Category: Python3


Black Window 10 v2

  Black Window Enterprise 10 Codename : Polemos Black Window 10 Enterprise is the first windows based penetration testing distribution with Linux integrated ! The system comes activated with a digital license for Windows enterprise! It supports windows apps and Linux apps, GUI and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of Cerberus Linux! It has managed to implement Cerberus os within windows. Offers the stability of a windows system…

H8MailHaveIBeenPwnedKaliNEW TOOLSPython3theHarvester

H8Mail – Email OSINT And Password Breach Hunting

Email OSINT and password finder.Use h8mail to find passwords through different breach and reconnaissance services, or the infamous "Breach Compilation" torrent.FeaturesEmail pattern matching (reg exp), useful for all those raw HTML filesSmall and fast Alpine Dockerfile availableCLI or Bulk file-reading for targetingOutput to CSV fileReverse DNS + Open PortsCloudFlare rate throttling avoidanceExecution flow remains synchronous and throttled according to API usage guidelines written by service providersQuery and group results from different breach service providersQuery a local copy of the "Breach Compilation"Get related emailsDelicious colorsDemosOut…

ChromecastKillcastNEW TOOLSPython3

Killcast – Manipulate Chromecast Devices In Your Network

Manipulate Chromecast Devices in your Network.Inspiration - Thousands of Google Chromecast Devices Hijacked to Promote PewDiePieThis tool is a Proof of Concept and is for Research Purposes Only, killcast shows how Chromecast devices can be easily manipulated and hijacked by anyone.FeaturesExtract Interesting Information such as Build Version, Country, Timezone etcRenameRebootPerform Factory ResetKill Active Applications such as YouTube, Netflix and Google Play MusicWhat is not workingPlay any YouTube VideoUnable to kill Play MusicOther things that we are not aware of ;)Tested On :Kali Linux 2019.1Ubuntu…

Blue TeamCommandlineNEW TOOLSPython3Red TeamSheepl

Sheepl – Creating Realistic User Behaviour For Supporting Tradecraft Development Within Lab Environments

Sheepl : Creating realistic user behaviour for supporting tradecraft development within lab environmentsIntroductionThere are lots of resources available online relating to how you can build AD network environments for the development of blue team and red team tradecraft. However the current solutions tend to lack one important aspect in representing real world network configurations. A network is not just a collection of static endpoints, it is a platform for communication between people.Sheepl is a tool that aims to bridge the gap by emulating the…

CMSScanDevsecopsDrupalNEW TOOLSPython3ScanSecurity DashboardVBScan

CMS Scanner – Scan WordPress, Drupal, Joomla, vBulletin Websites For Security Issues

Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues.CMSScan provides a centralized Security Dashboard for CMS Security scans. It is powered by wpscan, droopescan, vbscan and joomscan. It supports both on demand and scheduled scans and has the ability to sent email reports.Install# Requires ruby, ruby-dev, gem, python3 and gitgit clone CMSScan./setup.shRun./run.shPeriodic ScansYou can perform periodic CMS scans with CMSScan. You must run CMSScan server separately and configure the following before running the script.# SMTP SETTINGSSMTP_SERVER = ''FROM_EMAIL = ''TO_EMAIL = ''#…

AWSAWS SecurityBackdooringNEW TOOLSPacupenetration testingPython3ReportingRhinoWeb Services

Pacu – The AWS Exploitation Framework, Designed For Testing The Security Of Amazon Web Services Environments

Pacu is an open source AWS exploitation framework, designed for offensive security testing against cloud environments. Created and maintained by Rhino Security Labs, Pacu allows penetration testers to exploit configuration flaws within an AWS account, using modules to easily expand its functionality. Current modules enable a range of attacks, including user privilege escalation, backdooring of IAM users, attacking vulnerable Lambda functions, and much more.InstallationPacu is a fairly lightweight program, as it requires only Python3.5+ and pip3 to install a handful of Python libraries. Running…

Command LineDeepSearchNEW TOOLSPython3WebscannerWordlist

DeepSearch – Advanced Web Dir Scanner

DeepSearch is a simple command line tool for bruteforce directories and files in websites.Installation$ git clone deepsearch$ cd deepsearch $ pip3 install requests$ python3 deepsearch.pyScreenshotsUsageBasic:python3 -u -e php -w wordlist.txtForce extension for every wordlist entry (support one extension):python3 -u -e php -w wordlist.txt -fMake a request by hostname (ip):python3 -u -e php -w wordlist.txt -bForce lowercase for every wordlist entry:python3 -u -e php -w wordlist.txt -lForce uppercase for every wordlist entry:python3 -u -e…

BabySploitBeginner FriendlyEthical HackingNEW TOOLSpenetration testingPenetration Testing FrameworkPentest ToolPython3Testing Framework

BabySploit – BabySplot Beginner Pentesting Framework

Tested on Kali Linux. Should work with all Debian based distros (and other ones if you have the right packages installed)BabySploit is a penetration testing framework aimed at making it easy to learn how to use bigger, more complicated frameworks like Metasploit. With a very easy to use UI and toolkit, anybody from any experience level will find use out of BabySploit.Features (Current, In The Works, Planned):Information GatheringExploitationPost ExploitationBruteforcingPhishingCryptography/StenographyInformation Gathering:NmapIP InfoTcpdump (In The Works)Datasploit (In The Works)Censys LookupDNS LookupExploitation:SearchsploitReverseShell WizardPost Exploitation:In The WorksBruteforcing:In The…

Binary AnalysisCommand LineManticoreNEW TOOLSProgram AnalysisPython3SoliditySymbolic Execution

Manticore – Symbolic Execution Tool For Analysis Of Binaries And Smart Contracts

Manticore is a symbolic execution tool for analysis of binaries and smart contracts.Note: Beginning with version 0.2.0, Python 3.6+ is required.FeaturesInput Generation: Manticore automatically generates inputs that trigger unique code pathsCrash Discovery: Manticore discovers inputs that crash programs via memory safety violationsExecution Tracing: Manticore records an instruction-level trace of execution for each generated inputProgrammatic Interface: Manticore exposes programmatic access to its analysis engine via a Python APIManticore can analyze the following types of programs:Ethereum smart contracts (EVM bytecode)Linux ELF binaries (x86, x86_64 and ARMv7)UsageCLIManticore…

BeautifulsoupDjangoDjangoHunterNEW TOOLSPython3Shodan

DjangoHunter – Tool Designed To Help Identify Incorrectly Configured Django Applications That Are Exposing Sensitive Information

Tool designed to help identify incorrectly configured Django applications that are exposing sensitive information. : python3 --key {shodan}Dorks: 'DisallowedHost', 'KeyError', 'OperationalError', 'Page not found at /'RequirementsShodanPyfigletRequestsBeautifulSouppip -r install requirementsDemoDisclaimerCode samples are provided for educational purposes. Adequate defenses can only be built by researching attack techniques available to malicious actors. Using this code against target systems without prior permission is illegal in most jurisdictions. The authors are not liable for any damages from misuse of this information or code.Download Djangohunter