Category: Python3

Windows10

Black Window 10 v2

November 12, 2018 January 8, 2019by D4RkN

Black Window Enterprise 10 Codename : Polemos Black Window 10 Enterprise is the first windows based penetration testing distribution with Linux integrated ! The system comes activated with a digital license for Windows enterprise! It supports windows apps and Linux apps, GUI and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of Cerberus Linux! It has managed to implement Cerberus os within windows. Offers the stability of a windows system…

H8Mail – Email OSINT And Password Breach Hunting

January 11, 2019by Black Hat Sec

Email OSINT and password finder.Use h8mail to find passwords through different breach and reconnaissance services, or the infamous "Breach Compilation" torrent.FeaturesEmail pattern matching (reg exp), useful for all those raw HTML filesSmall and fast Alpine Dockerfile availableCLI or Bulk file-reading for targetingOutput to CSV fileReverse DNS + Open PortsCloudFlare rate throttling avoidanceExecution flow remains synchronous and throttled according to API usage guidelines written by service providersQuery and group results from different breach service providersQuery a local copy of the "Breach Compilation"Get related emailsDelicious colorsDemosOut…

Chromecast ⁄ Killcast ⁄ NEW TOOLS ⁄ Python3

Killcast – Manipulate Chromecast Devices In Your Network

January 10, 2019by Black Hat Sec

Manipulate Chromecast Devices in your Network.Inspiration - Thousands of Google Chromecast Devices Hijacked to Promote PewDiePieThis tool is a Proof of Concept and is for Research Purposes Only, killcast shows how Chromecast devices can be easily manipulated and hijacked by anyone.FeaturesExtract Interesting Information such as Build Version, Country, Timezone etcRenameRebootPerform Factory ResetKill Active Applications such as YouTube, Netflix and Google Play MusicWhat is not workingPlay any YouTube VideoUnable to kill Play MusicOther things that we are not aware of ;)Tested On :Kali Linux 2019.1Ubuntu…

Blue Team ⁄ Commandline ⁄ NEW TOOLS ⁄ Python3 ⁄ Red Team ⁄ Sheepl

Sheepl – Creating Realistic User Behaviour For Supporting Tradecraft Development Within Lab Environments

November 23, 2018by Black Hat Sec

Sheepl : Creating realistic user behaviour for supporting tradecraft development within lab environmentsIntroductionThere are lots of resources available online relating to how you can build AD network environments for the development of blue team and red team tradecraft. However the current solutions tend to lack one important aspect in representing real world network configurations. A network is not just a collection of static endpoints, it is a platform for communication between people.Sheepl is a tool that aims to bridge the gap by emulating the…

CMSScan ⁄ Devsecops ⁄ Drupal ⁄ NEW TOOLS ⁄ Python3 ⁄ Scan ⁄ Security Dashboard ⁄ VBScan

CMS Scanner – Scan WordPress, Drupal, Joomla, vBulletin Websites For Security Issues

November 21, 2018by Black Hat Sec

Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues.CMSScan provides a centralized Security Dashboard for CMS Security scans. It is powered by wpscan, droopescan, vbscan and joomscan. It supports both on demand and scheduled scans and has the ability to sent email reports.Install# Requires ruby, ruby-dev, gem, python3 and gitgit clone CMSScan./setup.shRun./run.shPeriodic ScansYou can perform periodic CMS scans with CMSScan. You must run CMSScan server separately and configure the following before running the scheduler.py script.# SMTP SETTINGSSMTP_SERVER = ''FROM_EMAIL = ''TO_EMAIL = ''#…

AWS ⁄ AWS Security ⁄ Backdooring ⁄ NEW TOOLS ⁄ Pacu ⁄ penetration testing ⁄ Python3 ⁄ Reporting ⁄ Rhino ⁄ Web Services

Pacu – The AWS Exploitation Framework, Designed For Testing The Security Of Amazon Web Services Environments

November 17, 2018by Black Hat Sec

Pacu is an open source AWS exploitation framework, designed for offensive security testing against cloud environments. Created and maintained by Rhino Security Labs, Pacu allows penetration testers to exploit configuration flaws within an AWS account, using modules to easily expand its functionality. Current modules enable a range of attacks, including user privilege escalation, backdooring of IAM users, attacking vulnerable Lambda functions, and much more.InstallationPacu is a fairly lightweight program, as it requires only Python3.5+ and pip3 to install a handful of Python libraries. Running…

Command Line ⁄ DeepSearch ⁄ NEW TOOLS ⁄ Python3 ⁄ Webscanner ⁄ Wordlist

DeepSearch – Advanced Web Dir Scanner

November 15, 2018by Black Hat Sec

DeepSearch is a simple command line tool for bruteforce directories and files in websites.Installation$ git clone deepsearch$ cd deepsearch $ pip3 install requests$ python3 deepsearch.pyScreenshotsUsageBasic:python3 deepsearch.py -u -e php -w wordlist.txtForce extension for every wordlist entry (support one extension):python3 deepsearch.py -u -e php -w wordlist.txt -fMake a request by hostname (ip):python3 deepsearch.py -u -e php -w wordlist.txt -bForce lowercase for every wordlist entry:python3 deepsearch.py -u -e php -w wordlist.txt -lForce uppercase for every wordlist entry:python3 deepsearch.py -u -e…

BabySploit ⁄ Beginner Friendly ⁄ Ethical Hacking ⁄ NEW TOOLS ⁄ penetration testing ⁄ Penetration Testing Framework ⁄ Pentest Tool ⁄ Python3 ⁄ Testing Framework

BabySploit – BabySplot Beginner Pentesting Framework

November 14, 2018by Black Hat Sec

Tested on Kali Linux. Should work with all Debian based distros (and other ones if you have the right packages installed)BabySploit is a penetration testing framework aimed at making it easy to learn how to use bigger, more complicated frameworks like Metasploit. With a very easy to use UI and toolkit, anybody from any experience level will find use out of BabySploit.Features (Current, In The Works, Planned):Information GatheringExploitationPost ExploitationBruteforcingPhishingCryptography/StenographyInformation Gathering:NmapIP InfoTcpdump (In The Works)Datasploit (In The Works)Censys LookupDNS LookupExploitation:SearchsploitReverseShell WizardPost Exploitation:In The WorksBruteforcing:In The…

Binary Analysis ⁄ Command Line ⁄ Manticore ⁄ NEW TOOLS ⁄ Program Analysis ⁄ Python3 ⁄ Solidity ⁄ Symbolic Execution

Manticore – Symbolic Execution Tool For Analysis Of Binaries And Smart Contracts

November 14, 2018by Black Hat Sec

Manticore is a symbolic execution tool for analysis of binaries and smart contracts.Note: Beginning with version 0.2.0, Python 3.6+ is required.FeaturesInput Generation: Manticore automatically generates inputs that trigger unique code pathsCrash Discovery: Manticore discovers inputs that crash programs via memory safety violationsExecution Tracing: Manticore records an instruction-level trace of execution for each generated inputProgrammatic Interface: Manticore exposes programmatic access to its analysis engine via a Python APIManticore can analyze the following types of programs:Ethereum smart contracts (EVM bytecode)Linux ELF binaries (x86, x86_64 and ARMv7)UsageCLIManticore…

Beautifulsoup ⁄ Django ⁄ DjangoHunter ⁄ NEW TOOLS ⁄ Python3 ⁄ Shodan

DjangoHunter – Tool Designed To Help Identify Incorrectly Configured Django Applications That Are Exposing Sensitive Information

November 10, 2018by Black Hat Sec

Tool designed to help identify incorrectly configured Django applications that are exposing sensitive information. : python3 djangohunter.py --key {shodan}Dorks: 'DisallowedHost', 'KeyError', 'OperationalError', 'Page not found at /'RequirementsShodanPyfigletRequestsBeautifulSouppip -r install requirementsDemoDisclaimerCode samples are provided for educational purposes. Adequate defenses can only be built by researching attack techniques available to malicious actors. Using this code against target systems without prior permission is illegal in most jurisdictions. The authors are not liable for any damages from misuse of this information or code.Download Djangohunter