.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
PEASS – Privilege Escalation Awesome Scripts SUITE
Here you will find PEASS privilege escalation tools for Windows and Linux/Unix* (in some near future also for Mac). These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so you can recognize the misconfigurations easily. Check the Local Windows Privilege Escalation checklist from book.hacktricks.xyzWinPEAS - Windows local Privilege...
DNSProbe : Tool That Allows You To Perform Multiple DNS Queries
DNSProbe is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers. Simple and Handy utility to query DNS records. Usage dnsprobe -h Also Read - CrauEmu : uEmu Extension For Developing & Analyzing Payloads For Code-Reuse Attacks This will display help for the tool. Here are all the...
Crescendo : Real Time Event Viewer For MacOS
Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple's Endpoint Security Framework. Apple has introduced some new security mechanisms that we need to enable to get Crescendo running. Ensure that you have moved the app to your /Applications director or the system extension will fail to load.For the first run you will be prompted to...
Burp-Exporter : Request To Clipboard With Multiple Programming Languages Functions
Burp-Exporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions. You can export as:cURLWgetPython RequestPerl LWPPHP HTTP_Request2Go NativeNodeJS RequestjQuery AJAXPowerShell Also Read - Ps-Tools : An Advanced Process Monitoring Toolkit For Offensive Operations Requirements Jython >= 2.7.1 Burp Suite import In Burp Suite, under the Extender/Extensions tab, click on the Add button, select Extension type Python...
CrauEmu : uEmu Extension For Developing & Analyzing Payloads For Code-Reuse Attacks
crauEmu is an uEmu extension for developing and analyzing payloads for code-reuse attacks. Installation Put the file crauEmu.py in same location as uEmu.py.Use File / Script fileā¦ or ALT+F7 in IDA to load crauEmu.py Also Read - Eavesarp : Analyze ARP Requests To Identify Intercommunicating Hosts RopEditor Slides from ZeroNights 2019Download Download
HTBenum : A Linux Enumeration Script For Hack The Box
HTBenum is a Linux enumeration script for Hack The Box. This script is designed for use in situations where you do not have internet access on a Linux host and would like to run enumeration and exploit suggestion scripts, such as Hack The Box. I find myself running a similar set of scripts when I get an initial foothold...
Domained : Multi Tool Subdomain Enumeration
Domained is a domain name enumeration tool. The tools contained in it requires Kali Linux (preferred) or Debian 7+ and Recon-ng. It uses several subdomain enumeration tools and wordlists to create a unique list of subdomains that are passed to EyeWitness for reporting with categorized screenshots, server response headers and signature based default credential checking. (resources are saved to...
Lollipopz : Data Exfiltration Utility For Testing Detection Capabilities
Lollipopz is a data exfiltration utility for testing detection capabilities. Data exfiltration utility used for testing detection capabilities of security products. Obviously for legal purposes only. Exfiltration How-To? /etc/shadow -> HTTP GET requests Server # ./lollipopz-cli.py -m lollipopz.methods.http.param_cipher.GETServer -lp 80 -o output.log Client $ ./lollipopz-cli.py -m lollipopz.methods.http.param_cipher.GETClient -rh 127.0.0.1 -rp 80 -i ./samples/shadow.txt -r /etc/shadow -> HTTP POST requests Server # ./lollipopz-cli.py -m lollipopz.methods.http.param_cipher.POSTServer -lp 80...
Sherloq : An Open-Source Digital Image Forensic Toolset
Sherloq is a personal research project about implementing a fully integrated environment for digital image forensics. It is not meant as an automatic tool that decide if an image is forged or not (that tool probably will never exist...), but as a companion in putting at work various algorithms to discover potential image inconsistencies. While many commercial solutions have unaffordable...
Privacy Badger : A Browser Extension Automatically Learns To Block Invisible Trackers
Privacy Badger is a browser extension that automatically learns to block invisible trackers. Instead of keeping lists of what to block, Privacy Badger learns by watching which domains appear to be tracking you as you browse the Web. It sends the Do Not Track signal with your browsing. If trackers ignore your wishes, your Badger will learn to block them....
