Clik here to view.
Recon-ng v4.8.2 ~ a full-featured Web Reconnaissance framework.
Changelog recon-ng v4.8.2: * Fixed a bug in the hashes_org module. * Fixed a bug in the fullcontact module. * Fixed a bug in the search mixin. Resolves issue #178. (@markmuir) * Added the...
View ArticleClik here to view.
myBFF – a Brute Force Framework.
Point the framework at a file containing usernames, a host, and give it a password. The framework will determine what type of web application is in use, then attempt to brute force accounts. After...
View ArticleClik here to view.
Katana Framework build v0065 – The hacking Framework.
Changelog Katana Framework V:[0.0.1.0] B:[0065] D:[21/09/16:08/10/16]: + Repeat function removed. + Auto-Load Last Session Feacture was Added + Fixed Install Error: ktf.gui + Core: Fixed load...
View ArticleClik here to view.
Medusa v2.2-git : is a speedy, parallel, and modular, login brute-forcer.
Changelog Medusa v2.2-git 11/02/2016: * Update to support newer versions of OpenSSL. * Added darwin specific dylib path checking for libssh2 (kludgy but works) * Commented out OSX RDP support as it’s...
View ArticleClik here to view.
Yosuo v2.3- is A ruby script that scans for vulnerable & exploitable...
Changelog Yasuo v2.3: 1) Accepts file with new-line separated list of IP addresses with “-l” switch. 2) Smart brute-forcing. Introduced app-specific credentials in the signature file, which are tried...
View ArticleClik here to view.
v3n0M v410.4 – Popular Pentesting scanner in Python3.5 for SQLi/XSS/LFI/RFI...
Latest Change v410.4: + Latest News: Updated Recovery Menu, Minor Bugfixes. + Fixed/Added/Implemented Cloudflare resolver. + dnspython in setup.py addressed. v3n0m-scanner v410.4 V3n0M is a free and...
View ArticleClik here to view.
brut3k1t – Server side brute force module.
brut3k1t is a server-side bruteforce module that supports dictionary attacks for several protocols. The current protocols that are complete and in support are: + ssh + ftp + smtp + XMPP + instagram +...
View ArticleClik here to view.
smod v1.0.4 – MODBUS Penetration Testing Framework.
Changelog smod v1.0.4 11/11/2016: * Update writeAllCoils.py * Create writeAllRegister.py * Update System/Core/Global.py smod v1.0.4 smod v1.0.3 smod is a modular framework with every kind of diagnostic...
View ArticleClik here to view.
Swarm – Bruteforcing penetration tool.
Disclaimer: THIS IS FOR EDUCATION OR RESEARCH USE ONLY. AUTHOR DOES NOT CONDONE ANY USE FOR ATTEMPT TO GAIN UNAUTHORIZED ACCESS TO SOMEONE ELSES ACCOUNT and/or PROPERTY. DO NOT USE ON A DOMAIN/PROPERTY...
View ArticleClik here to view.
dedsploit – a platform for network exploitation.
LEGAL DISCLAMER: The author does not hold any responsibility about the bad use of this script, remmember that attacking targets without prior concent its ilegal and punish by law, this script was build...
View ArticleClik here to view.
wordlist generating tool for social engineering and security researchers.
Disclaimer: Please do not use in military or secret service organizations, or for illegal purposes. The tool here is only used for educational purposes only. I will not be held responsible for any...
View ArticleClik here to view.
Nishang v0.7.0 – PowerShell for penetration testing and offensive security.
Changelog Nishang v0.7.0: – Added Invoke-SSIDExfil to the Gather directory. – Gupt-Backdoor can now receive commands from SSID names on targets having PowerShellv3 and above. – Added ConverTo-ROT13 to...
View ArticleClik here to view.
Ruler v2.0 – A tool to abuse Exchange services.
Changelog ruler v2.0 12/12/2016: + Fix a bug that was causing rpc with –encrypt to fail for some mailboxes. Issue was with padding on the AUTH3 packet + Fix conflict Binaries version changelog + New...
View ArticleClik here to view.
sentry v1.05 – safe and effective protection against bruteforce attacks.
Sentry detects and prevents bruteforce attacks against sshd using minimal system resources. SAFE To prevent inadvertant lockouts, Sentry auto-whitelists IPs that have connected more than 3 times and...
View ArticleClik here to view.
dymerge – a dynamic dictionary based brute force attacks.
Changelog dymerge v0.2 21.09.2016: + Directories now permitted. + Minor bug fixes. dymerge is A simple, yet powerful tool – written purely in python – which takes given wordlists and merges them into...
View ArticleClik here to view.
automato – automating user-focused enumeration tasks during an internal...
automato should help with automating some of the user-focused enumeration tasks during an internal penetration test. automato is also capable of conducting limited brute force attacks such as: +...
View ArticleClik here to view.
PTZ : Penetration Tester’s Zsh – functions for fast pawn.
PTZ is a Penetration Tester’s Zsh with functions 4 fast pawn. Works on Debian if the dependencies are met or on Kali. Probably works on Pentoo also. Installing after you have the dependencies: cp...
View ArticleClik here to view.
locasploit – Local enumeration and exploitation framework.
locasploit is a collection python3 and bash script for Local enumeration and exploitation framework. Dependencies: + All Linux Machine + Python 3.x + Bash Console Modules: + analysis.iot – Scans image...
View ArticleClik here to view.
JSQL Injection v0.78 – a java tool for automatic database injection.
Changelog jSQL Injection v0.78 includes major changes : + SQL Engine + MySQL BIGINT Overflow for MySQL + Database flavor : Access + Translations: es pt de it nl id + GUI improvements This specific...
View ArticleClik here to view.
Inveigh v1.3 is a Windows PowerShell LLMNR/NBNS spoofer/man-in-the-middle tool.
Changelog Inveigh v1.3: Inveigh.ps1 – Merged Inveigh and Inveigh-Unprivileged. The new module will run the correct functions based on the detected privilege level or ElevatedPrivilege parameter...
View Article