Phishery – SSL Enabled Basic Auth Credential Harvester with a Word Document Template An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector The power of Phishery is best demonstrated by setting a Word document’s template to a Phishery URL. This causes Microsoft Word to make a request to the URL, … Read more
Bluetooth scanner for local devices that may be vulnerable to Blueborne exploit VPN Gate auto-grabber Greetz shouts to sh3llg0d, an0n_l1t3, daemochi, akatz!!!! Overview Bluetooth scanner for blueborne-vulnerable devices, Android only for the moment Quickstart git clone https://github.com/hook-s3c/blueborne-scanner.git cd blueborne-scanner sudo chmod +x ./bluebornescan.py pip install -r ./requirements.txt ./bluebornescan.py Breakdown Scans for local bluetooth devices Looks … Read more
ONIOFF – Onion URL Inspector A simple tool – written in pure python – for inspecting Deep Web URLs (or onions). It takes specified onion links and returns their current status along with the site’s title. Compatible with Python 2.6 & 2.7. Author: Nikolaos Kamarinakis (nikolaskama.me) Installation You can download ONIOFF by cloning the Git … Read more
Droid Hunter – Android application vulnerability analysis pentest tool Droid Hunter Android application vulnerability analysis and Android pentest tool .—. .———– / \ __ / —— / / \( )/ —– ╔╦╗╦═╗╔═╗╦╔╦╗ ╦ ╦╦ ╦╔╗╔╔╦╗╔═╗╦═╗ ////// ‘ \/ ` — ║║╠╦╝║ ║║ ║║───╠═╣║ ║║║║ ║ ║╣ ╠╦╝ //// / // : : — ═╩╝╩╚═╚═╝╩═╩╝ ╩ … Read more
What is QRLJacking? QRLJacking or Quick Response Code Login Jacking is a simple social engineering attack vector capable of session hijacking affecting all applications that rely on the “Login with QR code” feature as a secure way to login into accounts. In a nutshell, the victim scans the attacker’s QR code which results in session … Read more
HERCULES is a customizable payload generator that can bypass anti-virus software. HackingVision installation tips: HERCULES is programmed in Go if your using Go for the first time you will need to set a GOPATH you can do this by using the following commands. export GOPATH=$HOME/go export PATH=$PATH:$GOROOT/bin:$GOPATH/bin You can add default GOPATH to ~/.bashrc to … Read more
Windows Exploit Suggester – This tool compares a targets patch levels DESCRIPTION Windows Exploit Suggester This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins. … Read more
#micetrap ___ .-| | |_/,| (\ { | | |o o |__ _) ) “-.|___| _.( T ) / .–‘–. _((_^–‘ /< .+|_|.-||)`-‘(((/ (((/Catch hackers on the fly with micetrap! Micetrap opens a server on either a given or random port, emulating fake vulnerable services. Port scanners such as Nmap, when fingerprinting ports to discover … Read more
Ruby on Rails Phishing Framework Documentation & Info Relevant up to date documentation can be found on the official Phishing Frenzy website located below Phishing Frenzy Website Please submit any tickets or issues to the github issues page Phishing Frenzy Tickets To contact us directly plese use the official Phishing Frenzy website Phishing Frenzy Website … Read more
Gophish: Open-Source Phishing Toolkit Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily setup and execute phishing engagements and security awareness training. Current Status Update 2/19/2017 Gophish version 0.2.1 binaries will be released soon! I am just fixing a few final bugs and then … Read more
mitmAP – A python program to create a fake AP and sniff data. _ _ ___ ______ (_) | / _ \ | ___ \ _ __ ___ _| |_ _ __ ___ / /_\ \| |_/ / | ‘_ ` _ \| | __| ‘_ ` _ \| _ || __/ | | | … Read more
WiFi Hacker – Script For Attacking Wireless Connections Using Kali Tools Shell Script For Attacking Wireless Connections Using Built-In Kali Tools. Supports All Securities (WEP, WPS, WPA, WPA2) Hack Wireless Networks (WEP, WPS, WPA, WPA2) using WiFi Hacker Shell Script. Developed by Jason Borowski (esc0rtd3w) This script Automates Wireless hacking in Kali Linux. Installing WiFi … Read more
Fileless SQL Server CLR-based Custom Stored Procedure Command Execution For more info about the techinque, please visit sekirkity.com This techinque will allow for the execution of commands on a comprompised Microsoft SQL Server in a novel, fileless manner. The PowerShell module consists of two cmdlets: New-CLRProcedure – This cmdlet enables CLR stored procedures on the … Read more
PyLoggy is simple and powerful Python keylogger that is able to log keystrokes, log mouse clicks, take screenshots and more! The tool will send the logs to your email every minute(you can change this). Installation Clone it: git clone https://github.com/D4Vinci/PyLoggy.git Run it: python PyLoggy.py You can also convert PyLoggy to EXE using PyInstaller or any … Read more
Phishing Campaign Toolkit Installation For instructions on how to install, please see the INSTALL.md file. After installing, for instructions on how to get started please see the wiki. Overview King Phisher is a tool for testing and promoting user awareness by simulating real world phishing attacks. It features an easy to use, yet very flexible … Read more
The Universal Radio Hacker is a software for investigating unknown wireless protocols. Features include hardware interfaces for common Software Defined Radios easy demodulation of signals assigning participants to keep overview of your data customizable decodings to crack even sophisticated encodings like CC1101 data whitening assign labels to reveal the logic of the protocol fuzzing component … Read more
Fast and powerful SSL/TLS server scanning library for Python 2.7 and 3.3+. Description SSLyze is a Python library and a CLI tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL/TLS servers. … Read more
Application Layer DoS Testing Framework What is Repulsive Grizzly? Repulsive Grizzly is an application layer load testing framework specifically designed to support high throughput and sophisticated request types. Repulsive Grizzly can help you confirm application layer Denial of Service (DoS) by running your test at a higher concurrency with other features such as session round … Read more
ABOUT. katana is a framework written in python for making penetration testing, based on a simple and comprehensive structure for anyone to use, modify and share, the goal is to unify tools serve for professional when making a penetration test or simply as a routine tool, The current version is not completely stable, is recommended … Read more
Synopsis Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. It is smart, it trains itself by monitoring and learning from the web application’s behavior during the scan process and is able to perform meta-analysis using a number of factors in order to … Read more