Arjun : HTTP Parameter Discovery Suite
Also Read - PFQ : Functional Network Framework for Multi-Core Architectures Usage Note: Arjun doesn't work with python < 3.4 Discover parameters To find GET parameters, you can simply do: python3 arjun.py -u https://api.example.com/endpoint --get Similarly, use --post to find POST parameters. Multi-threading Arjun uses 2 threads by default but you can tune its performance according to your network connection. python3 arjun.py -u https://api.example.com/endpoint --get -t 22 Delay between...
SocialFish : Educational Phishing Tool & Information Collector
An app to remote control SocialFish. This app is an open-source project to remote control the application, it does not work independently. Also Read - PFQ : Functional Network Framework for Multi-Core Architectures Setting Up Fernando H. E. Bellincanta edited this page 16 hours ago · 8 revisions PREREQUISITES Python 3.6 or >pip3 PYTHON 3 PREREQUISITES flask colorama sqlite3 flask_login shutil re os secrets python-nmap...
DNS-Shell : An Interactive Shell Over DNS Channel
DNS-Shell is an interactive Shell over DNS channel. The server is Python based and can run on any operating system that has python installed, the payload is an encoded PowerShell command. The Payload is generated when the sever script is invoked and it simply utilizes nslookup to perform the queries and query the server for ...
Decker : Declarative Penetration Testing Orchestration Framework
Decker is a penetration testing orchestration framework. It leverages HashiCorp Configuration Language 2 (the same config language as Terraform) to allow declarative penetration testing as code, so your tests can be versioned, shared, reused, and collaborated on with your team or the community. Example of a decker config file: // variables are pulled from environment // ex: DECKER_TARGET_HOST //...
PFQ : Functional Network Framework for Multi-Core Architectures
PFQ is a functional framework designed for the Linux operating system built for efficient packets capture/transmission (10G, 40G and beyond), in-kernel functional processing, kernel-bypass and packets steering across groups of sockets/end-points. It is highly optimized for multi-core architecture, as well as for network devices equipped with multiple hardware queues. Compliant with any NIC, it provides a script that generates accelerated...
How to Install Ubuntu On Windows 10?
In this article will provide you with step by step instruction on installation of Ubuntu on the Windows 10 operating system. We assume that your machine comes pre-installed with Windows 10 OS or an older version of Microsoft Windows, such as Windows 8.1 or 8. Also Read : Kage – Graphical User Interface for Metasploit Meterpreter & Session Handler Installation First, we...
Hostintel : A Modular Python App to Collect Intelligence for Malicious Hosts
Hostintel is used to collect various intelligence sources for hosts. Hostintel is written in a modular fashion so new intelligence sources can be easily added. Hosts are identified by FQDN host name, Domain, or IP address. This tool only supports IPv4 at the moment. The output is in CSV format and sent to STDOUT so the data can be saved...
UserLAnd : Run a Linux Distribution or Application on Android
The assets that UserLAnd depends on and the scripts that build them are contained in other repositories. The common assets that are used for all distros and applications are found at CypherpunkArmory/UserLAnd-Assets-Support. The easiest way to run a Linux distribution or application on Android. Features: Run full linux distros or specific applications on top of Android. Install and uninstall like a...
IoT Home Guard : A Tool for Malicious Behavior Detection in IoT Devices
IoT Home Guard is a project to help people discover malware in smart home devices. For users the project can help to detect compromised smart home devices. For security researchers it is also useful in network analysis and malicious hehaviors detection. In July 2018 we had completed the first version. We will complete the second version by October 2018 with improvement...
Command Injection Payload List
Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application passes unsafe user supplied data (forms, cookies, HTTP headers etc.) to a system shell. In this attack, the attacker-supplied operating system commands are usually executed with the privileges...
