The Rogue Toolkit is an extensible toolkit aimed at providing penetration testers with an easy-to-use platform to deploy software-defined Access Points (AP) for the purpose of conducting penetration testing and red team engagements. By...
Exploitation / Reverse Engineering
by do son · Published January 14, 2019 · Last modified October 10, 2021
Lucky CAT – Crash All the Things! What is Lucky CAT? Lucky CAT (Crash All the Things!) is a distributed fuzzing testing suite with an easy to use web interface. It allows managing several fuzzing jobs...
Network PenTest / WebApp PenTest
by do son · Published January 14, 2019 · Last modified September 4, 2019
AutoSploit As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets are collected automatically as well by employing the Shodan.io API. The program allows the user to enter their...
PyExfil Abstract This started as a PoC project but has later turned into something a bit more. Currently, it’s an Alpha-Alpha stage package, not yet tested (and will appreciate any feedbacks and commits) designed...
LDAPDomainDump Active Directory information dumper via LDAP In an Active Directory domain, a lot of interesting information can be retrieved via LDAP by any authenticated user (or machine). This makes LDAP an interesting protocol...
IoT-Home-Guard IoT-Home-Guard is a project to help people discover malware in smart home devices. For users, the project can help to detect compromised smart home devices. For security researchers, it is also useful in...
Network PenTest / WebApp PenTest
by do son · Published January 7, 2019 · Last modified January 6, 2019
A penetration test, colloquially known as a pen test, is an authorized simulated attack on a computer system, performed to evaluate the security of the system. The test is performed to identify both weaknesses (also referred...
SIPVicious security tools The 5 tools that you should be looking at are: svmap – this is a sip scanner. When launched against ranges of ip address space, it will identify any SIP servers which it...
wep wep is a proof-of-concept Python script which generates VBA code that can be used in Office macros or templates. It was designed with automation and integration in mind, targeting locked down environment scenarios....
Exploitation / Network PenTest / Sniffing & Spoofing
by do son · Published January 3, 2019 · Last modified December 1, 2020
The THC IPV6 ATTACK TOOLKIT comes already with lots of effective attacking tools: – parasite6: ICMPv6 neighbor solicitation/advertisement spoofer, puts you as man-in-the-middle, same as ARP mitm (and parasite) – alive6: an effective alive...
RedELK Red Team’s SIEM – an easy deployable tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability for the Red Team in long-term operations. The...
Objective This tool can help pentesters to quickly dump all credz from known location, such as .bash_history, config files, wordpress credentials, and so on… This is not a hacking tool, just a collection of...
Angry IP scanner is a very fast IP address and port scanner. It can scan IP addresses in any range as well as any of their ports. It is cross-platform and lightweight. Not requiring...
Morpheus – automated ettercap TCP/IP Hijacking tool Framework description It’s a Man-In-The-Middle (mitm) suite that allows users to manipulate tcp/udp data using ettercap, urlsnarf, msgsnarf and tcpkill as backend applications. but this tool main...
Information Gathering / Network PenTest / Vulnerability Analysis
by do son · Published December 27, 2018
Sandmap is a tool for supporting network and system reconnaissance using the massive Nmap engine. It provides a user-friendly interface, automates and speeds up scanning and allows you to easily use many advanced scanning techniques. Key...
Secure Your Connection
