The Latest Infosec News, Tools, and Exploits – Got Root?
How does it work? AutoPWN Suite uses nmap TCP-SYN scan to enumerate the host and detect the version of software running on it. After gathering enough information about the host, AutoPWN Suite automatically generates a […]
Tugarecon is a python tool designed to enumerate subdomains using modules. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Bruteforce was integrated as a module to […]
Dome is a fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports. This tool is recommended for bug bounty hunters and pentester in their reconnaissance […]
linWinPwn is a bash script that automates a number of Active Directory Enumeration and Exploitation steps. The script leverages and is dependent of a number of tools including: impacket, bloodhound, crackmapexec, ldapdomaindump, lsassy, smbmap, kerbrute, […]
Anubis is a subdomain enumeration and information gathering tool. Anubis collates data from a variety of sources, including HackerTarget, DNSDumpster, x509 certs, VirusTotal, Google, Pkey, Sublist3r, Shodan and NetCraft. Anubis also has a sister project, […]
Altdns is a DNS recon tool that allows for the discovery of subdomains that conform to patterns. Altdns takes in words that could be present in subdomains under a domain (such as test, dev, staging) […]
Example Installation First of all, clone the repo locally git clone https://github.com/edoardottt/scilla.git Scilla has external dependencies, so they need to be pulled in: go get Linux (Requires high perms, run with sudo) make linux make […]
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing advanced automated reconnaissance (framework). This tool can also be used for OSINT (Open-source intelligence) activities. Features ! For recent time, Sudomy has […]
Overview Sifter is a osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and […]
Do you miss AXFR technique? This tool allows to get the subdomains from a HTTPS website in a few seconds.How it works? CTFR does not use neither dictionary attack nor brute-force, it just abuses of […]
