Clik here to view.
EasySploit - Metasploit Automation (EASIER And FASTER Than EVER)
EasySploit v3.1 (Linux) - Metasploitautomation (EASIER and FASTER than EVER)Options:(1) Windows --> test.exe (payload and listener)(2) Android --> test.apk (payload and listener)(3) Linux -->...
View ArticleClik here to view.
PyWhatCMS - Unofficial WhatCMS API Package
Python package for whatcms.com APIThe package provides a simple way to use the whatcms.org API for detecting 467 different Content Management Systems (CMS)Installationpip install pywhatcmsUsageFirst of...
View ArticleClik here to view.
Kubebot - A Security Testing Slackbot Built With A Kubernetes Backend On The...
A security testing Slackbot built with a Kubernetes backend on the Google Cloud PlatformArchitectureDemoData Flow1 - API request (tool, target, options) initiated from Slackbot, sent to the API server,...
View ArticleClik here to view.
drAFL - AFL + DynamoRIO = Fuzzing Binaries With No Source Code On Linux
Original AFL supports black-box coverage-guided fuzzing using QEMU mode. I highly recommend to try it first and if it doesn't work you can try this tool.UsageYou need to specify DRRUN_PATH to point to...
View ArticleClik here to view.
Ttyd - Share Your Terminal Over The Web
ttyd is a simple command-line tool for sharing terminal over the web, inspired by GoTTY.FeaturesBuilt on top of Libwebsockets with C for speedFully-featured terminal based on Xterm.js with CJK and IME...
View ArticleClik here to view.
NAXSI - An Open-Source, High Performance, Low Rules Maintenance WAF For NGINX
NAXSI means Nginx Anti XSS& SQL Injection.Technically, it is a third party nginx module, available as a package for many UNIX-like platforms. This module, by default, reads a small subset of simple...
View ArticleClik here to view.
Cutter - Free And Open-Source GUI For Radare2 Reverse Engineering Framework
Cutter is a free and open-source GUI for radare2reverse engineering framework. Its goal is making an advanced, customizable and FOSS reverse-engineering platform while keeping the user experience at...
View ArticleClik here to view.
Okadminfinder3 - Admin Panel Finder / Admin Login Page Finder
OKadminFinder is an Apache2 Licensed utility, rewritten in Python 3.x, for admins/pentesters who want to find admin panel of a website. There are many other tools but not as effective and secure. Yeah,...
View ArticleClik here to view.
Osmedeus - Fully Automated Offensive Security Tool For Reconnaissance And...
Osmedeus allows you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target.How to useIf you have no idea what are you doing just type the command...
View ArticleClik here to view.
ParamPamPam - Brute Force Discover GET And POST Parameters
This tool for brute discover GET and POST parameters.InstallationWith DockerInstall Dockergit clone https://github.com/Bo0oM/ParamPamPam.gitcd ParamPamPamdocker build -t parampp .echo -e...
View ArticleClik here to view.
Evil Clippy - A Cross-Platform Assistant For Creating Malicious MS Office...
A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.Current...
View ArticleClik here to view.
Parrot Security 4.6 - Security GNU/Linux Distribution Designed with Cloud...
 After 3 months of heavy development Parrot 4.6 is officially released.How to updateUpdate your existing Parrot system with the following command:sudo parrot-upgradeSystem Changes (Appearance)The...
View ArticleClik here to view.
OSINT-Search - Useful For Digital Forensics Investigations Or Initial...
OSINT-Search is a useful tool for digital forensics investigations or initial black-box pentest footprinting.OSINT-Search DescriptionScript in Python that applies OSINT techniques by searching public...
View ArticleClik here to view.
ScanQLi - Scanner To Detect SQL Injection Vulnerabilities
ScanQLi is a simple SQL injectionscanner with somes additionals features. This tool can't exploit the SQLi, it just detect them. Tested on Debian 9Features Classic Blind Time basedGBK (soon) Recursive...
View ArticleClik here to view.
Flerken - Obfuscated Command Detection Tool
Command line obfuscation has been proved to be a non-negligible factor in fileless malware or malicious actors that are "living off the land". To bypass signature-based detection, dedicated obfuscation...
View ArticleClik here to view.
HostHunter - A Recon Tool For Discovering Hostnames Using OSINT Techniques
A tool to efficiently discover and extract hostnames over a large set of target IP addresses. HostHunter utilises simple OSINT techniques. It generates a CSV file containing the results of the...
View ArticleClik here to view.
Twint - An Advanced Twitter Scraping And OSINT Tool
Formerly known as Tweep, Twint is an advanced Twitter scraping tool written in Python that allows for scraping Tweets from Twitter profiles without using Twitter's API.Twint utilizes Twitter's search...
View ArticleClik here to view.
Adidnsdump - Active Directory Integrated DNS Dumping By Any Authenticated User
By default any user in Active Directory can enumerate all DNS records in the Domain or Forest DNS zones, similar to a zone transfer. This tool enables enumeration and exporting of all DNS records in...
View ArticleClik here to view.
Bashter - Web Crawler, Scanner, And Analyzer Framework
Bashter is a tool for scanning a Web-based Application. Bashter is very suitable for doing Bug Bounty or Penentration Testing. It is designed like a framework so you can easily add a script for detect...
View ArticleClik here to view.
DumpTheGit - Searches Through Public Repositories To Find Sensitive...
DumpTheGit searches through public repositories to find sensitive information uploaded to the Github repositories.The tool will flag the matches for potentially sensitive files like credentials, secret...
View Article