Ligolo-Ng – An Advanced, Yet Simple, Tunneling/Pivoting Tool That Uses A TUN Interface

An advanced, yet simple, tunneling tool that uses a TUN interface. by TNP IT Security Introduction Ligolo-ng is a simple, lightweight and fast tool that allows pentesters to establish tunnels from a reverse TCP/TLS connection without the need of SOCKS. Features Tun interface (No more SOCKS!) Simple UI with agent selection and network information EasyRead More

Paragon – Red Team Engagement Platform With The Goal Of Unifying Offensive Tools Behind A Simple UI

Paragon is a Red Team engagement platform. It aims to unify offensive tools behind a simple UI, abstracting much of the backend work to enable operators to focus on writing implants and spend less time worrying about databases and css. The repository also provides some offensive tools already integrated with Paragon that can be usedRead More

Invoke-Stealth – Simple And Powerful PowerShell Script Obfuscator

Invoke-Stealth is a Simple & Powerful PowerShell Script Obfuscator. This tool helps you to automate the obfuscation process of any script written in PowerShell with different techniques. You can use any of them separately, together or all of them sequentially with ease, from Windows or Linux. Requirements Powershell 4.0 or higher Bash* Python 3* *RequiredRead More

Reproxy – Simple Edge Server / Reverse Proxy

Reproxy is a simple edge HTTP(s) server / reverse proxy supporting various providers (docker, static, file). One or more providers supply information about requested server, requested url, destination url and health check url. Distributed as a single binary or as a docker container. Automatic SSL termination with Let’s Encrypt Support of user-provided SSL certificates SimpleRead More

Fake-Sms – A Simple Command Line Tool Using Which You Can Skip Phone Number Based SMS Verification By Using A Temporary Phone Number That Acts Like A Proxy

A simple command line tool using which you can skip phone number based SMS verification by using a temporary phone number that acts like a proxy. Note-1: This is just an experimental tool, do not use this in any banking transactions. Unethical use of this tool is strictly not encouraged.” Note-2: The tool uses upmasked,Read More

PE-Packer – A Simple Windows X86 PE File Packer Written In C And Microsoft Assembly

PE-Packer is a simple packer for Windows PE files. The new PE file after packing can obstruct the process of reverse engineering. It will do the following things when packing a PE file: Transforming the original import table. Encrypting sections. Clearing section names. Installing the shell-entry. When running a packed PE file, the shell-entry willRead More

ShellShockHunter – It’s A Simple Tool For Test Vulnerability Shellshock

It’s a simple tool for test vulnerability shellshock Autor: MrCl0wnBlog: http://blog.mrcl0wn.comGitHub: https://github.com/MrCl0wnLabTwitter: https://twitter.com/MrCl0wnLabEmail: [email protected] Shellshock (software bug) Shellshock, also known as Bashdoor, is a family of security bugs in the Unix Bash shell, the first of which was disclosed on 24 September 2014. Shellshock could enable an attacker to cause Bash to execute arbitrary commandsRead More

JWT Key ID Injector – Simple Python Script To Check Against Hypothetical JWT Vulnerability

Simple python script to check against hypothetical JWT vulnerability. Let’s say there is an application that uses JWT tokens signed HS256 algorithm. An example token looks like the follow: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.zbgd5BNF1cqQ_prCEqIvBTjSxMS8bDLnJAE_wE-0Cxg Above token can be decoded to the following data: { “alg”: “HS256”, “typ”: “JWT”}{ “sub”: “1234567890”, “name”: “John Doe”, “iat”: 1516239022} To calculate signature theRead More

Reconftw – Simple Script For Full Recon

This is a simple script intended to perform a full recon on an objective with multiple subdomains tl;dr Requires Go Run ./install.sh before first run (apt, rpm, pacman compatible) git clone https://github.com/six2dez/reconftwcd reconftwchmod +x *.sh./install.sh./reconftw.sh -d target.com -a Features Tools checker Google Dorks (based on deggogle_hunter) Subdomain enumeration (passive, resolution, bruteforce and permutations) Sub TKORead More

X