.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
Minimalistic Offensive Security Tools
Minimalistic is a simple SMB login attack and password spraying tool. It takes a list of targets and credentials (username and password) as parameters and it tries to authenticate against each target using the provided credentials. Despite its minimalistic design, the tool keeps track of everything by writing every result into a text file. This allows the tool to be...
Carina : Webshell, Virtual Private Server (VPS) & cPanel Database
Carina is a web application used to store webshell, Virtual Private Server (VPS) and cPanel data. Carina is made so that we don't need to store webshell, VPS or cPanel data in "strange places". Install $ git clone https://github.com/c0delatte/carina && cd carinaRun composer updateEdit .env.example with your database configurationRun php artisan migrate for generate required tablesRun php artisan serve Also Read -...
Nishang : Offensive PowerShell For Red Team, Penetration Testing & Offensive Security
Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security, penetration testing and red teaming. Nishang is useful during all phases of penetration testing. Usage Import all the scripts in the current PowerShell session (PowerShell v3 onwards). PS C:nishang> Import-Module .nishang.psm1 Use the individual scripts with dot sourcing. PS C:nishang> . C:nishangGatherGet-Information.ps1 PS C:nishang> Get-Information To get...
Web Hacker’s Weapons : Collection Of Cool Tools Used By Web Hackers
Web Hacker's Weapons is a collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting. Weapons Army-Knife/ALLBurpSuitethe BurpSuite projectArmy-Knife/SCANjaelesThe Swiss Army knife for automated Web Application TestingArmy-Knife/ALLzaproxyThe OWASP ZAP core projectDiscovery/ALLOneForAllOneForAll是一款功能强大的子域收集工具Discovery/ALLaquatoneA Tool for Domain FlyoversDiscovery/ALLlazyreconThis script is intended to automate your reconnaissance process in an organized fashionDiscovery/CRAWLPhotonIncredibly fast crawler designed for OSINT.Discovery/CRAWLcc.pyExtracting URLs of a specific target based...
Spray : Password Spraying Tool For Active Directory Credentials
Spray is a Password Spraying tool for Active Directory Credentials by Jacob Wilkin(Greenwolf). These instructions will show you the requirements for and how to use it. Prerequisites All requirements come preinstalled on Kali Linux, to run on other flavors or Mac just make sure curl(owa & lync) and rpcclient(smb) are installed using apt-get or brew. rpcclient curl Using Spray This script will password...
Self XSS : Grab Cookies Tricking Users Into Running Malicious Code
Self XSS attack using bit.ly to grab cookies tricking users into running malicious code. How it works? It is a social engineering attack used to gain control of victims' web accounts by tricking users into copying and pasting malicious content into their browsers. Since Web browser vendors and web sites have taken steps to mitigate this attack by blocking pasting javascript...
Open Sesame : A Python Tool To Display Random Publicly Disclosed Hackerone
Open Sesame Contains hackerone disclosed reports and other bug bounty writeups. A python tool which runs to display random publicly disclosed Hackerone reports when bored. Automatically opens the report in browser. Contains Over 8k Publicly disclosed Hackerone reports and addtl. wordlist of ~700 bug bounty writeups. This is a productivity tool for security enthusiasts and bug bounty hunters. I have written...
How to Create a Cybersecurity Incident Response Plan
No matter how much businesses invest in employee training and tools and technology, there continue to be issues related to cybersecurity. Many of these are because of malware and human error. It’s important for all businesses to have an understanding of malware, incident response, and digital forensics. With that comes the need for a cybersecurity incident response plan. The goal is...
Driver Development Services And Are They Worth It?
Is it worth your money to spend on device driver development service? Or is it better to allocate that money elsewhere? The answer all depends on you. If you’re a programmer specialist and understand how to develop a driver firmware/software, then I could understand that you don’t need one. But from a business perspective, I think you should. Why...
BlackDir Framework : Web Application Vulnerability Scanner
BlackDir Framework is a Web Application Vulnerability Scanner with the following features; Spider DirectoriesFind Sub DomainAdvanced Dorks SearchScan list of DorksScan WebSites Reverse Ip LookupPort Scan Installation git clone https://github.com/RedVirus0/BlackDir-Framework.gitcd BlackDirpip3 install -r requirements.txtpython3 BlackDir.py Also Read - PayloadsAllTheThings : A List Of Useful Payloads & Bypass Screenshot Download
