sf

Use opened upwards source tools as well as network intelligence to attention organizations alongside assail surface discovery as well as identification of safety vulnerabilities. Identification of an organizations vulnerabilities is an impossible chore without tactical word on the network footprint. By combining opened upwards source word alongside the worlds best opened upwards source safety scanning tools, nosotros enable your assail surface discovery. With the mightiness for Internet assets to hold out deployed inward seconds, the assail surface is to a greater extent than dynamic as well as e'er growing. This real fact makes mapping your external network footprint a difficult problem. We aim to supply solutions to solve this problem. Start alongside our tools for domain as well as IP address data, as well as therefore pin to mapping the exposure alongside hosted opened upwards source scanners. We accept developed a linux final tool using python programming linguistic ...

DEVELOPMENT BRANCH : The electrical current branch is a evolution version. Go to the stable issue past times clicking on the principal branch . Dirhunt is a spider web crawler optimize for search together with analyze directories . This tool tin forcefulness out let on interesting things if the server has the "index of" manner enabled. Dirhunt is also useful if the directory listing is non enabled. It detects directories alongside false 404 errors , directories where an empty index file has been created to enshroud things together with much more. $ dirhunt http://website.com/ Dirhunt does non operate beast force. But neither is it only a crawler . This tool is faster than others because it minimizes requests to the server. Generally, this tool takes between 5-30 seconds , depending on the website together with the server. Read to a greater extent than close how to use Dirhunt in the documentation . Features Process one or multiple sites at a time. P...

The Infection Monkey is an opened upward source safety tool for testing a information center's resiliency to perimeter breaches in addition to internal server infection. The Monkey uses diverse methods to self-propagate across a information oculus in addition to reports success to a centralized Monkey Island server. The Infection Monkey is comprised of 2 parts: Monkey - H5N1 tool which infects other machines in addition to propagates to them Monkey Island - H5N1 dedicated server to command in addition to visualize the Infection Monkey's progress within the information center To read to a greater extent than almost the Monkey, see http://infectionmonkey.com Main Features The Infection Monkey uses the next techniques in addition to exploits to propagate to other machines. Multiple propagation techniques: Predefined passwords Common logical exploits Password stealing using Mimikatz Multiple exploit methods: SSH SMB RDP WMI Shellshock Conficker Sam...

PENTOL - Pentester Toolkit is built equally a plugin for the Fiddler HTTP debugging proxy. Features CORS DETECTED Cross-Origin Resource Sharing CRLF DETECTED HTTP reply splitting Headers DETECTED (X-Frame-Options) USAGE Install Fiddler2 Open Fiddler2 Press Key CTRL + R or Rules > Customize Rules... Copy all script SampleRules.js Press Key CTRL + S for Save Check tools inwards Rules TAB Credits Thanks to allah Eka Syahwan (Creator) bugrecon / H1 / bugcrowd Edo Maland (Powerstager) https://github.com/Screetsec Jack Wilder admin inwards http://www.linuxsec.org Disclaimer Note: modifications, changes, or changes to this code tin locomote accepted, however, every world liberate that uses this code must locomote approved past times writing this tool (Eka S) Download PENTOL

   An RTSP flow access tool that comes alongside its library Cameradar allows you lot to Detect opened upward RTSP hosts on whatever accessible target host Detect which device model is streaming Launch automated dictionary attacks to larn their stream route (e.g.: /live.sdp ) Launch automated lexicon attacks to larn the username in addition to password of the cameras Retrieve a consummate in addition to user-friendly study of the results Docker Image for Cameradar Install docker on your machine, in addition to run the next command: docker run -t ullaakut/cameradar -t <target> <other command-line options> See command-line options . e.g.: docker run -t ullaakut/cameradar -t 192.168.100.0/24 -l volition scan the ports 554 in addition to 8554 of hosts on the 192.168.100.0/24 subnetwork in addition to laid on the discovered RTSP streams in addition to volition output debug logs. YOUR_TARGET tin hold out a subnet (e.g.: 172.16.100.0/24 )...

Utility script to exam zilch file upload functionality (and possible extraction of zilch files) for vulnerabilities. Idea for this script comes from this post service on Silent Signal Techblog - Compressed File Upload And Command Execution together with from OWASP - Test Upload of Malicious Files This script volition practice archive which contains files amongst "../" inwards filename. When extracting this could crusade files to live on extracted to preceding directories. It tin hand the sack let assailant to extract shells to directories which tin hand the sack live on accessed from spider web browser. Default webshell is wwwolf's PHP spider web trounce together with all the credit for it goes to WhiteWinterWolf. Source is available HERE Installation Install using Python pip pip install zip-shotgun --upgrade Clone git repository together with install git clone https://github.com/jpiechowka/zip-shotgun.git Execute from root directory of the cloned ...

As the cite mightiness advise AutoSploit attempts to automate the exploitation of remote hosts. Targets tin hit the sack hold out collected automatically through Shodan, Censys or Zoomeye. But options to add together your custom targets in addition to host lists convey been included every bit well. The available Metasploit modules convey been selected to facilitate Remote Code Execution in addition to to endeavour to gain Reverse TCP Shells and/or Meterpreter sessions. Workspace, local host in addition to local port for MSF facilitated dorsum connections are configured past times filling out the dialog that comes upward earlier the exploit constituent is started Operational Security Consideration Receiving dorsum connections on your local machine mightiness non hold out the best stance from an OPSEC standpoint. Instead reckon running this tool from a VPS that has all the dependencies required, available. The novel version of AutoSploit has a characteristic that allows you lot ...

This projection was created past times researchers from ModSecurity together with Fastly to help render rigorous tests for WAF rules. It uses the OWASP Core Ruleset V3 every bit a baseline to exam rules on a WAF. Each dominion from the ruleset is loaded into a YAML file that issues HTTP requests that volition trigger these rules. Users tin verify the execution of the dominion later on the tests are issued to brand certain the expected reply is received from an attack. Goals / Use cases include: Find regressions inwards WAF deployments past times using continuous integration together with issuing repeatable attacks to a WAF Provide a testing framework for novel rules into ModSecurity, if a dominion is submitted it MUST accept corresponding positive & negative tests Evaluate WAFs against a common, agreeable baseline ruleset (OWASP) Test together with verify custom rules for WAFs that are non business office of the heart dominion set For our 1.0 loose announcement,...

Pompem is an opened upwards source tool, designed to automate the search for Exploits in addition to Vulnerability inwards the most of import databases. Developed inwards Python, has a arrangement of advanced search, that deal the operate of pentesters in addition to ethical hackers. In the electrical current version, it performs searches inwards PacketStorm security, CXSecurity, ZeroDay, Vulners, National Vulnerability Database, WPScan Vulnerability Database ... Screenshots Source code You tin download the latest tarball past times clicking hither or latest zipball past times clicking here. You tin also download Pompem straight from its Git repository : $ git clone https://github.com/rfunix/Pompem.git Dependencies Pompem plant out of the box amongst Python 3.5 on whatever platform in addition to requires the next packages: Requests 2.9.1+ Installation Get Pompem upwards in addition to running inwards a unmarried command: $ pip3.5 install -r requireme...

Cat-Nip Automated Basic Pentest Tool this tool volition brand your basic pentesting chore similar Information Gathering, Auditing, And Reporting then this tool volition create every chore fully automatic. Usage Guide Download / Clone Cat-Nip # git clone https://github.com/baguswiratmaadi/catnip Go Inside Cat-Nip Dir # cd catnip Give Permission To Cat-Nip # chmod 777 catnip.sh Run Cat-Nip # ./catnip.sh Changelog 1.0 First Release Pentest Tools Auto Executed With Cat-Nip Whois Lookup DNSmap Nmap Dmitry Theharvester Load Balancing Detector SSLyze Automater Ua Tester Gobuster Grabber Parsero Uniscan And More Tool Soon Screenshot this is preview Cat-Nip Tools Preview Output Result Report In HTML Disclaimer Do non scan regime as well as person information technology objects without legal permission. Do At Your Own Risk Download Catnip

An OSINT tool that analyzes metadata in addition to creates dynamic reports" What is "metadata"? To pose it simply, metadata is precisely information almost data. The information comes from the tags that capture valuable information almost each specific file. Each file has tin convey many unlike tags of information that tin live on retreived for multiple purposes. The uses for metadata are endless in addition to tin show valuable to those inwards the information safety fields for pentesting in addition to gathering information, similar who created the file in addition to what software was used to edit it. Metaforge Checklist Must convey a Unix-based Operating System (Arch, Debian, in addition to RHEL Linux distros convey been tested in addition to also Mac OSX) Must convey at to the lowest degree Python3.5 or higher Must house all information yous wishing to analyze inwards the /media directory. Cannot house folders inside the /media directory. Senior...

fireELF is a opensource fileless linux malware framework thats crossplatform in addition to allows users to easily exercise in addition to grapple payloads. By default is comes amongst 'memfd_create' which is a novel way to run linux elf executables completely from memory, without having the binary affect the harddrive. Features Choose in addition to construct payloads. Ability to minify payloads. Ability to shorten payloads yesteryear uploading the payload source to a pastebin, it in addition to then creates a really minor stager compatible amongst python <= 2.7 which allows for tardily deployment. Output created payload to file. Ability to exercise payload from either a url or a local binary. Included payload memfd_create The exclusively included payload 'memfd_create' is based on the enquiry of Stuart , this payload creates an anonymous file descriptor inward memory it in addition to then uses fexecve to execute the binary straight from the fi...

PeekABoo tool tin post away live on used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. The tool solely plant if WinRM is enabled. Since Windows Server 2012 WinRM is enabled past times default on all Windows server operating systems, but non on customer operating systems. Note: Remote desktop is disabled past times default on all Windows operating systems. User would require local administrator password or administrator privileges on the server to enable RDP on a targeted machine. Screenshots Targeted motorcar on an internal network has RDP disabled: Enabling remote desktop service on a targeted motorcar past times pressing option 2 : Successfully enabled remote desktop service on a targeted machine: How to install? - git clone https://github.com/Viralmaniar/PeekABoo.git - cd PeekABoo - python peekaboo.py How create I purpose this? Press 1: This vol...

Bandit is a tool designed to discovery mutual safety issues inward Python code. To produce this Bandit processes each file, builds an AST from it, in addition to runs appropriate plugins against the AST nodes. Once Bandit has finished scanning all the files it generates a report. Bandit was originally developed inside the OpenStack Security Project in addition to after rehomed to PyCQA. Installation Bandit is distributed on PyPI. The best means to install it is amongst pip: Create a virtual environs (optional): virtualenv bandit-env Install Bandit: pip install bandit # Or if you're working amongst a Python 3 projection pip3 install bandit Run Bandit: bandit -r path/to/your/code Bandit tin give the sack also live on installed from source. To produce so, download the source tarball from PyPI, in addition to hence install it: python setup.py install Usage Example usage across a code tree: bandit -r /your_repos/project Example usage across the examples/ ...