Clik here to view.
gethsploit – Finding Ethereum nodes which are vulnerable to RPC-attacks.
gethsploit is a set of python scripts to enumerate ethereum peers which have rpc-ports enabled. Prerequisites: Make sure you have geth installed, preferably the latest version, which has some fixes...
View ArticleClik here to view.
Pyscan – A fast malware scanner using ShellScannerPatterns.
Pyscan – A fast malware scanner using ShellScannerPatterns. requiremnets: + python 2.7.x Supported Platforms + CentOS 5/6/7 + CloudLinux 5/6/7 + Redhat 5/6/7 + Ubuntu and Debian – All versions. +...
View ArticleClik here to view.
Peach Fuzz – Vulnerability Scanning Framework.
This tool aims to look through files in a given directory to detect any unsafe, vulnerable, or dangerous function calls. It is designed to be extensible and easy to understand; you can “plug-and-play”...
View ArticleClik here to view.
ATSCAN v9.0 stable – perl script for vulnerable Server, Site and dork scanner.
Changelog v9.0: + NEW ARGS: –regex –sregex –ifirst –port –pause –ip CHANGES: + new optim building + unique scans process + scan by regex + search by regex + optimized ports scan + added option to scan...
View ArticleClik here to view.
SSLyze v0.13.6 – Fast and full-featured SSL scanner.
Latest Change SSLyze v0.13.6 : * Added the Android Open Source Project’s trust store when using –certinfo. * Bug fixes for IPv6 support, –nb_retries, –nb_timeout and UTF-8 and internationalized names...
View ArticleClik here to view.
PenBox v1.4 – A Penetration Testing Framework.
Changelog Version v1.4 : + fixed bugs + added a new menu : Post Exploitation + added a website checker + added a Vbulletin 5.X remote code execution + added a Joomla! 1.5 – 3.4.5 remote code execution...
View ArticleClik here to view.
PowerOPS v0.9 – Powershell for Offensive Operations.
Changelog v0.9: + add @subTee AppLocker bypass + add Amsi bypass + Clean UP PowerOPS v0.9 PowerOPS is an application written in C# that does not rely on powershell.exe but runs PowerShell commands and...
View ArticleClik here to view.
Datasploit – A tool to perform various OSINT techniques.
Overview of the tool: – Performs OSINT on a domain / email / username / phone and find out information from different sources. – Correlates and collaborate the results, show them in a consolidated...
View ArticleClik here to view.
NoSQLMap v0.7 – Automated Mongo database and NoSQL web application...
Changelog v0.7 (Maintenance Release with a couple of cool additions): + Web app attacks-Added the ability to specify multiple parameters for injection simultaneously; For example, trying an associative...
View ArticleClik here to view.
ATSCAN v9.5 stable – perl script for Search / Server / Site / Dork /...
Changelog v9.5: + Best optimization. Description: ATSCAN SEARCH engine XSS scanner. Sqlmap. LFI scanner. Filter wordpress and Joomla sites in the server. Find Admin page. Decode / Encode MD5 + Base64....
View ArticleClik here to view.
MARA is a Mobile Application Reverse engineering and Analysis Framework.
MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a tool that puts together commonly used mobile application reverse engineering toolsets, in order to make the task or...
View ArticleClik here to view.
Sublist3r v1.0 released : Fast subdomains enumeration tool for penetration...
Changelog and What’s new in v1.0 ? + Fixed Sublist3r v1.0 on Windows Platform + Added New OSINT Sources — Virustotal: Now sublist3r can enumerate subdomains through Virustotal — SSL Certs: Now...
View ArticleClik here to view.
Fenrir is a simple IOC scanner bash script.
Fenrir is a simple IOC scanner bash script. It allows scanning Linux/Unix/OSX systems for the following Indicators of Compromise (IOCs): + Hashes ** MD5, SHA1 and SHA256 (using md5sum, sha1sum, sha -a...
View ArticleClik here to view.
wlscrape – A tool for scrapping the possible malware from the Wikileaks AKP...
Wikileaks has released a large set of e-mails leaked from the Turkish party AKP. Unfortunately, no processing of any kind has been performed on these e-mails – they are just a raw dump. Since many of...
View ArticleClik here to view.
v3n0M v4.0.6 – Popular Pentesting scanner in Python3.5 for SQLi/XSS/LFI/RFI...
Changelog v4.0.6 Stable, 14th August 2016: * Re-added LFI, XSS and Other Checks from previous versions. * Added Self-Updater. * Improved Search_Ignore list. example v3n0M v4.0.6 running on windows...
View ArticleClik here to view.
PenBox v2 – A Penetration Testing Framework.
Changelog v2: + Adding tools Shellnoob + Adding tools jboss-autopwn + adding sniper: recon + added Get server banner + added Bypass Cloudflare + added BruteX – Automatically brute force all services...
View ArticleClik here to view.
google_explorer – Google robot to make mass exploit.
This project idea is use google search engine to find vulnerable targets, for specific exploits. The exploits parsers will be concentrated in google_parsers module. So when you make a search, you can...
View ArticleClik here to view.
sqlmap v1.0.10 – Automatic SQL injection and database takeover tool.
Changelog SQLMAP v1.0.10: + Proper form for excluded case in escaper + New auxiliary (extra) file (for administration purposes) + Fix “or-assign” for return value in netscaler.py + Stripping PostgreSQL...
View ArticleClik here to view.
Tools Updates : a Collection security and hacking tools; likes exploits,...
Changelog v9/10/2016: + Scanner: Automated HTTP Enumeration v0.4 *New + Exploit: add freepbx exploit + Misc: Breakout Atari 2600 Homebrew (PAL only). Automated HTTP Enumeration v0.4 Dnsspider : A very...
View ArticleClik here to view.
Owasp VBScan v0.1.7 – is a Black Box vBulletin Vulnerability Scanner.
Changelog OWASP VBScan v0.1.7 [Larry Wall]: * Several bugfix (2016/10/15) * Updated exploit database * Compatible With Windows [Linux,OSX,Windows] * Added Full Path Disclosure (FPD) module * Added...
View Article