Category: Scan

BurpBurpcommanderCommand InjectionNEW TOOLSScan

Burpcommander – Ruby Command-Line Interface To Burp Suite’s REST API

Ruby command-line interface to Burp Suite's REST APIUsageburpcommander VERSION: 1.0.1 - UPDATED: 08/29/2018 -t, --target [IP Address] Defaults to -p, --port [Port Number] Defaults to 1337 -k, --key [API Key] If you require an API key specify it here -i, --issue-type-id [String] String to search for. Example: "1048832" -n, --issue-name [String] String to search for. Example: "Command Injection" -D, --DESCRIPTION Returns the description of a requested issue -M, --METRICS Returns the scan_metrics for a given task_id -I, --ISSUES [Optional Number] Returns the issue_events…

DHCPEthernetEttercapLibPCAPMacMan-in-the-MiddleMITMNEW TOOLSScanSniffingSSHSSLstrip

Ettercap – A Comprehensive Suite For Man In The Middle Attacks

Ettercap is a comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis.ETTERCAP OFFERS THREE INTERFACES, TRADITIONAL COMMAND LINE, GUI AND NCURSES.Supported DistributionsThese distributions have been tested in both 32 and 64 bit flavors where possibleDebian/Ubuntu (Includes derivatives such as Kali, BackTrack, Mint, etc)FedoraGentooPentooMac OSX (Snow Leopard & Lion)FreeBSDOpenBSDNetBSDUnsupported DistributionsInstallation may work…

htrace.shHTTP RequestsMozilla ObservatoryNEW TOOLSNmapNmap ScriptsNSERedirect URLsScanScriptsSecurity ToolsSSLSSLlabs ScanTesting ToolsTraceroute – Simple Shell Script To Debugging HTTP/HTTPS Traffic Tracing, Response Headers And Mixed-Content is a shell script that allows you to validate your domain configuration and catch any errors (e.g. redirect loops). It also displays basic information about the ssl configuration (if available), response headers, checks for mixed content and performs security scans using Nmap scripts and great external tools such as Ssllabs or Mozilla Observatory.FunctionsIt is useful for:checking properly domain configuration (web servers/reverse proxies) redirects analysis, e.g. to eliminate redirect loops checking response headers for each request checking basic ssl configuration validation of the certificates…

Admin FinderAdmin Panel FinderCangibrinaMacNEW TOOLSNmapScanTORWordlist

Cangibrina v0.8.7 – A Fast And Powerfull Dashboard (Admin) Finder

Dashboard FinderCangibrina is a multi platform tool which aims to obtain the Dashboard of sites using brute-force over wordlist, google, nmap, and robots.txtRequirements:Python 2.7mechanizePySocksbeautifulsoup4html5libNmap (--nmap)TOR (--tor)Install:Linux git clone cd cangibrina pip install -r requirements.txtUsageusage: [-h] -u U [-w W] [-t T] [-v] [--ext EXT] [--user-agent] [--tor] [--search] [--dork DORK] [--nmap [NMAP]]Fast and powerful admin finderoptional arguments: -h, --help show this help message and exit -u U target site -w W set wordlist (default: wl_medium) -t T set threads number (default: 5) -v…

badKarmaBrute-forceIncident responseInformation GatheringNetwork SecurityNEW TOOLSNmapOffensive Securitypenetration testingPentest ToolPython3ScanSecurity Audit

badKarma – Advanced Network Reconnaissance Toolkit

badKarma is a python3 GTK+ network infrastructure penetration testing toolkit.badKarma aim to help the tester in all the penetration testing phases (information gathering, vulnerability assessment,exploitation,post-exploitation and reporting). It allow the tester to save time by having point-and-click access to their toolkit and interacte with them through GUIs or Terminals, also every task is logged under a sqlite database in order to help during the reporting phase or in a incident response scenario.It is also available a proxychains switch that let everything go through proxies,…

NEW TOOLSScanSyhunt Community Hybrid ScannerSyhunt ScanToolsVulnerability Scanner

Syhunt Community Hybrid Scanner v6.2

Syhunt Community is a hybrid static and dynamic web application security scanner. Syhunt is able to scan any kind of application source code for potential security vulnerabilities, pinpointing the exact lines of the code that need to be patched. Or you can simply enter a start URL and get detailed vulnerability information - Syhunt is also composed by a deep crawler able to fully map a website structure and an automated injector able to adapt, mutate, analyze and test the web application response to…

Command LineDemiguiseDLLHTAJavaScriptMacNEW TOOLSParameterPayload GenerationSandboxScanSharpShooter

SharpShooter – Payload Generation Framework

SharpShooter is a payload creation framework for the retrieval and execution of arbitrary CSharp source code. SharpShooter is capable of creating payloads in a variety of formats, including HTA, JS, VBS and WSF. It leverages James Forshaw's DotNetToJavaScript tool to invoke methods from the SharpShooter DotNet serialised object. Payloads can be retrieved using Web or DNS delivery or both; SharpShooter is compatible with the MDSec ActiveBreach PowerDNS project. Alternatively, stageless payloads with embedded shellcode execution can also be generated for the same scripting formats.SharpShooter…

AWSAWS IAMCloudSploit ScansEC2MisconfigurationNEW TOOLSNodeJSScanScriptsSecurity Audit

CloudSploit Scans – AWS Security Scanning Checks

CloudSploit scans is an open-source project designed to allow detection of security risks in an AWS account. These scripts are designed to run against an AWS account and return a series of potential misconfigurations and security risks.InstallationEnsure that NodeJS is installed. If not, install it from here.git clone installSetupTo begin using the scanner, edit the index.js file with your AWS key, secret, and optionally (for temporary credentials), a session token. You can also set a file containing credentials. To determine the permissions associated…

DiscoveryInformation GatheringNEW TOOLSScanSQLiSubdomain EnumerationVulnerability AssessmentVulnerability Scanner

Raccoon – A High Performance Offensive Security Tool For Reconnaissance And Vulnerability Scanning

Offensive Security Tool for Reconnaissance and Information Gathering.FeaturesDNS detailsDNS visual mapping using DNS dumpsterWHOIS informationTLS Data - supported ciphers, TLS versions, certificate details and SANsPort ScanServices and scripts scanURL fuzzing and dir/file detectionSubdomain enumeration - uses Google dorking, DNS dumpster queries, SAN discovery and bruteforceWeb application data retrieval: CMS detectionWeb server info and X-Powered-Byrobots.txt and sitemap extractionCookie inspectionExtracts all fuzzable URLsDiscovers HTML formsRetrieves all Email addressesDetects known WAFsSupports anonymous routing through Tor/ProxiesUses asyncio for improved performanceSaves output to files - separates targets by folders…