Clik here to view.
Dumb - A Faster And Flexible Domain Bruteforcer
A tool to bruteforce "dumains"!How DUMB works:Dumb works with a masked dumain for substitution. The dumain can have as many masks as you want as long as you pass the according wordlists. For...
View ArticleClik here to view.
JoomScan - OWASP Joomla Vulnerability Scanner Project
OWASP JoomScan (short for [Joom]la Vulnerability [Scan]ner) is an opensource project in perl programming language to detect Joomla CMS vulnerabilities and analysis them.WHY OWASP JOOMSCAN ?If you want...
View ArticleClik here to view.
Aragog - Facebook Invalid Email Checker
Aragog is a python 2.7 script which looks for Facebook Accounts that have invalid emails on their account. This script was only created for Gmail & Hotmail to be checked, but in the future this...
View ArticleClik here to view.
Dotdotslash - An Tool To Help You Search For Directory Traversal Vulnerabilities
An tool to help you search for Directory Traversal VulnerabilitiesBenchmarksPlatforms that I tested to validate tool efficiency:DVWA (low/medium/high)bWAPP (low/medium/high)ScreenshotsInstalationYou...
View ArticleClik here to view.
Gitleaks - Searches Full Repo History For Secrets And Keys
Searches Full Repo History For Secrets And Keys.Installinggo get -u github.com/zricethezav/gitleaksUsage and Explanation./gitleaks [options] <url/path>Gitleaks audits local and remote repos by...
View ArticleClik here to view.
Harpoon - CLI Tool For Open Source And Threat Intelligence
OSINT tool, CLI Tool For Open Source And Threat IntelligenceInstallYou can simply pip install the tool:pip3 install git+http://git@github.com/Te-k/harpoon --process-dependency-linksOptionally if you...
View ArticleClik here to view.
CTFR - Get subdomains of an HTTPS website abusing Certificate Transparency logs
Do you miss AXFR technique? This tool allows to get the subdomains from a HTTPS website in a few seconds.How it works? CTFR does not use neither dictionary attack nor brute-force, it just abuses of...
View ArticleClik here to view.
Python-Rootkit - Python Remote Administration Tool (RAT) To Gain Meterpreter...
This is a full undetectable python RAT which can bypass almost all antivirus and open a backdoor inside any windows machine which will establish a reverse https Metasploit connection to your listening...
View ArticleClik here to view.
sigma - Generic Signature Format for SIEM Systems
Generic Signature Format for SIEM Systems.What is Sigma?Sigma is a generic and open signature format that allows you to describe relevant log events in a straight forward manner. The rule format is...
View ArticleClik here to view.
Rop-Tool - A Tool To Help You Write Binary Exploits
A tool to help you writing binary exploitsOPTIONSrop-tool v2.4.1Help you to make binary exploits.Usage: rop-tool <cmd> [OPTIONS]Commands : gadget Search gadgets patch Patch the binary info Print...
View ArticleClik here to view.
Arjun - Tool To Find Hidden GET & POST Parameters
Arjun is a python script for finding hidden GET & POST parameters using regex and bruteforce.DependenciesrequeststhreadingUsagesHere's how you can scan a webpage for get parameterspython arjun.py...
View ArticleClik here to view.
XBruteForcer - CRM Brute Force Tool (WP, Joomla, DruPal, OpenCart, Magento)
Brute Force Tool:Â WP , Joomla , DruPal , OpenCart , Magento Simple brute force script [1] WordPress (Auto Detect Username)[2] Joomla[3] DruPal[4] OpenCart[5] Magento[6] All (Auto Detect CMS)UsageShort...
View ArticleClik here to view.
sub6 - Web App Scanner
subdomain take over detector and crawler.Usage python sub6.py -i list.txt -o output.txt -s phpinfo.php -x 4<optional> <optional> <optional>[+]Options -i input files twitterdomains.txt...
View ArticleClik here to view.
Sudohulk - Try Privilege Escalation Changing Sudo Command
This tool change sudo command, hooking the execve syscall using ptrace, tested under bash and zshsupported architectures:x86_64x86armHow use:$ makecc -Wall -Wextra -O2 -c -o bin/sh_remotedata.o...
View ArticleClik here to view.
CredsLeaker - Tool to Display A Powershell Credentials Box
This script will display a powershell credentials box that will ask the user for his credentials.The box cannot be closed (only by killing the process) will keeps checking the credentials against the...
View ArticleClik here to view.
TwLocation - Python Script That Gets Twitter Users' Tweets Location
Python script that gets Twitter users' tweets locationFeaturesGets Twitter Usernames based on a latitude and longitudeProfiles URLsTweet Latitude and LongitudeGoogle Maps link to Latitude and...
View ArticleClik here to view.
E013 - WiFi Password Stealer (For Microsoft Windows)
A little VBScript that steal Wifipasswords from WindowsInto the file WifiName.txt you can see the password of every saved wifi available on every windows computer that support VBscriptDownload E013
View ArticleClik here to view.
Linkedin2Username - Generate Username Lists For Companies On LinkedIn (OSINT...
OSINT Tool: Generate username lists from companies on LinkedIn. Works with Python2.This is a pure web-scraper, no API key required. You use your valid LinkedIn username and password to login, it will...
View ArticleClik here to view.
SpiderFoot 2.12 - Automates OSINT to find out everything possible about your...
SpiderFoot is a reconnaissance tool that automatically queries over 100 public data sources (OSINT) to gather intelligence on IP addresses, domain names, e-mail addresses, names and more. You simply...
View ArticleClik here to view.
JoomScan 0.0.5 - OWASP Joomla Vulnerability Scanner Project
OWASP JoomScan (short for [Joom]la Vulnerability [Scan]ner) is an opensource project in perl programming language to detect Joomla CMS vulnerabilities and analysis them.WHY OWASP JOOMSCAN ?If you want...
View Article