Sh00t : A Testing Environment for Manual Security Testers
Sh00t is a testing environment for manual security testers. Security Testing is not as simple as right click > Scan. It's messy, a tough game. What if you had missed to test just that one thing and had to regret later? Sh00t is a highly customizable, intelligent platform that understands the life of bug hunters and emphasises on manual...
Killcast : Manipulate Chromecast Devices in your Network
Killcast manipulate chromecast devices in your network. This tool is a Proof of Concept and is for Research Purposes Only, it shows how Chromecast devices can be easily manipulated and hijacked by anyone. Inspired from this hack, thewhiteh4t has created it, an open source tool for testing and research purposes, if you have a Google Home or Chromecast you can test and learn how...
Kube-Hunter:Hunt For Security Weaknesses In Kubernetes Clusters
Kube-hunter hunts for security weaknesses in Kubernetes clusters. The tool was developed to increase awareness and visibility for security issues in Kubernetes environments. Note : You should NOT run kube-hunter on a Kubernetes cluster you don't own! Kube-hunter is available as a container (aquasec/kube-hunter), and we also offer a web site at kube-hunter.aquasec.com where you can register online to receive a token allowing...
Twifo CLI:Get Twitter User Information 2019
Twifo CLI is a tool used to get twitter user information. Install $ npm install --global twifo-cli OR $ sudo npm install --global twifo-cli Also Read: Conpot – ICS/SCADA Honeypot Usage $ Usage: twifo Example: $ twifo 9gag Related twifo : API for this tool.quorafy: Get user information of a Quora user. Download Credit: Rishi Giri
H8mail – Email OSINT And Password Breach Hunting
Email OSINT and password breach hunting. Use h8mail to find passwords through different breach and reconnaissance services, or the infamous Breached Compilation torrent. H8mail Features Email pattern matching (reg exp), useful for all those raw HTML files Small and fast Alpine Dockerfile available CLI or Bulk file-reading for targeting Output to CSV file Reverse DNS + Open...
Sitadel – Web Application Security Scanner
Sitadel is basically an update for WAScan making it compatible for python >= 3.4 It allows more flexibility for you to write new modules and implement new features : Frontend framework detectionContent Delivery Network detectionDefine Risk Level to allow for scansPlugin systemDocker image available to build and run Also Read : WPintel – Chrome Extension Designed For WordPress Vulnerability Scanning & Information...
DNSpy – .NET Debugger And Assembly Editor
DNSpy is a debugger and .NET assembly editor. You can use it to edit and debug assemblies even if you don't have any source code available. Want to say thanks? Click the star at the top of the page. Or fork dnSpy and send a PR! The following pictures show dnSpy in action. It shows dnSpy editing and debugging a...
Recaf – A Modern Java Bytecode Editor
Recaf is an easy to use modern Java bytecode editor based on Objectweb's ASM. No more hassling with the constant pool or stack-frames required. Check out the docs for more information. Recaf Requirements You can run Recaf with Java 8 or higher (Its reccomended that you use the lastest jdk8 release from jdk.java.net). Using Java 9 and higher requires an additional...
Conpot – ICS/SCADA Honeypot
Conpot is an ICS honeypot with the goal to collect intelligence about the motives and methods of adversaries targeting industrial control systems. Also Read:BruteX – Automatically Brute Force All Services Running On A Target Conpot Installation Ubuntu You need to add multiverse to the source, like; $ sudo vim /etc/apt/sources.list Add the following line: deb http://dk.archive.ubuntu.com/ubuntu precise main multiverse Install dependencies: sudo apt-get install libmysqlclient-dev libsmi2ldbl snmp-mibs-downloader...
Htcap-Web Application Scanner Able To Crawl Single Page Application
Htcap is a web application scanner able to crawl single page application (SPA) in a recursive manner by intercepting ajax calls and DOM changes. Htcap is not just another vulnerability scanner since it's focused on the crawling process and it's aimed to detect and intercept ajax/fetch calls, websockets, jsonp ecc. It uses its own fuzzers plus a set of external...
