OWASP Nettacker project is created to automate information gathering, vulnerability scanning and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and other information. This software will utilize TCP SYN, ACK, ICMP, and many other protocols in order to detect and bypass Firewall/IDS/IPS devices. By leveraging a unique method in OWASP Nettacker forRead More
AutoPentest-DRL is an automated penetration testing framework based on Deep Reinforcement Learning (DRL) techniques. The framework determines the most appropriate attack path for a given network, and can be used to execute a simulated attack on that network via penetration testing tools, such as Metasploit. AutoPentest-DRL is being developed by the Cyber Range Organization andRead More
CyberBattleSim is an experimentation research platform to investigate the interaction of automated agents operating in a simulated abstract enterprise network environment. The simulation provides a high-level abstraction of computer networks and cyber security concepts. Its Python-based Open AI Gym interface allows for training of automated agents using reinforcement learning algorithms. The simulation environment is parameterizedRead More
Automated Tool That Generate A Powershell Oneliner That Can Create Meterpreter Shell On Metasploit,Bypass AMSI,Bypass Firewall,Bypass UAC,And Bypass Any AVs. This tool is powered by Metasploit-Framework and amsi.fail Notes NEVER UPLOAD THE PAYLOAD THAT GENERATED BY THIS PROGRAM TO ANY ONLINE SCANNER NEVER USE THIS PROGRAM FOR MALICIOUS PURPOSE SPREADING THE PAYLOAD THAT GENERATED BYRead More
Automated, extensible toolset that runs cypher queries against Bloodhound’s Neo4j backend and saves output to spreadsheets. Description This is a bash script that automates running cypher queries against Bloodhound data stored in a Neo4j database. I found myself re-running the same queries through the Neo4j web interface on multiple assessments and figured there must beRead More
Redcloud is a powerful and user-friendly toolbox for deploying a fully featured Red Team Infrastructure using Docker. Harness the cloud’s speed for your tools. Deploys in minutes. Use and manage it with its polished web interface. Ideal for your penetration tests, shooting ranges, red teaming and bug bounties! Self-host your attack infrastructure painlessly, deploy yourRead More
An automated web hacking framework for web applications Detailed insight about Vajra can be found at https://hackwithproxy.medium.com/introducing-vajra-an-advanced-web-hacking-framework-bd8307a01aa8 About Vajra Vajra is an automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing. Vajra has highly customizable target scope based scan feature. Instead of runningRead More
OWASP ASST (Automated Software Security Toolkit) | A Novel Open Source Web Security Scanner. Note: AWSS is the older name of ASST Introduction Web applications have become an integral part of everyday life, but many of these applications are deployed with critical vulnerabilities that can be fatally exploited. As the technology used to develop theseRead More
GRecon (Greei-Conn) is a simple python tool that automates the process of Google Based Recon AKA Google Dorking The current Version 1.0 Run 7 Search Queries (7 Micro-Plugins) on the spicified Target Providing Awsome Results Current Version Run Google Search Queries to find : Subdomains Sub-Subdomains Signup/Login pages Dir Listing Exposed Docs pdf…xls…docx… WordPress EntriesRead More
Automated Web Assets Enumeration & Scanning Instructions for running Create an account on Zulip Navigate to Settings > Your Bots > Add a new bot Create a new generic bot named kenzer Add all the configurations in configs/kenzer.conf Install/Run using – ./install.sh -b [if you need kenzer-compatible binaries to be installed] ./install.sh [if you doRead More
