This is a Proof Of Concept application that demostrates how AI can be used to generate accurate results for vulnerability analysis and also allows further utilization of the already super useful ChatGPT. Requirements Python 3.10 All the packages mentioned in the requirements.txt file OpenAi api Usage First Change the “API__KEY” part of the code withRead More
Dismember is a command-line toolkit for Linux that can be used to scan the memory of all processes (or particular ones) for common secrets and custom regular expressions, among other things. It will eventually become a full /proc toolkit. Using the grep command, it can match a regular expression across all memory for all (accessible)Read More
Appshark is a static taint analysis platform to scan vulnerabilities in an Android app. Prerequisites Appshark requires a specific version of JDK — JDK 11. After testing, it does not work on other LTS versions, JDK 8 and JDK 16, due to the dependency compatibility issue. Building/Compiling AppShark We assume that you are working inRead More
What is scan4all: integrated vscan, nuclei, ksubdomain, subfinder, etc., fully automated and intelligent。red team tools Code-level optimization, parameter optimization, and individual modules, such as vscan filefuzz, have been rewritten for these integrated projects. In principle, do not repeat the wheel, unless there are bugs, problems Cross-platform: based on golang implementation, lightweight, highly customizable, open source,Read More
A python script to scan for Apache Tomcat server vulnerabilities. Features Multithreaded workers to search for Apache tomcat servers. Multiple target source possible: Retrieving list of computers from a Windows domain through an LDAP query to use them as a list of targets. Reading targets line by line from a file. Reading individual targets (IP/DNS/CIDR)Read More
A fast tool to scan SAAS,PAAS App written in Go SAAS App Support : salesforce contentful (next version) Note flag -o output not working install : golang 1.18Ver go install -v github.com/Ph33rr/cirrusgo/cmd/[email protected] install -v github.com/Ph33rr/CirrusGo/cmd/[email protected] Help: cirrusgo –help ______ _ ______ / ____/(_)_____ _____ __ __ _____ / ____/____/ / / // ___// ___// /Read More
Scan for publicly accessible assets on your AWS environment Services covered by this tool: AWS ELB API Gateway S3 Buckets RDS Databases EC2 instances Redshift Databases Poro also check if a tag you specify is applied to identified public resources using –tag-key and –tag-value arguments. Prequisites AWS account with Read Only Access to services listedRead More
Check the Spanish Version Dome is a fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports. This tool is recommended for bug bounty hunters and pentester in their reconnaissance phase. the more surface area exposed the faster a rock with break down If you wantRead More
EDRHunt scans Windows services, drivers, processes, registry for installed EDRs (Endpoint Detection And Response). Read more about EDRHunt here. Install Binary Download the latest release from the release section. Releases are built for windows/amd64. Go Requires Go to be installed on system. Tested on Go1.17+. go install github.com/FourCoreLabs/EDRHunt/cmd/[email protected] Usage Find installed EDRs $ .EDRHunt.exe scan[EDR]DetectedRead More
dokrscout is a tool to automate the finding of vulnerable applications or secret files around the internet throught google searches, dorkscout first starts by fetching the dorks lists from https://www.exploit-db.com/google-hacking-database and then it scans a given target or everything it founds Installation dorkscout can be installed in different ways: Go Packages throught Golang Packages (golangRead More
