Cooolis-MS : A Server That Supports The Metasploit Framework RPC
Cooolis-ms is a server that supports Metasploit Framework RPC. It is used to work for Shellcode and PE loader, bypassing the static detection of anti-virus software to a certain extent, and allows the Cooolis-ms server to perform with the Metasploit server separate. Loader execution process: connect to Cooolis-ServerCooolis-Server connects to Metasploit RPC serverretrieve the payload and send it back to the...
PwnedPasswordsChecker : Tool To Check Hash Of Password
PwnedPasswordsChecker is a tool that checks if the hash of a known password (in SHA1 or NTLM format) is present in the list of I Have Been Pwned leaks and the number of occurrences. You can download the hash-coded version for SHA1 here or the hash-coded version for NTLM here Once the list is downloaded it is then necessary to convert...
Wacker : A WPA3 Dictionary Cracker
Wacker is a set of scripts to help perform an online dictionary attack against a WPA3 access point. Wacker leverages the wpa_supplicant control interface to control the operations of the supplicant daemon and to get status information and event notifications ultimately helping speedup connection attempts during brute force attempts. Find a WPA3 AP to use If you already have a WPA3...
SharpSecDump : .Net Port Of The Remote SAM + LSA Secrets Dumping
SharpSecDump is a .Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py. By default runs in the context of the current user. Please only use in environments you own or have permission to test against. Usage SharpSecDump.exe -target=192.168.1.15 -u=admin -p=Password123 -d=test.local Required Flags -target - Comma seperated list of IP's / hostnames to scan. Please don't include spaces...
Velociraptor : Endpoint Visibility and Collection Tool
Velociraptor is a tool for collecting host based state information using Velocidex Query Language (VQL) queries. To learn more about Velociraptor, read the documentation on: https://www.velocidex.com/docs/ Quick Start If you want to see what Velociraptor is all about simply: Download the binary from the release page for your favorite platform (Windows/Linux/MacOS).Start the GUI $ velociraptor gui This will bring up the GUI, Frontend...
Go-Dork : The Fastest Dork Scanner Written In Go
Go-Dork is the fastest dork scanner written in Go. Install Download a prebuilt binary from releases page, unpack and run! orIf you have go compiler installed and configured: > GO111MODULE=on go get -v github.com/dwisiswant0/go-dork/... Usage Basic Usage Simply, go-dork can be run with: > go-dork -q "inurl:'...'" Flags > go-dork -h This will display help for the tool. Here are all the switches it supports. FlagDescription-q/--querySearch query (required)-e/--engineProvide search engine...
PwnXSS : Vulnerability XSS Scanner Exploit
PwnXSS is a powerful XSS scanner made in python 3.7. Installing Requirements: BeautifulSoup4 pip install bs4 requests pip install requests python 3.7 Commands: git clone https://github.com/pwn0sec/PwnXSS chmod 755 -R PwnXSS cd PwnXSS python3 pwnxss.py --help Usage Basic usage: python3 pwnxss.py -u http://testphp.vulnweb.com Advanced usage: python3 pwnxss.py --help Main Features crawling all links on a website ( crawler engine )POST and GET forms are supportedmany settings that can be customizedAdvanced error handlingMultiprocessing support.✔️ETC.... Screenshot Download
PSMDATP : PowerShell Module For Managing Microsoft Defender Advanced Threat Protection
Welcome to the Microsoft Defender Advanced Threat Protection PowerShell module: PSMDATP This module is a collection of easy-to-use cmdlets and functions designed to make it easy to interface with the Microsoft Defender Advanced Threat Protection API. Motivation I created this PowerShell module for MDATP for the following reasons: Advance my PowerShell skillsProvide an easy way to interact with MDATP through PowerShell because I...
Using Bulk Scripting With remote.it
If you’re managing a fleet of devices (endpoints), you run into the challenge of managing and updating those devices without exposing your endpoints to attacks from hackers. You can create secure connections to your devices or even a secure virtual private internet of private connections using remote.it, but it can still be tedious to update hundreds or thousands of...
Sitrep : Extensible, Configurable Host Triage
SitRep is intended to provide a lightweight, extensible host triage alternative. Checks are loaded dynamically at runtime from stand-alone files. This allows operators to quickly modify existing checks, or add new checks as required. Checks are grouped by category and can be marked as OpSec safe/unsafe. unsafe checks are only loaded if the /AllowUnsafe flag is provided. Interesting results are highlighted...
