Thursday, January 23, 2020

Information Gathering

IG Tools

Information Gathering

Home Information Gathering
IG Tools
WAFW00F

Reconnaissance, Identification & Fingerprinting of Web Application Firewall using WAFW00F

Web Application firewalls are typically firewalls working on the application layer which monitors & modifies HTTP requests. The key difference...
Unicornscan

Unicornscan – Network Scanning Tool to Find the Open Ports

Unicornscan is an asynchronous network stimulus delivery/response recording tool. Meaning it sends out broken/unorganized/fragmented packets (without a regular pattern unlike...
Arping

Arping – To Discover Hosts on a Computer Network

Arping is a computer software tool that is used to discover hosts on a computer network. The program tests whether...
passive_discovery6

Discover IPv6 Network Range & Hosts from an IPv6 Enabled Network Using passive_discovery6

Passive_discovery6 passively sniffs the network and dump all client's IPv6 addresses detected. Passive_discovery6 simply sniffs for the neighbor-advertisement packet in...
Masscan

How to use Masscan to Enumerate Large Number of Hosts Quickly

Masscan has been around for some time now and already it's in use by pentesters all around. It's a reconnaissance tool which can...
Fragroute

Fragroute – A Network Packet Fragmentation & Firewall Testing Tool

Fragroute intercepts,  modifies and rewrites egress traffic destined for the specified host. Simply frag route fragments packets originating from our(attacker)...
Dnsenum

Dnsenum – Tool for DNS enumeration to find DNS Servers

Dnsenum is a tool for DNS enumeration, which is the process of locating all DNS servers and DNS entries for an organization. DNS...
IT and Tech Challenges

The Top IT and Tech Challenges for Businesses in 2019

Companies, whether small, large, or enterprise-level organizations face their fair share of challenges at any given time. Currently,...
lbd

lbd – Tool to Detect Whether a Domain has Load Balancing Enabled

Load balancing(lbd) is the technique used in different services for balancing the load across different servers or NICs. It can...
netdiscover

Netdiscover – Live Host Identification

Netdiscover - simple ARP Scanner to scan for live hosts in a network Netdiscover is a simple ARP scanner which can...

Must Need

FreeVulnSearch

FreeVulnSearch : Script to Query Vulnerabilities via the cve-search.org API

This NMAP NSE script is part of the Free OCSAF project FreeVulnSearch. In conjunction with the...
Novahot

Novahot – A Webshell Framework For Penetration Testers

Novahot is a webshell framework for penetration testers. It implements a JSON-based API that can communicate with trojans written in any language....
Spraykatz : Credentials Gathering Tool Automating Remote Procdump & Parse Of Lsass Process

Spraykatz : Credentials Gathering Tool Automating Remote Procdump & Parse Of...

Spraykatz is a tool without any pretention able to retrieve credentials on Windows machines and large Active Directory environments.
Pompem

Pompem : Tool For Exploits & Vulnerability in Database

Pompem is an open source tool, designed to automate the search for Exploits and Vulnerability in the most important databases....

Burp Extensions – Burp Suite Extensions For The New Burp Suite...

Burp Extensions collection of extensions for the new Burp Suite API (v1.5+) using Submodules for easy collection and updating. If you want to add...
Thc Hydra : Tool To Gain Unauthorised Access From Remote To A System

Thc Hydra : Tool To Gain Unauthorised Access From Remote To...

Number one of the biggest security holes are passwords, as every password security study shows. Thc Hydra is a proof of concept...
SeccuBus : Easy Automated Vulnerability Scanning, Reporting & Analysis

SeccuBus : Easy Automated Vulnerability Scanning, Reporting & Analysis

Seccubus automates regular vulnerability scans with various tools and aids security people in the fast analysis of its output, both on the...