Utilities for finding Windows executable in XORED data using key or...
Utilities like encryption / decryption by XOR, find Windows executable in XORED data using key / bruteforce, conversion to other data types, etc Script Function: – encryption / decryption by XOR – Find...
View ArticleNishang v0.6.7 – PowerShell for penetration testing and offensive security.
changelog v0.6.7: – Added Out-JS.ps1 in the Client directory. – Added Out-SCT.ps1 in the Client directory. – Added Invoke-JSRatRegsvr.ps1 in the Shells directory. – Added Out-RundllCommand in the...
View ArticleATSCAN v9.0 stable – perl script for vulnerable Server, Site and dork scanner.
Changelog v9.0: + NEW ARGS: –regex –sregex –ifirst –port –pause –ip CHANGES: + new optim building + unique scans process + scan by regex + search by regex + optimized ports scan + added option to scan...
View ArticleThe ShareSploit Framework (SSF) v0.1 alpha.
ShareSploit Framework (SSF) is share the multi technique exploitation for ethical hacking. Requirements: – Install Ruby on your Linux manchine, guide on...
View ArticleNet::FTP::Brute – a bruteforce (p)ftp connection handler to bypass strange...
Tries it’s best to establish a connection to a ftp-server. If cannot connect, retries tirelessly for network to come back up. If can connect, but cannot establish a DATA-connection, starts brute...
View ArticlePNG-IDAT-chunks ~ payload generator.
Simple tool to generate malicious PNG images containing JavaScript code in IDAT chunks. Currently are supported only 3 characters domains. Description function: + Revisiting XSS payloads in PNG IDAT...
View Articlesnmpwn – An SNMPv3 User Enumerator and Attack tool.
An SNMPv3 User Enumerator and Attack tool with SNMP Authentication and Encryption Type. Should be either: authnopriv, noauthnopriv or authpriv. Requirement: + Ruby Gems + tty-command module + trollop...
View ArticleBluto v1.1.22 ~ DNS Recon | Brute Forcer | DNS Zone Transfers | Email...
Changelog v1.1.22 Full Featured: + setup.py and Bluto folder version Fix. Bluto v1.1.22 The target domain is queried for MX and NS records. Sub-domains are passively gathered via NetCraft. The target...
View ArticleATSCAN v9.5 stable – perl script for Search / Server / Site / Dork /...
Changelog v9.5: + Best optimization. Description: ATSCAN SEARCH engine XSS scanner. Sqlmap. LFI scanner. Filter wordpress and Joomla sites in the server. Find Admin page. Decode / Encode MD5 + Base64....
View Articlethc-ipv6 v3.1dev-git ~ IPv6 attack toolkit.
changelog v3.1dev-git: * fake_router26: new -f option to specify the sending mac address (thanks to Scott Winegarden for the patch) [1/7/2016] * added alive2map.sh script to create a network map...
View ArticleATSCAN v9.6 stable – perl script for Search / Server / Site / Dork /...
Changelog v9.6: – Use proxy in ports scans. – Fix get subdomains. – Wide search engine and more results when using proxy. – Fix some text errors. – Show proxy info when used. – Removed text from panel...
View ArticleSublist3r v1.0 released : Fast subdomains enumeration tool for penetration...
Changelog and What’s new in v1.0 ? + Fixed Sublist3r v1.0 on Windows Platform + Added New OSINT Sources — Virustotal: Now sublist3r can enumerate subdomains through Virustotal — SSL Certs: Now...
View ArticlePytheM v0.3.2 – Python penetration testing framework.
Changelog v0.3.2: + Update requirements.txt + PytheM v0.3.2 Fixed a LOT of bugs + Update arpoisoner.py + Update interface.py PytheM is a Python penetration testing framework. ARPspoof mode: + gateway +...
View ArticleBluto v1.99 – DNS Recon | Brute Forcer | DNS Zone Transfer | DNS Wild Card...
Changelog Latest Version 1.99 (09/07/2016): + Email Hunter API Support Added. + Haveibeenpwned API Support Added. + HTML Evidence Report Added. + Modulated Code Base. + Local Error Logging. The target...
View ArticleSwarm – A distributed penetration testing tool.
Swarm is an open source modular distributed penetration testing Tool that use distributed task queue to implement communication in the master-slave mode system. It consists of a distributed framework...
View ArticleAPT2 – An Automated Penetration Testing Toolkit.
This tool will perform an NMap scan, or import the results of a scan from Nexpose, Nessus, or NMap. The processesd results will be used to launch exploit and enumeration modules according to the...
View ArticleCrackMapExec v3.1.2 – A swiss army knife for pentesting Windows/Active...
Changelog CrackMapExec v3.1.2: + Some minor code cleanup + Error handling improvements + Bug fixes in SMB brute forcing and SMB spider logic + Added support for importing Metasploit credentials + New...
View ArticleATSCAN v9.8 stable – perl script for Search / Server / Site / Dork /...
Changelog v9.8: + Removed –ports argument now use –port –udp | –tcp + Add posibility to execute extern command with open ports. + Add range query string. + Fix decode base64 bug. atscan v9.8...
View ArticleJSQL Injection v0.75 – a java tool for automatic database injection.
Changelog v0.75: – Translation and language detection – Clean code design and Ui – Better multi-threading and multiple injection – Fix different injection strategies and SQL vendors – Upgrade to Java 7...
View ArticleCrackMapExec v3.1.3 – A swiss army knife for pentesting Windows/Active...
Changelog v3.1.3: + New Mimikittenz (https://github.com/putterpanda/mimikittenz) module. + Added the –fail-limit, –gfail-limit and –ufail-limit flags to limit failed login attempts per host, globally...
View Article