How to Market Your IT Security Business or Consultancy
Managing an IT security business or consultancy is difficult enough on its own. Add in the necessity of marketing your skills and acquiring new clients, and half of your time is already eaten up long before you can ever get to any tickets you need to address from your existing clients. That is why you need to get your digital...
Recox : Master Script For Web Reconnaissance
The script aims to help in classifying vulnerabilities in web applications. The methodology RecoX is arising can spot weaknesses other than OWASP top ten. The script presents information against the target system. It gathers the information recursively over each subdomain, and IP address for a sophisticated attack. RecoX automates several functions and saves a significant amount of time that...
Jshole : A JavaScript Components Vulnerability Scanner
Jshole is a simple JavaScript components vulnrability scanner, based on RetireJS. Why use JShole instead of RetireJS? By default, RetireJS only searches one page, but JShole tries to crawl all pages. Requirements requests Install git clone https://github.com/callforpapers-source/jshole.gitcd jsholepip3 install -r requirementspython3 jshole.py usage: jshole -u URL optional arguments:-h, --help show this help message and exit-u URL, --url URL url string-d, --debug Web Scrap...
GitMonitor : A Github Scanning System To Look For Leaked Sensitive Information Based On Rules
GitMonitor is a Github scanning system to look for leaked sensitive information based on rules. I know that there are a lot of very good other tools for finding sensitive information leaked on Github right now, I myself currently still use some of them. However, I think they still lack some features like: A scanning tool based on the rules.The...
Ligolo : Reverse Tunneling Made Easy For Pentesters
Ligolo is a simple and lightweight tool for establishing SOCKS5 or TCP tunnels from a reverse connection in complete safety (TLS certificate with elliptical curve). It is comparable to Meterpreter with Autoroute + Socks4a, but more stable and faster. Use Case You compromised a Windows / Linux / Mac server during your external audit. This server is located inside a LAN network...
Eviloffice : Inject Macro & DDE Code Into Excel & Word Documents
Eviloffice is a tool used to inject macro and DDE code into Excel and Word documents (reverse shell). Features Inject malicious Macro on formats: docm, dotm, xlsm, xltmInject malicious DDE code on formats: doc, docx, dot, xls, xlsx, xlt, xltxPython2/Python3 CompatibleTested: Win10 (MS Office 14.0) Requirements Microsoft Office (Word/Excel)pywin32: python -m pip install -r requirements.txt Also Read - Guardedbox : Online Client-Side Manager For...
Inshackle : Instagram Hacks
Inshackle is a tool used to hack Instagram and track unfollowers, increase your followers, download Stories, etc. Features Unfollow TrackerIncrease FollowersDownload: Stories, Saved Content, Following/followers list, Profile InfoUnfollow all your following Also Read - Guardedbox : Online Client-Side Manager For Secure Storage & Secrets Sharing Usage git clone https://github.com/thelinuxchoice/inshackle cd inshackle bash inshackle.sh Download
GhostShell : Malware Indetectable With AV Bypass Techniques & Anti-Disassembly
GhostShell is a Malware indetectable, with AV bypass techniques, anti-disassembly, etc. In this malware, are used some techniques to try bypass the AVs, VMs, and Sandboxes, with only porpuse to learning more. I'm not responsible for your actions. Attention!!! To check if the antivirus is detecting the malware, NEVER send it to the virustotal, IT WILL BE SENT TO THE ANTIVIRUS...
Forerunner : Fast & Extensible Network Scanning Library
The Forerunner library is a fast, lightweight, and extensible networking library created to aid in the development of robust network centric applications such as: IP Scanners, Port Knockers, Clients, Servers, etc. In it's current state, the Forerunner library is able to both synchronously and asynchronously scan and port knock IP addresses in order to obtain information about the device...
Enumy : Linux Post Exploitation Privilege Escalation Enumeration
Enumy is an ultra fast portable executable that you drop on target Linux machine during a pentest or CTF in the post exploitation phase. Running enumy will enumerate the box for common security vulnerabilities. Installation You can download the final binary from the release x86 or x64 tab. Statically linked to musl Transfer the final enumy binary to the target machine. latest...