Search results

Evolution: It is quite a fuss for a pentester to perform binge-tool-scanning (running security scanning tools one after the other) sans automation. Unless you are a pro at automating stuff, it is a herculean task to perform binge-scan for each and every engagement. The ultimate goal of this...

Log into account and add your bank account to the account add phone number create new email smiler to the name of the account an simple do transfer into your account nextday FOOD IS READY i meant Money is Ready

Salsa Tools is a collection of three different tools that combined, allows you to get a reverse shell on steroids in any Windowsenvironment without even needing PowerShell for it's execution. In order to avoid the latest detection techniques (AMSI), most of the components were initially written...

ProShow version 9.0.3797 suffers from a local privilege escalation vulnerability. MD5 | 42b3988cfa22cf6463fa6636034919af Download arch.close() print informacion print "\nCreated File size " + str(len(todo))

iOS Debugging Tool Shake to hide or show the black bubble. (support both device and simulator) Long press the black bubble to show UIDebuggingInformationOverlay. (Apple's Private API, support iOS 10/11/12) Application memory usage and FPS. List all print() and NSLog() messages which have been...

This list is collected specially to perform the instore carding. The following code are the essential when you want o card POS or using dumps to cashout. A handy list of code for you to refer: 00 Approved authorization/transaction 01 Call 02 Refer card to issuer 03 Invalid division code 04...

Seccubus automates regular vulnerability scans with various tools and aids security people in the fast analysis of its output, both on the first scan and on repeated scans. On repeated scan delta reporting ensures that findings only need to be judged when they first appear in the scan results or...

FUD Win32 payload generator and listener Features FUD : Fully Undetectable No Need configure port forwarding, or install others programs, using only ssh and serveo.net. Usage: Install requirements (mingw-w64):

Seth is a tool written in Python and Bash to MitM RDP connections by attempting to downgrade the connection in order to extract clear text credentials. It was developed to raise awareness and educate about the importance of properly configured RDP connections in the context of pentests...

Konan is an advanced open source tool designed to brute force directories and files names on web/application servers. Installation Download Konan by cloning the Git repository: Install requirements with pip Run Konan Support Platforms Linux Windows MacOSX

Seth is a tool written in Python and Bash to MitM RDP connections by attempting to downgrade the connection in order to extract clear text credentials. It was developed to raise awareness and educate about the importance of properly configured RDP connections in the context of pentests...

BackBox Linux is a penetration testing and security assessment oriented Linux distribution providing a network and systems analysis toolkit. It includes some of the most commonly known/used security and analysis tools, aiming for a wide spread of goals, ranging from web application analysis to...

Information gathering & website reconnaissance Tips: Colorex: put colors to the ouput pip install colorex and use it like ./extractor http://www.hackthissite.org/| colorex -g "INFO" -r "ALERT" Tldextract: is used by dnsenumeration function pip install tldextract Features: IP and hosting info...

Encrypt/Encode your Javascript payloads/code. (Windows Scripting) This tool is meant to encode and encrypt your javascript code. Features Number Calculating ASCII codes Caeser-Encryption Hex Encoding Octal encoding Binary Encrypt Random Octal Quotes Add trash to code Url Encode current Extras...

Sliver is a general purpose cross-platform implant framework that supports C2 over Mutual-TLS, HTTP(S), and DNS. Implants are dynamically compiled with unique X.509 certificates signed by a per-instance certificate authority generated when you first run the binary. The server, client, and...

Simplify virtually executes an app to understand its behavior and then tries to optimize the code so that it behaves identically but is easier for a human to understand. Each optimization type is simple and generic, so it doesn't matter what the specific type of obfuscation is used. Before and...

BoomER is an open source framework, developed in Python. The tool is focused on post-exploitation, with a main objective, the detection and exploitation of local vulnerabilities, as well as the collection of information from a system, such as the installed applications they have. The framework...

This tool utilizes various linux network tools and bash scripting to assist blue teams on defending debian and ubuntu based servers from malicious attackers. Scan/Ban shows connected IPs, scans IP addresses for open ports using nmap and whois search to gather reconnaissance on connected IPs...

WhatBreach is a tool to search for breached emails and their corresponding database. It takes either a single email or a list of emails and searches them leveraging haveibeenpwned.com's API, from there (if there are any breaches) it will search for the query link on Dehashed pertaining to the...

Linux post exploitation framework designed to assist red teams in gaining persistence, reconnaissance and leaving no trace. Payloads Function to generate various encoded reverse shells in netcat, bash, python, php, ruby, perl Crontab Function to create cron job that downloads and runs payload...