GONET-Scanner : Golang Network Scanner With Arp Discovery And Own Parser
GONET-Scanner tool has its own ARP scanner and parser facility. ScreenShots Install chmod +x install.sh./install.sh Usage -ar CIDR: ARP Discovery-ar CIDR -s: Scan ports in all hosts discovered-ap: Scan to 65535 Ports-pr MINPORT MAXPORT: Define Port Range to Scan-1000: Scan Top 1000 ports (like nmap)-t: Set Timeout (in milliseconds)go run scannerport.go -ap : Allports TCP Scango run scannerport.go Default Scan 0-1024 portsgo run...
Geowifi : Search WiFi Geolocation Data By BSSID And SSID On Different Public Databases
Geowifi is a tool to Search WiFi geolocation data by BSSID and SSID on different public databases. Databases WigleAppleOpenWifiMilnikov Prerequisites Python3.In order to display emojis on Windows, it is recommended to install the new Windows terminal. In order to use the Wigle service it is necessary to obtain an API and configure the utils/API.yaml file replacing the value of the "wigle_auth" parameter for the "Encoded for use" data provided by Wigle. This...
GraphQL Cop : Security Auditor Utility For GraphQL APIs
GraphQL Cop is a small Python utility to run common security tests against GraphQL APIs. GraphQL Cop is perfect for running CI/CD checks in GraphQL. It is lightweight, and covers interesting security issues in GraphQL. GraphQL Cop allows you to reproduce the findings by providing cURL commands upon any identified vulnerabilities. Requirements Python3Requests Library Detections Alias Overloading (DoS)Batch Queries (DoS)GET based Queries (CSRF)GraphQL Tracing...
Fastfuz-Chrome-Ext : Site Fast Fuzzing With Chorme Extension
Fastfuz-Chrome-Ext is a Fast fuzzing websites with chrome extension. Screenshot Install Add Your Custom Files Open files.txtPaste your file or directory name in line by lineHappy Hunting Download
Osmedeus : A Workflow Engine For Offensive Security
Osmedeus is a Workflow Engine for Offensive Security. Installation NOTE that you need some essential tools like curl, wget, git, zip and login as root to start bash -c "$(curl -fsSL https://raw.githubusercontent.com/osmedeus/osmedeus-base/master/install.sh)" Build the engine from source Make sure you installed golang >= v1.17 mkdir -p $GOPATH/src/github.com/j3ssiegit clone --depth=1 https://github.com/j3ssie/osmedeus $GOPATH/src/github.com/j3ssie/osmedeuscd $GOPATH/src/github.com/j3ssie/osmedeusmake build Usage Scan Usage:osmedeus scan -f -t osmedeus scan -m -T osmedeus scan -f /path/to/flow.yaml -t osmedeus scan...
PwnKit-Exploit : Proof Of Concept (PoC) CVE-2021-4034
PwnKit-Exploit, a local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. Proof of Concept debian@debian:~/PwnKit-Exploit$ makecc -Wall exploit.c -o exploitdebian@debian:~/PwnKit-Exploit$ whoamidebiandebian@debian:~/PwnKit-Exploit$ ./exploitCurrent User before execute exploithacker@victim$whoami: debianExploit written by @luijait (0x6c75696a616974) Enjoy your root if exploit was completed succesfullyroot@debian:/home/debian/PwnKit-Exploit# whoamirootroot@debian:/home/debian/PwnKit-Exploit# Fix CommandUsesudo chmod 0755...
PyShell : Multiplatform Python WebShell
PyShell is Multiplatform Python WebShell. This tool helps you to obtain a shell-like interface on a web server to be remotely accessed. Unlike other webshells, the main goal of the tool is to use as little code as possible on the server side, regardless of the language used or the operating system of the server. Thanks to this, you can use...
Authz0 : An Automated Authorization Test Tool
Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials. URLs and Roles are managed as YAML-based templates, which can be automatically created and added through authz0. You can also test based on multiple authentication headers and cookies with a template file created/generated once. Key Features Generate scan template $ authz0 newInclude URLsInclude RolesInclude...
Hacc The Hub : Open Source Self-Hosted Cyber Security Learning Platform
Hacc The Hub is an open source project that provides cyber security The Hacc The Hub system consists of 3 main parts: Docker: containing all of the boxes creating the environment in which we'll be learning on.The backend: controlling Docker and responsible for starting/destroying individual box in the system and managing the networking that joins them into a unified system.The frontend:...
IOC Scraper : A Fast And Reliable Service That Enables You To Extract IOCs
IOC Scraper utilises IOCPARSER service to fetch IOCs from different vendor Blogs, PDFs, and CSV files. Parsing IOCs is time-consuming process, using current script one can automatically extract and aggregate IOCs easily. Features Defanged IOCs : Supports extracting and defanging IOCs.Whitelist IOCs : Supports custom whitlisting of IOCs.Source Types : Supports variety of sources such as Blogs, PDFs, CSV, and much more. Supported IOC...