Blackbone – Memory Hacking Library For Windows

0

Blackbone is a tool used to hack windows memory library. Blackbone is licensed under the MIT License.  Features Of Blackbone Process interaction Manage PEB32/PEB64 Manage process through WOW64 barrier Process Memory Allocate and free virtual memory Change memory protection Read/Write virtual memory Also Read BLEAH – A BLE Scanner For SMART Devices Hacking Process modules Enumerate all (32/64 bit) modules loaded. Enumerate modules using Loader...

Introspy – Security Profiling For Blackbox iOS

0

Introspy is a Blackbox tool to help understand what an iOS application is doing at runtime and assist in the identification of potential security issues. Introduction to Introspy tool This is the repository for the Introspy-iOS tracer. The tracer can be installed on a jailbroken device to hook and log security-sensitive iOS APIs called by applications running on the device. The tool...

Yersinia for Layer 2 – Vulnerability Analysis & DHCP Starvation Attack

0

Yersinia is a network tool designed to take advantage of some weakness in different network protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems. It consists of various layer-2 attacks exploiting the weaknesses of different layer-2 protocols. Thus a pentester can identify the vulnerabilities in the deep layer 2 of the network....

List of Best Open Source SQL Injection Tools – 2019

0

SQL injection is a standout amongst the most widely recognized attacks against web applications. Here is the list of Best SQL Injection Tools 2019. Its attacks comprise of insertion or "injection" of a SQL query by means of the information from the customer to the application. An effective SQL injections endeavor can read delicate information from the database, alter database information...

BeRoot – Tool To Check Common Windows Mis-configurations

0

BeRoot is a post exploitation tool to check common Windows misconfigurations to find a way to escalate our privilege. It will be added to the pupy project as a post exploitation module (so it will be executed in memory without touching the disk). Except one method, this tool is only used to detect and not to exploit. If something is...

Best OSINT Resources To Gather Information From Free Tools Or Resources

0

Open-source intelligence or OSINT Resources is data gathering from freely accessible sources to be utilized as a part of a knowledge setting. In the knowledge network, the expression "open" alludes to overt, freely accessible sources. Also Read JCS – Joomla Vulnerability For Penetration Testing Component Scanner OSINT Resources Framework OSINT framework concentrated on gathering data from free tools or resources. The expectation is to...

JCS – Joomla Vulnerability For Penetration Testing Component Scanner

0

JCS (Joomla Component Scanner) made for penetration testing purpose on Joomla CMS JCS can help you with the latest component vulnerabilities and exploits. Database can update from several resources and a Crawler has been implemented to find components and component's link. This version supports Exploitdb and Packetstorm vulnerabilities to create a database for joomla components it can also create a...

OverThruster – HID Attack Payload Generator For Arduinos

0

OverThruster is a tool to generate sketches for Arduinos when used as an HID Attack. It was designed around devices with the ATMEGA32U4 chip, like the CJMCU-BEETLE, or the new LilyGo "BadUSB" devices popping up on ebay and aliexpress that look like USB sticks but contain an Arduino. I wrote this because the few other tools out there that...

Reconnaissance, Identification & Fingerprinting of Web Application Firewall using WAFW00F

0

Web Application firewalls are typically firewalls working on the application layer which monitors & modifies HTTP requests. The key difference is that WAFs work on Layer 7 - Application Layer of the OSI Model. Basically, all WAFs protect against different HTTP attacks & queries like SQLi & XSS. Since the firewall is able to detect HTTP methods, SQL queries &...

Online Password Bruteforce with Hydra-GTK

0

Hydra (better known as "thc-hydra") is an online password attack tool. It brute forces various combinations on live services like telnet, ssh, http, https, smb, snmp, smtp etc. Hydra supports 30+ protocols including their SSL enabled ones. It brute forces on services we specify by using user-lists & wordlists. Hydra works in 4 modes: One username & one password User-list & One...