Jupyter Notebook for crt.sh Queries
I created a Jupyter Notebook to query the crt.sh website, dump the results into a pandas data frame, and then printing out the unique list of results to the screen for OSINT investigations.
tools
Smart OSINT Collection of Common IOC Types
Smart OSINT Collection of Common IOC (Indicator of compromise) Types
This application is designed to assist security analysts and researchers with the collection and assessment of common IOC types. Accepted IOCs currently include IP addresses, do…
XRay – Using For Recon Mapping And OSINT Suite
XRay is a software for recon, mapping and OSINT gathering from public networks.
XRay for network OSINT gathering, its goal is to make some of the initial tasks of information gathering and network mapping automatic.
How Does it Work?
XRay is a ve…
TraXSS – Automated XSS Vulnerability Scanner
Automated Vulnerability Scanner for XSS
Written in Python3
Traxss is an automated framework to scan URLs and webpages for XSS Vulnerabilities. It includes over 575 Payloads to test with and multiple options for robustness of tests.
…
Penta- Open Source All-in-one CLI To Automate Pentesting
Penta (PENTest + Automation tool) is Pentest automation tool using Python3.
Installation
Install requirements
penta requires the following packages.
Python3.7
pipenv
Resolve python package dependency.
$ pipenv install
If you dislike pi…
Dolos Cloak- For Network Penetration Testers To Automated 802.1x Bypass
Dolos Cloak- Automated 802.1x Bypass
Dolos Cloak is a python script designed to help network penetration testers and red teamers bypass 802.1x solutions by using an advanced man-in-the-middle attack.
The script is able to piggyback on the wired…
PostShell – Post Exploitation Bind/Backconnect Shell
PostShell – Post Exploitation Bind/Backconnect Shell
PostShell is a post-exploitation shell that includes both a bind and a back connect shell. It creates a fully interactive TTY which allows for job control.
The stub size is around 14kb and ca…
Findomain- Fastest And Cross-platform Subdomain Enumerator
FinDomain- Fastest And Cross-platform Subdomain Enumerator.
Comparison
It comparison gives you a idea why you should use findomain instead of another enumerators. The domain used for the test was Microsoft.com in the following BlackArch virtual ma…
Burp Suite Extension – To Monitor And Keep Track of Tested Endpoints
Burp Scope Monitor Extension
A Burp Suite Extension to monitor and keep track of tested endpoints.
Main Features
Simple, easy way to keep track of unique endpoints when testing an application
Mark individual endpoints as analyzed or not
Inst…
Phantom Tap (PhanTap) – An ‘Invisible’ Network Tap
Phantom Tap (PhanTap) – An ‘Invisible’ Network Tap Aimed at Red Teams.
With limited physical access to a target building, this tap can be installed inline between a network device and the corporate network.
PhanTap is silent in the network an…