Clik here to view.
scepwn-ng ~ A winexe/psexec wrapper to use sce and a msfvenom generated...
scepwn-ng is a wrapper script for launching winexe/psexec at a target, which then runs shellcode exec from a samba share with a msf generated reverse shell. As the executable never touches disk, it is...
View ArticleClik here to view.
ARP MiTM Captive Portal.
is ARP MiTM Captive Portal. With main Menu: 1. Captive Portal – Log In Creds / Reverse Shell 2. Captive Portal – Log In Creds / Reverse Shell with DNS Spoof 3. SMB – Hash Grab 4. SMB – Hash Relay 5....
View ArticleClik here to view.
Commix v-0.2b released : Automatic All-in-One OS Command Injection and...
Changelog v0.2b-7cc57eb (15 files change): + commix.py + blind_based/techniques/time_based/tb_handler.py + src/core/injections/controller.py + injections/results_based/techniques/classic/cb_handler.py...
View ArticleClik here to view.
Updates Tools : a Collection security and hacking tools; likes exploits,...
latest change 9/25/2015 tools added : + dnsspider.py v0.7 : A very fast multithreaded bruteforcer of subdomains that leverages a wordlist and/or character permutation. + CHANGELOG dnsspider v0.7: –...
View ArticleClik here to view.
Recon-ng v-4.7.1 released ~ a full-featured Web Reconnaissance framework.
changelog version 4.7.1: # ex. x.y.z # x – Incremented for changes requiring migration. (major revision) # y – Incremented for the addition of new features. (minor revision) # z – Incremented for minor...
View ArticleClik here to view.
Stuff – scripts and tools useful for pentest, reversing and exploitation...
Latest Change 09/30/2015: + pentestlib2.py; added xor-payload. + xor-payload.py; added xor-payload: XOR-encoded shellcode wrapper for Windows x86-32. stuff is a python scripts and tools useful for...
View ArticleClik here to view.
Autodane v1.0 released : Automatic Domain Admin and Network Exploitation...
Autodane is a Automatic Domain Admin and Network Exploitation toolkit. with chose Footprint: + Name footprint + Host Discovery — Add local resolver host — DNS Queries Across 10 range — DNS Queries...
View ArticleClik here to view.
Pyxiewps v1.2 released – is a wireless attack tool to retrieve the WPS pin in...
Latest Change : All Change. Pyxiewps is a wireless attack tool writen in python that uses reaver, pixiewps, macchanger and aircrack to retrieve the WPS pin of any vulnerable AP in seconds. It is meant...
View ArticleClik here to view.
skype-osint – Python OSINT Tool to retrieve information from Skype.
Python Skype OSINT util is a tool allows you to retrieve the Skype ID from an e-mail address but also the LAN IP from the Skype ID. Installation ; – Install...
View ArticleClik here to view.
shellcode to exploit the overflow vulnerability on windows to get remote code...
This shellcode is to exploit the overflow vulnerability on windows to get remote code execution My shellcode does the following tasks: 1.To find the kernel32.dll address by making use of the Process...
View ArticleClik here to view.
trojandroid – an android simple trojan app.
Notice : This post just For Education Purpose Only! the purpose: How to Infect and Inject trojan into APK File, and re-upload on your server or google play store using MiTM. This project was to make a...
View ArticleClik here to view.
OSCARf – OSCAR (Open Source Collection of OSINT data And Recon) Framework.
Latest change 11/4/2015; Minor fixes : + Adjusted the timing to 5 seconds for deleting DMs. Yea, it takes longer, but until twitter decides that you can make more queries, then you’ll have to suffer...
View ArticleClik here to view.
SimpleEmail v0.5 released – is a email recon tool that is fast and easy...
Changelog in v0.5 Modules Added: (x) Reddit Post Search added (x) Google PDF search SimplyEmail What is the simple email recon tool? This tool was based off the work of theHarvester and kind of a port...
View ArticleClik here to view.
Ora-PWN – Oracle Attacks Tool.
Ora-Pwn is An Oracle attack tool written in PowerShell and using the .NET OracleClient. Can be used to bruteforce SIDs, Username/Passwords, and to execute queries. Ora-Pwn -Using Invoke QueryExec...
View ArticleClik here to view.
Updates Blade – A webshell connection tool with customized WAF bypass...
Latest Change: + payload, libs and blade.py: Refactoring some code + correct some little mistakes Blade is a webshell connection tool based on console, currently under development and aims to be a...
View ArticleClik here to view.
Automate blind RCE for Joomla vulnerability.
Joomla 1.5 – 3.4.5 Object Injection RCE – CVE-2015-856, is a PoC for CVE-2015-8562 to spawn a reverse shell or automate RCE.Requirements: – python 2.7.x – all Linux system Support. Usage – Automate...
View ArticleClik here to view.
Updates ATSCAN – perl script for vulnerable Server, Site and dork scanner.
whats new in 2016: + header changes. + Perl version + Script path + OS/Platform Version Print + and more usability.. ATSCAN is a perl script with function Dork scanner. XSS scanner. LFI scanner. Filter...
View ArticleClik here to view.
venom.sh Codename: comodo venom 1.0.9 released.
Changelog v1.0.9 Comodo Venom 20/1/2016: + venom.sh + template: remove templates/easy_ps1.bat, remove templates/easy_ps1.bat + display shellcode: venom-sh-1-0-9 The script will use msfvenom...
View ArticleClik here to view.
Libtins v-3.3 : a high-level, multiplatform C++ network packet sniffing and...
Changelog v3.3 : – Add TCP connection close example – Move implementations on utils.h to utils.cpp – Add ICMPv6 Multicast Listener Query Messages support – Add ICMPv6 Multicast Listener Report Message...
View ArticleClik here to view.
aircrack-ng Version 1.2-rc4 : is a set of tools for auditing wireless networks.
Version 1.2-rc4 (changes from aircrack-ng 1.2-rc3) – Released 14 Feb 2016: * Airodump-ng: Increase console window size. * Aircrack-ng: Added time remaining and percentage done when doing WPA cracking...
View Article