ReconNote – Web Application Security Automation Framework Which Recons The Target For Various Assets To Maximize The Attack Surface For Security Professionals & Bug-Hunters

Web Application Security Recon Automation Framework It takes user input as a domain name and maximize the attack surface area by listing the assets of the domain like – Subdomains from – Amass ,findomain, subfinder & resolvable subdomains using shuffledns Screenshots Port Scan JS files Httpx Status codes of subdomains Dirsearch file/dir paths by fuzzingRead More

Apk-Medit – Memory Search And Patch Tool On Debuggable Apk Without Root & Ndk

Apk-medit is a memory search and patch tool for debuggable apk without root & ndk. It was created for mobile game security testing. Motivation Memory modification is the easiest way to cheat in games, it is one of the items to be checked in the security test. There are also cheat tools that can beRead More

NERVE – Network Exploitation, Reconnaissance & Vulnerability Engine

NERVE is a vulnerability scanner tailored to find low-hanging fruit level vulnerabilities, in specific application configurations, network services, and unpatched services. It is not a replacement for Qualys, Nessus, or OpenVAS. It does not do authenticated scans, and operates in black-box mode only. NERVE will do “some” CVE checks, but this is primarily coming fromRead More

Mihari – A Helper To Run OSINT Queries & Manage Results Continuously

Mihari is a helper to run queries & manage results continuously. Mihari can be used for C2, landing page and phishing hunting. How it works Mihari makes a query against Shodan, Censys, VirusTotal, SecurityTrails, etc. and extracts artifacts (IP addresses, domains, URLs and hashes) from the results. Mihari checks whether a DB (SQLite3 or PostgreSQL)Read More

DAGOBAH – Open Source Tool To Generate Internal Threat Intelligence, Inventory & Compliance Data From AWS Resources

Dagobah is an open source tool written in python to automate the internal threat intelligence generation, inventory collection and compliance check from different AWS resources. Dagobah collects information and save the state into an elasticsearch index.Dagobah runs into the a LAMBDA and looks at all the AWS REGIONS, actually collect differents configurations from: EC2 VPCRead More

EternalBlueC – EternalBlue Suite Remade In C/C++ Which Includes: MS17-010 Exploit, EternalBlue Vulnerability Detector, DoublePulsar Detector And DoublePulsar Shellcode & DLL Uploader

[*]EternalBlue suite remade in C which includes: MS17-010 Exploit, EternalBlue/MS17-010 vulnerability detector, DoublePulsar detector and DoublePulsar UploadDLL & Shellcode[*] ms17_vuln_status.cpp – This program sends 4 SMB packets. 1 negociation packet and 3 requests. This program reads the NT_STATUS response from a TransNamedPipeRequest ( PeekNamedPipe request ) and determines if NT_STATUS = 0xC0000205 ( STATUS_INSUFF_SERVER_RESOURCES ).Read More

Espionage – A Network Packet And Traffic Interceptor For Linux. Spoof ARP & Wiretap A Network

Espionage is a network packet sniffer that intercepts large amounts of data being passed through an interface. The tool allows users to to run normal and verbose traffic analysis that shows a live feed of traffic, revealing packet direction, protocols, flags, etc. Espionage can also spoof ARP so, all data sent by the target getsRead More

Sifter 7.4 – OSINT, Recon & Vulnerability Scanner

Sifter is a osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the ‘blue’ vulnerabilities within microsft and if unpatched, exploit them. It uses tools like blackwidow and konan for webdirRead More

InstaSave – Python Script To Download Images, Videos & Profile Pictures From Instagram

InstaSave is a python script to download images, videos & profile pictures from Instagram without any API access.Features Download Instagram Photos Download Instagram Videos Download Instagram Profile Pictures Git Installation # clone the repo$ git clone https://github.com/sameera-madushan/InstaSave.git# change the working directory to InstaSave$ cd InstaSave# install the requirements$ pip3 install -r requirements.txt Usage python instasave.pyRead More

X