Taken : Takeover AWS IPS & Have A Working POC For Subdomain Takeover

Taken is a tool to takeover AWS ips and have a working POC for Subdomain Takeover. Idea is simple Get subdomains. Do reverse lookups to only save AWS ips. Restart EC2 instance every min. and public ip gets rotated on each restart. Match it with your existing list of subdomain ips and you have a …

IntelOwl : Analyze Files, Domains, IPs In Multiple Ways From A Single API At Scale

IntelOwl is composed of analyzers that can be run to retrieve data from external sources (like VirusTotal or AbuseIPDB) or to generate intel from internal analyzers (like Yara or Oletools) This solution is for everyone who needs a single point to query for info about a specific file or observable (domain, IP, URL, hash). Features …

HackerEnv : Sweep IPs & Scan Ports, Vulnerabilities & Exploit Them

hackerEnv is an automation tool that quickly and easily sweep IPs and scan ports, vulnerabilities and exploit them. Then, it hands you an interactive shell for further testing. Also, it generates HTML and docx reports. It uses other tools such as nmap, nikto, metasploit and hydra. Works in kali linux and Parrot OS. Do not …

GIVINGSTORM : Infection Vector That Bypasses AV, IDS, & IPS

GIVINGSTORM is a breeze to use. Simply clone the directory, and cd into it. The beginnings of a C2 framework. Currently without all the C2 stuff so far. Generates a dual stage VBS infection vector, and a dual stage HTA infection vector. The variables take into account C2 addresses, Koadic/Empire payloads, and a few delivery …

lbd – Tool to Detect Whether a Domain has Load Balancing Enabled

Load balancing(lbd) is the technique used in different services for balancing the load across different servers or NICs. It can be in any form. Load balancing can be done to evenly distribute workload through a series of Computer clusters. Or it can be used within a single system to balance connections across a set of …

Ua-tester – A tool for User Agent WAF, IDS/IPS, Redirection testing

UA-tester is a tool to check whether a website provides different pages for different user agents like for mobile, desktop bots etc. Well, this tool also delivers a lot of information. It is basically a python script which runs through various user-agents on a specified site. It also tries various options like setting cookie, redirection, …

Fragroute – A Network Packet Fragmentation & Firewall Testing Tool

Fragroute intercepts modify and rewrite egress traffic destined for the specified host. Simply frag route fragments packets originating from our(attacker) system to the destination system. Its used by security personnel or hackers for evading firewalls, avoiding IDS/IPS detections & alerts etc. Also, pentesters use it to gather information from a highly secured remote host. Options …

World Wide Live Attack Map & Analytics

Ever wanted to see live DOS attacks across the globe? There is a website from a security firm that shows live attacks from all over the globe including the protocol information, IP addresses and country. All this information is put together in a wonderful hacker-like map. Live attacks & traffic are¬†shown once you start the …