pysploit-framework: free exploit framework
PySploit Framework free exploit framework written use python language version 3.3 Features Easy to use Free and open source Organizer Easy to develop it Programmed using on of the most...
Category: Exploitation
genHTA: Generates anti-sandbox analysis HTA files without payloads
Disclaimer As usual, this code and tool should not be used for malicious purposes. genHTA Download Usage: Source: Github
Vanquish: perform multiple active information gathering phases
Vanquish is a Kali Linux based Enumeration Orchestrator built in Python. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases. The results of each...
Penetration Testing MySQL server
Penetration Testing MySQL server MySQL is an open source Relational Database Management System (RDBMS). MySQL is widely used and a popular alternative to other SQL solutions because it is open...
Debinject: Inject malicious code into *.debs
DEBINJECT Copyright 2017 Debinject Written by: Alisson Moretto – 4w4k3 – UndeadSec TOOL DESIGNED TO GOOD PURPOSES, PENTESTS, DON’T BE A CRIMINAL ! Download RUNNING Source: Github
DHCP Starvation: DOS ATTACKS TO THE DHCP SERVER
Yersinia is a network tool designed to take advantage of some weaknesses in different network protocols. It pretends to be a solid framework for analyzing and testing the deployed networks...
bat-armor: Encode powershell payload into bat files
Bypass PowerShell execution policy by encoding ps script into bat file. Download Usage Tutorial
Katana Framework: The New Hacking Framework
Katana Framework katana is a framework written in python for making penetration testing, based on a simple and comprehensive structure for anyone to use, modify and share, the goal...
Dr0p1t-Framework: advanced stealthy dropper that bypass most AVs and have a lot of tricks
Dr0p1t-Framework Have you ever heard about trojan droppers ? In short dropper is type of trojans that downloads other malwares and Dr0p1t gives you the chance to create a stealthy...
CVE-2017-6326: Symantec Messaging Gateway Remote Code Execution
CVE-2017-6326 The Symantec Messaging Gateway can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a...
VBad: VBA Obfuscation Tools combined with an MS office document generator
VBad is fully customizable VBA Obfuscation Tool combined with an MS Office document generator. It aims to help Red & Blue team for attack or defense. DISCLAIMER: This is only...
CVE-2017-6334: Netgear DGN2200 dnslookup.cgi Command Injection
CVE-2017-6334 dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the host_name field of an HTTP POST...
WinPayloads – Undetectable Windows Payload Generation
WinPayloads is a payload generator tool that uses Metasploit’s meterpreter shellcode, injects the users ip and port into the shellcode and writes a python file that executes the shellcode using...
DeathStar: automated domain infiltration tool
DeathStar is a Python script that uses Empire’s RESTful API to automate gaining Domain Admin rights in Active Directory environments using a variety of techinques. The following picture can be a good...
Viproy Voip Pen-Test Kit for Metasploit Framework
Viproy VoIP Pen-Test Kit provides penetration testing modules for VoIP networks. It’s developed for security testing of VoIP and Unified Communications services. Viproy has Skinny, SIP and MSRP libraries to...
