Inceptor : Template-Driven AV/EDR Evasion Framework
Inceptor is a modern Penetration testing and Red Teaming often requires to bypass common AV/EDR appliances in order to execute code on a target. With time, defenses are becoming more complex and inherently more difficult to bypass consistently. Inceptor is a tool which can help to automate great part of this process, hopefully requiring no further effort. Features Inceptor is a template-based...
DorkScout : Golang Tool To Automate Google Dork Scan Against The Entiere Internet Or Specific Targets
DorkScout is a tool to automate the finding of vulnerable applications or secret files around the internet throught google searches, dorkscout first starts by fetching the dorks lists from https://www.exploit-db.com/google-hacking-database and then it scans a given target or everything it founds Installation dorkscout can be installed in different ways: Go Packages throught Golang Packages (golang package manager) go get github.com/R4yGM/dorkscout this will work for every platform Docker if you don't have...
Fapro : Free, Cross-platform, Single-file mass network protocol server simulator
FaPro is a Fake Protocol Server tool, Can easily start or stop multiple network services. The goal is to support as many protocols as possible, and support as many deep interactions as possible for each protocol. Demo Site Features Supported Running Modes: Local Machine Virtual NetworkSupported Protocols: DNS DCE/RPC EIP Elasticsearch FTP HTTP IEC 104 Memcached Modbus MQTT MySQL RDP Redis S7 SMB SMTP SNMP SSH Telnet VNC IMAP POP3 NTP RTSP PORTMAPUse TcpForward to forward network trafficSupport tcp syn loggingSupport icmp ping loggingSupport udp packet logging Protocol Simulation Demos Rdp Support credssp...
ImpulsiveDLLHijack : C# Based Tool Which Automates The Process Of Discovering And Exploiting DLL Hijacks In Target Binaries
ImpulsiveDLLHijack is a C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during RedTeam Operations to evade EDR's. Methodological Approach The tool basically acts on automating following stages performed for DLL Hijacking: Discovery - Finding Potentially Vulnerable DLL Hijack pathsExploitation - Confirming whether the Confirmatory DLL was...
Rethink Network Access with Perimeter 81: a ZTNA Leader
Perimeter 81, a Secure Access Service Edge (SASE) platform, was named an industry leader in the Zero Trust Network Access (ZTNA) category of the Q3 2021 Forrester New Wave™ report. The platform earned the highest scores possible in the non-web and legacy apps, client support, product vision, and planned enhancements criteria. The Perimeter 81 platform is distinguished among those of...
Packet-Sniffer : A pure-Python Network Packet Sniffing Tool
Packet-Sniffer is a simple pure-Python network packet sniffer. Packets are disassembled as they arrive at a given network interface controller and their information is displayed on the screen. This application maintains no dependencies on third-party modules and can be run by any Python 3.x interpreter. Installation GNU / Linux Simply clone this repository with git clone and execute the packet_sniffer.py file as described in the following Usage section. user@host:~/DIR$ git...
Domain-Protect : Protect Against Subdomain Takeover
Domain-Protect scans Amazon Route53 across an AWS Organization for domain records vulnerable to takeovervulnerable domains in Google Cloud DNS can be detected by Domain Protect for GCP deploy to security audit account scan your entire AWS Organization receive alerts by Slack or email or manually scan from your laptop Subdomain Detection Functionality Scans Amazon Route53 to identify: Alias records for CloudFront distributions with missing S3 originCNAME records...
Crawlergo : A Powerful Browser Crawler For Web Vulnerability Scanners
crawlergo is a browser crawler that uses chrome headless mode for URL collection. It hooks key positions of the whole web page with DOM rendering stage, automatically fills and submits forms, with intelligent JS event triggering, and collects as many entries exposed by the website as possible. The built-in URL de-duplication module filters out a large number of pseudo-static URLs, still...
Networkit : A Growing Open-Source Toolkit For Large-Scale Network Analysis
NetworKit is an open-source tool suite for high-performance network analysis. Its aim is to provide tools for the analysis of large networks in the size range from thousands to billions of edges. For this purpose, it implements efficient graph algorithms, many of them parallel to utilize multicore architectures. These are meant to compute standard measures of network analysis. NetworKit is...
AF-ShellHunter : Auto Shell Lookup
AF-ShellHunter its a script designed to automate the search of WebShell's in AF Team How To pip3 install -r requirements.txtpython3 shellhunter.py --help Basic Usage You can run shellhunter in two modes --url -u When scanning a single url--file -f Scanning multiple URLs at once Example searching webshell with burpsuite proxy, hiding string "404" with a size between 100 and 1000 chars ┌──(blueudp㉿xxxxxxxx)-└─$ python3 shellhunter.py -u https://xxxxxxxxxx -hs "404"...