WireBug is a tool set for Voice-over-IP penetration testing. It is designed as a wizard which makes it easy to use. The tools are build for single using too, so every tool is its own python or bash program.Installation Install the dependencies in req...
Aimed at developing offensive cyber talent, last weekend's sixth annual Collegiate Penetration Testing Competition brought out some of the brightest from RIT and Stanford, among other universities.
Based on pywebfuzz, Py3webfuzz is a Python3 module to assist in the identification of vulnerabilities in web applications, Web Services through brute force, fuzzing and analysis. The module does this by providing common testing values, generators an...
NoSQL scanner and injector. About Nosqli I wanted a better nosql injection tool that was simple to use, fully command line based, and configurable. To that end, I began work on nosqli - a simple nosql injection tool written in Go. It aims to be fast...
GitDorker is a tool that utilizes the GitHub Search API and an extensive list of GitHub dorks that I've compiled from various sources to provide an overview of sensitive information stored on github given a search query. The Primary purpose of GitDork...
Defending enterprise networks against attackers continues to present a difficult challenge for blue teams. Prevention has fallen short; improving detection & response capabilities has proven to be a step in the right direction. However, without the...
Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty, basically a pen-testing server out of the box with 1-line. With Axiom, you just need to run a single command to get setup, and then you can use the A...
ANDRAX is a Penetration Testing platform developed specifically for Android smartphones, ANDRAX has the ability to run natively on Android so it behaves like a common Linux distribution, But more powerful than a common distributi...
Data exfiltration utility used for testing detection capabilities of security products. Obviously for legal purposes only.Exfiltration How-To/etc/shadow -> HTTP GET requestsServer# ./lollipopz-cli.py -m lollipopz.methods.http.param_cipher.GETServer ...
I wrote this tool to help me testing XXE vulnerabilities.It generates the XML payloads, and automatically starts a server to serve the needed DTD's or to do data exfiltration.IMPORTANT: This tool is still under development and although most of its feat...
©2021 By Cyber Sec Labs
Recent Comments