udp-hunter: Network assessment tool for various UDP Services
What is UDP Hunter? UDP Scanning has always been a slow and painful exercise, and if you add IPv6 on top of UDP, the tool choices get pretty limited. UDP...
Category: Information Gathering
Shodanfy.py: gather information for any IP with Shodan without apikey, no rate-limit
Shodanfy.py Get ports, vulnerabilities, information, banners,..etc for any IP with Shodan (no apikey! no rate limit!) Download git clone https://github.com/m4ll0k/Shodanfy.py.git Use python3 shodanfy.py Usage: python3 shodanfy.py <ip> [OPTIONS] –stdin Get...
inou: discover services behind unknown ports
Inou Inou (pronounced as “I know you”) is a tool to discover the service behind a specific unknown port. It performs an active scan trying to communicate with the service...
Forerunner: Fast and extensible network scanning library
Forerunner The Forerunner library is a fast, lightweight, and extensible networking library created to aid in the development of robust network-centric applications such as IP Scanners, Port Knockers, Clients, Servers,...
RedRabbit: Red Team PowerShell Script
RedRabbit RedRabbit is a PowerShell script aimed at helping pentesters conduct ethical hacking #RedTeam. The aim is to highlight just how Powerful PowerShell is and how it can be used...
WEASEL: DNS covert channel implant for Red Teams
WEASEL: A Stealthy DNS Beacon WEASEL is a small in-memory implant using Python 3 with no dependencies. The beacon client sends a small amount of identifying information about its host...
jackdaw v0.3.1 releases: collect all information in your domain
jackdaw Jackdaw is here to collect all information in your domain, store it in a SQL database and show you nice graphs on how your domain objects interact with each-other...
eavesarp: analyzes ARP requests
Eavesarp A reconnaissance tool that analyzes ARP requests to identify hosts that are likely communicating with one another, which is useful in those dreaded situations where LLMNR/NBNS aren’t in use...
pulsar v1.0 releases: Network footprint scanner
Pulsar Pulsar is an automated network footprint scanner for Red Teams, Pentesters and Bounty Hunters. It’s focused on the discovery of organization public-facing assets with minimal knowledge about its infrastructure....
ntlmrecon: fast NTLM reconnaissance and information gathering tool
NTLMRecon A fast NTLM reconnaissance tool without external dependencies. Useful to find out information about NTLM endpoints when working with a large set of potential IP addresses and domains. NTLMRecon...
SharpSniper: Find specific users in active directory via their username and logon IP address
SharpSniper Often a Red Team engagement is more than just achieving Domain Admin. Some clients will want to see if specific users in the domain can be compromised, for example,...
naabu v2.1.9 releases: fast port scanner written in go
naabu naabu is a fast port scanner tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner. It is a really...
Recon-AD: Active Directory Recon using ADSI and Reflective DLLs
Recon-AD, an AD recon tool based on ADSI and reflective DLL’s New monitoring and defense optics are being applied within Microsoft operating systems and security products. This should help defenders...
nray v2.0 alpha3 releases: distributed port scanner in Go
nray Nray is a free, platform and architecture-independent port and application layer scanner. Apart from regular targets (list of hosts/networks), it supports dynamic target selection, based on sources like certificate...
ipv6tools: visually audit an IPv6 enabled network
IPv6Tools The IPv6Tools framework is a robust set of modules and plugins that allow a user to audit an IPv6 enabled network. The built-in modules support enumeration of IPv6 features...
