Clik here to view.
SpookFlare – a tools for bypass security measures.
Note! SpookFlare and technique for use in penetration tests, red team engagements and it is purely educational. Please use with responsibility SpookFlare has a different perspective to bypass security...
View ArticleClik here to view.
Shodanwave – Netwave IP Camera.
Attention! Use this tool wisely and not for evil. To get the best performece of this tool you need to pay for shodan to get full API access Options –limit and –offset may need a paying API key and...
View ArticleClik here to view.
Koadic – Windows post Exploitation tools.
Disclaimer! Code samples are provided for educational purposes. Adequate defenses can only be built by researching attack techniques available to malicious actors. Using this code against target...
View ArticleClik here to view.
social recon – input username and/or email to check popular social media for...
Social Recon is an application for locates and compiles information about online personalities, given a username and/or email address. Use this to investigate your own online presence, summarize the...
View ArticleClik here to view.
ffw – A fuzzing framework for network servers.
Fuzzes network servers/services by intercepting valid network communications data, then replay it with some fuzzing. FFW can fuzz open source applications, and also closed source applications. It also...
View ArticleClik here to view.
the endorser – Maps out relationships between peoples endorsements on Linkedin.
The Endorser is An OSINT tool that allows you to draw out relationships between people on LinkedIn via endorsements/skills. the-endorser Due to the way LinkedIn’s privacy settings work this tool works...
View ArticleClik here to view.
ratched is a Man-in-the-Middle (MitM) proxy that specifically intercepts TLS...
ratched is a Man-in-the-Middle (MitM) proxy that specifically intercepts TLS connections. It is intended to be used in conjunction with the Linux iptabes REDIRECT target; all connections that should be...
View ArticleClik here to view.
RFCrack – A Software Defined Radio Attack Tool.
RFCrack is RF(Radio frequency) test bench, it was developed for testing RF communications between any physical device that communicates over sub Ghz frequencies. IoT devices, Cars, Alarm Systems etc…...
View ArticleClik here to view.
iwsniff is a TCP/UDP password sniffer based on decode routines in dsniff.
iwsniff is a TCP/UDP password sniffer based on decode routines in dsniff. iwsniff tool to be able to scan through some old Kismet dump files for passwords as dsniff fails when there are packets missing...
View ArticleClik here to view.
AndroTickler – Penetration testing and auditing toolkit for Android apps.
A java tool that helps to pentest Android apps faster, more easily and more efficiently. AndroTickler offers many features of information gathering, static and dynamic checks that cover most of the...
View ArticleClik here to view.
GOWAPT – Go Web Application Penetration Test.
GOWAPT is the younger brother of wfuzz(https://github.com/xmendez/wfuzz) a swiss army knife of WAPT, it allow pentester to perform huge activity with no stress at all, just configure it and it’s just a...
View ArticleClik here to view.
WhatWaf – Detect and bypass web applications firewall.
WhatWaf is an advanced firewall detection tool who’s goal is to give you the idea of “There’s a WAF?”. WhatWaf works by detecting a firewall on a web application, and attempting to detect a bypass (or...
View ArticleClik here to view.
Trojanizer : Trojanize your payload – WinRAR (SFX) automatization.
LEGAL DISCLAMER The author does not hold any responsibility about the bad use of this script, remember that attacking targets without prior concent its ilegal and punish by law, this script was build...
View ArticleClik here to view.
wowned – Authentication bypass for outdated WoW emulation authentication...
wowned application is a proof of concept exploit for the authentication bypass methods in many World of Warcraft emulation authentication servers. It is a common practice among security researched to...
View ArticleClik here to view.
net-creds : Sniffs sensitive data from interface or pcap.
net-creds Thoroughly sniff passwords and hashes from an interface or pcap file. Concatenates fragmented packets and does not rely on ports for service identification. net-creds Can Sniff: + URLs...
View ArticleClik here to view.
Chiron is an IPv6 Security Assessment Framework.
LEGAL DISCLAMER The author does not hold any responsibility about the bad use of this script, remember that attacking targets without prior concent its ilegal and punish by law, this script was build...
View ArticleClik here to view.
mmLoader is a stable library for loading PE module bypassing windows PE loader.
mmLoader is used for loading dll module from memory directly. It can bypass the windows system PE loader and load module into process address space. Also it will process all the import tables and...
View ArticleClik here to view.
ci_fuzz – Command Injection Web Fuzzer Script for mitmproxy.
ci_fuzz script fuzz’s for Command Injection vulnerabilities resulting in remote command execution. + Similiar OWASP vulnerablities are explained here –>...
View ArticleClik here to view.
RedGate – Data sorting tool for penetration testers.
What is this? RedGate is a penetration testing tool for testers to use to store aquired data is a packagable way. Portable, easy to use, and cross-platform. RedGate What is this based on? This...
View ArticleClik here to view.
ZEROScan – Multi-Threaded Vulnerability Verify Framework.
ZEROScan is a bulk vulnerability detection framework that makes it easy to obtain or exploit vulnerability detection plugins to perform penetration testing of targets. Interfaces and ways to use...
View Article