Thursday, May 23, 2019

Information Gathering

IG Tools

Information Gathering

Home Information Gathering
IG Tools
passive_discovery6

Discover IPv6 Network Range & Hosts from an IPv6 Enabled Network Using passive_discovery6

Passive_discovery6 passively sniffs the network and dump all client's IPv6 addresses detected. Passive_discovery6 simply sniffs for the neighbor-advertisement packet in...
lbd

lbd – Tool to Detect Whether a Domain has Load Balancing Enabled

Load balancing(lbd) is the technique used in different services for balancing the load across different servers or NICs. It can...
Arping

Arping – To Discover Hosts on a Computer Network

Arping is a computer software tool that is used to discover hosts on a computer network. The program tests whether...
WAFW00F

Reconnaissance, Identification & Fingerprinting of Web Application Firewall using WAFW00F

Web Application firewalls are typically firewalls working on the application layer which monitors & modifies HTTP requests. The key difference...
Masscan

How to use Masscan to Enumerate Large Number of Hosts Quickly

Masscan has been around for some time now and already it's in use by pentesters all around. It's a reconnaissance tool which can...
Unicornscan

Unicornscan – Network Scanning Tool to Find the Open Ports

Unicornscan is an asynchronous network stimulus delivery/response recording tool. Meaning it sends out broken/unorganized/fragmented packets (without a regular pattern unlike...
Dnsenum

Dnsenum – Tool for DNS enumeration to find DNS Servers

Dnsenum is a tool for DNS enumeration, which is the process of locating all DNS servers and DNS entries for an organization. DNS...
Fragroute

Fragroute – A Network Packet Fragmentation & Firewall Testing Tool

Fragroute intercepts,  modifies and rewrites egress traffic destined for the specified host. Simply frag route fragments packets originating from our(attacker)...
netdiscover

Netdiscover – Live Host Identification

Netdiscover - simple ARP Scanner to scan for live hosts in a network Netdiscover is a simple ARP scanner which can...

Must Need

Hostintel

Hostintel : A Modular Python App to Collect Intelligence for Malicious...

Hostintel is used to collect various intelligence sources for hosts. Hostintel is written in a modular fashion so new intelligence sources can...
ByPass

WAF ByPass : Firewall Bypass Script Based On DNS History Records

Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if...
Ridrelay

RidRelay – Easy Way To Get Domain Usernames While On An...

Quick and easy way to get domain usernames while on an internal network. RidRelay combines the SMB Relay attack, common lsarpc based queries and...
Subscraper

Subscraper – Tool That Performs Subdomain Enumeration Through Various Techniques

SubScraper uses DNS brute force, Google & Bing scraping, and Virus Total to enumerate subdomains without an API. Written in Python3, SubScraper performs HTTP(S)...
IP-Biter

IP-Biter : The Hacker-friendly E-Mail Tracking Framework

IP-Biter is an open source, easy to deploy, tracking framework that generate high configurable and unique tracking images and links to embed in e-mails,...
Bolt

Bolt : Cross-Site Request Forgery Scanner

Bolt is in beta phase of development which means there can be bugs. Any production use of this tool discouraged. Pull requests...
Remote-Desktop-Caching

Remote-Desktop-Caching : Recover Old RDP (MSTSC) Session Information In The Form...

Remote-Desktop-Caching tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team...