MapCIDR : Small Utility Program To Perform Multiple Operations For A Given sub-net/CIDR Ranges
MapCIDR is a small utility program to perform multiple operations for a given subnet/CIDR ranges. The tool was developed to ease load distribution for mass scanning operations, it can be used both as a library and as independent CLI tool. Features Simple and modular code base making it easy to contribute.CIDR distribution for distributed scanning.Stdin and stdout support for integrating in workflows Installation From...
Lil PWNY : Auditing Active Directory Passwords Using Multiprocessing In Python
Lil Pwny is a Python application to perform an offline audit of NTLM hashes of users' passwords, recovered from Active Directory, against known compromised passwords from Have I Been Pwned. The usernames of any accounts matching HIBP will be returned in a .txt file There are also additional features: Ability to provide a list of your own passwords to check AD...
Polypyus : Locate Functions In Raw Binaries By Extracting Known Functions
Polypyus learns to locate functions in raw binaries by extracting known functions from similar binaries. Thus, it is a firmware historian. Polypyus works without disassembling these binaries, which is an advantage for binaries that are complex to disassemble and where common tools miss functions. In addition, the binary-only approach makes it very fast and run within a few seconds....
Cooolis-MS : A Server That Supports The Metasploit Framework RPC
Cooolis-ms is a server that supports Metasploit Framework RPC. It is used to work for Shellcode and PE loader, bypassing the static detection of anti-virus software to a certain extent, and allows the Cooolis-ms server to perform with the Metasploit server separate. Loader execution process: connect to Cooolis-ServerCooolis-Server connects to Metasploit RPC serverretrieve the payload and send it back to the...
PwnedPasswordsChecker : Tool To Check Hash Of Password
PwnedPasswordsChecker is a tool that checks if the hash of a known password (in SHA1 or NTLM format) is present in the list of I Have Been Pwned leaks and the number of occurrences. You can download the hash-coded version for SHA1 here or the hash-coded version for NTLM here Once the list is downloaded it is then necessary to convert...
Wacker : A WPA3 Dictionary Cracker
Wacker is a set of scripts to help perform an online dictionary attack against a WPA3 access point. Wacker leverages the wpa_supplicant control interface to control the operations of the supplicant daemon and to get status information and event notifications ultimately helping speedup connection attempts during brute force attempts. Find a WPA3 AP to use If you already have a WPA3...
SharpSecDump : .Net Port Of The Remote SAM + LSA Secrets Dumping
SharpSecDump is a .Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py. By default runs in the context of the current user. Please only use in environments you own or have permission to test against. Usage SharpSecDump.exe -target=192.168.1.15 -u=admin -p=Password123 -d=test.local Required Flags -target - Comma seperated list of IP's / hostnames to scan. Please don't include spaces...
Velociraptor : Endpoint Visibility and Collection Tool
Velociraptor is a tool for collecting host based state information using Velocidex Query Language (VQL) queries. To learn more about Velociraptor, read the documentation on: https://www.velocidex.com/docs/ Quick Start If you want to see what Velociraptor is all about simply: Download the binary from the release page for your favorite platform (Windows/Linux/MacOS).Start the GUI $ velociraptor gui This will bring up the GUI, Frontend...
Go-Dork : The Fastest Dork Scanner Written In Go
Go-Dork is the fastest dork scanner written in Go. Install Download a prebuilt binary from releases page, unpack and run! orIf you have go compiler installed and configured: > GO111MODULE=on go get -v github.com/dwisiswant0/go-dork/... Usage Basic Usage Simply, go-dork can be run with: > go-dork -q "inurl:'...'" Flags > go-dork -h This will display help for the tool. Here are all the switches it supports. FlagDescription-q/--querySearch query (required)-e/--engineProvide search engine...
PwnXSS : Vulnerability XSS Scanner Exploit
PwnXSS is a powerful XSS scanner made in python 3.7. Installing Requirements: BeautifulSoup4 pip install bs4 requests pip install requests python 3.7 Commands: git clone https://github.com/pwn0sec/PwnXSS chmod 755 -R PwnXSS cd PwnXSS python3 pwnxss.py --help Usage Basic usage: python3 pwnxss.py -u http://testphp.vulnweb.com Advanced usage: python3 pwnxss.py --help Main Features crawling all links on a website ( crawler engine )POST and GET forms are supportedmany settings that can be customizedAdvanced error handlingMultiprocessing support.✔️ETC.... Screenshot Download
