Netenum : Network Reconnaisance Tool That Sniffs For Active Hosts
Netenum passively monitors the ARP traffic on the network. It extracts basic data about each active host, such as IP address, MAC address and manufacturer. The main objective of this tool is to find active machines without generating too much noise. Features Provides basic information about the network, such as ESSID and current signal strength.Found hosts can be written to a...
DLInjector-GUI : Faster DLL Injector for Processes
DLInjector for Graphical User Interface. Faster DLL Injector for processes. It targets the process name to identify the target. The process does not need to be open to define the target. DLInjector waits until the process executed. USAGE Its usage a very simple. Firstly, enter the target process name with exe (chrome.exe, explorer.exe). And enter the to be injected DLL path (C:malwDll.dll). Example Injection...
Cnitch : Container Snitch Checks Running Processes Under The Docker Engine
Cnitch (snitch or container snitch) is a simple framework and command line tool for monitoring Docker containers to identify any processes which are running as root. Why is this a bad thing? If you have not already been to can I haz non-privileged containers? by mhausenblas then I recommend you head over there now to get all the info. When I...
Mistica : Swiss Army Knife For Arbitrary Communication Over Application Protocols
Mistica is a tool that allows to embed data into application layer protocol fields, with the goal of establishing a bi-directional channel for arbitrary communications. Currently, encapsulation into HTTP, DNS and ICMP protocols has been implemented, but more protocols are expected to be introduced in the near future. It has a modular design, built around a custom transport protocol, called...
DeimosC2 : A Golang Command & Control Framework For Post-Exploitation
DeimosC2 is a post-exploitation Command & Control (C2) tool that leverages multiple communication methods in order to control machines that have been compromised. DeimosC2 server and agents works on, and has been tested on, Windows, Darwin, and Linux. It is entirely written in Golang with a front end written in Vue.js. Listener Features Each listener has it's own RSA Pub and...
EternalBlueC : Tool For EternalBlue Vulnerability Detector, DoublePulsar Detector & DoublePulsar Shellcode & DLL Uploader
EternalBlueC suite remade in C which includes: MS17-010 Exploit, EternalBlue/MS17-010 vulnerability detector, DoublePulsar detector and DoublePulsar UploadDLL & Shellcode ms17_vuln_status.cpp - This program sends 4 SMB packets. 1 negociation packet and 3 requests. This program reads the NT_STATUS response from a TransNamedPipeRequest ( PeekNamedPipe request ) and determines if NT_STATUS = 0xC0000205 ( STATUS_INSUFF_SERVER_RESOURCES ). If this is the...
Kubei : A Flexible Kubernetes Runtime Scanner
Kubei is a vulnerabilities scanning tool that allows users to get an accurate and immediate risk assessment of their kubernetes clusters. Kubei scans all images that are being used in a Kubernetes cluster, including images of application pods and system pods. It doesn’t scan the entire image registries and doesn’t require preliminary integration with CI/CD pipelines. It is a configurable...
7 Best Apps to Hack Girlfriend’s Phone to View Text Messages
Ever got a gut feeling that your girl is seeing someone else behind your back or cheating on you? That can be very disheartening. But! If you want to make sure of this “gut feeling”- you will need some help. And we are not talking about any overpaid detective or secretive stalking; we are talking about becoming a spy. Yes,...
DazzleUP : A Tool That Detects The Privilege Escalation Vulnerabilities
DazzleUP is a tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating systems. dazzleUP detects the following vulnerabilities. Exploit Checks The first feature of dazzleUP is that it uses Windows Update Agent API instead of WMI (like others) when finding missing patches. dazzleUP checks the following vulnerabilities. DCOM/NTLM Reflection (Rotten/Juicy Potato) VulnerabilityCVE-2019-0836CVE-2019-0841CVE-2019-1064CVE-2019-1130CVE-2019-1253CVE-2019-1385CVE-2019-1388CVE-2019-1405CVE-2019-1315CVE-2020-0787CVE-2020-0796 dazzleUP do exploit...
uDork : Tool That Uses Advanced Google Search Techniques
uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on. It does NOT make attacks against any server, it only uses predefined dorks and/or official lists from exploit-db.com (Google Hacking Database: https://www.exploit-db.com/google-hacking-database). Download & Install $ git clone https://github.com/m3n0sd0n4ld/uDork...
