THC-Hydra is a very fast (multi-threaded) network logon cracker which supports many different services: AFP, Cisco, cisco-enable, CVS, Firebird, ftp, http-get, http-head, http-proxy, https-get, https-head, https-form-get, https-form-post, ICQ, IMAP, IMAP-NTLM, ldap2, ldap3, MySQL, mysql,...
BEACONGRAPH BeaconGraph is an interactive tool that visualizes client and Access Point relationships. Inspired by airgraph-ng and Bloodhound, it aims to support wireless security auditing. It is written in Python with GUI support by pywebview and a Neo4j backend. Relationship rendering...
Red Team Powershell Scripts Various PowerShell scripts that may be useful during a red team exercise Download git clone https://github.com/Mr-Un1k0d3r/RedTeamPowershellScripts.git The repo includes the script as below: Search-EventForUser.ps1: Powershell script that searches through the...
SharpCloud SharpCloud is a simple C# utility for checking for the existence of credential files related to Amazon Web Services, Microsoft Azure, and Google Compute. More information, please read here. Download git clone https://github.com/chrismaddalena/SharpCloud.git Usage...
Nuages A modular C2 Nuages aims at being a C2 framework in which back end elements are open source, whilst implants and handlers must be developed ad hoc by users. As a result, it...
TheXFramework Network/WebApplication Information Gathering, Enumeration and Vulnerability Scanning Framework For Most Common Attacks Based On OWASP Methodology and P.T. Guide. The XFramework Is a Light in Darkness Network Scanner Network Scanning For Open/Filter Ports...
Ropper You can use ropper to display information about binary files in different file formats and you can search for gadgets to build rop chains for different architectures (x86/X86_64, ARM/ARM64, MIPS/MIPS64, PowerPC). For disassembly,...
WiFiBroot A WiFi-Pentest-Cracking tool for WPA/WPA2 (Handshake, PMKID, Offline Cracking, EAPOLS, Deauthentication Attack). WiFiBroot is built to provide clients with an all-in-one facility for cracking WiFi (WPA/WPA2) networks. It heavily depends on scapy, a well-featured...
PRISM-AP PRISM-AP is an automated Wireless RogueAP MITM attack framework. FEATURES: Easy to setup and use and full automated Leverages MANA wifi attack to lure client connections Partial HSTS bypass via bettercap Intercept and...
Forensics / Information Gathering / Network PenTest
by do son · Published May 9, 2019 · Last modified January 12, 2021
netsniff-ng is a free, performant Linux network analyzer and networking toolkit. If you will, the Swiss army knife for network packets. The gain of performance is reached by built-in zero-copy mechanisms, so that on...
Information Gathering / Vulnerability Analysis / Web Information Gathering / Web Vulnerability Analysis
by do son · Published May 7, 2019
Trigmap is a wrapper for Nmap. You can use it to easily start Nmap scan and especially to collect information into a well-organized directory hierarchy. The use of Nmap makes the script portable (easy to...
Kaboom is a bash script that automates the first two phases of a penetration test. All information collected is saved into a directory hierarchy very simple to the browser (also in the case of...
Legion, a fork of SECFORCE’s Sparta, is an open source, easy-to-use, super-extensible and semi-automated network penetration testing framework that aids in discovery, reconnaissance, and exploitation of information systems. Legion is developed and maintained by GoVanguard. FEATURES Automatic...
LDAP_Search LDAP_Search can be used to enumerate Users, Groups, Computers, Domain Policies, and Domain Trusts within a Windows environment. Authentication can be performed using traditional username and password, or NTLM hash. In addition, this...
OneGadget When playing ctf pwn challenges we usually need the one-gadget RCE (remote code execution), which leads to call execve(‘/bin/sh’, NULL, NULL). This gem provides such gadgets finder, no need to use objdump or IDA-pro...
Secure Your Connection
