.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
DDoor : Cross Platform Backdoor Using DNS txt Records
DDoor is a cross platform backdoor using dns txt records. It is a cross platform light weight backdoor that uses txt records to execute commands on infected machines. Features Allows a single txt record to have seperate commands for both linux and windows machinesList of around 10 public DNS servers that it randomly chooses fromUnpredictable call back timesEncrypts txt record using...
WinPwn : Automation for Internal Windows Penetrationtest / AD-Security
WinPwn is a automation for internal Windows Penetrationtest / AD-Security. In many past internal penetration tests I often had problems with the existing Powershell Recon / Exploitation scripts due to missing proxy support. I often ran the same scripts one after the other to get information about the current system and/or the domain. To automate as many internal penetrationtest...
Andor : Blind SQL Injection Tool With Golang
Andor is a blind SQL Injection Tool with Golang. Also Read - Jaeles : The Swiss Army Knife For Automated Web Application Testing Usage Download andor.go and go to the folder where the file where the download file is located. And type this to command promt: go run andor.go --url "http://deneme.com/index.php?id=1" ** Note: Get parameter value must be correct, otherwise it will not...
Seeker V1.1.9 – Accurately Locate Smartphones Using Social Engineering
Seeker is simple, just like we host phishing pages to get credentials why not host a fake page that requests your location like many popular location based websites. It Hosts a fake website on In Built PHP Server and uses Serveo to generate a link which we will forward to the target, website asks for Location...
Vulnx : Intelligent Bot Auto Shell Injector That Detect Vulnerabilities In Multiple Types Of CMS
Vulnx is An Intelligent Bot Auto Shell Injector that detect vulnerabilities in multiple types of CMS, fast cms detection,information gathering and vulnerabilities Scanning of the target like subdomains, IP addresses, country, org, timezone, region, ans and more. Instead of injecting each and every shell manually like all the other tools do, it analyses the target website checking...
Jaeles : The Swiss Army Knife For Automated Web Application Testing
Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner. Installation go get -u github.com/jaeles-project/jaeles USAGE Modes;- Scan Mode- Fuzz Mode Jaeles - The Swiss Army knife for automated Web Application Testing beta v0.1 by @j3ssiejjj>>Usage:jaeles >> Available Commands:config Configuration CLIhelp ...
RFI/LFI : Local/Remote File Inclusion
Let us take a look at the RFI/LFI payload list. As with many exploits, remote and local file inclusions are only a problem at the end of the encoding. Of course it takes a second person to have it. Now this article will hopefully give you an idea of protecting your website and most importantly your code from a...
Rainbow Crackalack : Rainbow Table Generation & Lookup Tools
Rainbow Crackalack project produces open-source code to generate rainbow tables as well as use them to look up password hashes. While the current release only supports NTLM, future releases aim to support MD5, SHA-1, SHA-256, and possibly more. Both Linux and Windows are supported! Rainbow tables went out of style a few years ago when GPU-accelerated password cracking...
Brave Browser – Secure, Fast & Private Web Browser with Adblocker
The Brave Browser is your fast, safe private web browser with ad blocker, private tabs and pop-up blocker. Browse without being tracked by advertisers, malware and pop-ups. Fast & Secure Web BrowserNo external plugins or settings! Brave privacy browser simply provides the most secure, lightning fast web browser for Android. Enjoy browsing without popups (pop up blocker), ads, malware and...
Asset Discover : Burp Suite Extension to Discover Assets From HTTP Response
Asset Discover is a tool for burp suite extension to discover assets from HTTP response using passive scanning. The outcome of any security assessment program, be it vulnerability assessment, penetration test or red team is limited by it’s scope. We cannot remediate the risks associated with a particular resource, which is not part of the scope of the assessment,...
.webp "SharpExclusionFinder – Streamlining Windows Defender Exclusion Checks With Advanced Scanning Capabilities")
