Category: SSH


Black Window 10 v2

  Black Window Enterprise 10 Codename : Polemos Black Window 10 Enterprise is the first windows based penetration testing distribution with Linux integrated ! The system comes activated with a digital license for Windows enterprise! It supports windows apps and Linux apps, GUI and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of Cerberus Linux! It has managed to implement Cerberus os within windows. Offers the stability of a windows system…

MacNEW TOOLSSecurity AutomationSecurity ResearchSecurity ScannerShodanShodan APIShodan CLIShodan ScriptsShodan ToolShodanploitShodansploitSSH

Shodanploit – Shodan Command Line Interface Written In Python

Shodan is a search engine on the internet where you can find interesting things all over the world. For example, we can find cameras, bitcoin streams, zombie computers, ports with weakness in service, SCADA systems, and more. Moreover, more specific searches are possible. As a result of the search, Shodan shows us the number of vulnerable hosts on Earth.So what does shodansploit do ?With Shodan Exploit, you will have all your calls on your terminal. It also allows you to make detailed searches. All…

GCPGCP Cloud FunctionsGCP HardeningGCP SecurityHardeningHayatMySQLMySQL DataBaseNEW TOOLSNodeRDPScanSSH

Hayat – Auditing & Hardening Script For Google Cloud Platform

Hayat is a auditing & hardening script for Google Cloud Platform services such as:Identity & Access ManagementNetworkingVirtual MachinesStorageCloud SQL InstancesKubernetes Clustersfor now.Identity & Access ManagementEnsure that corporate login credentials are used instead of Gmail accounts.Ensure that there are only GCP-managed service account keys for each service account.Ensure that ServiceAccount has no Admin privileges.Ensure that IAM users are not assigned Service Account User role at project level.NetworkingEnsure the default network does not exist in a project.Ensure legacy networks does not exists for a project.Ensure that…

Auditing SSHBrute-forceNEW TOOLSScanSSHSSH Auditorssh securitySSH server

SSH Auditor – The Best Way To Scan For Weak Ssh Passwords On Your Network

The Best Way To Scan For Weak Ssh Passwords On Your NetworkFeaturesssh-auditor will automatically:Re-check all known hosts as new credentials are added. It will only check the new credentials.Queue a full credential scan on any new host discovered.Queue a full credential scan on any known host whose ssh version or key fingerprint changes.Attempt command execution as well as attempt to tunnel a TCP connection.Re-check each credential using a per credential scan_interval - default 14 days.It's designed so that you can run ssh-auditor discover +…

Brute-forceFingerprintingHASSHNEW TOOLSSSHSSH ClientSSH HoneypotSSH server

HASSH – A Network Fingerprinting Standard Which Can Be Used To Identify Specific Client And Server SSH Implementations

"HASSH" is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints can be easily stored, searched and shared in the form of an MD5 fingerprint.What can HASSH help with:Use in highly controlled, well understood environments, where any fingerprints outside of a known good set are alertable.It is possible to detect, control and investigate brute force or Cred Stuffing password attempts at a higher level of granularity than IP Source - which may be impacted by…

DHCPEthernetEttercapLibPCAPMacMan-in-the-MiddleMITMNEW TOOLSScanSniffingSSHSSLstrip

Ettercap – A Comprehensive Suite For Man In The Middle Attacks

Ettercap is a comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis.ETTERCAP OFFERS THREE INTERFACES, TRADITIONAL COMMAND LINE, GUI AND NCURSES.Supported DistributionsThese distributions have been tested in both 32 and 64 bit flavors where possibleDebian/Ubuntu (Includes derivatives such as Kali, BackTrack, Mint, etc)FedoraGentooPentooMac OSX (Snow Leopard & Lion)FreeBSDOpenBSDNetBSDUnsupported DistributionsInstallation may work…


EasySSH – The SSH Connection Manager To Make Your Life Easier

A complete, efficient and easy-to-use manager. Create and edit connections, groups, customize the terminal, with multiple instances of the same connection.Developing and BuildingIf you want to hack on and build EasySSH yourself, you'll need the following dependencies:libgee-0.8-devlibgtk-3-devlibgranite-devlibvte-2.91-devlibjson-glib-devlibunity-devmesonvalacRun meson build to configure the build environment and run ninja test to build and run automated testsmeson build --prefix=/usrcd buildninja testTo install, use ninja install, then execute with com.github.muriloventuroso.easysshsudo ninja installcom.github.muriloventuroso.easysshInstall with FlatpakInstall:flatpak install flathub com.github.muriloventuroso.easysshRun:flatpak run com.github.muriloventuroso.easysshDownload EasySSH


GitMiner v2.0 – Tool For Advanced Mining For Content On Github

Advanced search tool and automation in Github. This tool aims to facilitate research by code or code snippets on github through the site's search page.MOTIVATIONDemonstrates the fragility of trust in public repositories to store codes with sensitive information.REQUIREMENTSlxmlrequestsargparsejsonreINSTALLgit clone apt-get install python-requests python-lxml ORpip install -r requirements.txtDockergit clone GitMinerdocker build -t gitminer .docker run -it gitminer -hHELP UnkL4b __ Automatic search for Github((OO)) ▄████ ██▓▄▄▄█████▓ ███▄ ▄███▓ ██▓ ███▄ █ ▓█████ ██▀███ \__/ ██▒ ▀█▒▓██▒▓ ██▒ ▓▒▓██▒▀█▀ ██▒▓██▒ ██ ▀█ █ ▓█…


Ibombshell – Dynamic Remote Shell

ibombshell is a tool written in Powershell that allows you to have a prompt at any time with post-exploitation functionalities (and in some cases exploitation). It is a shell that is downloaded directly to memory providing access to a large number of pentesting features. These functionalities can be downloaded directly to memory, in the form of a Powershell function. This form of execution is known as everywhere.In addition, ibombshell provides a second execution mode called Silently, so the pentester can execute an instance of…

Automate SSHCommand LineFirecallNEW TOOLSSSH

Firecall – Automate SSH Communication With Firewalls, Switches, Etc.

Automate SSH communication with firewalls, switches, etc.DescriptionThese scripts are designed to automate sending commands to a Cisco ASA firewall. The intended purpose here is to eliminate the need to manually log in to a firewall to make changes. This code can be run directly via command line or it can be incorporated into other scripts. These scripts were created with automation/orchestration in mind - if done securely, these scripts could ingest security intelligence data to automatically block malicious IPs based on certain criteria.ConfigurationRun bash…