Search results

Cutter is a free and open-source GUI for radare2 reverse engineering framework. Its goal is making an advanced, customizable and FOSS reverse-engineering platform while keeping the user experience at mind. Cutter is created by reverse engineers for reverse engineers. Downloading a release...

OKadminFinder is an Apache2 Licensed utility, rewritten in Python 3.x, for admins/pentesters who want to find admin panel of a website. There are many other tools but not as effective and secure. Yeah, Okadminfinder has the the ability to use tor and hide your identity. Requirements Linux...

This tool for brute discover GET and POST parameters. Installation With Docker Install Docker If you are lazy Install Python3 Download ParamPamPam

After 3 months of heavy development Parrot 4.6 is officially released. How to update Update your existing Parrot system with the following command: System Changes (Appearance) The desktop-base and parrot-wallpapers also received some love and are updated to reflect such changes including the...

ScanQLi is a simple SQL injection scanner with somes additionals features. This tool can't exploit the SQLi, it just detect them. Tested on Debian 9 Features Classic Blind Time based GBK (soon) Recursive scan (follow all hrefs of the scanned web site) Cookies integration Adjustable wait delay...

Command line obfuscation has been proved to be a non-negligible factor in fileless malware or malicious actors that are "living off the land". To bypass signature-based detection, dedicated obfuscation techniques are shown to be used by red-team penetrations and even APT activities. Meanwhile...

Bashter is a tool for scanning a Web-based Application. Bashter is very suitable for doing Bug Bounty or Penentration Testing. It is designed like a framework so you can easily add a script for detect vulnerability. For Example You can add something script like this: For the sample, you can...

By default any user in Active Directory can enumerate all DNS records in the Domain or Forest DNS zones, similar to a zone transfer. This tool enablesenumeration and exporting of all DNS records in the zone for recon purposes of internal networks. For more info, read the associated blog post...

This tools is continued from Nefix, DirsPy and Xmasspy project. Installation Will work fine in the debian shade operating system, like Backbox, Ubuntu or Kali linux. Features Extract mikrotik credential (user.dat) Password generator Reverse IP lookup Mac address sniffer Online md5 cracker...

Vulmap is an open source online local vulnerability scanner project. It consists of online local vulnerability scanning programs for Windows and Linux operating systems. These scripts can be used for defensive and offensive purposes. It is possible to make vulnerability assessments using these...

A tool to quickly bruteforce and enumerate valid Active Directory accounts through Kerberos Pre-Authentication Grab the latest binaries from the releases page to get started. Background This tool grew out of some bash scripts I wrote a few years ago to perform bruteforcing using the Heimdal...

Cryptors, a cyber security company, invented a mobile app called HACKUNA (Anti-Hack) that can block and detect these WiFi hackers. The exciting part here is, you can also track the hackers within the area. It will give you all the details you need to find the hacker within the area or to report...

Introduction The LEAP (Lightweight Extensible Authentication Protocol) is a communications protocol that was developed by Cisco for use in point-to-point connections and wireless networks. However, its security flaws became obvious and people quickly came to prefer alternatives. In this...

The Kostebek is a reconnaissance tool which uses firms' trademark information to discover their domains. Installation Tested on Kali Linux 2018.2, Ubuntu 16.04 Download latest version of Chrome https://www.google.com/chrome/browser/desktop/ dpkg -i google-chrome-stable_current_amd64.deb...

Cangibrina is a Python-based multi platform admin dashboard finder tool which aims to obtain the location of website dashboards by using brute-force, wordlists, Google, Nmap and robots.txt. It is multi-threaded, supports modifying your user agent, using a TOR proxy, custom dorks, Nmap...

Description BLACKEYE is an upgrade from original ShellPhish Tool (https://github.com/thelinuxchoice/shellphish) by thelinuxchoice under GNU LICENSE. It is the most complete Phishing Tool, with 32 templates +1 customizable. WARNING: IT ONLY WORKS ON LAN! This tool was made for educational...

This exploit takes advantage of a use after free vulnerability in Google Chrome 72.0.3626.119 running on Windows 7 x86. The FileReader.readAsArrayBuffer function can return multiple references to the same ArrayBuffer object, which can be freed and overwritten with sprayed objects. The dangling...

Credmap is an open source credential mapper tool that was created to bring awareness to the dangers of credential reuse. It is capable of testing supplied user credentials on several known websites to test if the password has been reused on any of these. It is not uncommon for people who...

BruteDum is a SSH, FTP, Telnet, PostgreSQL, RDP, VNC brute forcing tool with Hydra, Medusa and Ncrack. BruteDum can work with aany Linux distros if they have Python 3. Features of BruteDum SSH, FTP, Telnet, PostgreSQL, RDP, VNC with Hydra (recommended) SSH, FTP, Telnet, PostgreSQL, RDP, VNC...