uDork – Tool That Uses Advanced Google Search Techniques To Obtain Sensitive Information In Files Or Directories, Find IoT Devices, Detect Versions Of Web Applications, And So On

uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on.uDork does NOT make attacks against any server, it only uses predefined dorks and/or official lists from exploit-db.com (Google Hacking Database: https://www.exploit-db.com/google-hacking-database).New functionalRead More

HawkScan – Security Tool For Reconnaissance And Information Gathering On A Website. (Python 2.X &Amp; 3.X)

Security Tool for Reconnaissance and Information Gathering on a website. (python 2.x & 3.x)This script use “WafW00f” to detect the WAF in the first step (https://github.com/EnableSecurity/wafw00f)This script use “Sublist3r” to scan subdomains (https://github.com/aboul3la/Sublist3r)This script use “waybacktool” to check in waybackmachine (https://github.com/Rhynorater/waybacktool)Features URL fuzzing and dir/file detection Test backup/old file on all the files found (index.php.bak,Read More

reNgine – An Automated Reconnaissance Framework Meant For Gathering Information During Penetration Testing Of Web Applications

reNgine is an automated reconnaissance framework meant for gathering information during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the websites, endpoints, and gather information. The beauty of reNgine is that it gathers everything in one place. It has a pipeline of reconnaissance, which can be customized.reNgineRead More

Kali-Linux-Tools-Interface – Graphical Web Interface Developed To Facilitate The Use Of Security Information Tools

A graphical interface to use information security tools by the browser. Getting StartedKali Linux Tools Interface is a graphical interface to use information security tools by the browser. The project uses the Kali Linux tools as a reference because it is the distribution that has the largest package of native tools.Prerequisites A Debian-based distribution (preferablyRead More

IIS-Raid – A Native Backdoor Module For Microsoft IIS (Internet Information Services)

IS Raid is a native IIS module that abuses the extendibility of IIS to backdoor the web server and carry out custom actions defined by an attacker. DocumentationWhen installed, IIS-Raid will process every request and method, check if the X-Password header exists and compare it against the hardcoded value. In case the value specified byRead More

Digital Signature Hijack – Binaries, PowerShell Scripts And Information About Digital Signature Hijacking

Hijacking legitimate digital signatures is a technique that can be used during red team assessments in order to sign PowerShell code and binaries. This could assist to bypass Device Guard restrictions and maintain stealthy in an engagement. DigitalSignatureHijack is a PowerShell script based on Matt Graeber research that can perform the following operations: Digitally signRead More

GitMonitor – A Github Scanning System To Look For Leaked Sensitive Information Based On Rules

GitMonitor is a Github scanning system to look for leaked sensitive information based on rules. I know that there are a lot of very good other tools for finding sensitive information leaked on Github right now, I myself currently still use some of them. However, I think they still lack some features like: A scanningRead More

ADCollector – A Lightweight Tool To Quickly Extract Valuable Information From The Active Directory Environment For Both Attacking And Defending

ADCollector is a lightweight tool that enumerates the Active Directory environment to identify possible attack vectors. It will give you a basic understanding of the configuration/deployment of the environment as a starting point. Notes:ADCollector is not an alternative to the powerful PowerView, it just automates enumeration to quickly identify juicy information without thinking too muchRead More

Project iKy v2.6.0 – Tool That Collects Information From An Email And Shows Results In A Nice Visual Interface

Project iKy is a tool that collects information from an email and shows results in a nice visual interface. Visit the Gitlab Page of the Project Installation Clone repository git clone https://gitlab.com/kennbroorg/iKy.git Install Backend Redis You must install Redis wget http://download.redis.io/redis-stable.tar.gztar xvzf redis-stable.tar.gzcd redis-stablemakesudo make install Python stuff and Celery You must install the librariesRead More

Project iKy v2.5.0 – Tool That Collects Information From An Email And Shows Results In A Nice Visual Interface

Project iKy is a tool that collects information from an email and shows results in a nice visual interface. Visit the Gitlab Page of the Project Installation Clone repository git clone https://gitlab.com/kennbroorg/iKy.git Install Backend Redis You must install Redis wget http://download.redis.io/redis-stable.tar.gztar xvzf redis-stable.tar.gzcd redis-stablemakesudo make install Python stuff and Celery You must install the librariesRead More

X