.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
IntelSpy : Perform Automated Network Reconnaissance Scans
IntelSpy is a tool used to perform automated network reconnaissance scans to gather network intelligence. It is a multi-threaded network intelligence tool which performs automated network services enumeration. It performs live hosts detection scans, port scans, services enumeration scans, web content scans, brute-forcing, detailed off-line exploits searches and more. The tool will also launch further enumeration scans for each detected service...
TrustJack : Yet Another PoC For Hijacking DLLs in Windows
TrustJack is a tool for yet another PoC For hijacking DLLs in windows. To be used with a cmd that does whatever the F you want, for a dll that pops cmd, https://github.com/jfmaes/CMDLL. check the list in wietze's site to check how you should call your dll. will automatically create c:Windows System32 and drop your dll and chosen binary in...
HawkScan : Security Tool For Reconnaissance & Information Gathering On A Website
HawkScan is a security tool for reconnaissance and information gathering on a website. (python 2.x & 3.x).This script use "WafW00f" to detect the WAF in the first step (https://github.com/EnableSecurity/wafw00f)This script use "Sublist3r" to scan subdomains (https://github.com/aboul3la/Sublist3r)This script use "waybacktool" to check in waybackmachine (https://github.com/Rhynorater/waybacktool) News ! Version 1.5! Auto activate JS during scan if the webite is full JS (website 2.0)!...
SiteDorks : A Search Term With Different Websites
SiteDorks is a tool used to search Google, Bing, Yahoo or Yandex for a search term with different websites. A default list is already provided, which contains Github, Gitlab, Surveymonkey, Trello etc etc. Currently, a default list of 241 dorkable websites is available. Current categories on file are: analysis(10)cloud(35)code(38)comm(27)companies(3)docs(36)edu(3)forms(11)orgs(13)other(4)remote(1)shortener(15)social(42)storage(3) Why SiteDorks? Why wouldn't you just enter dorks for several websites manually? Because: It's...
Git All The Payloads! A Collection Of Web Attack Payloads
Git All the Payloads! A collection of web attack payloads. Pull requests are welcome! Usage run ./get.sh to download external payloads and unzip any payload files that are compressed. Payload Credits fuzzdb - https://github.com/fuzzdb-project/fuzzdbSecLists - https://github.com/danielmiessler/SecListsxsuperbug - https://github.com/xsuperbug/payloadsNickSanzotta - https://github.com/NickSanzotta/BurpIntruder7ioSecurity - https://github.com/7ioSecurity/XSS-Payloadsshadsidd - https://github.com/shadsiddshikari1337 - https://www.shikari1337.com/list-of-xss-payloads-for-cross-site-scripting/xmendez - https://github.com/xmendez/wfuzzminimaxir - https://github.com/minimaxir/big-list-of-naughty-stringsxsscx - https://github.com/xsscx/Commodity-Injection-SignaturesTheRook - https://github.com/TheRook/subbrutedanielmiessler - https://github.com/danielmiessler/RobotsDisallowedFireFart - https://github.com/FireFart/HashCollision-DOS-POCHybrisDisaster - https://github.com/HybrisDisaster/aspHashDoSswisskyrepo - https://github.com/swisskyrepo/PayloadsAllTheThings1N3 -...
Saferwall : An Open Source Malware Analysis Platform
Saferwall is an open source malware analysis platform. It aims for the following goals: Provide a collaborative platform to share samples among malware researchers.Acts as a system expert, to help researchers generates an automated malware analysis report.Hunting platform to find new malwares.Quality ensurance for signature before releasing. Features Static analysis:Crypto hashes, packer identificationStrings extractionPortable Executable file parserMultiple AV scanner which includes major...
Tsunami Security Scanner 2020
Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence. To learn more about this, visit our documentation. It relies heavily on its plugin system to provide basic scanning capabilities. All publicly available to this plugins are hosted in a separate google/tsunami-security-scanner-plugins repository. Current Status Currently it is in 'pre-alpha' release for...
Cybersecurity and the Interconnectedness of the IoT
The Internet of Things (IoT) has become somewhat of a buzzword. It is through the interconnectedness of our devices that we are able to remain connected with one another. In 2018, there were roughly 22 billion IoT devices in use globally. As these continue to become more sophisticated and complex, projections show that this number will climb up to 50 billion come...
shhgit : Finds Secrets & Sensitive Files Across GitHub
shhgit finds secrets and sensitive files across GitHub (including Gists), GitLab and BitBucket committed in near real time. There are many great tools available to help with this depending on which side of the fence you sit. On the adversarial side, popular tools such as gitrob and truggleHog focus on digging in to commit history to find secret tokens from...
reNgine : An Automated recon Framework For Web Applications
reNgine is an automated reconnaissance framework meant for information gathering during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the domains, endpoints, or gather information. The beauty of reNgine is that it gathers everything in one place. It has a pipeline of reconnaissance, which is highly customizable. reNgine can be very useful...
