.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
Reconspider : Most Advanced Open Source Intelligence (OSINT) Framework
ReconSpider is most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations and find out information from different sources. ReconSpider can be used by Infosec Researchers, Penetration Testers, Bug Hunters and Cyber Crime Investigators to find deep information about their target. ReconSpider aggregate all the raw data, visualize it on a dashboard and facilitate alerting and monitoring...
Pagodo : Automate Google Hacking Database Scraping And Searching
PaGoDo goal is to develop a passive Google dork script to collect potentially vulnerable web pages and applications on the Internet. There are 2 parts. The first is ghdb_scraper.py that retrieves Google Dorks and the second portion is pagodo.py that leverages the information gathered by ghdb_scraper.py. What are Google Dorks? The awesome folks at Offensive Security maintain the Google Hacking Database...
PurpleSharp : C# Adversary Simulation Tool That Executes Adversary Techniques
PurpleSharp is an open source adversary simulation tool written in C# that executes adversary techniques within Windows Active Directory environments. The resulting telemetry can be leveraged to measure and improve the efficacy of a detection engineering program. PurpleSharp leverages the MITRE ATT&CK Framework and executes different techniques across the attack life cycle: execution, persistence, privilege escalation, credential access, lateral...
Sinter : User-Mode Application Authorization System For MacOS
Sinter is a 100% user-mode endpoint security agent for macOS 10.15 and above, written in Swift. It uses the user-mode EndpointSecurity API to subscribe to and receive authorization callbacks from the macOS kernel, for a set of security-relevant event types. The current version of Sinter supports allowing/denying process executions; in future versions we intend to support other types of...
URLBuster : Powerful Mutable Web Directory Fuzzer To Bruteforce
URLBuster is a powerful web directory fuzzer to locate existing and/or hidden files or directories. Similar to dirb or gobuster, but with a lot of mutation options. Installation pip install urlbuster Features Proxy supportCookie supportBasic AuthDigest AuthRetries (for slow servers)Persistent and non-persistent HTTP connectionRequest methods: GET, POST, PUT, DELETE, PATCH, HEAD, OPTIONSCustom HTTP headerMutate POST, PUT and PATCH payloadsMutate with different request methodsMutate...
SharpChromium : .NET 4.0 CLR Project To Retrieve Chromium Data, Such As Cookies, History & Saved Logins
SharpChromium is a .NET 4.0+ CLR project to retrieve data from Google Chrome, Microsoft Edge, and Microsoft Edge Beta. Currently, it can extract: Cookies (in JSON format)History (with associated cookies for each history item)Saved Logins Note: All cookies returned are in JSON format. If you have the extension Cookie Editor installed, you can simply copy and paste into the "Import" section...
Want to protect multiple domains with a single SSL certificate? Here is your definitive guide.
If we compare the number of users on the internet today vs a decade back, we will notice a major change in the numbers. Even as you read this, thousands of people are using the internet as a source to give or extract information. Your business needs a huge platform to be successful. Hence, in the modern world, it...
AWS Report : A Tool For Analyzing Amazon Resources
AWS Report is a tool for analyzing amazon resources. Install Using PIP pip install awsreport Features Search IAM users based on creation date Search buckets public Search security based in rules, default is 0.0.0.0/0 Search elastic ip dissociated Search volumes available Search AMIs with permission public Search internet gateways detached Options aws_report.py Options:--s3 Search buckets public in s3--iam Search iam users based on creation date--iam-max-age...
Nautilus : A Grammar Based Feedback Fuzzer
Nautilus is a coverage guided, grammar based fuzzer. You can use it to improve your test coverage and find more bugs. By specifying the grammar of semi valid inputs, Nautilus is able to perform complex mutation and to uncover more interesting test cases. Many of the ideas behind this fuzzer are documented in a Paper published at NDSS 2019. Version...
Kali Linux 2020.3 Release (ZSH, Win-Kex, HiDPI & Bluetooth Arsenal) – Download Now!!
Its that time of year again, time for another Kali Linux release! Quarter #3 – Kali Linux 20202.3. This release has various impressive updates including New Shell, Bluetooth Arsenal, Automating HiDPI support, Nokia Support, new updated tools icons A quick overview of what’s new since the last release in May 2020: New Shell – Starting the process to switch from “Bash” to...
