FATT - Capture Network Metadata and Fingerprints From PCAP Files And Live Network Traffic

FATT – Script For Extracting Network Metadata and Fingerprints From PCAP Files And Live Network Traffic

Fatt is a script for extracting network metadata and also fingerprints such as JA3 and HASSH from packet capture files (pcap) or live network traffic.

Read more »
Wfuzz - best web application scanner

Wfuzz – Web Application Fuzzer

To find the vulnerabilities on web application you need use right tool to get accurate vulnerabilities. Wfuzz is one of best web application scanner tool, brute forcing directory, fuzzing POST…

Read more »
Amass - Attack Surface Mapping and External Asset Discovery

Amass – In-depth DNS Enumeration, Attack Surface Mapping and External Asset Discovery

Amass is In-depth DNS Enumeration Tool, Attack Surface Mapping and External Asset Discovery. Developed by OWASP to help Penetration Testers.

Read more »
SQL injection payload list

SQL Injection Payload List

SQL Injection Payload List SQL Injection In this section, we’ll explain what SQL injection is, describe some common examples, explain how to find and exploit various kinds of SQL injection…

Read more »
DDoor - Cross Platform Backdoor Using DNS txt Records xploitlab

DDoor – Cross Platform Backdoor Using DNS txt Records

To hack any devices attacker mostly use trojan/backdoor that infect victim machine and gain access into it. DDoor is a cross platform backdoor.

Read more »
DMC (deploy my code) - Upload Files To an ftp Server Without Any ftp-clients-min

DMCode – Tool That Allows You To Upload Your Code To an ftp Server Without Any ftp-clients

DMC (Deploy My Code) DMCode – like a deploy my code Allows you to upload your code to an ftp server without any ftp/sftp clients. why is this needed? for example, you…

Read more »
Burp Suite Extension to Discover Assets From HTTP Response xploitlab

BurpSuite Asset Discover – Burp Suite Extension to Discover Assets From HTTP Response

Burp Suite extension to discover assets from HTTP response using passive scanning. Passively parses HTTP response of the URLs in scope and identifies different type assets such as domain, subdomain, IP, S3 bucket etc.

Read more »