Subcert : Finds All The Subdomains From Certificate Transparency Logs
Subcert is a subdomain enumeration tool, that finds all the valid subdomains from certificate transparency logs. Setup Step 1: Install Python 3 apt-get install python3-pip Step 2: Clone the Repository git clone https://github.com/A3h1nt/Subcert.git Step 3: Install Dependencies pip3 install -r requirements.txt Step 4: Move the Directory to /opt mv subcert /opt/ Step 5: Add an alias in .bashrc to run the script from anywhere alias subcert="python3...
Mole : A Framework For Identifying & Exploiting Out-Of-Band Application Vulnerabilities
Mole is a framework for identifying and exploiting out-of-band (OOB) vulnerabilities. Installation & Setup Mole Install Python >= 3.6 virtualenv -p /usr/bin/python3 venvsource venv/bin/activate./venv/bin/pip3 install -r requirements.txtgit submodule update --init --recursive Set an API key in config.yml (must be the same for the client and server) DNS Configuration You'll need to configure the DNS records in your registrar to point to your mole server. Minimally, you'll...
Invoke SocksProxy : Socks Proxy & Reverse Socks Server Using Powershell
Invoke SocksProxy is a tool that creates a local or "reverse" Socks proxy using powershell. The local proxy is a simple Socks 4/5 proxy. The reverse proxy creates a tcp tunnel by initiating outbond SSL connections that can go through the system's proxy. The tunnel can then be used as a socks proxy on the remote host to pivot into...
Reverse Shell Generator : Hosted Reverse Shell Generator With A Ton Of Functionality
Hosted Reverse Shell generator with a ton of functionality. Features Generate common listeners and reverse shellsRaw mode to cURL shells to your machine.Button to increment the listening port number by 1URI and Base64 encodingLocalStorage to persist your configurationDark and Light Modes Dev It's recommended to use the netlify dev command if you're wanting to modify any of the server functions, such as...
OffensivePipeline : Tool To Download, Compile & Obfuscate C# Tools For Red Team Exercises
OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises. It downloads the tool from the git repository, then compiles it with msbuild and finally obfuscates it with ConfuserEx. Examples List all tools: OffensivePipeline.exe list Build all tools: OffensivePipeline.exe all Build a tool OffensivePipeline.exe t toolName Add New Tools The scripts for downloading the tools are in the Tools folder...
Diceware Password Generator : Generate High Entropy Passwords
Diceware is a method used to generate cryptographically strong memorable passphrases. This is a python implementation of the diceware password generating algorithm. Inspired after watching this video. Note : This Program Do Not Store Passwords In Any Form And All The Passwords Are Generated Locally Inside You Device. How DPG Generate Passwords? Traditional Diceware uses rolls of physical dice, this application uses...
Darkdump : Search The Deep Web Straight From Your Terminal
Darkdump is a simple script written in Python3.9 in which it allows users to enter a search term (query) in the command line and darkdump will pull all the deep web sites relating to that query. Darkdump wraps up the darksearch.io API. Installation git clone https://github.com/josh0xA/darkdumpcd darkdumppython3 -m pip install -r requirements.txtpython3 darkdump.py --help Usage Example 1: python3 darkdump.py --query programmingExample 2: python3...
Rafel Rat : Android Rat Written In Java
Rafel is Remote Access Tool Used to Control Victims Using WebPanel With More Advance Features. Main Features Admin PermissionAdd App To White ListLooks Like BrowserRuns In Background Even App is Closed(May not work on some Devices)Accessibility FeatureSupport Android v5 - v10No Port Forwarding NeededAcquire WakelockFully Undetectable Prerequisites Android Studio OR ApkEasyTool Building Apk With Android Studio Open Project Lite_Browsercode in Android StudioPut the command.php link of server...
AnonX : An Encrypted File Transfer Via AES-256-CBC
AnonX is an encrypted file uploader and downloader. The uploaded archive lasts for one week and shall remove from the server. AnonX encrypts the directory before uploading it to the server. The download function requires the download id and AES password to successfully download and decrypt the archive. An Encrypted File transfer via AES-256-CBCMax FileSize to Upload = 2GB Usage git clone...
Strafer : A Tool To Detect Potential Infections In Elasticsearch Instances
Elasticsearch infections are rising exponentially. The adversaries are exploiting open and exposed Elasticsearch interfaces to trigger infections in the cloud and non-cloud deployments. During this talk, we will release a tool named "STRAFER" to detect potential infections in the Elasticsearch instances. The tool allows security researchers, penetration testers, and threat intelligence experts to detect compromised and infected Elasticsearch instances...
