pwndrop : Self-Deployable File Hosting Service
pwndrop is a self-deployable file hosting service for sending out red teaming payloads or securely sharing your private files over HTTP and WebDAV. If you've ever needed to quickly set up an nginx/apache web server to host your files and you were never happy with the limitations of python -m SimpleHTTPServer, pwndrop is definitely for you! With pwndrop you can: Upload and...
How to Install Metasploitable3 on Windows 10
A good home lab is indispensable for an ethical hacker to practice his/her craft without causing grief to others. A budding Pen tester has to practice on varied targets to gain wider experience. This article will give you step by step instructions for the installation of Metasploitable3 on Windows 10. The installation process may take at least a couple...
goBox : GO Sandbox To Run Untrusted Code
goBox uses Ptrace to hook into READ syscalls, giving you the option to accept or deny syscalls before they are executed. GO sandbox to run untrusted code. Usage Usage of ./gobox: gobox commandFlags:-h Print Usage.-n valueA glob pattern for automatically blocking file reads.-y valueA glob pattern for automatically allowing file reads. Also Read - https://kalilinuxtutorials.com/dnsprobe/ Use cases You want...
RS256-2-HS256 : JWT Attack To Change Algorithm RS256 to HS256
RS256-2-HS256 is a JWT Attack to change the algorithm RS256 to HS256. Usage Usage: RS256_2_HS256_JWT.py payload pubkeyPositional Arguments: payload JSON payload from JWT to attack pubkey Public key file to use for signingOptional Arguments:-h, --help show this help message and exit Also Read - Burp-Exporter : Request To Clipboard With Multiple Programming Languages Functions Example Download
PEASS – Privilege Escalation Awesome Scripts SUITE
Here you will find PEASS privilege escalation tools for Windows and Linux/Unix* (in some near future also for Mac). These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so you can recognize the misconfigurations easily. Check the Local Windows Privilege Escalation checklist from book.hacktricks.xyzWinPEAS - Windows local Privilege...
DNSProbe : Tool That Allows You To Perform Multiple DNS Queries
DNSProbe is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers. Simple and Handy utility to query DNS records. Usage dnsprobe -h Also Read - CrauEmu : uEmu Extension For Developing & Analyzing Payloads For Code-Reuse Attacks This will display help for the tool. Here are all the...
Crescendo : Real Time Event Viewer For MacOS
Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple's Endpoint Security Framework. Apple has introduced some new security mechanisms that we need to enable to get Crescendo running. Ensure that you have moved the app to your /Applications director or the system extension will fail to load.For the first run you will be prompted to...
Burp-Exporter : Request To Clipboard With Multiple Programming Languages Functions
Burp-Exporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions. You can export as:cURLWgetPython RequestPerl LWPPHP HTTP_Request2Go NativeNodeJS RequestjQuery AJAXPowerShell Also Read - Ps-Tools : An Advanced Process Monitoring Toolkit For Offensive Operations Requirements Jython >= 2.7.1 Burp Suite import In Burp Suite, under the Extender/Extensions tab, click on the Add button, select Extension type Python...
CrauEmu : uEmu Extension For Developing & Analyzing Payloads For Code-Reuse Attacks
crauEmu is an uEmu extension for developing and analyzing payloads for code-reuse attacks. Installation Put the file crauEmu.py in same location as uEmu.py.Use File / Script fileā¦ or ALT+F7 in IDA to load crauEmu.py Also Read - Eavesarp : Analyze ARP Requests To Identify Intercommunicating Hosts RopEditor Slides from ZeroNights 2019Download Download
HTBenum : A Linux Enumeration Script For Hack The Box
HTBenum is a Linux enumeration script for Hack The Box. This script is designed for use in situations where you do not have internet access on a Linux host and would like to run enumeration and exploit suggestion scripts, such as Hack The Box. I find myself running a similar set of scripts when I get an initial foothold...
