FlashSploit : Exploitation Framework For ATtiny85 Based HID Attacks
Flashsploit is an Exploitation Framework for Attacks using ATtiny85 HID Devices such as Digispark USB Development Board, flashsploit generates Arduino IDE Compatible (.ino) Scripts based on User Input and then Starts a Listener in Metasploit-Framework if Required by the Script, in Summary : Automatic Script Generation with Automated msfconsole. Windows Data Exfiltration Extract all WiFi Passwords and Uploads an XML to...
Versionscan : A PHP Version Scanner For Reporting Possible Vulnerabilities
Versionscan is a tool for evaluating your currently installed PHP version and checking it against known CVEs and the versions they were fixed in to report back potential issues. NOTE: Work is still in progress to adapt the tool to Linux distributions that backport security fixes. As of right now, this only reports back for the straight up version reported. Installation Using Composer {...
XSSCon : Simple XSS Scanner Tool
XSSCon is a simple XSS Scanner tool and a powerful XSS scanner made in python 3.7. Installing Requirements: BeautifulSoup4 pip install bs4 Requests pip install requests python 3.7 Commands: git clone https://github.com/menkrep1337/XSSCon chmod 755 -R XSSCon cd XSSCon python3 xsscon.py --help Also Read - Rogue : An Extensible Toolkit Providing Penetration Testers An Easy-To-Use Platform Usage Basic usage: python3 xsscon.py -u http://testphp.vulnweb.com Advanced usage: python3 xsscon.py --help Main Features crawling all links on a website...
Scavenger : Crawler (Bot) Searching For Credential Leaks On Different Paste Sites
Scavenger crawler (Bot) searching for credential leaks on different paste sites. Just the code of my OSINT bot searching for sensitive data leaks on different paste sites. Search terms: credentialsprivate RSA keysWordpress configuration filesMySQL connect stringsonion linkslinks to files hosted inside the onion network (PDF, DOC, DOCX, XLS, XLSX) Keep in mind: This bot is not beautiful. I wrote it quick and dirty...
The Top IT and Tech Challenges for Businesses in 2019
Companies, whether small, large, or enterprise-level organizations face their fair share of challenges at any given time. Currently, many of the most pervasive challenges for businesses related to IT and technology. There’s everything from the challenges of harnessing the power of the multitudes of data most organizations are collecting and storing, to security challenges that never seem to wane and instead only grow...
OSIF : Open Source Information Facebook
OSIF is an accurate Facebook account information gathering, all sensitive information can be easily gathered even though the target converts all of its privacy to (only me), Sensitive information about residence, date of birth, occupation, phone number and email address. Installation $ pkg update upgrade $ pkg install git python2 $ git clone https://github.com/ciku370/OSIF $ cd OSIF Setup $ pip2 install -r...
Bandit : Tool Designed To Find Common Security Issues In Python Code
Bandit is a tool designed to find common security issues in Python code. To do this it processes each file, builds an AST from it, and runs appropriate plugins against the AST nodes. Once it has finished scanning all the files it generates a report. It was originally developed within the OpenStack Security Project and later rehomed to PyCQA. Installation It...
Brutemap : Let’s Find Someone’s Account
Brutemap is an open source penetration testing tool that automates testing accounts to the site's login page, based on Dictionary Attack. With this, you no longer need to search for other bruteforce tools and you also no longer need to ask CMS What is this? only to find parameter forms, because it will do it automatically. It is also equipped with an attack method that makes...
Intrigue Core : Discover Your Attack Surface
Intrigue Core is a framework for external attack surface discovery and automated OSINT. There are a number of use cases: Application and Infrastructure (Asset) DiscoverySecurity Research and Vulnerability DiscoveryMalware Campaign Research & Indicator EnrichmentExploratory OSINT Research Developers To get started setting up a development environment, follow the instructions below! Setting up a development environment Follow the appropriate setup guide: Vagrant (preferred) - http://core.intrigue.io/getting-started-with-intrigue-core-on-vagrant-virtualbox/Docker - https://core.intrigue.io/2017/03/07/using-intrigue-core-with-docker/ Now that you...
Spiderfoot : The Most Complete OSINT Collection & Reconnaissance Tool
SpiderFoot is an open source intelligence (OSINT) automation tool. Its goal is to automate the process of gathering intelligence about a given target, which may be an IP address, domain name, hostname, network subnet, ASN, e-mail address or person's name. It can be used offensively, i.e. as part of a black-box penetration test to gather information about the target or...
.png "GoSH : Golang Reverse/Bind Shell Generator")
