wildpwn - UNIX Wildcard Attack Tool

wildpwn – UNIX Wildcard Attack Tool

wildpwn is a Python UNIX wildcard attack tool that helps you generate attacks, based on a paper by Leon Juranic. It’s considered a fairly old-skool attack vector, but it still works quite often. The simple trick behind this technique is that when using shell wildcards, especially asterisk (*), the UNIX shell will interpret files beginning […]

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Linux Hacking | Add a Comment
CapTipper - Explore Malicious HTTP Traffic

CapTipper – Explore Malicious HTTP Traffic

CapTipper is a Python tool to explore malicious HTTP traffic, it can also help analyse and revive captured sessions from PCAP files. It sets up a web server that acts exactly as the server in the PCAP file and contains internal tools with a powerful interactive console for analysis and inspection of the hosts, objects […]

Tags: , , , , , , , , , ,

Posted in: Forensics, Network Hacking | Add a Comment
SubBrute - Subdomain Brute-forcing Tool

SubBrute – Subdomain Brute-forcing Tool

SubBrute is a community driven project with the goal of creating the fastest, and most accurate subdomain brute-forcing tool. Some of the magic behind SubBrute is that it uses open resolvers as a kind of proxy to circumvent DNS rate-limiting. This design also provides a layer of anonymity, as SubBrute does not send traffic directly […]

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment
The Backdoor Factory (BDF) - Patch Binaries With Shellcode

The Backdoor Factory (BDF) – Patch Binaries With Shellcode

The Backdoor Factory or BDF is a tool which enables you to patch binaries with shellcode and continue normal execution exactly as the executable binary would have in its’ pre-patched state. Some executables have built in protection, as such this tool will not work on all binaries. It is advisable that you test target binaries […]

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Programming, Windows Hacking | Add a Comment
Gdog - Python Windows Backdoor With Gmail Command & Control

Gdog – Python Windows Backdoor With Gmail Command & Control

Gdog is a stealthy Python Windows backdoor that uses Gmail as a command and control server, it’s inspired by Gcat and pushes a little beyond a proof of concept with way more features. And don’t forget, Gcat also inspired Twittor – Backdoor Using Twitter For Command & Control. Features Encrypted transportation messages (AES) + SHA256 […]

Tags: , , , , , , , ,

Posted in: Hacking Tools, Windows Hacking | Add a Comment
SPF (SpeedPhish Framework) - E-mail Phishing Toolkit

SPF (SpeedPhish Framework) – E-mail Phishing Toolkit

SPF (SpeedPhish Framework) is a an e-mail phishing toolkit written in Python designed to allow for quick recon and deployment of simple social engineering phishing exercises. There are also other popular Phishing tools are frameworks such as: – Phishing Frenzy – E-mail Phishing Framework – Gophish – Open-Source Phishing Framework – sptoolkit Rebirth – Simple […]

Tags: , , , , , , , ,

Posted in: Hacking Tools, Phishing, Social Engineering | Add a Comment
WAFW00F - Fingerprint & Identify Web Application Firewall (WAF) Products

WAFW00F – Fingerprint & Identify Web Application Firewall (WAF) Products

WAFW00F is a Python tool to help you fingerprint and identify Web Application Firewall (WAF) products. It is an active reconnaissance tool as it actually connects to the web server, but it starts out with a normal HTTP response and escalates as necessary. You can override or include your own headers, it has SOCKS and […]

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment
Serious ImageMagick Zero-Day Vulnerabilities - ImageTragick?

Serious ImageMagick Zero-Day Vulnerabilities – ImageTragick?

So another vulnerability with a name and a logo – ImageTragick? At least this time it’s pretty dangerous, a bunch of ImageMagick Zero-Day vulnerabilities have been announced including one that can leave you susceptible to remote code execution. It’s pretty widely used software too and very public, if you use an app online that lets […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment
MISP - Malware Information Sharing Platform

MISP – Malware Information Sharing Platform

MISP, Malware Information Sharing Platform and Threat Sharing, is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threat about cyber security incidents analysis and malware analysis. MISP is designed by and for incident analysts, security and ICT professionals or malware reverser to support their day-to-day operations to share […]

Tags: , , , , , , , ,

Posted in: Countermeasures, Malware | Add a Comment
Empire - PowerShell Post-Exploitation Agent

Empire – PowerShell Post-Exploitation Agent

Empire is a pure PowerShell post-exploitation agent built on cryptographically secure communications and a flexible architecture. Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz, and adaptable communications to evade network detection, all wrapped up in a usability-focused framework. It has a LOT […]

Tags: , , , , , , , ,

Posted in: Hacking Tools, Windows Hacking | Add a Comment