Search results

A fast and flexible NTLM reconnaissance tool without external dependencies. Useful to find out information about NTLM endpoints when working with a large set of potential IP addresses and domains. NTLMRecon is built with flexibilty in mind. Need to run recon on a single URL, an IP address, an...

This tool responds to SSDP multicast discover requests, posing as a generic UPNP device. Your spoofed device will magically appear in Windows Explorer on machines in your local network. Users who are tempted to open the device are shown a configurable phishing page. This page can load a hidden...

This is an SSRF testing sheriff written in Go. It was originally created for the Uber H1-4420 2019 London Live Hacking Event, but it is now being open-sourced for other organizations to implement and contribute back to. Features Repsond to any HTTP method (GET, POST, PUT, DELETE, etc.)...

RedRabbit is a PowerShell script aimed at helping pentesters conduct ethical hacking. To Run: You can either run locally by downloading the script or run remotely using: Help Option info and help can be found here: https://securethelogs.com/redrabbit-ps1/

Sifter is a osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the 'blue' vulnerabilities within microsft and if unpatched, exploit...

Pentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities. How to install PTF(Pentest Tools Framework)

Zelos (Zeropoint Emulated Lightweight Operating System) is a python-based binary emulation platform. One use of zelos is to quickly assess the dynamic behavior of binaries via command-line or python scripts. All syscalls are emulated to isolate the target binary. Linux x86_64 (32- and 64-bit)...

Hacking is the process of gaining unauthorized access into a computer system, or group of computer systems. This is done through cracking of passwords and codes which gives access to the systems. Cracking is the term which specifies the method by which the password or code is obtained. The...

Pickl3 is Windows active user credential phishing tool. You can execute the Pickl3 and phish the target user credential. perational Usage - 1 Nowadays, since the operating system of many end users is Windows 10, we cannot easily steal account information with Mimikatz-like projects like the old...

Obfuscapk is a modular Python tool for obfuscating Android apps without needing their source code, since apktool is used to decompile the original apk file and to build a new application, after applying some obfuscation techniques on the decompiled smali code, resources and manifest. The...

shuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support. Features Simple and modular code base making it easy to contribute. Fast And Simple...

AWSGen.py is a simple tool for generates permutations, alterations and mutations of AWS S3 Buckets Names.

Mimikatz implementation in pure Python. At least a part of it attachFull541 Runs on all OS's which support python>=3.6 WIKI Since version 0.1.1 the command line changed a little. Worry not, I have an awesome WIKI for you. Installing Install it via pip or by cloning it from github. The installer...

This Metasploit module takes advantage of a command injection vulnerability in the path parameter of the ajax archive file functionality within the rConfig web interface in order to execute the payload. Valid credentials for a user with administrative privileges are required . However, this...

SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls. All core syscalls are supported from Windows XP to 10. Example generated files available in example-output/. Introduction Various security products place hooks in user-mode APIs which...

Lesser Known Web Attack Lab is for intermediate pentester that can test and practice lesser known web attacks such as Object Injection, XSSI, PHAR Deserialization, variables variable ..etc. Write-ups are welcome. Installation Just clone the git with git clone https://github.com/weev3/LKWA and...

Free FUD Crypter Collection Free FUD Crypter Collection Free FUD Crypter Collection Modern Crypter Source http://lobatandawgs.com/crypter/21-moder...ource.html http://shanghaiblackgoons.com/24-modern-...ource.html Fuzion Crypter v2 http://shanghaiblackgoons.com/23-fuzion-crypter-v2.html...

900+ | NordVPN | Accounts Work + Freshly Checked https://throwbin.io/WXockUx https://pastebin.com/LXaGA5Ke

400+ Nord VPN Accounts https://throwbin.io/ifOIyOE https://pastebin.com/E0PkMrQi

Best PHP Shell script wso shell 2.5.1 http://shanghaiblackgoons.com/34-wso-shell-251.html http://lobatandawgs.com/shell-script/31-...l-251.html Symlink Sa 3.0 http://shanghaiblackgoons.com/33-symlink-sa-30.html http://lobatandawgs.com/shell-script/30-...sa-30.html Dhanush Shell...