Extension

MacHound – An extension to audit Bloodhound collecting and ingesting of Active Directory relationships on MacOS hosts

04 Jul 2021 By

MacHound is an extension to the Bloodhound audting tool allowing collecting and ingesting of Active Directory relationships on MacOS hosts. MacHound collects information about logged-in users, and administrative group members on Mac machines and ingest the information into the Bloodhound database. In addition to using the HasSession and AdminTo edges, MacHound adds three new edgesRead More

Aggrokatz – An Aggressor Plugin Extension For Cobalt Strike Which Enables Pypykatz To Interface With The Beacons Remotely

17 Jun 2021 By

aggrokatz is an Aggressor plugin extension for CobaltStrike which enables pypykatz to interface with the beacons remotely. The current version of aggrokatz allows pypykatz to parse LSASS dump files and Registry hive files to extract credentials and other secrets stored without downloading the file and without uploading any suspicious code to the beacon (Cobalt StrikeRead More

Swissknife – Scriptable VSCode Extension To Generate Or Manipulate Data. Stop Pasting Sensitive Data In Webpag

15 Apr 2021 By

The developers swissknife. Do conversions and generations right out of vs code. Extendable with user scripts Available in the Visual Studio Marketplace Currently available scripts Base64 decode Base64 encode Binary To Text Bip39 Mnemonic CSV to Markdown Count characters Count words Crypto currency value Date to Timestamp Eliptic Curve Key Pair Generate Password HTML EncodeRead More

Burpsuite-Copy-As-XMLHttpRequest – Copy As XMLHttpRequest BurpSuite Extension

07 Apr 2021 By

The extension adds a context menu to BurpSuite that allows you to copy multiple requests as Javascript’s XmlHttpRequest, which simplifies PoC development when exploiting XSS. Installation download the latest JAR from releases or build manually add JAR to burpsuite using tabs: “Extender” -> “Extensions” -> “Add” Usage select one request from any tab or aRead More

Turbo-Intruder – A Burp Suite Extension For Sending Large Numbers Of HTTP Requests And Analyzing The Results

17 Mar 2021 By

Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results. It’s intended to complement Burp Intruder by handling attacks that require exceptional speed, duration, or complexity. The following features set it apart: Fast – Turbo Intruder uses a HTTP stack hand-coded from scratch with speed in mind.Read More

BurpMetaFinder – Burp Suite Extension For Extracting Metadata From Files

02 Feb 2021 By

Burp Suite extension for extracting metadata from files Currently supported documents: PDF DOCX PPTX XLSX The project created at Jetbrains has been completely added. Don’t forget to change the settings you need. Usage You need to dowload 2 external libraries: pdfbox poi-ooxml To install the extension in BurpSuite, go to Extensions > Options and configureRead More

Hack-Tools v0.3.0 – The All-In-One Red Team Extension For Web Pentester

06 Jan 2021 By

The all-in-one Red Team browser extension for Web Pentesters HackTools, is a web extension facilitating your web application penetration tests, it includes cheat sheets as well as all the tools used during a test such as XSS payloads, Reverse shells and much more. With the extension you no longer need to search for payloads inRead More

403Bypasser – Burpsuite Extension To Bypass 403 Restricted Directory

13 Dec 2020 By

An burpsuite extension to bypass 403 restricted directory. By using PassiveScan (default enabled), each 403 request will be automatically scanned by this extension, so just add to burpsuite and enjoy. Payloads: $1: HOSTNAME $2: PATH $1/$2$1/%2e/$2$1/$2/.$1//$2//$1/./$2/./$1/$2anything -H “X-Original-URL: /$2” $1/$2 -H “X-Custom-IP-Authorization: 127.0.0.1” $1 -H “X-Rewrite-URL: /$2″$1/$2 -H “Referer: /$2″$1/$2 -H “X-Originating-IP: 127.0.0.1″$1/$2 -H “X-Forwarded-For:Read More

Widevine-L3-Decryptor – A Chrome Extension That Demonstrates Bypassing Widevine L3 DRM

29 Oct 2020 By

Widevine is a Google-owned DRM system that’s in use by many popular streaming services (Netflix, Spotify, etc.) to prevent media content from being downloaded. But Widevine’s least secure security level, L3, as used in most browsers and PCs, is implemented 100% in software (i.e no hardware TEEs), thereby making it reversible and bypassable. This ChromeRead More

Hack-Tools – The All-In-One Red Team Extension For Web Pentester

27 Aug 2020 By

The all-in-one Red Team browser extension for Web PentestersHackTools, is a web extension facilitating your web application penetration tests, it includes cheat sheets as well as all the tools used during a test such as XSS payloads, Reverse shells and much more.With the extension you no longer need to search for payloads in different websitesRead More

X