Webkiller v2.0 – Tool Information Gathering
Tool Information Gathering Write With Python.PreView ██╗ ██╗███████╗██████╗ ██╗ ██╗██╗██╗ ██╗ ███████╗██████╗ ██║ ██║██╔════╝██╔══██╗██║ ██╔╝██║██║ ██║ ██╔════╝██╔══██╗ ██║ █╗ ██║█████╗...
hacking
InQL Scanner – A Burp Extension For GraphQL Security Testing
A security testing tool to facilitate GraphQL technology security auditing efforts.InQL can be used as a stand-alone script, or as...
Mssqlproxy – A Toolkit Aimed To Perform Lateral Movement In Restricted Environments Through A Compromised Microsoft SQL Server Via Socket Reuse
Note #1: if using a non-direct connection (e.g. proxies in between), the -no-check-src-port flag is needed, so the server only...
ProjectOpal – Stealth Post-Exploitation Framework For WordPress
Stealth post-exploitation framework for Wordpress CMSOfficial ProjectOpal Repository.What is it and why was it made?We intentionally made it for our...
Tinfoil Chat – Onion-routed, Endpoint Secure Messaging System
Tinfoil Chat (TFC) is a FOSS+FHD peer-to-peer messaging system that relies on high assurance hardware architecture to protect users from...
ConEmu – Customizable Windows Terminal With Tabs, Splits, Quake-Style, Hotkeys And More
ConEmu-Maximus5 is a Windows console emulator with tabs, which represents multiple consoles as one customizable GUI window with various features.Initially,...
Ninja – Open Source C2 Server Created For Stealth Red Team Operations
Ninja C2 is an Open source C2 server created by Purple Team to do stealthy computer and Active directoty enumeration...
RapidPayload – Metasploit Payload Generator
Framework RapidPayload - Metasploit Payload Generator Requirements OpenJDK 8 (JAVA), or superiors versions. Metasploit Apktool Python3 Execution: git clone https://github.com/AngelSecurityTeam/RapidPayload...
Rapid7 Named a March 2020 Gartner Peer Insights Customers’ Choice for Vulnerability Assessment
The Rapid7 team is excited to announce that we have been recognized as a March 2020 Gartner Peer Insights Customers’...
Katana – A Python Tool For Google Hacking
Katana-ds (ds for dork_scanner) is a simple python tool that automates Google Hacking/Dorking and support TorIt becomes more powerful in...
Envizon v3.0 – Network Visualization And Vulnerability Management/Reporting
This tool is designed, developed and supported by evait security. In order to give something back to the security community,...
Automating Multi-Factor Authentication: Time-Based One-Time Passwords
Two days ago marks my two years with Rapid7. It has been a fantastic adventure, and I’m quite excited to...
Zphisher – Automated Phishing Tool
Zphisher is an upgraded form of Shellphish. The main source code is from Shellphish . But I have not fully...
XSS-LOADER – XSS Payload Generator / XSS Scanner / XSS Dork Finder
All in one tools for XSS PAYLOAD GENERATOR -XSS SCANNER-XSS DORK FINDERWritten by Hulya KarabagInstagram: Hulya KarabagScreenshotsHow to useRead MeThis...
Active Exploitation of Unpatched Windows Font Parsing Vulnerability
Yesterday (March 23), Microsoft (https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200006) in a font rendering technology in many versions of Microsoft Windows with a warning that...
Cybersecurity Vulnerability Disclosure in Trade Agreements
Cybersecurity has now become a feature of modernized US trade agreements, with new cybersecurity provisions in the US-Mexico-Canada Agreement and...
Proactive Security Is the New Black: Lessons from the Trenches of Building a Security Product
On this week’s episode of Security Nation, we had the pleasure of speaking with Alex Kreilein, CISO for RapidDeploy, a...
Starkiller – A Frontend For PowerShell Empire
Starkiller is a Frontend for Powershell Empire. It is an Electron application written in VueJS. If you'd like to contribute...
FinalRecon v1.0.2 – OSINT Tool For All-In-One Web Reconnaissance
FinalRecon is a fast and simple python script for web reconnaissance. It follows a modular structure so in future new...
ScoringEngine – Scoring Engine For Red/White/Blue Team Competitions
Scoring Engine for Red/White/Blue Team CompetitionsGetting startedDownload Docker. If you are on Mac or Windows, Docker Compose will be automatically...
Astra – Automated Security Testing For REST API’s
REST API penetration testing is complex due to continuous changes in existing APIs and newly added APIs. Astra can be...
HTTPS Everywhere – A Browser Extension That Encrypts Your Communications With Many Websites That Offer HTTPS But Still Allow Unencrypted Connections
A browser extension that encrypts your communications with many websites that offer HTTPS but still allow unencrypted connections.Getting StartedGet the...
uDork – Google Hacking Tool
uDork is a script written in Python that uses advanced Google search techniques to obtain sensitive information in files or...
XXExploiter – Tool To Help Exploit XXE Vulnerabilities
I wrote this tool to help me testing XXE vulnerabilities.It generates the XML payloads, and automatically starts a server to...
