Malicious PDF Generator ☠️
Generate ten different malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
Usage
Purpose
⚪️ Test web pages/services accepting PDF-files
⚪️ Test security products
⚪️ Test PDF readers
⚪️ Test PDF converters
GitHub
#RedTeam #PDF #Pentesting
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/MRvirusIRBOT
📢 t.iss.one/BugCod3
Generate ten different malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
Usage
┌──(BugCod3㉿kali)-[~]
└─$ python3 malicious-pdf.py burp-collaborator-url
Output will be written as: test1.pdf, test2.pdf, test3.pdf etc in the current directory.Purpose
⚪️ Test web pages/services accepting PDF-files
⚪️ Test security products
⚪️ Test PDF readers
⚪️ Test PDF converters
GitHub
#RedTeam #PDF #Pentesting
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/MRvirusIRBOT
📢 t.iss.one/BugCod3
🔥4
WinPwn
To automate as many internal penetrationtest processes (reconnaissance as well as exploitation) and for the proxy reason I wrote my own script with automatic proxy recognition and integration.
The script is mostly based on well-known large other offensive security Powershell projects.
GitHub
#RedTeam #PowerShell #Pentesting
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/MRvirusIRBOT
📢 t.iss.one/BugCod3
To automate as many internal penetrationtest processes (reconnaissance as well as exploitation) and for the proxy reason I wrote my own script with automatic proxy recognition and integration.
The script is mostly based on well-known large other offensive security Powershell projects.
GitHub
#RedTeam #PowerShell #Pentesting
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/MRvirusIRBOT
📢 t.iss.one/BugCod3
🔥1
Penetration-Testing-Tools
A collection of my Penetration Testing Tools, Scripts, Cheatsheets
This is a collection of more than a 160+ tools, scripts, cheatsheets and other loots that I've been developing over years for Penetration Testing and IT Security audits purposes. Most of them came handy at least once during my real-world engagements.
Notice: In order to clone this repository properly - use
#RedTeam #Pentesting #Tools
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/MRvirusIRBOT
📢 t.iss.one/BugCod3
A collection of my Penetration Testing Tools, Scripts, Cheatsheets
This is a collection of more than a 160+ tools, scripts, cheatsheets and other loots that I've been developing over years for Penetration Testing and IT Security audits purposes. Most of them came handy at least once during my real-world engagements.
Notice: In order to clone this repository properly - use
--recurse-submodulesswitch:
git clone --recurse https://github.com/mgeeky/Penetration-Testing-Tools.git
GitHub#RedTeam #Pentesting #Tools
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/MRvirusIRBOT
📢 t.iss.one/BugCod3
⚡1
Gobuster
Gobuster is a tool used to brute-force:
⚪️ URIs (directories and files) in web sites.
⚪️ DNS subdomains (with wildcard support).
⚪️ Virtual Host names on target web servers.
⚪️ Open Amazon S3 buckets
⚪️ Open Google Cloud buckets
⚪️ TFTP servers
GitHub
⬇️ Download
🔒
#Go #Dns #Web #Pentesting #Tools
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/MRvirusIRBOT
📢 t.iss.one/BugCod3
Gobuster is a tool used to brute-force:
⚪️ URIs (directories and files) in web sites.
⚪️ DNS subdomains (with wildcard support).
⚪️ Virtual Host names on target web servers.
⚪️ Open Amazon S3 buckets
⚪️ Open Google Cloud buckets
⚪️ TFTP servers
GitHub
⬇️ Download
🔒
BugCod3#Go #Dns #Web #Pentesting #Tools
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/MRvirusIRBOT
📢 t.iss.one/BugCod3
👍3
FinalRecon is an automatic web reconnaissance tool written in python. Goal of FinalRecon is to provide an overview of the target in a short amount of time while maintaining the accuracy of results. Instead of executing several tools one after another it can provide similar results keeping dependencies small and simple.
FinalRecon provides detailed information such as :
⚪️ Header Information
⚪️ Whois
⚪️ SSL Certificate Information
⚪️ Crawler
...
⚪️ DNS Enumeration
...
⚪️ Subdomain Enumeration
...
⚪️ Directory Searching
...
⚪️ Wayback Machine
...
⚪️ Port Scan
...
⚪️ Export
...
Github
#pentesting #web #Tools
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/MRvirusIRBOT
📢 t.iss.one/BugCod3
FinalRecon provides detailed information such as :
⚪️ Header Information
⚪️ Whois
⚪️ SSL Certificate Information
⚪️ Crawler
...
⚪️ DNS Enumeration
...
⚪️ Subdomain Enumeration
...
⚪️ Directory Searching
...
⚪️ Wayback Machine
...
⚪️ Port Scan
...
⚪️ Export
...
Github
#pentesting #web #Tools
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/MRvirusIRBOT
📢 t.iss.one/BugCod3
⚡3
Attack Surface Management Platform
Discover hidden assets and vulnerabilities in your environment
Integrate with the leading commercial and open source vulnerability scanners to scan for the latest CVEs and vulnerabilities.
Hacking is a problem that's only getting worse. But, with Sn1per, you can find what you can’t see—hidden assets and vulnerabilities in your environment.
Sn1per is a next-generation information gathering tool that provides automated, deep, and continuous security for organizations of all sizes.
cd Sn1per
bash install.sh
BugCod3#Cybersecurity #Pentesting #Sn1per
Please open Telegram to view this post
VIEW IN TELEGRAM
p0wny@shell:~# is a very basic, single-file, PHP shell. It can be used to quickly execute commands on a server when pentesting a PHP application. Use it with caution: this script represents a security risk for the server.
↑ ↓)Tab key)cd command)upload <destination_file_name> command)download <file_name> command)Demo with Docker:
docker build -t p0wny .
docker run -it -p 8080:80 -d p0wny
# open with your browser https://127.0.0.1:8080/shell.php
BugCod3#PHP #Shell #Pentesting
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥3⚡2❤1
Canarytokens
You'll be familiar with web bugs, the transparent images which track when someone opens an email. They work by embedding a unique URL in a page's image tag, and monitoring incoming GET requests.
Imagine doing that, but for file reads, database queries, process executions or patterns in log files. Canarytokens does all this and more, letting you implant traps in your production systems rather than setting up separate honeypots.
🌐 Site
#Pentesting #BugBounty
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/BugCod3BOT
📣 t.iss.one/BugCod3
You'll be familiar with web bugs, the transparent images which track when someone opens an email. They work by embedding a unique URL in a page's image tag, and monitoring incoming GET requests.
Imagine doing that, but for file reads, database queries, process executions or patterns in log files. Canarytokens does all this and more, letting you implant traps in your production systems rather than setting up separate honeypots.
🌐 Site
#Pentesting #BugBounty
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/BugCod3BOT
📣 t.iss.one/BugCod3
⚡5
WiFi Penetration Testing & Auditing Tool
Freeway is a Python scapy-based tool for WiFi penetration that aim to help ethical hackers and pentesters develop their skills and knowledge in auditing and securing home or enterprise networks.
PIP:
sudo pip install 3way
Manually:
cd Freeway
sudo pip install .
#1 sudo Freeway
#2 sudo Freeway -i wlan2 -a monitor -p 1,2,a
#3 sudo Freeway -i wlan2 -a deauth
BugCod3#Python #Wifi #Pentesting
Please open Telegram to view this post
VIEW IN TELEGRAM
❤3👍3⚡2🔥2