Category: Scan


Black Window 10 v2 (codename: Polemos)

Black Window Enterprise 10 Codename : Polemos Black Window 10 Enterprise is the first windows based penetration testing distribution with Linux integrated ! The system comes activated with a digital license for Windows enterprise! It supports windows apps and Linux apps, GUI and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of Cerberus Linux! It has managed to implement Cerberus os within windows. Offers the stability of a windows system and…


Cerberus Linux v3

  Cerberus Linux v3  Cerberus is a penetration testing distribution focusing on automation and anonymity , it aims to have the best tools available on the hacking scene tools like Fuzzbunch, Dandespritz, Cobalt strike, Armitage, Metasploit framework and Metasploit community version set up and ready for use!! It includes custom scripts, custom themes, custom icons!Cerberus distribution is based on Debian testing, it has the capability to use 3 repositories to install packages from kali repo,Debian repo, and cyber sec repo! Cerberus is an Angry…

Windows Hacking

Black Window 10 Enterprise

Black Window 10 Enterprise is the first windows based penetration testing distribution with linux integraded ! The system comes activated with a digital license for windows enterprise ! It supports windows apps and linux apps, gui and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of cerberus linux! It has managed to implement cerberus os within windows.Offers the stability of a windows system and it offers the hacking part with a…

Auditing SSHBrute-forceNEW TOOLSScanSSHSSH Auditorssh securitySSH server

SSH Auditor – The Best Way To Scan For Weak Ssh Passwords On Your Network

The Best Way To Scan For Weak Ssh Passwords On Your NetworkFeaturesssh-auditor will automatically:Re-check all known hosts as new credentials are added. It will only check the new credentials.Queue a full credential scan on any new host discovered.Queue a full credential scan on any known host whose ssh version or key fingerprint changes.Attempt command execution as well as attempt to tunnel a TCP connection.Re-check each credential using a per credential scan_interval - default 14 days.It's designed so that you can run ssh-auditor discover +…

DelphiDll HijackingNEW TOOLSOpen SourceRobberScanVulnerability Scanners

Robber – Tool For Finding Executables Prone To DLL Hijacking

Robber is a free open source tool developed using Delphi XE2 without any 3rd party dependencies.What is DLL hijacking ?!Windows has a search path for DLLs in its underlying architecture. If you can figure out what DLLs an executable requests without an absolute path (triggering this search process), you can then place your hostile DLL somewhere higher up the search path so it'll be found before the real version is, and Windows will happilly feed your attack code to the application.So, let's pretend Windows's…

FindYaraIDA PluginIDA Python PluginNEW TOOLSScanYara

FindYara – IDA Python Plugin To Scan Binary With Yara Rules

Use this IDA python plugin to scan your binary with yara rules. All the yara rule matches will be listed with their offset so you can quickly hop to them!All credit for this plugin and the code goes to David Berard (@p0ly)This plugin is copied from David's excellent findcrypt-yara plugin. This plugin just extends his to use any yara rule.InstallationInstall yara-pythonUsing pip: pip install yara-pythonOther methods: to your IDA "plugins" directoryWatch the tutorial video!Yara Rules With IDA Pro">UsageLaunch the pluginThe plugin can…

Command LineNEW TOOLSRed TeamsRegistryScanSharpSploitSharpSploitConsole

SharpSploitConsole – Console Application Designed To Interact With SharpSploit

Console Application designed to interact with SharpSploit released by @cobbr_ioSharpSploit is a tool written by @cobbr_io that combines many techniques/C# code from the infosec community and combines it into one sweet DLL. It's awesome so check it out!DescriptionSharpSploit Console is just a quick proof of concept binary to help penetration testers or red teams with less C# experience play with some of the awesomeness that is SharpSploit. By following the instructions below you should be able to embed both the SharpSploit.dll and System.Management.Automation.dll into…

NEW TOOLSParameterPentestersScanTLSTLS-AttackerTLS-Scanner

TLS-Scanner – The TLS-Scanner Module From TLS-Attacker

TLS-Scanner is a tool created by the Chair for Network and Data Security from the Ruhr-University Bochum to assist pentesters and security researchers in the evaluation of TLS Server configurations.Please note: TLS-Scanner is a research tool intended for TLS developers, pentesters, administrators and researchers. There is no GUI. It is in the first version and may contain some bugs.CompilingIn order to compile and use TLS-Scanner, you need to have Java and Maven installed, as well as TLS-Attacker in Version 2.5$ cd TLS-Scanner$ mvn clean…

InfogInformation GathererInformation GatheringNEW TOOLSScan

Infog – Information Gathering Tool

InfoG is a Shellscript to perform Information Gathering.FeaturesCheck Website infoCheck Phone infoIP TrackerCheck Valid E-mailCheck if site is Up/DownCheck internet speedCheck Personal infoFind IP behind CloudflareFind SubdomainsPort Scan (Multi-threaded)Check CMSCheck DNS leakingUsage:git clone infogbash infog.shInstall requirements (Curl, Netcat):apt-get install -y curl ncDownload Infog

CMS DetectorCommand LineEnumerate SubdomainsHoneypot DetectorInformation GatheringNEW TOOLSReconDogScanSubdomain Enumeration

ReconDog v2.0 – Reconnaissance Swiss Army Knife

Reconnaissance Swiss Army KnifeMain FeaturesWizard + CLA interfaceCan extracts targets from STDIN (piped input) and act upon themAll the information is extracted with APIs, no direct contact is made to the targetUtilitiesCensys: Uses to gather massive amount of information about an IP address.NS Lookup: Does name server lookupPort Scan: Scan most common TCP portsDetect CMS: Can detect 400+ content management systemsWhois lookup: Performs a whois lookupDetect honeypot: Uses to check if target is a honeypotFind subdomains: Uses to find subdomainsReverse IP…

NEW TOOLSNmapNSEParameterPatatorPentestPentest-MachineScanWhatWeb

Pentest-Machine – Automates Some Pentest Jobs Via Nmap Xml File

Automates some pentesting work via an nmap XML file. As soon as each command finishes it writes its output to the terminal and the files in output-by-service/ and output-by-host/. Runs fast-returning commands first. Please send me protocols/commands/options that you would like to see included.HTTPwhatwebWPScan (only if whatweb returns a WordPress result)EyeWitness with active login attemptslight dirb directory bruteforceDNSnmap NSE dns-zone-transfer and dns-recursionMySQLlight patator bruteforcePostgreSQLlight patator bruteforceMSSQLlight patator bruteforceSMTPnmap NSE smtp-enum-users and smtp-open-relaySNMPlight patador bruteforcesnmpcheck (if patador successfully finds a string)SMBenum4linux -anmap NSE smb-enum-shares, smb-vuln-ms08-067,…

CapstoneDisassemblerFuzzerGREPHiddenNEW TOOLSProcessor FuzzerSandsifterScanSpacex86

Sandsifter – The X86 Processor Fuzzer

The sandsifter audits x86 processors for hidden instructions and hardware bugs, by systematically generating machine code to search through a processor's instruction set, and monitoring execution for anomalies. Sandsifter has uncovered secret processor instructions from every major vendor; ubiquitous software bugs in disassemblers, assemblers, and emulators; flaws in enterprise hypervisors; and both benign and security-critical hardware bugs in x86 chips.With the multitude of x86 processors in existence, the goal of the tool is to enable users to check their own systems for hidden instructions…