Author: root

PowerShell Empire Download – Post-Exploitation Hacking Tool

PowerShell Empire Download – Post-Exploitation Hacking Tool

PowerShell Empire is a post-exploitation hacking tool built on cryptographically secure communications and a flexible architecture. Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key...

Gdog – Python Windows Backdoor With Gmail Command & Control

Gdog – Python Windows Backdoor With Gmail Command & Control

Gdog is a stealthy Python Windows backdoor that uses Gmail as a command and control server, it’s inspired by Gcat and pushes a little beyond a proof of concept with way more features. And...

nishang – PowerShell For Penetration Testing

nishang – PowerShell For Penetration Testing

Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for penetration testing, offensive security and red teaming. Nishang is useful during all phases of penetration testing. Usage Import...

SessionGopher – Session Extraction Tool

SessionGopher – Session Extraction Tool

SessionGopher is a PowerShell Session Extraction tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. The tool can find and...

exe2powershell – Convert EXE to BAT Files

exe2powershell – Convert EXE to BAT Files

exe2powershell is used to convert EXE to BAT files, the previously well known tool for this was exe2bat, this is a version for modern Windows. This will convert any binary file (*.exe) to a...

BeautifulPeople.com Leak Exposes 1.1M Extremely Private Records

BeautifulPeople.com Leak Exposes 1.1M Extremely Private Records

So another data breach, and no surprise here, but another dating site. This time the BeautifulPeople.com Leak has exposed 1.1 million customer records, including 15 million private messages sent between users. Not so private...

Serious ImageMagick Zero-Day Vulnerabilities – ImageTragick?

Serious ImageMagick Zero-Day Vulnerabilities – ImageTragick?

So another vulnerability with a name and a logo – ImageTragick? At least this time it’s pretty dangerous, a bunch of ImageMagick Zero-Day vulnerabilities have been announced including one that can leave you susceptible...

Wfuzz Download – Web Application Password Cracker

Wfuzz Download – Web Application Password Cracker

Wfuzz is a Python-based flexible web application password cracker or brute forcer which supports various methods and techniques to expose web application vulnerabilities. This allows you to audit parameters, authentication, forms with brute-forcing GET...

UFONet – Open Redirect DDoS Tool

UFONet – Open Redirect DDoS Tool

UFONet is an open redirect DDoS tool designed to launch attacks against a target, using insecure redirects in third party web applications, like a botnet. Obviously, only for testing purposes. The tool abuses OSI...

PunkSPIDER –  A Web Vulnerability Search Engine

PunkSPIDER – A Web Vulnerability Search Engine

PunkSPIDER is a global-reaching web vulnerability search engine aimed at web applications. The goal is to allow the user to determine vulnerabilities in websites across the Internet quickly, easily, and intuitively. Please use PunkSPIDER...

OWASP OWTF – Offensive Web Testing Framework

OWASP OWTF – Offensive Web Testing Framework

OWASP Offensive Web Testing Framework is a project focused on penetration testing efficiency and alignment of security tests to security standards like: The OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES...

Minion – Mozilla Security Testing Framework

Minion – Mozilla Security Testing Framework

Minion is a security testing framework built by Mozilla to bridge the gap between developers and security testers. To do so, it enables developers to scan with a wide variety of security tools, using...

DAVScan – WebDAV Security Scanner

DAVScan – WebDAV Security Scanner

DAVScan is a quick and lightweight WebDAV security scanner designed to discover hidden files and folders on DAV enabled web servers. The scanner works by taking advantage of overly privileged/misconfigured WebDAV servers or servers...

OWASP VBScan – vBulletin Vulnerability Scanner

OWASP VBScan – vBulletin Vulnerability Scanner

OWASP VBScan short for vBulletin Vulnerability Scanner is an open-source project in Perl programming language to detect VBulletin CMS vulnerabilities and analyse them. Features VBScan currently has the following: Compatible with Windows, Linux &...

Kadimus – LFI Scanner & Exploitation Tool

Kadimus – LFI Scanner & Exploitation Tool

Kadimus is an LFI scanner and exploitation tool for Local File Inclusion vulnerability detection and intrusion. Installation $git clone https://github.com/P0cL4bs/Kadimus.git $ cd Kadimus 1 2 $git clone https://github.com/P0cL4bs/Kadimus.git $ cd Kadimus Then you can...

Pin It on Pinterest