Carnivore – Tool For Assessing On-Premises Microsoft Servers Authentication Such As ADFS, Skype, Exchange, And RDWeb
Carnivore is an assessment tool for Skype for Business, Exchange, ADFS, and RDWeb servers as well as some O365 functionality....
tools
Sak1To-Shell – Multi-threaded C2 Server And Reverse Shell Client Written In Pure C
Multi-threaded c2 server and reverse TCP shell client written in pure C (Windows). Command list: list: list available connections. interact...
DarkSide – Tool Information Gathering And Social Engineering
Features:Hacker DashboardHacker News New Exploits Hacking Tutorials Video The Latest Prices OF Digital Currencies Information GatheringBypass Cloud Flare Cms Detect...
NICER Protocol Deep Dive: Internet Exposure of etcd
Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet...
RESTler – The First Stateful REST API Fuzzing Tool For Automatically Testing Cloud Services Through Their REST APIs And Finding Security And Reliability Bugs In These Services
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding...
Depix – Recovers Passwords From Pixelized Screenshots
Depix is a tool for recovering passwords from pixelized screenshots. This implementation works on pixelized images that were created with...
New All Apps and Asset Report Combines Power of InsightVM and InsightAppSec for Boosted Visibility
Just using InsightAppSec and still want access to the new executive reports? Don’t worry—we have you covered. Check out your...
Packer-Fuzzer – A Fast And Efficient Scanner For Security Detection Of Websites Constructed By Javascript Module Bundler Such As Webpack
With the popularity of web front-end packaging tools, have you encountered more and more websites represented by Webpack packager in...
Wp_Hunter – Static Analysis Of WordPress Plugins
Static analysis to search for vulnerabilities in Wordpress plugins. __ ____________ ___ ___ __ / / ______ / | __...
Patch Tuesday – December 2020
We close off our 2020 year of Patch Tuesdays with 58 vulnerabilities being addressed. While it's a higher count than...
2020 Under the Hoodie Report Reveals Pen Testers’ Most-Loved Vulnerabilities
Penetration testing (“pentesting”) is the practice of simulating a criminal breach of a sensitive area in order to uncover and...
Baphomet – Basic Concept Of How A Ransomware Works
This is a proof of concept of how a ransomware works, and some techniques that we usually use to hijack...
Js-X-Ray – JavaScript And Node.js Open-Source SAST Scanner (A Static Analysis Of Detecting Most Common Malicious Patterns)
JavaScript AST analysis. This package has been created to export the Node-Secure AST Analysis to enable better code evolution and...
Congrats to the winners of the 2020 December Metasploit community CTF
Thank you all that participated in the 2020 December Metasploit community CTF! The four day CTF was well received by...
NICER Protocol Deep Dive: Internet Exposure of memcached
Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet...
Hijackthis – A Free Utility That Finds Malware, Adware And Other Security Threats
HiJackThis Fork is a free utility for Microsoft Windows that scans your computer for settings changed by adware, spyware, malware...
Karkinos – Penetration Testing And Hacking CTF’s Swiss Army Knife With: Reverse Shell Handling – Encoding/Decoding – Encryption/Decryption – Cracking Hashes / Hashing
Karkinos is a light-weight 'Swiss Army Knife' for penetration testing and/or hacking CTF's. Currently, Karkinos offers the following: Encoding/Decoding characters...
ADSearch – A Tool To Help Query AD Via The LDAP Protocol
A tool written for cobalt-strike's execute-assembly command that allows for more efficent querying of AD. Key FeaturesList all Domain Admins...
Obfuscator – The Program Is Designed To Obfuscate The Shellcode
The program is designed to obfuscate the shellcode. Currently the tool supports 2 encryption. 1) XOR2) AES The tool accepts...
Pytmipe – Python Library And Client For Token Manipulations And Impersonations For Privilege Escalation On Windows
PYTMIPE (PYthon library for Token Manipulation and Impersonation for Privilege Escalation) is a Python 3 library for manipulating Windows tokens...
Enum4Linux-Ng – A Next Generation Version Of Enum4Linux (A Windows/Samba Enumeration Tool) With Additional Features Like JSON/YAML Export
enum4linux-ng.py is a rewrite of Mark Lowe's (former Portcullis Labs now Cisco CX Security Labs) enum4linux.pl, a tool for enumerating...
Aclpwn.Py – Active Directory ACL Exploitation With BloodHound
Aclpwn.py is a tool that interacts with BloodHound to identify and exploit ACL based privilege escalation paths. It takes a...
JSFScan.sh – Automation For Javascript Recon In Bug Bounty
Blog can be found at https://medium.com/@patelkathan22/beginners-guide-on-how-you-can-use-javascript-in-bugbounty-492f6eb1f9ea?sk=21500dc4288281c7e6ed2315943269e7 Script made for all your javascript recon automation in bugbounty. Just pass subdomain list...
Fast-Security-Scanners – Security Checks For Your Researches
A small contribution to community :)We use all these tools in security assessments and in our vulnerability monitoring service Check...
