GG-AESY – Hide Cool Stuff In Images
Blogpost: https://redteamer.tips/introducing-gg-aesy-a-stegocryptor/ WARNING: you might need to restore NuGet packages and restart visual studio before compiling. If anyone knows how...
tools
Fortiscan – A High Performance FortiGate SSL-VPN Vulnerability Scanning And Exploitation Tool
(CVE-2018-13379) Exploitation Tool, You can use this tool to check the vulnerability in your FortiGate SSL-VPN. https://www.fortinet.com/blog/business-and-technology/fortios-ssl-vulnerability Usage v 0.6...
NICER Protocol Deep Dive: Internet Exposure of Redis
Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet...
Admin-Scanner – This Tool Is Design To Find Admin Panel Of Any Website By Using Custom Wordlist Or Default Wordlist Easily
Website Admin Panel FinderHow To Install (Linux/pc)sudo apt install python3 sudo apt install python3-pip sudo apt install git git clone...
Talon – A Password Guessing Tool That Targets The Kerberos And LDAP Services Within The Windows Active Directory Environment
Talon is a tool designed to perform automated password guessing attacks while remaining undetected. Talon can enumerate a list of...
Webscan – Browser-based Network Scanner And local-IP Detection
webscan is a browser-based network IP scanner and local IP detector. It detects IPs bound to the user/victim by listening...
Tracee – Container And System Event Tracing Using eBPF
Tracee is a lightweight and easy to use container and system tracing tool. It allows you to observe system calls...
DNSx – A Fast And Multi-Purpose DNS Toolkit Allow To Run Multiple DNS Queries Of Your Choice With A List Of User-Supplied Resolvers
dnsx is a fast and multi-purpose DNS toolkit allow to run multiple probers using retryabledns library, that allows you to...
Damn-Vulnerable-Bank – Vulnerable Banking Application For Android
Damn Vulnerable Bank Android Application aims to provide an interface for everyone to get a detailed understanding with internals and...
N1QLMap – The Tool Exfiltrates Data From Couchbase Database By Exploiting N1QL Injection Vulnerabilities
N1QLMap is an N1QL exploitation tool. Currently works with Couchbase database. The tool supports data extraction and performing SSRF attacks...
Bunkerized-Nginx – Nginx Docker Image Secure By Default
nginx Docker image secure by default. Avoid the hassle of following security best practices each time you need a web...
RedShell – An interactive command prompt that executes commands through proxychains and automatically logs them on a Cobalt Strike team server
An interactive command prompt that executes commands through proxychains and automatically logs them on a Cobalt Strike team server.InstallationRedShell runs...
Wsb-Detect – Tool To Detect If You Are Running In Windows Sandbox (“WSB”)
wsb-detect enables you to detect if you are running in Windows Sandbox ("WSB"). The sandbox is used by Windows Defender...
UAFuzz – Binary-level Directed Fuzzing For Use-After-Free Vulnerabilities
Directed Greybox Fuzzing (DGF) like AFLGo aims to perform stress testing on pre-selected potentially vulnerable target locations, with applications to...
Xerror – Fully Automated Pentesting Tool
Xerror is an automated penetration tool , which will helps security professionals and non professionals to automate their pentesting tasks....
CVE-2020-7378: OpenCRX Unverified Password Change (FIXED)
OpenCRX version 4.30 and version 5.0-20200717 suffers from an unverified password change vulnerability, which is an instance of CWE-620. This...
ToothPicker – An In-Process, Coverage-Guided Fuzzer For iOS
ToothPicker is an in-process, coverage-guided fuzzer for iOS. It was developed to specifically targets iOS's Bluetooth daemon bluetoothd and to...
Osi.Ig – Information Gathering Instagram
The Instagram OSINT Tool gets a range of information from an Instagram account that you normally wouldn't be able to...
Don’t Let These Top Cloud Myths Hamper Your Business Decision-Making
The cloud remains a dominant technology innovation well into its second decade of existence. However, after all this time, certain...
NICER Protocol Deep Dive: Internet Exposure of Microsoft SQL Server (MS SQL) (UDP/1434)
Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet...
Amlsec – Automated Security Risk Identification Using AutomationML-based Engineering Data
This prototype identifies security risk sources (i.e., threats and vulnerabilities) and types of attack consequences based on AutomationML (AML) artifacts....
SIRAS – Security Incident Response Automated Simulations
Security Incident Response Automated Simulations (SIRAS) are internal/controlled actions that provide a structured opportunity to practice the incident response plan...
Fuzzilli – A JavaScript Engine Fuzzer
A (coverage-)guided fuzzer for dynamic language interpreters based on a custom intermediate language ("FuzzIL") which can be mutated and translated...
Routopsy – A Toolkit Built To Attack Often Overlooked Networking Protocols
Routopsy is a toolkit built to attack often overlooked networking protocols. Routopsy currently supports attacks against Dynamic Routing Protocols (DRP)...
