Clik here to view.
mimikatz v2.1 windows server 2016 edition – A little tool to play with...
changelog mimikatz v2.1 Windows Server 2016 edition: * Full support for Windows 10 Anniversary update & Windows Server 2016 (1607 – build 14393) mimikatz is a tool I’ve made to learn C and make...
View ArticleClik here to view.
APT2 v1.0 – An Automated Penetration Testing Toolkit.
Changelog apt2 v1.0 25/10/2016: * updated inital banner info * Modules: fixed typo/edit error * default.cfg: update responder path. * Update setup.sh apt2 v1.0 modules lists This tool will perform an...
View ArticleClik here to view.
Creak v0.0.3 – Poison, reset, spoof, redirect MITM script.
Changelog creak v0.0.3 – 2016-10-26: * Added ip link as ifconfig is deprecated on some distributions * Changed + started porting to python 3 + fixed some minor bugs + refactored a bit creak v0.0.3 Deny...
View ArticleClik here to view.
LinDrop – a social engineering vector for linux targets.
Disclaimer: All scripts/tools/software here are provided for educational purposes only. The author of any of the scripts/tools/software is in no way responsible for any misuse of the...
View ArticleClik here to view.
Lynis v2.4.0 : is a system and security auditing tool for Unix/Linux.
Changelog lynis v2.4.0: New: + New group “system integrity” added + Support for clamconf utility + Chinese translation (language=cn) + New command “upload-only” to upload just the data instead of a...
View ArticleClik here to view.
Brosec v1.2.3 – An interactive reference tool to help security professionals...
Roadmap and Changelog v1.2.3 (October 27, 2016): * Bug Fixes A dependency issue was discovered in ftpd when running Brosec with nodejs v7.0. A temporary fix has been put in place. v1.2.2 (October 18,...
View ArticleClik here to view.
Swissnet – The swiss army knife of net utilities and penetration testing.
Swissnet is the swiss army knife of net utilities and penetration testing. By malforming packets, or poisoning caches, you too can gain complete power over your network. Swissnet has an easy to use...
View ArticleClik here to view.
msf-auxiliarys updates : collection of msf auxiliary module.
Latest Change 29/10/2016: New Modules + NO-IP_privilege_scalation.rb – ‘Unquoted Service Path Privilege Escalation’ + PDF_complete_corporate_edition.rb – ‘Unquoted Service Path Privilege Escalation’ +...
View ArticleClik here to view.
Razboynik –разбойник : Reverse shell via file upload exploit.
Razboynik – разбойник – wants to be the best reverse shell based on PHP backdoor Why Razboynik ? Where FurezApi Framework and later FurezExploit (C++ brother) were boring and long to setup and install,...
View ArticleClik here to view.
Whitewidow v1.5.0 is an open source automated SQL vulnerability scanner.
Changelog whitewidow v1.5.0: * Created the spider flag and edited it to run through whitewidows file flag, how to will work is it will extract all links from a websites source (given url) so make sure...
View ArticleClik here to view.
JexBoss v1.1.2 – Jboss verify and Exploitation Tool.
Changelog Jexboss v1.1.2: * Added support for reverse shell (meterpreter, etc). * Improvements in exploits to support complex commands with pipe and etc (|,>, <, etc …) * Fixes and improvements....
View ArticleClik here to view.
QARK v1.2.19 – Android Source Code Analyzer and Exploitation Tool.
Changelog qark v1.2.19: + Added unit tests. + fixed config not found error and import issues affecting pip. + Works with pip, passes all tests, can still be run locally + packaging attempt 1 + added...
View ArticleClik here to view.
sqlmap v1.0.11 – Automatic SQL injection and database takeover tool.
Changelog sqlmap v1.0.11: + Fix several typos + Extra: Preventing obnoxious ‘install git’ on MacOS. + xml: Revisiting banner xmls (Issue #2239). + bug fixes sql error? (Android Qpython) #2245 + txt:...
View ArticleClik here to view.
Yosuo v2.3- is A ruby script that scans for vulnerable & exploitable...
Changelog Yasuo v2.3: 1) Accepts file with new-line separated list of IP addresses with “-l” switch. 2) Smart brute-forcing. Introduced app-specific credentials in the signature file, which are tried...
View ArticleClik here to view.
PyCodeInjection – Automated Python Code Injection Tool.
The PyCodeInjection project contains two main components: 1. PyCodeInjectionShell – A tool to exploit web application based Python Code Injection 2. PyCodeInjhectionApp – A web application that is...
View ArticleClik here to view.
AtEar – web-based wireless vulnerability assessment tools.
AtEar is a scalable and efficient system, and also the first web-based wireless vulnerability assessment solution. This Wireless Vulnerability Analysis/Management Solution, AtEar, can be utilized both...
View ArticleClik here to view.
Invoke-Obfuscation v1.5 – PowerShell command and script obfuscator.
Changelog Invoke-Obfuscation v1.5 – 2016-11-04: * BlueHat: Added WMIC LAUNCHER with some randomization of WMIC command line arguments. Purpose: Attackers and commodity malware have started using...
View ArticleClik here to view.
TheFatRat v1.7 codename keris – Backdoor Creator For Remote Access.
Changelog TheFatRat v1.7 ( 5/11/2016 ) Codename Keris: * add backdoor ( rar files ) * Add backdoor ( doc not macro attack) * Add new features in optional 1 ( create backdoor with msfvenom ) * Fix any...
View ArticleClik here to view.
v3n0M v410.4 – Popular Pentesting scanner in Python3.5 for SQLi/XSS/LFI/RFI...
Latest Change v410.4: + Latest News: Updated Recovery Menu, Minor Bugfixes. + Fixed/Added/Implemented Cloudflare resolver. + dnspython in setup.py addressed. v3n0m-scanner v410.4 V3n0M is a free and...
View ArticleClik here to view.
BLACKBOx v2.2 – A Penetration Testing Framework.
Changelog Blackbox v2.2#dev: + Update install /opt/blackbox/blackbox.py “$@”‘ >> /bin/blackbox + add PhpmoAdmin Rce ElasticSearch rce – Exploit + add function : bing dorker via dork & other...
View Article