EternalBlueC – EternalBlue Suite Remade In C/C++ Which Includes: MS17-010 Exploit, EternalBlue Vulnerability Detector, DoublePulsar Detector And DoublePulsar Shellcode & DLL Uploader

[*]EternalBlue suite remade in C which includes: MS17-010 Exploit, EternalBlue/MS17-010 vulnerability detector, DoublePulsar detector and DoublePulsar UploadDLL & Shellcode[*] ms17_vuln_status.cpp – This program sends 4 SMB packets. 1 negociation packet and 3 requests. This program reads the NT_STATUS response from a TransNamedPipeRequest ( PeekNamedPipe request ) and determines if NT_STATUS = 0xC0000205 ( STATUS_INSUFF_SERVER_RESOURCES ).Read More

FinDOM-XSS – A Fast DOM Based XSS Vulnerability Scanner With Simplicity

FinDOM-XSS is a tool that allows you to finding for possible and/ potential DOM based XSS vulnerability in a fast manner.Installation $ git clone https://github.com/dwisiswant0/findom-xss.git Dependencies: LinkFinder ConfigurationChange the value of LINKFINDER variable (on line 3) with your main LinkFinder file. UsageTo run the tool on a target, just use the following command. $ ./findom-xss.shRead More

Sifter 7.4 – OSINT, Recon & Vulnerability Scanner

Sifter is a osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the ‘blue’ vulnerabilities within microsft and if unpatched, exploit them. It uses tools like blackwidow and konan for webdirRead More

TokenBreaker – JSON RSA To HMAC And None Algorithm Vulnerability POC

[*] Token Breaker is focused on 2 particular vulnerability related to JWT tokens. None Algorithm RSAtoHMAC Refer to this link about insights of the vulnerability and how an attacker can forge the tokensTry out this vulnerability hereTheNone Usage usage: TheNone.py [-h] -t TOKENTokenBreaker: 1.TheNoneAlgorithmoptional arguments: -h, –help show this help message and exitrequired arguments: -tRead More

Purify – All-in-one Tool For Managing Vulnerability Reports From AppSec Pipelines

All-in-one tool for managing vulnerability reports WhyThe goal of Purify to be an easy-in-use and efficient tool to simplify a workflow of managing vulnerabilities delivered from various tools.Purify is designed to analyze the report of any tool, if the report is in JSON or XML format. This means you don’t need any special plug-ins toRead More

Faraday v3.11 – Collaborative Penetration Test and Vulnerability Management Platform

This new release brings strong improvements to your security team’s daily performance, allowing them to operate quicker and smarter by increasing accessibility and stabilizing usual functionality. Major enhancements are focused on providing global visualization of findings, improvements on our API allowing better 3rd party integrations, and outstanding tailoring of the results with our new methodsRead More

BlackDir-Framework – Web Application Vulnerability Scanner

Web Application Vulnerability Scanner. Spider Directories Find Sub Domain Advanced Dorks Search Scan list of Dorks Scan WebSites [Xss,Sql] Reverse Ip Lookup Port Scan Installation: git clone https://github.com/RedVirus0/BlackDir-Framework.gitcd BlackDirpip3 install -r requirements.txtpython3 BlackDir.py Download BlackDir-Framework

Tentacle – A POC Vulnerability Verification And Exploit Framework

Tentacle is a POC vulnerability verification and exploit framework. It supports free extension of exploits and uses POC scripts. It supports calls to zoomeye, fofa, shodan and other APIs to perform bulk vulnerability verification for multiple targets. (Still in DEV…)Install pip3 install -r requestment.txt UsageWhen you run it for the first time, the configuration fileRead More

R00Kie-Kr00Kie – PoC Exploit For The CVE-2019-15126 Kr00K Vulnerability

[*] DisclaimerThis is a PoC exploit for the CVE-2019-15126 kr00k vulnerability.This project is intended for educational purposes only and cannot be used for law violation or personal gain.The author of this project is not responsible for any possible harm caused by the materials. RequirementsTo use these scripts, you will need a WiFi card supporting theRead More

Envizon v3.0 – Network Visualization And Vulnerability Management/Reporting

This tool is designed, developed and supported by evait security. In order to give something back to the security community, we publish our internally used and developed, state of the art network visualization and vulnerability reporting tool, ‘envizon’. We hope your feedback will help to improve and hone it even further.Websitehttps://evait-security.github.io/envizon/ Use CaseWe use envizonRead More

X