EagleShell
About: EagleShell is a high-quality tool that aims to improve YOUR pentest. Each and one of the scripts are helpful during a pentest. It comes filled with scripts that will improve your pentest and make […]
Tag: tools
CrackMapExec – Automate Post Exploitation In Active Directory
CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. Built with stealth in mind, CME follows the concept of “Living off the Land”: abusing built-in Active […]
Kaboom – Automatic Pentest Bash Script
Kaboom is a bash script that automates the first two phases of a penetration test. All informations collected are saved into a directory hierarchy very simple to browser (also in the case of multiple targets). […]
Archery – A Security Tool
Archery is an opensource vulnerability assessment and management tool which helps developers and pentesters to perform scans and manage vulnerabilities. Archery uses popular opensource tools to perform comprehensive scanning for web application and network. It […]
Commix – Automated All-in-One OS command injection and exploitation tool
Commix (short for [comm]and [i]njection e[x]ploiter) is an automated tool written by Anastasios Stasinopoulos (@ancst) that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with […]
RouterSploit – Exploitation Framework for Embedded Devices
The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of various modules that aids penetration testing operations: [*]exploits – modules that take advantage of identified vulnerabilities [*]creds – modules designed […]
0xWPBF – WordPress Users Enumerate and Brute Force Attack
0xWPBF is an enumeration and bruteforce attack tool against WordPress Installation: [su_quote] 1) git clone https://github.com/0xAbdullah/0xWPBF.git 2) pip2 install mechanicalsoup 3) pip2 install PrettyTable [/su_quote] Usage: [su_quote] python 0xwpbf.py -s http://example.com [E] Quick scan of […]
LazyRecon – Automate Reconnaissance Process
About: This script is intended to automate your reconnaissance process in an organized fashion by performing the following: [*]Create a dated folder with recon notes [*]Grab subdomains using Sublist3r and certspotter [*]Grab a screenshot of […]
CloudBunny – Reveal IP of Server Using WAF As Proxy
CloudBunny is a tool to capture the origin server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye. To […]
LDAP Search -Bruteforce Passwords, Enumerate Users, Groups, and Computers from Windows Domains.
Overview LDAP_Search can be used to enumerate Users, Groups, Computers, Domain Policies, and Domain Trusts within a Windows environment. Authentication can be performed using traditional username and password, or NTLM hash. In addition, this tool […]
