SQLbit – Script for Automatize Boolean-Based Blind SQL Injections
SQL Blind Injection Tool Just another script for automatize boolean-based blind SQL injections. Works with SQLite at least, supports using cookies. It uses bitwise comparisons with multithreading to find cell…
Read more »
EvilSelenium – Tool That Weaponizes Selenium to Attack Chromium Based Browsers
EvilSelenium EvilSelenium is a new project that weaponizes Selenium to abuse Chromium-based browsers. The current features right now are: Steal stored credentials (via autofill) Steal cookies Take screenshots of websites Dump Gmail/O365…
Read more »
DalFox – Powerful Automated XSS Scanning Tool And Parameter Analyzer
Dalfox XSS Tool DalFox is an powerful automated XSS scanning tool and parameter analyzer and utility that fast the process of detecting and verify XSS flaws. It comes with a…
Read more »
Bluffy – Convert Shellcode Into Different Formats
Overview Bluffy is a utility which was used in experiments to bypass Anti-Virus products (statically) by formatting shellcode into realistic looking data formats. Proof-of-concept tools, such as 0xBoku‘s Ninja_UUID_Runner and ChoiSG‘s UuidShellcodeExec, inspired the initial…
Read more »
Second Order – Subdomain Takeover Scanner
Overview Scans web applications for second-order subdomain takeover by crawling the app, and collecting URLs (and other data) that match certain rules, or respond in a certain way. Installation From…
Read more »
Espoofer – Tool for Email Spoofing Testing
espoofer espoofer is an open-source testing tool to bypass SPF, DKIM, and DMARC authentication in email systems. It helps mail server administrators and penetration testers to check whether the target email…
Read more »
EXOCET – Tool to Create Undetectable Malware or Payload by Antivirus
A lot of pentesters have their own method to encrypt malware that can bypass antivirus detection. Because antivirus company updating their viruses database every day, so it is important to…
Read more »