ProxyLogon : PoC Exploit for Microsoft Exchange
ProxyLogon is a tool for PoC exploit for Microsoft exchange. How to use? python proxylogon.py <name or IP of server> <user@fqdn> Example python proxylogon.py primary administrator@lab.local If successful you will be dropped into a webshell. exit or quit to escape from the webshell (or ctrl+c) By default, it will create a file test.aspx. This can be changed. Download
Netmap.Js : Fast Browser-Based Network Discovery Module
netmap.js provides browser-based host discovery and port scanning capabilities to allow you to map website visitors' networks. It's quite fast, making use of es6-promise-pool to efficiently run the maximum number of concurrent connections browsers will allow. Motivation I needed a browser-based port scanner for an idea I was working on. I thought it would be a simple matter of importing an existing...
Subcert : Finds All The Subdomains From Certificate Transparency Logs
Subcert is a subdomain enumeration tool, that finds all the valid subdomains from certificate transparency logs. Setup Step 1: Install Python 3 apt-get install python3-pip Step 2: Clone the Repository git clone https://github.com/A3h1nt/Subcert.git Step 3: Install Dependencies pip3 install -r requirements.txt Step 4: Move the Directory to /opt mv subcert /opt/ Step 5: Add an alias in .bashrc to run the script from anywhere alias subcert="python3...
Mole : A Framework For Identifying & Exploiting Out-Of-Band Application Vulnerabilities
Mole is a framework for identifying and exploiting out-of-band (OOB) vulnerabilities. Installation & Setup Mole Install Python >= 3.6 virtualenv -p /usr/bin/python3 venvsource venv/bin/activate./venv/bin/pip3 install -r requirements.txtgit submodule update --init --recursive Set an API key in config.yml (must be the same for the client and server) DNS Configuration You'll need to configure the DNS records in your registrar to point to your mole server. Minimally, you'll...
Invoke SocksProxy : Socks Proxy & Reverse Socks Server Using Powershell
Invoke SocksProxy is a tool that creates a local or "reverse" Socks proxy using powershell. The local proxy is a simple Socks 4/5 proxy. The reverse proxy creates a tcp tunnel by initiating outbond SSL connections that can go through the system's proxy. The tunnel can then be used as a socks proxy on the remote host to pivot into...
Reverse Shell Generator : Hosted Reverse Shell Generator With A Ton Of Functionality
Hosted Reverse Shell generator with a ton of functionality. Features Generate common listeners and reverse shellsRaw mode to cURL shells to your machine.Button to increment the listening port number by 1URI and Base64 encodingLocalStorage to persist your configurationDark and Light Modes Dev It's recommended to use the netlify dev command if you're wanting to modify any of the server functions, such as...
OffensivePipeline : Tool To Download, Compile & Obfuscate C# Tools For Red Team Exercises
OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises. It downloads the tool from the git repository, then compiles it with msbuild and finally obfuscates it with ConfuserEx. Examples List all tools: OffensivePipeline.exe list Build all tools: OffensivePipeline.exe all Build a tool OffensivePipeline.exe t toolName Add New Tools The scripts for downloading the tools are in the Tools folder...
Diceware Password Generator : Generate High Entropy Passwords
Diceware is a method used to generate cryptographically strong memorable passphrases. This is a python implementation of the diceware password generating algorithm. Inspired after watching this video. Note : This Program Do Not Store Passwords In Any Form And All The Passwords Are Generated Locally Inside You Device. How DPG Generate Passwords? Traditional Diceware uses rolls of physical dice, this application uses...
Darkdump : Search The Deep Web Straight From Your Terminal
Darkdump is a simple script written in Python3.9 in which it allows users to enter a search term (query) in the command line and darkdump will pull all the deep web sites relating to that query. Darkdump wraps up the darksearch.io API. Installation git clone https://github.com/josh0xA/darkdumpcd darkdumppython3 -m pip install -r requirements.txtpython3 darkdump.py --help Usage Example 1: python3 darkdump.py --query programmingExample 2: python3...
Rafel Rat : Android Rat Written In Java
Rafel is Remote Access Tool Used to Control Victims Using WebPanel With More Advance Features. Main Features Admin PermissionAdd App To White ListLooks Like BrowserRuns In Background Even App is Closed(May not work on some Devices)Accessibility FeatureSupport Android v5 - v10No Port Forwarding NeededAcquire WakelockFully Undetectable Prerequisites Android Studio OR ApkEasyTool Building Apk With Android Studio Open Project Lite_Browsercode in Android StudioPut the command.php link of server...
