Clik here to view.
Guardedbox - Online Client-Side Manager For Secure Storage And Secrets Sharing
GuardedBox is an open-source online client-side manager for secure storage and secrets sharing.It allows users to upload secrets to a centralized server and retrieve them at anytime and from anywhere....
View ArticleClik here to view.
Locator - Geolocator, Ip Tracker, Device Info By URL (Serveo And Ngrok)
Geolocator, Ip Tracker, Device Info by URL (Serveo and Ngrok). It uses tinyurl to obfuscate the Serveo link.Legal disclaimer:Usage of Locator for attacking targets without prior mutual consent is...
View ArticleClik here to view.
S3BucketList - Firefox Plugin The Lists Amazon S3 Buckets Found In Requests
S3BucketList is a Firefoxplugin that records S3 Buckets found in requests. It is currently a work in progress and additional features will be added in the future.This plugin will also be ported to...
View ArticleClik here to view.
EvilApp - Phishing Attack Using An Android App To Grab Session Cookies For...
Man-in-the-middle phishing attack using an Android app to grab session cookies for any website, which in turn allows to bypass 2-factor authentication protection. EvilApp brings as an example the...
View ArticleClik here to view.
AutoRDPwn v5.1 - The Shadow Attack Framework
AutoRDPwn is a post-exploitation framework created in Powershell, designed primarily to automate the Shadow attack on Microsoft Windows computers. This vulnerability (listed as a feature by Microsoft)...
View ArticleClik here to view.
Game-based learning platform provides full immersion into cybersecurity
Working and learning have gone remote, and we have to come to terms with this new reality. Nowadays, several organizations allow their staff to work from home permanently. Most universities consider...
View ArticleClik here to view.
Jaeles v0.9 - The Swiss Army Knife For Automated Web Application Testing
Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner.InstallationDownload precompiled version here.If you have a Go environment,...
View ArticleClik here to view.
FinalRecon - The Last Web Recon Tool You'll Need
FinalRecon is a fast and simple python script for web reconnaissance. It follows a modular structure so in future new modules can be added with...
View ArticleClik here to view.
OhMyQR - Hijack Services That Relies On QR Code Authentication
QRLJacking or Quick Response Code Login Jacking is a simple social engineering attack vector capable of session hijacking affecting all applications that rely on the “Login with QR code” feature as a...
View ArticleClik here to view.
Pivotnacci - A Tool To Make Socks Connections Through HTTP Agents
Pivot into the internal network by deploying HTTP agents. Pivotnacci allows you to create a socks server which communicates with HTTP agents. The architecture looks like the following:This tool was...
View ArticleClik here to view.
RepoPeek - A Python Script To Get Details About A Repository Without Cloning It
RepoPeek is a Python script to get details about a repository without cloning it. All the information are retrieved using the GitHub API.Please Note: API requests made by this module aren't using basic...
View ArticleClik here to view.
Project iKy v2.6.0 - Tool That Collects Information From An Email And Shows...
Project iKy is a tool that collects information from an email and shows results in a nice visual interface.Visit the Gitlab Page of the ProjectInstallationClone repositorygit clone...
View ArticleClik here to view.
MemoryMapper - Lightweight Library Which Allows The Ability To Map Both...
Memory Mapper is a lightweight library which allows the ability to map both native and managed assemblies into memory by either using process injection of a process specified by the user or...
View ArticleClik here to view.
Purify - All-in-one Tool For Managing Vulnerability Reports From AppSec...
All-in-one tool for managing vulnerability reportsWhyThe goal of Purify to be an easy-in-use and efficient tool to simplify a workflow of managing vulnerabilities delivered from various tools.Purify is...
View ArticleClik here to view.
DroidFiles - Get Files From Android Directories
Get files from Android directories, internal and external storage (Pictures, Downloads, Whatsapp, Videos, ...)Legal disclaimer:Usage of DroidFiles for attacking targets without prior mutual consent is...
View ArticleClik here to view.
ANDRAX v5R NH-Killer - Penetration Testing on Android
ANDRAX is a Penetration Testing platform developed specifically for Android smartphones, ANDRAX has the ability to run natively on Android so it behaves like a common Linux distribution, But more...
View ArticleClik here to view.
ADCollector - A Lightweight Tool To Quickly Extract Valuable Information From...
ADCollector is a lightweight tool that enumerates the Active Directory environment to identify possible attack vectors. It will give you a basic understanding of the configuration/deployment of the...
View ArticleClik here to view.
Vault - A Tool For Secrets Management, Encryption As A Service, And...
Please note: We take Vault's security and our users' trust very seriously. If you believe you have found a security issue in Vault, please responsibly disclose by contacting us at...
View ArticleClik here to view.
Bing-Ip2Hosts - Bingip2Hosts Is A Bing.com Web Scraper That Discovers...
Bing-ip2hosts is a Bing.com web scraper to discover hostnames by IP address.DescriptionBing-ip2hosts is a Bing.com web scraper that discovers hostnames by IP address. Bing is the flagship Microsoft...
View ArticleClik here to view.
Enumy - Linux Post Exploitation Privilege Escalation Enumeration
Enumy is portable executable that you drop on target Linux machine during a pentest or CTF in the post exploitation phase. Running enumy will enumerate the box for common security vulnerabilities....
View Article