bruteforce - Security Awareness

Tools

AWS Security tools: Scripts and tools for AWS Pentest

AWS Security tools Bunch of scripts for AWS Pentest lambda/lambda_dumper.py – Script to Dump AWS Lambda functions lambda/lambda_backdoor.py – Backdoor AWS users iam/iam_user_enum – Bruteforce IAM usernames iam/assume_role_enum – Enumerate and Assume IAM Roles for privilege escalation eks/k8s_secrets_dumper.py – Kubernetes Secrets Dumper eks/pod_to_node_escape – Escape form k8s pod to the underlying container Read more…

12,333 total views, 3 views today

By Dark, 4 yearsApril 11, 2019 ago

Tools

XSStrike ( Bruteforce Parameters for XSS )

XSStrike is a python which can fuzz and bruteforce parameters for XSS. It can also detect and bypass WAFs. Installing XSStrike Use the following command to download it git clone https://github.com/UltimateHackers/XSStrike/ After downloading, navigate to XSStrike directory with the following command cd XSStrike Now install the required modules with the Read more…

215 total views

By root, 5 yearsOctober 19, 2018 ago

Tools

BruteSploit (Automated generate, bruteforce and manipulation wordlist)

Brutesploit BruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and can be used in CTF for manipulation,combine,transform and permutation some words or file text :p i wrote this just for fun and Read more…

141 total views

By root, 5 yearsAugust 4, 2018 ago

Tools

CloudFail

Find hidden IP’s behind the CloudFlare network CloudFail is a tactical reconnaissance tool which aims to gather enough information about a target protected by CloudFlare in the hopes of discovering the location of the server. Using Tor to mask all requests, the tool as of right now has Read more…

221 total views

By root, 5 yearsJune 12, 2018 ago

News Tools

Hydra v8.5 & v8.6

Hydra v8.5 & v8.6 THC-Hydra is a very fast (multi-threaded) network logon cracker which supports many different services: afp, cisco, cisco-enable, cvs, firebird, ftp, http-get, http-head, http-proxy, https-get, https-head, https-form-get, https-form-post, icq, imap, imap-ntlm, ldap2, ldap3, mssql, mysql, ncp, nntp, oracle-listener, pcanywhere, pcnfs, pop3, pop3-ntlm, postgres, rexec, rlogin, rsh, sapr3, Read more…

169 total views

By root, 5 yearsMay 23, 2018 ago

Tools

Fluxion (wi-fi hack)

Fluxion Hack WPA/WPA2 Security Without Brute Force Fluxion script has been available for a while and is most apt for security researchers and pentesters to test their network security by hacking WPA/WPA2 security without brute forcing it. Fluxion is based on another script called linset. Fluxion is not much different from Read more…

130 total views

By root, 5 yearsDecember 27, 2017 ago

Tools

Brute-force SMB shares

Finding open shares is useful to a penetration tester because there may be private files shared, or, if it’s writable, it could be a good place to drop a Trojan or to infect a file that’s already there. Knowing where the share is could make those kinds of tests more Read more…

122 total views, 2 views today

By root, 6 yearsFebruary 14, 2017 ago