Hassh : Tool Used To Identify Specific Client & Server SSH Implementations
HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints can be easily stored, searched and shared in the form of a small MD5 fingerprint. Also ReadWebMap : Nmap Web Dashboard and Reporting HASSH help with? Use in highly controlled, well understood environments, where any fingerprints outside of a known good...
Pastego – Scrape/Parse Pastebin Using GO & Expression Grammar
Pastego Scrape/Parse Pastebin using GO and grammar expression (PEG). Pastego Installation $ go get -u github.com/edoz90/pastego Also ReadHackertarget: Tools And Network Intelligence To Help Organizations With Attack Surface Discovery Usage Search keywords are case sensitive pastego -s "password,keygen,PASSWORD" You can use boolean operators to reduce false positive pastego -s "quake && ~earthquake, password && ~(php || sudo || Linux || '<body>')" This command will search for bins...
CloudBunny – CloudBunny Is A Tool To Capture The Real IP Of The Server
CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye. CloudBunny is a tool to capture the origin server that uses a WAF as a proxy or protection. How CloudBunny Works In this tool...
Osmedeus – Automatic Reconnaisance and Scanning in Penetration Testing
Osmedeus is a automatic Reconnaisance and Scanning in Penetration Testing. Osmedeus allow you to do boring stuff in Pentesting automatically like reconnaissance and scanning the target by run the collection of awesome tools. Osmedeus Installation git clone https://github.com/j3ssie/Osmedeus cd Osmedeus ./install.sh This install only focus on Kali linux. How to use If you have no idea what are you doing just type the command below ./osmedeus.py -t...
BabySploit – Beginner Pentesting Toolkit/Framework Written in Python
BabySploit is a penetration testing toolkit aimed at making it easy to learn how to use bigger, more complicated frameworks like Metasploit. With a very easy to use UI and toolkit, anybody from any experience level will find use out of BabySploit. Below are some screenshots of the framework. BabySploit Installation BabySploit is best run out of the home directory so...
Manticore : Symbolic Execution Tool
Manticore is a symbolic execution tool for analysis of binaries and smart contracts. Beginning with version 0.2.0, Python 3.6+ is required. Manticore Features Input Generation: Manticore automatically generates inputs that trigger unique code paths Crash Discovery: Manticore discovers inputs that crash programs via memory safety violations Execution Tracing: Manticore records an instruction-level trace of execution for each generated input Programmatic...
WebMap : Nmap Web Dashboard and Reporting
WebMap project is designed to run on a Docker container With Nmap Web Dashboard . IMHO it isn't a good idea to run this on a custom Django installation. Also ReadDocker-Inurlbr : Exploit GET / POST Capturing Emails & Urls WebMap Usage You should use this with docker, just by sending this command: $ mkdir /tmp/webmap $ docker run -d ...
Hackertarget : Tools And Network Intelligence To Help Organizations With Attack Surface Discovery
Hackertarget is a open source tools and network intelligence to help organizations with attack surface discovery and identification of security vulnerabilities. Identification of an organizations vulnerabilities is an impossible task without tactical intelligence on the network footprint. By combining open source intelligence with the worlds best open source security scanning tools, we enable your attack surface discovery. With the ability...
Invisi-Shell : Hide Your Powershell Script In Plain Sight(Bypass all Powershell security features)
Invisi-Shell is a tool used to hide your powershell script in plain sight! Invisi-Shell bypasses all of Powershell security features (ScriptBlock logging, Module logging, Transcription, AMSI) by hooking .Net assemblies. The hook is performed via CLR Profiler API. Invisi-Shell Usage Copy the compiled InvisiShellProfiler.dll from /x64/Release/ folder with the two batch files from the root directory (RunWithPathAsAdmin.bat & RunWithRegistryNonAdmin.bat) to...
Docker-Inurlbr : Exploit GET / POST Capturing Emails & Urls
Docker-Inurlbr is a advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found. How to Build Docker-Inurlbr git clone https://github.com/gmdutra/docker-inurlbr.git cd docker-inurlbr docker build -t gmdutra/inurlbr . How to Run Docker-Inurlbr docker run --name inurlbr -it -d gmdutra/inurlbr Also ReadBFuzz – Fuzzing Chrome & Firefox Browsers HELP -h --help ...
