Oralyzer – Tool To Identify Open Redirection

Oralyzer, a simple python script, capable of identifying the open redirection vulnerability in a website. It does that by fuzzing the url i.e. provided as the input. FeaturesOralyzer can identify different types of Open Redirect Vulnerabilities : Header Based Javascript Based Meta Tag Based InstallationOralyzer is built with python3.6 and hence aforesaid version would beRead More

Terrier – A Image And Container Analysis Tool To Identify And Verify The Presence Of Specific Files According To Their Hashes

[*] Terrier is a Image and Container analysis tool that can be used to scan OCI images and Containers to identify and verify the presence of specific files according to their hashes. A detailed writeup of Terrier can be found on the Heroku blog, https://blog.heroku.com/terrier-open-source-identifying-analyzing-containers. Installation BinariesFor installation instructions from binaries please visit the ReleasesRead More

Eavesarp – Analyze ARP Requests To Identify Intercommunicating Hosts And Stale Network Address Configurations (SNACs)

A reconnaissance tool that analyzes ARP requests to identify hosts that are likely communicating with one another, which is useful in those dreaded situations where LLMNR/NBNS aren’t in use for name resolution.Requirements/InstallationThis is only gon’ work on Kali or other Debian-based Linux distributionseavesarp requires Python3.7 and Scapy. After installing Python, run the following to installRead More

SUDO_KILLER – A Tool To Identify And Exploit Sudo Rules’ Misconfigurations And Vulnerabilities Within Sudo

Linux Privilege Escalation through SUDO abuse.If you like the tool and for my personal motivation so as to develop other tools please a +1 star *The tool can be used by pentesters, system admins, CTF players, students, System Auditors and trolls :). INTRO**WARNING: SUDO_KILLER is part of the KILLER project. SUDO_KILLER is still under developmentRead More

CredNinja – A Multithreaded Tool Designed To Identify If Credentials Are Valid, Invalid, Or Local Admin Valid Credentials Within A Network At-Scale Via SMB, Plus Now With A User Hunter

This tool is intended for penetration testers who want to perform an engagement quickly and efficiently. While this tool can be used for more covert operations (including some additions below), it really shines when used at the scale of a large network. At the core of it, you provide it a list of credentials youRead More