Clik here to view.
CMSsc4n v2.0 - Tool to identify if a domain is a CMS such as Wordpress,...
Tool to identify if a domain has got a CMS and determine his version.At the moment, CMSs supported by CMSsc4n are WordPress, Moodle, Joomla, Drupal and Prestashop.InstalationYou can download the latest...
View ArticleClik here to view.
Decodify - Detect And Decode Encoded Strings Recursively
Decodify can detect and decode encoded strings, recursively. Its currently in beta phase.Lets take this string : teamultimate.in and encode it with Hex, URL, Base64 and FromChar encoding,...
View ArticleClik here to view.
Instagram-Py - Simple Instagram Brute Force Script
Instagram-Py is a simple python script to perform basic brute force attack against Instagram ,this script can bypass login limiting on wrong passwords , so basically it can test infinite number of...
View ArticleClik here to view.
Reposcanner - Python Script To Scan Git Repos For Interesting Strings
Reposcanner is a python script to search through the commit history of Git repositories looking for interesting strings such as API keys, inspires by truffleHog.InstallationThe python Git module is...
View ArticleClik here to view.
RetDec - A Retargetable Machine-Code Decompiler
RetDec is a retargetable machine-code decompiler based on LLVM.The decompiler is not limited to any particular target architecture, operating system, or executable file format:Supported file formats:...
View ArticleClik here to view.
shimit - A tool that implements the Golden SAML attack
shimit is a python tool that implements the Golden SAML attack. More informations on this can be found in the following article on our blog.python .\shimit.py -husage: shimit.py [-h] -pk KEY [-c CERT]...
View ArticleClik here to view.
fuxploider - File Upload Vulnerability Scanner And Exploitation Tool
fuxploider is an open source penetration testing tool that automates the process of detecting and exploiting file upload forms flaws. This tool is able to detect the file types allowed to be uploaded...
View ArticleClik here to view.
In-Spectre-Meltdown - Tool to identify Meltdown & Spectre Vulnerabilities in...
This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows...
View ArticleClik here to view.
Meltdown Exploit PoC
Speculative optimizations execute code in a non-secure manner leaving data traces in microarchitecture such as cache.Refer to the paper by Lipp et. al 2017 for details:...
View ArticleClik here to view.
Spectre-Meltdown-Checker - Spectre & Meltdown Vulnerability/Mitigation...
A simple shell script to tell if your Linux installation is vulnerable against the 3 "speculative execution" CVEs:CVE-2017-5753 bounds check bypass (Spectre Variant 1)Impact: Kernel & all...
View ArticleClik here to view.
Wapiti 3.0.0 - The Web-Application Vulnerability Scanner
Wapiti allows you to audit the security of your websites or web applications.It performs "black-box" scans (it does not study the source code) of the web application by crawling the webpages of the...
View ArticleClik here to view.
CoffeeMiner - Collaborative (MITM) Cryptocurrency Mining Pool In Wifi Networks
Collaborative (mitm) cryptocurrency mining pool in wifi networksWarning: this project is for academic/research purposes only.A blog post about this project can be read here:...
View ArticleClik here to view.
Anubis - Subdomain Enumeration And Information Gathering Tool
Anubis is a subdomainenumeration and information gathering tool. Anubis collates data from a variety of sources, including HackerTarget, DNSDumpster, x509 certs, VirusTotal, Google, Pkey, and NetCraft....
View ArticleClik here to view.
SNMPwn - An SNMPv3 User Enumerator and Attack tool
SNMPwn is an SNMPv3 user enumerator and attack tool. It is a legitimate security tool designed to be used by security professionals and penetration testers against hosts you have permission to test. It...
View ArticleClik here to view.
truffleHog - Searches Through Git Repositories For High Entropy Strings And...
Searches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accidentally committed.NEWTrufflehog previously functioned by running...
View ArticleClik here to view.
Recon-ng - Full-Featured Web Reconnaissance Framework
Recon-ng is a full-featured Web Reconnaissance framework written in Python. Complete with independent modules, database interaction, built in convenience functions, interactive help, and command...
View ArticleClik here to view.
Archery - Open Source Vulnerability Assessment And Management Helps...
Archery is an opensource vulnerability assessment and management tool which helps developers and pentesters to perform scans and manage vulnerabilities. Archery uses popular opensource tools to perform...
View ArticleClik here to view.
Salamandra - Spy Microphone Detection Tool
Salamandra is a tool to detect and locate spy microphones in closed environments. It find microphones based on the strength of the signal sent by the microphone and the amount of noise and overlapped...
View ArticleClik here to view.
ACE - Automated, Collection, and Enrichment Platform
The Automated Collection and Enrichment (ACE) platform is a suite of tools for threat hunters to collect data from many endpoints in a network and automatically enrich the data. The data is collected...
View ArticleClik here to view.
cSploit Android - The most complete and advanced IT security professional...
cSploit is a free/libre and open source (GPLed) Android network analysis and penetration suite which aims to be the most complete and advanced professional toolkit for IT security experts/geeks to...
View Article