Erlik : Vulnerable Soap Service
Erlik is a vulnerable SOAP web service. It is a lab environment created for people who want to improve themselves in the field of web penetration testing. Features It contains the following vulnerabilities. -LFI -SQL Injection -Informaion Disclosure -Command Inejction -Brute Force -Deserialization Installation git clone https://github.com/anil-yelken/Vulnerable-Soap-Service cd Vulnerable-Soap-Service sudo pip3 install requirements.txt Usage sudo python3 vulnerable_soap.py Exploiting Vulnerabilities SQL Injection Code:https://github.com/anil-yelken/Vulnerable-Soap-Service/blob/main/sqli.py Download
Masky : Python Library With CLI Allowing To Remotely Dump Domain User Credentials Via An ADCS
Masky is a python library providing an alternative way to remotely dump domain users' credentials thanks to an ADCS. A command line tool has been built on top of this library in order to easily gather PFX, NT hashes and TGT on a larger scope. This tool does not exploit any new vulnerability and does not work by dumping the...
Awesome-Password-Cracking :A Curated List Of Awesome Tools, Research, Papers And Other Projects
.png "Awesome-Password-Cracking :A Curated List Of Awesome Tools, Research, Papers And Other Projects")
Awesome-Password-Cracking is a curated list of awesome tools, research, papers and other projects related to password cracking and password security. Read the guidelines before contributing! In short: List is alphabetically sortedIf in doubt, use awesome-lintIf you think an item shouldn't be here open an issue Books Hash Crack: Password Cracking Manual (v3) - Password Cracking Manual v3 is an expanded reference guide for password recovery (cracking) methods, tools,...
Autodeauth : A Tool Built To Automatically Deauth Local Networks
.png "Autodeauth : A Tool Built To Automatically Deauth Local Networks")
Autodeauth is a tool built to automatically deauth local networks Tested on Raspberry Pi OS and Kali Linux Setup $ chmod +x setup.sh$ sudo ./setup.sh This can be changed by editing /etc/systemd/system/autodeauth.service Enter your WiFi interface to use with the autodeauth service: wlan0 Installed!, you can use sudo autodeauth -h to see available options. Use sudo systemctl start autodeauth...
Toxssin : An XSS Exploitation Command-Line Interface And Payload Generator
.png "Toxssin : An XSS Exploitation Command-Line Interface And Payload Generator")
Toxssin is an open-source penetration testing tool that automates the process of exploiting Cross-Site Scripting (XSS) vulnerabilities. It consists of an https server that works as an interpreter for the traffic generated by the malicious JavaScript payload that powers this tool (toxin.js). This project started as (and still is) a research-based creative endeavor to explore the exploitability depth that an...
Rekono : Execute Full Pentesting Processes Combining Multiple Hacking Tools Automatically
.png "Rekono : Execute Full Pentesting Processes Combining Multiple Hacking Tools Automatically"){kind=logo}
Rekono combines other hacking tools and its results to execute complete pentesting processes against a target in an automated way. The findings obtained during the executions will be sent to the user via email or Telegram notifications and also can be imported in Defect-Dojo if an advanced vulnerability management is needed. Moreover, Rekono includes a Telegram bot that can be used to...
ReconPal : Leveraging NLP For Infosec
.png "ReconPal : Leveraging NLP For Infosec")
Recon is one of the most important phases that seem easy but takes a lot of effort and skill to do right. One needs to know about the right tools, correct queries/syntax, run those queries, correlate the information, and sanitize the output. All of this might be easy for a seasoned infosec/recon professional to do, but for rest, it...
Top IP Management Softwares in 2022
Businesses have been getting more and more digitalized. This is great, but rapid digitization has made it difficult for businesses to track, manage, and retain big databases of devices and networks. Especially small businesses still struggle with a lack of accessible and trustworthy IP address management technology. There have been great developments in that area lately and we now have...
Pros & Cons Of Incorporating Cybersecurity Into SEO Strategy
As the internet continues to grow, so does the threat of cybercrime. We all know that the internet is full of sensitive information and a lot of people are getting hacked and identities were stolen. In order to protect yourself, it’s important to optimize your website for search engines, which also includes incorporating SEO security. There are some benefits...
System Informer : A Free, Powerful, Multi-Purpose Tool That Helps You Monitor System Resources, Debug Software And Detect Malware
.png "System Informer : A Free, Powerful, Multi-Purpose Tool That Helps You Monitor System Resources, Debug Software And Detect Malware")
System Informer, A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. System requirements Windows 7 or higher, 32-bit or 64-bit. Features A detailed overview of system activity with highlighting.Graphs and statistics allow you quickly to track down resource hogs and runaway processes.Can't edit or delete a file?...
