.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
L3MON : A Cloud Based Remote Android Management Suite
L2MON is a cloud based remote android managment suite, powered by NodeJS. Features GPS LoggingMicrophone RecordingView ContactsSMS LogsSend SMSCall LogsView Installed AppsView Stub PermissionsLive Clipboard LoggingLive Notification LoggingView WiFi Networks (logs previously seen)File Explorer & DownloaderCommand QueuingBuilt In APK Builder Prerequisites Java Runtime Environment 8See installation for OS specificsNodeJsA Server Installation Install JRE 8 (We cannot stress this enough USE java 1.8.0 ANY issues that...
Pentest : Tools To Create An Pentest Environment Easily & Quickly
Docker for Pentest is an image with the more used tools to create an pentest environment easily and quickly. Features OS, networking, developing and pentesting tools installed.Connection to HTB (Hack the Box) vpn to access HTB machines.Popular wordlists installed: SecLists, dirb, dirbuster, fuzzdb, wfuzz and rockyou.Proxy service to send traffic from any browsers and burp suite installed in your local directory.Exploit...
Natlas : Scaling Network Scanning
You've got a lot of maps and they are getting pretty unruly. What do you do? You put them in a book and call it an atlas. This is like that, except it's a website and it's a collection of nmaps. The Natlas server doubles as a task manager for the agents to get work, allowing you to control...
Padding Oracle Attacker : CLI Tool & Library To Execute Padding Oracle Attacks Easily
CLI tool and library to execute padding oracle attacks easily, with support for concurrent network requests and an elegant UI. Install Make sure Node.js is installed, then run $ npm install --global padding-oracle-attackeror$ yarn global add padding-oracle-attacker CLI Usage Usage $ padding-oracle-attacker decrypt <url> hex:<ciphertext_hex> <block_size> <error> [options] $ padding-oracle-attacker decrypt <url> b64:<ciphertext_b64> <block_size> <error> [options] $ padding-oracle-attacker encrypt <url> <plaintext>...
Capsulecorp Pentest : Vagrant VirtualBox Environment For Conducting An Internal Network Penetration Test
The Capsulecorp Pentest is a small virtual network managed by vagrant and ansible. It contains five virtual machines, including one Linux attacking system running xubuntu and 4 Windows 2019 servers configured with various vulnerable services. This project can be used to learn network penetration testing as a stand-alone environment but is ultimatly designed to compliment my book The Art...
Santa : A Binary Whitelisting/Blacklisting System For macOS
Santa is a binary authorization system for macOS. It consists of a kernel extension (or a system extension on macOS 10.15+) that monitors for executions, a userland daemon that makes execution decisions based on the contents of a SQLite database, a GUI agent that notifies the user in case of a block decision and a command-line utility for managing...
Applications You Can Build with Free APIs
With free APIs, developers can practice programming by using those APIs to create applications. Once you have practiced writing apps, you can then move on to paying for some APIs that you can use to write even more useful or complex apps. Phone Number Validator There is a multitude of free APIs that are available to the public. So, your options...
FinDOM-XSS : A Fast DOM Based XSS Vulnerability Scanner With Simplicity
FinDOM-XSS is a tool that allows you to finding for possible and/ potential DOM based XSS vulnerability in a fast manner. Installation $ git clone https://github.com/dwisiswant0/findom-xss.git Dependencies: LinkFinder Configuration Change the value of LINKFINDER variable (on line 3) with your main LinkFinder file. Usage To run the tool on a target, just use the following command. $ ./findom-xss.sh https://target.host/about-us.html This will run the tool against target.host. URLs...
ParamSpider : Mining Parameters From Dark Corners Of Web Archives
ParamSpider is a mining parameters from dark corners of web archives. Features Finds parameters from web archives of the entered domain.Finds parameters from subdomains as well.Gives support to exclude urls with specific extensions.Saves the output result in a nice and clean manner.It mines the parameters from web archives (without interacting with the target host) Usage Note : Use python 3.7+ $ git clone https://github.com/devanshbatham/ParamSpider$...
GIVINGSTORM : Infection Vector That Bypasses AV, IDS, & IPS
GIVINGSTORM is a breeze to use. Simply clone the directory, and cd into it. The beginnings of a C2 framework. Currently without all the C2 stuff so far. Generates a dual stage VBS infection vector, and a dual stage HTA infection vector. The variables take into account C2 addresses, Koadic/Empire payloads, and a few delivery mechanisms. The payload files...
