UserLAnd : Run a Linux Distribution or Application on Android
The assets that UserLAnd depends on and the scripts that build them are contained in other repositories. The common assets that are used for all distros and applications are found at CypherpunkArmory/UserLAnd-Assets-Support. The easiest way to run a Linux distribution or application on Android. Features: Run full linux distros or specific applications on top of Android. Install and uninstall like a...
IoT Home Guard : A Tool for Malicious Behavior Detection in IoT Devices
IoT Home Guard is a project to help people discover malware in smart home devices. For users the project can help to detect compromised smart home devices. For security researchers it is also useful in network analysis and malicious hehaviors detection. In July 2018 we had completed the first version. We will complete the second version by October 2018 with improvement...
Command Injection Payload List
Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application passes unsafe user supplied data (forms, cookies, HTTP headers etc.) to a system shell. In this attack, the attacker-supplied operating system commands are usually executed with the privileges...
RootOS – macOS Root Helper
rootOS tries to use various CVEs to gain sudo or root access. All exploits have an end goal of adding ALL ALL=(ALL) NOPASSWD: ALL to /etc/sudoers allowing any user to run sudo commands. Also Read - Goca : Scanner Used To Find Metadata & Hidden Information Exploits CVE-2008-2830CVE-2015-3760CVE-2015-5889CVE-2017-13872AppleScript Dynamic PhishingSudo Piggyback Run python root.py Dynamic Phishing Download
Vuls : Vulnerability Scanner for Linux/FreeBSD, Agentless, Written in Go
Vuls is a vulnerability scanner for Linux/FreeBSD, agentless, written in golang. Also Read - Turbinia : Automation and Scaling of Digital Forensics Tools For a system administrator, having to perform security vulnerability analysis and software update on a daily basis can be a burden. To avoid downtime in production environment, it is common for system administrator to...
Kage – Graphical User Interface for Metasploit Meterpreter & Session Handler
Kage (ka-geh) is a tool inspired by AhMyth designed for Metasploit RPC Server to interact with meterpreter sessions and generate payloads.For now it only supports windows/meterpreter & android/meterpreter Prerequisites Metasploit-framework must be installed and in your PATH:MsfrpcdMsfvenomMsfdb Also Read - Legion : An Open Source, Easy-To-Use, Super-extensible & Semi-Automated Network Penetration Testing Tool Installing You can install Kage binaries from here. for developers to run the app from source...
Chomp-Scan : A Scripted Pipeline of Tools To Streamline The Bug Bounty/Penetration Test Reconnaissance Phase
Chomp-Scan is a scripted pipeline of tools to simplify the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs. Chomp Scan is a Bash script that chains together the fastest and most effective tools (in my opinion/experience) for doing the long and sometimes tedious process of recon. No more looking for word lists and...
Reverse Shell Cheat Sheet 2019
If it’s not possible to add a new account / SSH key / .rhosts file and just log in, your next step is likely to be either trowing back a reverse shell or binding a shell to a TCP port. This page deals with the former. If you’re lucky enough to find a command execution vulnerability during a penetration test,...
7 Reasons Why You Should Use PDF Over Word
Nothing speaks about your professionalism more than using PDF file format while sending out the documents. Besides its' easy printable visuals and creative features, PDF is superior to other text file formats. We use Microsoft Word and other MS products every day working in the office or even writing something down at home. For quite a long time, we were depended...
Catnip : Automated Basic Pentest Tool – Designed For Kali Linux
Catnip tool will make your basic pentesting task like Information Gathering, Auditing, And Reporting so this tool will do every task fully automatic. Usage Guide Download / Clone Cat-Nip ~# git clone https://github.com/baguswiratmaadi/catnip Go Inside Cat-Nip Dir ~# cd catnip Give Permission To Cat-Nip ~# chmod 777 catnip.sh Run Cat-Nip ~# ./catnip.sh Pentest Tools Auto Executed With Cat-Nip Whois LookupDNSmapNmapDmitryTheharvesterLoad Balancing DetectorSSLyzeAutomaterUa TesterGobusterGrabberParseroUniscanAnd More Tool Soon Also Read...
