In this section we will see the most powerful and used tools.
IntRec-Pack Intelligence and Reconnaissance Package/Bundle installer. IntRec-Pack is a Bash script designed to download, install and deploy several quality OSINT, Recon and Threat Intelligence tools. Due to the fact it manages the installation of the various dependencies related to these programs as well, it aims to be a comprehensive assistant in Read more
Mimir OSINT Threat Intel Interface – Named after the old Norse God of knowledge. Mimir functions as a CLI to HoneyDB which in short is an OSINT aggregative threat intel pool. Starting the program brings you to a menu the options for which are as follows. The purpose of this tool is to make Read more
BlueBorne Android Exploit This repository contains a PoC code of BlueBorne’s Android RCE vulnerability (CVE-2017-0781). It also uses the SDP Information leak vulnerability (CVE-2017-0785) to bypass ASLR. It achieves code execution on a Google Pixel Android smartphone running version 7.1.2 with Security Patch Level July or August 2017. This code Read more
BlueBorne Scanner Step 1: Install BlueBorne Android Scanner & Dependencies Open terminal and Grab the Script on GitHub by hit: git clone https://github.com/hook-s3c/blueborne-scanner.git cd blueborne–scanner pip install –r ./requirements.txt Step 2: Allow Permissions on the Blueborne directory set permission the programs to execute. sudo chmod +x ./bluebornescan.py Step 3: Turn Read more
RED HAWK is An All In One Tool For Information Gathering, SQL Vulnerability Scanning and Crawling.Coded In PHP Features Of The Tool: Server detection Cloudflare detector robots scanner CMS Detector WordPress Joomla Drupal Magento Whois GEO-IP Scan NMAP Port Scan DNS Lookup SubNet Calculator Subdomain Finder Reverse IP Scanner Read more
XSStrike is a python which can fuzz and bruteforce parameters for XSS. It can also detect and bypass WAFs. Installing XSStrike Use the following command to download it git clone https://github.com/UltimateHackers/XSStrike/ After downloading, navigate to XSStrike directory with the following command cd XSStrike Now install the required modules with the Read more
This script tests if APs are affected by CVE-2017-13082 (KRACK attack). See the KRACK attack website for details and also read the research paper. CVE-2017-13082: Key Reinstall in FT Handshake (802.11r) Access Points (APs) might contain a vulnerable implementation of the Fast BSS Transition (FT) handshake. More precisely, a retransmitted or replayed Read more
Pybelt – The Hackers Tool Belt Pybelt is an open source hackers tool belt complete with: A port scanner SQL injection scanner Dork checker Hash cracker Hash type verification tool Proxy finding tool XSS scanner It is capable of cracking hashes without prior knowledge of the algorithm, scanning ports on Read more
BeEF is short for The Browser Exploitation Framework. it’s a testing tool designed to enable penetration testers to launch client-side attacks against target browsers. By using techniques similar to common drive-by malware, testers can assess the security of a target’s internal environment, bypassing the hardened perimeter. Growing concerns about Read more
ABOUT: Sn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. DEMO VIDEO FEATURES: Automatically collects basic recon (ie. whois, ping, DNS, etc.) Automatically launches Google hacking queries against a target domain Automatically enumerates open ports via NMap port scanning Read more