Massdns : A High-Performance DNS Stub Resolver For Bulk Lookups & Reconnaissance
Massdns is a high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration). It is a simple high-performance DNS stub resolver targeting those who seek to resolve a massive amount of domain names in the order of millions or even billions. Without special configuration, MassDNS is capable of resolving over 350,000 names per second using publicly available resolvers. Major changes This...
S3enum : Fast Amazon S3 Bucket Enumeration Tool For Pentesters
S3enum is a tool to enumerate a target's Amazon S3 buckets. It is fast and leverages DNS instead of HTTP, which means that requests don't hit AWS directly. Go go get github.com/koenrh/s3enum Also Read - PythonAESObfuscate : Obfuscates a Python Script & Accompanying Shellcode Usage You need to specify the base name of the target (e.g. hackerone), and a word list. You could either...
Risk Assessment Framework : Static Application Security Testing
The OWASP Risk Assessment Framework consist of Static application security testing and Risk Assessment tools, Eventhough there are many SAST tools available for testers, but the compatibility and the Environment setup process is complex. By using OWASP Risk Assessment Framework's Static Application Security Testing tool Testers will be able to analyze and review their code quality and vulnerabilities without...
See-SURF : Python Based Scanner To Find Potential SSRF Parameters
See-SURF is a Python based scanner to find potential SSRF parameters in a web application. SSRF being one of the critical vulnerabilities out there in web, i see there was no tool which would automate finding potential vulnerable parameters. See-SURF can be added to your arsenal for recon while doing bug hunting/web security testing. Features Takes burp's sitemap as input and...
Blinder : A Python Library To Automate Time-Based Blind SQL Injection
Blinder is a small python library to automate time-based blind SQL injection by using a pre-defined queries as a functions to automate a rapid PoC development. Installation You can install it using the following command: pip install blinder Or by downloading the source and importing it manually to your project. Usage To use it you need to import Blinder module then start using the main functions of...
Obfuscapk : Black-Box Obfuscation Tool For Android Apps
Obfuscapk is a modular Python tool for obfuscating Android apps without needing their source code, since apktool is used to decompile the original apk file and to build a new application, after applying some obfuscation techniques on the de-compiled smali code, resources and manifest. The obfuscated app retains the same functionality as the original one, but the differences under the hood sometimes...
Application Inspector : A Source Code Analyzer Built For Surfacing Features Of Interest
Microsoft Application Inspector is a software source code analysis tool that helps identify and surface well-known features and other interesting characteristics of source code to aid in determining what the software is or what it does. It has received attention on ZDNet, SecurityWeek, CSOOnline, Linux.com/news, HelpNetSecurity, Twitter and more and was first featured on Microsoft.com. Application Inspector is different...
PythonAESObfuscate : Obfuscates a Python Script & Accompanying Shellcode
PythonAESObfuscate is a tool used for Pythonic way to load shellcode. Builds an EXE for you too! Usage Place a payload.bin raw shellcode file in the same directory. Default Architecture is x86run python obfuscate.pyDefault output is out.py Also Read - Cyber Essentials Accreditation and Its Impact to Retail Stores Requirements WindowsPython 2.7PyinstallerPyCrypto (PyCryptodome didn't seem to work) Download
Kali Linux 2020.1 Release
We are incredibly excited to announce the first release of 2020, Kali Linux 2020.1. It includes some exciting new updates: Non-Root by defaultKali single installer imageKali NetHunter RootlessImprovements to theme & kali-undercoverNew tools Non-Root Throughout the history of Kali (and its predecessors BackTrack, WHAX, and Whoppix), the default credentials have been root/toor. This is no more. We are no longer...
Socialscan – Check Email Address And Username Availability On Online Platforms With 100% Accuracy
Socialscan offers accurate and fast checks for email address and username usage on online platforms. Given an email address or username, socialscan returns whether it is available, taken or invalid on online platforms. Features that differentiate socialscan from similar tools (e.g. knowem.com, Namechk, and Sherlock): 100% accuracy: socialscan's query method eliminates the false positives and negatives that often occur in similar tools, ensuring that results...
.png "BinAbsInspector : Vulnerability Scanner For Binaries")
