Juumla – Tool Designed To Identify And Scan For Version, Config Files In The CMS Joomla!

Juumla is a python tool developed to identify the current Joomla version and scan for readable Joomla config files. Installing / Getting started A quick guide of how to install and use Juumla. 1. Clone the repository – git clone https://github.com/oppsec/juumla.git2. Install the libraries – pip3 install -r requirements.txt3. Run Juumla – python3 main.py -uRead More

DivideAndScan – Divide Full Port Scan Results And Use It For Targeted Nmap Runs

Divide Et Impera And Scan (and also merge the scan results) DivideAndScan is used to efficiently automate port scanning routine by splitting it into 3 phases: Discover open ports for a bunch of targets. Run Nmap individually for each target with version grabbing and NSE actions. Merge the results into a single Nmap report (differentRead More

KubiScan – A Tool To Scan Kubernetes Cluster For Risky Permissions

A tool for scanning Kubernetes cluster for risky permissions in Kubernetes’s Role-based access control (RBAC) authorization model. The tool was published as part of the “Securing Kubernetes Clusters by Eliminating Risky Permissions” research https://www.cyberark.com/threat-research-blog/securing-kubernetes-clusters-by-eliminating-risky-permissions/. Overview KubiScan helps cluster administrators identify permissions that attackers could potentially exploit to compromise the clusters. This can be especially helpfulRead More

CobaltStrikeScan – Scan Files Or Process Memory For CobaltStrike Beacons And Parse Their Configuration

Scan files or process memory for Cobalt Strike beacons and parse their configuration. CobaltStrikeScan scans Windows process memory for evidence of DLL injection (classic or reflective injection) and performs a YARA scan on the target process’ memory for Cobalt Strike v3 and v4 beacon signatures. Alternatively, CobaltStrikeScan can perform the same YARA scan on aRead More

OFFPORT_KILLER – This Tool Aims At Automating The Identification Of Potential Service Running Behind Ports Identified Manually Either Through Manual Scan Or Services Running Locally

#Manual Port Scanning #Enumerate Potential Service If you like the tool and for my personal motivation so as to develop other tools please a +1 star * INTRO This tool aims at automating the identification of potential service running behind ports identified manually or on services running locally only. The tool is useful: 1. whenRead More

CRLFuzz – A Fast Tool To Scan CRLF Vulnerability Written In Go

A fast tool to scan CRLF vulnerability written in Go Installation from Binary The installation is easy. You can download a prebuilt binary from releases page, unpack and run! or with $ curl -sSfL http://git.io/get-crlfuzz | sh -s — -b /usr/local/bin from Source If you have go1.13+ compiler installed and configured: $ GO111MODULE=on go getRead More

Unimap – Scan Only Once By IP Address And Reduce Scan Times With Nmap For Large Amounts Of Data

Scan only once by IP address and reduce scan times with Nmap for large amounts of data. Unimap is an abbreviation of “Unique Nmap Scan“. The tool can run in Linux, OSX, Windows or Android (Termux) without problems. Why? If you have plans to run an Nmap to a whole organization you need to consideerRead More

Scan-For-Webcams – Scan For Webcams In The Internet

Automatically scan for publically accessible webcams around the internet Usage python MJPG.py : for public MJPG streamers around the internet python webcamXP.py : for public webcamXP streamers around the internet The program will output a list of links with the format of ip_address:portIf your terminal supports links, click the link and open it in yourRead More

hackerEnv – An Automation Tool That Quickly And Easily Sweep IPs And Scan Ports, Vulnerabilities And Exploit Them

hackerEnv is an automation tool that quickly and easily sweep IPs and scan ports, vulnerabilities and exploit them. Then, it hands you an interactive shell for further testing. Also, it generates HTML and docx reports. It uses other tools such as nmap, nikto, metasploit and hydra. Works in kali linux and Parrot OS. Do notRead More

GoGhost – High Performance, Lightweight, Portable Open Source Tool For Mass SMBGhost Scan

GoGhost is a High Performance, lightweight, portable Open Source tool for mass SMBGhost Scan.InstallationYou can download Windows Binary or Linux Binary. Alternatively, GoGhost uses native Golang libraries so the line above would be fine to compile it: go build GoGhost.go Usage Options GoGhost Scanned 25,000 IP addresses in less than 3 seconds, NMAP took moreRead More

X