Security Training Share
As a penetration tester, I know that you usually choose to use Kali Linux like penetration testing distribution. Kali Linux is a powerful distribution. It includes many, many pentesting tools. If you are Ubuntu/...
Sublert is a security and reconnaissance tool that was written in Python to leverage certificate transparency for the sole purpose of monitoring new subdomains deployed by specific organizations and issued TLS/SSL certificate. The tool...
FOCA FOCA (Fingerprinting Organizations with Collected Archives) is a tool used mainly to find metadata and hidden information in the documents its scans. These documents may be on web pages and can be downloaded...
mpDNS aka multi-purpose DNS Server DNS Server with multiple useful features Should work on Python 2 and 3 names.db -> holds all custom records (see examples) Simple wildcards like *.example.com Catch unicode dns requests...
Sherlock Find usernames across social networks List Of Supported Sites (161 Sites In Total!) 500px 9GAG About.me Academia.edu AngelList Anobii Aptoide Archive.org AskFM BLIP.fm Badoo Bandcamp Basecamp Behance BitBucket BitCoinForum Blogger BuzzFeed Canva Carbonmade CashMe...
Findomain findomain is a cross-platform tool that use Certificates Transparency logs to find subdomains. We currently support Linux, Windows, and MacOS. How does it work? It tool doesn’t use the common methods for sub(domains)...
nmap (“Network Mapper“) is an open source tool for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine to scan single hosts. nmap uses raw IP...
Attack Surface Mapper Attack Surface Mapper is a reconnaissance tool that uses a mixture of open-source intelligence and active techniques to expand the attack surface of your target. You feed in a mixture of...
CloudMapper CloudMapper generates network diagrams of Amazon Web Services (AWS) environments and displays them via your browser. It helps you understand visually what exists in your accounts and identify possible network misconfigurations. There are...
Open-source vulnerability assessment tool Discover, assess and mitigate known vulnerabilities in your Java and Python projects. The open-source vulnerability assessment tool supports software development organizations in regards to the secure use of open-source components...
Introduction metasploitHelper is meant to assist penetration testers in network penetration tests. metasploitHelper (msfHelper) communicates with Metasploit via msrpc. It uses both port and web-related exploits from Metasploit. You can point msfHelper at an IP...
snyk Snyk helps you find, fix and monitor known vulnerabilities in Node.js npm, Ruby and Java dependencies, both on an ad hoc basis and as part of your CI (Build) system. Features Find known vulnerabilities...
barq barq: The AWS Cloud Post Exploitation framework! barq is a post-exploitation framework that allows you to easily perform attacks on a running AWS infrastructure. It allows you to attack running EC2 instances without...
HubbleStack (Hubble for short) is a modular, open-source, security & compliance auditing framework which is built in python, using SaltStack as a library. It provides on-demand profile-based auditing, real-time security event notifications, alerting and...
