Osmedeus – Automatic Reconnaisance and Scanning in Penetration Testing
Osmedeus is a automatic Reconnaisance and Scanning in Penetration Testing. Osmedeus allow you to do boring stuff in Pentesting automatically like reconnaissance and scanning the target by run the collection of awesome tools. Osmedeus Installation git clone https://github.com/j3ssie/Osmedeus cd Osmedeus ./install.sh This install only focus on Kali linux. How to use If you have no idea what are you doing just type the command below ./osmedeus.py -t...
BabySploit – Beginner Pentesting Toolkit/Framework Written in Python
BabySploit is a penetration testing toolkit aimed at making it easy to learn how to use bigger, more complicated frameworks like Metasploit. With a very easy to use UI and toolkit, anybody from any experience level will find use out of BabySploit. Below are some screenshots of the framework. BabySploit Installation BabySploit is best run out of the home directory so...
Manticore : Symbolic Execution Tool
Manticore is a symbolic execution tool for analysis of binaries and smart contracts. Beginning with version 0.2.0, Python 3.6+ is required. Manticore Features Input Generation: Manticore automatically generates inputs that trigger unique code paths Crash Discovery: Manticore discovers inputs that crash programs via memory safety violations Execution Tracing: Manticore records an instruction-level trace of execution for each generated input Programmatic...
WebMap : Nmap Web Dashboard and Reporting
WebMap project is designed to run on a Docker container With Nmap Web Dashboard . IMHO it isn't a good idea to run this on a custom Django installation. Also ReadDocker-Inurlbr : Exploit GET / POST Capturing Emails & Urls WebMap Usage You should use this with docker, just by sending this command: $ mkdir /tmp/webmap $ docker run -d ...
Hackertarget : Tools And Network Intelligence To Help Organizations With Attack Surface Discovery
Hackertarget is a open source tools and network intelligence to help organizations with attack surface discovery and identification of security vulnerabilities. Identification of an organizations vulnerabilities is an impossible task without tactical intelligence on the network footprint. By combining open source intelligence with the worlds best open source security scanning tools, we enable your attack surface discovery. With the ability...
Invisi-Shell : Hide Your Powershell Script In Plain Sight(Bypass all Powershell security features)
Invisi-Shell is a tool used to hide your powershell script in plain sight! Invisi-Shell bypasses all of Powershell security features (ScriptBlock logging, Module logging, Transcription, AMSI) by hooking .Net assemblies. The hook is performed via CLR Profiler API. Invisi-Shell Usage Copy the compiled InvisiShellProfiler.dll from /x64/Release/ folder with the two batch files from the root directory (RunWithPathAsAdmin.bat & RunWithRegistryNonAdmin.bat) to...
Docker-Inurlbr : Exploit GET / POST Capturing Emails & Urls
Docker-Inurlbr is a advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found. How to Build Docker-Inurlbr git clone https://github.com/gmdutra/docker-inurlbr.git cd docker-inurlbr docker build -t gmdutra/inurlbr . How to Run Docker-Inurlbr docker run --name inurlbr -it -d gmdutra/inurlbr Also ReadBFuzz – Fuzzing Chrome & Firefox Browsers HELP -h --help ...
SMWYG (Show-Me-What-You-Got) : Tool To Perform OSINT & Reconnaissance On An Organization or an Individual
SMWYG tool allows you to perform OSINT and reconnaissance on an organisation or an individual. It allows one to search 1.4 Billion clear text credentials which was dumped as part of BreachCompilation leak. This database makes finding passwords faster and easier than ever before. SMWYG Requirements Make sure you have installed the following: - Python 3.0 or later. - pip3 (sudo apt-get install...
Scannerl : The Modular Distributed Fingerprinting Engine
Scannerl is a modular distributed fingerprinting engine implemented by Kudelski Security. It can fingerprint thousands of targets on a single host, but can just as easily be distributed across multiple hosts. It is to fingerprinting what zmap is to port scanning. Scannerl works on Debian/Ubuntu/Arch (but will probably work on other distributions as well). It uses a master/slave architecture where...
Robber : Tool For Finding Executables Prone To DLL Hijacking
Robber is a free open source tool developed using Delphi XE2 without any 3rd party dependencies. So What Is DLL Hijacking? Windows has a search path for DLLs in its underlying architecture. If you can figure out what DLLs an executable requests without an absolute path (triggering this search process), you can then place your hostile DLL somewhere higher up the...
