Overlord – Red Teaming Automation
Overlord provides a python-based console CLI which is used to build Red Teaming infrastructure in an automated way. The user has to provide inputs by using the tool’s modules (e.g. C2, Email Server, HTTP web […]
Category: Tools
PETEP (PEnetration TEsting Proxy) Open-Source Java Application for Network Communication Proxying
PETEP (PEnetration TEsting Proxy) is open-source Java application for network communication proxying for the purpose of penetration testing. It allows penetration testers to setup proxies and interceptors to manage the traffic transmitted between client and […]
CookieDoor PHP Shell Execute Remote Shell Command Via Cookies
Introduction Cookie door is a php backdoor that allows you to execute remote shell command on the webserver. Commands are sent via cookie. How to use You can place the payload.php script code inside another […]
Doxycannon A Poormans ProxyCannon & botnet, using docker, ovpn, & Socks5
Doxycannon takes a pool of OpenVPN files and creates a Docker container for each one. After a successful VPN connection, each container spawns a SOCKS5 proxy server and binds it to a port on the […]
Bot Bounty – Telegram Bot Built for Pentest & Bug Bounty Hunting.
Python Script for Telegram Bot is specially builded for pentest & bug bounty. It’s like a telegram shell. You will be notified when your task(command line) is finished with results. This bot make long time […]
SDF – Site Directory Fuzzer
SDF has been created to automate search task of hidden directories and files on server. It’s multithreaded btw. Simple example: Short help Extended help You can use one url or file with list of urls: […]
Invisi-Shell Bypasses all of Powershell Security Features
Hide your powershell script in plain sight! Invisi-Shell bypasses all of Powershell security features (ScriptBlock logging, Module logging, Transcription, AMSI) by hooking .Net assemblies. The hook is performed via CLR Profiler API. Work In Progress […]
Jack Web Scraper
Jack Web Scraper JWS it’s a tool that allows you to extract the text from a web page to later use it for password cracking / bruteforcing. Configure Run the configure.sh script to create a […]
XSpear is XSS Scanner on ruby gems
Key features Pattern matching based XSS scanning Detect alert confirm prompt event on headless browser (with Selenium) Testing request/response for XSS protection bypass and reflected(or all) params Reflected Params All params(for blind xss, anytings) Filtered […]
enum4linux-ng -A next generation version of enum4linux
enum4linux-ng.py is a rewrite of Mark Lowe’s (former Portcullis Labs now CiscoCXSecurityLabs) enum4linux.pl, a tool for enumerating information from Windows and Samba systems, aimed for security professionals and CTF player. The tool is mainly a […]
