More results...
Navigating the maze of binary obfuscation? Meet the “Donut-Decryptor”, a tool tailored to decode the elusive Donut obfuscation. Dive in to unravel its capabilities and bring clarity to concealed code. Beyond mere decryption, it’s a spotlight in the shadowy corridors of cybersecurity. A must-have for those battling coded enigmas. A configuration and module extractor for […]
Thousands of S3 buckets are left open on the internet, which makes them an easy target for bad people who want to get private information from the files in these buckets that can be tied to a person or an organization. There isn’t much study or software that can use these S3 buckets to find […]
Secure Shell Bruteforcer – A faster & simpler way to bruteforce SSH server. In the evolving world of cybersecurity, speed and efficiency are paramount. Enter Kitabisa SSB, a Go-powered tool designed to revolutionize the approach to SSH bruteforcing. Offering a streamlined installation process and user-friendly options, it’s a must-have for professionals seeking a faster and simpler way to […]
ReconAIzer is a powerful Jython extension for Burp Suite that leverages OpenAI to help bug bounty hunters optimize their recon process. This extension automates various tasks, making it easier and faster for security researchers to identify and exploit vulnerabilities. Once installed, ReconAIzer add a contextual menu and a dedicated tab to see the results: Prerequisites […]
Cake Fuzzer is a project that is meant to help automatically and continuously discover vulnerabilities in web applications created based on specific frameworks with very limited false positives. Currently it is implemented to support the Cake PHP framework. If you would like to learn more about the research process check out this article series: CakePHP Application […]
HTTP-Shell is a multiplatform reverse shell. This tool helps you obtain a shell-like interface on a reverse connection over HTTP. Unlike other reverse shells, the main goal of the tool is to be used in conjunction with Microsoft Dev Tunnels in order to get a connection as close as possible to a legitimate one. This shell […]
The Tool is a wrapper around PowerView, Impacket, PowerUpSQL, BloodHound, Ldaprelayscan and Crackmapexec to automate the execution of enumeration and a lot of checks performed during a On-Prem Active Directory Penetration test. Thanks to all the authors of the original tools. Installation AND Setup Make sure the path viariables in the script to the following […]
Naabu is a powerful port scanning utility designed in the Go programming language, enabling fast and efficient port enumeration. Designed to swiftly detect valid ports on various hosts, this tool is optimized to perform SYN, CONNECT, and UDP scans. With its comprehensive feature set, Naabu not only lists ports that offer a reply but is […]
Scan4All is at the vanguard of modern cybersecurity solutions, offering a comprehensive suite of tools for automated vulnerability detection and threat analysis. Built on a robust Golang framework, this cross-platform toolkit seamlessly integrates with various systems, elevating the standard for next-generation security measures. Features More references: config/doNmapScan.sh By default, naabu is used to complete port […]
This project aims at hosting tutorials, examples, discussions, research proposals, and other resources related to fuzzing. External contributions are welcome, please see CONTRIBUTING Contributing File for more information. The “Fuzzing Forum” is a place where people can find tutorials, examples, discussions, and more, all about the fuzzing method. The project has resources for both beginners and experts on […]