Kali
Taken is a tool to takeover AWS ips and have a working POC for Subdomain Takeover. Idea is simple Get subdomains. Do reverse lookups to only save AWS ips. Restart EC2 instance every min. and public ip gets rotated on each restart. Match it with your existing list of subdomain ips and you have a …
Continue reading “Taken : Takeover AWS IPS & Have A Working POC For Subdomain Takeover”
IntelOwl is composed of analyzers that can be run to retrieve data from external sources (like VirusTotal or AbuseIPDB) or to generate intel from internal analyzers (like Yara or Oletools) This solution is for everyone who needs a single point to query for info about a specific file or observable (domain, IP, URL, hash). Features …
hackerEnv is an automation tool that quickly and easily sweep IPs and scan ports, vulnerabilities and exploit them. Then, it hands you an interactive shell for further testing. Also, it generates HTML and docx reports. It uses other tools such as nmap, nikto, metasploit and hydra. Works in kali linux and Parrot OS. Do not …
Continue reading “HackerEnv : Sweep IPs & Scan Ports, Vulnerabilities & Exploit Them”
GIVINGSTORM is a breeze to use. Simply clone the directory, and cd into it. The beginnings of a C2 framework. Currently without all the C2 stuff so far. Generates a dual stage VBS infection vector, and a dual stage HTA infection vector. The variables take into account C2 addresses, Koadic/Empire payloads, and a few delivery …
Continue reading “GIVINGSTORM : Infection Vector That Bypasses AV, IDS, & IPS”
Load balancing(lbd) is the technique used in different services for balancing the load across different servers or NICs. It can be in any form. Load balancing can be done to evenly distribute workload through a series of Computer clusters. Or it can be used within a single system to balance connections across a set of …
Continue reading “lbd – Tool to Detect Whether a Domain has Load Balancing Enabled”
UA-tester is a tool to check whether a website provides different pages for different user agents like for mobile, desktop bots etc. Well, this tool also delivers a lot of information. It is basically a python script which runs through various user-agents on a specified site. It also tries various options like setting cookie, redirection, …
Continue reading “Ua-tester – A tool for User Agent WAF, IDS/IPS, Redirection testing”
Fragroute intercepts modify and rewrite egress traffic destined for the specified host. Simply frag route fragments packets originating from our(attacker) system to the destination system. Its used by security personnel or hackers for evading firewalls, avoiding IDS/IPS detections & alerts etc. Also, pentesters use it to gather information from a highly secured remote host. Options …
Continue reading “Fragroute – A Network Packet Fragmentation & Firewall Testing Tool”
Ever wanted to see live DOS attacks across the globe? There is a website from a security firm that shows live attacks from all over the globe including the protocol information, IP addresses and country. All this information is put together in a wonderful hacker-like map. Live attacks & traffic are shown once you start the …
