Spyeye : Script To Generate Win32 .exe File To Take Screenshots
SpyEye is a script to generate Win32 .exe file to take screenshots every ~10 seconds. Features Works on WAN: Port Forwarding by Serveo.netFully Undetectable (FUD) -> Don't Upload to virustotal.com! Usage git clone https://github.com/thelinuxchoice/spyeyecd spyeyebash install.shchmod +x spyeye./spyeye Disclaimer Usage of SpyEye for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws....
Words Scraper : Selenium Based Web Scraper To Generate Passwords List
Selenium based web scraper to generate passwords list. Installation $Download Firefox webdriver from https://github.com/mozilla/geckodriver/releases$ tar xzf geckodriver-v{VERSION-HERE}.tar.gz$ sudo mv geckodriver /usr/local/bin # Make sure it is in your PATH$ geckodriver --version # Make sure webdriver is properly installed$ git clone https://github.com/dariusztytko/words-scraper$ sudo pip3 install -r words-scraper/requirements.txt Use Cases Scraping words from the target's pages $ python3 words-scraper.py -o words.txt https://www.example.com https://blog.example.com Such generated words list...
JSshell – A JavaScript Reverse Shell For Exploiting XSS Remotely Or Finding Blind XSS
JSshell is a JavaScript reverse shell. This using for exploit XSS remotely, help to find blind XSS. This tool works for both Unix and Windows operating system and it can running with both Python 2 and Python 3. This is a big update of JShell - a tool to get a JavaScript shell with XSS by s0med3v. JSshell also doesn't...
Astsu : A Network Scanner Tool
Astsu is a network scanner tool, developed in Python 3 using scapy. How it works? Scan common ports : Send a TCP Syn packet to the destination on the defined port, if the port is open, use an nmap scan to check the service running on the port and prints all the ports found.Discover hosts in network : Uses as a...
How to Market Your IT Security Business or Consultancy
Managing an IT security business or consultancy is difficult enough on its own. Add in the necessity of marketing your skills and acquiring new clients, and half of your time is already eaten up long before you can ever get to any tickets you need to address from your existing clients. That is why you need to get your digital...
Recox : Master Script For Web Reconnaissance
The script aims to help in classifying vulnerabilities in web applications. The methodology RecoX is arising can spot weaknesses other than OWASP top ten. The script presents information against the target system. It gathers the information recursively over each subdomain, and IP address for a sophisticated attack. RecoX automates several functions and saves a significant amount of time that...
Jshole : A JavaScript Components Vulnerability Scanner
Jshole is a simple JavaScript components vulnrability scanner, based on RetireJS. Why use JShole instead of RetireJS? By default, RetireJS only searches one page, but JShole tries to crawl all pages. Requirements requests Install git clone https://github.com/callforpapers-source/jshole.gitcd jsholepip3 install -r requirementspython3 jshole.py usage: jshole -u URL optional arguments:-h, --help show this help message and exit-u URL, --url URL url string-d, --debug Web Scrap...
GitMonitor : A Github Scanning System To Look For Leaked Sensitive Information Based On Rules
GitMonitor is a Github scanning system to look for leaked sensitive information based on rules. I know that there are a lot of very good other tools for finding sensitive information leaked on Github right now, I myself currently still use some of them. However, I think they still lack some features like: A scanning tool based on the rules.The...
Ligolo : Reverse Tunneling Made Easy For Pentesters
Ligolo is a simple and lightweight tool for establishing SOCKS5 or TCP tunnels from a reverse connection in complete safety (TLS certificate with elliptical curve). It is comparable to Meterpreter with Autoroute + Socks4a, but more stable and faster. Use Case You compromised a Windows / Linux / Mac server during your external audit. This server is located inside a LAN network...
Eviloffice : Inject Macro & DDE Code Into Excel & Word Documents
Eviloffice is a tool used to inject macro and DDE code into Excel and Word documents (reverse shell). Features Inject malicious Macro on formats: docm, dotm, xlsm, xltmInject malicious DDE code on formats: doc, docx, dot, xls, xlsx, xlt, xltxPython2/Python3 CompatibleTested: Win10 (MS Office 14.0) Requirements Microsoft Office (Word/Excel)pywin32: python -m pip install -r requirements.txt Also Read - Guardedbox : Online Client-Side Manager For...
