Attack Archives - Hacker Gadgets

Hacking Tools

Bkcrack – Crack Legacy Zip Encryption With Biham And Kocher’s Known Plaintext Attack

13 Jan 2023 By hackergadgets

Crack legacy zip encryption with Biham and Kocher’s known plaintext attack. Overview A ZIP archive may contain many entries whose content can be compressed and/or encrypted. In particular, entries can be encrypted with a password-based Encryption Algorithm symmetric encryption algorithm referred to as traditional PKWARE encryption, legacy encryption or ZipCrypto. This algorithm generates a pseudo-randomRead More

Hacking Tools

Wodat – Windows Oracle Database Attack Toolkit

19 Nov 2022 By hackergadgets

Simple port of the popular Oracle Database Attack Tool (ODAT) (https://github.com/quentinhardy/odat) to C# .Net Framework. Credit to https://github.com/quentinhardy/odat as lots of the functionality are ported from his code. Perform password based attacks e.g. username as password, username list against given password, password list against given username, username:pass combolist. Test if a credential/connection string is workingRead More

Hacking Tools

SCMKit – Source Code Management Attack Toolkit

13 Nov 2022 By hackergadgets

[*] Source Code Management Attack Toolkit – SCMKit is a toolkit that can be used to attack SCM systems. SCMKit allows the user to specify the SCM system and attack module to use, along with specifying valid credentials (username/password or API key) to the respective SCM system. Currently, the SCM systems that SCMKit supports areRead More

Hacking Tools

MHDDoS – DDoS Attack Script With 56 Methods

21 Oct 2022 By hackergadgets

Hacking Tools

AWS-Threat-Simulation-and-Detection – Playing Around With Stratus Red Team (Cloud Attack Simulation Tool) And SumoLogic

06 Jun 2022 By hackergadgets

This repository is a documentation of my adventures with Stratus Red Team – a tool for adversary emulation for the cloud. Stratus Red Team is “Atomic Red Team for the cloud, allowing to emulate offensive attack techniques in a granular and self-contained manner. We run the attacks covered in the Stratus Red Team repository oneRead More

Hacking Tools

Puwr – SSH Pivoting Script For Expanding Attack Surfaces On Local Networks

06 Jun 2022 By hackergadgets

Easily expand your attack surface on a local network by discovering more hosts, via SSH. Using a machine running a SSH service, Puwr uses a given subnet range to scope out IP’s, sending back any successful ping requests it has. This can be used to expand out an attack surface on a local network, byRead More

Hacking Tools

Zap-Scripts – Zed Attack Proxy Scripts For Finding CVEs And Secrets

01 Jun 2022 By hackergadgets

Zed Attack Proxy Scripts for finding CVEs and Secrets. Building This project uses Gradle to build the ZAP add-on, simply run: ./gradlew build in the main directory of the project, the add-on will be placed in the directory build/zapAddOn/bin/. Usage The easiest way to use this repo in ZAP is to add the directory toRead More

Hacking Tools

EvilSelenium – A Tool That Weaponizes Selenium To Attack Chromium Based Browsers

11 Apr 2022 By hackergadgets

EvilSelenium is a new project that weaponizes Selenium to abuse Chromium-based browsers. The current features right now are: Steal stored credentials (via autofill) Steal cookies Take screenshots of websites Dump Gmail/O365 emails Dump WhatsApp messages Download & exfiltrate files Add SSH keys to GitHub Or extend the existing functionality to suit your needs (e.g. DownloadRead More

Hacking Tools

GoodHound – Uses Sharphound, Bloodhound And Neo4j To Produce An Actionable List Of Attack Paths For Targeted Remediation

14 Mar 2022 By hackergadgets

Attackers think in graphs, defenders think in actions, management think in charts. GoodHound operationalises Bloodhound by determining the busiest paths to high value targets and creating actionable output to prioritise remediation of attack paths. Usage Quick Start For a very quick start with most of the default options, make sure you have your neo4j serverRead More

Hacking Tools

openSquat – Detection Of Phishing Domains And Domain Squatting. Supports Permutations Such As Homograph Attack, Typosquatting And Bitsquatting

25 Feb 2022 By hackergadgets

What is openSquat openSquat is an opensource Intelligence (OSINT) security tool to identify cyber squatting threats to specific companies or domains, such as: Phishing campaigns Domain squatting Typo squatting Bitsquatting IDN homograph attacks Doppenganger domains Other brand/domain related scams It does support some key features such as: Automatic newly registered domain updating (once a day)Read More

Hacker Gadgets

Attack

Bkcrack – Crack Legacy Zip Encryption With Biham And Kocher’s Known Plaintext Attack

Wodat – Windows Oracle Database Attack Toolkit

SCMKit – Source Code Management Attack Toolkit

MHDDoS – DDoS Attack Script With 56 Methods

Puwr – SSH Pivoting Script For Expanding Attack Surfaces On Local Networks

Zap-Scripts – Zed Attack Proxy Scripts For Finding CVEs And Secrets

EvilSelenium – A Tool That Weaponizes Selenium To Attack Chromium Based Browsers

openSquat – Detection Of Phishing Domains And Domain Squatting. Supports Permutations Such As Homograph Attack, Typosquatting And Bitsquatting

Monomorph – MD5-Monomorphic Shellcode Packer – All Payloads Have The Same MD5 Hash

Sandfly-Entropyscan – Tool To Detect Packed Or Encrypt ed Binaries Related To Malware, Finds Malicious Files And Linux Processes And Gives Output With Cryptographic Hashes

DFShell – The Best Forwarded Shell

Yaralyzer – Visually Inspect And Force Decode YARA And Regex Matches Found In Both Binary And Text Data, With Colors

Product categories