Code Credential Scanner This script is intended to scan a large, diverse codebase for hard-coded credentials, or credentials present in configuration files. These represent a serious security issue and can...
Seekr Seekr is a multi-purpose toolkit for gathering and managing OSINT-data with a sleek web interface. Our desktop view enables you to have all of your favorite OSINT tools integrated...
psudohash Psudohash is a password list generator for orchestrating brute force attacks and cracking hashes. It imitates certain password creation patterns commonly used by humans, like substituting a word’s letters...
Html Smuggling HTML smuggling is a malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web page. The malicious...
AiCEF AiCEF is a tool implementing the accompanying framework [1] in order to harness the intelligence that is available from online resources, as well as threat groups’ activities, arsenal (eg....
KRBUACBypass UAC Bypass By Abusing Kerberos Tickets This POC is inspired by James Forshaw (@tiraniddo) shared at BlackHat USA 2022 titled “Taking Kerberos To The Next Level ” topic, he shared...
Cloud edge Lookup an IP to find the cloud provider and other details based on the provider’s published JSON data Cloud edge is a recon tool focused on exploring cloud...
Redeye This project was built by pentesters for pentesters. Redeye is a tool intended to help you manage your data during the pentest operation in the most efficient and organized...
ADCSKiller – An ADCS Exploitation Automation Tool ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services (ADCS) vulnerabilities. It leverages features...
PE-Obfuscator PE obfuscator with Evasion in mind needs Admin Privilege in order to load the RTCore64 driver. The Obfuscator: – Gets xored Fileless PE from a remote server – Drop...
What is ShadowClone? ShadowClone is designed to delegate time-consuming tasks to the cloud by distributing the input data to multiple serverless functions (AWS Lambda, Azure Functions, etc.) and running the...
GCP Scanner This is a GCP resource scanner that can help determine what level of access certain credentials possess on GCP. The scanner is designed to help security engineers evaluate...
canTot canTot is a python-based cli framework based on sploitkit and is easy to use because it is similar to working with Metasploit. This similar to an exploit framework but...
Sirius Scan Sirius is the first truly open-source general purpose vulnerability scanner. Today, the information security community remains the best and most expedient source for cybersecurity intelligence. The community itself...
Vulnerability Analysis / Web Vulnerability Analysis
by do son · Published July 17, 2023 · Last modified November 6, 2023
Daksh SCRA (Source Code Review Assist) The tool currently offers the following functionalities: Options to use programming language-specific rules specific for finding areas of interests Option to extend or add...
Support Securityonline.info site. Thanks!
