WebSlayer (Brute Forcing Web Applications) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="http://4.bp.blogspot.com/-gz2gYZsred4/UjGBhgo6mTI/AAAAAAAAAkk/pw05pKiBIRw/s1600/webslayer-1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="OWASP WebSlayer :: ToolWar" border="0" height="318" src="https://4.bp.blogspot.com/-gz2gYZsred4/UjGBhgo6mTI/AAAAAAAAAkk/pw05pKiBIRw/s1600/webslayer-1.png" title="OWASP WebSlayer :: ToolWar" width="400" /></a></div> <div style="text-align: justify;"> <b>WebSlayer</b> is a tool designed for brute forcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts,files, etc), brute force GET and POST parameters, bruteforce Forms parameters (User/Password), Fuzzing, etc. The tools has a payload generator and an easy and powerful results analyzer. </div> <div style="text-align: justify;"> You can perform attacks like: </div> <ul style="text-align: justify;"> <li>Predictable resource locator, recursion supported (Discovery) </li> </ul> <ul style="text-align: justify;"> <li>Login forms brute force </li> </ul> <ul style="text-align: justify;"> <li>Session brute force </li> </ul> <ul style="text-align: justify;"> <li>Parameter brute force </li> </ul> <ul style="text-align: justify;"> <li>Parameter fuzzing and injection (XSS, SQL) </li> </ul> <ul style="text-align: justify;"> <li>Basic and Ntml authentication brute forcing </li> </ul> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/Ce413RcYuGI?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div style="text-align: center;"> </div> <br /> <b>Download Here ::</b>  <a href="https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/webslayer/WebSlayer-Beta.msi" target="_blank">WebSlayer Beta</a><b><br /></b><br /> <b>Official Website :: </b>http://www.edge-security.com/webslayer.php </div>

WebSlayer (Brute Forcing Web Applications) :: Tools

WebSlayer is a tool designed for brute forcing Web Applications, it can be used for finding resources not linked (directories, servl...

Read more »

OWASP Amass - Subdomain Enumeration/Scanner : Tool

<div class="separator" style="clear: both; text-align: center;"> <a href="https://4.bp.blogspot.com/-qFsQ9Ima-i0/XRmv1Rd6NSI/AAAAAAAACCM/VwCqN1tIfDIG8l0spMMzahxFAUs9XpTswCLcBGAs/s1600/Amass.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="OWASP Amass Subdomain Scanner" border="0" data-original-height="327" data-original-width="647" height="202" src="https://4.bp.blogspot.com/-qFsQ9Ima-i0/XRmv1Rd6NSI/AAAAAAAACCM/VwCqN1tIfDIG8l0spMMzahxFAUs9XpTswCLcBGAs/s400/Amass.JPG" title="OWASP Amass Subdomain Scanner" width="400" /></a></div> <br /> <div style="text-align: justify;"> The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and perform external asset discovery using open source information gathering and active reconnaissance techniques.</div> <b><br /> </b> <b>Information Gathering Techniques Used:</b><br /> <br /> <div style="text-align: justify;"> 1] DNS: Basic enumeration, Brute forcing (upon request), Reverse DNS sweeping, Subdomain name alterations/permutations, Zone transfers (upon request)</div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> 2] Scraping: Ask, Baidu, Bing, CommonCrawl, DNSDumpster, DNSTable, Dogpile, Exalead, FindSubdomains, Google, HackerOne, IPv4Info, Netcraft, PTRArchive, Riddler, SiteDossier, ViewDNS, Yahoo</div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> 3] Certificates: Active pulls (upon request), Censys, CertDB, CertSpotter, Crtsh, Entrust</div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> 4] APIs: AlienVault, BinaryEdge, BufferOver, CIRCL, DNSDB, HackerTarget, Mnemonic, NetworksDB, PassiveTotal, RADb, Robtex, SecurityTrails, ShadowServer, Shodan, Sublist3rAPI, TeamCymru, ThreatCrowd, Twitter, Umbrella, URLScan, VirusTotal</div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> 5] Web Archives: ArchiveIt, ArchiveToday, Arquivo, LoCArchive, OpenUKArchive, UKGovArchive, Wayback</div> <div style="text-align: justify;"> <br /></div> <h3 style="text-align: justify;"> Video Tutorial:</h3> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="" class="YOUTUBE-iframe-video" data-thumbnail-src="https://i.ytimg.com/vi/mEQnVkSG19M/0.jpg" frameborder="0" height="330" src="https://www.youtube.com/embed/mEQnVkSG19M?feature=player_embedded" width="100%"></iframe></div> <h3 style="text-align: justify;">  </h3> <h3 style="text-align: justify;"> Documentation:  </h3> <div style="text-align: justify;"> 1] <a href="https://github.com/OWASP/Amass/blob/master/doc/install.md" target="_blank">Installation Guide </a></div> <div style="text-align: justify;"> 2] <a href="https://github.com/OWASP/Amass/blob/master/doc/user_guide.md" target="_blank">User's Manual/How to Use</a></div> <h3 style="text-align: justify;"> Download:</h3> <div style="text-align: justify;"> Amass is available for various platforms like Linux, Windows, MacOS etc.</div> <div style="text-align: justify;"> 1] <a href="https://github.com/OWASP/Amass" target="_blank">Download Link</a></div> <div style="text-align: justify;"> 2] <a href="https://github.com/OWASP/Amass/releases" target="_blank">Precompiled Binary</a> (Windows, MacOS, Linux)</div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Official Page:</b> <a href="https://github.com/OWASP/Amass" target="_blank">OWASP Amass</a></div>

OWASP Amass - Subdomain Enumeration/Scanner : Tool

The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and p...

Read more »

FireEye Commando VM : Distribution

<div class="separator" style="clear: both; text-align: center;"> <a href="https://1.bp.blogspot.com/-T6Tt-jC8qpc/XKCgQWnwWQI/AAAAAAAACAs/2jaW8sggDM4PwBZdn97vYvbpM9_KXwa8gCLcBGAs/s1600/CVM%2Blogo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="commando vm fireeye" border="0" data-original-height="750" data-original-width="974" height="246" src="https://1.bp.blogspot.com/-T6Tt-jC8qpc/XKCgQWnwWQI/AAAAAAAACAs/2jaW8sggDM4PwBZdn97vYvbpM9_KXwa8gCLcBGAs/s320/CVM%2Blogo.png" title="commando vm fireeye" width="320" /></a></div> <div style="text-align: justify;"> CommandoVM - a fully customized, Windows-based security <a href="http://www.toolwar.com/search/label/Distribution" target="_blank">distribution</a> for penetration testing and red teaming. </div> <div style="text-align: justify;"> Penetration testers commonly use their own variants of Windows machines when assessing Active Directory environments. Commando VM was designed specifically to be the go-to platform for performing these internal penetration tests. The benefits of using a Windows machine include native support for Windows and Active Directory, using your VM as a staging area for C2 frameworks, browsing shares more easily (and interactively), and using tools such as PowerView and BloodHound without having to worry about placing output files on client assets.</div> <div style="text-align: justify;"> Commando VM uses Boxstarter, Chocolatey, and MyGet packages to install all of the software, and delivers many tools and utilities to support penetration testing. This list includes more than 140 tools, including:</div> <ul style="list-style-position: inside; text-align: justify;"> <li><a href="http://www.toolwar.com/2014/02/nmap-and-zenmap-network-discovery-and.html" target="_blank">Nmap</a></li> <li><a href="http://www.toolwar.com/2013/09/wireshark-tools.html" target="_blank">Wireshark</a></li> <li>Covenant</li> <li>Python</li> <li>Go</li> <li>Remote Server Administration Tools</li> <li><a href="http://www.toolwar.com/2013/09/sysinternals.html" target="_blank">Sysinternals</a></li> <li>Mimikatz</li> <li><a href="http://www.toolwar.com/2013/09/burp-suite-tools.html" target="_blank">Burp-Suite</a></li> <li>x64dbg</li> <li>Hashcat</li> </ul> <div style="text-align: justify;"> With such versatility, Commando VM aims to be the de facto <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows </a>machine for every penetration tester and red teamer. For the blue teamers reading this, don’t worry, we’ve got full blue team support as well! The versatile tool sets included in Commando VM provide blue teams with the tools necessary to audit their networks and improve their detection capabilities. With a library of offensive tools, it makes it easy for blue teams to keep up with offensive tooling and attack trends.</div> <div style="text-align: justify;"> <br /></div> <h4> Requirements</h4> <ul> <li>Windows 7 Service Pack 1 or Windows 10</li> <li>60 GB Hard Drive</li> <li>2 GB RAM</li> </ul> <h3 style="text-align: justify;"> Installation Instruction: </h3> <ol> <li>Create and configure a new Windows Virtual Machine</li> </ol> <ul> <li>Ensure VM is updated completely. You may have to check for updates, reboot, and check again until no more remain</li> <li>Take a snapshot of your machine!</li> <li>Download and copy <code>install.ps1</code> on your newly configured machine.</li> <li>Open PowerShell as an Administrator</li> <li>Enable script execution by running the following command: <ul> <li><code>Set-ExecutionPolicy Unrestricted</code></li> </ul> </li> <li>Finally, execute the installer script as follows: <ul> <li><code>.\install.ps1</code></li> <li>You can also pass your password as an argument: <code>.\install.ps1 -password <password></code></li> </ul> </li> </ul> <div style="text-align: justify;"> <b>Detailed Installation Instruction: </b><a href="https://github.com/fireeye/commando-vm" rel="nofollow" target="_blank">Click Here</a><b> </b></div> <div style="text-align: justify;"> <b>Download: </b><a href="https://github.com/fireeye/commando-vm" rel="nofollow" target="_blank">Commando VM</a></div> <div style="text-align: justify;"> <b>Official Website: </b><a href="https://www.fireeye.com/blog/threat-research/2019/03/commando-vm-windows-offensive-distribution.html" rel="nofollow" target="_blank">FireEye</a></div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <br /></div>

FireEye Commando VM : Distribution

CommandoVM - a fully customized, Windows-based security distribution for penetration testing and red teaming. Penetration testers comm...

Read more »

Sublist3r - Subdomain Enumeration / Scanner : Tools

<div class="separator" style="clear: both; text-align: center;"> <a href="https://3.bp.blogspot.com/-Lr8K6MKUAIo/XHDwWpZR6CI/AAAAAAAACAI/T7blTZbKO5IuxAJeJPixbyHHOoJIpxO9QCLcBGAs/s1600/Sublist3r.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Sublist3r - Subdomain Enumeration" border="0" data-original-height="413" data-original-width="867" height="190" src="https://3.bp.blogspot.com/-Lr8K6MKUAIo/XHDwWpZR6CI/AAAAAAAACAI/T7blTZbKO5IuxAJeJPixbyHHOoJIpxO9QCLcBGAs/s400/Sublist3r.JPG" title="Sublist3r - Subdomain Scanner" width="400" /></a></div> <div style="text-align: justify;"> Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Sublist3r enumerates subdomains using many search engines such as Google, Yahoo, Bing, Baidu, and Ask. Sublist3r also enumerates subdomains using Netcraft, Virustotal, ThreatCrowd, DNSdumpster, and ReverseDNS.</div> <div style="text-align: justify;"> <br /></div> <h2 style="text-align: justify;"> <span style="font-size: large;">Installation:</span></h2> <blockquote class="tr_bq"> <pre><code>git clone https://github.com/aboul3la/Sublist3r.git</code></pre> </blockquote> <b><span style="font-size: small;">Dependencies:</span></b><br /> <blockquote class="tr_bq"> <pre><code>sudo pip install -r requirements.txt</code></pre> </blockquote> <b><span style="font-size: small;">How To Use:</span></b> <br /> <blockquote class="tr_bq"> <span style="font-size: large;"> </span><code>python sublist3r.py -v -d example.com</code></blockquote> where -V : Verbose, -d : Domain<br /> <br /> <h3> <b>Download:: </b> </h3> Linux & Windows : <a href="https://github.com/aboul3la/Sublist3r" rel="nofollow" target="_blank">Sublis3r (Official Page)</a>

Sublist3r - Subdomain Enumeration / Scanner : Tools

Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collec...

Read more »

RAFT (Response Analysis and Further Testing Tool) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="raft screenshot toolwar" border="0" height="234" src="http://2.bp.blogspot.com/-aAPtoHFCrZ8/UkbHzElNk_I/AAAAAAAAAs4/QjLMU2BnBrg/s320/raft+logo+toolwar.png" title="raft screenshot toolwar" width="320" /></div> <div style="text-align: justify;"> <span style="font-family: Arial,Helvetica,sans-serif;"><b>RAFT</b> is a<i> Response Analysis and Further Testing Tool</i>. <b>RAFT</b> is a testing tool for the identification of vulnerabilities in web applications. <b>RAFT</b> is a suite of tools that utilize common shared elements to make testing and analysis easier. The tool provides visibility in to areas that other tools do not such as various client side storage.<b> RAFT</b> uses markup to create templates for fuzz testing. </span></div> <div style="text-align: justify;"> <b><br /></b></div> <div style="text-align: justify;"> <b>Download Here :: </b><a href="http://raft.googlecode.com/files/RAFT-3.0.1-win32-setup.exe" target="_blank">RAFT 3.0.1.exe</a></div> <div style="text-align: justify;"> <b>Source ::</b> http://code.google.com/p/raft/</div> </div>

RAFT (Response Analysis and Further Testing Tool) :: Tools

RAFT is a Response Analysis and Further Testing Tool . RAFT is a testing tool for the identification of vulnerabilities in web appli...

Read more »

PHP Vulnerability Hunter :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <img alt="PHP Vulnerability Hunter" border="0" height="100" src="http://1.bp.blogspot.com/-j8Gmbcv6gM4/UjmhYIHLPCI/AAAAAAAAAps/w5pkShlNUF4/s1600/PHP-Vulnerability-Hunter.jpg" title="PHP Vulnerability Hunter" width="400" /></div> <div style="text-align: justify;"> <b>PHP Vulnerability Hunter</b> is an <b>whitebox fuzz testing tool</b> capable of detected several classes of vulnerabilities in PHP web applications.</div> <div style="text-align: justify;"> While most web application fuzzers rely on the user to specify application inputs, PHP vulnerability hunter uses a combination of static and dynamic analysis to automatically map the target application. Because it works by instrumenting application, PHP Vulnerability Hunter can detect inputs that are not referenced in the forms of the rendered page.</div> <div style="text-align: justify;"> PHP Vulnerability Hunter is aware of many different types of vulnerabilities found in PHP applications, from the most common such as cross-site scripting and local file inclusion to the lesser known, such as user controlled function invocation and class instantiation. <br /> <br /> <b>PHP Vulnerability Hunter</b> can detect the following classes of vulnerabilities: </div> <ul style="text-align: justify;"> <li>Arbitrary command execution</li> <li>Arbitrary file read/write/change/rename/delete</li> <li>Local file inclusion</li> <li>Arbitrary PHP execution</li> <li>SQL injection</li> <li>User controlled function invocatino</li> <li>User controlled class instantiation</li> <li>Reflected cross-site scripting (XSS)</li> <li>Open redirect</li> <li>Full path disclosure</li> </ul> <div style="text-align: justify;"> <b>Download Here :: </b><a class="FileNameLink" href="https://phpvulnhunter.codeplex.com/downloads/get/690936" id="fileDownload0" tabindex="9">PHP Vulnerability Hunter 1.4.0.20 Unstable</a></div> <div style="text-align: justify;"> <b>Source Website ::</b> https://phpvulnhunter.codeplex.com</div> </div>

PHP Vulnerability Hunter :: Tools

PHP Vulnerability Hunter is an whitebox fuzz testing tool capable of detected several classes of vulnerabilities in PHP web applicati...

Read more »