Clik here to view.
ApkLeaks - Scanning APK File For URIs, Endpoints And Secrets
Scanning APK file for URIs, endpoints& secrets.InstallationTo install apkLeaks, simply:$ git clone https://github.com/dwisiswant0/apkleaks$ cd apkleaks/$ pip install -r requirements.txtOr download...
View ArticleClik here to view.
Social-Analyzer - API And Web App For Analyzing And Finding A Person Profile...
An API for analyzing & finding a person profile across +300 social media websites. It includes different string analysis and detection modules, you can choose which combination of modules to use...
View ArticleClik here to view.
Proxify - Swiss Army Knife Proxy Tool For HTTP/HTTPS Traffic Capture,...
Swiss Army Knife Proxy for rapid deployments. Supports multiple operations such as request/response dump, filtering and manipulation via DSL language, upstream HTTP/Socks5 proxy. Additionally a replay...
View ArticleClik here to view.
Wynis - Audit Windows Security With Best Practice
Just a powershell scripts for auditing security with CIS BEST Practices Windows 10 and Window Server 2016 You just need to run the script, it will create a directory named : AUDIT_CONF_%DATE%The...
View ArticleClik here to view.
Top 20 Most Popular Hacking Tools in 2020
Although 2020 has been the worst year since 1945, as last year, this year we made a ranking with the most popular tools between January and December 2020.Topics of the tools focus on Phishing,...
View ArticleClik here to view.
RogueWinRM - Windows Local Privilege Escalation From Service Account To System
RogueWinRM is a local privilege escalation exploit that allows to escalate from a Service account (with SeImpersonatePrivilege) to Local System account if WinRM service is not running (default on Win10...
View ArticleClik here to view.
Oblivion - Data Leak Checker And OSINT Tool
Oblivion is a tool focused in real time monitoring of new data leaks, notifying if the credentials of the user has been leak out. It's possible too verify if any credential of user has been leak out...
View ArticleClik here to view.
HyperDbg - The Source Code Of HyperDbg Debugger
HyperDbg is designed with a focus on using modern hardware technologies to provide new features to the reverse engineering world. It operates on top of Windows by virtualizing an already running system...
View ArticleClik here to view.
Byp4Xx - Simple Bash Script To Bypass "403 Forbidden" Messages With...
byp4xx.sh __ __ __ / /_ __ ______ / // / _ ___ __ / __ \/ / / / __ \/ // /_| |/_/ |/_/ / /_/ / /_/ / /_/ /__ __/> <_> < /_.___/\__, / .___/ /_/ /_/|_/_/|_| /____/_/ A bash script to bypass...
View ArticleClik here to view.
Urlhunter - A Recon Tool That Allows Searching On URLs That Are Exposed Via...
urlhunter is a recon tool that allows searching on URLs that are exposed via shortener services such as bit.ly and goo.gl. The project is written in Go.How?A group named URLTeam (kudos to them) are...
View ArticleClik here to view.
MOSINT - OSINT Tool For Emails
MOSINT is an OSINT Tool for emails. It helps you gather information about the target email.ï’¼ Features:Verification Service { Check if email exist }Check social accounts with SocialscanCheck data...
View ArticleClik here to view.
XSS-Scanner - XSS Scanner That Detects Cross-Site Scripting Vulnerabilities...
Cross-Site Scripting (XSS) is one of the most well known web application vulnerabilities. It even has a dedicated chapter in the OWASP Top 10 project and it is a highly chased vulnerability in bug...
View ArticleClik here to view.
EvtMute - Apply A Filter To The Events Being Reported By Windows Event Logging
This is a tool that allows you to offensively use YARA to apply a filter to the events being reported by windows event logging.UsageGrap the latest verison from here. EvtMuteHook.dll contains the core...
View ArticleClik here to view.
Drow - Injects Code Into ELF Executables Post-Build
drow is a command-line utility that is used to inject code and hook the entrypoint of ELF executables (post-build). It takes unmodified ELF executables as input and exports a modified ELF contianing an...
View ArticleClik here to view.
MaskPhish - Give A Mask To Phishing URL
MaskPhish is a simple script to hide phishing URL under a normal looking URL(google.com or facebook.com).Legal Disclaimer:Usage of MaskPhish for attacking targets without prior mutual consent is...
View ArticleClik here to view.
Hack-Tools v0.3.0 - The All-In-One Red Team Extension For Web Pentester
The all-in-one Red Team browser extension for Web PentestersHackTools, is a web extension facilitating your web application penetration tests, it includes cheat sheets as well as all the tools used...
View ArticleClik here to view.
Sarenka - OSINT Tool - Data From Services Like Shodan, Censys Etc. In One Place
SARENKA is an Open Source Intelligence (OSINT) tool which helps you obtaining and understanding Attack Surface.The main goal is to gathering infromation from search engines for Internet-connected...
View ArticleClik here to view.
UhOh365 - A Script That Can See If An Email Address Is Valid In Office365...
A script that can see if an email address is valid in Office365. This does not perform any login attempts, is unthrottled, and is incredibly useful for social engineering assessments to find which...
View ArticleClik here to view.
Exif-Gps-Tracer - A Python Script Which Allows You To Parse GeoLocation Data...
A python script which allows you to parse GeoLocation data from your Image files stored in a dataset.It also produces output in CSV file and also in HTML Google MapsPrerequisiteTo run this script...
View ArticleClik here to view.
Solarflare - SolarWinds Orion Account Audit / Password Dumping Utility
Credential Dumping Tool for SolarWinds OrionBlog post: https://malicious.link/post/2020/solarflare-release-password-dumper-for-solarwinds-orion/Credit to @asolino, @gentilkiwi, and @skelsec for helping...
View Article