HSTP – Simple Hyper Service Transfer Protocol On Networks

The protocol aims to develop a application layer abstraction for the Hyper Service Transfer Protocol. HSTP is a recursion as nature of HSTP. This protocol implements itself as a interface. On every internet connected device, there is a HSTP instance. That’s why the adoption is not needed. HSTP already running top of the internet. WeRead More

Cdb – Automate Common Chrome Debug Protocol Tasks To Help Debug Web Applications From The Command-Line And Actively Monitor And Intercept HTTP Requests And Responses

Pown CDB is a Chrome Debug Protocol utility. The main goal of the tool is to automate common tasks to help debug web applications from the command-line and actively monitor and intercept HTTP requests and responses. This is particularly useful during penetration tests and other types of security assessments and investigations. Credits This tool isRead More

Zkar – A Java Serialization Protocol Analysis Tool Implement In Go

ZKar is a Java serialization protocol analysis tool implement in Go. This tool is still work in progress, so no complete API document and contribution guide. ZKar provides: A Java serialization payloads parser and viewer in pure Go, no CGO or JDK is required From the Java serialization protocol to a Go struct A GoRead More

ADenum – A Pentesting Tool That Allows To Find Misconfiguration Through The The Protocol LDAP And Exploit Some Of Those Weaknesses With Kerberos

AD Enum is a pentesting tool that allows to find misconfiguration through the protocol LDAP and exploit some of those weaknesses with Kerberos. cracking (john) -jp [path] John binary path -w [wordList] The path of the wordlist to be used john (Default: /usr/share/seclists/Passwords/Leaked-Databases/rockyou.txt -v, –version Show program’s version number and exit -s Use LDAP withRead More

Boofuzz – Network Protocol Fuzzing for Humans

Boofuzz is a fork of and the successor to the venerable Sulley fuzzing framework. Besides numerous bug fixes, boofuzz aims for extensibility. The goal: fuzz everything. Why? Sulley has been the preeminent open source fuzzer for some time, but has fallen out of maintenance. Features Like Sulley, boofuzz incorporates all the critical elements of aRead More

Private Set Membership (PSM) – Cryptographic Protocol That Allows Clients To Privately Query

Private Set Membership (PSM) is a cryptographic protocol that allows clients to privately query whether the client’s identifier is a member of a set of identifiers held by a server in a privacy-preserving manner. At a high level, PSM provides the following privacy guarantees: The server does not learn the client’s queried identifier in theRead More

Http-Protocol-Exfil – Exfiltrate Files Using The HTTP Protocol Version ("HTTP/1.0" Is A 0 And "HTTP/1.1" Is A 1)

Use the HTTP protocol version to send a file bit by bit (“HTTP/1.0” is a 0 and “HTTP/1.1” is a 1). It uses GET requests so the Blue Team would only see the requests to your IP address. However, it takes a long time to send bigger files, for example it needs 1 hour toRead More

Fapro – Free, Cross-platform, Single-file mass network protocol server simulator

FaPro is a Fake Protocol Server tool, Can easily start or stop multiple network services. The goal is to support as many protocols as possible, and support as many deep interactions as possible for each protocol. Features Supported Running Modes: Local Machine Virtual Network Supported Protocols: DNS DCE/RPC EIP Elasticsearch FTP HTTP IEC 104 MemcachedRead More

Rdesktop – Open Source Client for Microsoft’s RDP protocol

rdesktop is an open source client for Microsoft’s RDP protocol. It is known to work with Windows versions ranging from NT 4 Terminal Server to Windows 2012 R2 RDS. rdesktop currently has implemented the RDP version 4 and 5 protocols. Installation rdesktop uses a GNU-style build procedure. Typically all that is necessary to install rdesktopRead More

BruteLoops – Protocol Agnostic Online Password Guessing API

A dead simple library providing the foundational logic for efficient password brute force attacks against authentication interfaces. See various Wiki sections for more information. A “modular” example is included with the library that demonstrates how to use this package. It’s fully functional and provides multiple brute force modules. Below is a sample of its capabilities:Read More