Faraday v3.11 – Collaborative Penetration Test and Vulnerability Management Platform
This new release brings strong improvements to your security team’s daily performance, allowing them to operate quicker and smarter by...
tools
Minimalistic-offensive-security-tools – A Repository Of Tools For Pentesting Of Restricted And Isolated Environments
Minimalistic SMB login bruteforcer (smblogin.ps1)A simple SMB login attack and password spraying tool.It takes a list of targets and credentials...
Carina – Webshell, Virtual Private Server (VPS) And cPanel Database
Carina is a web application used to store webshell, Virtual Private Server (VPS) and cPanel data. Carina is made so...
Nishang – Offensive PowerShell For Red Team, Penetration Testing And Offensive Security
Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security, penetration testing...
Managing Cybersecurity in the Real Estate Industry: A Rapid7 Customer Story
Conducting cybersecurity in an industry not heavily regulated by the government still comes with its own challenges. We interviewed Tony...
Web Hacker’s Weapons – A Collection Of Cool Tools Used By Web Hackers
A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting.WeaponsType Name DescriptionArmy-Knife/ALL BurpSuite the BurpSuite project...
Spray – A Password Spraying Tool For Active Directory Credentials By Jacob Wilkin(Greenwolf)
A Password Spraying tool for Active Directory Credentials by Jacob Wilkin(Greenwolf)Getting StartedThese instructions will show you the requirements for and...
Q&A from April 2020 Customer Webcast on InsightVM Dashboards & Executive Summary Report
Our recent “Seeing 20/20 with InsightVM” customer webcast on InsightVM dashboards and executive summary report was very well-attended, and we...
Self-XSS – Self-XSS Attack Using Bit.Ly To Grab Cookies Tricking Users Into Running Malicious Code
Self-XSS attack using bit.ly to grab cookies tricking users into running malicious codeHow it works?Self-XSS is a social engineering attack...
Open Sesame – A Tool Which Runs To Display Random Publicly Disclosed Hackerone Reports When Bored
A python tool which runs to display random publicly disclosed Hackerone reports when bored. Automatically opens the report in browser.Contains...
Dancing With the Breaches: A Quick Step Through the 2020 Verizon Data Breach Investigations Report (DBIR)
The Verizon Data Breach Investigations Report (DBIR) has been released, reporting its annual summary of (this year) 32,002 incidents, 3,950...
Integrity Is Indispensable: Assessing Partnerships and Performance Metrics in a Crisis Response
On our third installment of Rapid7’s Remote Work Readiness Series, join us as we reflect on how to leverage partnerships...
BlackDir-Framework – Web Application Vulnerability Scanner
Web Application Vulnerability Scanner.Spider DirectoriesFind Sub DomainAdvanced Dorks Search Scan list of Dorks Scan WebSites Reverse Ip Lookup Port ScanInstallation:git...
Sharingan – Offensive Security Recon Tool
Sharingan is a recon multitool for offensive security / bug bountyThis is very much a work in progress and I'm...
Rapid7’s InsightVM Receives Five Stars from SC Magazine
We’re proud to announce that Rapid7’s InsightVM solution was recently reviewed by SC Magazine and received a five-star report. As...
BADlnk – Reverse Shell In Shortcut File (.lnk)
Reverse Shell in Shortcut File (.lnk)How it works?Shortcut file (Microsoft Windows 9.x) LNK is a file extension for a shortcut...
ParamKit – A Small Library Helping To Parse Commandline Parameters
A small library helping to parse commandline parameters (for Windows).Objectives"like Python's argparse but for C/C++"compact and minimalisticeasy to useextendableDemoPrint help...
Hidden-Cry – Windows Crypter/Decrypter Generator With AES 256 Bits Key
Windows Crypter/Decrypter Generator with AES 256 bits keyFeatures:Works on WAN: Port Forwarding by Serveo.netFully Undetectable (FUD) -> Don't Upload to...
Evilreg – Reverse Shell Using Windows Registry Files (.Reg)
Reverse shell using Windows Registry file (.reg).Features:Reverse TCP Port Forwarding using Ngrok.ioRequirements:Ngrok Authtoken (for TCP Tunneling): Sign up at: https://ngrok.com/signupYour...
URLBrute – Tool To Brute Website Sub-Domains And Dirs
What is thisURLBrute is a tool to help you brute forcing website sub-domains and dirs.Can be used with python3 and...
Getdroid – FUD Android Payload And Listener
FUD Android Payload And ListenerRead the license before using any part from this codeMalicious Android apk generator (Reverse Shell)Legal disclaimer:Usage...
DiscordRAT – Discord Remote Administration Tool Fully Written In Python
Discord Remote Administration Tool fully written in Python3.This is a RAT controlled over Discord with over 20 post exploitation modules.Disclaimer:This...
Lockphish – A Tool For Phishing Attacks On The Lock Screen, Designed To Grab Windows Credentials, Android PIN And iPhone Passcode
Lockphish it's the first tool (05/13/2020) for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN...
DalFox (Finder Of XSS) – Parameter Analysis And XSS Scanning Tool Based On Golang
Finder Of XSS, and Dal is the Korean pronunciation of moon. What is DalFoxJust, XSS Scanning and Parameter Analysis tool....
