EvilSelenium - Tool That Weaponizes Selenium to Attack Chromium Based Browsers

EvilSelenium – Tool That Weaponizes Selenium to Attack Chromium Based Browsers

EvilSelenium EvilSelenium is a new project that weaponizes Selenium to abuse Chromium-based browsers. The current features right now are: Steal stored credentials (via autofill) Steal cookies Take screenshots of websites Dump Gmail/O365…

Read more »
Waybackurls - Extract All URLs From a Domain

Waybackurls – Extract All URLs From a Domain

waybackurls waybackurls is tool that can fetch all the URLs that the Wayback Machine knows about for a domain. Accept line-delimited domains on stdin, fetch known URLs from the Wayback…

Read more »
DalFox Rest API server mode - Powerful Automated XSS Scanning Tool And Parameter Analyzer

DalFox – Powerful Automated XSS Scanning Tool And Parameter Analyzer

Dalfox XSS Tool DalFox is an powerful automated XSS scanning tool and parameter analyzer and utility that fast the process of detecting and verify XSS flaws. It comes with a…

Read more »
LazyCSRF - More Powerful CSRF PoC Generator on Burp Suite

LazyCSRF – More Powerful CSRF PoC Generator on Burp Suite

LazyCSRF LazyCSRF is a more useful CSRF PoC generator on Burp Suite extentions/plugins. It is more accurate and powerfull than regular CSRF PoC extentions on Burp Suite. Motivation Burp Suite…

Read more »
Google Bug Bounty - A List of Writeups From Google VRP Bug Bounty Program

Google Bug Bounty – A List of Writeups From Google VRP Bug Bounty Program

This is the writeup list from google bug bounty program. The list that shown here is just bug from google. Writeups: 2022: [Feb 06 – $2,674] Auth Bypass in Google Assistant* by David…

Read more »
Ksubdomain - Fast and Accurate Subdomain Enumeration Tool and Blasting tool, Port Scanning, DNS Blasting

Ksubdomain – Fast and Accurate Subdomain Enumeration Tool

Overview Ksubdomain is a stateless subdomain blasting tool, similar to stateless port scanning, supports fast DNS blasting on Windows/Linux/Mac, and has a retransmission mechanism, so you don’t have to worry…

Read more »
PHP Malware Finder - Detect Potentially Malicious PHP Files

PHP Malware Finder – Detect Potentially Malicious PHP Files

What does it detect? PHP-malware-finder does its very best to detect obfuscated/dodgy code as well as files using PHP functions often used in malwares/webshells. The following list of encoders/obfuscators/webshells are…

Read more »