Category: Darknet

This article has been indexed from Darknet socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username, socialscan returns whether it is available, taken or invalid…

Read more →

This article has been indexed from Darknet CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool, it aims to prevent vulnerabilities from getting to production infrastructure through vulnerable CloudFormation…

Read more →

This article has been indexed from Darknet CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently. At the core of it, you provide it with a list…

Read more →

This article has been indexed from Darknet assetfinder is a Go-based tool to find related domains and subdomains that are potentially related to a given domain from a variety of sources including Facebook, ThreatCrowd, Virustotal and more. assetfinder uses a…

Read more →

This article has been indexed from Darknet Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a ‘Swiss Army Knife’ for pen-testing and/or hacking CTF’s. Karkinos Beginner Friendly Penetration Testing Tool Features Encoding/Decoding characters Encrypting/Decrypting text or…

Read more →

This article has been indexed from Darknet Aclpwn.py is a tool that interacts with BloodHound to identify and exploit ACL based privilege escalation paths. It takes a starting and ending point and will use Neo4j pathfinding algorithms to find the…

Read more →

This article has been indexed from Darknet Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands and you have a vulnerable environment. Features…

Read more →

LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks. SQLi and other injection attacks remain the top OWASP and CERT vulnerability. Current detection attempts frequently involve a myriad of…

Read more →

Read the original article: Grype – Vulnerability Scanner For Container Images & Filesystems Grype is a vulnerability scanner for container images and filesystems with an […]Content was cut in order to protect the source.Please visit the source for the rest…

Read more →

Read the original article: Grype – Vulnerability Scanner For Container Images & Filesystems Grype is a vulnerability scanner for container images and filesystems with an […]Content was cut in order to protect the source.Please visit the source for the rest…

Read more →

Read the original article: APT-Hunter – Threat Hunting Tool via Windows Event Log APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in…

Read more →

Read the original article: GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials GitLab Watchman is an application that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally – this includes code, commits, wiki…

Read more →

Read the original article: GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials GitLab Watchman is an application that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally – this includes code, commits, wiki…

Read more →

Read the original article: GKE Auditor – Detect Google Kubernetes Engine Misconfigurations GKE Auditor is a Java-based tool to detect Google Kubernetes Engine misconfigurations, it aims to help security and development teams streamline the configuration process and save time looking…

Read more →

Read the original article: zANTI – Android Wireless Hacking Tool Free Download zANTI is an Android Wireless Hacking Tool that functions as a mobile penetration testing toolkit that lets you assess the risk level of a network using your mobile…

Read more →

Read the original article: zANTI – Android Wireless Hacking Tool Free Download zANTI is an Android Wireless Hacking Tool that functions as a mobile penetration testing toolkit that lets you assess the risk level of a network using your mobile…

Read more →

Read the original article: HELK – Open Source Threat Hunting Platform The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing, structured streaming, and even machine learning…

Read more →

Read the original article: Trape – OSINT Analysis Tool For People Tracking Trape is an OSINT analysis tool, which allows people to track and execute intelligent social engineering attacks in real-time. It was created with the aim of teaching the…

Read more →

Read the original article: Fuzzilli – JavaScript Engine Fuzzing Library Fuzzilii is a JavaScript engine fuzzing library, it’s a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language (“FuzzIL”) which can be mutated and translated to JavaScript.…

Read more →

Read the original article: OWASP APICheck – HTTP API DevSecOps Toolset APICheck is an HTTP API DevSecOps toolset, it integrates existing HTTP APIs tools, creates execution chains easily and is designed for integration with third-party tools in mind. APICheck is…

Read more →

Read the original article: OWASP APICheck – HTTP API DevSecOps Toolset APICheck is an HTTP API DevSecOps toolset, it integrates existing HTTP APIs tools, creates execution chains easily and is designed for integration with third-party tools in mind. APICheck is…

Read more →

Read the original article: trident – Automated Password Spraying Tool The Trident project is an automated password spraying tool developed to be deployed across multiple cloud providers and provides advanced options around scheduling and IP pooling. trident was designed and…

Read more →

Read the original article: trident – Automated Password Spraying Tool The Trident project is an automated password spraying tool developed to be deployed across multiple cloud providers and provides advanced options around scheduling and IP pooling. trident was designed and…

Read more →

Read the original article: tko-subs – Detect & Takeover Subdomains With Dead DNS Records tko-subs is a tool that helps you to detect & takeover subdomains with dead DNS records, this could be dangling CNAMEs point to hosting services or…

Read more →

Read the original article: Arcane – Tool To Backdoor iOS Packages (iPhone ARM) Arcane is a simple script tool to backdoor iOS packages (iPhone ARM) and create the necessary resources for APT repositories. It was created to help illustrate why…

Read more →

Read the original article: Arcane – Tool To Backdoor iOS Packages (iPhone ARM) Arcane is a simple script tool to backdoor iOS packages (iPhone ARM) and create the necessary resources for APT repositories. It was created to help illustrate why…

Read more →

Read the original article: SharpHose – Asynchronous Password Spraying Tool SharpHose is an asynchronous password spraying tool in C# for Windows environments that takes into consideration fine-grained password policies and can be run over Cobalt Strike’s execute-assembly. It provides a…

Read more →

Read the original article: SharpHose – Asynchronous Password Spraying Tool SharpHose is an asynchronous password spraying tool in C# for Windows environments that takes into consideration fine-grained password policies and can be run over Cobalt Strike’s execute-assembly. It provides a…

Read more →

Read the original article: Axiom – Pen-Testing Server For Collecting Bug Bounties Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty, basically a pen-testing server out of the box with 1-line. With…

Read more →

Read the original article: Quasar RAT – Windows Remote Administration Tool Quasar is a fast and light-weight Windows remote administration tool coded in C#. The usage ranges from user support through day-to-day administrative work to employee monitoring. It aims to…

Read more →

Read the original article: Quasar RAT – Windows Remote Administration Tool Quasar is a fast and light-weight Windows remote administration tool coded in C#. The usage ranges from user support through day-to-day administrative work to employee monitoring. It aims to…

Read more →

Read the original article: Pingcastle – Active Directory Security Assessment Tool PingCastle is a Active Directory Security Assessment Tool designed to quickly assess the Active Directory security level with a methodology based on a risk assessment and maturity framework. It…

Read more →

Read the original article: Pingcastle – Active Directory Security Assessment Tool PingCastle is a Active Directory Security Assessment Tool designed to quickly assess the Active Directory security level with a methodology based on a risk assessment and maturity framework. It…

Read more →

Read the original article: Second Order – Subdomain Takeover Scanner Tool Second Order Subdomain Takeover Scanner Tool scans web applications for second-order subdomain takeover by crawling the application and collecting URLs (and other data) that match specific rules or respond…

Read more →

Read the original article: Binwalk – Firmware Security Analysis & Extraction Tool Binwalk is a fast and easy to use Python-based firmware security analysis tool that allows for firmware analysis, reverse engineering, and extraction of firmware images. Features of Binwalk…

Read more →