CloakifyFactory & the Cloakify Toolset – Data Exfiltration & Infiltration In Plain Sight; Evade DLP/MLS Devices; Social Engineering of Analysts; Defeat Data Whitelisting Controls; Evade AV Detection. Text-based steganography usings lists. Convert any file type (e.g. executables, Office, Zip, images) into a list of everyday strings. Very simple tools, powerful concept, limited only by your … Read more
payloads Git All the Payloads! A collection of web attack payloads. Pull requests are welcome! Credits: foospidy Usage run ./get.sh to download external payloads and unzip any payload files that are compressed. Payload Credits fuzzdb – https://github.com/fuzzdb-project/fuzzdb SecLists – https://github.com/danielmiessler/SecLists xsuperbug – https://github.com/xsuperbug/payloads NickSanzotta – https://github.com/NickSanzotta 7ioSecurity – https://github.com/7ioSecurity/XSS-Payloads shadsidd – https://github.com/shadsidd xmendez – https://github.com/xmendez/wfuzz … Read more
PowerStager: This script creates an executable stager that downloads a selected powershell payload. Contact Author: z0noxz Source: https://github.com/z0noxz/powerstager Email: z0noxz@mail.com Description This script creates an executable stager that downloads a selected powershell payload, loads it into memory and executes it using obfuscated EC methods. The script will also encrypt the stager for dynamic signatures and … Read more
Kali Linux Hacking List of Free Kali Linux Hacking eBooks Download In PDF 2019 Ethical Hacking, Hacking ebooks pdf, Hacking ebooks free download, hacking ebooks collection, Best Hacking eBooks. List curated by Hackingvision.com Disclaimer The contributor(s) cannot be held responsible for any misuse of the data. This repository is just a collection of URLs to … Read more
Phishery – SSL Enabled Basic Auth Credential Harvester with a Word Document Template An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector The power of Phishery is best demonstrated by setting a Word document’s template to a Phishery URL. This causes Microsoft Word to make a request to the URL, … Read more
Bluetooth technology is not a new thing but its starting to become very popular. Bluetooth is now seen in a lot of different areas from SmartPhones, Smart Watches, Cars, IoT devices, Smart TVS, Games Consoles, Security devices, in our homes, smart devices. Bluetooth is used in many industries and areas of technology such as medical … Read more
Bluetooth scanner for local devices that may be vulnerable to Blueborne exploit VPN Gate auto-grabber Greetz shouts to sh3llg0d, an0n_l1t3, daemochi, akatz!!!! Overview Bluetooth scanner for blueborne-vulnerable devices, Android only for the moment Quickstart git clone https://github.com/hook-s3c/blueborne-scanner.git cd blueborne-scanner sudo chmod +x ./bluebornescan.py pip install -r ./requirements.txt ./bluebornescan.py Breakdown Scans for local bluetooth devices Looks … Read more
ONIOFF – Onion URL Inspector A simple tool – written in pure python – for inspecting Deep Web URLs (or onions). It takes specified onion links and returns their current status along with the site’s title. Compatible with Python 2.6 & 2.7. Author: Nikolaos Kamarinakis (nikolaskama.me) Installation You can download ONIOFF by cloning the Git … Read more
Website developers can often leave unfinished installations of WordPress on their servers. This can make it very easy for attackers to gain control over new installations of WordPress. Attackers can not only take over the WordPress website but also the entire hosting cluster that is associated with it. This is known as WPSetup Attack. The … Read more
KeyGrabber – Hardware Keylogger – WiFi USB hardware keyloggers KeyGrabber products are hardware keyloggers. KeyGrabber keystroke recorder has up to 2GB of memory, stored on a FAT file system. The device is completely transparent from computer operation such as anti-virus and security software, there are no software or drivers are required. KeyGrabber supports International keyboard … Read more
A curated list of free Security and Pentesting related E-Books available on the Internet. If you want to contribute to this list (please do), send a pull request. All contributors will be recognized and appreciated. The topics include: Android & iOS Cloud Security Defensive Security IoT Malware Analysis & Forensics Network Pentesting Offensive Security Programming … Read more
Droid Hunter – Android application vulnerability analysis pentest tool Droid Hunter Android application vulnerability analysis and Android pentest tool .—. .———– / \ __ / —— / / \( )/ —– ╔╦╗╦═╗╔═╗╦╔╦╗ ╦ ╦╦ ╦╔╗╔╔╦╗╔═╗╦═╗ ////// ‘ \/ ` — ║║╠╦╝║ ║║ ║║───╠═╣║ ║║║║ ║ ║╣ ╠╦╝ //// / // : : — ═╩╝╩╚═╚═╝╩═╩╝ ╩ … Read more
What is QRLJacking? QRLJacking or Quick Response Code Login Jacking is a simple social engineering attack vector capable of session hijacking affecting all applications that rely on the “Login with QR code” feature as a secure way to login into accounts. In a nutshell, the victim scans the attacker’s QR code which results in session … Read more
HERCULES is a customizable payload generator that can bypass anti-virus software. HackingVision installation tips: HERCULES is programmed in Go if your using Go for the first time you will need to set a GOPATH you can do this by using the following commands. export GOPATH=$HOME/go export PATH=$PATH:$GOROOT/bin:$GOPATH/bin You can add default GOPATH to ~/.bashrc to … Read more
Windows Exploit Suggester – This tool compares a targets patch levels DESCRIPTION Windows Exploit Suggester This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins. … Read more
#micetrap ___ .-| | |_/,| (\ { | | |o o |__ _) ) “-.|___| _.( T ) / .–‘–. _((_^–‘ /< .+|_|.-||)`-‘(((/ (((/Catch hackers on the fly with micetrap! Micetrap opens a server on either a given or random port, emulating fake vulnerable services. Port scanners such as Nmap, when fingerprinting ports to discover … Read more
Ruby on Rails Phishing Framework Documentation & Info Relevant up to date documentation can be found on the official Phishing Frenzy website located below Phishing Frenzy Website Please submit any tickets or issues to the github issues page Phishing Frenzy Tickets To contact us directly plese use the official Phishing Frenzy website Phishing Frenzy Website … Read more
Gophish: Open-Source Phishing Toolkit Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily setup and execute phishing engagements and security awareness training. Current Status Update 2/19/2017 Gophish version 0.2.1 binaries will be released soon! I am just fixing a few final bugs and then … Read more
mitmAP – A python program to create a fake AP and sniff data. _ _ ___ ______ (_) | / _ \ | ___ \ _ __ ___ _| |_ _ __ ___ / /_\ \| |_/ / | ‘_ ` _ \| | __| ‘_ ` _ \| _ || __/ | | | … Read more
See what a program does before deciding whether you really want it to happen. rm -rf pic* Are you sure? Are you one hundred percent sure? maybe… … allows you to run a command and see what it does to your files without actually doing it! After reviewing the operations listed, you can then … Read more