.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
Acunetix – Web Application Security Scanner
Acunetix is the pioneer in automated web application security software, has announced the release of Acunetix Version 13. The new release comes with an improved user interface and introduces innovations such as the SmartScan engine, malware detection functionality, comprehensive network scanning, proof-of-exploit, incremental scanning, and more. This release further strengthens the leading position of...
SEcraper : Search Engine Scraper Tool With BASH Script
SEcraper is a search engine scraper tool with BASH script. Dependency curl (cli) Available Search Engine Ask.comSearch.yahoo.comBing.com Also Read - PCFG Cracker : Probabilistic Context Free Grammar (PCFG) Password Guess Generator Installation git clone https://github.com/zerobyte-id/SEcraper.git cd SEcraper/ Run bash secraper.bash "QUERY" Download
Re2Pcap : Create PCAP file From Raw HTTP Request Or Response In Seconds
Re2Pcap is abbreviation for Request2Pcap and Response2Pcap. Community users can quickly create PCAP file using it and test them against Snort rules. It allow you to quickly create PCAP file for raw HTTP request shown below; POST /admin/tools/iplogging.cgi HTTP/1.1Host: 192.168.13.31:80User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0Accept: text/plain, /; q=0.01Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateReferer: http://192.168.13.31:80/admin/tools/iplogging.htmlContent-Type: application/x-www-form-urlencoded; charset=UTF-8X-Requested-With: XMLHttpRequestContent-Length: 63Cookie: token=1e9c07e135a15e40b3290c320245ca9aConnection: closetcpdumpParams=tcpdump...
TakeOver : Sub-Domain TakeOver Vulnerability Scanner
Sub-domain TakeOver vulnerability occur when a sub-domain (subdomain.example.com) is pointing to a service (e.g: GitHub, AWS/S3,..) that has been removed or deleted. This allows an attacker to set up a page on the service that was being used and point their page to that sub-domain. For example, if subdomain.example.com was pointing to a GitHub...
MISP – Dashboard For A Real Time Overview Of Threat Intelligence From MISP Instances
MISP is a dashboard showing live data and statistics from the ZMQ feeds of one or more MISP instances. The dashboard can be used as a real-time situational awareness tool to gather threat intelligence information. The misp-dashboard includes a gamification tool to show the contributions of each organization and how they are ranked over time. The dashboard...
Dufflebag : Search Exposed EBS Volumes For Secrets
Dufflebag is a tool that searches through public Elastic Block Storage (EBS) snapshots for secrets that may have been accidentally left in. You may be surprised by all the passwords and secrets just laying around! The tool is organized as an Elastic Beanstalk ("EB", not to be confused with EBS) application, and definitely won't work if you try to run...
Jaeles : The Swiss Army Knife For Automated Web Application Testing
Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner. Installation If you have a Go environment, make sure you have Go >= 1.13 with Go Modules enable and run the following command. GO111MODULE=on go get -u github.com/jaeles-project/jaeles Usage Example commands: - jaeles scan -u http://example.com- jaeles scan -s signatures/common/phpdebug.yaml -U /tmp/list_of_urls.txt- jaeles scan -v --passive...
GDA Android Reversing Tool
Here, a new Dalvik bytecode decompiler, GDA(this project started in 2013 and released its first version 1.0 in 2015 at www.gda.wiki:9090) , is proposed and implemented in C++ to provide more sophisticated, fast and convenient decompilation support. GDA is completely self-independent and very stable. It supports APK, DEX, ODEX, oat files, and run without installation...
Project Black : BugBounty Progress Control With Scanning Modules
Project Black is a scope control, scope scanner and progress tracker for easier working on a bug bounty or pentest project. The tools encourages more methodical work on pentest/bugbounty, tracking the progress and general scans information. It can launch masscannmapdirsearchamasspatator against the scope you work on and store the data in a handy form. Perform useful filtering of the project's data, for...
Qiling : Advanced Binary Emulation Framework
Qiling is an advanced binary emulation framework, with the following features: Cross platform: Windows, MacOS, Linux, BSDCross architecture: X86, X86_64, Arm, Arm64, MipsMultiple file formats: PE, MachO, ELFEmulate & sandbox machine code in a isolated environmentProvide high level API to setup & configure the sandboxFine-grain instrumentation: allow hooks at various levels (instruction/basic-block/memory-access/exception/syscall/IO/etc)Allow dynamic hotpatch on-the-fly running code, including the loaded...
.png "Authz0 : An Automated Authorization Test Tool")
