webshell connection tool with customized WAF bypass...
Latest Change: + payload, libs and blade.py: Refactoring some code + correct some little mistakes Blade is a webshell connection tool based on console, currently under development and aims to be a...
View ArticleClik here to view.
Damn Vulnerable Node Application (DVNA) is a PHP/MySQL web application that...
Damn Vulnerable Node Application (DVNA) is a PHP/MySQL web application that is damn vulnerable. Its main goal is to be an aid for security professionals to test their skills and tools in a legal...
View Article