.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
AutoPwn : Automate Repetitive Tasks For Fuzzing
Completely re-writing this right now. Focus will be on interactive Linux apps that only take input from stdin for starters. Attempting to use Shellphish's Driller and Fuzzer functionality. AutoPwn in it's current state will do this in limited form. Simply run autoPwn ./binary then select the Start option. Installing Given all the dependency issues here, the easiest way to...
UserRecon-PY : Find Username In Social Networks
Userrecon-PY is a tool used to find usernames in social networks. Installation Install dependencies (Debian/Ubuntu): sudo apt install python3 python3-pip Install with pip3: sudo -H pip3 install git+https://github.com/decoxviii/userrecon-py.git userrecon-py --help Also Read - H2Buster : A Threaded, Recursive, Web Directory Brute-Force Scanner Over HTTP/2 Building from Source Clone this repository, and: git clone https://github.com/decoxviii/userrecon-py.git ; cd userrecon-py sudo -H pip3 install -r requirements.txt python3 setup.py build sudo python3...
Amass : In-Depth DNS Enumeration and Network Mapping
The OWASP Amass tool suite obtains subdomain names by scraping data sources, recursive brute forcing, crawling web archives, permuting/altering names and reverse DNS sweeping. Additionally, it uses the IP addresses obtained during resolution to discover associated netblocks and ASNs. All the information is then used to build maps of the target networks. Information Gathering Techniques Used: DNS: Basic enumeration, Brute forcing (upon...
PCI Compliance and Network Segmentation
The first step to determining the scope of your Payment Card Industry Data Security Standard (PCI DSS) compliance is segmenting your data networks. Network segmentation helps to improve data security and reduces the chances of breaches resulting from compromised systems. What You Should Know About PCI DSS Network Segmentation To properly segment your data networks for PCI DSS-compliance purposes, it is crucial to understand the purpose...
WPBullet : A Static Code Analysis For WordPress & PHP
WPBullet is a static code analysis for WordPress Plugins/Themes (and PHP). Simply clone the repository, install requirements and run the script ; git clone https://github.com/webarx-security/wpbullet wpbulletcd wpbulletpip install -r requirements.txtpython wpbullet.py Available options: --path (required) System path or download URL Examples: --path="/path/to/plugin" --path="https://wordpress.org/plugins/example-plugin" --path="https://downloads.wordpress.org/plugin/example-plugin.1.5.zip"--enabled (optional) Check only for given modules, ex. --enabled="SQLInjection,CrossSiteScripting" --disabled (optional) Don't check for given...
Kubolt : Utility For Scanning Public Kubernetes Clusters
Kubolt is simple utility for scanning public unauthinticated kubernetes clusters and run commands inside containers. Sometimes, the kubelet port 10250 is open to unauthorized access and makes it possible to run commands inside the containers using getrun function from kubelet: // getRun handles requests to run a command inside a container. func (s *Server) getRun(request *restful.Request,...
PhoneSploit : Using Open ADB Ports We Can Exploit A Android Device
PhoneSploit is using open Adb ports we can exploit a Android Device. You can find open ports by clicking here. How To Access A Local Device https://www.youtube.com/watch?v=OlhCAX1qBQo HOW TO INSTALL WINDOWS git clone https://github.com/Zucccs/PhoneSploit extract adb.rar to the phonesploit directory cd PhoneSploit pip install colorama python2 main.py Also Read - HiddenWall : Linux Kernel Module Generator For Custom Rules With NetfilterPhoneSploit : Using...
Brutality : A Fuzzer For Any GET Entries
A Brutality is a fuzzer for any GET entries and following are the features ; Multi-threading on demandFuzzing, bruteforcing GET paramsFind admin panelsColored outputHide results by return code, word numbersProxy supportBig wordlist Also Read - IP Finder CLI : The Official Command Line Client For IPFinder Usages Install git clone https://github.com/ManhNho/brutality.git chmod 755 -R brutality/ cd brutality/ pip install -r requirements.txt Helps python brutality -h Examples Use default...
Sniffglue : Secure Multithreaded Packet Sniffer
Sniffglue is a network sniffer written in rust. Network packets are parsed concurrently using a thread pool to utilize all cpu cores. Project goals are that you can run sniffglue securely on untrusted networks and that it must not crash when processing packets. The output should be as useful as possible by default. Usage sniffglue enp0s25 Installation There is an official package...
H2Buster : A Threaded, Recursive, Web Directory Brute-Force Scanner Over HTTP/2
H2Buster is a threaded, recursive, web directory brute-force scanner over HTTP/2 using hyper, inspired by Gobuster. Following are the features; Fast and portable - install hyper and run.Multiconnection scanning.Multithreaded connections.Scalable: scans can be as docile or aggressive as you configure them to be.h2 and h2c support.Configurable directory recursion depth.Multiplatform: works on both Linux and Windows (OS X is to be tested). Also Read...
