Pocsuite3 : Open-Sourced Remote Vulnerability Testing Framework
Pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team. It comes with a powerful proof-of-concept engine, many powerful features for the ultimate penetration testers and security researchers. Features PoC scripts can running with attack,verify, shell mode in different wayPlugin ecosystemDynamic loading PoC script from any where (local file, redis , database, Seebug ...)Load multi-target from any where...
XanXSS : A Simple XSS Finding Tool
XanXSS is a reflected XSS searching tool (DOM coming soon) that creates payloads based from templates. Unlike other XSS scanners that just run through a list of payloads. XanXSS tries to make the payload unidentifiable, for example: <xAnXSS</TitLE></STYLE><SVG/ONload='alERt(1);'/></XaNxSs</titLe></StYlE><SvG/ONlOAD='alerT(1);'/> <ifrAmE Src= .Find(CoNfirm);= "JAVaScRIpT:proMpT(1))"javAscrIpt:/*--></scRIPt> />cLIcK Me!</b</TextaRea></TiTLE><BUTtON ONcLIck='aleRT(1);'/>XaNxss</TEXTaRea> <iMG sRc=%0acONfIRM();=+'jAVASCRiPT:alerT("XSS");'</STYlE><Svg/onLoad='alErT((1));'/> With XanXSS every payload is different. XanXSS works by running through the payloads until a...
Pyrit : The Famous WPA Pre-Computed Cracker, Migrated from Google
Pyrit allows you to create massive databases of pre-computed WPA/WPA2-PSK authentication phase in a space-time-tradeoff. By using the computational power of Multi-Core CPUs and other platforms through ATI-Stream,Nvidia CUDA and OpenCL, it is currently by far the most powerful attack against one of the world's most used security-protocols. WPA/WPA2-PSK is a subset of IEEE 802.11 WPA/WPA2 that skips the complex...
Reverse Phone Lookup and 3 more Methods to Help You Find Secure Hosting
A secure web hosting is an essential cog in the wheel for any online business. It does not matter whether you're just creating a corporate website or an e-commerce store, secure web hosting is imperative. The problem is that most of the business owners have no prior experience in choosing a hosting for their website. That is why they do not know how...
PowerShellArsenal : A PowerShell Module Dedicated to Reverse Engineering
PowerShellArsenal is a PowerShell module used to aid a reverse engineer. The module can be used to disassemble managed and unmanaged code, perform .NET malware analysis, analyze/scrape memory, parse file formats and memory structures, obtain internal system information, etc. PowerShellArsenal is comprised of the following tools: Disassembly Disassemble native and managed code. Get-CSDisassembly Disassembles a byte array using the Capstone Engine disassembly framework. ...
Darksplitz : Exploit Framework
Darksplitz is a exploit framework tool that is continued from Nefix, DirsPy and Xmasspy project. Installation Will work fine in the debian shade operating system, like Backbox, Ubuntu or Kali linux. $ git clone https://github.com/koboi137/darksplitz$ cd darksplitz/$ sudo ./install.sh Also Read - Evillimiter : Tool that Limits Bandwidth of Devices on the Same Network Without Access Features Extract mikrotik credential (user.dat)Password generatorReverse IP...
CHAOS : PoC that Allow Generate Payloads & Control Remote OS
CHAOS is a PoC that allow generate payloads and control remote operating systems. Features FeatureWindowsMacLinuxReverse ShellXXXDownload FileXXXUpload FileXXXScreenshotXXXKeyloggerXPersistenceXOpen URLXXXGet OS InfoXXXFork BombXXXRun HiddenX Also Read - Osmedeus : Fully Automated Offensive Security Tool for Reconnaissance & Vulnerability Scanning How to Install Install dependencies$ sudo apt install golang git -yGet this repository$ go get github.com/tiagorlampert/CHAOSGet external golang dependencies (ARE REQUIRED GET ALL DEPENDENCIES)$ go...
ISeeYou : Tool To Get Exact Location of The Users During Social Engineering or Phishing Engagements
ISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks. Note: This tool does not require...
Instainsane : Multi-threaded Instagram Brute Forcer
Instainsane is an Shell Script to perform multi-threaded brute force attack against Instagram, this script can bypass login limiting and it can test infinite number of passwords with a rate of about 1000 passwords/min with 100 attemps at once. Features Multi-thread (100 attempts at once) Save/Resume sessions Anonymous attack through TOR Check valid usernames Default password list (best +39k...
Evillimiter : Tool that Limits Bandwidth of Devices on the Same Network Without Access
Evillimiter is a tool to limit the bandwidth (upload/download) of devices connected to your network without physical or administrative access. It employs ARP spoofing and traffic shaping to throttle the bandwidth of hosts on the network. This is explained in detail below. Requirements Linux distributionPython 3 or greater Possibly missing python packages will be installed during the installation process. Also Read - IDArling :...
