Snare : Super Next Generation Advanced Reactive HonEypot
Snare is a super next generation advanced reactive honeypot.It is a web application honeypot sensor attracting all sort of maliciousness from the Internet. Basic Concepts Surface first. Focus on the attack surface generation.Sensors and masters. Lightweight collectors and central decision maker (tanner). Getting Started You need Python3. We tested primarily with >=3.5This was tested with a recent Ubuntu based Linux. Also...
Osmedeus – Fully Automated Offensive Security Framework For Reconnaissance And Vulnerability Scanning
Osmedeus is a fully automated offensive security framework for reconnaissance and vulnerability scanning Osmedeus allows you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. Installation git clone https://github.com/j3ssie/Osmedeuscd Osmedeus./install.sh This install only focus on Kali linux How To Use? If you have no idea what are you doing just type the command below or check out the Advanced...
Uac-A-Mola : Tool For Security Researchers To Investigate New UAC Bypasses
UAC-A-Mola is a tool that allows security researchers to investigate new UAC bypasses, in addition to detecting and exploiting known bypasses. UAC-A-mola has modules to carry out the protection and mitigation of UAC bypasses. Installation To install uac-a-mola you have to perform the following actions: Download and install python 2.7.x for Windows taking into account your particular infrastructure, you can find the binaries here: https://www.python.org/downloads/Add...
FOCA : Tool To Find Metadata & Hidden Information In The Documents
FOCA is a tool used mainly to find metadata and hidden information in the documents it scans. These documents may be on web pages, and can be downloaded and analysed with FOCA. It is capable of analysing a wide variety of documents, with the most common being Microsoft Office, Open Office, or PDF files, although it also analyses Adobe InDesign or SVG files, for...
IoT Implant : Toolkit For Implant Attack Of IoT Devices
IoT Implant Toolkit is a framework of useful tools for malware implantation research of IoT devices. It is a toolkit consisted of essential software tools on firmware modification, serial port debugging, software analysis and stable spy clients. With an easy-to-use and extensible shell-like environment, IoT-Implant-Toolkit is a one-stop-shop toolkit simplifies complex procedure of IoT malware implantation. In our research, we...
Discover : Custom Bash Scripts Used To Automate Various Penetration Testing Tasks
Discover custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit. For use with Kali Linux and the Penetration Testers Framework (PTF). Download, setup, and usage git clone https://github.com/leebaird/discover /opt/discover/All scripts must be ran from this location.cd /opt/discover/./update.sh RECONDomainPersonParse salesforceSCANNINGGenerate target listCIDRListIP, range, or domainRerun Nmap scripts and MSF auxWEBInsecure direct object...
RBuster : Yet Another Dirbuster
Rbuster is yet another dirbuster with the latest version of v0.2.1. Following are the common command line options; -a <user agent string> - specify a user agent string to send in the request-c <http cookies> - use this to specify any cookies that you might need (simulating auth). header.-f - force processing of a domain with wildcard results.-l - show the length of...
XMLRPC : An Brute Forcer Targeting WordPress Written In Python 3
An XMLRPC brute forcer targeting Wordpress written in Python 3. In the context of xmlrpc brute forcing, its faster than Hydra and WpScan. It can brute force 1000 passwords per second. Usage -- python3 xmlrcpbruteforce.py http://wordpress.org/xmlrpc.php passwords.txt username -- python3 xmlrpcbruteforce.py http://wordpress.org/xmlrpc.php passwords.txt userlist.txt ( >>in progess<<) Bugs If you get an xml.etree.ElementTree.ParseError: Did you forget to add 'xmlrpc' in the url ?Try...
Dirstalk : Modern Alternative to Dirbuster/Dirb
Dirstalk is a multi threaded application designed to brute force paths on web servers. The tool contains functionalities similar to the ones offered by dirbuster and dirb. Here you can see it in action: How to use it The application is self-documenting, launching dirstalk -h will return all the available commands with a short description, you can get the help for each command by doing distalk <command> -h. EG...
The Student’s Guide to Cyber Security – 9 Top Tips to Prevent Yourself From Hackers
The rise of the Internet has brought tremendous benefits to people’s education. But, it also makes people targets to hackers and theft of sensitive information, which is why every student must learn about online cyber security at some point. These days, almost every student owns a smart device or a laptop. This immense use of technology brings up devastating...
