.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
FuzzBench : Fuzzer Benchmarking As A Service
FuzzBench is a free service that evaluates fuzzers on a wide variety of real-world benchmarks, at Google scale. The goal of FuzzBench is to make it painless to rigorously evaluate fuzzing research and make fuzzing research easier for the community to adopt. We invite members of the research community to contribute their fuzzers and give us feedback on improving...
SSRF Sheriff : Server Side Request Forgery
SSRF Sheriff is an SSRF testing sheriff written in Go. It was originally created for the Uber H1-4420 2019 London Live Hacking Event, but it is now being open-sourced for other organizations to implement and contribute back to. Features Repsond to any HTTP method (GET, POST, PUT, DELETE, etc.)Configurable secret token (see base.example.yaml)Content-specific responses With secret token in response body...
Evil SSDP : Create Fake UPnP Devices To Phish For Credentials
Evil SSDP responds to SSDP multicast discover requests, posing as a generic UPNP device. Your spoofed device will magically appear in Windows Explorer on machines in your local network. Users who are tempted to open the device are shown a configurable phishing page. This page can load a hidden image over SMB, allowing you to...
Proton : Windows Post-Exploitation Framework Similar
Proton Framework is a Windows post-exploitation framework similar to other penetration testing frameworks. The major difference is that it does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10. Installation cd protonchmod +x...
NTLMRecon : Tool To Enumerate Information From NTLM Authentication Enabled Web Endpoints
NTLMRecon is built with flexibilty in mind. A fast and flexible NTLM reconnaissance tool without external dependencies. Useful to find out information about NTLM endpoints when working with a large set of potential IP addresses and domains. Need to run recon on a single URL, an IP address, an entire CIDR range or combination of all...
HoneyBot : Capture, Upload & Analyze Network Traffic
HoneyBot is a set of scripts and libraries for capturing and analyzing packet captures with PacketTotal.com. Currently this library provides three scripts: capture-and-analyze.py - Capture on an interface for some period of time, and upload capture for analysis.upload-and-analyze.py - Upload and analyze multiple packet captures to PacketTotal.com.trigger-and-analyze.py - Listen for unknown connections, and begin capturing when one is made. Captures...
HTTP Asynchronous Reverse Shell
Http asynchronous reverse shell is a tool used for asynchronous reverse shell using the HTTP protocol. Why ? Today there are many ways to create a reverse shell in order to be able to remotely control a machine through a firewall. Indeed, outgoing connections are not always filtered. However security software and hardware (IPS, IDS, Proxy, AV, EDR...) are more and...
Entropy : Set Of Tools To Exploit Netwave & GoAhead IP Webcams
Entropy Toolkit is a set of tools to exploit Netwave and GoAhead IP Webcams. Entropy is a powerful toolkit for webcams penetration testing. Installation cd entropychmod +x install.sh./install.sh UN-Installation cd entropychmod +x uninstall.sh./uninstall.sh Also Read - WiFi Passview : An Open Source Batch Script Based WiFi Passview For Windows Execution entropy -h usage: entropy ] ...
SharpRDP : RDP Application For Authenticated Command Execution
SharpRDP is a Remote Desktop Protocol Console Application for Authenticated Command Execution. Building To compile open the project in Visual Studio and build for release. Two DLLs will be output to the Release directory, you do not need those because the DLLs are in the assembly. If you do not want to use the provided DLLs you will need...
Ghost : Android Debug Bridge To Remotely Access An Android Device
Ghost Framework is an Android post-exploitation framework that uses an Android Debug Bridge to remotely access an Android device. It Framework gives you the power and convenience of remote Android device administration. Installation cd ghostchmod +x install.sh./install.sh Un-installation cd ghostchmod +x uninstall.sh./uninstall.sh Execution To execute the Framework you should execute the following command. ghost Also Read - BadBlood : Microsoft Active Directory Domain...
