Pentest Tools Framework : A Database Of Exploits, Scanners & Tools For Penetration Testing
Pentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities. About PTF It is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You...
RedRabbit : Red Team PowerShell Script
RedRabbit is a PowerShell script aimed at helping pentesters conduct ethical hacking #RedTeam. The aim is to highlight just how Powerful PowerShell is and how it can be used against you (Ethically). To Run You can either run locally by downloading the script or run remotely using: powershell –nop –c “iex(New-Object Net.WebClient).DownloadString(‘https://raw.githubusercontent.com/securethelogs/RedRabbit/master/redrabbit.ps1’)” If you run remotely, you will always get the latest version Also...
Sifter : A Osint, Recon & Vulnerability Scanner
Sifter is a osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the 'blue' vulnerabilities within microsft and if unpatched, exploit them. It uses tools like blackwidow and konan for webdir enumeration and attack surface...
WireGuard Brings The Evolution of VPNs
Most people don’t care about how the internet works; they want it to work. The same goes for other essential electronics and tech in the digital age, for example, routers and broadband connections. But every so often, there are significant breakthroughs that are a pretty big deal to techies. These are the revolutionary moments that change the way most people use the internet. And one...
FuzzBench : Fuzzer Benchmarking As A Service
FuzzBench is a free service that evaluates fuzzers on a wide variety of real-world benchmarks, at Google scale. The goal of FuzzBench is to make it painless to rigorously evaluate fuzzing research and make fuzzing research easier for the community to adopt. We invite members of the research community to contribute their fuzzers and give us feedback on improving...
SSRF Sheriff : Server Side Request Forgery
SSRF Sheriff is an SSRF testing sheriff written in Go. It was originally created for the Uber H1-4420 2019 London Live Hacking Event, but it is now being open-sourced for other organizations to implement and contribute back to. Features Repsond to any HTTP method (GET, POST, PUT, DELETE, etc.)Configurable secret token (see base.example.yaml)Content-specific responses With secret token in response body...
Evil SSDP : Create Fake UPnP Devices To Phish For Credentials
Evil SSDP responds to SSDP multicast discover requests, posing as a generic UPNP device. Your spoofed device will magically appear in Windows Explorer on machines in your local network. Users who are tempted to open the device are shown a configurable phishing page. This page can load a hidden image over SMB, allowing you to...
Proton : Windows Post-Exploitation Framework Similar
Proton Framework is a Windows post-exploitation framework similar to other penetration testing frameworks. The major difference is that it does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10. Installation cd protonchmod +x...
NTLMRecon : Tool To Enumerate Information From NTLM Authentication Enabled Web Endpoints
NTLMRecon is built with flexibilty in mind. A fast and flexible NTLM reconnaissance tool without external dependencies. Useful to find out information about NTLM endpoints when working with a large set of potential IP addresses and domains. Need to run recon on a single URL, an IP address, an entire CIDR range or combination of all...
HoneyBot : Capture, Upload & Analyze Network Traffic
HoneyBot is a set of scripts and libraries for capturing and analyzing packet captures with PacketTotal.com. Currently this library provides three scripts: capture-and-analyze.py - Capture on an interface for some period of time, and upload capture for analysis.upload-and-analyze.py - Upload and analyze multiple packet captures to PacketTotal.com.trigger-and-analyze.py - Listen for unknown connections, and begin capturing when one is made. Captures...
