Wotop : Web On Top Of Any Protocol
WOTOP is a tool meant to tunnel any sort of traffic over a standard HTTP channel. Useful for scenarios where there's a proxy filtering all traffic except standard HTTP(S) traffic. Unlike other tools which either require you to be behind a proxy which let's you pass arbitrary traffic (possibly after an initial CONNECT request), or tools which work only...
Firebase-Extractor : A Tool For Scraping Firebase Data
Firebase-Extrator is a tool written in python2, the purpose of this tool is to parse all the results from Bing search.Basically whenever a firebaseio URL is found for an app , User instead of searching for sensitive data by going manually through the search results can use this tool. This tool works by using the given Firebase URL as a...
Lulzbuster : A Very Fast & Smart Web Directory
Lulzbuster is a very fast and smart web directory and file enumeration tool written in C. Usage $ lulzbuster -HUsagelulzbuster -s |Target Options-s - start url to begin scan withHttp Options-h - http request type (default: GET) - ? to list types-x - exclude http status codes (default: 400,404,500,501,502,503multi codes separated by ',')-f - follow http redirects. hint: better try...
Impulse : Denial-of-service ToolKit
Impulse Denial-of-service ToolKit. Main Window Methods MethodTargetDescriptionSMS+PHONESMS & CALL FLOODNTPIP:PORTNTP amplification is a type of Distributed Denial of Service (DDoS) attack in which the attacker exploits publically-accessible Network Time Protocol (NTP) servers to overwhelm the targeted with User Datagram Protocol (UDP) traffic.SYNIP:PORTA SYN flood (half-open attack) is a type of denial-of-service (DDoS) attack which aims to make a server unavailable to legitimate...
NullScan : A Modular Framework Designed To Chain & Automate Security Tests
NullScan is a modular framework designed to chain and automate security tests. It parses target definitions from the command line and runs corresponding modules and their nullscan-tools afterwards. It can also take hosts and start nmap first in order to perform a basic portscan and run the modules afterwards. Also, nullscan can parse a given nmap logfile for open...
GithubFind3r : Fast Command Line Repo/User/Commit Search Tool
GithubFind3r is a very fast command line repo/user/commit search tool. Also Read - RS256-2-HS256 : JWT Attack To Change Algorithm RS256 to HS256 Installation git clone https://github.com/atmoner/githubFind3r.git cd githubFind3r npm install Run It node githubFind3r.js Download
httpgrep : Scans HTTP Servers To Find Given Strings In URIs
httpgrep is a python tool which scans for HTTP servers and finds given strings in HTTP body and HTTP response headers. $ httpgrep -H--== ==--Usagehttpgrep -h -s |Options-h < hosts|file> - single host or host-range/cidr-range or file containinghosts, e.g.: foobar.net, 192.168.0.1-192.168.0.254,192.168.0.0/24, /tmp/hosts.txt-p<port> - port to connect to (default: 80)-t - use TLS/SSL to connect to service-u<URI> - URI...
Adamantium-Thief : Decrypt Chromium Based Browsers Passwords & Credit Cards
Adamantium-Thief is a tool used to decrypt chromium based browsers passwords, cookies, credit cards, history, bookmarks amd support Version > 80 is supported. Examples Get passwords from browsers: Stealer.exe PASSWORDS Get credit cards from browsers: Stealer.exe CREDIT_CARDS Get history from browsers: Stealer.exe HISTORY Also Read - DNSProbe : Tool That Allows You To Perform Multiple DNS Queries Get bookmarks from browsers: Stealer.exe BOOKMARKS Get cookies from browsers: Stealer.exe COOKIES Browsers List Google...
LK_Scraper : An Fully Configurable LinkedIn Scrape
Lk_scraper is an fully configurable LinkedIn scrape : scrape anything within LinkedIn Installation $ pip install git+git://github.com/jqueguiner/lk_scraper Setup Using Docker compose $ docker-compose up -d $ docker-compose run lk_scraper python3 Using Docker only for selenium server First, you need to run a selenium server $ docker run -d -p 4444:4444 --shm-size 2g selenium/standalone-firefox:3.141.59-20200326 After running this command, from the browser navigate to your IP address followed by the...
Flux-Keylogger : Modern Javascript Keylogger With Web Panel
Flux-Keylogger is a modern Javascript keylogger with web panel. Web Panel Logging KeyloggerCookiesLocationRemote IPUser-Agents Installation Server Files Upload files from server directory to you serverChange default username, password in flux.phpGo to http://you.host/flux.phpClick buildNow inject script tag to other documents Download
