The Latest Infosec News, Tools, and Exploits – Got Root?
APTRS (Automated Penetration Testing Reporting System) is an automated reporting tool in Python and Django. The tool allows Penetration testers to create a report directly without using the Traditional Docx file. It also provides an […]
hoaxshell is a Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell, based on the following concept: This concept (which could possibly be implemented by using […]
A easy-to-use python tool to perform dns recon with multiple options Installation: It can be installed in any OS with python3 Manual installation git clone https://github.com/D3Ext/SDomDiscover cd SDomDiscover pip3 install -r requirements.txt One-liner git clone […]
Aced is a tool to parse and resolve a single targeted Active Directory principal’s DACL. Aced will identify interesting inbound access allowed privileges against the targeted account, resolve the SIDS of the inbound permissions, and […]
This software is intended for use in CTF challenges, or by security professionals to gather information on their targets: It is capable of brute-force enumerating subdomains and also URI resources (directories/files). Both methods of enumeration […]
SocialPwned is an OSINT tool that allows getting the emails, from a target, published on social networks like Instagram, Linkedin, and Twitter to find the possible credential leaks in PwnDB or Dehashed and obtain a […]
A Network Packet Sniffer developed in Python 3. Packets are disassembled as they arrive at a given network interface controller and their information is displayed on the screen. This application depends exclusively on the NETProtocols […]
Psudohash is a password list generator for orchestrating brute force attacks. It imitates certain password creation patterns commonly used by humans, like substituting a word’s letters with symbols or numbers, using char-case variations, adding a […]
toxssin is an open-source penetration testing tool that automates the process of exploiting Cross-Site Scripting (XSS) vulnerabilities. It consists of an https server that works as an interpreter for the traffic generated by the malicious […]
uncover is a go wrapper using APIs of well known search engines to quickly discover exposed hosts on the internet. It is built with automation in mind, so you can query it and utilize the […]
