SUDO KILLER : A Tool To Identify & Exploit Sudo Rules’ Misconfigurations & Vulnerabilities Within Sudo
SUDO KILLER is a tool which help to abuse SUDO in different ways and with the main objective of performing a privilege escalation on Linux environment. The tool helps to identify misconfiguration within sudo rules, vulnerability within the version of sudo being used (CVEs and vulns) and the used of dangerous binary, all of these could be abuse to elevate...
Hvazard : Remove Short Passwords & Duplicates, Change Lowercase To Uppercase & Reverse, Combine Wordlists
HVAZARD dictionary modifier remove short passwords & duplicates, change lowercase to uppercase & reverse, combine wordlists! Manual & Explaination d --dict Specifies the file you want to modify. This is the only parameter / argument that is not optional.o --out The output filename (optional). Default is out.txt.s --short This operation removes the lines with length shorter/equal to the specified number. Example:...
GitGot – Semi-Automated, Feedback-Driven Tool To Rapidly Search Through Troves Of Public Data On GitHub For Sensitive Secrets
GitGot is a semi-automated, feedback-driven tool to empower users to rapidly search through troves of public data on GitHub for sensitive secrets. How it Works During search sessions, users will provide feedback to GitGot about search results to ignore, and GitGot prunes the set of results. Users can blacklist files by filename, repository name, username, or a fuzzy match of...
Git Hound – Find Exposed Keys Across GitHub Using Code Search Keywords
Git Hound makes it easy to find exposed APi keys on GitHub using pattern matching, targetted querying, and a scoring system. This differs from other OSINT GitHub scanners by searching keywords across GitHub rather than targeting specific repositories, exposing a fundamentally different set of results. GitRob is an excellent tool that specifically targets an organization or user's owned repositories for secrets....
A Closer Look At The Brushless DC Electric Motor
The brushless DC electric motor (also known as BL motor, BLDC motor or electronically commutated motor) is one of the synchronous motors that are powered with the use of DC electricity. This is possible through switching power supply or an inverter. This produces AC current to drive the motor’s phases through closed look controllers. A brushless motor controller offers current pulses to the windings...
Kali NetHunter App Store Dedicated to Free Security Apps
The Kali NetHunter App Store is an installable catalogue of Android applications for penetration testing and forensics. The client makes it easy to browse, install, and keep track of updates on your device. The Kali NetHunter App Store is a repository of free security related software on the Android platform, along with an Android client to perform installations and...
Userrecon PY : Recognition Usernames In 187 Social Networks
Userrecon PY is a tool used to recognise usernames in 187 social networks. So first of all let us have a look on the step to install the same; Install dependencies (Debian/Ubuntu): sudo apt install python3 python3-pip Install with pip3: sudo -H pip3 install git+https://github.com/decoxviii/userrecon-py.git userrecon-py --help Also Read - Shellsum : A Defense Tool – Detect Web Shells In Local Directories...
Explo : Human & Machine Readable Web Vulnerability Testing Format
Explo is a simple tool to describe web security issues in a human and machine readable format. By defining a request/condition workflow, explo is able to exploit security issues without the need of writing a script. This allows to share complex vulnerabilities in a simple readable and executable format. Example for extracting a csrf token and using this in a...
Blisqy : Exploit Time-based Blind-SQL Injection In HTTP-Headers
Leviathan is a mass audit toolkit which has wide range service discovery, brute force, SQL injection detection and running custom exploit capabilities. It consists open source tools such masscan, ncrack, dsss and gives you the flexibility of using them with a combination. The main goal of this project is auditing as many system as possible in country-wide or in a...
Brute Force : BruteForce Gmail, Hotmail, Twitter, Facebook & Netflix
In this article we will see on how to BruteForce Gmail, Hotmail, Twitter, Facebook & Netflix. First let us see on how to install the same; pip install proxylist pip install mechanize Also Read - JShielder : Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark G Usage BruteForce Gmail Attack python3 Brute_Force.py -g Account@gmail.com -l File_list python3 Brute_Force.py -g Account@gmail.com -p Password_Single BruteForce...
