Swurg : Parse OpenAPI Documents Into Burp Suite For Automating OpenAPI-based APIs Security Assessments
Swurg is a Burp Suite extension designed for OpenAPI testing. The OpenAPI Specification (OAS) defines a standard, programming language-agnostic interface description for REST APIs, which allows both humans and computers to discover and understand the capabilities of a service without requiring access to source code, additional documentation, or inspection of network traffic. When properly defined via OpenAPI, a consumer can...
STEWS : A Security Tool For Enumerating Web Sockets
STEWS is a tool suite for security testing of Web Sockets This research was first presented at OWASP Global AppSec US 2021 Features STEWS provides the ability to: Discover: find WebSockets endpoints on the web by testing a list of domainsFingerprint: determine what WebSockets server is running on the endpointVulnerability Detection: test whether the WebSockets server is vulnerable to a known WebSockets vulnerability The included...
Toutatis : A Tool That Allows You To Extract Information From Instagram Accounts Such As E-Mails, Phone Numbers And More
Toutatis is a tool that allows you to extract information from instagrams accounts such as e-mails, phone numbers and moreFor BTC Donations : 1FHDM49QfZX6pJmhjLE5tB2K6CaTLMZpXZ Prerequisite Python 3 Installation With PyPI pip install toutatis With Github git clone https://github.com/megadose/toutatis.gitcd toutatis/python3 setup.py install Usage toutatis -u username -s instagramsessionid Example Informations about : xxxusernamexxxFull Name : xxxusernamesxx | userID : 123456789Verified : False | Is buisness Account : FalseIs private Account :...
Forbidden : Bypass 4Xx HTTP Response Status Codes
Forbidden is to Bypass 4xx HTTP response status codes. Based on PycURL. Script uses multithreading, and is based on brute forcing so might have some false positives. Script uses colored output. Results will be sorted by HTTP response status code ascending, content length descending, and ID ascending. To filter out false positives, check each content length manually with the provided cURL command. If it does...
AirStrike : Automatically Grab And Crack WPA-2 Handshakes With Distributed Client-Server Architecture
AirStrike is a tool that automates cracking of WPA-2 Wi-Fi credentials using client-server architecture. Requirements Airstrike uses Hashcat Brain Architecture, aircrack-ng suite, entr utility and some helper scripts. You can use install.sh script to download all dependencies (if you're on system which has an access to apt or pacman, but if you're using Gentoo, you'd have to install hcxtools by hand, they're not available in their repos, or...
IAM Vulnerable : Use Terraform To Create Your Own Vulnerable By Design AWS IAM Privilege Escalation Playground
IAM Vulnerable is to use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.. IAM Vulnerable uses the Terraform binary and your AWS credentials to deploy over 250 IAM resources into your selected AWS account. Within minutes, you can start learning how to identify and exploit vulnerable IAM configurations that allow for privilege escalation. Recommended Approach Select or create...
IDA2Obj : Static Binary Instrumentation
IDA2Obj is a tool to implement SBI (Static Binary Instrumentation). The working flow is simple: Dump object files (COFF) directly from one executable binary.Link the object files into a new binary, almost the same as the old one.During the dumping process, you can insert any data/code at any location.SBI is just one of the using scenarios, especially useful for black-box fuzzing. How To Use Prepare the enviroment:Set AUTOIMPORT_COMPAT_IDA695 = YES in the idapython.cfg to support the API...
DLLHijackingScanner : This Is A PoC For Bypassing UAC Using DLL Hijacking And Abusing The “Trusted Directories” Verification
DLLHijackingScanner is a PoC for bypassing UAC using DLL hijacking and abusing the "Trusted Directories" verification. Generate Header from CSV The python script CsvToHeader.py can be used to generate a header file. By default it will use the CSV file dll_hijacking_candidates.csv that can be found here: dll_hijacking_candidates.csv. The script will check for each portable executable(PE) the following condition: If the PE exists in the file system.In the manifest of the PE, if...
ClusterFuzzLite : Simple Continuous Fuzzing That Runs In CI
ClusterFuzzLite is a continuous fuzzing solution that runs as part of Continuous Integration (CI) workflows to find vulnerabilities faster than ever before. With just a few lines of code, GitHub users can integrate ClusterFuzzLite into their workflow and fuzz pull requests to catch bugs before they are committed. ClusterFuzzLite is based on ClusterFuzz. Features Quick code change (pull request) fuzzing to find bugs before they landDownloads of...
Crawpy : Yet Another Content Discovery Tool
Crawpy is Yet another content discovery tool written in python. What makes this tool different than others: It is written to work asynchronously which allows reaching to maximum limits. So it is very fast.Calibration mode, applies filters on its ownHas bunch of flags that helps you fuzz in detailRecursive scan mode for given status codes and with depthReport generations, you can...