Second Order - Subdomain Takeover Scanner Tool

Second Order – Subdomain Takeover Scanner Tool

Second Order Subdomain Takeover Scanner Tool scans web applications for second-order subdomain takeover by crawling the application and collecting URLs (and other data) that match specific rules or respond in a specific way. Using Second Order Subdomain Takeover Scanner Tool Command line options:

Example:

Config File for Second Order Subdomain Takeover Scanner Tool […]

Topic: Networking Hacking Tools
Binwalk - Firmware Security Analysis & Extraction Tool

Binwalk – Firmware Security Analysis & Extraction Tool

Binwalk is a fast and easy to use Python-based firmware security analysis tool that allows for firmware analysis, reverse engineering, and extraction of firmware images. Features of Binwalk Firmware Security Analysis & Extraction Tool Scanning Firmware – Binwalk can scan a firmware image for many different embedded file types and file systems File Extraction – […]

Topic: Hardware Hacking
zBang - Privileged Account Threat Detection Tool

zBang – Privileged Account Threat Detection Tool

zBang is a risk assessment tool for Privileged Account Threat Detection on a scanned network, organizations and red teamers can utilize zBang to identify potential attack vectors and improve the security posture of the network. The results can be analyzed with the graphic interface or by reviewing the raw output files. The tool is built […]

Topic: Hacking Tools
Memhunter - Automated Memory Resident Malware Detection

Memhunter – Automated Memory Resident Malware Detection

Memhunter is an Automated Memory Resident Malware Detection tool for the hunting of memory resident malware at scale, improving the threat hunter analysis process and remediation times. It’s a self contained binary that can be deployed and managed at scale, does not use memory dumps and relies purely on memory inspection to do its work. […]

Topic: Forensics
Sandcastle - AWS S3 Bucket Enumeration Tool

Sandcastle – AWS S3 Bucket Enumeration Tool

Sandcastle is a Python-based Amazon AWS S3 Bucket Enumeration Tool, formerly known as bucketCrawler. The script takes a target’s name as the stem argument (e.g. shopify) and iterates through a file of bucket name permutations. Amazon S3 [Simple Storage Service] is cloud storage for the Internet. To upload your data (photos, videos, documents etc.), you […]

Topic: Hacking Tools
Astra - API Automated Security Testing For REST

Astra – API Automated Security Testing For REST

Astra is a Python-based tool for API Automated Security Testing, REST API penetration testing is complex due to continuous changes in existing APIs and newly added APIs. Astra can be used by security engineers or developers as an integral part of their process, so they can detect and patch vulnerabilities early during development cycle. Astra […]

Topic: Security Software