PRINT
PRINT
SEND MAIL
SEND MAIL

Category: Scripts

Debian

Cerberus Linux v3

  Cerberus Linux v3  Cerberus is a penetration testing distribution focusing on automation and anonymity , it aims to have the best tools available on the hacking scene tools like Fuzzbunch, Dandespritz, Cobalt strike, Armitage, Metasploit framework and Metasploit community version set up and ready for use!! It includes custom scripts, custom themes, custom icons!Cerberus distribution is based on Debian testing, it has the capability to use 3 repositories to install packages from kali repo,Debian repo, and cyber sec repo! Cerberus is an Angry…

Windows Hacking

Black Window 10 Enterprise

Black Window 10 Enterprise is the first windows based penetration testing distribution with linux integraded ! The system comes activated with a digital license for windows enterprise ! It supports windows apps and linux apps, gui and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of cerberus linux! It has managed to implement cerberus os within windows.Offers the stability of a windows system and it offers the hacking part with a…

ArduinoBadUsbDigiDuck FrameworkNEW TOOLSRubber DuckyScripts

DigiDuck Framework – Framework For Digiduck Development Boards Running ATTiny85 Processors And Micronucleus Bootloader

Framework for Digiduck Development Boards running ATTiny85 processors and micronucleus bootloader!Roadmap:Plan to implement a command for Duckyspark translation within the framework.Requirements:- ATTiny85 or other compatible "Digispark" Development Board(s)- DigiSpark Drivers (If you can use it with arduino you should be fine.)- OSX or MacOS- ArduinoIDE with Digispark Library InstalledGetting Started:Installation:DigiDuck Framework (Referred to as DDF) is really simple to start and setup! There are no third party modules required for DDF! All you need to do is make sure you have Python 3.6+ (I…

htrace.shHTTP RequestsMozilla ObservatoryNEW TOOLSNmapNmap ScriptsNSERedirect URLsScanScriptsSecurity ToolsSSLSSLlabs ScanTesting ToolsTraceroute

htrace.sh – Simple Shell Script To Debugging HTTP/HTTPS Traffic Tracing, Response Headers And Mixed-Content

htrace.sh is a shell script that allows you to validate your domain configuration and catch any errors (e.g. redirect loops). It also displays basic information about the ssl configuration (if available), response headers, checks for mixed content and performs security scans using Nmap scripts and great external tools such as Ssllabs or Mozilla Observatory.FunctionsIt is useful for:checking properly domain configuration (web servers/reverse proxies) redirects analysis, e.g. to eliminate redirect loops checking response headers for each request checking basic ssl configuration validation of the certificates…

AWSAWS IAMCloudSploit ScansEC2MisconfigurationNEW TOOLSNodeJSScanScriptsSecurity Audit

CloudSploit Scans – AWS Security Scanning Checks

CloudSploit scans is an open-source project designed to allow detection of security risks in an AWS account. These scripts are designed to run against an AWS account and return a series of potential misconfigurations and security risks.InstallationEnsure that NodeJS is installed. If not, install it from here.git clone git@github.com:cloudsploit/scans.gitnpm installSetupTo begin using the scanner, edit the index.js file with your AWS key, secret, and optionally (for temporary credentials), a session token. You can also set a file containing credentials. To determine the permissions associated…

Command LineDLLDLL InjectionNEW TOOLSScriptssRDIStealth

sRDI – Shellcode Implementation Of Reflective DLL Injection

sRDI allows for the conversion of DLL files to position independent shellcode.Functionality is accomplished via two components:C project which compiles a PE loader implementation (RDI) to shellcodeConversion code which attaches the DLL, RDI, and user data together with a bootstrapThis project is comprised of the following elements:ShellcodeRDI: Compiles shellcode for the DLL loaderNativeLoader: Converts DLL to shellcode if neccesarry, then injects into memoryDotNetLoader: C# implementation of NativeLoaderPython\ConvertToShellcode.py: Convert DLL to shellcode in placePython\EncodeBlobs.py: Encodes compiled sRDI blobs for static embeddingPowerShell\ConvertTo-Shellcode.ps1: Convert DLL to shellcode…

AWSDebianGitGit-SecretsHookNEW TOOLSScanScripts

Git-Secrets – Prevents You From Committing Secrets And Credentials Into Git Repositories

Prevents you from committing passwords and other sensitive information to a git repository.Synopsisgit secrets --scan [-r|--recursive] [--cached] [--no-index] [--untracked] [<files>...]git secrets --scan-historygit secrets --install [-f|--force] [<target-directory>]git secrets --list [--global]git secrets --add [-a|--allowed] [-l|--literal] [--global] <pattern>git secrets --add-provider [--global] <command> [arguments...]git secrets --register-aws [--global]git secrets --aws-provider [<credentials-file>] Descriptiongit-secrets scans commits, commit messages, and --no-ff merges to prevent adding secrets into your git repositories. If a commit, commit message, or any commit in a --no-ff merge history matches one of your configured prohibited regular expression patterns,…

KillerBeeLibPCAPNEW TOOLSPacket CapturePacket InjectionPcapScapyScriptsSnifferSniffing

KillerBee – IEEE 802.15.4/ZigBee Security Research Toolkit

This is KillerBee - Framework and Tools for Attacking ZigBee and IEEE 802.15.4 networks.REQUIREMENTSKillerBee is developed and tested on Linux systems. OS X usage is possible but not supported.We have striven to use a minimum number of software dependencies, however, it is necessary to install the following Python modules before installation:serialusbcrypto (for some functions)pygtk (for use of tools that have GUIs)cairo (for use of tools that have GUIs)scapy (for some tools which utilize 802.15.4 Scapy extensions)On Ubuntu systems, you can install the needed dependencies…

MacMapping Wifi NetworksMapsNetwork WirelessNEW TOOLSNmapScapyScriptsTrackerjackerWifi

Trackerjacker – Like Nmap For Mapping Wifi Networks You’Re Not Connected To, Plus Device Tracking

Like nmap for mapping wifi networks you're not connected to. Maps and tracks wifi networks and devices through raw 802.11 monitoring.PyPI page: install trackerjackerSupported platforms: Linux (tested on Ubuntu, Kali, and RPi) and macOS (pre-alpha)trackerjacker can help with the following:I want to know all the nearby wifi networks and know all the devices connected to each network.I want to know who's hogging all the bandwidth.I want to run a command when this MAC address sends more than 100000 bytes in a 30 second…

NEW TOOLSRiskySPNScriptsSPN

RiskySPN – Detect And Abuse Risky SPNs

RiskySPNs is a collection of PowerShell scripts focused on detecting and abusing accounts associated with SPNs (Service Principal Name). This module can assist blue teams to identify potentially risky SPNs as well as red teams to escalate privileges by leveraging Kerberos and Active Directory.For detailed information: the moduleImport-Module .\RiskySPNs.psm1Or just load the script (you can also IEX from web). .\Find-PotentiallyCrackableAccounts.ps1Make sure Set-ExecutionPolicy is Unrestricted or BypassGet information about a function (very detailed :))Get-Help Get-TGSCipher -FullAll fucntions also have -Verbose modeSearch vulnerable SPNsFind vulnerable…

Aircrack-ngKaliKali LinuxNEW TOOLSScanScriptsWPA

Airba.sh – A POSIX-compliant, Fully Automated WPA PSK Handshake Capture Script Aimed At Penetration Testing

Airbash is a POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing. It is compatible with Bash and Android Shell (tested on Kali Linux and Cyanogenmod 10.2) and uses aircrack-ng to scan for clients that are currently connected to access points (AP). Those clients are then deauthenticated in order to capture the handshake when attempting to reconnect to the AP. Verification of a captured handshake is done using aircrack-ng. If one or more handshakes are captured, they are entered into an…