Bash File To Rotate Apache Access and Error On Linux
When running a website you may end up with Apache access and error logs that end up being gigabytes in since when they are not correctly rotated. This issue can be solved by using scripts […]
Category: Tools
Default Credentials Cheat Sheet – Search for Products Default Login/Password Information
One place for all the default credentials to assist pentesters during an engagement, this document has several product default login/passwords gathered from multiple sources. P.S : Most of the credentials were extracted from changeme,routersploit and […]
SQLiDetector – Python Script That Helps Detect SQL injection By Sending Requests With 14 Payloads & Checks for 152 Regex Patterns
Description The main idea for the tool is scanning for Error Based SQL Injection by using different payloads like And match for 152 error regex patterns for different databases.Source: https://github.com/sqlmapproject/sqlmap/blob/master/data/xml/errors.xml How does it work? It’s […]
Userefuzz – User-Agent , X-Forwarded-For & Referer SQLI Fuzzer Made With Python
Installation pip sudo pip install userefuzz setup git clone https://github.com/root-tanishq/userefuzz cd userefuzz sudo python3 setup.py install Usage Parsing URLs Parsing a list of URLs $ userefuzz -l <LIST> Parsing a URL $ userefuzz -u <URL> […]
Shells – A Script For Generating Common Revshells Fast & Easy
PowerShell revshells ngrok support Updog support To install Shells Screenshots Youtube video Link Download: https://github.com/4ndr34z/shells
Mubeng – Incredibly Fast Proxy Checker & IP Rotator With Ease
For free updated proxy lists check here: https://skynettools.com/free-proxy-list-websites/ Features Why mubeng? It’s fairly simple, there is no need for additional configuration. mubeng has 2 core functionality: 1. Run proxy server as proxy IP rotation This […]
TruffleHog – Find Leaked Credentials In GitHub, GitLab, Filesystems, S3, & Circle CI
Find Leaked Credentials In GitHub, GitLab, Filesystems, S3, & Circle CI using TruffleHog. Demo docker run -it -v “$PWD:/pwd” trufflesecurity/trufflehog:latest github –org=trufflesecurity Examples Example 1: Scan a repo for only verified secrets Command: Expected output: […]
UDPX – Fast & Lightweight Single-Packet UDP Scanner Written In Go
Fast and lightweight, UDPX is a single-packet UDP scanner written in Go that supports the discovery of over 45 services with the ability to add custom ones. It is easy to use and portable and […]
Cloudmare – Find Servers For Websites Protected By Cloudflare, Sucuri, or Incapsula
Cloudmare is a simple tool to find the origin servers of websites protected by Cloudflare, Sucuri, or Incapsula with a misconfiguration DNS. Setup (Remember to view -hh for more info about the arguments) Termux users […]
cbrutekrag – Brute Force SSH Servers Using Dictionary Attacks. Written In C
cbrutekrag Penetration tests on SSH servers using dictionary attacks. Written in C. brute krag means “brute force” in afrikáans Disclaimer This tool is for ethical testing purpose only.cbrutekrag and its owners can’t be held responsible […]
