XSStrike is a python which can fuzz and bruteforce parameters for XSS. It can also detect and bypass WAFs. Installing XSStrike Use the following command to download it git clone https://github.com/UltimateHackers/XSStrike/ After downloading, navigate to XSStrike directory with the following command cd XSStrike Now install the required modules with the Read more…
Security cheat sheets for Penetration Testing by sniferl4bs. This cheat sheet is especially for penetration testers/CTF participants/security enthusiasts. Download and Extract Command: wget https://github.com/Snifer/security-cheatsheets/archive/master.zip unzip master.zip Contents: aircrack-ng airport burp cewl cidr cookies dig fierce ftp golismero hping http https-ssl-tls hydra john maltego markdown medusa metasploit msfvenom mysql ncat nessus nikto Read more…
NoobSecToolkit is a Python Based Tool kit that brings together powerful security and anonymity tools and scripts with predefined security configurations and modifications. Making it very simple for students to get started with security! – Leo Edge Install Instructions (1) CTRL + ALT + T (Open Terminal) (2) git clone Read more…
Brute-Forcing from Nmap output BruteSpray takes nmap GNMAP/XML output and automatically brute-forces services with default credentials using Medusa. BruteSpray can even find non-standard ports by using the -sV inside Nmap. Installation git clone https://github.com/x90skysn3k/brutespray.git Usage First do an nmap scan with -oG nmap.gnmap or -oX nmap.xml. Command: python brutespray.py -h Command: python brutespray.py Read more…
pythem is a multi-purpose pentest framework written in the Python programming language. It has been developed to be used by security researchers and security professionals. The tool intended to be used only for acts within the law. I am not liable for any undue and unlawful act practiced by this Read more…
NXcrypt NXcrypt is a polymorphic ‘python backdoors’ crypter written in python by Hadi Mene (h4d3s) . The output is fully undetectable. NXcrypt can inject malicious python file into a normal file with multi-threading system. Run it with superuser’s permissions. NXcrypt output is Fully undetectable. How it work ? Encryption module: Read more…
Brute-Forcing HTML Form Authentication There may come a time in your web hacking career where you need to either gain access to a target, or if you’re consulting, you might need to assess the password strength on an existing web system. It has become more and more common for Read more…
The Autopsy is a forensic tool which is used by the military, law enforcement, and corporate examiners to investigate what had happened on a smartphone or a computer. The Autopsy has a plug-in architecture which allows the user to find add-on modules or even develop custom modules written in Java or Python. Read more…
An Advanced Wireless Network Scan and Attack Script NETATTACK 2 is a python script that scans and attacks local and wireless networks. Everything is super easy because of the GUI that makes it unnecessary to remember commands and parameters. FUNCTIONS SCAN-FUNCTIONS Scan for Wi-Fi networks Scan for local Read more…
scanless Public Port Scan Scraper scanless Command-line utility for using websites that can perform port scans on your behalf. Useful for early stages of a penetration test or if you’d like to run a port scan on a host and have it not come from your IP address. scanless Read more…