Wpscvn : Wpscvn Is A Tool For Pentesters, Website Owner To Test If Their Websites Had Some Vulnerable Plugins Or Themes
wpscvn is a tool for pentesters, website owner to test if their websites had some vulnerable plugins or themes The author does not hold any responsibility for the bad use of this tool, remember that attacking targets without prior consent is illegal and punished by law. Requires Python 3 Usage python3 script.py http://siten Download
Sx : Fast, Modern, Easy-To-Use Network Scanner
sx is the command-line network scanner designed to follow the UNIX philosophy. The goal of this project is to create the fastest network scanner with clean and simple code. Features ⚡ 30x times faster than nmapARP scan: Scan your local networks to detect live devicesICMP scan: Use advanced ICMP scanning techniques to detect live hosts and firewall rulesTCP SYN scan: Traditional half-open scan to find...
RemotePotato0 : Just Another “Won’t Fix” Windows Privilege Escalation From User To Domain Admin
RemotePotato0 is an exploit that allows you to escalate your privileges from a generic User to Domain Admin. Briefly: It abuses the DCOM activation service and trigger an NTLM authentication of the user currently logged on in the target machine. It is required you have a shell in session 0 (e.g. WinRm shell or SSH shell) and that a privileged user...
Nexfil : OSINT Tool For Finding Profiles By Username
NExfil is an OSINT tool written in python for finding profiles by username. The provided usernames are checked on over 350 websites within few seconds. The goal behind this tool was to get results quickly while maintaining low amounts of false positives. If you like my work please star this project :D If you find any errors or false positives or if you want to suggest...
Security Scorecards : Security Health Metrics For Open Source
Security Scorecards is a tool for Security Health Metrics For Open Source. Motivation A short motivational video clip to inspire us: https://youtu.be/rDMMYT3vkTk "You passed! All D's ... and an A!" Goals Automate analysis and trust decisions on the security posture of open source projects.Use this data to proactively improve the security posture of the critical projects the world depends on. Scorecard Checks The following checks are all...
WFH : Windows Feature Hunter 2021
Windows Feature Hunter (WFH) is a proof of concept python script that uses Frida, a dynamic instrumentation toolkit, to assist in potentially identifying common “vulnerabilities” or “features” within Windows executables. WFH currently has the capability to automatically identify potential Dynamic Linked Library (DLL) sideloading and Component Object Model (COM) hijacking opportunities at scale. DLL sideloading utilizes the Windows side-by-side (WinSXS) assembly...
Ipa-Medit : Memory Search And Patch Tool For Resigned Ipa Without Jailbreak
Ipa-medit is a memory search and patch tool for resigned ipa without jailbreak. It was created for mobile game security testing. Motivation Memory modification is the easiest way to cheat in games, it is one of the items to be checked in the security test. There are also cheat tools that can be used casually like GameGem and iGameGuardian. However, there...
Cariddi : Take A List Of Domains, Crawl Urls And Scan For Endpoints, Secrets, Api Keys, File Extensions, Tokens And More…
Cariddi is a tool to take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more. Installation You need Go. Go is an open source programming language that makes it easy to build simple, reliable, and efficient software. Linuxgit clone https://github.com/edoardottt/cariddi.gitcd cariddigo getmake linux (to install)make unlinux (to uninstall)Or in one line: git clone https://github.com/edoardottt/cariddi.git; cd cariddi; go get; make linuxWindows (executable works only...
Salus : Security Scanner Coordinator
Salus (Security Automation as a Lightweight Universal Scanner), named after the Roman goddess of protection, is a tool for coordinating the execution of security scanners. You can run Salus on a repository via the Docker daemon and it will determine which scanners are relevant, run them and provide the output. Most scanners are other mature open source projects which we...
FindObjects-BOF : A Cobalt Strike Beacon Object File (BOF)
FindObjects-BOF is a Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific modules or process handles. What Is This Repository For? Use direct systems calls within Beacon Object files to enumerate processes for specific loaded modules (e.g. winhttp.dll, amsi.dll or clr.dll).Use direct systems calls within Beacon Object files to enumerate processes for specific...
