Orbitaldump : A Simple Multi-Threaded Distributed SSH Brute-Forcing Tool Written In Python
Orbitaldump is a simple multi-threaded distributed SSH brute-forcing tool written in Python. When the script is executed without the --proxies switch, it acts just like any other multi-threaded SSH brute-forcing scripts. When the --proxies switch is added, the script pulls a list (usually thousands) of SOCKS4 proxies from ProxyScrape and launch all brute-force attacks over the SOCKS4 proxies so brute-force attempts will be less likely to...
ARTIF : An Advanced Real Time Threat Intelligence Framework To Identify Threats And Malicious Web Traffic On The Basis Of IP Reputation And Historical Data.
ARTIF is a new advanced real time threat intelligence framework built that adds another abstraction layer on the top of MISP to identify threats and malicious web traffic on the basis of IP reputation and historical data. It also performs automatic enrichment and threat scoring by collecting, processing and correlating observables based on different factors. Key features of ARTIF includes:- Scoring...
JWTweak : Detects The Algorithm Of Input JWT Token And Provide Options To Generate The New JWT Token Based On The User Selected Algorithm
JWTweak is a tool to detects The Algorithm Of Input JWT Token And Provide Options To Generate The New JWT Token Based On The User Selected Algorithm. With the global increase in JSON Web Token (JWT) usage, the attack surface has also increased significantly. Having said that, this utility is designed with the aim to generate the new JWT...
DNSrr : A Tool Written In Bash, Used To Enumerate All The Juicy Stuff From DNS
DNSrr is a tool written in bash, used to enumerate all the juicy stuff from DNS records, it uses different techniques like DNS Forward BruteforceDNS Reverse BruteforceDNS Cache SnoopingDNS Zone Transfer To get you all the information that you can get, from a DNS server. Installation Install it using git git clone https://github.com/A3h1nt/Dnsrr Get Started ./dnsrr.sh --help Usage -z : Attempt Zone TransferSyntax: ./dns.sh -z -fb :...
Whisker : A C# Tool For Taking Over Active Directory User And Computer Accounts By Manipulating Their msDS-KeyCredentialLink Attribute
Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account. This tool is based on code from DSInternals by Michael Grafnetter (@MGrafnetter). For this attack to succeed, the environment must have a Domain Controller running on Windows Server 2016, and the Domain Controller must have a server authentication...
The-Bastion : Authentication, Authorization, Traceability And Auditability For SSH Accesses
Bastions are a cluster of machines used as the unique entry point by operational teams (such as sysadmins, developers, database admins, to securely connect to devices (servers, virtual machines, cloud instances, network equipment, ...), usually using ssh. Bastions provides mechanisms for authentication, authorization, traceability and auditability for the whole infrastructure. Learn more by reading the blog post series that announced the release: Part...
DNSStager : Hide Your Payload In DNS
DNSStager is an open-source project based on Python used to hide and transfer your payload using DNS. DNSStager will create a malicious DNS server that handles DNS requests to your domain and return your payload as a response to specific record requests such as AAAA or TXT records after splitting it into chunks and encoding the payload using different algorithms. DNSStager can generate a custom...
Bughound : Static Code Analysis Tool Based On Elastic search
Bughound is an open-source static code analysis tool that analyzes your code and sends the results to Elasticsearch and Kibana to get useful insights about the potential vulnerabilities in your code. Bughound has its own Elasticsearch and Kibana Docker image that is preconfigured with dashboards to give you a strong visualization for the findings. You can detect various types of vulnerabilities...
Kali-Whoami : A Privacy Tool Developed To Keep You Anonymous On Kali Linux At The Highest Level
Kali-Whoami tool makes you as anonymous as possible on Kali linux. It is an user friendly with its ease of use and simple interface. It follows two different paths to ensure the highest possible level of anonymity. Finally, don't forget that there is never a hundred percent security on the internet! Features Anti mitmLog killerIP changerDns changerMac changerAnti cold bootTimezone changerHostname...
Exploit_Mitigations : Knowledge Base Of Exploit Mitigations Available Across Numerous Operating Systems, Architectures And Applications And Versions
Exploit_Mitigations goal is to list mitigations added over time in various operating systems, software, libraries or hardware. It becomes handy to know if a given vulnerability is easily exploitable or not depending on exploitation mitigations in place. An example is the following: Supported Targets We currently support the following operating systems: Microsoft WindowsLinuxGoogle AndroidApple iPhone OS (iOS)OpenBSDFreeBSD and the following software: Mozilla FirefoxMicrosoft EdgeGoogle...
