IP Obfuscator – Simple Tool to Social Engineer and Bypass Firewall
IP Obfuscator is a simple python script which converts an IP address into different obfuscated forms like integer, hexadecimal or into an octal form. What is Obfuscation? Obfuscation is a technique used by attackers to mask the malicious scripts between the legitimate source to bypass the detection engines, which makes it harder to analyze. An example to make this simpler:A normal IP address "172.217.24.174" can...
Exrex : Irregular Methods On Regular Expressions
Exrex is a command line tool and python module that generates all - or random - matching strings to a given regular expression and more. It's pure python, without external dependencies. There are regular expressions with infinite matching strings (eg.: +), in these cases it limits the maximum length of the infinite parts. It uses generators, so the memory usage does not...
PRETty : “PRinter Exploitation Toolkit” LAN Automation Tool
PRETty is useful when a large number of printers are present on a network. Instead of scanning, logging, and manually running PRET against each individual printer, it will automatically discover and run chosen PRET payloads against all printers on the target network. Additionally, it can be used to automate command/payload delivery to any given list of printers. Also Read : Kube-Hunter:Hunt...
Adapt : A Tool To Performs Automated Penetration Testing for WebApps
ADAPT is a tool that performs Automated Dynamic Application Penetration Testing for web applications. It is designed to increase accuracy, speed, and confidence in penetration testing efforts. ADAPT automatically tests for multiple industry standard OWASP Top 10 vulnerabilities, and outputs categorized findings based on these potential vulnerabilities. ADAPT also uses the functionality from OWASP ZAP to perform automated...
IdentYWAF : Blind WAF Identification Tool
identYwaf is an identification tool that can recognise web protection type (i.e. WAF) based on blind inference. Blind inference is being done by inspecting responses provoked by a set of predefined offensive (non-destructive) payloads, where those are used only to trigger the web protection system in between (e.g. http://<host>?aeD0oowi=1 AND 2>1). Currently it supports more than 70 different protection products (e.g. aeSecure, Airlock, CleanTalk, CrawlProtect, Imunify360, MalCare, ModSecurity, Palo Alto, SiteGuard, UrlScan, Wallarm, WatchGuard, Wordfence,...
Scanner CLI : A Project Security/Vulnerability/Risk Scanning Tool
The Hawkeye Scanner CLI is a project security, vulnerability and general risk highlighting tool. It is meant to be integrated into your pre-commit hooks and your pipelines. Running & Configuring the Scanner The Hawkeye scanner-cli assumes that your directory structure is such that it keeps the toolchain's files on top level. Roughly, this is what it boils down to: Node.js projects have...
Sh00t : A Testing Environment for Manual Security Testers
Sh00t is a testing environment for manual security testers. Security Testing is not as simple as right click > Scan. It's messy, a tough game. What if you had missed to test just that one thing and had to regret later? Sh00t is a highly customizable, intelligent platform that understands the life of bug hunters and emphasises on manual...
Killcast : Manipulate Chromecast Devices in your Network
Killcast manipulate chromecast devices in your network. This tool is a Proof of Concept and is for Research Purposes Only, it shows how Chromecast devices can be easily manipulated and hijacked by anyone. Inspired from this hack, thewhiteh4t has created it, an open source tool for testing and research purposes, if you have a Google Home or Chromecast you can test and learn how...
Kube-Hunter:Hunt For Security Weaknesses In Kubernetes Clusters
Kube-hunter hunts for security weaknesses in Kubernetes clusters. The tool was developed to increase awareness and visibility for security issues in Kubernetes environments. Note : You should NOT run kube-hunter on a Kubernetes cluster you don't own! Kube-hunter is available as a container (aquasec/kube-hunter), and we also offer a web site at kube-hunter.aquasec.com where you can register online to receive a token allowing...
Twifo CLI:Get Twitter User Information 2019
Twifo CLI is a tool used to get twitter user information. Install $ npm install --global twifo-cli OR $ sudo npm install --global twifo-cli Also Read: Conpot – ICS/SCADA Honeypot Usage $ Usage: twifo Example: $ twifo 9gag Related twifo : API for this tool.quorafy: Get user information of a Quora user. Download Credit: Rishi Giri
.webp "RedPersist – Advanced Windows Persistence in C#")
