In this section we will see the most powerful and used tools.
red-teaming tool for Windows (pen-testing) RedSnarf is a pen-testing / red-teaming tool by Ed William and Richard Davy for retrieving hashes and credentials from Windows workstations, servers and domain controllers using OpSec Safe Techniques. See our YouTube Channel for Videos https://www.youtube.com/channel/UCDGWRxpHo6d8y6qIeMAXnxQ RedSnarf functionality includes: • Retrieval of local Read more…
The Autopsy is a forensic tool which is used by the military, law enforcement, and corporate examiners to investigate what had happened on a smartphone or a computer. The Autopsy has a plug-in architecture which allows the user to find add-on modules or even develop custom modules written in Java or Python. Read more…
Find hidden IP’s behind the CloudFlare network CloudFail is a tactical reconnaissance tool which aims to gather enough information about a target protected by CloudFlare in the hopes of discovering the location of the server. Using Tor to mask all requests, the tool as of right now has Read more…
smb-vuln-ms17-010.nse nmap nse script description Attempts to detect if a Microsoft SMBv1 server is vulnerable to a remote code execution vulnerability (ms2017-010). The script connects to the $IPC tree, executes a transaction on FID 0 and checks if the error “STATUS_INSUFF_SERVER_RESOURCES” is returned to determine if the target is not patched against Read more…
Tool To Detect Possible Infections (Malicious Code) The Web Exploit Detector is a Node.js application (and NPM module) used to detect possible infections, malicious code and suspicious files in web hosting environments. This application is intended to be run on web servers hosting one or more websites. Running the Read more…
Hydra v8.5 & v8.6 THC-Hydra is a very fast (multi-threaded) network logon cracker which supports many different services: afp, cisco, cisco-enable, cvs, firebird, ftp, http-get, http-head, http-proxy, https-get, https-head, https-form-get, https-form-post, icq, imap, imap-ntlm, ldap2, ldap3, mssql, mysql, ncp, nntp, oracle-listener, pcanywhere, pcnfs, pop3, pop3-ntlm, postgres, rexec, rlogin, rsh, sapr3, Read more…
Pybelt The Hackers Tool Belt Pybelt is an open source hackers tool belt complete with: A port scanner SQL injection scanner Dork checker Hash cracker Hash type verification tool Proxy finding tool XSS scanner It is capable of cracking hashes without prior knowledge of the algorithm, scanning ports on Read more…
Nmap Web Version Rainmap is a web-based application that allows users to create, configure and run Nmap scans from within their browser. A wide range of Nmap options is available, though users only need to specify the targets they want scanned, and the default options will be adequate in most Read more…
Trolling Noobs Asking to Hack Whatsapp, Facebook, Gmail… When I get noobs asking me to give them hacking software for Whatsapp, Facebook, Gmail etc it makes me want to commit some form of major attrocity, the only way I can make myself feel a little better in my response is Read more…
VEGA This tool has a good open-source detection rate. That is to say, the rate of mistakes is high, so you have to check the results well. VEGA can be extended for each scan module. I do not know how many people will be using VEGA’s Jar file, but Read more…