The Latest Infosec News, Tools, and Exploits – Got Root?
You can already find plenty of solutions to recover deleted files, but it can be a hassle to recover overwritten files. RecoverPy searches through every block of your partition to find your request. Demo Installation […]
Web Cache Vulnerability Scanner (WCVS) is a fast and versatile CLI scanner for web cache poisoning developed by Hackmanit. The scanner supports many different web cache poisoning techniques, includes a crawler to identify further URLs […]
Features Multiple service listening port Multiple client connections RESTful API Python SDK Reverse shell as a service (Pop a reverse shell in multiple languages without remembering idle commands) Download/Upload file with progress bar Full interactive […]
Drupwn claims to provide an efficient way to gather drupal information Supported tested version Drupal 7 Drupal 8 Execution mode Drupwn can be run, using two seperate modes which are enum and exploit. The enum […]
sn0int (pronounced /snoɪnt/) is a semi-automatic OSINT framework and package manager. It was built for IT security professionals and bug hunters to gather intelligence about a given target or about yourself. sn0int is enumerating attack […]
SubDomainizer is a tool designed to find hidden subdomains and secrets present is either webpage, Github, and external javascripts present in the given URL. This tool also finds S3 buckets, cloudfront URL’s and more from […]
A tool to find open S3 buckets and dump their contents Usage usage: s3scanner [-h] [–version] [–threads n] [–endpoint-url ENDPOINT_URL] [–endpoint-address-style {path,vhost}] [–insecure] {scan,dump} … s3scanner: Audit unsecured S3 buckets by Dan Salmon – github.com/sa7mon, […]
Searches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accidentally committed. Join The Slack Have questions? Feedback? Jump in slack and hang out with me […]
scant3r is a module-based web security tool, our goal is to make customizable tool with providing many functions and features that what you need for write a security module for an example (cookie parser/http request […]
Features In its current state, it will only work with torrc MAX CIRCUIT DIRTINESS of 10 Cloudflare Resolver [Cloudbuster] LFI->RCE and XSS Scanning [LFI to RCE & XSS] SQL Injection Vuln Scanner [SQLi] Extremely Large […]
