CGPwn – Ubuntu VM For Hardware Hacking, RE and Wargaming
CGPwn is a lightweight VM for hardware hacking, RE (fuzzing, symEx, exploiting etc) and wargaming task. Tools included in CGPwn; Fire up the VM git clone https://github.com/0xM3R/cgPwn cd cgPwn vagrant up ... Grab a beer and relax until everything is getting setup for you ;) vagrant ssh CGPwn Default settings By default, personal dotfiles are installed onto the VM. Simply comment out the following lines in cgPwn.sh if...
Introspy-iOS : Security Tool For Profiling iOS Application at Runtime
Introspy-iOS is a blackbox tool to help understand what an iOS application is doing at runtime and assist in the identification of potential security issues. This is the repository for the Introspy-iOS tracer. The tracer can be installed on a jailbroken device to hook and log security-sensitive iOS APIs called by applications running on the device. The tool records details...
HABU – Network Penetration Testing Toolkit for Hackers and Pentesters
Habu is a python network hacking toolkit. This tool basic functions that help with some tasks for Ethical Hacking and Penetration Testing. Most of them are related to networking, and the implementations are intended to be understandable for who wants to read the source code and learn from that. Some techniques implemented in the current version are: ARP Poisoning ARP...
SQLMAP – Enumeration of Databases & Users from Vulnerable Web Forms
Sqlmap is a database assessment tool which pentesters & security researchers can use to enumerate databases of various types. Sqlmap automates a normal & advanced sql injection techniques and performs them on a regular form. Refer to the article on Introduction to SQLMAP for getting started. The following lab sessions are a continuation of the previous one on sqlmap. So I...
Ua-tester – A tool for User Agent WAF, IDS/IPS, Redirection testing
UA-tester is a tool to check whether a website provides different pages for different user agents like for mobile, desktop bots etc. Well, this tool also delivers a lot of information. It is basically a python script which runs through various user-agents on a specified site. It also tries various options like setting cookie, redirection, URL-stability(whether the URL expires or...
Arping – To Discover Hosts on a Computer Network
Arping is a computer software tool that is used to discover hosts on a computer network. The program tests whether a given IP address is in use on the local network, and can get additional information about the device using that address. Arping operates work at the layer 2 (or the link layer of the OSI model) using the Address...
WebvulScan – Web Application Vulnerability Scanner
WebVulScan is a web application vulnerability scanner. It is a web application itself written in PHP and can be used to test remote, or local, web applications for security vulnerabilities. As a scan is running, details of the scan are dynamically updated to the user. These details include the status of the scan, the number of URLs found on...
SIPI – Simple IP Information Tools for Reputation Data Analysis
SIPI tool is aimed for Incident Response Team and anyone what's want to know the behaviour of the "suspicious" IP Address. The tools do search looking for reputation info from a set of open threat intelligence sources. Information about this IP like malware activity, malicious activity, blacklist, spam and botnet activity. Also Read Idisagree – Control Remote Computers Using Discord Bot...
Idisagree – Control Remote Computers Using Discord Bot & Python 3
Idisagree is a tool to Control remote computers using discord bot and python 3. If your target is a windows system, you may want to compile your payload. Do this with py2exe or pyinstaller. Prerequisites For Idisagree Python 3.x pip3 subprocess from python3 Discord from python3 Also Read CTF – Some Setup Scripts For Security Research Tools TESTED ON Kali Linux - Rolling...
CTF – Some Setup Scripts For Security Research Tools
CTF is a collection of setup scripts to create an install of various security research tools. Of course, this isn't a hard problem, but it's really nice to have them in one place that's easily deployable to new machines and so forth. The install-scripts for these tools are checked regularly. Also Read XssPy – Web Application XSS Scanner Installers for the following...