The Latest Infosec News, Tools, and Exploits – Got Root?
One place for all the default credentials to assist pentesters during an engagement, this document has several product default login/passwords gathered from multiple sources. P.S : Most of the credentials were extracted from changeme,routersploit and […]
Description The main idea for the tool is scanning for Error Based SQL Injection by using different payloads like And match for 152 error regex patterns for different databases.Source: https://github.com/sqlmapproject/sqlmap/blob/master/data/xml/errors.xml How does it work? It’s […]
Installation pip sudo pip install userefuzz setup git clone https://github.com/root-tanishq/userefuzz cd userefuzz sudo python3 setup.py install Usage Parsing URLs Parsing a list of URLs $ userefuzz -l <LIST> Parsing a URL $ userefuzz -u <URL> […]
PowerShell revshells ngrok support Updog support To install Shells Screenshots Youtube video Link Download: https://github.com/4ndr34z/shells
For free updated proxy lists check here: https://skynettools.com/free-proxy-list-websites/ Features Why mubeng? It’s fairly simple, there is no need for additional configuration. mubeng has 2 core functionality: 1. Run proxy server as proxy IP rotation This […]
Find Leaked Credentials In GitHub, GitLab, Filesystems, S3, & Circle CI using TruffleHog. Demo docker run -it -v “$PWD:/pwd” trufflesecurity/trufflehog:latest github –org=trufflesecurity Examples Example 1: Scan a repo for only verified secrets Command: Expected output: […]
Fast and lightweight, UDPX is a single-packet UDP scanner written in Go that supports the discovery of over 45 services with the ability to add custom ones. It is easy to use and portable and […]
Cloudmare is a simple tool to find the origin servers of websites protected by Cloudflare, Sucuri, or Incapsula with a misconfiguration DNS. Setup (Remember to view -hh for more info about the arguments) Termux users […]
cbrutekrag Penetration tests on SSH servers using dictionary attacks. Written in C. brute krag means “brute force” in afrikáans Disclaimer This tool is for ethical testing purpose only.cbrutekrag and its owners can’t be held responsible […]
The Modern Port Scanner. Find ports quickly (3 seconds at its fastest). Run scripts through our scripting engine (Python, Lua, Shell supported). Features Why RustScan? RustScan is a modern take on the port scanner. Sleek […]
