Clik here to view.
EKFiddle - Framework to study Exploit Kits
A framework based on the Fiddler web debugger to study Exploit Kits, malvertising and malicious traffic in general.InstallationDownload and install the latest version of...
View ArticleClik here to view.
WebBorer - Directory-enumeration
WebBorer is a directory-enumeration tool written in Go and targeting CLI usage.This project was formerly named 'GoBuster', but that had a namespace collision with OJ Reeves' excellent tool (which was...
View ArticleClik here to view.
cacador - Indicator Extractor
Cacador (Portugese for hunter) is tool for extracting common indicators of compromise from a block of text.The Short Way: Downloading CacadorThe easiest way to get cacador is to download the latest...
View ArticleClik here to view.
DET - Data Exfiltration Toolkit
DET (is provided AS IS), is a proof of concept to perform Data Exfiltration using either single or multiple channel(s) at the same time.This is a Proof of Concept aimed at identifying possible DLP...
View ArticleClik here to view.
CyberScan - Scanning Ports, Analyse Packets, Decoding and Geolocation
Operating Systems SupportedWindows XP/7/8/8.1/10GNU/LinuxMacOSXInstallationYou can download CyberScan by cloning the Git repository:git clone https://github.com/medbenali/CyberScan.gitcd...
View ArticleClik here to view.
Krack Detector - Detect and prevent KRACK attacks in your network
KRACK Detector is a Python script to detect possible KRACK attacks against client devices on your network. The script is meant to be run on the Access Point rather than the client devices. It listens...
View ArticleClik here to view.
Anti DDOS - IPTables Bash Script
Programming Languages :BASHRUNroot@ismailtasdelen:~# bash ./anti-ddos.shCloning an Existing Repository ( Clone with HTTPS )git clone https://github.com/ismailtasdelen/Anti-DDOS.gitCloning an Existing...
View ArticleClik here to view.
Reflector - Burp plugin to find reflected XSS
Burp Suite extension is able to find reflected XSS on page in real-time while browsing on web-site and include some features as:Highlighting of reflection in the response tab.Test which symbols is...
View ArticleCloud Security Suite - Auditing the security posture of AWS infrastructure
CS Suite is a one stop tool for auditing the security posture of the AWS infrastructure and does system audits as well. CS Suite leverages current open source tools capabilities and has other missing...
View ArticleClik here to view.
DataSploit - OSINT Framework
OverviewPerforms automated OSINT on a domain / email / username / IP and find out relevant information from different sources.Easy to contribute OSINT Framework.Code for Banner, Main and Output...
View ArticleClik here to view.
JENNOM - Java Enterprise Network Nodes Monitor
JENNOM - Java Enterprise Network Nodes Monitor, project free, portable, cross-platform and 100%-pure java. ICMP and DNS used to check the nodes. In addition, Jennom calculate loss packets and all...
View ArticleClik here to view.
subjack - Hostile Subdomain Takeover tool written in Go
subjack is a Hostile Subdomain Takeover tool written in Go designed to scan a list of subdomains concurrently and identify ones that are able to be hijacked. With Go's speed and efficiency, this tool...
View ArticleClik here to view.
MIDA-Multitool - System enumeration, vulnerability identification and...
Bash script purposed for system enumeration, vulnerability identification and privilege escalation.MIDA Multitool draws functionality from several of my previous scripts namely SysEnum and RootHelper...
View ArticleClik here to view.
TROMMEL - Sift Through Directories of Files to Identify Indicators That May...
TROMMEL sifts through directories of files to identify indicators that may contain vulnerabilities. TROMMEL identifies the following indicators related to:Secure Shell (SSH) key filesSecure Socket...
View ArticleClik here to view.
Seccubus - Easy automated vulnerability scanning, reporting and analysis
Seccubus automates regular vulnerability scans with various tools and aids security people in the fast analysis of its output, both on the first scan and on repeated scans.On repeated scan delta...
View ArticleClik here to view.
objection - runtime mobile exploration
objection is a runtime mobile exploration toolkit, powered by Frida. It was built with the aim of helping assess mobile applications and their security posture without the need for a jailbroken or...
View ArticleClik here to view.
Blazy - Bruteforce, CSRF and Clickjacking with Cloudflare and WAF Bypass
Features Easy target selections Smart form and error detection CSRF and Clickjacking Scanner Cloudflare and WAF Detector 90% accurate results Checks for login bypass via SQL injection Multi-threading...
View ArticleClik here to view.
EllaScanner - Passive web scanner
EllaScanner is a simple passive web scanner. Using this tool you can simply check your site’s security state../Start.pyUsage: ./Start.py https:// or http://Scanning of the site consists several phases:...
View ArticleClik here to view.
DorkNet - Automate searching for vulnerable web apps
Selenium powered Python script to automate searching the web for vulnerable applications.DorkNet can take a single dork or a list of dorks as arguments. After the proper command line arguments have...
View ArticleClik here to view.
IntRec-Pack - Intelligence and Reconnaissance Package/Bundle installer
IntRec-Pack is a Bash script designed to download, install and deploy several quality OSINT, Recon and Threat Intelligence tools. Due to the fact it manages the installation of the various dependencies...
View Article