Ten Facts about Your Resume That Will Blow Your Mind
Are you looking for a job? For this, you will need a resume. In this article, we are going to give you a few hints on how to do everything properly. A resume is the first requirement that comes to mind when looking for a job. It is a chance to showcase yourself. However, there are some hidden facts...
Youzer : Fake User Generator For Active Directory Environments
Fake User Generator for Active Directory Environments. The goal of Youzer is to create information rich Active Directory environments. This uses the python3 library 'faker' to generate random accounts. pip3 install faker You can either supply a wordlist or have the passwords generated. The generated option is great for testing things like hashcat rule masks. Wordlist option is useful...
Rock-ON : All In One Recon Tool That Will Just Get A Single Entry Of The Domain Name & Do All Of The Work Alone
Rock-On is a all in one recon tool that will help your Recon process give a boost. It is mainly aimed to automate the whole process of recon and save the time that is being wasted in doing all this stuffs manually. A thorough blog will be up in sometime. Stay tuned for the Stable...
FBChecker : Facebook Mass Account Checker
FBChecker is a tool that is used for a Facebook mass account checker.Facebook Mass Account Checker Simple Installation : apt install gitapt install phpgit clone https://github.com/fdciabdul/fbcheckercd fbcheckerphp fbcheck.php Also Read - MIG : Distributed & Real Time Digital Forensics At The Speed Of The Cloud Usage php fbcheck.php target.txt Download
WESNG : Next Generation Windows Exploit Suggester
WESNG is a tool based on the output of Windows' systeminfo utility which provides the list of vulnerabilities the OS is vulnerable to, including any exploits for these vulnerabilities. Every Windows OS between Windows XP and Windows 10, including their Windows Server counterparts, is supported. Usage Obtain the latest database of vulnerabilities by executing the command wes.py...
Slackor : A Golang Implant That Uses Slack As A Command & Control Server
Slackor is a golang implant that uses Slack as a command and control server. This tool is released as a proof of concept. Be sure to read and understand the Slack App Developer Policy before creating any Slack apps. Setup Note: The server is written in Python 3 For this to work you need: A Slack WorkspaceRegister an app with the following permissions:channels:readchannels:historychannels:writefiles:write:userfiles:readCreate a...
MASC : A Web Malware Scanner
MASC is a malware (web) scanner developed during CyperCamp Hackathon 2017. At the moment, there are some features available for any type of website (custom or CMS) and some of them only available for specific platforms: Scan any website for malware using OWASP WebMalwareScanner checksum, YARA rules databases and ClamAV engine (if available)Perform some cleaning operations to improve website protectionMonitor...
DSSS – Damn Small SQLi Scanner
DSSS (Damn Small SQLi Scanner) is a fully functional SQL injection vulnerability scanner (supporting GET and POST parameters) written in under 100 lines of code. As of optional settings it supports HTTP proxy together with HTTP header values User-Agent, Referer and Cookie. Also Read - SQLMap : Automatic SQL Injection & Database Takeover Tool Requirements Python version 2.6.x or 2.7.x is required for running this program. Sample Runs $ python dsss.py -h Damn...
GoldenEye : GoldenEye Layer 7 (KeepAlive+NoCache) DoS Test Tool
GoldenEye is an python app for SECURITY TESTING PURPOSES ONLY! GoldenEye is a HTTP DoS Test Tool. Attack Vector exploited: HTTP Keep Alive + NoCache Utilities util/getuas.py - Fetchs user-agent lists from http://www.useragentstring.com/pages/useragentstring.php subpages (ex: ./getuas.py http://www.useragentstring.com/pages/Browserlist/) REQUIRES BEAUTIFULSOUP4res/lists/useragents - Text lists (one per line) of User-Agent strings (from http://www.useragentstring.com) Also Read - Icebox : Virtual Machine Introspection, Tracing & Debugging Changelog 2016-02-06 Added support for not verifying SSL Certificates2014-02-20...
Hash Identifier : Software To Identify The Different Types Of Hashes Used To Encrypt Data & Especially Passwords
Hash Identifier software to identify the different types of hashes used to encrypt data and especially passwords. Encryption Formats Supported ADLER-32CRC-32CRC-32BCRC-16CRC-16-CCITTDES(Unix)FCS-16GHash-32-3GHash-32-5GOST R 34.11-94Haval-160Haval-192 110080 ,Haval-224 114080 ,Haval-256Lineage II C4Domain Cached CredentialsXOR-32MD5(Half)MD5(Middle)MySQLMD5(phpBB3)MD5(Unix)MD5(Wordpress)MD5(APR)Haval-128MD2MD4MD5MD5(HMAC(Wordpress))NTLMRAdmin v2.xRipeMD-128SNEFRU-128Tiger-128MySQL5 - SHA-1(SHA-1($pass))MySQL 160bit - SHA-1(SHA-1($pass))RipeMD-160SHA-1SHA-1(MaNGOS)Tiger-160Tiger-192md5($pass.$salt) - JoomlaSHA-1(Django)SHA-224RipeMD-256SNEFRU-256md5($pass.$salt) - JoomlaSAM - (LM_hash:NT_hash)SHA-256(Django)RipeMD-320SHA-384SHA-256SHA-384(Django)SHA-512WhirlpoolAnd moreā¦ Also Read - 0xsp Mongoose : Linux Privilege Escalation Intelligent Enumeration Toolkit Encryption algorithms that can not be differentiated...
