CHAOS : PoC that Allow Generate Payloads & Control Remote OS
CHAOS is a PoC that allow generate payloads and control remote operating systems. Features FeatureWindowsMacLinuxReverse ShellXXXDownload FileXXXUpload FileXXXScreenshotXXXKeyloggerXPersistenceXOpen URLXXXGet OS InfoXXXFork BombXXXRun HiddenX Also Read - Osmedeus : Fully Automated Offensive Security Tool for Reconnaissance & Vulnerability Scanning How to Install Install dependencies$ sudo apt install golang git -yGet this repository$ go get github.com/tiagorlampert/CHAOSGet external golang dependencies (ARE REQUIRED GET ALL DEPENDENCIES)$ go...
ISeeYou : Tool To Get Exact Location of The Users During Social Engineering or Phishing Engagements
ISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks. Note: This tool does not require...
Instainsane : Multi-threaded Instagram Brute Forcer
Instainsane is an Shell Script to perform multi-threaded brute force attack against Instagram, this script can bypass login limiting and it can test infinite number of passwords with a rate of about 1000 passwords/min with 100 attemps at once. Features Multi-thread (100 attempts at once) Save/Resume sessions Anonymous attack through TOR Check valid usernames Default password list (best +39k...
Evillimiter : Tool that Limits Bandwidth of Devices on the Same Network Without Access
Evillimiter is a tool to limit the bandwidth (upload/download) of devices connected to your network without physical or administrative access. It employs ARP spoofing and traffic shaping to throttle the bandwidth of hosts on the network. This is explained in detail below. Requirements Linux distributionPython 3 or greater Possibly missing python packages will be installed during the installation process. Also Read - IDArling :...
Osmedeus : Fully Automated Offensive Security Tool for Reconnaissance & Vulnerability Scanning
Osmedeus allow you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. If you have no idea what are you doing just type the command below ./osmedeus.py -t example.com Also Read - Just-Metadata : Tool That Gathers & Analyzes Metadata About IP Addresses Installation git clone https://github.com/j3ssie/Osmedeus cd Osmedeus ./install.sh Features Subdomain Scan. Subdomain TakeOver Scan. Screenshot the target. Basic...
Top 5 SQL Injection Tools for PenTest & Hacking
SQL injection is a code injection technique, used to attack data-driven applications that might destroy your database. Here, malicious codes are inserted into SQL statements via web page input. SQL injection is one of the most common web hacking techniques. Let's see the top 5 SQL injection tool to detect vulnerabilities! SQLMap Sqlmap is an open source SQL injection tool...
Mimikatz : A little Tool to Play with Windows Security
Mimikatz is a tool I've made to learn C and make somes experiments with Windows security. Mimikatz : A little Tool to Play with Windows Security Mimikatz can also perform pass-the-hash, pass-the-ticket or build Golden tickets. mimikatz 2.0 alpha (x86) release "Kiwi en C" (Apr 6 2014 22:02:03) Benjamin DELPY gentilkiwi ( benjamin@gentilkiwi.com ) http://blog.gentilkiwi.com/mimikatz ...
CommandoVM : Windows-Based Security Distribution for Penetration Testing
Welcome to CommandoVM a fully customized, Windows-based security distribution for penetration testing and red teaming. Installation (Install Script) Requirements Windows 7 Service Pack 1 or Windows 1060 GB Hard Drive2 GB RAM Instructions Create and configure a new Windows Virtual Machine Ensure VM is updated completely. You may have to check for updates, reboot, and check again until no more remainTake a snapshot of your...
FFM : Freedom Fighting Mode Open Source Hacking Harness
FFM is a hacking harness that you can use during the post-exploitation phase of a red-teaming engagement. It was presented at SSTIC 2018 and the accompanying slide deck is available at this url. If you're not familiar with this class of tools, it is strongly advised to have a look at them to understand what a hacking harness'...
IDArling : Collaborative Reverse Engineering Plugin for IDA Pro & Hex-Ray
IDArling is a collaborative reverse engineering plugin for IDA Pro and Hex-Rays. It allows to synchronize in real-time the changes made to a database by multiple users, by connecting together different instances of IDA Pro. The main features of IDArling are: hooking general user eventsstructure and enumeration supportHex-Rays decompiler syncingreplay engine and auto-savingdatabase loading and savinginteractive status bar widgetuser cursors (instructions, functions, navbar)invite and...
