Cloudcheck : Checks Using A Test String If A Cloudflare DNS Bypass Is Possible Using CloudFail
Cloudcheck is made to be used in the same folder as CloudFail. Make sure all files in this repo are in the same folder before using. Also create a empty text file called none.txt in the data folder, that way it doesn't do a subdomain brute when testing. Cloudcheck will automatically change your hosts file, using entries from CloudFail and test for...
Pyattck : A Python Module To Interact With The Mitre ATT&CK Framework
A Python Module to interact with the Mitre ATT&CK Framework. Pyattck has the following notable features in it's current release: Retrieve all Tactics, Techniques, Actors, Malware, Tools, and MitigationsAll techniques have suggested mitigations as a propertyFor each class you can access additional information about related data points:ActorTools used by the Actor or GroupMalware used by the Actor or GroupTechniques this Actor...
Evil WinRM : The Ultimate WinRM Shell For Hacking/Pentesting
Evil WinRM is the ultimate WinRM shell for hacking/pentesting. WinRM (Windows Remote Management) is the Microsoft implementation of WS-Management Protocol. A standard SOAP based protocol that allows hardware and operating systems from different vendors to interoperate. Microsoft included it in their Operating Systems in order to make life easier to system administrators. This program can be used on any Microsoft...
Airopy : Get Clients And Access Points
Airopy is a wireless packet capture to get clients and access points. With Alfa cards this script works correctly. Dependencies To run this script first install requirements as follows: sudo pip3 install requirements.txt How To Use In the examples I don't add 'sudo', but to execute them you need high privileges. To get help: python3 airopy.py -h To get APS: python3 airopy.py -i wlx00c0ca81fb80 --aps...
AMIRA: Automated Malware Incident Response & Analysis
AMIRA is a service for automatically running the analysis on the OSXCollector output files. The automated analysis is performed via OSXCollector Output Filters, in particular The One Filter to Rule Them All: the Analyze Filter. It takes care of retrieving the output files from an S3 bucket, running the Analyze Filter and then uploading the results of the analysis back to S3 (although one...
VulnWhisperer : Create Actionable Data From Your Vulnerability Scans
VulnWhisperer is a vulnerability management tool and report aggregator. VulnWhisperer will pull all the reports from the different Vulnerability scanners and create a file with a unique filename for each one, using that data later to sync with Jira and feed Logstash. Jira does a closed cycle full Sync with the data provided by the Scanners, while Logstash indexes...
Dockernymous : A Script Used To Create A Whonix Like Gateway/Workstation Environment With Docker Containers
Dockernymous is a script used to create a whonix like gateway/workstation environment with docker containers. It is a start script for Docker that runs and configures two individual Linux containers in order act as a anonymisation workstation-gateway set up. It's aimed towards experienced Linux/Docker users, security professionals and penetration testers! The gateway container acts as a Anonymizing Middlebox (seehttps://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy) and routes...
Hardening up Your Cyber Defence With Risk Assessment
Your company faces an array of cyber threats, which are both internal and external. Cybersecurity risk assessment is meant to identify, assess, and implement security controls to pinpoint security vulnerabilities and defects. To safeguard your computer systems from threats, you must apply practices that build an impermeable cyber defense. The process of fortifying your cyber defenses starts with risk assessment. Without assessing your risks, you won’t be...
HiddenEye : Modern Phishing Tool With Advanced Functionality
HiddenEye is a modern phishing tool with advanced functionality and it also currently have Android support. Now you will have live information about the victims such as : IP ADDRESS, Geolocation, ISP, Country, & many more. TESTED ON FOLLOWING Kali Linux - Rolling EditionParrot OS - Rolling EditionLinux Mint - 18.3 SylviaUbuntu - 16.04.3 LTSMacOS High SierraArch LinuxManjaro XFCE Edition...
Top 7 Best Open Source SQL Injection Tools – 2019
SQL injection is a standout amongst the most widely recognised attacks against web applications. Here is the list of Best SQL Injection Tools 2019. Its attacks comprise of insertion or “injection” of a SQL query by means of the information from the customer to the application. An effective SQL injections endeavour can read delicate information from the database, alter database information...
