Chalumeau – Automated, Extendable And Customizable Credential Dumping Tool

Chalumeau is automated,extendable and customizable credential dumping tool based on powershell and python. Main Features Write your own Payloads In-Memory execution Extract Password List Dashboard reporting / Web Interface Parsing Mimikatz Dumping Tickets Screenshots Known Issues Parsing Mimikatz dcsync (working on fix) Bypassing Antivirus and EDRs , you will need to maintain your payloads TODORead More

UEFI_RETool – A Tool For UEFI Firmware Reverse Engineering

A tool for UEFI firmware reverse engineering. UEFI firmware analysis with uefi_retool.py scriptUsage: Copy ida_plugin/uefi_analyser.py script and ida_plugin/uefi_analyser directory to IDA plugins directory Edit config.json file PE_DIR is a directory that contains all executable images from the UEFI firmware DUMP_DIR is a directory that contains all components from the firmware filesystem LOGS_DIR is a directoryRead More

Netenum – A Tool To Passively Discover Active Hosts On A Network

Network reconnaisance tool that sniffs for active hosts IntroductionNetenum passively monitors the ARP traffic on the network. It extracts basic data about each active host, such as IP address, MAC address and manufacturer. The main objective of this tool is to find active machines without generating too much noise.Features Provides basic information about the network,Read More

Cloudsplaining – An AWS IAM Security Assessment Tool That Identifies Violations Of Least Privilege And Generates A Risk-Prioritized Report

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report. Example report DocumentationFor full documentation, please visit the project on ReadTheDocs. Installation Cheat sheet Example report OverviewCloudsplaining identifies violations of least privilege in AWS IAM policies and generates a pretty HTML report with a triageRead More

dazzleUP – A Tool That Detects The Privilege Escalation Vulnerabilities Caused By Misconfigurations And Missing Updates In The Windows OS

A tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating systems. dazzleUP detects the following vulnerabilities.Exploit ChecksThe first feature of dazzleUP is that it uses Windows Update Agent API instead of WMI (like others) when finding missing patches. dazzleUP checks the following vulnerabilities. DCOM/NTLM Reflection (Rotten/Juicy Potato)Read More

uDork – Tool That Uses Advanced Google Search Techniques To Obtain Sensitive Information In Files Or Directories, Find IoT Devices, Detect Versions Of Web Applications, And So On

uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on.uDork does NOT make attacks against any server, it only uses predefined dorks and/or official lists from exploit-db.com (Google Hacking Database: https://www.exploit-db.com/google-hacking-database).New functionalRead More

Oralyzer – Tool To Identify Open Redirection

Oralyzer, a simple python script, capable of identifying the open redirection vulnerability in a website. It does that by fuzzing the url i.e. provided as the input. FeaturesOralyzer can identify different types of Open Redirect Vulnerabilities : Header Based Javascript Based Meta Tag Based InstallationOralyzer is built with python3.6 and hence aforesaid version would beRead More

Commit Stream – OSINT Tool For Finding Github Repositories By Extracting Commit Logs In Real Time From The Github Event API

commit-stream drinks commit logs from the Github event firehose exposing the author details (name and email address) associated with Github repositories in real time.OSINT / Recon uses for Redteamers / Bug bounty hunters: Uncover repositories which employees of a target company is commiting code (filter by email domain) Identify repositories belonging to an individual (filterRead More

HawkScan – Security Tool For Reconnaissance And Information Gathering On A Website. (Python 2.X &Amp; 3.X)

Security Tool for Reconnaissance and Information Gathering on a website. (python 2.x & 3.x)This script use “WafW00f” to detect the WAF in the first step (https://github.com/EnableSecurity/wafw00f)This script use “Sublist3r” to scan subdomains (https://github.com/aboul3la/Sublist3r)This script use “waybacktool” to check in waybackmachine (https://github.com/Rhynorater/waybacktool)Features URL fuzzing and dir/file detection Test backup/old file on all the files found (index.php.bak,Read More

Quiver – Tool To Manage All Of Your Tools For Bug Bounty Hunting And Penetration Testing

Quiver is the tool to manage all of your tools. It’s an opinionated and curated collection of commands, notes and scripts for bug bounty hunting and penetration testing. Features ZSH / Oh-My-ZSH shell plugin Tab auto-completion Global variables Prefills the command line, doesn’t hide commands from you Built-in logbook for on-the-fly notes, saving commands RendersRead More

X