Miteru : An Experimental Phishing Kit Detection Tool
Miteru is an experimental phishing kit detection tool. Following are the features that can be used for the tool; Phishing kit detection & collection. Slack notification. Threading. How it works? It collects phishy URLs from the following feeds:CertStream-Suspicious feed via urlscan.ioOpenPhish feed via urlscan.ioPhishTank feed via urlscan.ioAyashige feedIt checks each phishy URL whether it enables directory listing and contains a phishing kit (compressed file)...
Security RAT : Tool For Handling Security Requirements In Development
OWASP Security RAT (Requirement Automation Tool) is a tool supposed to assist with the problem of addressing security requirements during application development. The typical use case is: specify parameters of the software artifact you're developingbased on this information, list of common security requirements is generatedgo through the list of the requirements and choose how you want to handle the requirementspersist the...
Rogue : An Extensible Toolkit Providing Penetration Testers An Easy-To-Use Platform
The Rogue Toolkit is an extensible toolkit aimed at providing penetration testers an easy-to-use platform to deploy software-defined Access Points (AP) for the purpose of conducting penetration testing and red team engagements. By using Rogue, penetration testers can easily perform targeted evil twin attacks against a variety of wireless network types. Rogue was originally forked from s0lst1c3's eaphammer project. The fundamental idea...
SecureTea Project : OWASP Application Designed To Help Secure Unauthorised Access
The OWASP SecureTea Project is an application designed to help secure a person's laptop or computer / server with IoT (Internet Of Things) and notify users (via various communication mechanisms), whenever someone accesses their computer / server. This application uses the touchpad/mouse/wireless mouse to determine activity and is developed in Python and tested on various machines (Linux, Mac &...
DeepSearch – Advanced Web Dir Scanner For Bruteforce
DeepSearch is a simple command line tool for bruteforce directories and files in websites. you can also use Dark web browser to surf anonymously. DeepSearch Installation $ git clone https://github.com/m4ll0k/DeepSearch.git deepsearch $ cd deepsearch $ pip3 install requests $ python3 deepsearch.py Also ReadInvisi-Shell : Hide Your Powershell Script In Plain Sight(Bypass all Powershell security features) Usage Basic: python3 deepsearch.py -u http://testphp.vulnweb.com/ -e php -w wordlist.txt Force extension for...
JWT Tool : A Toolkit For Testing, Tweaking & Cracking JSON Web Tokens
JWT Tool(jwt_tool.py) is a toolkit for validating, forging and cracking JWTs (JSON Web Tokens). Its functionality includes: Checking the validity of a tokenTesting for the RS/HS256 public key mismatch vulnerabilityTesting for the alg=None signature-bypass vulnerabilityTesting the validity of a secret/key/key fileIdentifying weak keys via a High-speed Dictionary AttackForging new token header and payload values and creating a new signature with...
TrigMap : A Wrapper For Nmap To Automate The Pentest
Trigmap is a wrapper for Nmap. You can use it to easily start Nmap scan and especially to collect information into a well organised directory hierarchy. The use of Nmap makes the script portable (easy to run not only on Kali Linux) and very efficient thanks to the optimised Nmap algorithms. Trigmap can performs several tasks using Nmap scripting...
Pown Recon : A Powerful Target Reconnaissance Framework Powered By Graph Theory
Pown Recon is a target reconnaissance framework powered by graph theory. The benefit of using graph theory instead of flat table representation is that it is easier to find the relationships between different types of information which comes quite handy in many situations. Graph theory algorithms also help with diffing, searching, like finding the shortest...
LNK-KISSER : AutoIt HackTool, Shortcuts.lnk Payloads Generator
LNK-KISSER is an autoIt hackTool, shortcuts.lnk payloads generator. Exploiting Powershell to make ShortCut Payloads .There is too much of awsome tricks there , u can make it better ^_^.For Ex : Killing tcpview , taskmanager ..etc while downloading.Set hidden attribs to the malware after downloading....etcG00d by3../9aylas Also Read - Horn3t : Powerful Visual Subdomain Enumeration at the Click of a Mouse Download
Mquery : YARA Malware Query Accelerator
Mquery can be used to search through terabytes of malware in a blink of an eye: Ever had trouble searching for particular malware samples? Our project is an analyst-friendly web GUI to look through your digital warehouse. Demo Take a look at https://mquery.tailcall.net for a quick demo. Unfortunately, you won't find any actual malware there. For demo purposes we have indexed...