.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
Adapt : A Tool To Performs Automated Penetration Testing for WebApps
ADAPT is a tool that performs Automated Dynamic Application Penetration Testing for web applications. It is designed to increase accuracy, speed, and confidence in penetration testing efforts. ADAPT automatically tests for multiple industry standard OWASP Top 10 vulnerabilities, and outputs categorized findings based on these potential vulnerabilities. ADAPT also uses the functionality from OWASP ZAP to perform automated...
IdentYWAF : Blind WAF Identification Tool
identYwaf is an identification tool that can recognise web protection type (i.e. WAF) based on blind inference. Blind inference is being done by inspecting responses provoked by a set of predefined offensive (non-destructive) payloads, where those are used only to trigger the web protection system in between (e.g. http://<host>?aeD0oowi=1 AND 2>1). Currently it supports more than 70 different protection products (e.g. aeSecure, Airlock, CleanTalk, CrawlProtect, Imunify360, MalCare, ModSecurity, Palo Alto, SiteGuard, UrlScan, Wallarm, WatchGuard, Wordfence,...
Scanner CLI : A Project Security/Vulnerability/Risk Scanning Tool
The Hawkeye Scanner CLI is a project security, vulnerability and general risk highlighting tool. It is meant to be integrated into your pre-commit hooks and your pipelines. Running & Configuring the Scanner The Hawkeye scanner-cli assumes that your directory structure is such that it keeps the toolchain's files on top level. Roughly, this is what it boils down to: Node.js projects have...
Sh00t : A Testing Environment for Manual Security Testers
Sh00t is a testing environment for manual security testers. Security Testing is not as simple as right click > Scan. It's messy, a tough game. What if you had missed to test just that one thing and had to regret later? Sh00t is a highly customizable, intelligent platform that understands the life of bug hunters and emphasises on manual...
Killcast : Manipulate Chromecast Devices in your Network
Killcast manipulate chromecast devices in your network. This tool is a Proof of Concept and is for Research Purposes Only, it shows how Chromecast devices can be easily manipulated and hijacked by anyone. Inspired from this hack, thewhiteh4t has created it, an open source tool for testing and research purposes, if you have a Google Home or Chromecast you can test and learn how...
Kube-Hunter:Hunt For Security Weaknesses In Kubernetes Clusters
Kube-hunter hunts for security weaknesses in Kubernetes clusters. The tool was developed to increase awareness and visibility for security issues in Kubernetes environments. Note : You should NOT run kube-hunter on a Kubernetes cluster you don't own! Kube-hunter is available as a container (aquasec/kube-hunter), and we also offer a web site at kube-hunter.aquasec.com where you can register online to receive a token allowing...
Twifo CLI:Get Twitter User Information 2019
Twifo CLI is a tool used to get twitter user information. Install $ npm install --global twifo-cli OR $ sudo npm install --global twifo-cli Also Read: Conpot – ICS/SCADA Honeypot Usage $ Usage: twifo Example: $ twifo 9gag Related twifo : API for this tool.quorafy: Get user information of a Quora user. Download Credit: Rishi Giri
H8mail – Email OSINT And Password Breach Hunting
Email OSINT and password breach hunting. Use h8mail to find passwords through different breach and reconnaissance services, or the infamous Breached Compilation torrent. H8mail Features Email pattern matching (reg exp), useful for all those raw HTML files Small and fast Alpine Dockerfile available CLI or Bulk file-reading for targeting Output to CSV file Reverse DNS + Open...
Sitadel – Web Application Security Scanner
Sitadel is basically an update for WAScan making it compatible for python >= 3.4 It allows more flexibility for you to write new modules and implement new features : Frontend framework detectionContent Delivery Network detectionDefine Risk Level to allow for scansPlugin systemDocker image available to build and run Also Read : WPintel – Chrome Extension Designed For WordPress Vulnerability Scanning & Information...
DNSpy – .NET Debugger And Assembly Editor
DNSpy is a debugger and .NET assembly editor. You can use it to edit and debug assemblies even if you don't have any source code available. Want to say thanks? Click the star at the top of the page. Or fork dnSpy and send a PR! The following pictures show dnSpy in action. It shows dnSpy editing and debugging a...
