Clik here to view.
USBPcap – USB Packet Capture For Windows
USBPcap is an open-source USB Packet Capture tool for Windows that can be used together with Wireshark in order to analyse USB traffic without using a Virtual Machine. Currently, the live capture can...
View ArticleClik here to view.
dorkbot – Command-Line Tool For Google Dorking
dorkbot is a modular command-line tool for Google dorking, which is performing vulnerability scans against a set of web pages returned by Google search queries in a given Google Custom Search Engine....
View ArticleClik here to view.
altdns – Subdomain Recon Tool With Permutation Generation
Altdns is a Subdomain Recon Tool in Python that allows for the discovery of subdomains that conform to patterns. The tool takes in words that could be present in subdomains under a domain (such as...
View ArticleClik here to view.
BootStomp – Find Android Bootloader Vulnerabilities
BootStomp is a Python-based tool, with Docker support that helps you find two different classes of Android bootloader vulnerabilities and bugs. It looks for memory corruption and state storage...
View ArticleClik here to view.
Quickjack – Advanced Clickjacking & Frame Slicing Attack Tool
Quickjack is an intuitive, point-and-click tool for performing advanced and covert clickjacking and frame slicing attacks. It also allows you to easily perform clickjacking, or steal “clicks” from...
View ArticleClik here to view.
XSStrike – Advanced XSS Fuzzer & Exploitation Suite
XSStrike is an advanced XSS detection suite, which contains a powerful XSS fuzzer and provides zero false positive results using fuzzy matching. XSStrike is the first XSS scanner to generate its own...
View ArticleClik here to view.
Memcrashed – Memcached DDoS Exploit Tool
Memcrashed is a Memcached DDoS exploit tool written in Python that allows you to send forged UDP packets to a list of Memcached servers obtained from Shodan. This is related to the recent...
View ArticleClik here to view.
GetAltName – Discover Sub-Domains From SSL Certificates
GetAltName it’s a little script to discover sub-domains that can extract Subject Alt Names for SSL Certificates directly from HTTPS websites which can provide you with DNS names or virtual servers....
View ArticleClik here to view.
snallygaster – Scan For Secret Files On HTTP Servers
snallygaster is a Python-based tool that can help you to scan for secret files on HTTP servers, files that are accessible that shouldn’t be public and can pose a security risk. Typical examples include...
View ArticleClik here to view.
StaCoAn – Mobile App Static Analysis Tool
StaCoAn is a cross-platform tool which aids developers, bug bounty hunters and ethical hackers performing mobile app static analysis on the code of the application for both native Android and iOS...
View ArticleClik here to view.
Drupwn – Drupal Enumeration Tool & Security Scanner
Drupwn is a Python-based Drupal Enumeration Tool that also includes an exploit mode, which can check for and exploit relevant CVEs. Drupwn Drupal Enumeration Tool Hacking Features Drupwn can be run,...
View ArticleClik here to view.
XXEinjector – Automatic XXE Injection Tool For Exploitation
XXEinjector is a Ruby-based XXE Injection Tool that automates retrieving files using direct and out of band methods. Directory listing only works in Java applications and the brute forcing method needs...
View ArticleClik here to view.
Airbash – Fully Automated WPA PSK Handshake Capture Script
Airbash is a POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing. It is compatible with Bash and Android Shell (tested on Kali Linux and Cyanogenmod 10.2) and...
View ArticleClik here to view.
CloudFrunt – Identify Misconfigured CloudFront Domains
CloudFrunt is a Python-based tool for identifying misconfigured CloudFront domains, it uses DNS and looks for CNAMEs which may be allowed to be associated with CloudFront distributions. This...
View ArticleClik here to view.
airgeddon – Wireless Security Auditing Script
Airgeddon is a Bash powered multi-use Wireless Security Auditing Script for Linux systems with an extremely extensive feature list. Airgeddon Wireless Security Auditing Features Interface mode switcher...
View ArticleClik here to view.
Powershell-RAT – Gmail Exfiltration RAT
Powershell-RAT is a Python-based Gmail exfiltration RAT that can be used a Windows backdoor to send screenshots or other data as an e-mail attachment. This RAT will help you during red team engagements...
View ArticleClik here to view.
NetBScanner – NetBIOS Network Scanner
NetBScanner is a NetBIOS network scanner tool that scans all computers in the IP addresses range you choose, using the NetBIOS protocol. For every computer located by this NetBIOS scanner, the...
View ArticleClik here to view.
RidRelay – SMB Relay Attack For Username Enumeration
RidRelay is a Python-based tool to enumerate usernames on a domain where you have no credentials by using a SMB Relay Attack with low privileges. How RidRelay SMB Relay Attack Works RidRelay combines...
View ArticleClik here to view.
Enumall – Subdomain Discovery Using Recon-ng & AltDNS
Enumall is a Python-based tool that helps you do subdomain discovery using only one command by combining the abilities of Recon-ng and AltDNS. This gives you the ability to run multiple domains within...
View ArticleClik here to view.
Cangibrina – Admin Dashboard Finder Tool
Cangibrina is a Python-based multi platform admin dashboard finder tool which aims to obtain the location of website dashboards by using brute-force, wordlists, Google, Nmap and robots.txt. It is...
View Article