Chalumeau is automated,extendable and customizable credential dumping tool based on powershell and python. Main Features Write your own Payloads In-Memory execution Extract Password List Dashboard reporting / Web Interface Parsing Mimikatz Dumping Tickets Screenshots Known Issues Parsing Mimikatz dcsync (working on fix) Bypassing Antivirus and EDRs , you will need to maintain your payloads TODORead More
A tool for UEFI firmware reverse engineering. UEFI firmware analysis with uefi_retool.py scriptUsage: Copy ida_plugin/uefi_analyser.py script and ida_plugin/uefi_analyser directory to IDA plugins directory Edit config.json file PE_DIR is a directory that contains all executable images from the UEFI firmware DUMP_DIR is a directory that contains all components from the firmware filesystem LOGS_DIR is a directoryRead More
Network reconnaisance tool that sniffs for active hosts IntroductionNetenum passively monitors the ARP traffic on the network. It extracts basic data about each active host, such as IP address, MAC address and manufacturer. The main objective of this tool is to find active machines without generating too much noise.Features Provides basic information about the network,Read More
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report. Example report DocumentationFor full documentation, please visit the project on ReadTheDocs. Installation Cheat sheet Example report OverviewCloudsplaining identifies violations of least privilege in AWS IAM policies and generates a pretty HTML report with a triageRead More
A tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating systems. dazzleUP detects the following vulnerabilities.Exploit ChecksThe first feature of dazzleUP is that it uses Windows Update Agent API instead of WMI (like others) when finding missing patches. dazzleUP checks the following vulnerabilities. DCOM/NTLM Reflection (Rotten/Juicy Potato)Read More
uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on.uDork does NOT make attacks against any server, it only uses predefined dorks and/or official lists from exploit-db.com (Google Hacking Database: https://www.exploit-db.com/google-hacking-database).New functionalRead More
Oralyzer, a simple python script, capable of identifying the open redirection vulnerability in a website. It does that by fuzzing the url i.e. provided as the input. FeaturesOralyzer can identify different types of Open Redirect Vulnerabilities : Header Based Javascript Based Meta Tag Based InstallationOralyzer is built with python3.6 and hence aforesaid version would beRead More
commit-stream drinks commit logs from the Github event firehose exposing the author details (name and email address) associated with Github repositories in real time.OSINT / Recon uses for Redteamers / Bug bounty hunters: Uncover repositories which employees of a target company is commiting code (filter by email domain) Identify repositories belonging to an individual (filterRead More
Security Tool for Reconnaissance and Information Gathering on a website. (python 2.x & 3.x)This script use “WafW00f” to detect the WAF in the first step (https://github.com/EnableSecurity/wafw00f)This script use “Sublist3r” to scan subdomains (https://github.com/aboul3la/Sublist3r)This script use “waybacktool” to check in waybackmachine (https://github.com/Rhynorater/waybacktool)Features URL fuzzing and dir/file detection Test backup/old file on all the files found (index.php.bak,Read More
Quiver is the tool to manage all of your tools. It’s an opinionated and curated collection of commands, notes and scripts for bug bounty hunting and penetration testing. Features ZSH / Oh-My-ZSH shell plugin Tab auto-completion Global variables Prefills the command line, doesn’t hide commands from you Built-in logbook for on-the-fly notes, saving commands RendersRead More
