PRINT
PRINT
SEND MAIL
SEND MAIL

Category: Pentest Tool

TUTORIALS

Earn Bitcoins just by surfing Online !

Use CryptoTab as your default browser to maximize your revenue Mining speed increases when your browser is active. Use CryptoTab browser for your everyday activities, visit your favorite sites, watch movies online, and take advantage of maximum mining power. Browser with built-in mining CryptoTab Browser includes built-in mining algorithm that allows using your computer resources more effectively than in extension format. It boosts your mining speed up to 8 times and increases BTC earnings. Enhance your browser with over 150 thousand extensions Set up…

TUTORIALS

Cerberus Linux v1 Subsystem for Windows 10!

Cerberus Linux subsystem is Linux to run on top windows! like the picture bellow^^^ Cerberus linux v1 tools and extras : 15 new Cerberus Frameworks : Metapackages , containers with custom scripts within! Exploits (to analyze): EARLYSHOVEL RedHat 7.0 – 7.1 Sendmail 8.11.x exploit EBBISLAND (EBBSHAVE) root RCE via RPC XDR overflow in Solaris 6, 7, 8, 9 & 10 (possibly newer) both SPARC and x86. ECHOWRECKER remote Samba 3.0.x Linux exploit. EASYBEE appears to be an MDaemon email server vulnerability EASYFUN EasyFun 2.2.0 Exploit for WDaemon…

Windows10

Black Window 10 v2

  Black Window Enterprise 10 Codename : Polemos Black Window 10 Enterprise is the first windows based penetration testing distribution with Linux integrated ! The system comes activated with a digital license for Windows enterprise! It supports windows apps and Linux apps, GUI and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of Cerberus Linux! It has managed to implement Cerberus os within windows. Offers the stability of a windows system…

Debian

Cerberus Linux v3

  Cerberus Linux v3  Cerberus is a penetration testing distribution focusing on automation and anonymity , it aims to have the best tools available on the hacking scene tools like Fuzzbunch, Dandespritz, Cobalt strike, Armitage, Metasploit framework and Metasploit community version set up and ready for use!! It includes custom scripts, custom themes, custom icons!Cerberus distribution is based on Debian testing, it has the capability to use 3 repositories to install packages from kali repo,Debian repo, and cyber sec repo! Cerberus is an Angry…

Exploiting VulnerabilitiesFiddlerFiddler ExtensionFiddler2NEW TOOLSPentest ToolPENTOLSecurity ToolsTools

PENTOL – Pentester Toolkit For Fiddler2

PENTOL - Pentester Toolkit is built as a plugin for the Fiddler HTTP debugging proxy.FeaturesCORS DETECTED Cross-Origin Resource SharingCRLF DETECTED HTTP response splittingHeaders DETECTED (X-Frame-Options)USAGEInstall Fiddler2Open Fiddler2Press Key CTRL + R or Rules > Customize Rules...Copy all script SampleRules.jsPress Key CTRL + S for SaveCheck tools in Rules TABCreditsThanks to allahEka Syahwan (Creator) bugrecon / H1 / bugcrowdEdo Maland (Powerstager) Wilder admin in : modifications, changes, or changes to this code can be accepted, however, every public release that uses this code must…

BabySploitBeginner FriendlyEthical HackingNEW TOOLSpenetration testingPenetration Testing FrameworkPentest ToolPython3Testing Framework

BabySploit – BabySplot Beginner Pentesting Framework

Tested on Kali Linux. Should work with all Debian based distros (and other ones if you have the right packages installed)BabySploit is a penetration testing framework aimed at making it easy to learn how to use bigger, more complicated frameworks like Metasploit. With a very easy to use UI and toolkit, anybody from any experience level will find use out of BabySploit.Features (Current, In The Works, Planned):Information GatheringExploitationPost ExploitationBruteforcingPhishingCryptography/StenographyInformation Gathering:NmapIP InfoTcpdump (In The Works)Datasploit (In The Works)Censys LookupDNS LookupExploitation:SearchsploitReverseShell WizardPost Exploitation:In The WorksBruteforcing:In The…

Censys Subdomain FinderCertificate transparency logsEnumerate SubdomainsMacNEW TOOLSPentest ToolSubdomain EnumerationSubdomain Scanner

Censys Subdomain Finder – Perform Subdomain Enumeration Using The Certificate Transparency Logs From Censys

This is a tool to enumerate subdomains using the Certificate Transparency logs stored by Censys. It should return any subdomain who has ever been issued a SSL certificate by a public CA.See it in action:$ python censys_subdomain_finder.py github.com[*] Searching Censys for subdomains of github.com[*] Found 42 unique subdomains of github.com in ~1.7 seconds - hq.github.com - talks.github.com - cla.github.com - github.com - cloud.github.com - enterprise.github.com - help.github.com - collector-cdn.github.com - central.github.com - smtp.github.com - cas.octodemo.github.com - schrauger.github.com - jobs.github.com - classroom.github.com - dodgeball.github.com -…

DarkSpiritzNEW TOOLSPenetration Test Frameworkpenetration testingPenetration Testing FrameworkPentest ToolTesting Framework

DarkSpiritz – A Penetration Testing Framework For UNIX Systems

What is DarkSpiritz?Created by the SecTel Team it was a project of one of the owners to update and clean-up an older pentesting framework he had created to something updated and modern. DarkSpiritz is a re-vamp of the very popular framework known as "Roxysploit". You may be familiar with this framework and if you are then it will help you with DarkSpiritz. DarkSpiritz also works like another pentesting framework known as Metasploit. If you know how to use metasploit setting up and working with…

CloakifyCryptographyData ExfiltrationDNSLLMNRMimicNEW TOOLSPacket CapturePacketWhisperPentest ToolSwiss Army Knife

PacketWhisper – Stealthily Exfiltrate Data And Defeat Attribution Using DNS Queries And Text-Based Steganography

PacketWhisper - Stealthily Transfer Data & Defeat Attribution Using DNS Queries & Text-Based Steganography, without the need for attacker-controlled Name Servers or domains; Evade DLP/MLS Devices; Defeat Data- & DNS Name Server Whitelisting Controls. Convert any file type (e.g. executables, Office, Zip, images) into a list of Fully Qualified Domain Names (FQDNs), use DNS queries to transfer data. Simple yet extremely effective.AuthorJoe Gervais (TryCatchHCF)Why is this different from every other DNS exfiltration technique?Traditional DNS exfiltration relies on one of the following: DNS tunneling; Hiding…

badKarmaBrute-forceIncident responseInformation GatheringNetwork SecurityNEW TOOLSNmapOffensive Securitypenetration testingPentest ToolPython3ScanSecurity Audit

badKarma – Advanced Network Reconnaissance Toolkit

badKarma is a python3 GTK+ network infrastructure penetration testing toolkit.badKarma aim to help the tester in all the penetration testing phases (information gathering, vulnerability assessment,exploitation,post-exploitation and reporting). It allow the tester to save time by having point-and-click access to their toolkit and interacte with them through GUIs or Terminals, also every task is logged under a sqlite database in order to help during the reporting phase or in a incident response scenario.It is also available a proxychains switch that let everything go through proxies,…

CertCrunchyDATAFindNEW TOOLSPentest ToolSSLSSL Certificates

CertCrunchy – Just A Silly Recon Tool That Uses Data From SSL Certificates To Find Potential Host Names

It just a silly python script that either retrieves SSL Certificate based data from online sources, currently , , and or given a IP range it will attempt to extract host information from SSL Certificates. If you want to use Censys.io you need to register for a API key.How to installgit clone CertCrunchysudo pip3 install -r requirements.txtHow to use it?Very simply -d to get hostnames for specific domain-D to get hostnames for a list of domains (just stuff it in a…

Byte ManipulationNEW TOOLSPentest ToolPip3Line

Pip3Line – The Swiss Army Knife Of Byte Manipulation

Pip3line is a raw bytes manipulation utility, able to apply well known and less well known transformations from anywhere to anywhere (almost).Its main usefulness lies in pentesting and reverse-engineering / binary analysis purposes.Current transformations list include classic decoders such as Base64/32/hex to simple cryptographic ciphers, and includes common hashes algorithms as well as obfuscation techniques.Easy to use, but still offering some tweaking for most transformations, it also has the ability to save/restore a configured transformation chain for future used.Transformations currently implementedBase32 (RFC 4648, Crockford,…

Information GatheringMacNEW TOOLSpenetration testingPentest ToolReverse IPWebkiller

Webkiller – Tool Information Gathering Write By Python.

Tool Information Gathering Write With Python.██╗ ██╗███████╗██████╗ ██╗ ██╗██╗██╗ ██╗ ███████╗██████╗ ██║ ██║██╔════╝██╔══██╗██║ ██╔╝██║██║ ██║ ██╔════╝██╔══██╗██║ █╗ ██║█████╗ ██████╔╝█████╔╝ ██║██║ ██║ █████╗ ██████╔╝██║███╗██║██╔══╝ ██╔══██╗██╔═██╗ ██║██║ ██║ ██╔══╝ ██╔══██╗╚███╔███╔╝███████╗██████╔╝██║ ██╗██║███████╗███████╗███████╗██║ ██║ ╚══╝╚══╝ ╚══════╝╚═════╝ ╚═╝ ╚═╝╚═╝╚══════╝╚══════╝╚══════╝╚═╝ ╚═╝====================================================================** WebSite : UltraSec.org **** Channel : @UltraSecurity **** Developers : Ashkan Moghaddas , Milad Ranjbar **** Team Members : Abolfaz Hajizadeh , MrQadir **** **==================================================================== 1 - Reverse IP With HackTarget 2 - Reverse IP With YouGetSignal 3 - Geo IP Lookup 4 - Whois 5 - Bypass CloudFlare…