Clik here to view.
Comission - WhiteBox CMS Analysis
CoMisSion is a tool to quickly analyze a CMS setup. The tool:checks for the core version;looks for the last core version;looks for vulnerabilities in core version used;checks for plugins version;looks...
View ArticleClik here to view.
Nili - Network Scan, Man in the Middle, Protocol Reverse Engineering and Fuzzing
PrerequisitesPython - Python Programming LanguageScapy - Interactive Packet Manipulation ProgramNetzob - Protocol Reverse Engineering, Modeling and FuzzingInstallingHere is some Instructions for...
View ArticleClik here to view.
Wordpresscan - WPScan rewritten in Python + some WPSeku ideas
A simple Wordpress scanner written in python based on the work of WPScan (Ruby version)Install & LaunchDependenciespip install requestspip install tornadoInstallgit clone...
View ArticleClik here to view.
Domain Analyzer - Analyze the security of any domain by finding all the...
Domain analyzer is a security analysis tool which automatically discovers and reports information about the given domain. Its main purpose is to analyze domains in an unattended way.HowDomain analyzer...
View ArticleClik here to view.
WINspect - Powershell-based Windows Security Auditing Toolbox
WINspect is part of a larger project for auditing different areas of Windows environments. It focuses on enumerating different parts of a Windows machine aiming to identify security weaknesses and...
View ArticleClik here to view.
EvilAbigail - Automated Linux evil maid attack
ScenarioLaptop left turned off with FDE turned onAttacker boots from USB/CD/NetworkScript executes and backdoors initrdUser returns to laptop, boots as normalBackdoored initrd...
View ArticleClik here to view.
RedSnarf - pen-testing / red-teaming tool for Windows environments
RedSnarf is a pen-testing / red-teaming tool by Ed Williams for retrieving hashes and credentials from Windows workstations, servers and domain controllers using OpSec Safe Techniques.See our YouTube...
View ArticleClik here to view.
Raven - Linkedin information gathering tool
raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin.Please do not use this program to do stupid things....
View ArticleClik here to view.
SCUTUM - Linux ARP Firewall Automatic Controller
Long story short, ARP firewall. It automatically adds gateways to the whitelist on connect and blocks everthing else to avoid potential threat.SCUTUM is an ARP firewall that prevents your computer from...
View ArticleClik here to view.
Lifer - Windows link file forensic examiner
A forensic tool for Windows link file examinations (i.e. Windows shortcuts)'lifer' is a Windows or *nix command-line tool inspired by the whitepaper 'The Meaning of Link Files in Forensic Examinations'...
View ArticleClik here to view.
D0xk1t - Web-based OSINT and Active Reconaissance Suite
Active reconnaissance, information gathering and OSINT built in a portable web application.1.0 IntroductionWhat is this?D0xk1t is an open-source, self-hosted and easy to use OSINT and active...
View ArticleClik here to view.
BlackArch Linux v2017.08.30 - Penetration Testing Distribution
BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers. The repository contains 1859tools. You can install tools individually or in groups. BlackArch Linux...
View ArticleClik here to view.
TheFatRat to Hack and Gain access to Targeted Android Phone
In this Kali Linux Tutorial, we show you how to use TheFatRat. It is a simple tool to build a backdoor and post exploitation attacks like browser attack. This tool produces a malware with mainstream...
View ArticleClik here to view.
UniByAv - Simple Obfuscator for Bypass AV
The obfuscation routine is purely writtend in assembly to remain pretty short and efficient. In a nutshell the application generate a 32 bits xor key and brute force the key at run time then perform...
View ArticleClik here to view.
LuckyStrike - PowerShell based utility for the creation of malicious Office...
Luckystrike is a PowerShell based generator of malicious .xls documents (soon to be .doc). All your payloads are saved into a database for easy retrieval & embedding into a new or existing...
View ArticleClik here to view.
Python Taint - Static analysis of Python web applications
Static analysis of Python web applications based on theoretical foundations (Control flow graphs, fixed point, dataflow analysis)FeaturesDetect Command injectionDetect SQL injectionDetect XSSDetect...
View ArticleClik here to view.
Demiguise - HTA encryption tool
The aim of this project is to generate .html files that contain an encrypted HTA file. The idea is that when your target visits the page, the key is fetched and the HTA is decrypted dynamically within...
View ArticleClik here to view.
DKMC - Malicious Payload Evasion Tool
Don't kill my cat is a tool that generates obfuscated shellcode that is stored inside of polyglot images. The image is 100% valid and also 100% valid shellcode. The idea is to avoid sandbox analysis...
View ArticleClik here to view.
Siofra - DLL hijacking vulnerability scanner and PE infector tool
Windows has historically had significant issues with DLL hijacking vulnerabilities, and over the years Microsoft has implemented security mechanisms in an attempt to mitigate such attacks. While...
View ArticleClik here to view.
dorkbot - Command-line tool to scan Google search results for vulnerabilities
Scan Google search results for vulnerabilities.dorkbot is a modular command-line tool for performing vulnerability scans against a set of webpages returned by Google search queries in a given Google...
View Article