Psudohash – Password List Generator That Focuses On Keywords Mutated By Commonly Used Password Creation Patterns

psudohash is a password list generator for orchestrating brute force attacks. It imitates certain password creation patterns commonly used by humans, like substituting a word’s letters with symbols or numbers, using char-case variations, adding a common padding before or after the word and more. It is keyword-based and highly customizable. Pentesting Corporate Environments System administratorsRead More

Heyserial – Programmatically Create Hunting Rules For Deserialization Exploitation With Multiple Keywords, Gadget Chains, Object Types, Encodings, And Rule Types

Programmatically create hunting rules for deserialization exploitation with multiple keywords (e.g. cmd.exe) gadget chains (e.g. CommonsCollection) object types (e.g. ViewState, Java, Python Pickle, PHP) encodings (e.g. Base64, raw) rule types (e.g. Snort, Yara) Disclaimer Rules generated by this tool are intended for hunting/research purposes and are not designed for high fidelity/blocking purposes. Please test thoroughlyRead More

DomainAlerting – Daily Alert When A New Domain Name Is Registered And Contains Your Keywords

Daily alert when a new domain name is registered and contains your keywords. Description DomainAlerting tool allows you to perform two main actions (for educational purposes only): Download newly registered domains Send automatic email alert You can setup a wordlist and be alerted by email when you have a match (exemple here with “google|amazon”). PrerequisiteRead More

Git-Secret – Go Scripts For Finding An API Key / Some Keywords In Repository

Go scripts for finding an API key / some keywords in repository Update V1.0.1 Removing some checkers Adding example file contains github dorks How to Install go get How to Use ./Git-Secret For path contain dorks, you can fill it with some keywords, for example keyword.txt passwordusernamekeysaccess_keys Reference Download Git-Secret