Rekono – Execute Full Pentesting Processes Combining Multiple Hacking Tools Automatically

Rekono combines other hacking tools and its results to execute complete pentesting processes against a target in an automated way. The findings obtained during the executions will be sent to the user via email or Telegram notifications and also can be imported in Defect-Dojo if an advanced vulnerability management is needed. Moreover, Rekono includes aRead More

Gallia – Extendable Pentesting Framework

Gallia is an extendable pentesting framework with the focus on the automotive domain. The scope of gallia is conducting penetration tests from a single ECU up to whole cars, with the main focus on the UDS interface. Taking advantage of this modular design, the logging and archiving functionality was developed separately. Acting as a genericRead More

Nightingale – Docker Environment For Pentesting Which Having All The Required Tool For VAPT

In today’s technological era, docker is the most powerful technology in each and every domain, whether it is Development, cyber security, DevOps, Automation, or Infrastructure. Considering the demand of the industry, I would like to introduce my idea to create a NIGHTINGALE: docker image for pentesters. This docker image is ready to use environment willRead More

ADReaper – A Fast Enumeration Tool For Windows Active Directory Pentesting Written In Go

ADReaper is a tool written in Golang which enumerate a Active Directory environment with LDAP queries within few seconds. Installation You can download precompiled executable binaries for Windows/Linux from latest releases Install from source To build from source, clone the repo and build it with GO $ git clone$ cd ADReaper/$ go build UsageRead More

ADenum – A Pentesting Tool That Allows To Find Misconfiguration Through The The Protocol LDAP And Exploit Some Of Those Weaknesses With Kerberos

AD Enum is a pentesting tool that allows to find misconfiguration through the protocol LDAP and exploit some of those weaknesses with Kerberos. cracking (john) -jp [path] John binary path -w [wordList] The path of the wordlist to be used john (Default: /usr/share/seclists/Passwords/Leaked-Databases/rockyou.txt -v, –version Show program’s version number and exit -s Use LDAP withRead More

Scarce-Apache2 – A Framework For Bug Hunting Or Pentesting Targeting Websites That Have CVE-2021-41773 Vulnerability In Public

This tool can scan websites with CVE-2021-41773 Vulnerability that are affecting Apache2 Webserver, ScaRCE can run too for executing Remote Command Injections at the webservers that found from the scanning method (Only if the MOD_CGI is Enabled at the targeted webserver). This tool works with the provided Single target or Mass Target from a fileRead More

Viper – Intranet Pentesting Tool With Webui

Viper is a graphical intranet penetration tool, which modularizes and weaponizes the tactics and technologies commonly used in the process of Intranet penetration Viper integrates basic functions such as bypass anti-virus software, intranet tunnel, file management, command line and so on Viper has integrated 80+ modules, covering Resource Development / Initial Access / Execution /Read More

On-The-Fly – Tool Which Gives Capabilities To Perform Pentesting Tests In Several Domains (IoT, ICS & IT)

▒█████ ███▄ █ ▄▄▄█████▓ ██░ ██ ▓█████ █████ ██▓ ▓██ ██▓▒██▒ ██▒ ██ ▀█ █ ▓ ██▒ ▓▒▒▓██░ ██ ▓█ ▀ ▓██ ▓██▒ ▒██ ██▒▒██░ ██▒▓██ ▀█ ██▒ ▒ ▓██░ ▒░░▒██▀▀██ ▒███ ▒████ ▒██░ ▒██ ██░▒██ ██░▓██▒ ▐▌██▒ ░ ▓██▓ ░ ░▓█ ░██ ▒▓█ ▄ ░▓█▒ ▒██░ ░ ▐██▓░░ ████▓▒░▒██░ ▓██░ ▒██▒ ░ ░▓█▒░██▓▒░▒████ ▒░▒█░Read More

GraphQLmap – A Scripting Engine To Interact With A Graphql Endpoint For Pentesting Purposes

GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. Install $ git clone$ python _____ _ ____ _ / ____| | | / __ | | | | __ _ __ __ _ _ __ | |__ | | | | | _ __ ___ __ _ _Read More