msf-autoshell Give it a .nessus file and it’ll get you Metasploit shells. I’ve included the early and incomplete programs to make it easier for people who want to learn how to use the python-libnessus...
Exploitation / Post Exploitation
by do son · Published February 25, 2019 · Last modified May 20, 2020
AutoRDPwn is a script created in Powershell and designed to automate the Shadow attack on Microsoft Windows computers. This vulnerability allows a remote attacker to view his victim’s desktop without his consent, and even control it on...
RID Hijacking: Maintaining Access on Windows Machines The RID Hijacking hook, applicable to all Windows versions, allows setting desired privileges to an existent account in a stealthy manner by modifying some security attributes of a user....
DoHC2 DoHC2 allows the ExternalC2 library from Ryan Hanson (https://github.com/ryhanson/ExternalC2) to be leveraged for command and control (C2) via DNS over HTTPS (DoH). This is built for the popular Adversary Simulation and Red Team...
What is Kitty? Kitty is an open-source modular and extensible fuzzing framework written in Python, inspired by OpenRCE’s Sulley and Michael Eddington’s (and now Deja Vu Security’s) Peach Fuzzer. Goal When we started writing Kitty, our goal...
Maintaining Access / Networking
by do son · Published February 22, 2019 · Last modified August 19, 2021
shellz is a small utility to track and control your ssh, telnet, web and custom shells. Changelog v1.6 New Features c9aea01 new: added kubernetes support (closes #12) Fixes f951d8b fix: using more recent go versions Misc 1bfad07 misc: updated...
SMBAudit allows users to perform various SMB-related attacks across multiple Active Directory (AD) domains or hosts. SMBAudit is fully written in bash (require bash version 4.0+) for increased compatibility with different UNIX distributions and...
GPS-SDR-SIM GPS-SDR-SIM generates GPS baseband signal data streams, which can be converted to RF using software-defined radio (SDR) platforms, such as bladeRF, HackRF, and USRP. Windows build instructions Start Visual Studio. Create an empty project for a...
Information Gathering / Network PenTest / Password Attacks / Vulnerability Analysis / Web Information Gathering / Web Vulnerability Analysis / WebApp PenTest
by do son · Published February 20, 2019
SPARTA is a python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. It allows the tester to save time by having point-and-click access...
ASTo – Apparatus Software Tool An IoT network security analysis tool and visualizer ASTo is security analysis tool for IoT networks. It is developed to support the Apparatus security framework. ASTo is based on electron and cytoscape.js....
Networking / Sniffing & Spoofing
by do son · Published February 19, 2019 · Last modified April 25, 2021
rshijack tcp connection hijacker, rust rewrite of shijack from 2001. This was written for TAMUctf 2018, brick house 100. The target was a telnet server that was protected by 2FA. Since the challenge wasn’t authenticated, there...
Information Gathering / Network PenTest
by do son · Published February 19, 2019 · Last modified October 25, 2022
Mimir OSINT Threat Intel Interface – Named after the old Norse God of knowledge. Mimir functions as a CLI to HoneyDB which in short is an OSINT aggregative threat intel pool. Starting the program brings you...
The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer. Each software stores its passwords using different techniques (plaintext, APIs, custom algorithms, databases, etc.). This tool has been developed...
haxxmap Some simple go tools to perform a Man-in-the-middle (MITM) attack on your IMAP server in case you forgot your password. Use case I forgot the password to my email account, but on my...
sdrtrunk A cross-platform Java application for decoding, monitoring, recording, and streaming trunked mobile and related radio protocols using Software Defined Radios (SDR). SDRtrunk is an integrated application for demodulating radio signals and decoding trunked...
Secure Your Connection
