Kali
FProbe is a took to take list of domains/subdomains and probe for working http/https server. Installation GO111MODULE=on go get -u github.com/theblackturtle/fprobe Features Take a list of domains/subdomains and probe for working http/https server. Optimize RAM and CPU in runtime. Support special ports for each domain Verbose in JSON format with some additional headers, such as …
Continue reading “FProbe : Domains/Subdomains & Probe For Working Http/Https Server”
APK-MITM is a CLI application that automatically prepares Android APK files for HTTPS inspection. Inspecting a mobile app’s HTTPS traffic using a proxy is probably the easiest way to figure out how it works. However, with the Network Security Configuration introduced in Android 7 and app developers trying to prevent MITM attacks using certificate pinning, …
Continue reading “APK-MITM : Android APK Files for HTTPS Inspection”
Mallory is a HTTP/HTTPS proxy over SSH tool. Installation Local machine: go get github.com/justmao945/mallory/cmd/mallory Remote server: need our old friend sshd Configueration Config File Default path is $HOME/.config/mallory.json, can be set when start program mallory -config path/to/config.json Content: id_rsa is the path to our private key file, can be generated by ssh-keygen local_smart is the local address to serve HTTP …
HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities. It is an HTTPS/HTTP reverse shell built with flask. It’s compatible with python 3.x and has been successfully tested on: Linux ubuntu 18.04 LTS, Kali Linux 2019.3 macOS Mojave Windows 7/10 Features: It’s stealthy TLS support …
Continue reading “HRShell : HTTPS/HTTP Reverse Shell Built With Flask”
GoDoH is a proof of concept Command and Control framework, written in Golang, that uses DNS-over-HTTPS as a transport medium. Currently supported providers include Google, Cloudflare but also contains the ability to use traditional DNS. Installation All you would need are the godoh binaries themselves. Binaries are available for download from the releases page as part of tagged releases. …
htrace.sh simple shell script to debugging http/https traffic tracing, response headers and mixed-content. Scanning domain using Nmap NSE Library. Support external security tools: Mozilla Observatory and SSL Labs API. htrace.sh is a shell script that allows you to validate your domain configuration and catch any errors (e.g. redirect loops). It also displays basic information about …
Continue reading “htrace.sh – Simple Shell Script To Debugging Http/Https Traffic Tracing”
