Clik here to view.
DjangoHunter - Tool Designed To Help Identify Incorrectly Configured Django...
Tool designed to help identify incorrectly configured Django applications that are exposing sensitive...
View ArticleClik here to view.
Novahot - A Webshell Framework For Penetration Testers
novahot is a webshell framework for penetration testers. It implements a JSON-based API that can communicate with trojans written in any language. By default, it ships with trojans written in PHP,...
View ArticleClik here to view.
Hackertarget - Tools And Network Intelligence To Help Organizations With...
Use open source tools and network intelligence to help organizations with attack surface discovery and identification of security vulnerabilities. Identification of an organizations vulnerabilities is...
View ArticleClik here to view.
Dirhunt v0.6.0 - Find Web Directories Without Bruteforce
DEVELOPMENT BRANCH: The current branch is a development version. Go to the stable release by clicking on the master branch.Dirhunt is a web crawler optimize for search and analyze directories. This...
View ArticleClik here to view.
WebMap - Nmap Web Dashboard And Reporting
A Web Dashbord for Nmap XML ReportUsageYou should use this with docker, just by sending this command:$ mkdir /tmp/webmap$ docker run -d \ --name webmap \ -h webmap \ -p 8000:8000 \ -v...
View ArticleClik here to view.
AutoRDPwn v4.5 - The Shadow Attack Framework
AutoRDPwn is a script created in Powershell and designed to automate the Shadow attack on Microsoft Windows computers. This vulnerability allows a remote attacker to view his victim's desktop without...
View ArticleClik here to view.
Arjun v1.1 - HTTP Parameter Discovery Suite
FeaturesMulti-threading3 modes of detectionRegex powered heuristic scanningHuge list of 3370 parameter namesUsageNote:Arjun doesn't work with python < 3.4Discover parametersTo find GET parameters,...
View ArticleClik here to view.
Androspy - Backdoor Crypter & Creator With Automatic IP Poisener
Androspy : is Backdoor Crypter & Creator with Automatic IP Poisener Coded By Belahsan OuerghiDependencieskeytooljarsignerApache2Metasploit-FrameworkxtermInstallationsudo apt-get install gitgit...
View ArticleClik here to view.
Manticore - Symbolic Execution Tool For Analysis Of Binaries And Smart Contracts
Manticore is a symbolic execution tool for analysis of binaries and smart contracts.Note: Beginning with version 0.2.0, Python 3.6+ is required.FeaturesInput Generation: Manticore automatically...
View ArticleClik here to view.
BabySploit - BabySplot Beginner Pentesting Framework
Tested on Kali Linux. Should work with all Debian based distros (and other ones if you have the right packages installed)BabySploit is a penetration testing framework aimed at making it easy to learn...
View ArticleClik here to view.
Osmedeus - Automatic Reconnaisance And Scanning In Penetration Testing
Automatic Reconnaisance and Scanning in Penetration TestingWhat is Osmedeus?Osmedeus allow you to doing boring stuff in Pentesting automatically like reconnaissance and scanning the target by run the...
View ArticleClik here to view.
DeepSearch - Advanced Web Dir Scanner
DeepSearch is a simple command line tool for bruteforce directories and files in websites.Installation$ git clone https://github.com/m4ll0k/DeepSearch.git deepsearch$ cd deepsearch $ pip3 install...
View ArticleClik here to view.
CloudBunny - A Tool To Capture The Real IP Of The Server That Uses A WAF As A...
CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection.How worksIn this tool we used three search engines to search domain information: Shodan, Censys and...
View ArticleClik here to view.
Pastego - Scrape/Parse Pastebin Using GO And Expression Grammar (PEG)
Scrape/Parse Pastebin using GO and grammar expression (PEG).Installation$ go get -u github.com/edoz90/pastegoUsageSearch keywords are case sensitivepastego -s "password,keygen,PASSWORD"You can use...
View ArticleClik here to view.
Pacu - The AWS Exploitation Framework, Designed For Testing The Security Of...
Pacu is an open source AWS exploitation framework, designed for offensive security testing against cloud environments. Created and maintained by Rhino Security Labs, Pacu allows penetration testers to...
View ArticleClik here to view.
HASSH - A Network Fingerprinting Standard Which Can Be Used To Identify...
"HASSH" is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints can be easily stored, searched and shared in the form of an...
View ArticleClik here to view.
SSH Auditor - The Best Way To Scan For Weak Ssh Passwords On Your Network
The Best Way To Scan For Weak Ssh Passwords On Your NetworkFeaturesssh-auditor will automatically:Re-check all known hosts as new credentials are added. It will only check the new credentials.Queue a...
View ArticleClik here to view.
Acunetix Vulnerability Scanner Version For Linux
Acunetix, the pioneer in automated web application security software, has announced the release of Acunetix for Linux. Known to be reliable, cost-effective and secure, Linux is the server operating...
View ArticleClik here to view.
CAINE 10.0 - GNU/Linux Live Distribution For Digital Forensics Project,...
CAINE (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a Digital Forensics project. Currently, the project manager is Nanni Bassetti (Bari - Italy).CAINE...
View ArticleClik here to view.
Faraday v3.3 - Collaborative Penetration Test and Vulnerability Management...
Here’s the main new features and improvements in Faraday v3.3:Workspace archiveYou are now able to make the whole workspace read only and archive it for future use. This allows to clear the clutter...
View Article