DAGOBAH – Open Source Tool To Generate Internal Threat Intelligence, Inventory & Compliance Data From AWS Resources

Dagobah is an open source tool written in python to automate the internal threat intelligence generation, inventory collection and compliance check from different AWS resources. Dagobah collects information and save the state into an elasticsearch index.Dagobah runs into the a LAMBDA and looks at all the AWS REGIONS, actually collect differents configurations from: EC2 VPCRead More

DroidTracker – Script To Generate An Android App To Track Location In Real Time

Script to generate an Android App to track location in real time Features: Custom App Name 2 Port Forwarding options (Ngrok or using SSH Tunneling with Serveo.net) Obfuscated URL by Tinyurl Fully Undetectable Legal disclaimer:Usage of DroidTracker for attacking targets without prior mutual consent is illegal. It’s the end user’s responsibility to obey all applicableRead More

URLCADIZ – A Simple Script To Generate A Hidden Url For Social Engineering

A simple script to generate a hidden url for social engineering.Legal disclaimer:Usage of URLCADIZ for attacking targets without prior mutual consent is illegal. It’s the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program InstallingRead More

URLCrazy – Generate And Test Domain Typos And Variations To Detect And Perform Typo Squatting, URL Hijacking, Phishing, And Corporate Espionage

URLCrazy is an OSINT tool to generate and test domain typos or variations to detect or perform typo squatting, URL hijacking, phishing, and corporate espionage.Homepage: https://www.morningstarsecurity.com/research/urlcrazyUse Cases Detect typo squatters profiting from typos on your domain name Protect your brand by registering popular typos Identify typo domain names that will receive traffic intended for anotherRead More

Spyeye – Script To Generate Win32 .Exe File To Take Screenshots

Script to generate Win32 .exe file to take screenshots every ~10 seconds. Features: Works on WAN: Port Forwarding by Serveo.net Fully Undetectable (FUD) -> Don’t Upload to virustotal.com! Legal disclaimer:Usage of SpyEye for attacking targets without prior mutual consent is illegal. It’s the end user’s responsibility to obey all applicable local, state and federal laws.Read More

Words Scraper – Selenium Based Web Scraper To Generate Passwords List

Selenium based web scraper to generate passwords list. Installation # Download Firefox webdriver from https://github.com/mozilla/geckodriver/releases$ tar xzf geckodriver-v{VERSION-HERE}.tar.gz$ sudo mv geckodriver /usr/local/bin # Make sure it is in your PATH$ geckodriver –version # Make sure webdriver is properly installed$ git clone https://github.com/dariusztytko/words-scraper$ sudo pip3 install -r words-scraper/requirements.txt Use cases Scraping words from the target’s pagesRead More

Thoron Framework – Tool To Generate Simple Payloads To Provide Linux TCP Attack

About Thoron Framework Thoron Framework is a Linux post-exploitation framework that exploitLinux tcp vulnerability to get shell-like connection. Thoron Framework is used to generate simple payloads to provide Linux tcp attack. Getting started Thoron installation cd thoron chmod +x install.sh ./install.sh Thoron uninstallation cd thoron chmod +x uninstall.sh ./uninstall.sh Thoron Framework execution To execute ThoronRead More

BurpSuite Random User-Agents – Burp Suite Extension For Generate A Random User-Agents

A Burp Suite extension to help pentesters to generate a random user-agent. This extension has been developed by M’hamed (@m4ll0k) Outaadi.InstallationDownload a jar file in release or compile the java code: $ git clone https://github.com/m4ll0k/BurpSuite-Random_UserAgent.git random-useragents$ cd random-useragents/src/main/java$ javac burp/*.java$ jar cf random-useragents.jar burp/*.class video installation video Download BurpSuite-Random_UserAgent

X