Find Stored XSS & HTML Injections Easily
This is a short tutorial to find stored XSS & HTML Injections easily. HTML injections occur when input isn’t sanitized to check or remove code thus, allowing potentially malicious code to execute on a web […]
The Latest Infosec News, Tools, and Exploits – Got Root?
This is a short tutorial to find stored XSS & HTML Injections easily. HTML injections occur when input isn’t sanitized to check or remove code thus, allowing potentially malicious code to execute on a web […]
Cloudmare is a simple tool to find the origin servers of websites protected by Cloudflare, Sucuri, or Incapsula with a misconfiguration DNS. Setup (Remember to view -hh for more info about the arguments) Termux users […]
cbrutekrag Penetration tests on SSH servers using dictionary attacks. Written in C. brute krag means “brute force” in afrikáans Disclaimer This tool is for ethical testing purpose only.cbrutekrag and its owners can’t be held responsible […]
Proxies provide the ability to route traffic through another server and act as a gateway between your system and the internet. Using free proxies can be an alternative to paid VPNs or proxies. Though the […]
On Saturday, FTX CEO John Ray confirmed via Twitter that FTX and FTX US were hacked. Ironically this attack happened hours after the company filed for bankruptcy protection. Overnight FTX saw potentially $515 million drained […]
The Modern Port Scanner. Find ports quickly (3 seconds at its fastest). Run scripts through our scripting engine (Python, Lua, Shell supported). Features Why RustScan? RustScan is a modern take on the port scanner. Sleek […]
APTRS (Automated Penetration Testing Reporting System) is an automated reporting tool in Python and Django. The tool allows Penetration testers to create a report directly without using the Traditional Docx file. It also provides an […]
hoaxshell is a Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell, based on the following concept: This concept (which could possibly be implemented by using […]
A easy-to-use python tool to perform dns recon with multiple options Installation: It can be installed in any OS with python3 Manual installation git clone https://github.com/D3Ext/SDomDiscover cd SDomDiscover pip3 install -r requirements.txt One-liner git clone […]
Aced is a tool to parse and resolve a single targeted Active Directory principal’s DACL. Aced will identify interesting inbound access allowed privileges against the targeted account, resolve the SIDS of the inbound permissions, and […]