Clik here to view.
Msfvenom Payload Creator (MPC) v-1.4.1.
Changelog v1.4.1 : Supports non-root users & non english OSs. MPC-v1-4-1quick way to generate various “basic” Meterpreter payloads via msfvenom (part of the Metasploit framework). Msfvenom Payload...
View ArticleClik here to view.
Updates NoSQLMap – Automated Mongo database and NoSQL web application...
Latest Change 11/1/2016: + nosqlmap.py : Fixed crash setting options. NoSQLMap is an open source Python tool designed to audit for as well as automate injection attacks and exploit default...
View ArticleClik here to view.
crisp.sh v1.0.7 – msfvenom shellcode generator/compiler/listenner.
[ DISCLAMER ] The author does not hold any responsibility about the bad use of this script, remmenber that attacking targets without prior concent its ilegal and punish by law. The script will use...
View ArticleClik here to view.
PhpSploit v2.3.0 (in Development) – Stealth post-exploitation framework.
changelog Version 2.3.0 (IN DEVELOPMENT): + Fix issue #9 (small bug in api.payload.Payload()) + lrun command is now able to change PWD (issue #10) + Remove deprecated lcd and lpwd commands. + Fix some...
View ArticleClik here to view.
Padding oracle attack against ASP.NET
An exploit for the Padding Oracle Attack. Tested against ASP.NET, works like a charm. The CBC mode must use PKCS7 for the padding block. This is an implementation of this great article Padding Oracle...
View ArticleClik here to view.
EaST v0.9.6 – Exploits and Security Tools Framework.
Changelog v0.9.6: + java serialization added. + Prints error to console if can’t load module: – fix: Resizing width of controls with resizing width of run module dialog – fix: Code editor loads...
View ArticleClik here to view.
Foolav – Pentest tool for antivirus evasion and running arbitrary payload on...
Executable compiled with this code is useful during penetration tests where there is a need to execute some payload (meterpreter maybe?) while being certain that it will not be detected by antivirus...
View ArticleClik here to view.
Potato – Windows privilege escalation through NTLM Relay and NBNS Spoofing.
How it works? Potato takes advantage of known issues in Windows to gain local privilege escalation, namely NTLM relay (specifically HTTP->SMB relay) and NBNS spoofing. Using the techniques outlined...
View ArticleClik here to view.
venom.sh v1.0.8 stable released – msfvenom shellcode...
[ DISCLAMER ] The author does not hold any responsibility about the bad use of this script, remember that attacking targets without prior concent its ilegal and punish by law. Latest change v1.0.8: +...
View ArticleClik here to view.
JReFrameworker v1.1.1 – A practical tool for creating Managed Code Rootkits...
JReFrameworker v1.1.1 Changelog latest version 1.1.1.201601161527: + Adding command line options for dropper jar, more reliable output options JReFrameworker is an Eclipse plugin for creating and...
View ArticleClik here to view.
ATSCAN v5.0 – perl script for vulnerable Server, Site and dork scanner.
changelog v5.0: + Changes all structure file. Description: ATSCAN SEARCH engine XSS scanner. Sqlmap. LFI scanner. Filter wordpress and Joomla sites in the server. Find Admin page. Decode / Encode MD5 +...
View ArticleClik here to view.
Updates XXEInjector – Tool for automatic exploitation of XXE vulnerability...
Latest change 19/1/2016: + XXEinjector.rb ; All Structure Files changes. XXEinjector automates retrieving files using direct and out of band methods. Directory listing only works in Java applications....
View ArticleClik here to view.
LynxFramework is an extension browser exploitation framework.
LynxFramework is an operating tool for web browser offering a specialized service in the effect browser extension development , namely Google Chrome and Firefox soon. The operation is based on the...
View ArticleClik here to view.
venom.sh Codename: comodo venom 1.0.9 released.
Changelog v1.0.9 Comodo Venom 20/1/2016: + venom.sh + template: remove templates/easy_ps1.bat, remove templates/easy_ps1.bat + display shellcode: venom-sh-1-0-9 The script will use msfvenom...
View ArticleClik here to view.
searchsploit – exploit database in windows version.
This is one off of exploit database written in c# for windows environments. searchsploit Requirements: (Update Required at first use to download necessary packages) searchsploit -u or searchploit...
View ArticleClik here to view.
smod v1.0.1 – MODBUS Penetration Testing Framework
Changelog v1.0.1: + Modules Description ——— ———– modbus/dos/galil RIO DOS Galil...
View ArticleClik here to view.
Proof of concept exploit, showing how to do bytecode injection through...
Spring framework is commonly used 3rd party library used by many java server projects. If spring-tx.jar, spring-commons.jar and javax.transaction-api.jar are in your class path, and you use RMI, JMS,...
View ArticleClik here to view.
SecurityLab is a collection Program vulnerabilities, OpenSSL, and web app...
NOTE: This Post For Education and Security Research Only. SecurityLab is a collection Program vulnerabilities, OpenSSL, and web app attacks. —Explaination— Lab1: sploit1 The vulnerability is: strcpy()...
View ArticleClik here to view.
Venom.sh Codename: Komodo Venom v1.0.10.
Changelog Codename: Komodo Venom v1.0.10 : FUNCTION | DESCRIPTION ——- ————————————————————————— bug fix -> ‘getsystem’ bug fixed in all resource files (.rc) improved...
View ArticleClik here to view.
Updates Xploit is an Open source exploit framework made in C#.
Changelog 25/1/2016: + Update ConsoleCommand.cs + XPloit: Process Memory dump + Xploit.Module: Update ProcessMemoryDump.cs + XPloit.sln : fix letter + XPloit.Core.Rfid: Fix uppercase 2/2...
View Article