Pompem : Tool For Exploits & Vulnerability in Database
Pompem is an open source tool, designed to automate the search for Exploits and Vulnerability in the most important databases. Developed in Python, has a system of advanced search, that help the work of pentesters and ethical hackers. In the current version, it performs searches in PacketStorm security, CXSecurity, ZeroDay, Vulners, National Vulnerability Database, WPScan Vulnerability...
Trommel : Sift Through Embedded Device Files to Identify Potential Vulnerable Indicators
TROMMEL sifts through embedded device files to identify potential vulnerable indicators. It identifies the following indicators related to: Secure Shell (SSH) key filesSecure Socket Layer (SSL) key filesInternet Protocol (IP) addressesUniform Resource Locator (URL)email addressesshell scriptsweb server binariesconfiguration filesdatabase filesspecific binaries files (i.e. Dropbear, BusyBox, etc.)shared object library filesweb application scripting variables, andAndroid application package (APK) file permissions. It has also integrated vFeed which...
DCOMrade : Powershell script for enumerating vulnerable DCOM Applications
DCOMrade is a Powershell script that is able to enumerate the possible vulnerable DCOM applications that might allow for lateral movement, code execution, data exfiltration, etc. The script is build to work with Powershell 2.0 but will work with all versions above as well. The script currently supports the following Windows operating systems (both x86 and x64): Microsoft Windows 7Microsoft...
Top 10 Best Web Hacking Tools
Here is the best web hacking tools that helps you in pen-testing and protecting the websites. Burp Suite: Burp Suite is a graphical tool used for testing Web application security. It helps you identify vulnerabilities and verify attack vectors that are affecting web applications. While browsing the target application, a penetration tester can configure its internet browser to route traffic through the...
Egress Assess : Tool Used to Test Egress Data Detection Capabilities
Egress Assess is a tool used to test egress data detection capabilities. To setup, run the included setup script, or perform the following: Install pyftpdlibGenerate a server certificate and store it as "server.pem" on the same level as Egress-Assess. This can be done with the following command: openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes Also Read ...
Fibratus : Tool for Exploration & Tracing of the Windows Kernel
Fibratus is a tool which is able to capture the most of the Windows kernel activity - process/thread creation and termination, context switches, file system I/O, registry, network activity, DLL loading/unloading and much more. The kernel events can be easily streamed to a number of output sinks like AMQP message brokers, Elasticsearch clusters or standard output stream. You can use filaments (lightweight Python modules) to extend...
Kaboom : Script That Automates The Penetration Test
Kaboom is a script that automates the penetration test. It performs several tasks for each phases of pentest: Information gathering TCP scanUDP scanVulnerability assessment It tests several services:smbsshsnmpsmtpftptftpms-sqlmysqlrdphttphttpsand more...It finds the CVEs and then searchs them on exploit-db or Metasploit db.Exploitation brute force ssh Also Read : Pftriage : Python Tool & Library To Help Analyse Files During Malware Triage...
Crashcast-Exploit : Tool To Mass Play YouTube Video, Terminate Apps & Rename Chromecast Device
CRASHCAST mass-exploit tool allows you to mass play any YouTube video, remotely terminate apps, and rename Chromecast device(s) obtained from Shodan.io. Prerequisites The only thing you need installed is Python 3.x sudo apt-get install python3 You also require to have cURL installed sudo apt-get install curl You also require Shodan python module pip install shodan Also Read : SSRFmap : Automatic SSRF Fuzzer And Exploitation...
Top 5 DDoS Attacking Tools For Linux,Windows & Android
DDOS or Distributed Denial of Service Attack is the most strong version of DOS attack. In this, many computers are used to target same server in a distributed manner. Where DOS (Denial of Service Attack) is one of most dangerous cyber attacks. It is a an attempt to reduces, restricts or prevents or blocks accessibility of resources to...
Pftriage : Python Tool & Library To Help Analyse Files During Malware Triage & Analysis
Pftriage is a tool to help analyze files during malware triage. It allows an analyst to quickly view and extract properties of a file to help during the triage process. The tool also has an analyse function which can detect common malicious indicators used by malware. Also Read : ADAPT : Tool That Performs Automated Penetration Testing for WebApps Dependencies pefilefilemagic Note: On...
