Let’s start with a comparison between one thing and another, typically for the purpose of explanation or clarification.
A bricklayer with many years of experience goes to a land to perform a job. He knows the tools at his disposal. When he needs to dig the ground to make foundation, for example...
1. SORM - official wiretapping
The most obvious way is official wiretapping by the state.
In many parts of the world, telephone companies are required to provide access to wiretapping lines for the competent authorities. For example, in Russia, in practice, this is done technically through SORM...
Ditto - A Tool For IDN Homograph Attacks And Detection
Ditto is a small tool that accepts a domain name as input and generates all its variants for an homograph attack as output, checking which ones are available and which are already registered.
PoC domains
https://tᴡitter.com/...
Phpvuln - Audit Tool To Find Common Vulnerabilities In PHP Source Code
phpvuln is an open source OWASP penetration testing tool written in Python 3, that can speed up the the process of finding common PHP vulnerabilities in PHP code, i.e. command injection, local/remote file inclusion and...
Satellite - Easy-To-Use Payload Hosting
Satellite is an web payload hosting service which filters requests to ensure the correct target is getting a payload. This can also be a useful service for hosting files that should be only accessed in very specific circumstances.
Quickstart Guide...
WSuspicious
Summary
This is a proof of concept program to escalate privileges on a Windows host by abusing WSUS. Details in this blog post: WSUS Attacks Part 2: CVE-2020-1013 a Windows 10 Local Privilege Escalation 1-Day | GoSecure It was inspired from the WSuspect proxy project...
Arbitrium is a cross-platform is a remote access trojan (RAT), Fully UnDetectable (FUD), It allows you to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding. It gives access to the local networks, you can use the targets as a HTTP proxy and access...
PostShell is a post-exploitation shell that includes both a bind and a back connect shell. It creates a fully interactive TTY which allows for job control. The stub size is around 14kb and can be compiled on any Unix like system.
Why not use a traditional Backconnect/Bind Shell?
PostShell...
Weapons
OS
Type
Name
Description
All
Analysis
RMS-Runtime-Mobile-Security
Runtime Mobile Security (RMS) - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
All
Analysis
scrounger
Mobile application testing toolkit
All
Proxy
BurpSuite
The...
man in the middle (mitm) server for security audits supporting public key authentication, session hijacking and file manipulation
Redirect/mirror Shell to another ssh client supported in 0.2.8
Replace File in SCP supported in 0.2.6
Replace File in SFTP supported in 0.2.3
Transparent proxy...
The attacker was engaged in extortion, blocking the operation of computer systems using malware.
The Uraisk City Court of the Khanty-Mansiysk Autonomous Okrug-Ugra sentenced a Russian citizen who engaged in cyber fraud on the territory of the Republic of Belarus to two years in prison...
ProtOSINT is a Python script that helps you investigate ProtonMail accounts and ProtonVPN IP addresses.
Description
This tool can help you in your OSINT investigation on Proton service (for educational purposes only).
ProtOSINT is separated in 3 sub-modules:
[1] Test the validity of one...
sigurls is a reconnaissance tool, it fetches URLs from AlienVault's OTX, Common Crawl, URLScan, Github and the Wayback Machine.
Resources
Usage
Installation
From Binary
From source
From github
Post Installtion
Contribution
Usage
To display help message for sigurls use the -h flag:
$...
Installation
The operating system must have python3, python3.7 or higher is recommended
Installation dependency
pip3 install -r requirements.txt
Linux & MacOS & Windows
python3 vulmap.py -u http://example.com
Options
optional arguments:
-h, --help show this help message and exit
-u URL...
A small contribution to community :)
We use all these tools in security assessments and in our vulnerability monitoring service
Check your domain for DNS NS takeover (Repo)
Cache Poisoning (Repo)
XSS via Meta tags (exploitable with cache poisoning) (Repo)
CORS misconfiguration on pages...
UhOh365
A script that can see if an email address is valid in Office365. This does not perform any login attempts, is unthrottled, and is incredibly useful for social engineering assessments to find which emails exist and which don't.
Microsoft does not consider "email enumeration" a...
Watcher is a Django & React JS automated platform for discovering new potentially cybersecurity threats targeting your organisation.
It should be used on webservers and available on Docker.
Watcher capabilities
Detect emerging vulnerability, malware using social network & other RSS sources...
XSS Scanner
Cross-Site Scripting (XSS) is one of the most well known web application vulnerabilities. It even has a dedicated chapter in the OWASP Top 10 project and it is a highly chased vulnerability in bug bounty programs.
The scanner gets a link from the user and scan the website for XSS...