Monkey365 – Tool For Security Consultants Microsoft 365
Monkey365 is an Open Source security tool that can be used to easily conduct not only Microsoft 365, but also Azure subscriptions and Azure Active Directory security configuration reviews without the significant overhead of learning tool APIs or complex admin panels from the start. To help with this effort, Monkey365 also provides several ways to identify security gaps in...
HSTP – Simple Hyper Service Transfer Protocol On Networks
HSTP protocol aims to develop a application layer abstraction for the Hyper Service Transfer Protocol. HSTP is a recursion as nature of HSTP. This protocol implements itself as a interface. On every internet connected device, there is a HSTP instance. That's why the adoption is not needed. HSTP already running top of the internet. We have just now achieved to...
EvilnoVNC – Ready To Go Phishing Platform
EvilnoVNC is a Ready to go Phishing Platform. Unlike other phishing techniques, EvilnoVNC allows 2FA bypassing by using a real browser over a noVNC connection. In addition, this tool allows us to see in real time all of the victim's actions, access to their downloaded files and the entire browser profile, including cookies, saved passwords, browsing history and much more. Requirements Docker...
AoratosWin : A Tool That Removes Traces Of Executed Applications On Windows OS
AoratosWin is a tool that removes traces of executed applications on Windows OS which can easily be listed with tools such as ExecutedProgramList by Nirsoft. Supported OS (Tested On) Windows 7 (x86, x64)Windows 8 (x86, x64)Windows 8.1 (x86, x64)Windows 10 (x86, x64)Windows 11 (x64) Minimum System Reqs: .NET Framework 4.0 Disclaimer Any actions and/or activities related to this tool is solely your responsibility. Click Here To...
Cloudfox – Automating Situational Awareness For Cloud Penetration Tests
CloudFox helps you gain situational awareness in unfamiliar cloud environments. It’s an open source command line tool created to help penetration testers and other offensive security professionals find exploitable attack paths in cloud infrastructure. CloudFox helps you answer the following common questions (and many more): What regions is this AWS account using and roughly how many resources are in the account?What...
Arsenal – Recon Tool Installer
Arsenal is a Simple shell script (Bash) used to install the most important tools and requirements for your environment and save time in installing all these tools. Tools in Arsenal NamedescriptionAmassThe OWASP Amass Project performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniquesffufA fast web fuzzer written in GodnsXFast and multi-purpose...
Erlik 2 : Vulnerable Flask App
Erlik 2 is a vulnerable Flask Web App. It is a lab environment created for people who want to improve themselves in the field of web penetration testing. Features It contains the following vulnerabilities. -HTML Injection-XSS-SSTI-SQL Injection-Information Disclosure-Command Injection-Brute Force-Deserialization-Broken Authentication-DOS-File Upload Installation git clone https://github.com/anil-yelken/Vulnerable-Flask-Appcd Vulnerable-Flask-Appsudo pip3 install -r requirements.txt Usage python3 vulnerable-flask-app.py Click Here To Download
Utkuici – Nessus Automation
Today, with the spread of information technology systems, investments in the field of cyber security have increased to a great extent. Vulnerability management, penetration tests and various analyzes are carried out to accurately determine how much our institutions can be affected by cyber threats. With Tenable Nessus, the industry leader in vulnerability management tools, an IP address that has...
Java-Remote-Class-Loader : Tool To Send Java Bytecode Victims To Load & Execute
Java-Remote-Class-Loader is a tool that allows you to send Java bytecode in the form of class files to your clients (or potential targets) to load and execute using Java ClassLoader together with Reflect API. The client receives the class file from the server and return the respective execution output. Payloads must be written in Java and compiled before starting...
Bayanay – Python Wardriving Tool
Bayanay is a Python Wardriving tool. WarDriving is the act of navigating, on foot or by car, to discover wireless networks in the surrounding area. Features Wardriving is done by combining the SSID information obtained with scapy using the HTML5 geolocation feature. Usage I cannot be held responsible for the malicious use of the vehicle. ssidBul.py has been tested via TP-LINK TL WN722N. Selenium 3.11.0...
