Tornado : Anonymously Reverse Shell Over Tor Network Using Hidden Services Without Port forwarding
.png "Tornado : Anonymously Reverse Shell Over Tor Network Using Hidden Services Without Port forwarding")
Tornado is implements tor network with metasploit-framework tool and msfvenom module, you can easily create hidden services for your localhost .onion domain without portforwarding. If you have experience different remote administration tools, probably you know you need forward port with virtual private network or ngrok but in this sense with tornado, the tor network offers the possibility of making...
Reposaur : The Open Source Compliance Tool For Development Platforms
.png "Reposaur : The Open Source Compliance Tool For Development Platforms")
Reposaur is the open source compliance tool for development platforms. Audit, verify and report on your data and configurations easily with pre-defined and/or custom policies.Supports GitHub. GitLab, BitBucket and Gitea support soon. Features Custom policies using the Rego policy language (learn more)A simple, composable and easy-to-use CLI (learn more)Extendable using a straightforward SDK (written in Go)Reports follow the standard SARIF format, enabling easy integrations...
Findwall : Check If Your Provider Is Blocking You
FindWall is Python script that allows to understand if your network provider is limiting your access to the Internet by blocking any TCP/UDP port. In order to perform this check FindWall needs to connect a public VPS of your property. FindWall performs the following actions: Connects to the VPS via SSHOpens a port in listening modeTries to connect to that...
Frelatage : The Python Fuzzer That The World Deserves
Frelatage is a coverage-based Python fuzzing library which can be used to fuzz python code. The development of Frelatage was inspired by various other fuzzers, including AFL/AFL++, Atheris and PythonFuzz. The main purpose of the project is to take advantage of the best features of these fuzzers and gather them together into a new tool in order to efficiently fuzz python applications. Requirements Python 3 Installation Install...
Fb_Friend_List_Scraper : OSINT Tool To Scrape Names And Usernames From Large Friend Lists
.png "Fb_Friend_List_Scraper : OSINT Tool To Scrape Names And Usernames From Large Friend Lists")
Fb_Friend_List_Scraper is a OSINT tool to scrape names and usernames from large friend lists on Facebook, without being rate limited. Getting started Install using pip: python -m pip install fb-friend-list-scraperScript is now installed as fbfriendlistscraperRun with -h or --help to show usage information. Usage usage: fbfriendlistscraper -e EMAIL -u USERNAME Tool to scrape names and usernames from large friend lists on...
Zphisher-GUI-Back_office : A Zphisher GUI Back-Office Plugin
%20(1).png "Zphisher-GUI-Back_office : A Zphisher GUI Back-Office Plugin")
Zphisher-GUI-Back_office is a plugin where you can see in real time the victims of your phishing campaign, you just have to change the Zphisher files for these. Easy! This tool creates a graphical back office for the zphish tool (although it is not 100% necessary to use this tool, you can use these files by hosting it on a...
Tetanus : Mythic C2 Agent Targeting Linux And Windows Hosts Written In Rust
Tetanus is a Windows and Linux C2 agent written in rust. Installation To install Tetanus, you will need Mythic set up on a machine. In the Mythic root directory, use mythic-cli to install the agent. sudo ./mythic-cli install github https://github.com/MythicAgents/tetanussudo ./mythic-cli payload start tetanus Tetanus supports the http C2 profile: sudo ./mythic-cli install github https://github.com/MythicC2Profiles/httpsudo ./mythic-cli c2 start http Features Background job managementBuilt-in ssh clientConnect to a machine and download/upload files...
Octopus : Open Source Pre-Operation C2 Server Based On Python And Powershell
.png "Octopus : Open Source Pre-Operation C2 Server Based On Python And Powershell")
Octopus is an open source, pre-operation C2 server based on python which can control an Octopus powershell agent through HTTP/S. The main purpose of creating Octopus is for use before any red team operation, where rather than starting the engagement with your full operational arsenal and infrastructure, you can use Octopus first to attack the target and gather information before...
Xepor : Web Routing Framework For Reverse Engineers And Security Researchers
.png "Xepor : Web Routing Framework For Reverse Engineers And Security Researchers")
Xepor (pronounced /ˈzɛfə/, zephyr), a web routing framework for reverse engineers and security researchers. It provides a Flask-like API for hackers to intercept and modify HTTP request and/or HTTP response in a human-friendly coding style. This project is meant to be used with mitmproxy. User write scripts with xepor, and run the script inside mitmproxy with mitmproxy -s your-script.py. If you want to step from PoC to production,...
C2concealer : Command Line Tool That Generates Randomized C2 Malleable Profiles For Use In Cobalt Strike
C2concealer is a command line tool that generates randomized C2 malleable profiles for use in Cobalt Strike. Installation chmod u+x install.sh./install.sh Building Docker Image docker build -t C2concealer . Running with Docker docker container run -it -v <cobalt_strike_location>:/usr/share/cobaltstrike/ C2concealer --hostname google.com --variant 3 Example Usage Usage:$ C2concealer --hostname google.com --variant 3Flags:(optional)--hostnameThe hostname used in HTTP client and server side settings. Default is None.--variantAn integer defining the number...
