Scylla – The Simplistic Information Gathering Engine | Find Advanced Information On A Username, Website, Phone Number, Etc…

Scylla is an OSINT tool developed in Python 3.6. Scylla lets users perform advanced searches on Instagram & Twitter accounts, websites/webservers, phone numbers, and names. Scylla also allows users to find all social media profiles (main platforms) assigned to a certain username. In continuation, Scylla has shodan support so you can search for devices allRead More

XSS-Scanner – XSS Scanner That Detects Cross-Site Scripting Vulnerabilities In Website By Injecting Malicious Scripts

Cross-Site Scripting (XSS) is one of the most well known web application vulnerabilities. It even has a dedicated chapter in the OWASP Top 10 project and it is a highly chased vulnerability in bug bounty programs. The scanner gets a link from the user and scan the website for XSS vulnerability by injecting malicious scriptsRead More

Slipstream – NAT Slipstreaming Allows An Attacker To Remotely Access Any TCP/UDP Services Bound To A Victim Machine, Bypassing The Victim’s NAT/firewall, Just By The Victim Visiting A Website

NAT Slipstreaming allows an attacker to remotely access any TCP/UDP services bound to a victim machine, bypassing the victim’s NAT/firewall (arbitrary firewall pinhole control), just by the victim visiting a website. Developed by: @SamyKamkar // https://samy.pl Released: October 31, 2020 Source code: https://github.com/samyk/slipstream   animated version here generated with my fork of draw.io, allowing exportable edgeRead More

Admin-Scanner – This Tool Is Design To Find Admin Panel Of Any Website By Using Custom Wordlist Or Default Wordlist Easily

Website Admin Panel Finder How To Install (Linux/pc) sudo apt install python3 sudo apt install python3-pip sudo apt install git git clone https://github.com/alienwhatever/Admin-Scanner.git cd Admin-Scanner How to Install (Termux/Android) pkg update && pkg upgrade pkg install python3 pkg install git git clone https://github.com/alienwhatever/Admin-Scanner.git cd Admin-Scanner pip3 install -r requirement.txt Usage author: alienwhatevercredit github.com/bdblackhat for list.txtorginal-source-of-list.txtRead More

Urlgrab – A Golang Utility To Spider Through A Website Searching For Additional Links

A golang utility to spider through a website searching for additional links with support for JavaScript rendering. Install go get -u github.com/iamstoxe/urlgrab Features Customizable Parallelism Ability to Render JavaScript (including Single Page Applications such as Angular and React) Usage Usage of urlgrab: -cache-dir string Specify a directory to utilize caching. Works between sessions as well.Read More

HawkScan – Security Tool For Reconnaissance And Information Gathering On A Website. (Python 2.X &Amp; 3.X)

Security Tool for Reconnaissance and Information Gathering on a website. (python 2.x & 3.x)This script use “WafW00f” to detect the WAF in the first step (https://github.com/EnableSecurity/wafw00f)This script use “Sublist3r” to scan subdomains (https://github.com/aboul3la/Sublist3r)This script use “waybacktool” to check in waybackmachine (https://github.com/Rhynorater/waybacktool)Features URL fuzzing and dir/file detection Test backup/old file on all the files found (index.php.bak,Read More

EvilApp – Phishing Attack Using An Android App To Grab Session Cookies For Any Website (ByPass 2FA)

Man-in-the-middle phishing attack using an Android app to grab session cookies for any website, which in turn allows to bypass 2-factor authentication protection. EvilApp brings as an example the hijacking and injection of cookies for authenticated instagram sessions.Legal disclaimer:Usage of EvilApp for attacking targets without prior mutual consent is illegal. It’s the end user’s responsibilityRead More

URLBrute – Tool To Brute Website Sub-Domains And Dirs

What is thisURLBrute is a tool to help you brute forcing website sub-domains and dirs.Can be used with python3 and python2.Dependencies urlbrute.py requests >= 2.21.0 bs4 >= 0.0.1 datetime >= 4.3 How to installIn Linux: chmod +x install.shsudo ./install.sh In Windows, install python 3.7, then run cmd as administrator: install.bat CreditsCredits to danTaler who createdRead More

X