Token-Reverser – Word List Generator To Crack Security Tokens
Word list generator to crack security tokens.Example use case You are testing reset password function Reset password token was sent...
tools
shuffleDNS – Wrapper Around Massdns Written In Go That Allows You To Enumerate Valid Subdomains
shuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as...
How Rapid7 Customer Hilltop Holdings Integrates Security Tools for a Multi-Layered Approach
Recently, we interviewed Anthony Edwards, director of security operations for Hilltop Holdings, about how his financial holdings organization approaches multi-level...
Our Commitment to Keeping Your Organization Secure During COVID-19
COVID-19 has created a great deal of concern and uncertainty, and we want to reassure our customers that your security...
How to WFH and Keep Your Digital Self Safe
We have rapidly entered a new era of living with a global pandemic. As a result, many are working from...
AWSGen.py – Generates Permutations, Alterations And Mutations Of AWS S3 Buckets Names
AWSGen.py is a simple tool for generates permutations, alterations and mutations of AWS S3 Buckets Names.Download AWSGen.py Original Source
Jeopardize – A Low(Zero) Cost Threat Intelligence & Response Tool Against Phishing Domains
Jeopardize tool is developed to provide basic threat intelligence&response capabilities against phishing domains at the minimum cost as possible. It...
TEA – Ssh-Client Worm
A ssh-client worm made with tas framework.How it works?This is a fakessh-client that manipulates the tty input/output to execute arbitrary...
Zelos – A Comprehensive Binary Emulation Platform
Zelos (Zeropoint Emulated Lightweight Operating System) is a python-based binary emulation platform. One use of zelos is to quickly assess...
Pickl3 – Windows Active User Credential Phishing Tool
Pickl3 is Windows active user credential phishing tool. You can execute the Pickl3 and phish the target user credential.Operational Usage...
Betwixt – Web Debugging Proxy Based On Chrome DevTools Network Panel
Betwixt will help you analyze web traffic outside the browser using familiar Chrome DevTools interface.InstallingDownload the latest release for your...
Dirble – Fast Directory Scanning And Scraping Tool
Dirble is a website directory scanning tool for Windows and Linux. It's designed to be fast to run and easy...
Pentest Tools Framework – A Database Of Exploits, Scanners And Tools For Penetration Testing
Pentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes...
CVE-2020-0796: Microsoft SMBv3 Remote Code Execution Vulnerability Analysis
Rapid7 chief data scientist Bob Rudis, threat intelligence team member Charlie Stafford, and VRM engineering manager Brent Cook also contributed...
3 Common Threats to Look for in Your Network Data
Continuously monitoring your network activity for signs of attack is a great way to catch hackers and breaches before they...
RedRabbit – Red Team PowerShell Script
RedRabbit is a PowerShell script aimed at helping pentesters conduct ethical hacking #RedTeam To Run: You can either run locally...
Sifter – A OSINT, Recon And Vulnerability Scanner
Sifter is a osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order...
Why Our Future in InfoSec Depends on Automation
In a survey conducted by the Ponemon Institute and Domain Tools, 51% of respondents said they believe that automation will...
FuzzBench – Fuzzer Benchmarking As A Service
FuzzBench is a free service that evaluates fuzzers on a wide variety of real-world benchmarks, at Google scale. The goal...
SSRF Sheriff – A Simple SSRF-testing Sheriff Written In Go
This is an SSRF testing sheriff written in Go. It was originally created for the Uber H1-4420 2019 London Live...
Patch Tuesday – March 2020
Let's start off talking about CVE-2020-0688 from last month -- the Microsoft Exchange Validation Key RCE vulnerability. At the time...
Talking the Origins of THOTCON with Founder Nick Percoco
In a recent episode of Rapid7’s podcast, Security Nation, we talked with Nick Percoco, the creator of Chicago-based security conference...
Evil SSDP – Spoof SSDP Replies And Create Fake UPnP Devices To Phish For Credentials And NetNTLM Challenge/Response
This tool responds to SSDP multicast discover requests, posing as a generic UPNP device. Your spoofed device will magically appear...
Proton Framework – A Windows Post Exploitation Framework Similar To Other Penetration Testing Tools Such As Meterpreter And Powershell Invader Framework
About Proton FrameworkProton Framework is a Windows post exploitation framework similar to other penetration testing tools such as Meterpreter and...
