Clik here to view.
RedPeanut - A Small RAT Developed In .Net Core 2 And Its Agent In .Net 3.5/4.0
RedPeanut is a small RAT developed in .Net Core 2 and its agent in .Net 3.5 / 4.0. RedPeanut code execution is based on shellcode generated with DonutCS. It is therefore a hybrid, although developed in...
View ArticleClik here to view.
DetectionLab - Vagrant And Packer Scripts To Build A Lab Environment Complete...
DetectionLab is tested weekly on Saturdays via a scheduled CircleCI workflow to ensure that builds are passing.PurposeThis lab has been designed with defenders in mind. Its primary purpose is to allow...
View ArticleClik here to view.
Andor - Blind SQL Injection Tool With Golang
Blind SQL Injection Tool with Golang.UsageDownload andor.go and go to the folder where the file andor.go located. And type this to command promt:go run andor.go --url...
View ArticleClik here to view.
SQL Injection Payload List
SQL InjectionIn this section, we'll explain what SQL injection is, describe some common examples, explain how to find and exploit various kinds of SQL injection vulnerabilities, and summarize how to...
View ArticleClik here to view.
WinPwn - Automation For Internal Windows Penetrationtest / AD-Security
In many past internal penetration tests I often had problems with the existing Powershell Recon / Exploitation scripts due to missing proxy support. I often ran the same scripts one after the other to...
View ArticleClik here to view.
Ddoor - Cross Platform Backdoor Using Dns Txt Records
Cross-platform backdoor using dns txt records.What is ddor?ddor is a cross platform light weight backdoor that uses txt records to execute commands on infected machines.FeaturesAllows a single txt...
View ArticleClik here to view.
Custom Header - Automatic Add New Header To Entire BurpSuite HTTP Requests
This Burp Suite extension allows you to customize header with put a new header into HTTP REQUEST BurpSuite (Scanner, Intruder, Repeater, Proxy History) and also you can choose whatever HTTP VERB what...
View ArticleClik here to view.
SCShell - Fileless Lateral Movement Tool That Relies On ChangeServiceConfigA...
Fileless lateral movement tool that relies on ChangeServiceConfigA to run command. The beauty of this tool is that it doesn't perform authentication against SMB everything is performed over DCERPC.The...
View ArticleClik here to view.
Ultimate Facebook Scraper - A Bot Which Scrapes Almost Everything About A...
Tooling that automates your social media interactions to collect posts, photos, videos, friends, followers and much more on Facebook.FeaturesA bot which scrapes almost everything about a facebook...
View ArticleClik here to view.
FireProx - AWS API Gateway Management Tool For Creating On The Fly HTTP...
Being able to hide or continually rotate the source IP address when making web calls can be difficult or expensive. A number of tools have existed for some time but they were either limited with the...
View ArticleClik here to view.
DNCI - Dot Net Code Injector
DNCI allows the injection of .Net code (.exe or .dll) remotely in unmanaged processes in windows.1. Project StructureThe project is structured in:DNCI.Injector.Library - Injection library. Contains all...
View ArticleClik here to view.
RdpThief - Extracting Clear Text Passwords From Mstsc.Exe Using API Hooking
RdpThief by itself is a standalone DLL that when injected in the mstsc.exe process, will perform API hooking, extract the clear-text credentials and save them to a file.An aggressor script accompanies...
View ArticleClik here to view.
Leprechaun - Tool Used To Map Out The Network Data Flow To Help Penetration...
The purpose of this tool is to help penetration testers identify potentially valuable targets on the internal network environment. By aggregating netstat routes from multiple hosts, you can easily...
View ArticleClik here to view.
Glances - An Eye On Your System. A Top/Htop Alternative For GNU/Linux, BSD,...
Glances is a cross-platform monitoring tool which aims to present a large amount of monitoring information through a curses or Web based interface. The information dynamically adapts depending on the...
View ArticleClik here to view.
Sshtunnel - SSH Tunnels To Remote Server
Inspired by https://github.com/jmagnusson/bgtunnel, which doesn't work on Windows.See also: https://github.com/paramiko/paramiko/blob/master/demos/forward.pyRequirementsparamikoInstallationsshtunnel is...
View ArticleClik here to view.
RE:TERNAL - Repo Containing Docker-Compose Files And Setup Scripts Without...
RE:TERNAL is a centralised purple team simulation platform. Reternal uses agents installed on a simulation network to execute various known red-teaming techniques in order to test blue-teaming...
View ArticleClik here to view.
Antispy - A Free But Powerful Anti Virus And Rootkits Toolkit
AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,analyze and restore various kernel modifications and hooks.With its...
View ArticleClik here to view.
Flan - A Pretty Sweet Vulnerability Scanner By CloudFlare
Flan Scan is a lightweight network vulnerability scanner. With Flan Scan you can easily find open ports on your network, identify services and their version, and get a list of relevant CVEs affecting...
View ArticleClik here to view.
Corsy - CORS Misconfiguration Scanner
Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations.UsageUsing Corsy is pretty simplepython corsy.py -u https://example.comA delay between consecutive...
View ArticleClik here to view.
Kali Linux 2019.4 Release - Penetration Testing and Ethical Hacking Linux...
We are incredibly excited to announce our fourth and final release of 2019, Kali Linux 2019.4.2019.4 includes some exciting new updates:A new default desktop environment, XfceNew GTK3 theme (for Gnome...
View Article