SQLiDetector – Helps You To Detect SQL Injection "Error Based" By Sending Multiple Requests With 14 Payloads And Checking For 152 Regex Patterns For Different Databases

Simple python script supported with BurpBouty profile that helps you to detect SQL injection “Error based” by sending multiple requests with 14 payloads and checking for 152 regex patterns for different databases. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-| S|Q|L|i| |D|e|t|e|c|t|o|r|| Coded By: Eslam Akl @eslam3kll & Khaled Nassar @knassar702| Version: 1.0.0| Blog: eslam3kl.medium.com+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- Description The main idea for the toolRead More

goCabrito – Super Organized And Flexible Script For Sending Phishing Campaigns

Super organized and flexible script for sending phishing campaigns. Features Sends to a single email Sends to lists of emails (text) Sends to lists emails with first, last name (csv) Supports attachments Splits emails in groups Delays sending emails between each group Support Tags to be placed and replaced in the message’s body Add {{name}}Read More

CamPhish – Grab Cam Shots From Target’S Phone Front Camera Or PC Webcam Just Sending A Link.

Grab cam shots from target’s phone front camera or PC webcam just sending a link.  What is CamPhish? CamPhish is techniques to take cam shots of target’s phone fornt camera or PC webcam. CamPhish Hosts a fake website on in built PHP server and uses ngrok & serveo to generate a link which we willRead More

Turbo-Intruder – A Burp Suite Extension For Sending Large Numbers Of HTTP Requests And Analyzing The Results

Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results. It’s intended to complement Burp Intruder by handling attacks that require exceptional speed, duration, or complexity. The following features set it apart: Fast – Turbo Intruder uses a HTTP stack hand-coded from scratch with speed in mind.Read More

DNSteal v2.0 – DNS Exfiltration Tool For Stealthily Sending Files Over DNS Requests

This is a fake DNS server that allows you to stealthily extract files from a victim machine through DNS requests.Below are a couple of different images showing examples of multiple file transfer and single verbose file transfer: Support for multiple files Gzip compression supported Now supports the customisation of subdomains and bytes per subdomain andRead More