The Latest Infosec News, Tools, and Exploits – Got Root?
BruteSpray takes nmap GNMAP/XML output or newline separated JSONS and automatically brute-forces services with default credentials using Medusa. BruteSpray can even find non-standard ports by using the -sV inside Nmap. Installation pip install -r requirements.txt […]
CloudFail is a tactical reconnaissance tool which aims to gather enough information about a target protected by Cloudflare in the hopes of discovering the location of the server. Using Tor to mask all requests, the […]
Key features Mode: url sxss pipe file server Class Key Feature Description Discovery Parameter analysis – Find reflected param– Find alive/bad special chars, event handler and attack code– Identification of injection points(HTML/JS/Attribute)inHTML-none inJS-none inJS-double inJS-single […]
Installation Download a prebuilt binary from releases page, unpack and run! or If you have recent go compiler installed: go get -u github.com/ffuf/ffuf (the same command works for updating) or git clone https://github.com/ffuf/ffuf ; cd […]
Installation # clone the repo $ git clone https://github.com/sherlock-project/sherlock.git # change the working directory to sherlock $ cd sherlock # install the requirements $ python3 -m pip install -r requirements.txt Usage $ python3 sherlock –help […]
Vulnx is An Intelligent Bot Auto Shell Injector that detects vulnerabilities in multiple types of Cms, fast cms detection,informations gathering and vulnerabilitie Scanning of the target like subdomains, ipaddresses, country, org, timezone, region, ans and […]
Objection is a runtime mobile exploration toolkit, powered by Frida, built to help you assess the security posture of your mobile applications, without needing a jailbreak. Supports both iOS and Android. Inspect and interact with […]
rsGen is a Reverse Shell Payload Generator for hacking. I write through windows batch. The main features include native command generation and variant command generation. In version 2.0, I added a tcp tunnel feature to […]
About AVAIN is a modular vulnerability analysis / penetration testing framework for computer networks and individual machines that allows its modules to work collaboratively to achieve more sophisticated results. Once you start an analysis with […]
Houndsniff is a minimal hash identification and recognition tool written in C that uses a database to compare a hash’s features to characteristics of other common hashing algorithm results. Email hashes that I missed at […]
