NTLMRawUnHide – A Python3 Script Designed To Parse Network Packet Capture Files And Extract NTLMv2 Hashes In A Crackable Format

NTLMRawUnhide.py is a Python3 script designed to parse network packet capture files and extract NTLMv2 hashes in a crackable format. The tool was developed to extract NTLMv2 hashes from files generated by native Windows binaries like NETSH.EXE and PKTMON.EXE without conversion. The following binary network packet capture formats are supported: *.pcap *.pcapng *.cap *.etl UsageRead More

Mail-Swipe – Script To Create Temporary Email Addresses And Receive Emails

Mail Swipe is a python script that helps you to create temporary email addresses and receive emails at that address. It uses the API provided by 1secmail to create emails addresses and fetch emails. You can either generate your own email address or you can generate a random email address using this script. Once youRead More

Chimera – PowerShell Obfuscation Script Designed To Bypass AMSI And Commercial Antivirus Solutions

Chimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and antivirus solutions. It digests malicious PS1’s known to trigger AV and uses string substitution and variable concatenation to evade common detection signatures.Chimera was created for this write-up and is further evidence of how trivial it is to bypass detection signatures.Read More

Arcane – A Simple Script Designed To Backdoor iOS Packages (Iphone-Arm) And Create The Necessary Resources For APT Repositories

Arcane is a simple script designed to backdoor iOS packages (iphone-arm) and create the necessar y resources for APT repositories. It was created for this publication to help illustrate why Cydia repositories can be dangerous and what post-exploitation attacks are possible from a compromised iOS device.How Arcane works…To understand what’s happening in the GIF, decompressRead More

Autoenum – Automatic Service Enumeration Script

Autoenum is a recon tool which performs automatic enumeration of services discovered. I built this to save some time during CTFs and pen testing environments (i.e. HTB, VulnHub, OSCP) and draws a bit from a number of existing tools including AutoRecon (https://github.com/Tib3rius/AutoRecon), Auto-Recon (https://github.com/Knowledge-Wisdom-Understanding/Auto-Recon), and nmapautomator (https://github.com/21y4d/nmapAutomator). Could also be used in a real-life pentestingRead More

WiFi Passview v4.0 – An Open Source Batch Script Based WiFi Passview For Windows!

WiFi Passview is an open-source batch script-based program that can recover your WiFi Password easily in seconds. This is for Windows OS only. Basically, this scripted program has the same function as other passview software such as webpassview and mailpassview. Visit WikiDisclaimer: WiFi Passview is NOT designed for malicious use! Please use this program responsibly!HowRead More

Zip Cracker – Python Script To Crack Zip Password With Dictionary Attack And Also Use Crunch As Pipeline

This Script Supports Only Zip File in This VersionYou Can Also Use This Script With crunchCross-platform SupportedUsage: zipcracker.py [options] Options: –version show program’s version number and exit -h, –help show this help message and exit -f FILENAME, –file=FILENAME Please Specify Path of Zip File -d DICTIONERY, –dict=DICTIONERY Please Specify Path of Dictionery. -o OUTPUT, –output=OUTPUTRead More

DroidTracker – Script To Generate An Android App To Track Location In Real Time

Script to generate an Android App to track location in real time Features: Custom App Name 2 Port Forwarding options (Ngrok or using SSH Tunneling with Serveo.net) Obfuscated URL by Tinyurl Fully Undetectable Legal disclaimer:Usage of DroidTracker for attacking targets without prior mutual consent is illegal. It’s the end user’s responsibility to obey all applicableRead More

SecretFinder – A Python Script For Find Sensitive Data (Apikeys, Accesstoken, JWT…) And Search Anything On Javascript Files

SecretFinder is a python script based on LinkFinder, written to discover sensitive data like apikeys, accesstoken, authorizations, jwt,..etc in JavaScript files. It does so by using jsbeautifier for python in combination with a fairly large regular expression. The regular expressions consists of four small regular expressions. These are responsible for finding and search anything onRead More

URLCADIZ – A Simple Script To Generate A Hidden Url For Social Engineering

A simple script to generate a hidden url for social engineering.Legal disclaimer:Usage of URLCADIZ for attacking targets without prior mutual consent is illegal. It’s the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program InstallingRead More

X