Home Search
vulnerable - search results
If you're not happy with the results, please do another search
STEWS : A Security Tool For Enumerating Web Sockets
STEWS is a tool suite for security testing of Web Sockets
This research was first presented at OWASP Global AppSec US 2021
Features
STEWS provides the ability to:
Discover:...
DLLHijackingScanner : This Is A PoC For Bypassing UAC Using DLL Hijacking And Abusing...
DLLHijackingScanner is a PoC for bypassing UAC using DLL hijacking and abusing the "Trusted Directories" verification.
Generate Header from CSV
The python script CsvToHeader.py can be used to generate a header file....
Kerberoast : Kerberoast Attack -Pure Python-
Kerberoast attack toolkit -pure python
Install
pip3 install kerberoast
Prerequirements
Python 3.6 See requirements.txt
For the impatient
IMPORTANT: the accepted target url formats for LDAP and Kerberos are the following<ldap_connection_url> : <protocol>+<auth-type>://<domain><user>:<password>@<ip_or_hostname>/?<param1>=<value1><kerberos_connection_url>: <protocol>+<auth-type>://<domain><user>:<password>@<ip_or_hostname>/?<param1>=<value1>
Steps...
ELFXtract : An Automated Analysis Tool Used For Enumerating ELF Binaries
ELFXtract is an automated analysis tool used for enumerating ELF binaries
Powered by Radare2 and r2ghidra
This is specially developed for PWN challenges and it has many automated features
It almost...
Cumulus : Web Application Weakness Monitoring, It Would Be Working By Add Just 3...
Cumulus is a service that helps you monitor and fix security weakness in realtime. The issues will be reported on web dashboard. It's very...
Koppeling : Adaptive DLL Hijacking / Dynamic Export Forwarding
Koppeling is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking" blog post. I recommend you...
ELFXtract : An Automated Analysis Tool Used For Enumerating ELF Binaries
ELFXtract is an automated analysis tool used for enumerating ELF binaries. Powered by Radare2 and r2ghidra
This is specially developed for PWN challenges and it...
Certipy : Python Implementation For Active Directory Certificate Abuse
Certipy is a Python tool to enumerate and abuse misconfigurations in Active Directory Certificate Services (AD CS).
Based on the C# variant Certify from @harmj0y and @tifkin_.
Installation
$ python3 setup.py install
Usage
$...
ADLab : Custom PowerShell Module To Setup An Active Directory Lab Environment To Practice...
ADLab, the purpose of this module is to automate the deployment of an Active Directory lab for practicing internal penetration testing.
Credits to Joe Helle and his PowerShell...
Vimana : An Experimental Security Framework That Aims To Provide Resources For Auditing Python...
Vimana is a modular security framework designed to audit Python web applications.
Framework Structure
The base of the Vimana is composed of crawlers focused on frameworks...