.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
Sublert : Security & Reconnaissance Tool Which Leverages Certificate Transparency
Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate. The tool is supposed to be scheduled to run periodically at fixed times, dates, or intervals (Ideally each day). New identified subdomains will be sent to Slack workspace with a notification push. Furthermore, the tool...
IPRotate : Extension For Burp Suite Which Uses AWS API Gateway To Rotate Your IP On Every Request
IPRotate is a tool used for Burp Suite which uses AWS API Gateway to change your IP on every request. This extension allows you to easily spin up API Gateways across multiple regions. All the Burp Suite traffic for the targeted host is then routed through the API Gateway endpoints which causes the IP to be different on each...
LdapDomainDump : Active Directory Information Dumper via LDAP
LDAPDomainDump is an Active Directory information dumper via LDAP. In an Active Directory domain, a lot of interesting information can be retrieved via LDAP by any authenticated user (or machine). This makes LDAP an interesting protocol for gathering information in the recon phase of a pentest of an internal network. A problem is that data from LDAP often is...
Covenant : A .NET Command & Control Framework That Aims To Highlight The Attack Surface
Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers. Covenant is an ASP.NET Core, cross-platform application that includes a web-based interface that allows for multi-user collaboration. Also Read - Hacktronian : All in...
AutoRDPwn : The Shadow Attack Framework
AutoRDPwn is a post-exploitation framework created in Powershell, designed primarily to automate the Shadow attack on Microsoft Windows computers. This vulnerability (listed as a feature by Microsoft) allows a remote attacker to view his victim's desktop without his consent, and even control it on demand, using tools native to the operating system itself. Thanks to the additional modules, it is possible to obtain...
PoshC2 : Python Server for PoshC2
PoshC2 is a proxy aware C2 framework that utilises Powershell and/or equivalent (System.Management.Automation.dll) to aid penetration testers with red teaming, post-exploitation and lateral movement. Powershell was chosen as the base implant language as it provides all of the functionality and rich features without needing to introduce multiple third party libraries to the framework. In addition to the Powershell implant, PoshC2 also has...
Hacktronian : All in One Hacking Tool for Linux & Android
Hacktronian is an all in one Hacking tool for Linux & Android and pentesing tools that all Hacker needs. Menu Information Gathering Password Attacks Wireless Testing Exploitation Tools Sniffing & Spoofing Web Hacking Private Web Hacking Post Exploitation Install The Hacking Tool Google Dorks Information Gathering: Nmap Setoolkit Port Scanning Host To IP wordpress user CMS scanner XSStrike Dork - Google Dorks Passive Vulnerability Auditor Scan A server's Users Crips Password Attacks: Cupp Ncrack Also Read - PEpper : An Open Source Script To Perform...
Pyshark : Python Wrapper For TShark, Allowing Python Packet Parsing Using Wireshark Dissectors
Python wrapper for tshark, allowing python packet parsing using wireshark dissectors. Python2 deprecation - This package no longer supports Python2. If you wish to still use it in Python2, you can: Use version 0.3.8Install pyshark-legacy via pypiClone the pyshark-legacy , where bugfixes will be applied. Looking for contributors - for various reasons I have a hard time finding time to maintain...
Applepie : A Hypervisor For Fuzzing Built With WHVP & Bochs
Hello! Welcome to applepie! This is a tool designed for fuzzing, introspection, and finding bugs! This is a hypervisor using the Windows Hypervisor Platform API present in recent versions of Windows (specifically this was developed and tested on Windows 10 17763). Bochs is used for providing deep introspection and device emulation. The Windows Hypervisor Platform API (WHVP) is an API...
PEpper : An Open Source Script To Perform Malware Static Analysis On Portable Executable
PEpper is an open source tool to perform malware static analysis on Portable Executable. Following are some of the features supported by the tool; Suspicious entropy ratioSuspicious name ratioSuspicious code sizeSuspicious debugging time-stampNumber of exportNumber of anti-debugging callsNumber of virtual-machine detection callsNumber of suspicious API callsNumber of suspicious stringsNumber of YARA rules matchesNumber of URL foundNumber of IP foundCookie on the stack (GS) supportControl Flow Guard (CFG) supportData Execution Prevention (DEP) supportAddress Space Layout Randomization (ASLR) supportStructured Exception Handling (SEH) supportThread Local Storage (TLS) supportPresence of manifestPresence of versionPresence...
.webp "SharpExclusionFinder – Streamlining Windows Defender Exclusion Checks With Advanced Scanning Capabilities")
