Habu – Python Network Hacking Toolkit

computer-network

Habu: Network Hacking Toolkit I’m developing Habu to teach (and learn) some concepts about Python and Network Hacking. These are basic functions that help with some tasks for Ethical Hacking and Penetration Testing. Most of them are related with networking, and the implementations are intended to be understandable for who wants to read the source … Read more

BlackOrphan – Tool built with Bash/nodeJs mainly for gaining a remote shell access to a Linux Box

remote-access-tool-rat

BlackOrphan is a tool built with Bash/nodeJs mainly for gaining a remote shell access to a Linux Box BlackOrphan is a tool built with Bash/nodejs mainly for gaining a remote shell access to a linux BoX USAGE clone this repo git clone https://github.com/zombieleet/BlackOrphan.git run blackorphan from the command line ./BlackOrphan1.0 ============================== 1. Create a server … Read more

MorphAES – IDPS & SandBox & AntiVirus STEALTH KILLER

morphaes

DPS & SandBox & AntiVirus STEALTH KILLER. MorphAES is the world’s first polymorphic shellcode engine, with metamorphic properties and capability to bypass sandboxes, which makes it undetectable for an IDPS, it’s cross-platform as well and library-independent. Properties: Polymorphism (AES encryption) Metamorphism (logic and constants changing) Platform independent (Linux/BSD/Windows) IDPS stealthing (the total number of possible … Read more

Hijacker – Aircrack, Airodump, Aireplay, MDK3 and Reaver GUI Application for Android

hijacker-airodump

    Hijacker is a Graphical User Interface for the penetration testing tools Aircrack-ng, Airodump-ng, MDK3, and Reaver. It offers a simple and easy UI to use these tools without typing commands in a console and copy&pasting MAC addresses. This application requires an ARM android device with a wireless adapter that supports Monitor Mode. A … Read more

Infernal Twin – Wireless hacking – This is automated wireless hacking tool

internet

##Infernal-Wireless v2.6Release 2.6.11 ##Features added and improved: Menu to retrieve logs are added ##Infernal-Wireless v2.6 Release 2.6.10 ##Features added and improved: Added BeeF XSS framework Integration Added HTTP Traffic View within tool Improved Infenral Wireless Attack Visual View of some of the panel improved Improved Basic Authentication during Social engineering assessment over wireless network Infernal-Wireless … Read more

TrackerJacker – Tracks WiFi devices by capturing raw 802.11 frames in monitor mode

wifi

Finds and tracks wifi devices through raw 802.11 monitoring. PyPI page: https://pypi.python.org/pypi/trackerjacker Install pip3 install trackerjacker Usage Find detailed usage like this: trackerjacker -h There are 2 major usage modes for trackerjacker: map mode and track mode: Map mode example Map mode is used to find the Access Points and Devices within the range. Think … Read more

CloakifyFactory – Data Exfiltration & Infiltration In Plain Sight

CloakifyFactory & the Cloakify Toolset – Data Exfiltration & Infiltration In Plain Sight; Evade DLP/MLS Devices; Social Engineering of Analysts; Defeat Data Whitelisting Controls; Evade AV Detection. Text-based steganography usings lists. Convert any file type (e.g. executables, Office, Zip, images) into a list of everyday strings. Very simple tools, powerful concept, limited only by your … Read more

Git All the Payloads! A collection of web attack payloads

payloads

payloads Git All the Payloads! A collection of web attack payloads. Pull requests are welcome! Credits: foospidy Usage run ./get.sh to download external payloads and unzip any payload files that are compressed. Payload Credits fuzzdb – https://github.com/fuzzdb-project/fuzzdb SecLists – https://github.com/danielmiessler/SecLists xsuperbug – https://github.com/xsuperbug/payloads NickSanzotta – https://github.com/NickSanzotta 7ioSecurity – https://github.com/7ioSecurity/XSS-Payloads shadsidd – https://github.com/shadsidd xmendez – https://github.com/xmendez/wfuzz … Read more

PowerStager – Script creates an executable stager that downloads selected powershell payload

powerstager

PowerStager: This script creates an executable stager that downloads a selected powershell payload. Contact Author: z0noxz Source: https://github.com/z0noxz/powerstager Email: z0noxz@mail.com Description This script creates an executable stager that downloads a selected powershell payload, loads it into memory and executes it using obfuscated EC methods. The script will also encrypt the stager for dynamic signatures and … Read more

XSS-keylogger – keylogging script that can be injected into websites vulnerable to cross-site scripting

free courses

A keylogging script that can be injected into websites vulnerable to cross-site scripting. The script tracks user keypresses by concatenating each keypress into a string that is POSTed to a server. The script can be found in file keylogscript.html and can be tested on file captainslog.html. The POST request is currently commented out, but if … Read more

Phishery – SSL Enabled Basic Auth Credential Harvester with a Word Document Template

phishery

Phishery – SSL Enabled Basic Auth Credential Harvester with a Word Document Template An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector The power of Phishery is best demonstrated by setting a Word document’s template to a Phishery URL. This causes Microsoft Word to make a request to the URL, … Read more

blueborne-scanner – Bluetooth scanner for blueborne-vulnerable devices

bluetooth

Bluetooth scanner for local devices that may be vulnerable to Blueborne exploit VPN Gate auto-grabber Greetz shouts to sh3llg0d, an0n_l1t3, daemochi, akatz!!!! Overview Bluetooth scanner for blueborne-vulnerable devices, Android only for the moment Quickstart git clone https://github.com/hook-s3c/blueborne-scanner.git cd blueborne-scanner sudo chmod +x ./bluebornescan.py pip install -r ./requirements.txt ./bluebornescan.py Breakdown Scans for local bluetooth devices Looks … Read more

ONIOFF – An onion url inspector for inspecting deep web links

onion url

ONIOFF – Onion URL Inspector A simple tool – written in pure python – for inspecting Deep Web URLs (or onions). It takes specified onion links and returns their current status along with the site’s title. Compatible with Python 2.6 & 2.7. Author: Nikolaos Kamarinakis (nikolaskama.me) Installation You can download ONIOFF by cloning the Git … Read more

SimplyEmail – Email recon made fast and easy, with a framework to build on

simply-email

Email recon made fast and easy, with a framework to build on http://CyberSyndicates.com What is the simple email recon tool? This tool was based off the work of theHarvester and kind of a port of the functionality. This was just an expansion of what was used to build theHarvester and will incorporate his work but … Read more

Droid Hunter – Android application vulnerability analysis pentest tool

Droid Hunter

Droid Hunter – Android application vulnerability analysis pentest tool Droid Hunter Android application vulnerability analysis and Android pentest tool .—. .———– / \ __ / —— / / \( )/ —– ╔╦╗╦═╗╔═╗╦╔╦╗ ╦ ╦╦ ╦╔╗╔╔╦╗╔═╗╦═╗ ////// ‘ \/ ` — ║║╠╦╝║ ║║ ║║───╠═╣║ ║║║║ ║ ║╣ ╠╦╝ //// / // : : — ═╩╝╩╚═╚═╝╩═╩╝ ╩ … Read more

QRLJacking – A New Social Engineering Attack Vector

QRLJacking

What is QRLJacking? QRLJacking or Quick Response Code Login Jacking is a simple social engineering attack vector capable of session hijacking affecting all applications that rely on the “Login with QR code” feature as a secure way to login into accounts. In a nutshell, the victim scans the attacker’s QR code which results in session … Read more

HERCULES – Special payload generator that can bypass anti-virus software

hercules

HERCULES is a customizable payload generator that can bypass anti-virus software. HackingVision installation tips: HERCULES is programmed in Go if your using Go for the first time you will need to set a GOPATH you can do this by using the following commands. export GOPATH=$HOME/go export PATH=$PATH:$GOROOT/bin:$GOPATH/bin You can add default GOPATH to ~/.bashrc to … Read more

Micetrap – Catch evil hackers on the fly by placing open-port traps

mousetrap

#micetrap ___ .-| | |_/,| (\ { | | |o o |__ _) ) “-.|___| _.( T ) / .–‘–. _((_^–‘ /< .+|_|.-||)`-‘(((/ (((/Catch hackers on the fly with micetrap! Micetrap opens a server on either a given or random port, emulating fake vulnerable services. Port scanners such as Nmap, when fingerprinting ports to discover … Read more

Phishing Frenzy – Ruby on Rails Phishing Framework

phishing-frenzy

Ruby on Rails Phishing Framework Documentation & Info Relevant up to date documentation can be found on the official Phishing Frenzy website located below Phishing Frenzy Website Please submit any tickets or issues to the github issues page Phishing Frenzy Tickets To contact us directly plese use the official Phishing Frenzy website Phishing Frenzy Website … Read more

Gophish – Open-Source Phishing Toolkit

do-not-feed-the-phish

Gophish: Open-Source Phishing Toolkit Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily setup and execute phishing engagements and security awareness training. Current Status Update 2/19/2017 Gophish version 0.2.1 binaries will be released soon! I am just fixing a few final bugs and then … Read more

yoast seo premium free

Spelling error report

The following text will be sent to our editors: