PEzor-Docker – With The Help Of This Docker Image, You Can Easily Access PEzor On Your System!

With the help of this kali linux image, you can easily access PEzor on your system! Basically, this image is built from the kalilinux/kali-rolling image and then the PEzor shellcode and PE packer is installed on top of it. Sometimes, it’s vital to have access to PEzor, specially in a post exploit phase, but installingRead More

S3Sec – Check AWS S3 Instances For Read/Write/Delete Access

Test AWS S3 buckets for read/write/delete access This tool was developed to quickly test a list of s3 buckets for public read, write and delete access for the purposes of penetration testing on bug bounty programs. Found a bug bounty using this tool? Feel free to add me as a collaborator: @0xmoot πŸ™‚ Installation CloneRead More

Authz0 – An Automated Authorization Test Tool. Unauthorized Access Can Be Identified Based On URLs And RolesAnd Credentials

Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials. URLs and Roles are managed as YAML-based templates, which can be automatically created and added through authz0. You can also test based on multiple authentication headers and cookies with a template file created/generated once. ο›Έ KeyRead More

TokenUniverse – An Advanced Tool For Working With Access Tokens And Windows Security Policy

Token Universe is an advanced tool that provides a wide range of possibilities to research Windows security mechanisms. It has a convenient interface for creating, viewing, and modifying access tokens, managing Local Security Authority and Security Account Manager’s databases. It allows you to obtain and impersonate different security contexts, manage privileges, auditing settings, and soRead More

DongTai – An Interactive Application Security testing(IAST) Product That Supports The Detection Of OWASP WEB TOP 10 Vulnerabilities, Multi-Request Related Vulnerabilities (Including Logic Vulnerabilities, Unauthorized Access Vulnerabilities, Etc.), Third-Party Component Vulnerabilities, Etc.

δΈ­ζ–‡η‰ˆζœ¬(Chinese version) About DongTai IAST DongTai IAST is an open-source passive interactive security testing (IAST) product. It uses dynamic hooks and taint tracking algorithms to achieve universal vulnerability detection and multiples request associated with vulnerability detection (including but not limited to unauthorized vulnerabilities, overpower vulnerabilities), Third-party component vulnerability detection, etc. Currently, applications in Java andRead More

403Bypasser – Automates The Techniques Used To Circumvent Access Control Restrictions On Target Pages

403bypasser automates the techniques used to circumvent access control restrictions on target pages. 403bypasser will continue to be improved and it is open to contributions. Installation Clone the repository to your machine. git clone https://github.com/yunemse48/403bypasser.git Install required modules by running the code pip install -r requirements.txt READY! Usage Arguments: Argument Description Examples Note -u singleRead More

GDir-Thief – Red Team Tool For Exfiltrating The Target Organization’S Google People Directory That You Have Access To, Via Google’s API

Red Team tool for exfiltrating the target organization’s Google People Directory that you have access to, via Google’s People API. HOW TO Create a new Google Cloud Platform (GCP) project Steps to get the Google API Access Token needed for connecting to the API Create a burner gmail/google account Login to said account Navigate toRead More

Storm-Breaker – Tool Social Engineering (Access Webcam, Microphone, OS Password Grabber And Location Finder) With Ngrok

Tool Social Engineering (Access Webcam, Microphone, OS Password Grabber And Location Finder) With Ngrok Features: Get Device Information Without Any Permissions Access Location [SMARTPHONES] Os Password Grabber [WIN-10] Access Webcam Access Microphone Operating Systems Tested Kali Linux 2020 Installation On Kali Linux $ git clone https://github.com/ultrasecurity/Storm-Breaker$ cd Storm-Breaker$ sudo bash linux-installer.sh$ python3 -m pip installRead More

Arbitrium-RAT – A Cross-Platform, Fully Undetectable Remote Access Trojan, To Control Android, Windows And Linux

Arbitrium is a cross-platform is a remote access trojan (RAT), Fully UnDetectable (FUD), It allows you to control Android, Windows and Linux and doesn’t require any firewall exceptions or port forwarding. It gives access to the local networks, you can use the targets as a HTTP proxy and access Router, discover local IPs and scanRead More

Ghost Framework – An Android Post-Exploitation Framework That Exploits The Android Debug Bridge To R emotely Access An Android Device

About Ghost Framework Ghost Framework is an Android post-exploitation framework that exploits theAndroid Debug Bridge to remotely access an Android device. Ghost Frameworkgives you the power and convenience of remote Android device administration. Getting started Ghost installation To install Ghost Framework you shouldexecute the following commands. cd ghost chmod +x install.sh ./install.sh Ghost uninstallation ToRead More

X