Find Stored XSS & HTML Injections Easily
This is a short tutorial to find stored XSS & HTML Injections easily. HTML injections occur when input isn’t sanitized to check or remove code thus, allowing potentially malicious code to execute on a web […]
Cloudmare – Find Servers For Websites Protected By Cloudflare, Sucuri, or Incapsula
Cloudmare is a simple tool to find the origin servers of websites protected by Cloudflare, Sucuri, or Incapsula with a misconfiguration DNS. Setup (Remember to view -hh for more info about the arguments) Termux users […]
cbrutekrag – Brute Force SSH Servers Using Dictionary Attacks. Written In C
cbrutekrag Penetration tests on SSH servers using dictionary attacks. Written in C. brute krag means “brute force” in afrikáans Disclaimer This tool is for ethical testing purpose only.cbrutekrag and its owners can’t be held responsible […]
Free Proxy List Websites
Proxies provide the ability to route traffic through another server and act as a gateway between your system and the internet. Using free proxies can be an alternative to paid VPNs or proxies. Though the […]
FTX Hacked Hours After Filing For Bankruptcy
On Saturday, FTX CEO John Ray confirmed via Twitter that FTX and FTX US were hacked. Ironically this attack happened hours after the company filed for bankruptcy protection. Overnight FTX saw potentially $515 million drained […]
RustScan – The Modern Port Scanner. Fast, Smart, Effective
The Modern Port Scanner. Find ports quickly (3 seconds at its fastest). Run scripts through our scripting engine (Python, Lua, Shell supported). Features Why RustScan? RustScan is a modern take on the port scanner. Sleek […]
APTRS (Automated Penetration Testing Reporting System) – Automated Reporting Tool in Python & Django
APTRS (Automated Penetration Testing Reporting System) is an automated reporting tool in Python and Django. The tool allows Penetration testers to create a report directly without using the Traditional Docx file. It also provides an […]
Hoaxshell – Windows Reverse Shell Payload Generator & Handler That Abuses The HTTP(S) Protocol To Establish A Beacon-Like Reverse Shell
hoaxshell is a Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell, based on the following concept: This concept (which could possibly be implemented by using […]
SDomDiscover – Easy to Use Python Tool for DNS Reconnaissance
A easy-to-use python tool to perform dns recon with multiple options Installation: It can be installed in any OS with python3 Manual installation git clone https://github.com/D3Ext/SDomDiscover cd SDomDiscover pip3 install -r requirements.txt One-liner git clone […]
Parse & Resolve Active Directory principal’s DACL, Identify Inbound Access Allowed Privileges, & Resolve SIDS Of Inbound Permissions
Aced is a tool to parse and resolve a single targeted Active Directory principal’s DACL. Aced will identify interesting inbound access allowed privileges against the targeted account, resolve the SIDS of the inbound permissions, and […]
