.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
DeimosC2 : A Golang Command & Control Framework For Post-Exploitation
DeimosC2 is a post-exploitation Command & Control (C2) tool that leverages multiple communication methods in order to control machines that have been compromised. DeimosC2 server and agents works on, and has been tested on, Windows, Darwin, and Linux. It is entirely written in Golang with a front end written in Vue.js. Listener Features Each listener has it's own RSA Pub and...
EternalBlueC : Tool For EternalBlue Vulnerability Detector, DoublePulsar Detector & DoublePulsar Shellcode & DLL Uploader
EternalBlueC suite remade in C which includes: MS17-010 Exploit, EternalBlue/MS17-010 vulnerability detector, DoublePulsar detector and DoublePulsar UploadDLL & Shellcode ms17_vuln_status.cpp - This program sends 4 SMB packets. 1 negociation packet and 3 requests. This program reads the NT_STATUS response from a TransNamedPipeRequest ( PeekNamedPipe request ) and determines if NT_STATUS = 0xC0000205 ( STATUS_INSUFF_SERVER_RESOURCES ). If this is the...
Kubei : A Flexible Kubernetes Runtime Scanner
Kubei is a vulnerabilities scanning tool that allows users to get an accurate and immediate risk assessment of their kubernetes clusters. Kubei scans all images that are being used in a Kubernetes cluster, including images of application pods and system pods. It doesn’t scan the entire image registries and doesn’t require preliminary integration with CI/CD pipelines. It is a configurable...
7 Best Apps to Hack Girlfriend’s Phone to View Text Messages
Ever got a gut feeling that your girl is seeing someone else behind your back or cheating on you? That can be very disheartening. But! If you want to make sure of this “gut feeling”- you will need some help. And we are not talking about any overpaid detective or secretive stalking; we are talking about becoming a spy. Yes,...
DazzleUP : A Tool That Detects The Privilege Escalation Vulnerabilities
DazzleUP is a tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating systems. dazzleUP detects the following vulnerabilities. Exploit Checks The first feature of dazzleUP is that it uses Windows Update Agent API instead of WMI (like others) when finding missing patches. dazzleUP checks the following vulnerabilities. DCOM/NTLM Reflection (Rotten/Juicy Potato) VulnerabilityCVE-2019-0836CVE-2019-0841CVE-2019-1064CVE-2019-1130CVE-2019-1253CVE-2019-1385CVE-2019-1388CVE-2019-1405CVE-2019-1315CVE-2020-0787CVE-2020-0796 dazzleUP do exploit...
uDork : Tool That Uses Advanced Google Search Techniques
uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on. It does NOT make attacks against any server, it only uses predefined dorks and/or official lists from exploit-db.com (Google Hacking Database: https://www.exploit-db.com/google-hacking-database). Download & Install $ git clone https://github.com/m3n0sd0n4ld/uDork...
Oralyzer : Tool To Identify Open Redirection
Oralyzer, a simple python script, capable of identifying the open redirection vulnerability in a website. It does that by fuzzing the url i.e. provided as the input. Features Oralyzer can identify different types of Open Redirect Vulnerabilities: Header BasedJavascript BasedMeta Tag Based Oralyzer uses waybackurls to fetch URLs from archive.org, it then separates the URLs that have specific parameters in them, parameters that...
Kubebox : Terminal & Web Console For Kubernetes
Kubebox terminal and web console for kubernetes. Features ✓ Configuration from kubeconfig files (KUBECONFIG environment variable or $HOME/.kube)✓ Switch contexts interactively✓ Authentication support (bearer token, basic auth, private key / cert, OAuth, OpenID Connect, Amazon EKS, Google Kubernetes Engine, Digital Ocean)✓ Namespace selection and pods list watching✓ Container log scrolling / watching✓ Container resources usage (memory, CPU, network, file system...
Commit-Stream : OSINT Tool For Finding Github Repositories
Commit-Stream drinks commit logs from the Github event firehose exposing the author details (name and email address) associated with Github repositories in real time. OSINT / Recon uses for Redteamers / Bug bounty hunters: Uncover repositories which employees of a target company is commiting code (filter by email domain)Identify repositories belonging to an individual (filter by author name)Chain with other tools...
SNOWCRASH – A Polyglot Payload Generator
SNOWCRASH creates a script that can be launched on both Linux and Windows machines. Payload selected by the user (in this case combined Bash and Powershell code) is embedded into a single polyglot template, which is platform-agnostic. There are few payloads available, including command execution, reverse shell establishment, binary execution and some more :> Basic Usage Install dependencies: ./install.shList available payloads: ./snowcrash...
