Clik here to view.
Brosec v1.1.6 – An interactive reference tool to help security professionals...
Changelog v1.1.6 (August 8, 2016): * Features: ++ Encoder +-+ Added md5, sha1, sha256 hashing methods ++ Payloads +-+ Added Add user to remote desktop group to bros 31 category +-+ Added prompts to...
View ArticleClik here to view.
Commix v1.2 – Automatic All-in-One OS Command Injection and Exploitation Tool.
Changelog v1.2 : * Added: The ability for setting custom (PHP / Python) working directory. * Fixed: License file minor inaccurancy issue has been fixed. * Revised: The Windows-based payloads for every...
View ArticleClik here to view.
Needle is an open source, modular framework to streamline the process of...
Assessing the security of an iOS application typically requires a plethora of tools, each developed for a specific need and all with different modes of operation and syntax. The Android ecosystem has...
View ArticleClik here to view.
Recon-ng v4.8.1 ~ a full-featured Web Reconnaissance framework.
Changelog v4.8.1 stable & stagging version: * Added the threatcrowd module. * Updated the GHDB. * Fixed a bug in the fullcontact module. * Fixed a bug in the hashes_org module. recon-ng v4.8.1...
View ArticleClik here to view.
v3n0M v4.0.6 – Popular Pentesting scanner in Python3.5 for SQLi/XSS/LFI/RFI...
Changelog v4.0.6 Stable, 14th August 2016: * Re-added LFI, XSS and Other Checks from previous versions. * Added Self-Updater. * Improved Search_Ignore list. example v3n0M v4.0.6 running on windows...
View ArticleClik here to view.
exploitpack ra v5.4 – list your new exploit on Exploit Pack you will need.
Latest Changelog ra v5.4: * Java DOc for all * Better UI * More Payload Exploitpack ra v5.4 ExploitPack has been designed by an experienced team of software developers and exploit writers to automate...
View ArticleClik here to view.
idb – iOS App Security Assessment Tool.
idb is a tool to simplify some common tasks for iOS app security assessments and research. idb had the ability to dump the keychain of a jailbroken iDevice. So far, idb has been using the keychain_dump...
View ArticleClik here to view.
PenBox v2 – A Penetration Testing Framework.
Changelog v2: + Adding tools Shellnoob + Adding tools jboss-autopwn + adding sniper: recon + added Get server banner + added Bypass Cloudflare + added BruteX – Automatically brute force all services...
View ArticleClik here to view.
TpmInitUACBypass – A tool to Bypass User Account Control(UAC) on Windows 8.1...
TpmInitUACBypass is A tool to Bypass User Account Control (UAC), to get a High Integrity (or SYSTEM) Reversed Command shell, a reversed PowerShell session, or a Reversed Meterpreter session. When...
View ArticleClik here to view.
CICSpwn is a tool to pentest CICS Transaction servers on z/OS.
CICSpwn is a tool to pentest CICS Transaction servers on z/OS. Features: * Get general information about CICS and the underlying z/OS ++ List available IBM supplied transactions ++ Get active sessions...
View ArticleClik here to view.
redisMassExploit – script to collect hosts installed redis (using Shodan...
redisMassExploit is a python 2 script to collect hosts installed redis (using Shodan search engine) and exploit them. Dependensies: + Shodan Account + SSH + python 2 redisMassAttack How to use: * Using...
View ArticleClik here to view.
RouterSploit v2.2.1 – Router Exploitation Framework.
Changelog v2.2.1: * New features ++ Threaded support for scanners which makes them waaay faster! (see scanners/autopwn(...
View ArticleClik here to view.
l0l a exploit development kit.
l0l is an exploit development kit with c++ language scripting. with features: * Shellcodes Windows ============ + windows/exec + windows/messagebox * Backdoors Scripting Payloads ==================== +...
View ArticleClik here to view.
Lynis v2.3.3 : is a system and security auditing tool for Unix/Linux.
CHANGELOG Lynis v2.3.3 (2016-08-23): Upgrade note:Customized profiles that included sysctl settings need to be altered. See default.prf for the correct format of the lines. * Additions ++ OpenStack...
View ArticleClik here to view.
PS>Attack Build Tool v1.6 – an offensive PowerShell console that makes it...
Changelog PS>Attack Build Tool v1.6: What’s New ++ New “UI” ++ Implemented generated strings to be passed into PS>Attack when compiled. What does it do? The PS>Attack Build Tool downloads the...
View ArticleClik here to view.
usbdeath ~ anti-forensic tool that writes udev rules for known usb devices.
usbdeath is a small script inspired by usbkill( https://github.com/hephaest0s/usbkill), “an anti-forensic kill-switch that waits for a change on your USB ports and then immediately shuts down your...
View ArticleClik here to view.
shellcode for execve penetration test.
shellcode for execve penetration test. Main Program: 1. exec /bin/sh with shellcode. 2. call sys_exit with shellcode. debugging with gef Dependencies: + Gcc on Gnu/Linux + gdb exec /bin/sh with...
View ArticleClik here to view.
pywerview – A (partial) Python rewriting of PowerSploit’s PowerView.
PywerView script makes it so easy to find vulnerable machines, or list what domain users were added to the local Administrators group of a machine, and much more. TODO * Many, many, many more PowerView...
View ArticleClik here to view.
hanzoInjection – injecting arbitrary codes in memory to bypass common...
the HanzoIjection is a tool focused on injecting arbitrary codes in memory to bypass common antivirus solutions. with function; Payload meterpreter generators. Dependencies and Operating System...
View ArticleClik here to view.
BetterCap v1.5.8 – A complete, modular, portable and easily extensible MITM...
Changelog Bettercap v1.5.8: New Features * New –log-http-response option. * New –html-file PATH option. * New –full-duplex option ( half duplex mode is now the default ). * HTTP(S) logs from the proxy...
View Article