JS Snitch : Hidden Secrets In JavaScript Files
JS Snitch is a powerful command-line tool designed to scan remote JavaScript files for potential secrets or credentials. It leverages the capabilities of Trufflehog and Semgrep to automate the detection of leaked API keys, tokens, or other sensitive information hidden in external JavaScript files. This tool is particularly useful for penetration testers, bug bounty hunters, and security engineers seeking...
RunAs-Stealer : A Credential Stealing Tool
RunAs-Stealer is a sophisticated credential stealing tool that employs three distinct techniques to capture sensitive user information: Hooking CreateProcessWithLogonW, Smart Keylogging, and Remote Debugging. This tool operates stealthily in the background, requiring manual termination via Task Manager. Techniques Used Hooking CreateProcessWithLogonW: This method involves intercepting the CreateProcessWithLogonW function, which is used to create a new process with specific credentials. By hooking into...
IDOR Scanner : A Comprehensive Tool For Detecting Insecure Direct Object References
The IDOR Scanner is a powerful Burp Suite extension designed to identify potential Insecure Direct Object Reference (IDOR) vulnerabilities in web applications. Written in Python, it leverages both passive and active scanning techniques to detect and confirm IDOR issues. Key Features Detection of Numeric Fields: The extension scans various parts of HTTP requests and responses for numeric fields, including URL paths,...
SubCat v1.3.1 : A Comprehensive Subdomain Enumeration Tool
SubCat is a powerful and efficient tool designed for subdomain discovery, making it an indispensable asset for penetration testers, bug bounty hunters, and security researchers. Version 1.3.1 of SubCat continues to build on its predecessors by offering a robust set of features that enhance its performance and versatility. Key Features Of SubCat v1.3.1 Fast Enumeration: SubCat leverages high-performance resolution and wildcard...
Mininterface : Simplifying GUI, TUI, CLI, And Config File Management
Mininterface is a powerful Python library designed to simplify the creation of user interfaces for applications. It allows developers to easily integrate GUI, TUI, CLI, and config file management into their projects with minimal code overhead. This article explores the features and functionalities of Mininterface, highlighting its ease of use and versatility. Key Features GUI and TUI Support: Mininterface automatically generates...
NFCGate : A Comprehensive NFC Traffic Analysis Tool
NFCGate is an innovative Android application designed for capturing, analyzing, and modifying NFC traffic. Developed by students at the Secure Mobile Networking Lab at TU Darmstadt, it serves as a valuable tool for security researchers aiming to reverse-engineer protocols or assess their security against traffic modifications. This article delves into the features, usage, and requirements of NFCGate. Features On-device Capture: NFCGate...
ShellOpsLog : A Lightweight Command Logger
ShellOpsLog is a versatile tool designed to capture and log all executed commands during various operations, such as red and purple team engagements. It provides a lightweight solution for tracking command history without recording their output. The logged commands are saved in a CSV file, making it easy to analyze and include in client deliverables or internal reviews. Key Features Portability:...
Burp-Rxss-scan-TG : Enhancing XSS Scanning With Burp Suite Extensions
Burp Suite is a powerful tool for web application security testing, widely used by professionals to identify vulnerabilities such as cross-site scripting (XSS). The Burp-Rxss-scan-TG extension is designed to enhance the scanning capabilities of Burp Suite for XSS vulnerabilities by leveraging custom payloads stored in a file named xss.txt. Functionality Of Burp-Rxss-scan-TG Custom Payload Management: Users can create a file named xss.txt...
GPT Crawler : A Tool For Custom GPT Creation
The GPT Crawler is a powerful tool designed to crawl websites and generate knowledge files that can be used to create custom GPT models from one or multiple URLs. This project, developed by Builder.io, allows users to easily build their own custom GPTs or assistants by leveraging web content. Key Features Of GPT Crawler Crawling Functionality: The tool crawls specified URLs...
CPUMicrocodes : A Gateway To Advanced CPU Microcode Management And Optimization
CPUMicrocodes is a comprehensive repository of microcodes for Intel, AMD, VIA, and Freescale CPUs. Microcode is a low-level firmware that translates machine code instructions into hardware-specific operations, playing a crucial role in CPU functionality, performance, and compatibility. The CPUMicrocodes repository is essential for upgrading, research, and development purposes, providing access to the latest production microcodes from official sources. Features Of...
