.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
Subfinder : A Subdomain Discovery Tool To Find Valid Websites Subdomains
Subfinder is a subdomain discovery tool that discovers valid subdomains for websites by using passive online sources. It has a simple modular architecture and is optimized for speed. It is built for doing one thing only - passive subdomain enumeration, and it does that very well. We have designed it to comply with all passive sources...
IoTGoat : A Deliberately Insecure Firmware Based On OpenWrt
The IoTGoat Project is a deliberately insecure firmware based on OpenWrt. The project’s goal is to teach users about the most common vulnerabilities typically found in IoT devices. The vulnerabilities will be based on the IoT Top 10 as documented by OWASP: https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project. To get started with developing IoTGoat challenges, review the Build Environment Guidance page....
Polyshell : A Bash/Batch/PowerShell Polyglot
PolyShell is a script that's simultaneously valid in Bash, Windows Batch, and PowerShell. This makes PolyShell a useful template for penetration testing as it can be executed on most systems without the need for target-specific payloads. It is also specifically designed to be deliverable via input injection using a USB Rubby Ducky, MalDuino, or similar...
Extended SSRF Search : Smart SSRF Scanner Using Different Methods
This tool search for SSRF using predefined settings in different parts of a request (path, host, headers, post and get parameters). Rename example.app-settings.conf to app-settings.conf and adjust settings. The most important setting is the callback url. I recommend to use burp collaborator. Then you can add your urls to config/url-to-test.txt. Here the script accepts domains...
Mouse : iOS & macOS Post-Exploitation Framework
Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse Payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more. Getting...
MultiJuicer : Run Capture Flags & Security Trainings With OWASP Juice Shop
MultiJuicer is a tool used to run capture the flags and security trainings with OWASP juice shop . Running CTFs and Security Trainings with OWASP Juice Shop is usually quite tricky, Juice Shop just isn't intended to be used by multiple users at a time. Instructing everybody how to start Juice Shop on their own machine works ok, but...
Progress Burp : Burp Suite Extension To Track Vulnerability Assessment Progress
Progress Burp Suite extension to track vulnerability assessment progress. Features Capture items (unique requests) from the Burp Suite tools (Proxy, Repeater, Target). Request unique key is defined as follows: target (host, port, protocol), path and method. Items have following editable properties: commentstatus (Blocked, Done, Ignored, In progress, New, Postponed)tags Items can be filtered by: statustags (there are...
SSF : Secure Socket Funneling Network Tool
Secure Socket Funneling (SSF) is a network tool and toolkit. It provides simple and efficient ways to forward data from multiple sockets (TCP or UDP) through a single secure TLS tunnel to a remote computer. It is cross platform (Windows, Linux, OSX) and comes as standalone executables. Features Local and remote TCP port forwardingLocal and remote UDP port forwardingLocal and...
ABD : Course Materials For Advanced Binary Deobfuscation
ABD is the course materials for Advanced Binary Deobfuscation by NTT Secure Platform Laboratories Advanced Binary Deobfuscation This repository contains the course materials of Advanced Binary Deobfuscation at the Global Cybersecurity Camp (GCC) Tokyo in 2020. Course Abstract Reverse engineering is not easy, especially if a binary code is obfuscated. Once obfuscation performed, the binary would not be analyzed accurately with naive techniques alone. In...
Learn How to Run Linux on Mac Computers With This Guide
Some people perceive Linux as an underdog in an OS realm dominated by Windows and Apple. Yet, there’s no shortage of ways access to Linux can come in useful. Coders and casual users alike swear by it and for good reasons too. It’s a highly versatile, configurable, and powerful platform. Yes, from a hardware perspective, Mac fires on all cylinders. It’s such a nice blend of...
