magicRecon : A Powerful Shell Script To Maximize The Recon And Data Collection Process Of An Objective And Finding Common Vulnerabilities
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats. The new version of MagicRecon has a large number of new tools to automate as much as possible the process of collecting data...
403Fuzzer : Fuzz 403/401Ing Endpoints For Bypasses
403Fuzzer will check the endpoint with a couple of headers such as X-Forwarded-For It will also apply different payloads typically used in dir traversals, path normalization etc. to each endpoint on the path. e.g. /%2e/test/test2 /test/%2e/test2 /test;/test2/ Usage usage: 403fuzzer.py use this script to fuzz endpoints that return a 401/403optional arguments:-h, --help show this help...
CheeseTools : Self-developed Tools For Lateral Movement/Code Execution
The CheeseTools has been made basing onto the already existing MiscTool, so big shout-out to rasta-mouse for releasing them and for giving me the right motivation to work on them. CheeseExec Command Exec / Lateral movement via PsExec-like functionality. Must be running in the context of a privileged user. The tool is based on rasta-mouse CsExec, but is designed to allow additional control over the service...
IMAPLoginTester : Script That Reads A Text File With Lots Of E-Mails And Passwords
IMAPLoginTester is a simple Python script that reads a text file with lots of e-mails and passwords, and tries to check if those credentials are valid by trying to login to the respective IMAP servers. Usage usage: imaplogintester.py -i INPUT optional arguments:-h, --help show this help message and exit-i INPUT, --input INPUTinput file with e-mails and...
HookDump : Security Product Hook Detection
HookDump is a tool for security product hook detection. Building Source In order to build this you will need Visual Studio 2019 (community edition is fine) and CMake. The batch file Configure.bat will create two build directories with Visual Studio solutions.The project may build with MinGW with the correct CMake command line, this is untested YMMV.There is a dependency on zydis...
slopShell : The Only Php Webshell You Need
slopShell is the only Php Webshell You Need . Since I derped, and forgot to talk about usage. Here goes. For this shell to work, you need 2 things, a victim that allows php file upload(yourself, in an educational environment) and a way to send http requests to this webshell. Thank you for all the support the community has given, it...
AnalyticsRelationships : Get Related Domains / Subdomains By Looking At Google Analytics IDs
AnalyticsRelationships is a tool to Get Related Domains / Subdomains By Looking At Google Analytics IDs. ██╗ ██╗ █████╗ ██╗██████╗ ██║ ██║██╔══██╗ ...
Dystopia : Low To Medium Multithreaded Ubuntu Core Honeypot Coded In Python
Dystopiais a low to medium Ubuntu Core honeypot coded in Python. Features Optional login promptLogs who connects and what they doCapture session to pcap fileAutomatically download links used by attackersCustomize MOTD, Port, Hostname and how many clients can connect at once (default is unlimited)Geolocation (with ipstack)Save and load configAdd support to a plethora of commands To Do Better LoggingServiceEmail AlertsInsights such as charts...
FireStorePwn : Firestore Database Vulnerability Scanner Using APKs
FireStorePwn scans an APK and checks the Firestore database for rules that are not secure, testing with or without authentication. If there are problems with the security rules, attackers could steal, modify or delete data and raise the bill. How It Works Install FSP sudo wget https://raw.githubusercontent.com/takito1812/FireStorePwn/main/fsp -O /bin/fspsudo chmod +x /bin/fsp Running fsp Scanning an APK without authentication fsp app.apk Scanning an APK with authentication With email...
Qvm-Create-Windows-Qube : Spin Up New Windows Qubes Quickly, Effortlessly And Securely
Qvm-Create-Windows-Qube is a tool for quickly and conveniently installing fresh new Windows qubes with Qubes Windows Tools (QWT) drivers automatically. It officially supports Windows 7, 8.1 and 10 as well as Windows Server 2008 R2, 2012 R2, 2016 and 2019. The project emphasizes correctness, security and treating Windows as an untrusted guest operating system throughout the entire process. It also features other goodies such...
