Kali
Whatweb is the perfect name for this tool. Simply it answers the question, “What is that Website?” Whatweb can identify all sorts of information about a live website, like: Whatweb offers both passive scanning and aggressive testing. Passive scanning just extracts data from HTTP headers simulating a normal visit. Aggressive options get deeper with recursion …
Continue reading “Whatweb – A Scanning Tool to Find Security Vulnerabilities in Web App”
Kerbrute is a script to perform kerberos bruteforcing by using the Impacket library. When is executed, as input it receives a user or list of users and a password or list of password. Then is performs a brute-force attack to enumerate: Valid username/passwords pairs Valid usernames Usernames without pre-authentication required As a result, the script …
Continue reading “Kerbrute : An Script To Perform Kerberos Bruteforcing By Using Impacket”
Webstor is a tool implemented in Python under the MIT license for quickly enumerating all websites across all of your organization’s networks, storing their responses, and querying for known web technologies and versions, such as those with zero-day vulnerabilities. It is intended, in particular, to solve the unique problem presented in mid to large sized …
IMAPLoginTester is a simple Python script that reads a text file with lots of e-mails and passwords, and tries to check if those credentials are valid by trying to login to the respective IMAP servers. Usage usage: imaplogintester.py [-h] -i INPUT [-o OUTPUT] [-s] [-t SLEEP_TIME] [-T TIMEOUT] [-P SOCKS5_PROXY] [-v]optional arguments:-h, –help show this help …
Exif-Gps-Tracer is a python script which allows you to parse GeoLocation data from your Image files stored in a dataset.It also produces output in CSV file and also in HTML Google Maps. Prerequisite To run this script fluently , (1) You should have Google Maps API (2) You should enable Map JavaScript API in Console …
Sub.sh is a script to detect subdomain online. So let us have a look on it usage. Script bash sub.sh webscantest.com./sub.sh webscantest.com Curl curl -s -L https://raw.githubusercontent.com/cihanmehmet/sub.sh/master/sub.sh | bash -s webscantest.com Also Read – Re-composer : Randomly Changes Win32/64 PE Files For ‘Safer’ Uploading To Malware & Sandbox Sites Subdomain Alive Check bash sub_alive.sh bing.comcurl …
CredsLeaker script is used to display a powershell credentials box asked the user for credentials. However, That was highly noticeable. Now it’s time to utilize Windows Security popup! As before, The box cannot be closed (only by killing the process) will keeps checking the credentials against the DC. When validated, it will close and leak …
Continue reading “CredsLeaker : Display a Powershell Credentials Box”
CuckooDroid is an extension of Cuckoo Sandbox the Open Source software for automating analysis of suspicious files, CuckooDroid brigs to cuckoo the capabilities of execution and analysis of android application. Contributed By Check Point Software Technologies LTD. Also Read Rootless Jailbreakd – Jailbreakd Offering Some More Functionality To The Jailbreak CuckooDroid Installation – Easy integration script: …
Continue reading “CuckooDroid – Automated Android Malware Analysis with Cuckoo Sandbox”
RiskySPN is a collection of PowerShell scripts focused on detecting and abusing accounts associated with SPNs (Service Principal Name). This module can assist blue teams to identify potentially risky SPNs as well as red teams to escalate privileges by leveraging Kerberos and Active Directory. Also Read Metasploit Framework – A Beginner’s Guide for Penetration Testing, Exploit …
Airbash is a POSIX-compliant, completely computerized WPA PSK handshake capture script went for penetration testing. It is perfect with Bash and Android Shell (tried on Kali Linux and Cyanogenmod 10.2) and utilizes aircrack-ng to filter for customers that are as of now associated with access points (AP). Those customers are then deauthenticated keeping in mind …
Continue reading “Airbash – A Shell Script For Automated WPA PSK Handshake Capture”
