Category: NEW TOOLS


Fud 100% services packages ready for sales

We offer a monthly Crypter service to make your files undetectable encrypted! this is how it works: You zip the files you want to encrypt and send them to our email then we will encrypt and make your files/file fud 100% (undetectable by any antivirus) and send them back to your email! We offer 3 packages: Standard Prenium Ultimate All those packages offer some unique futures to encrypt your file!  


Black Window 10 v2

  Black Window Enterprise 10 Codename : Polemos Black Window 10 Enterprise is the first windows based penetration testing distribution with Linux integrated ! The system comes activated with a digital license for Windows enterprise! It supports windows apps and Linux apps, GUI and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of Cerberus Linux! It has managed to implement Cerberus os within windows. Offers the stability of a windows system…

Auditing ToolNEW TOOLSNix AuditorRHEL

Nix Auditor – Nix Audit Made Easier (RHEL, CentOS)

CIS Audit made easier (RHEL, CentOS)Usage:Make it executableExecute it. Auditor 2.0: Change Log:Added color variables BLUE, RED, NC (NO COLOR) and GREEN on lines 210 - 213 Applied color variables to "passed" and "failed" results in function func_wrapper on lines 1171 and - 1173Thanks to Metale!Download Nix Auditor

ArduinoBad DuckyBadUsbCJMCUNEW TOOLSRubber Ducky

Bad Ducky – Rubber Ducky Compatible Clone Based On CJMCU BadUSB HW

Bad Ducky is yet another Rubber Ducky clone. It is based on CJMCU BadUsb (ATMEGA32u4 - Arduino Leonardo clone) board with onboard card reader, which you can buy on ebay or aliexpress. My goal was to create something compatible with Rubber Ducky scripts, while having ability to easily choose which script to execute without modifying the hardware (without adding DIP switches). What is so special about this one?it is completely compatible with Rubber Ducky scripts (all commands are supported)scripts does not require compiling/encodingthere is no…

AWSCloudFruntDNSReconMacNEW TOOLSS3S3 Buckets

CloudFrunt – A Tool For Identifying Misconfigured CloudFront Domains

CloudFrunt is a tool for identifying misconfigured CloudFront domains.BackgroundCloudFront is a Content Delivery Network (CDN) provided by Amazon Web Services (AWS). CloudFront users create "distributions" that serve content from specific sources (an S3 bucket, for example).Each CloudFront distribution has a unique endpoint for users to point their DNS records to (ex. All of the domains using a specific distribution need to be listed in the "Alternate Domain Names (CNAMEs)" field in the options for that distribution.When a CloudFront endpoint receives a request, it…

BurpChrome ExtensionDiscoverHiddenJavaScriptLinkFinderNEW TOOLS

LinkFinder – A Python Script That Finds Endpoints In JavaScript Files

LinkFinder is a python script written to discover endpoints and their parameters in JavaScript files. This way penetration testers and bug hunters are able to gather new, hidden endpoints on the websites they are testing. Resulting in new testing ground, possibility containing new vulnerabilities. It does so by using jsbeautifier for python in combination with a fairly large regular expression. The regular expressions consists of four small regular expressions. These are responsible for finding:Full URLs (*)Absolute URLs or dotted URLs (/* or ../*)Relative URLs…

AWSDiscoverygoGetBucketMacNEW TOOLSpenetration testingPenetration Testing ToolS3Testing ToolWordlist

goGetBucket – A Penetration Testing Tool To Enumerate And Analyse Amazon S3 Buckets Owned By A Domain

When performing a recon on a domain - understanding assets they own is very important. AWS S3 bucket permissions have been confused time and time again, and have allowed for the exposure of sensitive material.What this tool does, is enumerate S3 bucket names using common patterns I have identified during my time bug hunting and pentesting. Permutations are supported on a root domain name using a custom wordlist. I highly recommend the one packaged within AltDNS.The following information about every bucket found to exist…

FindJoomlaScanJoomscanMacNEW TOOLSRobots.txt

JoomlaScan – Tool To Find The Components Installed In Joomla CMS, Built Out Of The Ashes Of Joomscan

A free and open source software to find the components installed in Joomla CMS, built out of the ashes of Joomscan.FeaturesScanning the Joomla CMS sites in search of components/extensions (database of more than 600 components);Locate the browsable folders of component (Index of ...);Locate the components disabled or protectedLocate each file useful to identify the version of a components (Readme, Manifest, License, Changelog)Locate the robots.txt file or error_log fileSupports HTTP or HTTPS connectionsConnection timeoutNext FeaturesLocate the version of Joomla CMSFind ModuleCustomized User Agent and Random…


DCSYNCMonitor – Monitors For DCSYNC And DCSHADOW Attacks And Create Custom Windows Events For These Events

This tool is an application/service that can be deployed on Domain controllers to alert on Domain Controller Syncronization attempts. When an attempt is detected, the tool will write an event to the Windows Event Log. These events can be correlated in a SIEM. In addition, this tool can take a list of valid DC IP's and, in this configuration, only alert when a DC SYNC attempt comes from a non-DC ip. This tool is meant to provide Blue Teams with a way to combat…