poopak: TOR Hidden Service Crawler
POOPAK | TOR Hidden Service Crawler OSINT Tool Search Engine Docker-based This is an application for crawling, scanning and data gathering of TOR hidden services. The concept through this project is to have a...
Penetration Testing Blog
BloodHound v2.0.3 released: Active Directory Toolkit
BloodHound is a single page Javascript web application, built on top of Linkurious, compiled with Electron, with a Neo4jdatabase fed by a PowerShell ingestor. BloodHound uses graph theory to reveal the hidden and often unintended relationships within...
adversarial-robustness-toolbox: crafting and analysis of attacks and defense methods for machine learning models
Adversarial Robustness Toolbox The Adversarial Robustness Toolbox (ART), an open source software library, supports both researchers and developers in defending deep neural networks against adversarial attacks, making AI systems more secure. Its purpose is...
testxss: PHP tool to test XSS
testxss PHP tool to test XSS. Note that this is an automated tool, a manual check is still required. Download git clone https://github.com/gwen001/testxss.git Use Usage: php testxss.php [OPTIONS] Options: -h, –help print this help –burp...
whapa: WhatsApp Parser Toolset
Whatsapp Parser Toolset Whapa is a toolset to analyze the WhatsApp app for android. All tools are written in Python 2.X. Whapa toolset is divided into three tools: Whapa (Whatsapp Parser) Whademe (Whatsapp Decrypter and Merger)...
GitMiner v2.0 releases: Tool for advanced mining for content on Github
GitMiner The advanced search tool and automation in Github. This tool aims to facilitate research by code or code snippets on github through the site’s search page. Changelog v2.0 News: Search in codes with...
ViperMonkey v0.07 released: A VBA parser and emulation engine to analyze malicious macros
ViperMonkey is a VBA Emulation engine written in Python, designed to analyze and deobfuscate malicious VBA Macros contained in Microsoft Office files (Word, Excel, PowerPoint, Publisher, etc). See my article “Using VBA Emulation to...
cutter v1.7 released: Qt and C++ GUI for radare2 reverse engineering framework
cutter A Qt and C++ GUI for radare2 reverse engineering framework (originally named Iaito). Disclaimer Cutter is not aimed at existing radare2 users. It instead focuses on those whose are not yet radare2 users...
EKFiddle v0.8.1 released: A framework to study Exploit Kits
EKFiddle v.0.8 A framework based on the Fiddler web debugger to study Exploit Kits, malvertising and malicious traffic in general. Changelog v0.8.1 – Added Coinhive site key extraction from traffic Right-click on session(s)->Extract IOCs->Coinhive...
yabin: A Yara rule generator for finding related samples and hunting
Yabin creates Yara signatures from executable code within malware. Given one sample of malware, you can then find other samples that share code. It does this by looking for rare functions in a given...
sdrtrunk: decoding, monitoring, recording and streaming trunked mobile
sdrtrunk A cross-platform Java application for decoding, monitoring, recording and streaming trunked mobile and related radio protocols using Software Defined Radios (SDR). SDRtrunk is an integrated application for demodulating radio signals and decoding trunked...
EvilOSX v7.2.0 releases: remote administration tool (RAT) for macOS/OS X
EvilOSX A pure python, post-exploitation, remote administration tool (RAT) for macOS/OS X. Feature Emulate a terminal instance Simple extendable module system No bot dependencies (pure python) Undetected by anti-virus (OpenSSL AES-256 encrypted payloads) Persistent GUI and CLI support...
bettercap v2.8 releases: Swiss army knife for network attacks and monitoring
bettercap is the Swiss army knife for network attacks and monitoring. Bettercap v2.8 released. Changelog New Features single https certificate / authority fields can now be customized via dedicated module parameters ( http.server, https.proxy and api.rest ) implemented http.proxy.injectjs and https.proxy.injectjs parameters to...
InSpy v3.0 releases: A LinkedIn enumeration tool
InSpy is a python based LinkedIn enumeration tool. It has two functionalities: TechSpy and EmpSpy. TechSpy – Crawls LinkedIn job listings for technologies used by the provider company. It attempts to identify technologies by...
