DSSS – Damn Small SQLi Scanner
DSSS (Damn Small SQLi Scanner) is a fully functional SQL injection vulnerability scanner (supporting GET and POST parameters) written in under 100 lines of code. As of optional settings it supports HTTP proxy together with HTTP header values User-Agent, Referer and Cookie. Also Read - SQLMap : Automatic SQL Injection & Database Takeover Tool Requirements Python version 2.6.x or 2.7.x is required for running this program. Sample Runs $ python dsss.py -h Damn...
GoldenEye : GoldenEye Layer 7 (KeepAlive+NoCache) DoS Test Tool
GoldenEye is an python app for SECURITY TESTING PURPOSES ONLY! GoldenEye is a HTTP DoS Test Tool. Attack Vector exploited: HTTP Keep Alive + NoCache Utilities util/getuas.py - Fetchs user-agent lists from http://www.useragentstring.com/pages/useragentstring.php subpages (ex: ./getuas.py http://www.useragentstring.com/pages/Browserlist/) REQUIRES BEAUTIFULSOUP4res/lists/useragents - Text lists (one per line) of User-Agent strings (from http://www.useragentstring.com) Also Read - Icebox : Virtual Machine Introspection, Tracing & Debugging Changelog 2016-02-06 Added support for not verifying SSL Certificates2014-02-20...
Hash Identifier : Software To Identify The Different Types Of Hashes Used To Encrypt Data & Especially Passwords
Hash Identifier software to identify the different types of hashes used to encrypt data and especially passwords. Encryption Formats Supported ADLER-32CRC-32CRC-32BCRC-16CRC-16-CCITTDES(Unix)FCS-16GHash-32-3GHash-32-5GOST R 34.11-94Haval-160Haval-192 110080 ,Haval-224 114080 ,Haval-256Lineage II C4Domain Cached CredentialsXOR-32MD5(Half)MD5(Middle)MySQLMD5(phpBB3)MD5(Unix)MD5(Wordpress)MD5(APR)Haval-128MD2MD4MD5MD5(HMAC(Wordpress))NTLMRAdmin v2.xRipeMD-128SNEFRU-128Tiger-128MySQL5 - SHA-1(SHA-1($pass))MySQL 160bit - SHA-1(SHA-1($pass))RipeMD-160SHA-1SHA-1(MaNGOS)Tiger-160Tiger-192md5($pass.$salt) - JoomlaSHA-1(Django)SHA-224RipeMD-256SNEFRU-256md5($pass.$salt) - JoomlaSAM - (LM_hash:NT_hash)SHA-256(Django)RipeMD-320SHA-384SHA-256SHA-384(Django)SHA-512WhirlpoolAnd more… Also Read - 0xsp Mongoose : Linux Privilege Escalation Intelligent Enumeration Toolkit Encryption algorithms that can not be differentiated...
The Secret IG Growth Hacks You Haven’t Heard Before
The secret to Instagram success is having as many organic followers as possible. Instagram now boasts of more than one billion subscribers all over the world. If it was a country, it would be the third most populated one after China and India. About 500 million Instagram users log into their accounts at least once every day. This tells you that you have an...
MIG : Distributed & Real Time Digital Forensics At The Speed Of The Cloud
MIG is Mozilla's platform for investigative surgery of remote endpoints. You can spin up a local-only MIG setup using docker. The container is not suitable for production use but lets you experiment with MIG quickly, providing a single container environment that has most of the MIG components available. To pull from Docker Hub: $ docker pull mozilla/mig $ docker run -it...
Icebox : Virtual Machine Introspection, Tracing & Debugging
Icebox is a Virtual Machine Introspection solution that enable you to stealthily trace and debug any process (kernel or user). It's based on project Winbagility. Files which might be helpful: INSTALL.md: how to install icebox.BUILD.md: how to build icebox. Project Organization fdp: Fast Debugging Protocol sourcesicebox: Icebox sources icebox: Icebox lib (core, os helpers, plugins...)icebox_cmd: Program that test several featuressamples: Bunch of examples...
SQLMap : Automatic SQL Injection & Database Takeover Tool
SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the...
0xsp Mongoose : Linux Privilege Escalation Intelligent Enumeration Toolkit
Using 0xsp Mongoose you will be able to scan targeted operating system for any possible way for privilege escalation attacks,starting from collecting information stage unitl reporting information through 0xsp Web Application API . User will be able to scan different linux os system at same time with high perfromance , with out spending time looking inside the terminal or text...
Sherlock : Find Usernames Across Social Networks
Sherlock Project provides a very powerfull command line tool called Sherlock to find usernames across many social networks. It requires Python 3.6 or higher and works on MacOS, Linux and Windows. Installation NOTE: Python 3.6 or higher is required. #clone the repo$ git clone https://github.com/sherlock-project/sherlock.git#change the working directory to sherlock$ cd sherlock#install python3 and python3-pip if not exist#install the requirements$ pip3 install -r...
Lst2x64dbg : Extract Labels From IDA .lst or Ghidra .csv File & Export x64dbg Database
lst2x64dbg script extracts all the labels found in the LST file that is given as the script's single argument. An x64dbg database is created in the current directory based on the extracted labels. The LST file can be generated in IDA from the File menu: Produce file -> Create LST file… Example $ python3 lst2x64dbg.py sample.lst ghidra2x64dbg This script extracts all the labels...