MacSubstrate – Tool For Interprocess Code Injection On macOS
MacSubstrate is a platform tool for interprocess code injection on macOS, with the similar function to Cydia Substrate on iOS. Using macSubstrate, you can inject your plugins (.bundle or .framework) into a mac app (including sandboxed apps) to tweak it in the runtime. All you need is to get or create plugins for your target app. No trouble with...
Fluxion – Remake Of Linset By VK496 With Less Bugs & Enhanced Functionality
Fluxion is the future of MITM WPA attacks. Fluxion is a security auditing and social-engineering research tool. It is a remake of linset by vk496 with (hopefully) less bugs and more functionality. The script attempts to retrieve the WPA/WPA2 key from a target access point by means of a social engineering (phishing) attack. It's compatible with the latest release...
RidRelay – Easy Way To Get Domain Usernames While On An Internal Network
Quick and easy way to get domain usernames while on an internal network. RidRelay combines the SMB Relay attack, common lsarpc based queries and RID cycling to get a list of domain usernames. It takes these steps: Spins up an SMB server and waits for an incoming SMB connection The incoming credentials are relayed to a specified target, creating...
WindowsSpyBlocker – Block Spying & Tracking On Windows
WindowsSpyBlocker is an application written in Go and delivered as a single executable to block spying and tracking on Windows systems. The initial approach of this application is to capture and analyze network traffic based on a set of tools. Configuration file app.conf is generated at first launch : Also Read Shodanwave – Tool For Exploring & Obtaining Information From Cameras WindowsSpyBlocker Telemetry...
IDB – Tool To Simplify Some Common Tasks For iOS Pentesting & Research
IDB is a tool to simplify some common tasks for iOS pentesting and research. Originally there was a command line version of the tool, but it is no longer under development so you should get the GUI version. It has some prerequisites. As it turns out, things like ruby and Qt are difficult to bundle into a stand-alone installer. While...
Shodanwave – Tool For Exploring & Obtaining Information From Cameras
Shodanwave is a tool for exploring and obtaining information from cameras specifically Netwave IP Camera. The tool uses a search engine called shodan that makes it easy to search for cameras online. What does the tool to? Look, a list! Search Brute force SSID and WPAPSK Password Disclosure E-mail, FTP, DNS, MSN Password Disclosure Exploit This is an example of shodan...
PCILeech – Direct Memory Access (DMA) Attack Software
PCILeech uses PCIe hardware devices to read and write from the target system memory. This is achieved by using DMA over PCIe. No drivers are needed on the target system. PCILeech supports multiple memory acquisition devices. Primarily hardware based, but also dump files and software based techniques based on select security issues are supported. USB3380 based hardware is only able...
Mercure – Tool For Security Managers Who Want To Train Their Colleague To Phishing
Mercure is a tool for security managers who want to train their colleague to phishing. What Mercure can do: Create email templates Create target lists Create landing pages Handle attachments Let you keep track in the Campaign dashboard Track email reads, landing page visits, and attachment execution. Harvest credentials Schedule campaigns Minimize link in email templates What Mercure will do: Display...
GoldenEye – GoldenEye Layer 7 DoS Test Tool
GoldenEye is an python app for SECURITY TESTING PURPOSES ONLY. GoldenEye is a HTTP DoS Test Tool. Attack Vector exploited: HTTP Keep Alive + NoCache. GoldenEye Usage USAGE: ./goldeneye.py <url> OPTIONS: Flag Description ...
ReelPhish – A Real-Time Two-Factor Phishing Tool
Security Firm FireEye Released a new Phishing tool called ReelPhish to simplifies the real-time Phishing attack that is designed to be run on the attacker’s system and control it by navigating the Attacker web browser. Also Read WTF – A Personal Information Dashboard For Your Terminal ReelPhish Phishing Instillation The latest release of Python 2.7.x is required. Install Selenium, a required dependency...