tempomail is a standalone binary that allows you to create a temporary email address in 1 Second and receive emails. It uses 1secmail’s API. No dependencies required! Installation From Binary Download the pre-built binaries for different platforms from the releases page. Extract them using tar, move it to your $PATH and you’re ready to go.Read More
[*] jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce) Installation go-get(dev version) $ go get -u github.com/hahwul/jwt-hack homebrew $ brew tap hahwul/jwt-hack$ brew install jwt-hack snapcraft $ sudo snap install jwt-hack Usage d8p 8d8 d88 888888888 888 888 ,8b. dooooooRead More
CSRFER is a tool to generate csrf payloads, based on vulnerable requests. It parses supplied requests to generate either a form or a fetch request. The payload can then be embedded in an html template. Installation _____ _________________ ___________ / __ / ___| ___ ___| ___| ___ | / / `–.| |_/ / |_ |Read More
A security framework for enterprises and Red Team personnel, supports CobaltStrike’s penetration testing of other platforms (Linux / MacOS / …), supports custom modules, and includes some commonly used penetration modules.Only for internal use by enterprises and organizations, this framework has a certain degree of instability. Non-professionals are not allowed to use it. Anyone shallRead More
Dagobah is an open source tool written in python to automate the internal threat intelligence generation, inventory collection and compliance check from different AWS resources. Dagobah collects information and save the state into an elasticsearch index.Dagobah runs into the a LAMBDA and looks at all the AWS REGIONS, actually collect differents configurations from: EC2 VPCRead More
Script to generate an Android App to track location in real time Features: Custom App Name 2 Port Forwarding options (Ngrok or using SSH Tunneling with Serveo.net) Obfuscated URL by Tinyurl Fully Undetectable Legal disclaimer:Usage of DroidTracker for attacking targets without prior mutual consent is illegal. It’s the end user’s responsibility to obey all applicableRead More
A simple script to generate a hidden url for social engineering.Legal disclaimer:Usage of URLCADIZ for attacking targets without prior mutual consent is illegal. It’s the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program InstallingRead More
URLCrazy is an OSINT tool to generate and test domain typos or variations to detect or perform typo squatting, URL hijacking, phishing, and corporate espionage.Homepage: https://www.morningstarsecurity.com/research/urlcrazyUse Cases Detect typo squatters profiting from typos on your domain name Protect your brand by registering popular typos Identify typo domain names that will receive traffic intended for anotherRead More
Script to generate Win32 .exe file to take screenshots every ~10 seconds. Features: Works on WAN: Port Forwarding by Serveo.net Fully Undetectable (FUD) -> Don’t Upload to virustotal.com! Legal disclaimer:Usage of SpyEye for attacking targets without prior mutual consent is illegal. It’s the end user’s responsibility to obey all applicable local, state and federal laws.Read More
Selenium based web scraper to generate passwords list. Installation # Download Firefox webdriver from https://github.com/mozilla/geckodriver/releases$ tar xzf geckodriver-v{VERSION-HERE}.tar.gz$ sudo mv geckodriver /usr/local/bin # Make sure it is in your PATH$ geckodriver –version # Make sure webdriver is properly installed$ git clone https://github.com/dariusztytko/words-scraper$ sudo pip3 install -r words-scraper/requirements.txt Use cases Scraping words from the target’s pagesRead More
