Mimikittenz – Post-Exploitation Powershell Tool for Extracting Juicy info from Memory

Mimikittenz – Post-Exploitation Powershell Tool for Extracting Juicy info from Memory

Mimikittenz is a post-exploitation powershell tool that utilizes the Windows function ReadProcessMemory() in order to extract plain-text passwords from various target processes. mimikittenz can also easily extract other kinds of juicy info from target processes using regex patterns including but not limited to: TRACK2 (CreditCard) data from merchant/POS processes PII data Encryption Keys & All the other goodstuff Note:This tool is targeting running process memory address space, once a process…

Scansploit – Exploit using barcodes, QRcodes, earn13, datamatrix

Scansploit – Exploit using barcodes, QRcodes, earn13, datamatrix

Scansploit – is a tool for Injecting Malicious Payloads Into Barcodes (code128, QRCodes, DataMatrix and EAN13) Tool for Injecting Malicious Payloads Into Barcodes: Barcodes (code128) QRCodes DataMatrix EAN13 Requirements: Python3 PyStrich pip3 install pystrich Incase of jpeg error: sudo apt-get install libtiff5-dev zlib1g-dev libfreetype6-dev liblcms2-dev libwebp-dev tcl8.6-dev tk8.6-dev python-tk Pillow pip3 install pillow Download Scansploit at Github

THC-Hydra 8.2 Released

THC-Hydra 8.2 Released

When you need to brute force crack a remote authentication service, Hydra is often the tool of choice. It can perform rapid dictionary attacks against more than 50 protocols, including telnet, ftp, http, https, smb, several databases, and much more. Like THC Amap this release is from the fine folks at THC. Other online crackers are Medusa and Ncrack. The Nmap Security Scanner also contains many online brute force password…

Detux – The Multiplatform Linux Sandbox

Detux – The Multiplatform Linux Sandbox

Detux is a sandbox developed to do traffic analysis of the Linux malwares and capture the IOCs by doing so. QEMU hypervisor is used to emulate Linux (Debian) for various CPU architectures. The following CPUs are currently supported: x86 x86-64 ARM MIPS MIPSEL Use the Live version now: http://detux.org What’s in this release? This release of Detux contains the script for executing a Linux binary/script in a specified CPU arch.…

Shadowd – The Shadow Daemon Web Application Firewall Server

Shadowd – The Shadow Daemon Web Application Firewall Server

Shadow Daemon is a collection of tools to detect, record and prevent attacks on web applications. Technically speaking, Shadow Daemon is a web application firewall that intercepts requests and filters out malicious parameters. It is a modular system that separates web application, analysis and interface to increase security, flexibility and expandability. This is the main component that handles the analysis and storage of requests. Installation The easiest way to install…

XssPy – Web Application XSS Scanner

XssPy – Web Application XSS Scanner

XssPy is a python tool for finding Cross Site Scripting vulnerabilities in websites. This tool is the first of its kind. Instead of just checking one page as most of the tools do, this tool traverses the website and find all the links and subdomains first. After that, it starts scanning each and every input on each and every page that it found while its traversal. It uses small yet…