Sniff
A lightweight packet sniffer for Windows and Linux that captures Layer 2 (Ethernet) packets, displaying detailed hex and ASCII output. It supports sniffing on any network interface and saves packets to a PCAP file for analysis.
SniffSysMonitorTool
The Process Logger Tool is a Python script that tracks running processes and their network connections. It provides details like PID, process name, status, executable path, and network connections (IP, port, status). It logs all data to a file for easy review, making it useful for security audits and system monitoring.
SysMonitorToolxssattack
This Python tool is designed to test web applications for Cross-Site Scripting (XSS) vulnerabilities by injecting payloads into specified URL parameters and detecting JavaScript alerts. It leverages the Selenium library for browser automation.
xssattacksub-enum
This Python script is a comprehensive tool designed to discover and collect subdomains for a given domain. It integrates multiple subdomain enumeration tools and services to provide a consolidated list of subdomains.
sub-enumwebshell
This tool is a simple webshell that allows a user to execute commands directly from a web interface. The webpage has a terminal-like appearance, where the user can input commands into a text box and submit them via a form. Once a command is submitted, the PHP script processes the input using shell_exec(), executes the command on the server, and displays the output in the terminal area on the page.
webshellbypassing-php-whitelist-validation
This tool is a Bash script designed to facilitate the creation of wordlists tailored for upload attacks targeting web applications. It systematically generates a list of filenames incorporating various characters and common PHP file extensions. By iterating through different combinations of characters such as spaces, newlines, null bytes, carriage returns, slashes, dots, colons, and ellipses, and appending or prepending them to typical PHP file extensions, the script generates a comprehensive wordlist. Each generated filename represents a potential vector for upload-based attacks, helping security researchers and penetration testers assess and fortify the resilience of web applications against such threats.
bypassing-php-whitelist-validationBashReconKit
Reconnaissance Script This script provides a suite of tools for performing reconnaissance tasks on a specified domain or IP address. It is designed to facilitate various network and DNS investigations from a single interface.
BashReconKitCipherShell
CipherShell is a secure client-server communication tool that allows remote command execution over an encrypted SSL connection. This tool is designed to provide a secure channel for running commands on a target machine and receiving output remotely. The server can send commands, and the client will execute them and return the results.
CipherShellurl-parameter-scanner
A lightweight Python tool that scans a list of URLs and detects specific query parameters, designed for web scraping and cybersecurity purposes. This script searches through a provided text file containing URLs and identifies occurrences of predefined parameters, displaying the full URL when a match is found.
url-parameter-scannerFTPHunter
FTPHunter is a powerful and efficient tool designed for FTP server enumeration and vulnerability assessment. It allows security professionals and penetration testers to quickly discover key information about FTP servers, such as anonymous login capabilities, file access permissions, server banners, and more.
FTPHunterStealthCommand
This script creates a simple TCP server that enables remote command execution. Clients can connect to the server, send commands, and receive the output. Running as a daemon in the background, it operates discreetly and can handle multiple client connections at once. This makes it suitable for tasks like remote administration, and pentesting as it runs silently without user interaction, hiding its output. It also forks the process to ensure it stays active even if the user closes the terminal. The use of threads allows the server to handle multiple clients concurrently, improving scalability, by leveraging the setproctitle module, the script can rename the process, making it harder to detect in system process lists.
StealthCommandDNS-Enumeration
A simple and effective Python script to perform DNS zone transfers (AXFR) for subdomain enumeration. This tool queries specified nameservers for a target domain and retrieves the zone data to identify subdomains. It supports parallel zone transfer requests, automatic retries on failure, and outputs results in various formats such as plain text, CSV, or JSON for easy processing.
DNS-Enumeration