Clik here to view.
Crosslinked - LinkedIn Enumeration Tool To Extract Valid Employee Names From...
CrossLinked simplifies the processes of searching LinkedIn to collect valid employee names when performing password spraying or another security testing against an organization. Using similar search...
View ArticleClik here to view.
TeleShadow v3 - Telegram Desktop Session Stealer (Windows)
Teleshadow3- Advanced Telegram Desktop Session Hijacker!DownloadClick HERE to download the latest version!Stealing desktop telegrams has never been so easy!Set the email and sender details of the...
View ArticleClik here to view.
VulnX - CMS And Vulnerabilites Detector And An Intelligent Auto Shell Injector
Vulnx is a cms and vulnerabilites detection, an intelligent auto shell injector, fast cms detection of target and fast scanner and informations gathering like subdomains, ipaddresses, country, org,...
View ArticleClik here to view.
IPFinder CLI - The Official Command Line Client For IPFinder
The Official Command Line Client For IPFinder:Supports Single IP Address, asn, ranges, firewall as InputSupports BulkExports Results to Screen or to An Output FileSupports IPv4 and IPv6Supports ASN...
View ArticleClik here to view.
HiddenWall - Linux Kernel Module Generator For Custom Rules With Netfilter...
HiddenWall is a Linux kernel module generator for custom rules with netfilter. (block ports, Hidden mode, rootkit functions etc). The motivation: on bad situation, attacker can put your iptables/ufw to...
View ArticleClik here to view.
SSHD-Poison - A Tool To Get Creds Of Pam Based SSHD Authentication
sshd-poison is a tool to get creds of pam based sshd authentication, this is not the easiest way to do that (you can create a pam module, or just add auth optional pam_exec.so quiet expose_authtok...
View ArticleClik here to view.
CMSeeK v1.1.2 - CMS Detection And Exploitation Suite - Scan WordPress,...
What is a CMS?A content management system (CMS) manages the creation and modification of digital content. It typically supports multiple users in a collaborative environment. Some noteable examples...
View ArticleClik here to view.
H2Buster - A Threaded, Recursive, Web Directory Brute-Force Scanner Over HTTP/2
A threaded, recursive, web directory brute-forcescanner over HTTP/2 using hyper, inspired by Gobuster.FeaturesFast and portable - install hyper and run.Multiconnection scanning.Multithreaded...
View ArticleClik here to view.
Sniffglue - Secure Multithreaded Packet Sniffer
sniffglue is a network sniffer written in rust. Network packets are parsed concurrently using a thread pool to utilize all cpu cores. Project goals are that you can run sniffglue securely on untrusted...
View ArticleClik here to view.
P4wnP1 A.L.O.A. - Framework Which Turns A Rapsberry Pi Zero W Into A...
P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming and physical engagements ... or into "A Little Offensive...
View ArticleClik here to view.
Brutality - A Fuzzer For Any GET Entries
A fuzzer for any GET entries.FeaturesMulti-threading on demandFuzzing, bruteforcing GET paramsFind admin panelsColored outputHide results by return code, word numbersProxy supportBig...
View ArticleClik here to view.
Kubolt - Utility For Scanning Public Kubernetes Clusters
Kubolt is a simple utility for scanning public unauthinticated kubernetes clusters and run commands inside containers.Why?Sometimes, the kubelet port 10250 is open to unauthorized access and makes it...
View ArticleClik here to view.
PhoneSploit - Using Open Adb Ports We Can Exploit A Devive
Using open Adb ports we can exploit a device you can find open ports here https://www.shodan.io/search?query=android+debug+bridge+product%3A”Android+Debug+Bridge”To find out how to access a local...
View ArticleClik here to view.
Wpbullet - A Static Code Analysis For WordPress (And PHP)
A static code analysis for WordPress Plugins/Themes (and PHP)InstallationSimply clone the repository, install requirements and run the script$ git clone https://github.com/webarx-security/wpbullet...
View ArticleClik here to view.
Amass - In-depth DNS Enumeration And Network Mapping
The OWASP Amass tool suite obtains subdomain names by scraping data sources, recursive brute forcing, crawling web archives, permuting/altering names and reverse DNS sweeping. Additionally, Amass uses...
View ArticleClik here to view.
Userrecon-Py - Find Usernames In Social Networks
Find usernames in social networks.InstallationInstall dependencies (Debian/Ubuntu):sudo apt install python3 python3-pipInstall with pip3:sudo -H pip3 install...
View ArticleClik here to view.
Metabigor - Command Line Search Engines Without Any API Key
Command line Search Engine without any API key.What is Metabigor?Metabigor allows you do query from command line to awesome Search Engines (like Shodan, Censys, Fofa, etc) without any API key.But Why...
View ArticleClik here to view.
autoPwn - Automate Repetitive Tasks For Fuzzing
WarningCompletely re-writing this right now. Focus will be on interactive Linux apps that only take input from stdin for starters. Attempting to use Shellphish's Driller and Fuzzer...
View ArticleClik here to view.
Finshir - A Coroutines-Driven Low And Slow Traffic Sender, Written In Rust
You are seeing a high-performant, coroutines-driven, and fully customisable implementation of Low & Slowload generator designed for real-world pentesting. You can easily torify/proxify it using...
View ArticleClik here to view.
Facebash - Facebook Brute Forcer In Shellscript Using TOR
Facebook Brute Forcer in shellscript using TORIG: @thelinuxchoiceLegal disclaimer:Usage of Facebash for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to...
View Article