Clik here to view.
X Attacker Tool - Website Vulnerability Scanner & Auto Exploiter
X Attacker Tool ☣ Website Vulnerability Scanner & Auto ExploiterYou can use this tool on your website to check the security of your website by finding the vulnerability in your website or you can...
View ArticleClik here to view.
OnionHarvester - A small TOR Onion Address harvester for checking if the...
A small TOR Onion Address harvester for checking if the address is available or not. The program uses the TOR local socks5 proxy for finding all the Onion Addresses which are alive and ports 80 and 443...
View ArticleClik here to view.
Hershell - Simple TCP reverse shell written in Go
Simple TCP reverse shell written in Go. It uses TLS to secure the communications, and provide a certificate public key fingerprintpinning feature, preventing from traffic interception.Supported OS...
View ArticleClik here to view.
Autorize - Automatic Authorization Enforcement Detection Extension For Burp...
Autorize is an automatic authorization enforcement detection extension for Burp Suite. It was written in Python by Barak Tawily, an application security expert, and Federico Dotta, a security expert at...
View ArticleClik here to view.
macro_pack - Tool Used To Automatize Obfuscation And Generation Of Ms Office...
The macro_pack is a tool used to automatize obfuscation and generation of retro formats such as MS Office documents or VBS like format. This tool can be used for redteaming, pentests, demos, and social...
View ArticleClik here to view.
Sn1per - Automated Pentest Recon Scanner
Sn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities.FEATURES:Â Automatically collects basic recon (ie. whois, ping, DNS, etc.)...
View ArticleClik here to view.
XSStrike - Advanced XSS detection and exploitation suite
XSStrike is an advanced XSS detection suite. It has a powerful fuzzing engine and provides zero false positive result using fuzzy matching. XSStrike is the first XSS scanner to generate its own...
View ArticleClik here to view.
fuddly - Fuzzing and Data Manipulation Framework
List of featuresGraph-based data model that enables:to represent complex data formats and also to mix themcomplex data manipulationsto dissect/absorb existing datageneration & mutation fuzzing...
View ArticleClik here to view.
CTFR - Abusing Certificate Transparency logs for getting HTTPS websites...
Please, follow the instructions below for installing and run CTFR.Pre-requisitesMake sure you have installed the following tools:Python 3.0 or later.pip3 (sudo apt-get install python3-pip).Installing$...
View ArticleClik here to view.
The Rogue Toolkit - Targeted Evil Twin Wireless Access Point Attack Toolkit
The Rogue Toolkit is an extensible toolkit aimed at providing penetration testers an easy-to-use platform to deploy software-defined Access Points (AP) for the purpose of conducting penetration testing...
View ArticleClik here to view.
Python-Rootkit - Python Remote Administration Tool (RAT) to gain meterpreter...
This is a full undetectable python RAT which can bypass almost all antivirus and open a backdoor inside any windowsmachine which will establish a reverse https Metasploit connection to your listening...
View ArticleClik here to view.
GitLeaks - Searches full repo history for secrets and keys 🔑
Installinggo get -u github.com/zricethezav/gitleaksUsage and Explanation./gitleaks [options] <url/path>Gitleaks audits local and remote repos by running regex checks against all...
View ArticleClik here to view.
dotdotslash - An tool to help you search for Directory Traversal Vulnerabilities
An tool to help you search for Directory Traversal VulnerabilitiesBenchmarksPlatforms that I tested to validate tool efficiency:DVWAÂ (low/medium/high)bWAPPÂ (low/medium/high)ScreenshotsInstalationYou...
View ArticleClik here to view.
Aragog - Facebook Invalid Checker
Aragog is a python 2.7 script which looks for Facebook Accounts that have invalid emails on their account. This script was only created for Gmail & Hotmail to be checked, but in the future this...
View ArticleClik here to view.
Vegile - Post exploitation tool
This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will...
View ArticleClik here to view.
p0wnedShell - PowerShell Runspace Post Exploitation Toolkit
p0wnedShell is an offensive PowerShell host application written in C# that does not rely on powershell.exe but runs powershell commands and functions within a powershell runspace environment (.NET). It...
View ArticleClik here to view.
hBlock - Block All Domains That Serve Ads, Tracking Scripts and Malware
Improve your security and privacy by blocking ads, tracking and malware domains.What is this for?This POSIX-compliant shell script, designed for Unix-like systems, gets a list of domains that serve...
View ArticleClik here to view.
Security Onion - Linux distro for IDS, NSM, and Log Management
Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata,...
View ArticleClik here to view.
Red team Arsenal - An intelligent scanner to detect security vulnerabilities...
Red Team Arsenal is a web/network security scanner which has the capability to scan all company's online facing assets and provide an holistic security view of any security anomalies. It's a closely...
View ArticleClik here to view.
PowerUpSQL - A PowerShell Toolkit for Attacking SQL Server
PowerUpSQL includes functions that support SQL Server discovery, weak configuration auditing, privilege escalation on scale, and post exploitation actions such as OS command execution. It is intended...
View Article