Multiple

SQLiDetector – Helps You To Detect SQL Injection "Error Based" By Sending Multiple Requests With 14 Payloads And Checking For 152 Regex Patterns For Different Databases

23 Jan 2023 By hackergadgets

Simple python script supported with BurpBouty profile that helps you to detect SQL injection “Error based” by sending multiple requests with 14 payloads and checking for 152 regex patterns for different databases. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-| S|Q|L|i| |D|e|t|e|c|t|o|r|| Coded By: Eslam Akl @eslam3kll & Khaled Nassar @knassar702| Version: 1.0.0| Blog: eslam3kl.medium.com+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- Description The main idea for the toolRead More

Rekono – Execute Full Pentesting Processes Combining Multiple Hacking Tools Automatically

27 Aug 2022 By hackergadgets

Rekono combines other hacking tools and its results to execute complete pentesting processes against a target in an automated way. The findings obtained during the executions will be sent to the user via email or Telegram notifications and also can be imported in Defect-Dojo if an advanced vulnerability management is needed. Moreover, Rekono includes aRead More

Atomic-Operator – A Python Package Is Used To Execute Atomic Red Team Tests (Atomics) Across Multiple Operating System Environments

03 Jun 2022 By hackergadgets

This python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments. (What’s new?)   Why? atomic-operator enables security professionals to test their detection and defensive capabilities against prescribed techniques defined within atomic-red-team. By utilizing a testing framework such as atomic-operator, you can identify both your defensive capabilities as wellRead More

Heyserial – Programmatically Create Hunting Rules For Deserialization Exploitation With Multiple Keywords, Gadget Chains, Object Types, Encodings, And Rule Types

13 May 2022 By hackergadgets

Programmatically create hunting rules for deserialization exploitation with multiple keywords (e.g. cmd.exe) gadget chains (e.g. CommonsCollection) object types (e.g. ViewState, Java, Python Pickle, PHP) encodings (e.g. Base64, raw) rule types (e.g. Snort, Yara) Disclaimer Rules generated by this tool are intended for hunting/research purposes and are not designed for high fidelity/blocking purposes. Please test thoroughlyRead More

Uncover – Quickly Discover Exposed Hosts On The Internet Using Multiple Search Engine

09 Apr 2022 By hackergadgets

uncover is a go wrapper using APIs of well known search engines to quickly discover exposed hosts on the internet. It is built with automation in mind, so you can query it and utilize the results with your current pipeline tools. Currently, it supports shodan, censys, and fofa search engine. Features Simple and Handy utilityRead More

Ostorlab – A Security Scanning Platform That Enables Running Complex Security Scanning Tasks Involving Multiple Tools In An Easy, Scalable And Distributed Way

28 Mar 2022 By hackergadgets

The Sales Pitch If this is the first time you are visiting the Ostorlab Github page, here is the sales pitch. Security testing requires often chaining tools together, taking the output from one, mangling it, filtering it and then pushing it to another tool. Several tools have tried to make the process less painful withRead More

Ntlm_Theft – A Tool For Generating Multiple Types Of NTLMv2 Hash Theft Files

17 Sep 2021 By

A tool for generating multiple types of NTLMv2 hash theft files. ntlm_theft is an Open Source Python3 Tool that generates 21 different types of hash theft documents. These can be used for phishing when either the target allows smb traffic outside their network, or if you are already inside the internal network. The benefits ofRead More

Httpx – A Fast And Multi-Purpose HTTP Toolkit Allows To Run Multiple Probers Using Retryablehttp Library, It Is Designed To Maintain The Result Reliability With Increased Threads

15 May 2021 By

httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads. Features Simple and modular code base making it easy to contribute. Fast And fully configurable flags to probe mutiple elements. Supports multiple HTTP based probings. Smart auto fallbackRead More

Boomerang – A Tool To Expose Multiple Internal Servers To Web/Cloud

29 Mar 2021 By

Boomerang is a tool to expose multiple internal servers to web/cloud using HTTP+TCP Tunneling. The Server will expose 2 ports on the Cloud. One will be where tools like proxychains can connect over socks, another will be for the agent to connect. The agent can be executed on any internal host. The agent will connectRead More

Confused – Tool To Check For Dependency Confusion Vulnerabilities In Multiple Package Management Systems

16 Mar 2021 By

A tool for checking for lingering free namespaces for private package names referenced in dependency configuration for Python (pypi) requirements.txt, JavaScript (npm) package.json, PHP (composer) composer.json or MVN (maven) pom.xml. What is this all about? On 9th of February 2021, a security researcher Alex Birsan published an article that touched different resolve order flaws inRead More

X