Ducky Exploit – Arduino Rubber Ducky Framework
Ducky Exploit is python framework which helps as to code Digispark as Rubber Ducky. This script has been tested on ; Kali Linux 18.2 Ubuntu 18.04 Windows It also works with both Python2 and Python3. Ducky Exploit Utilization git clone https://github.com/itsmehacker5/Ducky-Exploit.git cd Ducky-Exploit/ python ducky.py Also Read Apache Struts Version 3 : Tool To Exploit 3 RCE Vulnerabilities On ApacheStruts Screenshots
BillCipher – Information Gathering tool for a Website or IP address
BillCipher version 2.2 is a information Gathering tool for a Website or IP address, use some ideas from Devploit. BillCipher can work in any operating system if they have and support Python 2, Python 3, and Ruby. BillCipher Attribute DNS Lookup Whois Lookup GeoIP Lookup Subnet Lookup Port Scanner Page Links Zone Transfer HTTP Header Host Finder IP-Locator Find Shared...
Microctfs – Small CTF challenges running on Docker
Microctfs is a tool for small CTF challenges running on Docker. Microctfs Logviewer Build and Start logviewer challenge exposed on port 8000 cd logviewer docker build -t logviewer . docker run -d -p 8000:80 --name log_challenge logviewer Restart logviewer challenge docker rm -f log_challenge && docker run -d -p 8000:80 --name log_challenge logviewer Stop logviewer challenge docker rm -f log_challenge Also Read UBoat – A POC HTTP Botnet Project SQLI Build...
Apache Struts Version 3 : Tool To Exploit 3 RCE Vulnerabilities On ApacheStruts
Apache Struts Version 3 is a tool to exploit 3 RCE vulnerabilities on ApacheStruts. Script contains the fusion of 3 vulnerabilities of type RCE on ApacheStruts, also has the ability to create server shell. Apache Struts is a free, open-source, MVC framework for creating elegant, modern Java web applications. Below is a full list of all changes: unclosed instantiation of PrintWriter Http...
Discover IPv6 Network Range & Hosts from an IPv6 Enabled Network Using passive_discovery6
Passive_discovery6 passively sniffs the network and dump all client's IPv6 addresses detected. Passive_discovery6 simply sniffs for the neighbor-advertisement packet in IPv6 networks. You have to understand the basics of IPv6 networks first. Assuming that you know about IPv4 and what an ARP is, neighbor-advertisement & neighbor-solicitation packets replace the ARP(IPv4) in IPv6. A neighbor-solicitation is the packet sent from a host to...
UBoat – A POC HTTP Botnet Project
UBoat HTTP is a POC HTTP Botnet designed to replicate a full weaponized commercial botnet. UBoat Uses Coded in C++ with no dependencies Encrypted C&C Communications Persistence to prevent your control being lost Connection Redundancy (Uses a fallback server address or domain ) DDoS methods (TCP & UDP Flood) Task Creation System ( Altering system HWID,Country,IP,OS.System ) Remote Commands Update...
Remote Desktop Caching : Tool To Recover Old RDP
Remote Desktop Caching tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or...
Reverse APK – Quickly Analyze & Reverse Engineer Android Packages
Using Reverse APK you will have the option to quickly analyze and reverse engineer Android applications. FEATURES Of Reverse APK Displays all extracted files for easy reference Automatically decompile APK files to Java and Smali format Analyze AndroidManifest.xml for common vulnerabilities and behavior Static source code analysis for common vulnerabilities and behavior Device info Intents Command execution SQLite references Logging...
CMSeeK – CMS Detection And Exploitation Suite
CMSeeK is a CMS detection and exploitation suite where you can Scan WordPress, Joomla, Drupal and 100 other CMSs. CMS or content management system manages the creation and modification of digital content. It typically supports multiple users in a collaborative environment. Use Of CMSeek Basic CMS Detection of over 80 CMS Drupal version detection Advanced Wordpress Scans Detects Version User Enumeration ...
WAF-Buster : Disrupt WAF by abusing SSL/TLS Ciphers
WAF-buster tool was created to Analyze the ciphers that are supported by the Web application firewall being used at the web server end. It works by first triggering SslScan to look for all the supported ciphers during SSL/TLS negotiation with the web server.After getting the text file of all the supported ciphers, then we use Curl to query web...
