A tool for conducting MITM on RDP connectionsPyrrdp (https://github.com/GoSecure/pyrdp ) is designed to conduct a MITM attack on RDP and allows you to view RDP connections in real time or after the fact. It is written in Python 3 and has open source code.
GitHub - GoSecure/pyrdp: RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact - GitHub - GoSecure/pyrdp: RDP monster-in-the-middle (mitm) and library for Pyth...
github.com
⛓ icmpdoor is a reverse ICMP wrapper signed in Python 3
(https://cryptsus.com/blog/icmp-reverse-shell.jpg )icmpdoor (https://github.com/krabelize/icmpdoor ) can tunnel a hidden ICMP channel to control the programmable machine. A large amount of time to work with the tool can be spent to familiarize yourself with the author's blog (https://cryptsus.com/blog/icmp-reverse-shell.html ).
Filtering of ICMP traffic packets is rarely configured, which allows attackers to bypass firewalls. In the breach, the use of ICMP as a backdoor was confirmed at least by one APT (https://cptofevilminions.github.io/...CK_matrix/techniques/command_and_control/icmp ) (Advanced persistent threat) by the group.
GitHub - krabelize/icmpdoor: ICMP Reverse Shell written in Python 3 and with Scapy (backdoor/rev shell)
ICMP Reverse Shell written in Python 3 and with Scapy (backdoor/rev shell) - GitHub - krabelize/icmpdoor: ICMP Reverse Shell written in Python 3 and with Scapy (backdoor/rev shell)
github.com
HTTP botnet in C++ with open source code(https://github.com/UBoat-Botnet/UBoat ) - HTTP botnet PoC, designed to replicate a real combat commercial botnet.
The main purpose of creating this project is to help security researchers improve their understanding of the device and operation of commercial HTTP botnets.
⏺ Link to GitHub https://github.com/UBoat-Botnet/UBoat
PEzor is an open source tool for bypassing antivirus solutionsGitHub - phra/PEzor: Open-Source Shellcode & PE Packer
Open-Source Shellcode & PE Packer. Contribute to phra/PEzor development by creating an account on GitHub.
github.com
Rootkit for Windows 10/11Cronos is a Windows 10/11 x64 Ring 0 rootkit. It can hide processes, protect and enhance them by manipulating tokens.
GitHub - XaFF-XaFF/Cronos-Rootkit: Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.
Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation. - GitHub - XaFF-XaFF/Cronos-Rootkit: Cronos is Windows 10/11 x64 rin...
github.com
A tool for collecting subdomains from a list of IP addressesAnother tool that can allow you to find new subdomains during the exploration phase.
hakip2host receives a list of IP addresses at the input, and then performs a series of checks to find related hostnames, namely a search for PTR, CN and SAN from SSL certificates.
GitHub - hakluke/hakip2host: hakip2host takes a list of IP addresses via stdin, then does a series of checks to return associated domain names.
hakip2host takes a list of IP addresses via stdin, then does a series of checks to return associated domain names. - GitHub - hakluke/hakip2host: hakip2host takes a list of IP addresses via stdin, ...
github.com
A tool for scanning user data using neural networksOctopii is an artificial intelligence-based user information scanner that uses Tesseract's Optical Character Recognition (OCR) and the MobileNet convolutional neural network (CNN) model.
GitHub - redhuntlabs/Octopii: An AI-powered Personal Identifiable Information (PII) scanner.
An AI-powered Personal Identifiable Information (PII) scanner. - GitHub - redhuntlabs/Octopii: An AI-powered Personal Identifiable Information (PII) scanner.
github.com
Logon Tracker
The software links the hostname (or IP address) and the account name detected in login-related events and displays them as a graph.
(https://github.com/JPCERTCC/LogonTracer)
Nrich is a tool for scanning ports and finding vulnerabilities.A new command-line tool for quickly analyzing a list of IP addresses and viewing open ports and vulnerabilities.
shodan-public / nrich · GitLab
A command-line tool to quickly analyze all IPs in a file and see which ones have open ports/ vulnerabilities. Can also be fed data from stdin to be...
gitlab.com
BLACKBIRD TOOL – OSINT TOOL TO FIND ACCOUNTS USING USERNAME
Blackbird is a user name enumeration tool.This is one of the best OSINT tools to find usernames across social media websites.
GitHub - p1ngul1n0/blackbird: An OSINT tool to search for accounts by username in social networks.
An OSINT tool to search for accounts by username in social networks. - p1ngul1n0/blackbird
github.com
MacStealer: Wi-Fi Client Isolation Bypass
MacStealer can test Wi-Fi networks for client isolation bypasses (CVE-2022-47522) to intercept (steal) traffic toward other clients at the MAC layer
GitHub - vanhoefm/macstealer
Contribute to vanhoefm/macstealer development by creating an account on GitHub.
github.com
NExfil is a specialized utility for conducting OSINT intelligence by searching for a user by his personal nickname.
GitHub - thewhiteh4t/nexfil: OSINT tool for finding profiles by username
OSINT tool for finding profiles by username. Contribute to thewhiteh4t/nexfil development by creating an account on GitHub.
github.com
StormBreaker is a utility for creating a phishing link, which in turn performs testing and takes a photo from the victim's camera.
GitHub - ultrasecurity/Storm-Breaker: Social engineering tool [Access Webcam & Microphone & Location Finder] With Python
Social engineering tool [Access Webcam & Microphone & Location Finder] With Python - GitHub - ultrasecurity/Storm-Breaker: Social engineering tool [Access Webcam & Microphone & Lo...
github.com
Sashay is a script that will give you the opportunity
automatic installation of 340 utilities. 340 basic tools for Linux with which you can upgrade your "skills" and increase your experience in the pentest.
GitHub - scalabli/sashay: Sashay is an automatic installer for useful tools.
Sashay is an automatic installer for useful tools. - GitHub - scalabli/sashay: Sashay is an automatic installer for useful tools.
github.com
One x (https://github.com/rajkumardusad/onex ) - A library of hacking tools for Thermex and other Linux distributions;
WiFi Bruteforce (https://github.com/faizann24/wifi-bruteforcer-fsecurify ) - Android application for brute force WiFi passwords;
Nexphisher (https://github.com/htr-tech/nexphisher ) - an advanced phishing tool for Linux and Termax;
Cctools (https://4f2bcn3u2m2u2z7ghc17a5jm-wp...mate-hacking-toolkit-black-hat-asia-2019-2.7z ) - a new set of tools for hacking Windows;
Hijacker (https://github.com/chrisk44/Hijacker ) - A universal Wi-Fi hacking tool for Android;
SSH-Harvester
We get the passwords of ssh users in plain text
GitHub - jm33-m0/SSH-Harvester: Harvest passwords automatically from OpenSSH server
Harvest passwords automatically from OpenSSH server - GitHub - jm33-m0/SSH-Harvester: Harvest passwords automatically from OpenSSH server
github.com
"Hacker search engines"
osv.dev (https://osv.dev/list) — vulnerabilities in open source code
Vulners.com (https://vulners.com/) — your search engine for security analysis
opencve.io (https://www.opencve.io/cve ) — The easiest way to track CVE updates and receive notifications about new vulnerabilities .
security.snyk.io (https://security.snyk.io /) — open source vulnerability database
Mend Vulnerability Database (https://www.mend.io/vulnerability-database /) — the largest open source vulnerability database.
Rapid7 — DB (https://www.rapid7.com/db /) — Database of vulnerabilities and exploits
CVEDetails (https://www.cvedetails.com/) — the ultimate source of security vulnerability data
VulnIQ (https://vulniq.com/) — vulnerability analysis and management solution
SynapsInt (https://synapsint.com /) — unified OSINT research tool
Aqua Vulnerability Database (https://avd.aquasec.com /) — vulnerabilities and weaknesses in open source applications and cloud infrastructure.
Vulmon (https://vulmon.com /) — search for vulnerabilities and exploits
VulDB (https://vuldb.com /) — vulnerability database number one
ScanFactory (https://in.scanfactory.io/cvemon.html ) — real-time security monitoring
Trend Micro Zero Day Initiative (https://www.zerodayinitiative.com/advisories/published/) — published vulnerabilities discovered by Zero Day Initiative researchers.
Google Project Zero (https://bugs.chromium.org/p/project... Type Status Priority Milestone Owner Summary ) — vulnerabilities, including Zero Days
Escapes
Exploit-DB (https://www.exploit-db.com /) — Exploit database
Sploitus (https://sploitus.com /) — A convenient central place to identify the latest exploits.
Rapid7 — DB (https://www.rapid7.com/db /) — Database of vulnerabilities and exploits
Vulmon (https://vulmon.com /) — search for vulnerabilities and exploits
packagestormsecurity.com (https://packetstormsecurity.com /) — information security services, news, files, tools, exploits, recommendations and technical documents
0day.today (https://0day.today /) — Full database of exploits and vulnerabilities
LOLBAS (https://lolbas-project.github.io/) — Life Beyond Earth Binary files, scripts and libraries
GTFOBins (https://gtfobins.github.io /) is a verified list of Unix binaries that can be used to bypass local security restrictions on incorrectly configured systems.
Payloads All The Things (https://swisskyrepo.github.io/PayloadsAllTheThingsWeb/) — a list of useful payloads and workarounds for web application security.
XSS Payloads (http://www.xss-payloads.com /) — a wonderland of unexpected JavaScript usage and more
exploitalert.com (https://www.exploitalert.com/search-results.html ) – exploit database.
Attacking surface
FullHunt.io (https://fullhunt.io /) — The entire Internet attack surface database
BynaryEdge (https://www.binaryedge.io /) — we scan the internet and collect data for you
Censys ASM (https://censys.io /) — solutions for managing the attack surface
RedHunt Labs (https://redhuntlabs.com /) — constantly open up opportunities for attacks
SecurityTrails (https://securitytrails.com /) — full online inventory
overcast-security.com (https://overcast-security.com/) — we make it easier to track your external attack surface
