Clik here to view.
PythonAESObfuscate - Obfuscates A Python Script And The Accompanying Shellcode
Pythonic way to load shellcode. Builds an EXE for you too!UsagePlace a payload.bin raw shellcode file in the same directory. Default Architecture is x86run python obfuscate.pyDefault output is...
View ArticleClik here to view.
Kali Linux 2020.1 Release - Penetration Testing and Ethical Hacking Linux...
We are incredibly excited to announce the first release of 2020, Kali Linux 2020.1.2020.1 includes some exciting new updates:Non-Root by defaultKali single installer imageKali NetHunter...
View ArticleClik here to view.
Obfuscapk - A Black-Box Obfuscation Tool For Android Apps
Obfuscapk is a modular Python tool for obfuscating Android apps without needing their source code, since apktool is used to decompile the original apk file and to build a new application, after...
View ArticleClik here to view.
Blinder - A Python Library To Automate Time-Based Blind SQL Injection
Blidner is a small python library to automate time-based blind SQL injection by using a pre defined queries as a functions to automate a rapid PoC development.InstallationYou can install Blinder using...
View ArticleClik here to view.
See-SURF - Python Based Scanner To Find Potential SSRF Parameters
A Python based scanner to find potential SSRF parameters in a web application.MotivationSSRF being one of the critical vulnerabilities out there in web, I see there was no tool which would automate...
View ArticleClik here to view.
S3Enum - Fast Amazon S3 Bucket Enumeration Tool For Pentesters
s3enum is a tool to enumerate a target's Amazon S3 buckets. It is fast and leverages DNS instead of HTTP, which means that requests don't hit AWS directly.It was originally built back in 2016 to target...
View ArticleClik here to view.
MassDNS - A High-Performance DNS Stub Resolver For Bulk Lookups And...
MassDNS is a simple high-performance DNS stub resolver targetting those who seek to resolve a massive amount of domain names in the order of millions or even billions. Without special configuration,...
View ArticleClik here to view.
RiskAssessmentFramework - Static Application Security Testing
The OWASP Risk Assessment Framework consist of Static application security testing and Risk Assessment tools, Eventhough there are many SAST tools available for testers, but the compatibility and the...
View ArticleClik here to view.
Project-Black - Pentest/BugBounty Progress Control With Scanning Modules
Scope control, scope scanner and progress tracker for easier working on a bug bounty or pentest project.What is this tool for?The tools encourages more methodical work on pentest/bugbounty, tracking...
View ArticleClik here to view.
GDA Android Reversing Tool - A New Decompiler Written Entirely In C++, So It...
Here, a new Dalvik bytecode decompiler, GDA(this project started in 2013 and released its first version 1.0 in 2015 at www.gda.com: 9090) , is proposed and implemented in C++ to provide more...
View ArticleClik here to view.
DVNA - Damn Vulnerable NodeJS Application
Damn Vulnerable NodeJS Application (DVNA) is a simple NodeJS application to demonstrate OWASP Top 10 Vulnerabilities and guide on fixing and avoiding these vulnerabilities. The fixes branch will...
View ArticleClik here to view.
PCFG Cracker - Probabilistic Context Free Grammar (PCFG) Password Guess...
PCFG = Probabilistic Context Free GrammarPCFG = Pretty Cool Fuzzy GuesserIn short: A collection of tools to perform research into how humans generate passwords. These can be used to crack password...
View ArticleClik here to view.
Injectus - CRLF And Open Redirect Fuzzer
Simple python tool that goes through a list of URLs trying CRLF and open redirect payloads.▪ ▐ ▄ ▐▄▄▄▄▄▄ . ▄▄· ▄▄▄▄▄▄• ▄▌.▄▄ ·██ •█▌▐█ ·██▀▄.▀·▐█ ▌▪•██ █▪██▌▐█ ▀.▐█·▐█▐▐▌▪▄ ██▐▀▀▪▄██ ▄▄...
View ArticleClik here to view.
WhatTheHack - A Collection Of Challenge Based Hack-A-Thons Including Student...
WhatTheHack is a collection of challenge based hack-a-thons including student guide, proctor guide, lecture presentations, sample/instructional code and templates.What, Why and How"What the Hack" is a...
View ArticleClik here to view.
Nfstream - A Flexible Network Data Analysis Framework
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental...
View ArticleClik here to view.
Qiling - Advanced Binary Emulation Framework
Qiling is an advanced binary emulation framework, with the following features:Cross platform: Windows, MacOS, Linux, BSDCross architecture: X86, X86_64, Arm, Arm64, MipsMultiple file formats: PE,...
View ArticleClik here to view.
Dufflebag - Search Exposed EBS Volumes For Secrets
Dufflebag is a tool that searches through public Elastic Block Storage (EBS) snapshots for secrets that may have been accidentally left in. You may be surprised by all the passwords and secrets just...
View ArticleClik here to view.
Jaeles v0.4 - The Swiss Army Knife For Automated Web Application Testing
Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner.InstallationDownload precompiled version here.If you have a Go environment,...
View ArticleClik here to view.
Misp-Dashboard - A Dashboard For A Real-Time Overview Of Threat Intelligence...
A dashboard showing live data and statistics from the ZMQ feeds of one or more MISP instances. The dashboard can be used as a real-time situational awareness tool to gather threat intelligence...
View ArticleClik here to view.
Takeover v0.2 - Sub-Domain TakeOver Vulnerability Scanner
Sub-domain takeovervulnerability occur when a sub-domain (subdomain.example.com) is pointing to a service (e.g: GitHub, AWS/S3,..) that has been removed or deleted. This allows an attacker to set up a...
View Article