AirStrike : Automatically Grab And Crack WPA-2 Handshakes With Distributed Client-Server Architecture
AirStrike is a tool that automates cracking of WPA-2 Wi-Fi credentials using client-server architecture. Requirements Airstrike uses Hashcat Brain Architecture, aircrack-ng suite, entr utility and some helper scripts. You can use install.sh script to download all dependencies (if you're on system which has an access to apt or pacman, but if you're using Gentoo, you'd have to install hcxtools by hand, they're not available in their repos, or...
IAM Vulnerable : Use Terraform To Create Your Own Vulnerable By Design AWS IAM Privilege Escalation Playground
IAM Vulnerable is to use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.. IAM Vulnerable uses the Terraform binary and your AWS credentials to deploy over 250 IAM resources into your selected AWS account. Within minutes, you can start learning how to identify and exploit vulnerable IAM configurations that allow for privilege escalation. Recommended Approach Select or create...
IDA2Obj : Static Binary Instrumentation
IDA2Obj is a tool to implement SBI (Static Binary Instrumentation). The working flow is simple: Dump object files (COFF) directly from one executable binary.Link the object files into a new binary, almost the same as the old one.During the dumping process, you can insert any data/code at any location.SBI is just one of the using scenarios, especially useful for black-box fuzzing. How To Use Prepare the enviroment:Set AUTOIMPORT_COMPAT_IDA695 = YES in the idapython.cfg to support the API...
DLLHijackingScanner : This Is A PoC For Bypassing UAC Using DLL Hijacking And Abusing The “Trusted Directories” Verification
DLLHijackingScanner is a PoC for bypassing UAC using DLL hijacking and abusing the "Trusted Directories" verification. Generate Header from CSV The python script CsvToHeader.py can be used to generate a header file. By default it will use the CSV file dll_hijacking_candidates.csv that can be found here: dll_hijacking_candidates.csv. The script will check for each portable executable(PE) the following condition: If the PE exists in the file system.In the manifest of the PE, if...
ClusterFuzzLite : Simple Continuous Fuzzing That Runs In CI
ClusterFuzzLite is a continuous fuzzing solution that runs as part of Continuous Integration (CI) workflows to find vulnerabilities faster than ever before. With just a few lines of code, GitHub users can integrate ClusterFuzzLite into their workflow and fuzz pull requests to catch bugs before they are committed. ClusterFuzzLite is based on ClusterFuzz. Features Quick code change (pull request) fuzzing to find bugs before they landDownloads of...
Crawpy : Yet Another Content Discovery Tool
Crawpy is Yet another content discovery tool written in python. What makes this tool different than others: It is written to work asynchronously which allows reaching to maximum limits. So it is very fast.Calibration mode, applies filters on its ownHas bunch of flags that helps you fuzz in detailRecursive scan mode for given status codes and with depthReport generations, you can...
Kerberoast : Kerberoast Attack -Pure Python-
Kerberoast attack toolkit -pure python Install pip3 install kerberoast Prerequirements Python 3.6 See requirements.txt For the impatient IMPORTANT: the accepted target url formats for LDAP and Kerberos are the following<ldap_connection_url> : <protocol>+<auth-type>://<domain><user>:<password>@<ip_or_hostname>/?<param1>=<value1><kerberos_connection_url>: <protocol>+<auth-type>://<domain><user>:<password>@<ip_or_hostname>/?<param1>=<value1> Steps -with SSPI-: kerberoast auto <DC_ip> Steps -SSPI not used-: Look for vulnerable users via LDAPkerberoast ldap all <ldap_connection_url> -o ldapenumUse ASREP roast against users in the ldapenum_asrep_users.txt filekerberoast asreproast <DC_ip> -t ldapenum_asrep_users.txtUse SPN roast against users in the ldapenum_spn_users.txt filekerberoast spnroast <kerberos_connection_url>...
ShonyDanza : A Customizable, Easy-To-Navigate Tool For Researching, Pen Testing, And Defending With The Power Of Shodan
ShonyDanza is a customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan. With ShonyDanza, you can: Obtain IPs based on search criteriaAutomatically exclude honeypots from the results based on your pre-configured thresholdsPre-configure all IP searches to filter on your specified net range(s)Pre-configure search limitsUse build-a-search to craft searches with easy building blocksUse stock searches and pre-configure...
XC : A Small Reverse Shell For Linux And Windows
XC is a Netcat like reverse shell for Linux & Windows. Features Windows Usage:└ Shared Commands: !exit!upload uploads a file to the target!downloaddownloads a file from the target!lfwdlocal portforwarding (like ssh -L)!rfwdremote portforwarding (like ssh -R)!lsfwdlists active forwards!rmfwdremoves forward by index!pluginslists available plugins!pluginexecute a plugin!spawnspawns another client on the specified port!shellruns /bin/sh!runasrestart xc with the specified user!metconnects to a x64/meterpreter/reverse_tcp listener └ OS...
ZipExec : A Unique Technique To Execute Binaries From A Password Protected Zip
ZipExec is a Proof-of-Concept (POC) tool to wrap binary-based tools into a password-protected zip file. This zip file is then base64 encoded into a string that is rebuilt on disk. This encoded string is then loaded into a JScript file that when executed, would rebuild the password-protected zip file on disk and execute it. This is done programmatically by...
.webp "Canary Token Scanner – A Crisp Cybersecurity Shield Against Hidden Threats")
