What is sandfly-filescan? sandfly-filescan is a utility to quickly scan files and report on their entropy (a measure of randomness) and if they are a Linux/Unix ELF type executable. Some malware for Linux is packed...
DRAKVUF Sandbox DRAKVUF Sandbox is an automated black-box malware analysis system with a DRAKVUF engine under the hood. This project provides you with a friendly web interface that allows you to upload suspicious files to...
SocialPwned SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks like Instagram, Linkedin, and Twitter to find the possible credential leaks in PwnDB. The purpose...
subjs subjs fetches javascript files from a list of URLS or subdomains. Analyzing javascript files can help you find undocumented endpoints, secrets, and more. It’s recommended to pair this with gau and then LinkFinder. Changelog...
Penetration testers — or pen testers — perform simulated external and internal tests on a company’s infrastructure to find the vulnerabilities. The goal is for those professionals to locate the issues before malicious hackers...
OneForAll OneForAll is a powerful subdomain collection tool The importance of information collection in penetration testing is self-evident. Subdomain collection is an essential and very important part of information collection. At present, there are...
Scylla – The Simplistic Information Gathering Engine Scylla is an OSINT tool developed in python 3.6. Scylla lets users perform advanced searches on Instagram & Twitter accounts, websites/webservers, phone numbers, names. Scylla also allows...
jeopardize Jeopardize tool is developed to provide basic threat intelligence&response capabilities against phishing domains at the minimum cost as possible. It detects registered phishing domain candidates (typosquatting, phonograph, etc.), analyzes them, and assigns a...
Whether it’s your passion, hobby, or the start of a career, you need to keep in mind that you’re writing for an audience. Also, most of the people today are not willing to spend...
Universal Reddit Scraper This is a universal Reddit scraper that can scrape Subreddits, Redditors, and comments on posts. Scrape speeds will be determined by the speed of your internet connection. A Table of All...
In the advanced era, the internet is becoming a concern of security for people in making online transactions. Often, the scenario is changing, and the internet is becoming more developed with features, including privacy...
BirDuster BirDuster is a Python-based knockoff of the original DirBuster. BirDuster is a multi-threaded Python application designed to brute force directories and files names on web/application servers. Often is the case now of what looks like...
JATAYU Stealthy Stand-Alone PHP Web Shell FEATURES Http Header Based Authentication. 100% Undetectable. Exec Function Changer. Nothing Fancy Download git clone https://github.com/SpiderMate/Jatayu.git Use FUNCTIONS PARAMETER FUNCTION fn=1 Calls function shell_exec() fn=2 Calls...
RsWindowsThingies listen_mft Watch an entries’ values change. listen_events The event listen tool allows you to see Windows Event Logs in real-time. Note: It takes a minute for the event logs to catch up. I...
faxhell (“Fax Shell”) A Proof-of-Concept bind shell using the Fax service and a DLL hijack based on Ualapi.dll. EDR / AV evasion Uses a service that is not commonly known and not monitored or flagged...
Secure Your Connection
