Search results

Number one of the biggest security holes are passwords, as every password security study shows. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system. There are already...

first of all, you need them IP Address IP Address: Generate a Link which you send to your victim. If he clicks it, his IP will be sent to your email inbox. http://getthierip.com http://whatstheirip.com http://IPlogger.com - then, open up notepad and write this commands: ok after get him IP...

Powerfull Simple XSS Scanner made with python 3.7 Installing Requirements: BeautifulSoup4 pip install bs4 requests pip install requests python 3.7 Commands: Usage Basic usage: Advanced usage see help: Roadmap v0.3B: Added custom options ( Such --proxy, --user-agent etc... ) First...

This release brings the kernel up to version 4.19.28, fixes numerous bugs, includes many updated packages, and most excitingly, features a new release of Kali Linux NetHunter! Kali NetHunter 2019.2 Release NetHunter now supports over 50 devices running all the latest Android versions, from...

Graffiti is a tool to generate obfuscated oneliners to aid in penetration testing situations. Graffiti accepts the following languages for encoding: Python Perl Batch Powershell PHP Bash Graffiti will also accept a language that is not currently on the list and store the oneliner into a...

CrossLinked simplifies the processes of searching LinkedIn to collect valid employee names when performing password spraying or another security testing against an organization. Using similar search engine scraping capabilities found in tools like subscraper and pymeta, CrossLinked will find...

Vulnx is a cms and vulnerabilites detection, an intelligent auto shell injector, fast cms detection of target and fast scanner and informations gathering like subdomains, ipaddresses, country, org, timezone, region, ans and more... Instead of injecting shell and checking it works like all the...

HiddenWall is a Linux kernel module generator for custom rules with netfilter. (block ports, Hidden mode, rootkit functions etc). The motivation: on bad situation, attacker can put your iptables/ufw to fall... but if you have HiddenWall, the attacker will not find the hidden kernel module that...

sshd-poison is a tool to get creds of pam based sshd authentication, this is not the easiest way to do that (you can create a pam module, or just add auth optional pam_exec.so quiet expose_authtok /bin/bash -c {read,-r,x};{echo,-e,"`env`\n$x"}>>somefile in a service configuration), not even the...

Functions Of CMSeek: Basic CMS Detection of over 170 CMS Drupal version detection Advanced Wordpress Scans Detects Version User Enumeration Plugins Enumeration Theme Enumeration Detects Users (3 Detection Methods) Looks for Version Vulnerabilities and much more! Advanced Joomla Scans Version...

A threaded, recursive, web directory brute-force scanner over HTTP/2 using hyper, inspired by Gobuster. Features Fast and portable - install hyper and run. Multiconnection scanning. Multithreaded connections. Scalable: scans can be as docile or aggressive as you configure them to be. h2 and...

Kubolt is a simple utility for scanning public unauthinticated kubernetes clusters and run commands inside containers. Why? Sometimes, the kubelet port 10250 is open to unauthorized access and makes it possible to run commands inside the containersusing getrun function from kubelet: How? Okay...

A fuzzer for any GET entries. Features Multi-threading on demand Fuzzing, bruteforcing GET params Find admin panels Colored output Hide results by return code, word numbers Proxy support Big wordlist Colored Usages Install Download Brutality

New Way To Relive Some Zinio File In order to be able to read the mags, you have to be connected to the internet when you open them for the first time. It creates an .xml file in a folder called "ContentGuard", located in "C:\Documents and Settings\User\Application Data\ContentGuard". (User is...

A static code analysis for WordPress Plugins/Themes (and PHP) Installation Simply clone the repository, install requirements and run the script Usage Available options: Creating modules Creating a module is flexible and allows for override of the BaseClass methods for each module as well as...

Using open Adb ports we can exploit a device you can find open ports here https://www.shodan.io/search?query=android+debug+bridge+product%3A”Android+Debug+Bridge” I will soon make a tutorial on how to use PhoneSploit Install

The OWASP Amass tool suite obtains subdomain names by scraping data sources, recursive brute forcing, crawling web archives, permuting/altering names and reverse DNS sweeping. Additionally, Amass uses the IP addresses obtained during resolution to discover associated netblocks and ASNs. All the...

Find usernames in social networks. Installation Install dependencies (Debian/Ubuntu): Install with pip3: Building from Source Clone this repository, and: Update To update this tool to the latest version, run: Usage Start by printing the available actions by running userrecon-py --help...

The OWASP Amass tool suite obtains subdomain names by scraping data sources, recursive brute forcing, crawling web archives, permuting/altering names and reverse DNS sweeping. Additionally, Amass uses the IP addresses obtained during resolution to discover associated netblocks and ASNs. All the...