Turbo-Intruder – A Burp Suite Extension For Sending Large Numbers Of HTTP Requests And Analyzing The Results

Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results. It’s intended to complement Burp Intruder by handling attacks that require exceptional speed, duration, or complexity. The following features set it apart: Fast – Turbo Intruder uses a HTTP stack hand-coded from scratch with speed in mind.Read More

Chameleon – Customizable Honeypots For Monitoring Network Traffic, Bots Activities And UsernamePassword Credentials (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, RDP, VNC, SMB, SOCKS5, Redis, TELNET, Postgres And MySQL)

Customizable honeypots for monitoring network traffic, bots activities and usernamepassword credentials (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, RDP, VNC, SMB, SOCKS5, Redis, TELNET and Postgres and MySQL) Grafana Interface NMAP Scan Credentials Monitoring General Features Modular approach (honeypots run as scripts or imported as objects) Most honeypots serve as servers (Only aRead More

Teler – Real-time HTTP Intrusion Detection

teler is an real-time intrusion detection and threat alert based on web log that runs in a terminal with resources that we collect and provide by the community. Features Real-time: Analyze logs and identify suspicious activity in real-time. Alerting: teler provides alerting when a threat is detected, push notifications include Slack, Telegram and Discord. Monitoring:Read More

Hetty – An HTTP Toolkit For Security Research

Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty community. Features Man-in-the-middle (MITM) HTTP/1.1 proxy with logs Project based database storage (SQLite) Scope support Headless management API usingRead More

H2Csmuggler – HTTP Request Smuggling Over HTTP/2 Cleartext (H2C)

h2cSmuggler smuggles HTTP traffic past insecure edge-server proxy_pass configurations by establishing HTTP/2 cleartext (h2c) communications with h2c-compatible back-end servers, allowing a bypass of proxy rules and access controls. See my detailed write-up below for: Technical breakdown of the vulnerability Insecure-by-default services Remediation guidance Here: https://labs.bishopfox.com/tech-blog/h2c-smuggling-request-smuggling-via-http/2-cleartext-h2c How to test? Any proxy endpoint that forwards h2c upgradeRead More

CRLFMap – A Tool To Find HTTP Splitting Vulnerabilities

CRLFMap is a tool to find HTTP Splitting vulnerabilities Why? I wanted to write a tool in Golang for concurrency I wanted to be able to fuzz both parameters and paths Installation go get github.com/ryandamour/crlfmap Help Available Commands: help Help about any command scan A scanner for all your CRLF needsFlags: -h, –help help forRead More

Pivotnacci – A Tool To Make Socks Connections Through HTTP Agents

Pivot into the internal network by deploying HTTP agents. Pivotnacci allows you to create a socks server which communicates with HTTP agents. The architecture looks like the following: This tool was inspired by the great reGeorg. However, it includes some improvements: Support for balanced servers Customizable polling interval, useful to reduce detection rates Auto dropRead More

Httpgrep – Scans HTTP Servers To Find Given Strings In URIs

A python tool which scans for HTTP servers and finds given strings in URIs. Usage $ httpgrep -H–==[ httpgrep by nullsecurity.net ]==–usage httpgrep -h <args> -s <arg> [opts] | <misc>opts -h <hosts|file> – single host or host-range/cidr-range or file containing hosts, e.g.: foobar.net, 192.168.0.1-192.168.0.254, 192.168.0.0/24, /tmp/hosts.txt -p <port> – port to connect to (default: 80)Read More

X