Photos from National Cyber Security Services's post
Searpy:-- #Search #Engine #Toolkit.
Batch search tool for #acquisition during #infiltration.
search engine:-
1. #Shodan
2. #Fofa
3. #Zoomeye
4. #Google
5. #Baidu
6. #Bing
7. 360so
8. goo
#Usage:-
python Searpy.py --fofa -s "app:jboss" -p 1
python Searpy.py --shodan -s "weblogic" -l 10
python Searpy.py --google -s "inurl:login.action" -p 1
#Download #Link:-
https://github.com/j3ers3/Searpy
Searpy:-- #Search #Engine #Toolkit.
Batch search tool for #acquisition during #infiltration.
search engine:-
1. #Shodan
2. #Fofa
3. #Zoomeye
4. #Google
5. #Baidu
6. #Bing
7. 360so
8. goo
#Usage:-
python Searpy.py --fofa -s "app:jboss" -p 1
python Searpy.py --shodan -s "weblogic" -l 10
python Searpy.py --google -s "inurl:login.action" -p 1
#Download #Link:-
https://github.com/j3ers3/Searpy
GitHub
GitHub - j3ers3/Searpy: 🥀 Search Engine Tookit,URL采集、Favicon哈希值查找真实IP、子域名查找
🥀 Search Engine Tookit,URL采集、Favicon哈希值查找真实IP、子域名查找 - j3ers3/Searpy
S3Tk:-- A #Security #Toolkit For #Amazon S3.
Scan your #buckets for:-
1. #ACL open to public
2. policy open to public
3. public access blocked
4. logging enabled
5. versioning enabled
6. default #encryption enabled
#Download #Link:-
https://github.com/ankane/s3tk
S3Tk:-- A #Security #Toolkit For #Amazon S3.
Scan your #buckets for:-
1. #ACL open to public
2. policy open to public
3. public access blocked
4. logging enabled
5. versioning enabled
6. default #encryption enabled
#Download #Link:-
https://github.com/ankane/s3tk
Scan your #buckets for:-
1. #ACL open to public
2. policy open to public
3. public access blocked
4. logging enabled
5. versioning enabled
6. default #encryption enabled
#Download #Link:-
https://github.com/ankane/s3tk
S3Tk:-- A #Security #Toolkit For #Amazon S3.
Scan your #buckets for:-
1. #ACL open to public
2. policy open to public
3. public access blocked
4. logging enabled
5. versioning enabled
6. default #encryption enabled
#Download #Link:-
https://github.com/ankane/s3tk
PyExploit:-- #Python #penetration #toolkit.
PyExploit v1.0 Python penetration toolkit can #automate everything for you.
Futures:-
1. #recon :
#Whois
#GeoIP
#Subdomains
#Shodan
PWNED
2. #Vulnerabilities :
#Clickjacking
#Download #Link:-
https://github.com/RiadhBenlamine/PyExploit
PyExploit:-- #Python #penetration #toolkit.
PyExploit v1.0 Python penetration toolkit can #automate everything for you.
Futures:-
1. #recon :
#Whois
#GeoIP
#Subdomains
#Shodan
PWNED
2. #Vulnerabilities :
#Clickjacking
#Download #Link:-
https://github.com/RiadhBenlamine/PyExploit
PyExploit v1.0 Python penetration toolkit can #automate everything for you.
Futures:-
1. #recon :
#Whois
#GeoIP
#Subdomains
#Shodan
PWNED
2. #Vulnerabilities :
#Clickjacking
#Download #Link:-
https://github.com/RiadhBenlamine/PyExploit
PyExploit:-- #Python #penetration #toolkit.
PyExploit v1.0 Python penetration toolkit can #automate everything for you.
Futures:-
1. #recon :
#Whois
#GeoIP
#Subdomains
#Shodan
PWNED
2. #Vulnerabilities :
#Clickjacking
#Download #Link:-
https://github.com/RiadhBenlamine/PyExploit
Photos from National Cyber Security Services's post
UFONet - #Denial of #Service Toolkit.
#UFONet is a #toolkit designed to launch #DDoS and #DoS #attacks.it runs on many platforms. It requires #Python (>=3) and requires :-#whois,#pycurl,#geoip,#crypto,#scanpy,#requests.
#Download #Link:-
https://github.com/epsylon/ufonet
UFONet - #Denial of #Service Toolkit.
#UFONet is a #toolkit designed to launch #DDoS and #DoS #attacks.it runs on many platforms. It requires #Python (>=3) and requires :-#whois,#pycurl,#geoip,#crypto,#scanpy,#requests.
#Download #Link:-
https://github.com/epsylon/ufonet
Photos from National Cyber Security Services's post
XSRFProbe:-- The Prime Cross-Site Request Forgery (#CSRF) #Audit and #Exploitation #Toolkit.
#XSRFProbe is an #advanced Cross-Site Request Forgery (CSRF/ #XSRF) Audit and Exploitation Toolkit. Equipped with a #powerful crawling engine and numerous systematic checks, it is able to detect most cases of CSRF #vulnerabilities, their related #bypasses and further generate (#maliciously) exploitable proof of concepts with each found vulnerability.
Features:-
1. Performs several types of checks before declaring an endpoint as #vulnerable.
2. Can detect several types of Anti-CSRF tokens in POST requests.
3. Works with a powerful crawler that features continuous crawling and scanning.
4. Out of the box support for custom #cookie values and generic headers.
5. Accurate Token-Strength Detection and Analysis using various #algorithms.
6. It can generate both normal as well as maliciously exploitable CSRF proof of concepts.
7. Well documented code and highly generalized #automated workflow.
8. The user is in control of everything whatever the scanner does.
9. Has a user-friendly interaction #environment with full verbose support.
10. Detailed logging system of errors, vulnerabilities, tokens, and other stuff.
#Download #Link:-
https://github.com/0xInfection/XSRFProbe
XSRFProbe:-- The Prime Cross-Site Request Forgery (#CSRF) #Audit and #Exploitation #Toolkit.
#XSRFProbe is an #advanced Cross-Site Request Forgery (CSRF/ #XSRF) Audit and Exploitation Toolkit. Equipped with a #powerful crawling engine and numerous systematic checks, it is able to detect most cases of CSRF #vulnerabilities, their related #bypasses and further generate (#maliciously) exploitable proof of concepts with each found vulnerability.
Features:-
1. Performs several types of checks before declaring an endpoint as #vulnerable.
2. Can detect several types of Anti-CSRF tokens in POST requests.
3. Works with a powerful crawler that features continuous crawling and scanning.
4. Out of the box support for custom #cookie values and generic headers.
5. Accurate Token-Strength Detection and Analysis using various #algorithms.
6. It can generate both normal as well as maliciously exploitable CSRF proof of concepts.
7. Well documented code and highly generalized #automated workflow.
8. The user is in control of everything whatever the scanner does.
9. Has a user-friendly interaction #environment with full verbose support.
10. Detailed logging system of errors, vulnerabilities, tokens, and other stuff.
#Download #Link:-
https://github.com/0xInfection/XSRFProbe
BugBountyToolkit:-- A multi-platform #bug #bounty #toolkit that can be installed on #Debian/ #Ubuntu or setup with #Docker.
Why should you use this #toolkit?
1. This toolkit offers a 3multiplatform base to work with as the script can be installed on #Linux, set up with Docker or installed on Windows with WSL (#Windows Subsystem for Linux).
2. The installer script can be customized to add or remove specific tools based on your requirements.
3. Tools are constantly being added, updated and fixed.
#Downlaod #Link:-
https://github.com/AlexisAhmed/BugBountyToolkit
BugBountyToolkit:-- A multi-platform #bug #bounty #toolkit that can be installed on #Debian/ #Ubuntu or setup with #Docker.
Why should you use this #toolkit?
1. This toolkit offers a 3multiplatform base to work with as the script can be installed on #Linux, set up with Docker or installed on Windows with WSL (#Windows Subsystem for Linux).
2. The installer script can be customized to add or remove specific tools based on your requirements.
3. Tools are constantly being added, updated and fixed.
#Downlaod #Link:-
https://github.com/AlexisAhmed/BugBountyToolkit
Why should you use this #toolkit?
1. This toolkit offers a 3multiplatform base to work with as the script can be installed on #Linux, set up with Docker or installed on Windows with WSL (#Windows Subsystem for Linux).
2. The installer script can be customized to add or remove specific tools based on your requirements.
3. Tools are constantly being added, updated and fixed.
#Downlaod #Link:-
https://github.com/AlexisAhmed/BugBountyToolkit
BugBountyToolkit:-- A multi-platform #bug #bounty #toolkit that can be installed on #Debian/ #Ubuntu or setup with #Docker.
Why should you use this #toolkit?
1. This toolkit offers a 3multiplatform base to work with as the script can be installed on #Linux, set up with Docker or installed on Windows with WSL (#Windows Subsystem for Linux).
2. The installer script can be customized to add or remove specific tools based on your requirements.
3. Tools are constantly being added, updated and fixed.
#Downlaod #Link:-
https://github.com/AlexisAhmed/BugBountyToolkit