H4Rpy : Automated WPA/WPA2 PSK Attack Tool
H4Rpy is an automated WPA/WPA2 PSK attack tool, wrapper of aircrack-ng framework. H4Rpy provides clean interface for automated cracking of WPA/WPA2 PSK networks. It enables monitor mode on selected wireless interface, scans the wireless space for access points, tries to capture WPA/WPA2 4-way handshake for the acess point, and starts a dictionary attack on the handshake. It is also...
SNIcat : Server Name Indication Concatenator
SNIcat is a proof of concept tool that performs data exfiltration, utilizing a covert channel method via. Server Name Indication, a TLS Client Hello Extension. The tool consists of an agent which resides on the compromised internal host, and a Command&Control Server which controls the agent and gathers exfiltrated data. Background & Scenario We discovered a new stealthy method of data...
Geo-Recon : An OSINT CLI Tool Desgined To Fast Track IP Reputation
Geo-Recon is an OSINT CLI tool designed to fast track IP Reputation and Geo-locaton look up for Security Analysts. Setup This tool is compactible with: Any Linux Operating System (Debian, Ubuntu, CentOS)Termux Linux Setup git clone https://github.com/radioactivetobi/geo-recon.git cd geo-recon chmod +x geo-recon.py pip install -r requirements.txt Termux Setup git clone https://github.com/radioactivetobi/geo-recon.git cd geo-recon chmod +x geo-recon.py pip install -r requirements.txt Sample Syntax Linux root@kali:~/geo-recon# python geo-recon.py 138.121.128.19{*}Running Geo-location...
Spacesiren : A Honey Token Manager & Alert System For AWS
SpaceSiren is a honey token manager and alert system for AWS. With this fully serverless application, you can create and manage honey tokens at scale -- up to 10,000 per SpaceSiren instance -- at close to no cost.1 How It Works? SpaceSiren provides an API to create no-permission AWS IAM users and access keys for those users.You sprinkle the access keys...
Why getting app downloads from many sources is important?
There are many different ways of getting app downloads. CPA networks and display ads will provide you immediate traffic. But such marketing strategies also have drawbacks. One of them is that you stop getting app downloads when your promotion budget finishes. That is why it is so important to raise the app at market search. In this case, even...
What is Sales CRM Software and How Does it Benefit SMBs?
A Sales CRM software is what your business may need more desperately than you know! While there are many benefits of sales CRM, there are also a number of ways in which it must be implemented properly so that you can actually reap those amazing benefits. Before we get into the benefits, let us understand what a Sales CRM...
KillChain : A Unified Console To Perform The “Kill Chain” Stages Of Attacks
Kill Chain is a unified console with an anonymize that will perform these stages of attacks: ReconnaissanceWeaponizationDeliveryExploitInstallationCommand & ControlAnd Actions Dependent Tool Sets Tor -- For the console build-in anonymizer.Set -- Social-Engineer Toolkit (SET), attacks against humans.OpenVas -- Vulnerability scanning and vulnerability management.Veil-Evasion -- Generate metasploit payloads bypass anti-virus.Websploit -- WebSploit Advanced MITM Framework.Metasploit -- Executing exploit code against target.WiFite -- Automated...
Mihari : A Helper To Run OSINT Queries & Manage Results Continuously
Mihari is a helper to run queries & manage results continuously. Mihari can be used for C2, landing page and phishing hunting. How It Works? Mihari makes a query against Shodan, Censys, VirusTotal, SecurityTrails, etc. and extracts artifacts (IP addresses, domains, URLs and hashes) from the results.Mihari checks whether a DB (SQLite3 or PostgreSQL) contains the artifacts or not.If it doesn't...
Osintgram – A OSINT Tool On Instagram
Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname. You can get: - addrs Get all registered addressed by target photos - captions Get user's photos captions -...
Parth : Heuristic Vulnerable Parameter Scanner
Some HTTP parameter names are more commonly associated with one functionality than the others. For example, the parameter ?url= usually contains URLs as the value and hence often falls victim to file inclusion, open redirect and SSRF attacks. Parth can go through your burp history, a list of URLs or it's own disocovered URLs to find such parameter names...
