Lynis : Security Auditing Tool for Unix/Linux Systems
Lynis is a security auditing tool for UNIX derivatives like Linux, macOS, BSD, Solaris, AIX, and others. It performs an in-depth security scan. Software packages is available by clicking here. Requirements Shell and basic utilities Permissions Normal user or preferable root permissions Installation Installation via package Installing the tool via a package manager is one option to get started with it. For most operating systems and...
Blisqy : Exploit Time-Based Blind-SQL Injection In HTTP-Headers
Blisqy is a tool to aid Web Security researchers to find Time-based Blind SQL injection on HTTP Headers and also exploitation of the same vulnerability. The exploitation enables slow data siphon from a database (currently supports MySQL/MariaDB only) using bitwise operation on printable ASCII characters, via a blind-SQL injection. For interoperability with other Python tools and to enable other users utilise...
Ponce : IDA Pro Plugin That Provides Users The Ability To Perform Taint Analysis & Symbolic Execution
Ponce is an IDA Pro plugin that provides users the ability to perform taint analysis and symbolic execution over binaries in an easy and intuitive fashion. With Ponce you are one click away from getting all the power from cutting edge symbolic execution. Entirely written in C/C++. Symbolic execution is not a new concept in the security community....
Cryptr : A Simple Shell Utility For Encrypting & Decrypting Files Using OpenSSL
Cryptr is a simple shell utility for encrypting and decryption files using OpenSSL. Installation git clone https://github.com/nodesocket/cryptr.git ln -s "$PWD"/cryptr/cryptr.bash /usr/local/bin/cryptr Bash tab completion Add tools/cryptr-bash-completion.bash to your tab completion file directory. API/Commands Encrypt encrypt <file> - Encryptes file with OpenSSL AES-256 cipher block chaining. Writes an encrypted file out (ciphertext)appending .aes extension. ➜ cryptr encrypt ./secret-file enter aes-256-cbc encryption password: Verifying - enter aes-256-cbc encryption password: ➜ ls -alh -rw-r--r-- ...
Project iKy – Tool To Collects Information From An Email
Project iKy is a tool that collects information from an email and shows results in a nice visual interface. Note : We want to warn you that we have changed the Frontend from AngularJS to Angular 7. For this reason we left the project with AngularJS as Frontend in the iKy-v1 branch. The reason of changing the Frontend was to update...
Leviathan : Wide Range Mass Audit Toolkit
Leviathan is a mass audit toolkit which has wide range service discovery, brute force, SQL injection detection and running custom exploit capabilities. It consists open source tools such masscan, ncrack, dsss and gives you the flexibility of using them with a combination. The main goal of this project is auditing as many system as possible in country-wide or in a...
Vulnx : An Intelligent Bot Auto Shell Injector That Detect Vulnerabilities In Multiple Types Of CMS
Vulnx is An Intelligent Bot Auto Shell Injector that detect vulnerabilities in multiple types of Cms, fast cms detection,informations gathering and vulnerabilitie Scanning of the target like subdomains, ipaddresses, country, org, timezone, region, ans and more. Instead of injecting each and every shell manually like all the other tools do, it analyses the target website checking the presence of a vulnerabilitie if so...
Tourmaline : Telegram Bot Framework For Crystal
Tourmaline is a Telegram Bot (and hopefully soon Client) API framework for Crystal. Based heavily off of Telegraf this Crystal implementation allows your Telegram bot to be written in a language that's both beautiful and fast. Benchmarks coming soon. Installation Add this to your application's shard.yml: dependencies: tourmaline: ...
LiveHiddenCamera : Library Which Record Live Video & Audio From Android Device Without Displaying A Preview
LiveHiddenCamera is a library which record live video and audio from Android device without displaying a preview. How to use ? I've created a library to make it more usable. The only requirement is to add the library to your project and pass the Rtmp URL to it. Also Read - Windows Hacks : Creative & Unusual Things That...
RedGhost : Linux Post Exploitation Framework Designed To Assist Red Teams
RedGhost is a Linux post exploitation framework designed to assist red teams in gaining persistence, reconnaissance and leaving no trace. Also Read - BlueGhost : Network Tool Designed To Assist Blue Teams In Banning Attackers From Linux Servers Features Payloads Function to generate various encoded reverse shells in netcat, bash, python, php, ruby, perllsWrapper Function to wrap the "ls" command with...
