OWASP APICheck - HTTP API DevSecOps Toolset

OWASP APICheck – HTTP API DevSecOps Toolset

APICheck is an HTTP API DevSecOps toolset, it integrates existing HTTP APIs tools, creates execution chains easily and is designed for integration with third-party tools in mind. APICheck is comprised of a set of tools that can be connected to each other to achieve different functionalities, depending on how they are connected. It allows you […]

Topic: Security Software
trident - Automated Password Spraying Tool

trident – Automated Password Spraying Tool

The Trident project is an automated password spraying tool developed to be deployed across multiple cloud providers and provides advanced options around scheduling and IP pooling. trident was designed and built to fulfill several requirements and to provide: the ability to be deployed on several cloud platforms/execution providers the ability to schedule spraying campaigns in […]

Topic: Password Cracking Tools
tko-subs - Detect & Takeover Subdomains With Dead DNS Records

tko-subs – Detect & Takeover Subdomains With Dead DNS Records

tko-subs is a tool that helps you to detect & takeover subdomains with dead DNS records, this could be dangling CNAMEs point to hosting services or to nothing at all or NS records that are mistyped. What does tko-subs – Detect & Takeover Subdomains With Dead DNS Records Do? This tool allows you: To check […]

Topic: Hacking Tools
Arcane - Tool To Backdoor iOS Packages (iPhone ARM)

Arcane – Tool To Backdoor iOS Packages (iPhone ARM)

Arcane is a simple script tool to backdoor iOS packages (iPhone ARM) and create the necessary resources for APT repositories. It was created to help illustrate why Cydia repositories can be dangerous and what post-exploitation attacks are possible from a compromised iOS device. How Arcane Tool To Backdoor iOS Package Works It’s possible to supply […]

Topic: Hacking Tools
SharpHose - Asynchronous Password Spraying Tool

SharpHose – Asynchronous Password Spraying Tool

SharpHose is an asynchronous password spraying tool in C# for Windows environments that takes into consideration fine-grained password policies and can be run over Cobalt Strike’s execute-assembly. It provides a flexible way to interact with Active Directory using domain-joined and non-joined contexts, while also being able to target specific domains and domain controllers. The tool […]

Topic: Password Cracking Tools
Axiom - Pen-Testing Server For Collecting Bug Bounties

Axiom – Pen-Testing Server For Collecting Bug Bounties

Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty, basically a pen-testing server out of the box with 1-line. With Axiom, you just need to run a single command to get setup, and then you can use the Axiom toolkit scripts to spin up and down your […]

Topic: Hacking Tools