CatchYou : FUD Win32 Msfvenom Payload Generator
CatchYou is a tool used for FUD win32 msfvenom payload generator(meterpreter/shell reverse tcp). Features Fully Undetectable Win32 MSFVenom Payload (meterpreter/shell reverse tcp)Port Forwarding using ngrokTested: Win7/Win10 Requirements Metasploit/MSFVenommingw-w64: apt-get install mingw-w64Forwarding requirements:Ngrok Authtoken (for TCP Tunneling): Sign up at: https://ngrok.com/signupYour authtoken is available on your dashboard: https://dashboard.ngrok.comInstall your auhtoken: ./ngrok authtoken <YOUR_AUTHTOKEN> Also Read - HiveJack : Internal Penetration Testing To Dump Windows Credentials Disclaimer Usage...
PayloadsAllTheThings : A List Of Useful Payloads & Bypass
PayloadsAllTheThings is a list of useful payloads and bypass for Web Application Security and Pentest/CTF. Every section contains the following files, you can use the _template_vuln folder to create a new chapter: README.md - vulnerability description and how to exploit itIntruder - a set of files to give to Burp IntruderImages - pictures for the README.mdFiles - some files referenced in...
Kali Linux 2020.2 Release – Penetration Testing and Ethical Hacking Linux Distribution
Given the world's chaos, we're excited to bring you an amazing Kali Linux 2020.2 update! And it's available for download straight away. A quick overview of what’s new since January: KDE Plasma Makeover & LoginPowerShell by Default. Kind of.Kali on ARM ImprovementsLessons From The Installer ChangesNew Key Packages & IconsBehind the Scenes, Infrastructure Improvements KDE Plasma Makeover & Login With XFCE and GNOME...
Exegol : A Kali Light Base With Few Useful Additional Tools
Exegol is a fully configured kali light base with a few useful additional tools (~50), a few useful resources (scripts and binaries for privesc, credential theft etc.) and some configuration (oh-my-zsh, history, aliases, colourized output for some tools). It can be used in pentest engagements and BugBounty. Exegol's original fate was to be a ready-to-hack docker in case of...
GDBFrontend : Easy, Flexible & Extensionable GUI Debugger
GDBFrontend is an easy, flexible and extensionable gui debugger. Installing Deb Package (Debian / Ubuntu / KDE Neon) You can install GDBFrontend via deb package for Debian-based distributions. You can install it from following commands: echo "deb https://oguzhaneroglu.com/deb/ ./" | sudo tee -a /etc/apt/sources.list > /dev/null sudo apt update sudo apt install gdbfrontend After installing with APT, you will get updates for new releases...
Shellerator : CLI Tool For The Generation Of Bind & Reverse Shell
Shellerator is a simple command-line tool aimed to help pentesters quickly generate one-liner reverse/bind shells in multiple languages (Bash, Powershell, Java, Python...). This project is inspired by Print-My-Shell. I just rewrote it and added some options and glitter to it. The lists of reverse and bind shells are not perfect yet. I'll work on this when I have the...
Powerob : An On-The-Fly Powershell Script Obfuscator
Powerob is an on-the-fly Powershell script obfuscator meant for red team engagements. Built out of necessity. Installation git clone https://github.com/cwolff411/powerob Usage python3 powerob.py obfuscate originalfile.ps1 obfuscatedfile.ps1 Takes an INPUTFILE obfuscates it and dumps the obfuscated version into OUTPUTFILE. python3 powerob.py list Also Read - Ossem Power Up : Tool To Assess Data Quality Lists all of the currently obfuscated files along with their commands and associated obfuscated...
PowerSploit : A PowerShell Post-Exploitation Framework
PowerSploit is a collection of Microsoft PowerShell modules that can be used to aid penetration testers during all phases of an assessment. PowerSploit is comprised of the following modules and scripts: CodeExecution Execute code on a target machine. Invoke-DllInjectionInjects a Dll into the process ID of your choosing.Invoke-ReflectivePEInjectionReflectively loads a Windows PE file (DLL/EXE) in to the powershell process, or reflectively injects...
HiveJack : Internal Penetration Testing To Dump Windows Credentials
HiveJack is a tool that can be used during internal penetration testing to dump Windows credentials from an already-compromised host. It allows one to dump SYSTEM, SECURITY and SAM registry hives and once copied to the attacker machines provides an option to delete these files to clear the trace. Often, this is a repetitive process, once an attacker gets system-level...
Nexphisher : Advanced Phishing Tool For Linux & Termux
NexPhisher is an automated Phishing tool made for Termux & Linux .The phishing Pages are Taken from Zphisher under GNU General Public License v3.0 . This tool has 37 Phishing Page Templates of 30 Websites.There are 5 Port Forwarding Options including Localhost !! Installation apt updateapt install git -ygit clone https://github.com/htr-tech/nexphishercd nexphisherbash setup Run bash nexphisher Or ; Use Single Command apt update &&...
