CVE-API : Unofficial API for CVE.MITRE.ORG
CVE Api is a parse & filter the latest CVEs from cve.mitre.org. Usage http://localhost:4000/cve?target=KEYWORD The year parameter is optional. http://localhost:4000/cve?target=KEYWORD&year=YEAR Examples http://localhost:4000/cve?target=ruby%20on%20rails http://localhost:4000/cve?target=ruby%20on%20rails&year=2020 If you want to parse the latest year, use the "latest" keyword.http://localhost:4000/cve?target=ruby%20on%20rails&year=latest Also Read - Fuzzowski : The Network Protocol Fuzzer Getting Started Download the projectbundle installruby rest.rb Requirements RubyDocker (Optional, only required if you want to run through a container.) Environment You can switch between prod & dev at config/environment.rbYou...
NekoBot : Auto Exploiter With 500+ Exploit 2000+ Shell
NekoBot is an auto exploit tool to facilitate the penetration of one or many websites (Wordpress, Joomla, Drupal, Magento, Opencart,and Etc). Features Wordpress : 1- Cherry-Plugin2- download-manager Plugin3- wysija-newsletters4- Slider Revolution 5- gravity-forms6- userpro7- wp-gdpr-compliance8- wp-graphql9- formcraft10- Headway11- Pagelines Plugin12- WooCommerce-ProductAddons13- CateGory-page-icons14- addblockblocker15- barclaycart16- Wp 4.7 Core Exploit17- eshop-magic18- HD-WebPlayer19- WP Job Manager20- wp-miniaudioplayer21- wp-support-plus22- ungallery Plugin23- WP User Frontend24- Viral-options25-...
Gospider : Fast Web Spider Written In Go
GoSpider is a Fast web spider written in Go. Installation go get -u github.com/jaeles-project/gospider Features Fast web crawlingBrute force and parse sitemap.xmlParse robots.txtGenerate and verify link from JavaScript filesLink FinderFind AWS-S3 from response sourceFind subdomains from response sourceGet URLs from Wayback Machine, Common Crawl, Virus Total, Alien VaultFormat output easy to GrepSupport Burp inputCrawl multiple sites in parallelRandom mobile/web User-Agent Also...
DecryptTeamViewer : Enumerate & Decrypt TeamViewer Credentials From Windows Registry
DecryptTeamViewer uses CVE-2019-18988 to enumerate and decrypt TeamViewer credentials from Windows registry. Blogpost detailing the vulnerability by clicking here. See below for an implementation in Python as well as further below for a post metasploit module; import sys, hexdump, binasciifrom Crypto.Cipher import AESclass AESCipher: def init(self, key): self.key =...
DrSemu : Malware Detection & Classification Tool Based on Dynamic Behavior
DrSemu is a malware Detection and Classification Tool Based on Dynamic Behavior. It runs executables in an isolated environment, monitors the behavior of a process, and based on Dr.Semu rules created by you or the community, detects if the process is malicious or not. With Dr.Semu you can create rules to detect malware based on dynamic behavior of a process. Isolation through redirection Everything happens from...
Syborg : Recursive DNS Subdomain Enumerator With Dead-End Avoidance System
Syborg is a recursive DNS subdomain enumerator with dead-end avoidance system (beta). It is a Recursive DNS Domain Enumerator which is neither active nor completely passive. This tool simply constructs a domain name and queries it with a specified DNS Server. When you run subdomain enumeration with some of the tools, most of them passively query public records like virustotal, crtsh or censys. This enumeration...
Web Scraping: Top 4 ways to use in business
Web Scraping is like an engine of power, incredibly powerful. Whether a startup idea just grows on your mind or you are existing companies that need level up your business, do not underestimate the power of this automatic technology. Today, I will review the top 4 ways to use a Web Scraper like the most known Parshub or Mozenda by...
Manul : A Coverage-Guided Parallel Fuzzer For Open-Source And Blackbox Binaries On Windows, Linux & Macos
Manul is a coverage-guided parallel fuzzer for open-source and black-box binaries on Windows, Linux and macOS (beta) written in pure Python. Quick Start pip3 install psutil git clone https://github.com/mxmssh/manul cd manul mkdir in mkdir out echo "AAAAAA" > in/test python3 manul.py -i in -o out -n 4 "linux/test_afl @@" Installing Radamsa sudo apt-get install gcc make git wget git clone https://gitlab.com/akihe/radamsa.git &&...
Fuzzowski : The Network Protocol Fuzzer
The idea is to be the Network Protocol Fuzzer that we will want to use. The aim of this tool is to assist during the whole process of fuzzing a network protocol, allowing to define the communications, helping to identify the "suspects" of crashing a service, and much more Last Changes Data Generation modules fully recoded (Primitives, Blocks, Requests)Improved Strings fuzzing libraries, allowing also for...
Nray : Distributed Port Scanner
Nray is a free, platform and architecture independent port and application layer scanner. Apart from regular targets (list of hosts/networks), it supports dynamic target selection, based on source like certificate transparency logs or LDAP. Furthermore, nray allow to run in a distributed manner to speed up scans and to perform scans from different vantage points. Event-based results allow to...
