SQLite - Exploit Boolean-Based Blind SQL Injections Bug

SQLbit – Script for Automatize Boolean-Based Blind SQL Injections

SQL Blind Injection Tool Just another script for automatize boolean-based blind SQL injections. Works with SQLite at least, supports using cookies. It uses bitwise comparisons with multithreading to find cell…

Read more »
EvilSelenium - Tool That Weaponizes Selenium to Attack Chromium Based Browsers

EvilSelenium – Tool That Weaponizes Selenium to Attack Chromium Based Browsers

EvilSelenium EvilSelenium is a new project that weaponizes Selenium to abuse Chromium-based browsers. The current features right now are: Steal stored credentials (via autofill) Steal cookies Take screenshots of websites Dump Gmail/O365…

Read more »
DalFox Rest API server mode - Powerful Automated XSS Scanning Tool And Parameter Analyzer

DalFox – Powerful Automated XSS Scanning Tool And Parameter Analyzer

Dalfox XSS Tool DalFox is an powerful automated XSS scanning tool and parameter analyzer and utility that fast the process of detecting and verify XSS flaws. It comes with a…

Read more »
Bluffy - Convert Shellcode Into Different Formats Full Example

Bluffy – Convert Shellcode Into Different Formats

Overview Bluffy is a utility which was used in experiments to bypass Anti-Virus products (statically) by formatting shellcode into realistic looking data formats. Proof-of-concept tools, such as 0xBoku‘s Ninja_UUID_Runner and ChoiSG‘s UuidShellcodeExec, inspired the initial…

Read more »
Second-Order---Subdomain-Takeover-Scanner-Tool

Second Order – Subdomain Takeover Scanner

Overview Scans web applications for second-order subdomain takeover by crawling the app, and collecting URLs (and other data) that match certain rules, or respond in a certain way. Installation From…

Read more »
Espoofer - Email or Gmail Spoofing Tool

Espoofer – Tool for Email Spoofing Testing

espoofer espoofer is an open-source testing tool to bypass SPF, DKIM, and DMARC authentication in email systems. It helps mail server administrators and penetration testers to check whether the target email…

Read more »
EXOCET - Tool to Create Fully Undetectable Malware or Payload by Antivirus

EXOCET – Tool to Create Undetectable Malware or Payload by Antivirus

A lot of pentesters have their own method to encrypt malware that can bypass antivirus detection. Because antivirus company updating their viruses database every day, so it is important to…

Read more »