Clik here to view.
Needle - Instant Access To You Bug Bounty Submission Dashboard On Various...
Chrome extension for Instant access to your bug bounty submission dashboard of various platforms + publicly disclosed reports + #bugbountytipNeedle is the only chrome extension you may need to have one...
View ArticleClik here to view.
EvilPDF - Embedding Executable Files In PDF Documents
Read the license before using any part from this code :)Hiding executable files in PDF documentsLegal disclaimer:Usage of EvilPDF for attacking targets without prior mutual consent is illegal. It's the...
View ArticleClik here to view.
Attacker-Group-Predictor - Tool To Predict Attacker Groups From The...
The tool predicts attacker groups from techniques and softwares used. It searches based on the MITRE ATT&CK frameworkHow it works?1- Collect data from https://attack.mitre.org/ about attacker...
View ArticleClik here to view.
KatroLogger - KeyLogger For Linux Systems
KeyLogger for Linux Systems.FeaturesRuns on GUI systems or CLISending data by emailDependenciescurllibx11-dev (Debian-Based)libX11-devel (RHEL-Based)Compiling# ./configure# make# make installUsage#...
View ArticleClik here to view.
Shodanfy.py - Get Ports, Vulnerabilities, Informations, Banners, ..Etc For...
Get ports,vulnerabilities,informations,banners,..etc for any IP with Shodan (no apikey! no rate limit!)Usage# python3 shodanfy.py <ip> [OPTIONS] e.g: python3 shodanfy.py 111.111.111.111 python3...
View ArticleClik here to view.
URLCADIZ - A Simple Script To Generate A Hidden Url For Social Engineering
A simple script to generate a hidden url for social engineering.Legal disclaimer:Usage of URLCADIZ for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to...
View ArticleClik here to view.
Fast-Google-Dorks-Scan - Fast Google Dorks Scan
A script to enumerate web-sites using Google dorks.Usage example: ./FGDS.sh megacorp.oneVersion: 0.035, June 07, 2020Features:Looking for the common admin panelLooking for the widespread file typesPath...
View ArticleClik here to view.
Axiom - A Dynamic Infrastructure Toolkit For Red Teamers And Bug Bounty Hunters!
Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty and pentesting. Axiom right now is perfect for teams as small as one person, without costing you...
View ArticleClik here to view.
EvilDLL - Malicious DLL (Reverse Shell) Generator For DLL Hijacking
Read the license before using any part from this code :)Malicious DLL (Win Reverse Shell) generator for DLL HijackingFeatures:Reverse TCP Port Forwarding using Ngrok.ioCustom Port Forwarding option...
View ArticleClik here to view.
Fsociety - A Modular Penetration Testing Framework
Installpip install fsocietyUpdatepip install --upgrade fsocietyUsageusage: fsociety [-h] [-i] [-s]A Penetration Testing Frameworkoptional arguments: -h, --help show this help message and exit -i,...
View ArticleClik here to view.
SecretFinder - A Python Script For Find Sensitive Data (Apikeys, Accesstoken,...
SecretFinder is a python script based on LinkFinder, written to discover sensitive data like apikeys, accesstoken, authorizations, jwt,..etc in JavaScript files. It does so by using jsbeautifier for...
View ArticleClik here to view.
Digital Signature Hijack - Binaries, PowerShell Scripts And Information About...
Hijacking legitimate digital signatures is a technique that can be used during red team assessments in order to sign PowerShell code and binaries. This could assist to bypass Device Guard restrictions...
View ArticleClik here to view.
TeaBreak - A Productivity Burp Extension Which Reminds To Take Break While...
TeaBreak is a simple burp extension for security researchers and bug bounty hunters for helping them to increase their work productivity. We know how much health is important. It is recommended to take...
View ArticleClik here to view.
SGN - Encoder Ported Into Go With Several Improvements
SGN is a polymorphic binary encoder for offensive security purposes such as generating statically undetecable binary payloads. It uses a additive feedback loop to encode given binary instructions...
View ArticleClik here to view.
Formphish - Auto Phishing Form-Based Websites
Auto Phishing form-based websites. This tool can automatically detect inputs on html form-based websites to create a phishing page.Features:Auto detect devicePort Forwarding by NgrokIP TrackerLegal...
View ArticleClik here to view.
Vhosts-Sieve - Searching For Virtual Hosts Among Non-Resolvable Domains
Searching for virtual hosts among non-resolvable domains.Installationgit clone https://github.com/dariusztytko/vhosts-sieve.gitpip3 install -r vhosts-sieve/requirements.txtUsageGet a list of subdomains...
View ArticleClik here to view.
OSS-Fuzz - Continuous Fuzzing Of Open Source Software
Fuzz testing is a well-known technique for uncovering programming errors in software. Many of these detectable errors, like buffer overflow, can have serious security implications. Google has found...
View ArticleClik here to view.
Iox - Tool For Port Forward &Amp; Intranet Proxy
Tool for port forward & intranet proxy, just like lcx/ew, but betterWhy write?lcx and ew are awesome, but can be improved.when I first used them, I can't remember these complicated parameters for a...
View ArticleClik here to view.
DroidTracker - Script To Generate An Android App To Track Location In Real Time
Script to generate an Android App to track location in real timeFeatures:Custom App Name2 Port Forwarding options (Ngrok or using SSH Tunneling with Serveo.net)Obfuscated URL by TinyurlFully...
View ArticleClik here to view.
Zip Cracker - Python Script To Crack Zip Password With Dictionary Attack And...
This Script Supports Only Zip File in This VersionYou Can Also Use This Script With crunchCross-platform SupportedUsage: zipcracker.py [options]Options: --version show program's version number and exit...
View Article