Views: 4,057 CloudFrunt is a Python-based tool for identifying misconfigured CloudFront domains, it uses DNS and looks for CNAMEs which may be allowed to be associated with CloudFront distributions. This effectively allows for domain hijacking. How CloudFrunt Works For Misconfigured CloudFront CloudFront is a Content Delivery Network (CDN) provided by Amazon Web Services (AWS). CloudFront […]
Python
Memcrashed – Memcached DDoS Exploit Tool
Views: 9,138 Memcrashed is a Memcached DDoS exploit tool written in Python that allows you to send forged UDP packets to a list of Memcached servers obtained from Shodan. This is related to the recent record-breaking Memcached DDoS attacks that are likely to plague 2018 with over 100,000 vulnerable Memcached servers showing up in Shodan. […]
altdns – Subdomain Recon Tool With Permutation Generation
Views: 4,989 Altdns is a Subdomain Recon Tool in Python that allows for the discovery of subdomains that conform to patterns. The tool takes in words that could be present in subdomains under a domain (such as test, dev, staging) as well as takes in a list of subdomains that you know of. From these […]
OWASP ZSC – Obfuscated Code Generator Tool
Views: 6,285 OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script. Shellcodes are small codes in Assembly language which could be used as the payload in software exploitation. Other usages are in malware, bypassing antivirus software, obfuscating code for […]
Sublist3r – Fast Python Subdomain Enumeration Tool
Views: 9,917 Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. It also integrates with subbrute for subdomain brute-forcing with word lists. Features of Sublist3r Subdomain Enumeration Tool It enumerates subdomains using many search […]