Clik here to view.
pentest-mini-framework : Lightweight penetration testing framework (C++).
Pentesting often means developing and deploying native C++ binaries. Repeating tasks include file & registry operations, process injection, acquiring system information, and so on… Since WinAPI is...
View ArticleClik here to view.
shecodject is a autoscript for shellcode injection.
shecoject is a tool written in python3, which can be used to package raw metasploit-generated raw files directly into the pyinstaller package or you can use this tool to generate normal raw files....
View ArticleClik here to view.
Zipbrk – Zip file format fuzzer and multi-tool.
Zip break(Zipbrk) is a tool to disect, modify, and reassemble zip files for a variety of tasks. It is designed to be cross-platform and as simple as possible to port between varied systems. It has been...
View ArticleClik here to view.
wifigod – wifi/Wireless Security Testing.
WifiGod is a tool coded and developing by Blackhole, it is written in the Python programming lanuage and is used to test network security. Need to knows: + Monitor Interface is created for you: -When...
View ArticleClik here to view.
Recon-ng v4.9.3 – a full featured Web Reconnaissance framework.
Changelog Recon-Ng v4.9.3: + Added the “count” parameter to the API call in the twitter module. + Fixed a bug in the ssl_san module. + Removed the linkedin_auth module due to API restrictions that...
View ArticleClik here to view.
BlackWidow – A Python based web application scanner to gather OSINT and fuzz...
BlackWidow is a python based web application spider to gather subdomains, URL’s, dynamic parameters, email addresses and phone numbers from a target website. This project also includes Inject-X fuzzer...
View ArticleClik here to view.
SPARTA v1.0.3(BETA) – Network Infrastructure Penetration Testing Tool.
Changelog SPARTA 1.0.3 (BETA): * fixed the QtWebKit import error (thx alexxn) * fixed ms08-067_check import issue (thx chris948) SPARTA 1.0.3 (BETA) SPARTA is a python GUI application which simplifies...
View ArticleClik here to view.
sci – Reverse engineering framework working at the assembly (SMALI) level.
Legal Disclamer: Usage of SCI for attacking targets without prior mutual consent is illegal. It is the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume...
View ArticleClik here to view.
sap – Automatic webserver vulnerability scanner and exploiter.
LEGAL DISCLAMER! The author does not hold any responsibility about the bad use of this script, remember that attacking targets without prior concent its ilegal and punish by law, this script was build...
View ArticleClik here to view.
Fiery-snap : a micro-architecture system for collecting OSINT on Twitter.
Fiery-snap is a componentized scrapper/processor that leverages Python micro services to transform data for analysis. Simply put each little service reads data from a set of 1 or more queues, performs...
View ArticleClik here to view.
Raven – Linkedin information gathering tool.
Disclaimer: Please do not use this program to do stupid things. The author does not keep any responsability of what damage has been done by this program. USE IT AT YOUR OWN RISK. raven is a Linkedin...
View ArticleClik here to view.
One-Lin3r : Gives you one-liners that aids in penetration testing operations.
Disclaimer! One-Lin3r is created to help in penetration testing and it’s not responsible for any misuse or illegal purposes. Copying a code from this tool or using it in another tool is accepted as you...
View ArticleClik here to view.
Tricks of the Trade – Crypto File Dropper to bypass file detection.
Tricks of the Trade an Encrypt and embed files to “Droppers” to bypass detection. Encrypt your binary file and embeds them to an executable to bypass detection: * Arguments that are given to the...
View ArticleClik here to view.
roxysploit is a community-supported, open-source and penetration testing suite.
Legal Disclamer: The author does not hold any responsibility for the bad use of this tool, remember that attacking targets without prior consent is illegal and punished by law. roxysploit is a...
View ArticleClik here to view.
ID-entify is a tool that allows you to search for information in the passive...
ID-entify is a tool that allows you to search information related to a domain: Emails – IP addresses – Domains – Information on WEB technology – Type of Firewall – NS and MX records – Nmap to IP...
View ArticleClik here to view.
gOSINT is a small OSINT framework in Golang.
gOSINT is a small OSINT framework in Golang. What gOSINT can do? + Find mails from git repository + Find Dumps for email address + Search for mail address linked to domain/mail address in PGP keyring +...
View ArticleClik here to view.
Grouper – A PowerShell script for helping to find vulnerable settings in AD...
Grouper is a slightly wobbly PowerShell module designed for pentesters and redteamers (although probably also useful for sysadmins) which sifts through the (usually very noisy) XML output from the...
View ArticleClik here to view.
gasmask – Information gathering tool – OSINT.
gasmask is All in one Information gathering tool – OSINT. gasmask v1.0 Information Gathering: + ask + bing + crt + dns + dogpile + github + google + googleplus + instagram + linkedin + netcraft + pgp +...
View ArticleClik here to view.
google_socks A proof of concept demonstrating the use of Google Drive for...
google_socks The script starts up a Python socket object, and each set of new data from the socket is pushed to drive as a new file of a specific name. Each script knows what files to read due to their...
View ArticleClik here to view.
AutoSploit – Automated Mass Exploiter.
LEGAL DISCLAMER! The author does not hold any responsibility about the bad use of this script, remember that attacking targets without prior concent its ilegal and punish by law, this script was build...
View Article
