ShodanHat – Search for hosts info with Shodan


DOWNLOAD SHODANHAT Credits: HatBashBR Dependencies You need to install shodan with pip install shodan or easy_install shodan. You need to install python-nmap with pip install python-nmap. You need to set your API Key in the ‘’ file. Options -h, –help show this help message and exit -i IP, –ip=IP info about one host -l … Read more

Gattacker – A Node.js package for BLE (Bluetooth Low Energy) security assessment

A Node.js package for BLE (Bluetooth Low Energy) security assessment using Man-in-the-Middle and other attacks DOWNLOAD GATTACK Install npm install gattacker Usage Configure Running both components Set up variables in config.env: NOBLE_HCI_DEVICE_ID : noble (“central”, ws-slave) device BLENO_HCI_DEVICE_ID : bleno (“peripheral”, advertise) device If you run “central” and “peripheral” modules on separate boxes with … Read more

Shodan – world’s first search engine for Internet connected devices

Shodan is the world’s first search engine for Internet-connected devices. Shodan is a search engine that lets the user find specific types of computers (web cams, routers, servers, etc.) connected to the internet using a variety of filters. … It was launched in 2009 by computer programmer John Matherly, who, in 2003, conceived the idea … Read more

ShellCheck – A shell script static analysis tool

DOWNLOAD SHELLCHECK ShellCheck is a GPLv3 tool that gives warnings and suggestions for bash/sh shell scripts. The goals of ShellCheck are To point out and clarify typical beginner’s syntax issues that cause a shell to give cryptic error messages. To point out and clarify typical intermediate level semantic problems that cause a shell to … Read more

NoSQLMap – Automated Mongo database and NoSQL web application exploitation tool

Automated Mongo database and NoSQL web application exploitation tool DOWNLOAD NOSQL [sociallocker id=”968″][/sociallocker] NoSQLMap NoSQLMap v0.7 Introduction NoSQLMap is an open source Python tool designed to audit for as well as automate injection attacks and exploit default configuration weaknesses in NoSQL databases as well as web applications using NoSQL in order to disclose data … Read more

SQLMap Tutorial SQL Injection to hack a website & database in Kali Linux

SQLMap Tutorial

SQLMap Tutorial SQL Injection to hack a website and database in Kali Linux SQLMap Tutorial: Hi, today I will demonstrate how an attacker would target and compromise a MySQL database using SQL Injection attacks. SQL Injection attacks allow the attacker to gain database information such as usernames and passwords and potentially compromise websites and web … Read more

Google Dorks for SQL Injection 2017 – HackingVision

google dorks for sql injection

Google Dorks for SQL Injection Google Dorks, Google Dorks List, Find SQL Injectable Websites, Hack Websites using Google Dorks, Google Dorks List SQL Injection. This is a list of dorks to find SQL injectable websites. A Google dork query, sometimes just referred to as a dork, is a search string that uses advanced search operators … Read more

Hacking WordPress Website with Malicious Plug-in

Welcome back today we will talk about how we could compromise a WordPress website for a reverse meterpreter shell though use of malicious WordPress addons. This will allow us to create a malicious WordPress plugin to use as a payload and achieve a reverse shell back to the attacking machine. Requirements: Linux Python Metasploit malicious-wordpress-plugin … Read more

Hacking Linux Operating System for Remote Access: Malicious Debian Package

Welcome back today we will be talking about Remote Access of machines running on Linux Operating Systems. Why would someone want to Target a system running on Linux? Over 60% of all web servers around the world are running variations of Linux and a lot of personal Computers & Smart Phones. Let us just say … Read more

Exploit XSS with an Image: Force download

Welcome back today we will talk about Injecting some malicious XSS code into a Image. We will be using Kali Linux for this tutorial however you can use an operating system of your choice. We recommend using Linux. If you don’t already have Linux you can download Kali Linux from here. Cross Site Scripting is … Read more

V3n0M-Scanner – Python Pentesting Scanner

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns. [Live Project – Python3.6] V3n0M is a free and open source scanner. Evolved from baltazar’s scanner, it has adapted several new features that improve fuctionality and usability. It is mostly experimental software. This program is for finding and executing various vulnerabilities. It scavenges the … Read more

JuNest – Arch Linux distro that runs upon any Linux distro


The Arch Linux based distro that runs upon any Linux distros without root access. JuNest (Jailed User NEST) is a lightweight Arch Linux based distribution that allows to have an isolated GNU/Linux environment inside any generic host GNU/Linux OS and without the need to have root privileges for installing packages. JuNest contains mainly the package … Read more

WAFNinja – Tool to attack Web Application Firewalls


WAFNinja is a tool which contains two functions to attack Web Application Firewalls.   WAFNinja – Penetration testers favorite for WAF Bypassing WAFNinja is a CLI tool written in Python. It shall help penetration testers to bypass a WAF by automating steps necessary for bypassing input validation. The tool was created with the objective to … Read more

Create an SSH Botnet Client manager Botdr4g0n

SSH Botnet

The Botdr4g0n is a security tool for DDOS attacks on SSH BOT management for distributed attacks. SSH Botnet SSH Botnet How to Install python 2.7 git clone cd botdr4g0n python install [email protected]:~# botdr4g0n _ _ _ _ _ ___ | |__ ___ | |_ __| |_ __| || | __ _ / _ … Read more

Clickbait Detector – Detects Clickbait Headlines Using Deep Learning.


Clickbait Detector Detects clickbait headlines using deep learning. If you like this software please consider leaving the author a star on github. Find the Chrome Extension here ( built by rahulkapoor90 ) Requirements Python 2.7.12 Keras 1.2.1 Tensorflow 0.12.1 Numpy 1.11.1 NLTK 3.2.1 Getting Started Install a virtualenv in the project directory virtualenv venv Activate … Read more

WebRTC can leak your IP address even if your behind a VPN

  WebRTC (Web Real-Time Communication) is a collection of communications protocols and application programming interfaces that enable real-time communication over peer-to-peer connections. This allows web browsers to not only request resources from backend servers, but also real-time information from browsers of other users. This enables applications such as video conferencing, file transfer, chat, or desktop … Read more

brut3k1t – Server Side Bruteforce Module


Brute-force (dictionary attack, jk) attack that supports multiple protocols and services Introduction brut3k1t is a server-side bruteforce module that supports dictionary attacks for several protocols. The current protocols that are complete and in support are: ssh ftp smtp XMPP instagram facebook There will be future implementations of different protocols and services (including Twitter, Facebook, … Read more

yoast seo premium free