More results...
Red Team Toolkit is a curated list of tools that are commonly used in the field for Physical Security, Red Teaming, and Tactical Covert Entry. Red Team – Physical Security – Covert Entry – EDC Disclaimer: I am not responsible for anyone using any information in this post for any illegal activities. Getting caught with […]
X-force, IBM Security utilitary library in python. Search and query all sources: threat_activities and groups, malware_analysis, industries Install Use Using you API_KEY make a basic authentication. See . After make a base64 code → Key + : + Password: printf “d2f5f0f9-2995-42c6-b1dd-4c92252da129:06c41d5e-0604-4c7c-a599-300c367d2090” | base64 # ZDJmNWYwZjktMjk5NS00MmM2LWIxZGQtNGM5MjI1MmRhMTI5OjA2YzQxZDVlLTA2MDQtNGM3Yy1hNTk5LTMwMGMzNjdkMjA5MAo= Using API_KEY, call functions. See for key storage Call functions […]
Cortex-XDR-Config-Extractor tool is meant to be used during Red Team Assessments and to audit the XDR Settings. With this tool its possible to parse the Database Lock Files of the Cortex XDR Agent by Palo Alto Networks and extract Agent Settings, the Hash and Salt of the Uninstall Password, as well as possible Exclusions. Supported […]
APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their code. With APKHunt, mobile software architects or developers can […]
IpGeo is a python tool to extract IP addresses from captured network traffic file (pcap/pcapng) and generate csv report containing details about the geolocation of each ip in the packets. The report contains: Installation Use the package manager pip3 to install required modules. pip3 install colorama pip3 install requests pip3 install pyshark If you are […]
SXDork is a powerful tool that utilizes the technique of google dorking to search for specific information on the internet. Google dorking is a method of using advanced search operators and keywords to uncover sensitive information that is publicly available on the internet. SXDork offers a wide range of options to search for different types […]
CVE-Vulnerability-Information-Downloader downloads Information from NIST (CVSS), first.org (EPSS), and CISA (Exploited Vulnerabilities) and combines them into one list. Reports from vulnerability scanners like OpenVAS can be enriched with this information to prioritize remediation. The repository also contains a PowerBI template to show how such a dashboard can be created. CVE Vulnerability Information Downloader Common Vulnerability […]
Gmailc2 is a Fully Undetectable C2 Server That Communicates Via Google SMTP to evade Antivirus Protections and Network Traffic Restrictions. Note: This RAT communicates Via Gmail SMTP (or u can use any other smtps as well) but Gmail SMTP is valid because most of the companies block unknown traffic so gmail traffic is valid and […]
Trackgram Use Instagram location features to track an account. Usage Installation steps Screenshots Features
Probable_Subdomains is a Subdomains Analysis And Generation Tool Online tool: https://weakpass.com/generate/domains TL;DR During bug bounties, penetrations tests, red teams exercises, and other great activities, there is always a room when you need to launch amass, subfinder, sublister, or any other tool to find subdomains you can use to break through – like test.google.com, dev.admin.paypal.com or […]