TokenUniverse – An Advanced Tool For Working With Access Tokens And Windows Security Policy

Token Universe is an advanced tool that provides a wide range of possibilities to research Windows security mechanisms. It has a convenient interface for creating, viewing, and modifying access tokens, managing Local Security Authority and Security Account Manager’s databases. It allows you to obtain and impersonate different security contexts, manage privileges, auditing settings, and soRead More

DongTai – An Interactive Application Security testing(IAST) Product That Supports The Detection Of OWASP WEB TOP 10 Vulnerabilities, Multi-Request Related Vulnerabilities (Including Logic Vulnerabilities, Unauthorized Access Vulnerabilities, Etc.), Third-Party Component Vulnerabilities, Etc.

中文版本(Chinese version) About DongTai IAST DongTai IAST is an open-source passive interactive security testing (IAST) product. It uses dynamic hooks and taint tracking algorithms to achieve universal vulnerability detection and multiples request associated with vulnerability detection (including but not limited to unauthorized vulnerabilities, overpower vulnerabilities), Third-party component vulnerability detection, etc. Currently, applications in Java andRead More

403Bypasser – Automates The Techniques Used To Circumvent Access Control Restrictions On Target Pages

403bypasser automates the techniques used to circumvent access control restrictions on target pages. 403bypasser will continue to be improved and it is open to contributions. Installation Clone the repository to your machine. git clone https://github.com/yunemse48/403bypasser.git Install required modules by running the code pip install -r requirements.txt READY! Usage Arguments: Argument Description Examples Note -u singleRead More

GDir-Thief – Red Team Tool For Exfiltrating The Target Organization’S Google People Directory That You Have Access To, Via Google’s API

Red Team tool for exfiltrating the target organization’s Google People Directory that you have access to, via Google’s People API. HOW TO Create a new Google Cloud Platform (GCP) project Steps to get the Google API Access Token needed for connecting to the API Create a burner gmail/google account Login to said account Navigate toRead More

Storm-Breaker – Tool Social Engineering (Access Webcam, Microphone, OS Password Grabber And Location Finder) With Ngrok

Tool Social Engineering (Access Webcam, Microphone, OS Password Grabber And Location Finder) With Ngrok Features: Get Device Information Without Any Permissions Access Location [SMARTPHONES] Os Password Grabber [WIN-10] Access Webcam Access Microphone Operating Systems Tested Kali Linux 2020 Installation On Kali Linux $ git clone https://github.com/ultrasecurity/Storm-Breaker$ cd Storm-Breaker$ sudo bash linux-installer.sh$ python3 -m pip installRead More

Arbitrium-RAT – A Cross-Platform, Fully Undetectable Remote Access Trojan, To Control Android, Windows And Linux

Arbitrium is a cross-platform is a remote access trojan (RAT), Fully UnDetectable (FUD), It allows you to control Android, Windows and Linux and doesn’t require any firewall exceptions or port forwarding. It gives access to the local networks, you can use the targets as a HTTP proxy and access Router, discover local IPs and scanRead More

Ghost Framework – An Android Post-Exploitation Framework That Exploits The Android Debug Bridge To R emotely Access An Android Device

About Ghost Framework Ghost Framework is an Android post-exploitation framework that exploits theAndroid Debug Bridge to remotely access an Android device. Ghost Frameworkgives you the power and convenience of remote Android device administration. Getting started Ghost installation To install Ghost Framework you shouldexecute the following commands. cd ghost chmod +x install.sh ./install.sh Ghost uninstallation ToRead More

Slipstream – NAT Slipstreaming Allows An Attacker To Remotely Access Any TCP/UDP Services Bound To A Victim Machine, Bypassing The Victim’s NAT/firewall, Just By The Victim Visiting A Website

NAT Slipstreaming allows an attacker to remotely access any TCP/UDP services bound to a victim machine, bypassing the victim’s NAT/firewall (arbitrary firewall pinhole control), just by the victim visiting a website. Developed by: @SamyKamkar // https://samy.pl Released: October 31, 2020 Source code: https://github.com/samyk/slipstream   animated version here generated with my fork of draw.io, allowing exportable edgeRead More

paradoxiaRAT – Native Windows Remote Access Tool

Paradoxia Remote Access Tool.  Features Paradoxia Console Feature Description Easy to use Paradoxia is extremely easy to use, So far the easiest rat! Root Shell – Automatic Client build Build Paradoxia Client easily with or without the icon of your choice. Multithreaded Multithreaded Console server, You can get multiple sessions. Toast Notifications Desktop notification onRead More

X