PatchChecker – Web-based Check For Windows Privesc Vulnerabilities

This is the code base for the service running on: https://patchchecker.com. In short, PatchChecker is a web application (running on flask) that provides output similar to that of Watson. However by using PatchChecker, one is not required to execute a binary on the target machine. Included in this project is also a web scraper thatRead More

CRLFMap – A Tool To Find HTTP Splitting Vulnerabilities

CRLFMap is a tool to find HTTP Splitting vulnerabilities Why? I wanted to write a tool in Golang for concurrency I wanted to be able to fuzz both parameters and paths Installation go get github.com/ryandamour/crlfmap Help Available Commands: help Help about any command scan A scanner for all your CRLF needsFlags: -h, –help help forRead More

DockerENT – The Only Open-Source Tool To Analyze Vulnerabilities And Configuration Issues With Running Docker Container(S) And Docker Networks

DockerENT is activE ruNtime application security scanning Tool (RAST tool) and framework which is pluggable and written in python. It comes with a CLI application and clean Web Interface written with StreamLit.DockerENT has been designed keeping in mind that during deployments there weak configurations which may get sticky in production deployments as well and canRead More

Safety – Check Your Installed Dependencies For Known Security Vulnerabilities

Safety checks your installed dependencies for known security vulnerabilities.By default it uses the open Python vulnerability database Safety DB, but can be upgraded to use pyup.io’s Safety API using the –key option.InstallationInstall safety with pip. Keep in mind that we support only Python 3.5 and up. Look at Python 2.7 section at the end ofRead More

Bluescan – A Powerful Bluetooth Scanner For Scanning BR/LE Devices, LMP, SDP, GATT And Vulnerabilities!

Bluescan is a open source project by Sourcell Xu from DBAPP Security HatLab. Anyone may redistribute copies of bluescan to anyone under the terms stated in the GPL-3.0 license. This document is also available in Chinese. See README-Chinese.md Aren’t the previous Bluetooth scanning tools scattered and in disrepair? So we have this powerful Bluetooth scanner basedRead More

dazzleUP – A Tool That Detects The Privilege Escalation Vulnerabilities Caused By Misconfigurations And Missing Updates In The Windows OS

A tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating systems. dazzleUP detects the following vulnerabilities.Exploit ChecksThe first feature of dazzleUP is that it uses Windows Update Agent API instead of WMI (like others) when finding missing patches. dazzleUP checks the following vulnerabilities. DCOM/NTLM Reflection (Rotten/Juicy Potato)Read More

hackerEnv – An Automation Tool That Quickly And Easily Sweep IPs And Scan Ports, Vulnerabilities And Exploit Them

hackerEnv is an automation tool that quickly and easily sweep IPs and scan ports, vulnerabilities and exploit them. Then, it hands you an interactive shell for further testing. Also, it generates HTML and docx reports. It uses other tools such as nmap, nikto, metasploit and hydra. Works in kali linux and Parrot OS. Do notRead More

Tsunami – A General Purpose Network Security Scanner With An Extensible Plugin System For Detecting High Severity Vulnerabilities With High Confidence

Tsunami is a general-purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.To learn more about Tsunami, visit our documentations.Tsunami relies heavily on its plugin system to provide basic scanning capabilities. All publicly available Tsunami plugins are hosted in a separate google/tsunami-security-scanner-plugins repository.Current Status Currently Tsunami is in ‘pre-alpha’ releaseRead More

Shodanfy.py – Get Ports, Vulnerabilities, Informations, Banners, ..Etc For Any IP With Shodan (No Apikey! No Rate-Limit!)

Get ports,vulnerabilities,informations,banners,..etc for any IP with Shodan (no apikey! no rate limit!)Usage # python3 shodanfy.py <ip> [OPTIONS] e.g: python3 shodanfy.py 111.111.111.111 python3 shodanfy.py 111.111.111.111 –getports python3 shodanfy.py 111.111.111.111 –getvuln python3 shodanfy.py 111.111.111.111 –getinfo python3 shodanfy.py 111.111.111.111 –getmoreinfo python3 shodanfy.py 111.111.111.111 –getbanner python3 shodanfy.py 111.111.111.111 –getports –getvuln python3 shodanfy.py 111.111.111.111 –proxy 127.0.0.1:8080# support pipeline, –stdin optionRead More

RMIScout – Wordlist And Bruteforce Strategies To Enumerate Java RMI Functions And Exploit RMI Parameter Unmarshalling Vulnerabilities

RMIScout performs wordlist and bruteforce attacks against exposed Java RMI interfaces to safely guess method signatures without invocation.On misconfigured servers, any known RMI signature using non-primitive types (e.g., java.lang.String), can be exploited by replacing the object with a serialized payload. This is a fairly common misconfiguration (e.g., VMWare vSphere Data Protection + vRealize Operations Manager,Read More

X