Clik here to view.
nmapAutomator - Tool To Automate All Of The Process Of Recon/Enumeration
nmapAutomatorA script that you can run in the background!SummaryThe main goal for this script is to automate all of the process of recon/enumeration that is run every time, and instead focus our...
View ArticleClik here to view.
RansomCoin - A DFIR Tool To Extract Cryptocoin Addresses And Other Indicators...
Extracting metadata and hardcoded Indicators of Compromise from ransomware, in a scalable, efficient, way with cuckoo integrations. Ideally, is it run during cuckoo dynamic analysis, but can also be...
View ArticleClik here to view.
Pown.js - A Security Testing An Exploitation Toolkit Built On Top Of Node.js...
Pown.js is a security testing and exploitation toolkit built on top of Node.js and NPM. Unlike traditional security tools like Metasploits, Pown.js considers frameworks to be an anti-pattern....
View ArticleClik here to view.
Top 20 Most Popular Hacking Tools in 2019
As last year, this year we made a ranking with the most popular tools between January and December 2019.Topics of the tools focus on OSINT, Information Gathering, Android Hacking Tools, Automation...
View ArticleClik here to view.
Turbolist3r - Subdomain Enumeration Tool With Analysis Features For...
Turbolist3r is a fork of the sublist3r subdomain discovery tool. In addition to the original OSINT capabilties of sublist3r, turbolist3r automates some analysis of the results, with a focus on...
View ArticleClik here to view.
SQLMap v1.4 - Automatic SQL Injection And Database Takeover Tool
SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection...
View ArticleClik here to view.
AVCLASS++ - Yet Another Massive Malware Labeling Tool
AVCLASS++ is an appealing complement to AVCLASS [1], a state-of-the-art malware labeling tool.OverviewAVCLASS++ is a labeling tool for creating a malware dataset. Addressing malware threats requires...
View ArticleClik here to view.
XSpear v1.3 - Powerfull XSS Scanning And Parameter Analysis Tool
XSpear is XSS Scanner on ruby gemsKey featuresPattern matching based XSS scanningDetect alertconfirmprompt event on headless browser (with Selenium)Testing request/response for XSS protection bypass...
View ArticleClik here to view.
Kamerka GUI - Ultimate Internet Of Things/Industrial Control Systems...
Ultimate Internet of Things/Industrial Control Systems reconnaissance tool.Powered by Shodan - Supported by Binary Edge & WhoisXMLAPIwriteup -...
View ArticleClik here to view.
SysWhispers - AV/EDR Evasion Via Direct System Calls
SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls.All core syscalls are supported from Windows XP to 10. Example generated files available in...
View ArticleClik here to view.
S3Tk - A Security Toolkit For Amazon S3
A security toolkit for Amazon S3Another day, another leaky Amazon S3 bucket— The Register, 12 Jul 2017Don’t be the... next... big... data... leakBattle-tested at InstacartInstallationRun:pip install...
View ArticleClik here to view.
WindowsFirewallRuleset - Windows Firewall Ruleset Powershell Scripts
About WindowsFirewallRulesetWindows firewall rulles organized into individual powershellscripts according to:Rule groupTraffic directionIP version (IPv4 / IPv6)Further sorted according to programs and...
View ArticleClik here to view.
AWS Report - Tool For Analyzing Amazon Resources
AWS Report is a tool for analyzing amazon resources.FeaturesSearch iam users based on creation dateSearch buckets publicSearch security group with inbound rule for 0.0.0.0/0Search elastic ip...
View ArticleClik here to view.
Tishna - Complete Automated Pentest Framework For Servers, Application Layer...
Complete Automated pentest framework for Servers, Application Layer to Web SecurityInterfaceSoftware have 62 Options with full automation and can be use for web security swiss knifeTishnaTishna is Web...
View ArticleClik here to view.
Multiscanner - Modular File Scanning/Analysis Framework
MultiScanner is a file analysis framework that assists the user in evaluating a set of files by automatically running a suite of tools for the user and aggregating the output. Tools can be custom built...
View ArticleClik here to view.
LKWA - Lesser Known Web Attack Lab
Lesser Known Web Attack Lab is for intermediate pentester that can test and practice lesser known web attacks such as Object Injection, XSSI, PHAR Deserialization, variables variable ..etc. Write-ups...
View ArticleClik here to view.
RFCpwn - An Enumeration And Exploitation Toolkit Using RFC Calls To SAP
An SAP enumeration and exploitationtoolkit using SAP RFC callsThis is a toolkit for demonstrating the impact of compromised service accounts.This PoC is not for use in production environments, no...
View ArticleClik here to view.
Dsync - IDAPython Plugin That Synchronizes Disassembler And Decompiler Views
IDAPython plugin that synchronizes decompiled and disassembled code views.Please refer to comments in the source code for more details.Requires 7.2Download Dsync
View ArticleClik here to view.
XposedOrNot - Tool To Search An Aggregated Repository Of Xposed Passwords...
XposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account...
View ArticleClik here to view.
WAFW00F v2.0 - Allows One To Identify And Fingerprint Web Application...
The Web Application Firewall Fingerprinting Tool.— From Enable SecurityHow does it work?To do its magic, WAFW00F does the following:Sends a normal HTTP request and analyses the response; this...
View Article