QRGen : Simple Script for Generating Malformed QRCodes
QRGen is wrote this little script to generate generic Malformed QRCodes. These qrcodes are useful if you want to test some QRCode scanner's parser or how the application handle QRCode data. Note: Down side of this tool: you need to manually scan codes with camera. Installation What to you need: python3qrcodePillowargparse Follow the steps; git clone https://github.com/h0nus/QRGencd QRGenpip3 install -r requirements.txt OR python3 -m pip...
ExtAnalysis : Browser Extension Analysis Framework
ExtAnalysis is a browser extension analysis framework. Installing it is simple! It runs on python3, so make sure python3 and python3-pip are installed. What Can You Do? Download & Analyze Extensions From:Chrome Web StoreFirefox AddonsAnalyze Installed Extensions of:Google ChromeMozilla FirefoxOpera Browser (Coming Soon)Upload and Scan Extensions. Supported formats:.crx.xpi.zip Features View Basic Informations:Name, Author, Description and VersionManifest ViewerIn depth permission informationExtract Intels from files...
BruteDum : Brute Force Attacks SSH, FTP, Telnet, PostgreSQL, RDP, VNC with Hydra, Medusa and Ncrack
BruteDum is a SSH, FTP, Telnet, PostgreSQL, RDP, VNC brute forcing tool with Hydra, Medusa and Ncrack. It can work with any Linux distros if they have Python 3. Features SSH, FTP, Telnet, PostgreSQL, RDP, VNC with Hydra (recommended)SSH, FTP, Telnet, PostgreSQL, RDP, VNC with MedusaSSH, FTP, Telnet, PostgreSQL, RDP, VNC with NcrackScan victim's ports with Nmap Also Read - AutoSource...
10minutemail : Python Temporary Email
10minutemail.net is a free, disposable e-mail service. Your temporary e-mail address will expire after 10 minutes, after which you cannot access it. You can extend the time by 10 minutes. The website you are registering with could be selling your personal information; you never know where your e-mail will be published. An email address with a 10 minute lifespan...
DumpTheGit : Public Repositories to Find Sensitive Information Uploaded to the Github Repositories
DumpTheGit searches through public repositories to find sensitive information uploaded to the Github repositories. The tool will flag the matches for potentially sensitive files like credentials, secret keys, tokens etc which have been accidentally uploaded by the developers. DumpTheGit just require your Github Access Token to fetch the information. Also Read - Kerbrute : A Tool to Perform Kerberos Pre-Auth Bruteforcing Installation Download the DumpTheGit...
PeekABoo : Penetration Testing To Enable Remote Desktop On The Targeted Machine
PeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. The tool only works if WinRM is enabled. Since Windows Server 2012 WinRM is enabled by default on all Windows server operating systems, but not on client operating systems. Note: Remote desktop...
Vulmap :Online Local Vulnerability Scanners Project
Vulmap is an open source online local vulnerability scanner project. It consists of online local vulnerability scanning programs for Windows and Linux operating systems. These scripts can be used for defensive and offensive purposes. It is possible to make vulnerability assessments using these scripts. Also they can be used for privilege escalation by pentesters/red teamers. It can be used to, scan...
AutoSource : Automated Source Code SonarQube
AutoSource is an automated source code review framework integrated with SonarQube which is capable of performing static code analysis/reviews. It can be used for effectively finding the vulnerabilities at very early stage of the SDLC(Software Development Life Cycle). The user can scan the code by just giving GIT repository link into the framework. AutoSource framework is capable of performing source...
Kerbrute : A Tool to Perform Kerberos Pre-Auth Bruteforcing
Kerbrute is a tool to quickly bruteforce and enumerate valid Active Directory accounts through Kerberos Pre-Authentication. Find the latest binaries from the releases page to get started. This tool grew out of some bash scripts I wrote a few years ago to perform bruteforcing using the Heimdal Kerberos client from Linux. They wanted something that didn't require privileges to...
Joy : To Capture & Analyse Network Flow Data & Intraflow Data
Joy is a package for capturing and analysing network flow data and intraflow data, for network research, forensics, and security monitoring. Joy is a BSD-licensed libpcap-based software package for extracting data features from live network traffic or packet capture (pcap) files, using a flow-oriented model similar to...
