Clik here to view.
GRR Rapid Response - Remote Live Forensics For Incident Response
GRR Rapid Response is an incident response framework focused on remote live forensics.The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly...
View ArticleClik here to view.
Apktool - A Tool For Reverse Engineering Android APK Files
A tool for reverse engineering 3rd party, closed, binary Android apps. It can decode resources to nearly original form and rebuild them after making some modifications. It also makes working with an...
View ArticleClik here to view.
Diggy - Extract Enpoints From APK Files
Diggy can extract endpoints/URLs from apk files. It saves the result into a txt file for further processing.DependenciesapktoolUsage./diggy.sh /path/to/apk/file.apkYou can also install it for easier...
View ArticleClik here to view.
Security Onion - Linux Distro For IDS, NSM, And Log Management
Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata,...
View ArticleClik here to view.
Arpag - Automatic Exploit Tool
arpağ: In Turkish mythology magical word means. The tool name arpag has been selected because it has made the exploit process automatic.Installation:git clone...
View ArticleClik here to view.
Ropper - You Can Use Ropper To Display Information About Files In Different...
You can use ropper to display information about binary files in different file formats and you can search for gadgets to build rop chains for different architectures (x86/X86_64, ARM/ARM64,...
View ArticleClik here to view.
C5Scan - Vulnerability Scanner And Information Gatherer For The Concrete5 CMS
Vulnerability scanner and information gatherer for the Concrete5 CMS. Is a little out of date presently pending a refactor.concrete5 is an open-source content management system (CMS) for publishing...
View ArticleClik here to view.
DCSYNCMonitor - Monitors For DCSYNC And DCSHADOW Attacks And Create Custom...
This tool is an application/service that can be deployed on Domain controllers to alert on Domain Controller Syncronization attempts. When an attempt is detected, the tool will write an event to the...
View ArticleClik here to view.
JoomlaScan - Tool To Find The Components Installed In Joomla CMS, Built Out...
A free and open source software to find the components installed in Joomla CMS, built out of the ashes of Joomscan.FeaturesScanning the Joomla CMS sites in search of components/extensions (database of...
View ArticleClik here to view.
goGetBucket - A Penetration Testing Tool To Enumerate And Analyse Amazon S3...
When performing a recon on a domain - understanding assets they own is very important. AWS S3 bucket permissions have been confused time and time again, and have allowed for the exposure of sensitive...
View ArticleClik here to view.
LinkFinder - A Python Script That Finds Endpoints In JavaScript Files
LinkFinder is a python script written to discover endpoints and their parameters in JavaScript files. This way penetration testers and bug hunters are able to gather new, hidden endpoints on the...
View ArticleClik here to view.
CloudFrunt - A Tool For Identifying Misconfigured CloudFront Domains
CloudFrunt is a tool for identifying misconfigured CloudFront domains.BackgroundCloudFront is a Content Delivery Network (CDN) provided by Amazon Web Services (AWS). CloudFront users create...
View ArticleClik here to view.
Bad Ducky - Rubber Ducky Compatible Clone Based On CJMCU BadUSB HW
Bad Ducky is yet another Rubber Ducky clone. It is based on CJMCU BadUsb (ATMEGA32u4 - Arduino Leonardo clone) board with onboard card reader, which you can buy on ebay or aliexpress. My goal was to...
View ArticleClik here to view.
Pymeta - Search The Web For Files On A Domain To Download And Extract Metadata
Pymeta is a Python3 rewrite of the tool PowerMeta, created by dafthack in PowerShell. It uses specially crafted search queries to identify and download the following file types (pdf, xls, xlsx, doc,...
View ArticleClik here to view.
Nix Auditor - Nix Audit Made Easier (RHEL, CentOS)
CIS Audit made easier (RHEL, CentOS)Usage:Make it executableExecute it.https://the-infosec.com/2017/03/20/auditing-linux-unix-os-in-120-seconds-flat/Nix Auditor 2.0: Change Log:Added color variables...
View ArticleClik here to view.
Mercury - A Hacking Tool Used To Collect Information And Use The Information...
Mercury is a hacking tool used to collect information and use the information to further hurt the target. InstallationRequires Python2 (Linux)apt-get install python2git clone...
View ArticleClik here to view.
M0B-tool - Auto Detect CMS And Exploit
Tool to auto detect CMS and exploit.Features:Bing dork scanner by domainDork by countryBRUTE FORCE [WordPress (auto scrap name) - Joomla - Drupal - Opencart - Magento]Shell finderIp scanner and brute...
View ArticleClik here to view.
Git-All-Secrets - A Tool To Capture All The Git Secrets By Leveraging...
git-all-secrets is a tool that can:Clone multiple public/private github repositories of an organization and scan them,Clone multiplepublic/private github repositories of a user that belongs to an...
View ArticleClik here to view.
Libsodium - A Modern, Portable, Easy To Use Crypto Library
Sodium is a modern, easy-to-use software library for encryption, decryption, signatures, password hashing and more.It is a portable, cross-compilable, installable, packageable fork of NaCl, with a...
View ArticleClik here to view.
JShielder - Automates The Process Of Installing All The Necessary Packages To...
JSHielder is an Open Source tool developed to help SysAdmin and developers secure there Linux Servers in which they will be deploying any web application or services. This tool automates the process of...
View Article