Interactsh : An OOB Interaction Gathering Server And Client Library
Interactsh is an Open-Source Solution for Out of band Data Extraction, A tool designed to detect bugs that cause external interactions, For example - Blind SQLi, Blind CMDi, SSRF, etc. Features DNS/HTTP/SMTP Interaction supportCLI Client / Web Dashboard supportAES encryption with zero loggingAutomatic ACME based Wildcard TLS w/ Auto RenewalSELF Hosting version support A hosted instance of the service with WEB UI is...
A2P2V : Automated Attack Path Planning and Validation
A2P2V ( Automated Attack Path Planning and Validation) is a planning and cyber-attack tool that provides the capability for users to determine a set of ranked attack sequences given a specific attacker goal. The aim of the tool is to simplify process so that non-security experts can generate clear, actionable intelligence from basic inputs using as much automation as...
BlueCloud : Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D
BlueCloud , a Cyber Range deployment of HELK and Velociraptor! Automated terraform deployment of one system running HELK + Velociraptor server with one registered Windows endpoint in Azure or AWS. A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small HELK + Velociraptor R&D lab. Use Cases EDR Testing labPenetration Testing labSIEM / Threat Hunting / DFIR...
pyWhat : Identify Anything. Easily Lets You Identify Emails, IP Addresses, And More…
pyWhat is the easiest way to identify anything. pip3 install pywhat && pywhat --help What is this? Imagine this: You come across some mysterious text 🧙♂️ 5f4dcc3b5aa765d61d8327deb882cf99 and you wonder what it is. What do you do? Well, with what all you have to do is ask what "5f4dcc3b5aa765d61d8327deb882cf99" and what will tell you! what's job is to identify what something is. Whether it be a file or text! Or even the hex of a file! What about...
EmailFinder : Search Emails From A Domain Through Search Engines
EmailFinder is a tool to search emails through Search Engines. The software is designed to check a company's emails found in the search engines |_ Author: @JosueEncinar|_ Description: Search emails from a domain through search engines.|_ Version: 0.1b|_ Usage: emailfinder -d domain.com Installation > pip3 install emailfinder Upgrades are also available using > pip3 install emailfinder --upgrade Search Engines google: Ok (note cookies policy and Captcha!).bing: OK.baidu: OK...
What is HL7 and why does healthcare need it?
If you have been around in the healthcare industry for a while, you might agree that interoperability between systems has been one of the common issues nowadays. Are you aware that the interoperability costs in the US alone can cost around thirty billion dollars per year? It is because most of these organizations spent a lot of money to hire...
SharpWebServer : HTTP And WebDAV Server With Net-NTLM Hashes Capture Functionality
SharpWebServer is a Red Team oriented simple HTTP & WebDAV server written in C# with functionality to capture Net-NTLM hashes. To be used for serving payloads on compromised machines for lateral movement purposes. Requires .NET Framework 4.5 and System.Net and System.Net.Sockets references. Usage :: SharpWebServer ::a Red Team oriented C# Simple HTTP Server with Net-NTLMv1/2 hashes capture functionalityAuthors:- Can Güney Aksakalli (github.com/aksakalli) - original implementation- harrypatrick442 (github.com/harrypatrick442) -...
Libinjection : SQL / SQLI Tokenizer Parser Analyzer
Libinjection is a SQL / SQLI tokenizer parser analyzer. For C and C++PHPPythonLuaJava (external port) (https://github.com/p0pr0ck5/lua-ffi-libinjection) (external port) Simple example #include#include#include#include "libinjection.h"#include "libinjection_sqli.h"int main(int argc, const char* argv){struct libinjection_sqli_state state;int issqli;const char* input = argv;size_t slen = strlen(input);/* in real-world, you would url-decode the input, etc */libinjection_sqli_init(&state, input, slen, FLAG_NONE);issqli = libinjection_is_sqli(&state);if (issqli) {fprintf(stderr, "sqli detected with fingerprint of '%s'n", state.fingerprint);}return issqli;} $ gcc...
Bbscope : Scope Gathering Tool For HackerOne, Bugcrowd, And Intigriti
Bbscope, the ultimate scope gathering tool for HackerOne, Bugcrowd, and Intigriti by sw33tLie. Need to grep all the large scope domains that you've got on your bug bounty platforms? This is the right tool for the job.What about getting a list of android apps that you are allowed to test? We've got you covered as well. Reverse engineering god? No...
Shepard : In Progress Persistent Download/Upload/Execution Tool Using Windows BITS
Shepard is an IN PROGRESS persistence tool using Windows Background Intelligent Transfer Service (BITS). Functionality: File Download, File Exfiltration, File Download + Persistent ExecutionUsage: run shepard.exe as Administrator with the following command line arguments-d remoteLocation, writePath: regular file download to a local path of your choice-e remoteLocation, localPath: regular file upload from a local path of your choice (only...
