Courses
StationX – Cyber Security School
Grow your skills and advance your career with StationX. A Comprehensive online training platform for security professionals!
June 25, 2019
No Comments
Information Gathering
RTS – Real Time Scrapper
RTS (Realtime scrapper) is a tool developed to scrap all pasties,github,reddit..etc in real time to identify occurrence of search terms configured. Upon match an email
May 9, 2019
No Comments
Website Hacking
p0wnyShell: Single-file PHP shell
p0wny@shell:~# is a very basic, single-file, PHP shell. It can be used to quickly execute commands on a server when pentesting a PHP application. Use
May 9, 2019
No Comments
Tricks
How to Bypass SMS Verification of any Website/Service
If you don’t want to give your phone number to a website while creating an account, DON’T GIVE IT TO THEM, because today I’m going
May 9, 2019
No Comments
Information Gathering
Asnlookup: Look up IP addresses registered and owned by a specific organization
This tool will search an updated database for a specific organization’s ASN then use the latter to look up all IP addresses (IPv4 and IPv6)
May 9, 2019
No Comments
Mobile hacking
Top 5 Best Android Game Hacking Apps
Game hacker apps for android allow you to change the code of the games and use it to for your player advantage.
May 9, 2019
No Comments
Hardware Hacking
PRET – Hacking Printer Command Languages
PRET is a new tool for printer security testing developed in the scope of a Master’s Thesis at Ruhr University Bochum. It connects to a
May 8, 2019
No Comments
Mobile hacking
DroidSheep – Arp Spoofing APP for Android
DroidSheep is an android tool developed by Andreas Koch for security analysis in wireless networks. It is basically a session hijacking tool that allows hackers to
May 8, 2019
No Comments
Packet Generators
PackETH – Ethernet Packet Generator
PackETH is GUI and CLI packet generator tool for ethernet. It allows you to create and send any possible packet or sequence of packets on
May 8, 2019
No Comments
Crime
6 Charged for Darknet Drug Trafficking in Georgia
Six people in Georgia have been indicted and charged in federal court for charges related to manufacturing and distributing drugs through the dark web.
May 8, 2019
No Comments
Vulnerability Scanners
DevAudit – Open-source, cross-platform, multi-purpose security auditing tool
DevAudit is an open-source, cross-platform, multi-purpose security auditing tool targeted at developers and teams adopting DevOps and DevSecOps that detects security vulnerabilities at multiple levels
May 8, 2019
No Comments
Carding
Credit Card Phishing Script Tutorial
Paypal credit card phishing script to download and use on remote server.
May 7, 2019
No Comments
Carding
Carding Tutorial – How-to Guide
Carding is term described as a trick whereby products are being shopped/ordered from any online shops e.g Amazon, Jumia, FlipKart using Fake Cards(Credit/Debit).
May 7, 2019
No Comments
h4a
Cyber Threat Intelligence Tools List For Hackers and Security Professionals
Threat Intelligence Tools are more often used by security industries to test the vulnerabilities in network and applications. It helps for the collection and analysis
May 6, 2019
No Comments
Cyber Awareness
India will set up a Defence Cyber Agency in May
In a bid to bolster its capabilities to tackle threats emanating from hackers, mostly from China and Pakistan, India is all set to have Defence
May 6, 2019
No Comments
Crime
Authorities Confirm: Wall Street Market and Valhalla Seized
After a seizure notice showed up on Wall Street Market’s homepage Thursday, authorities are now officially confirming that they’ve seized the market. They have also
May 5, 2019
No Comments
h4a
Is your VPN Legit or Shit?
Those of you who frequent the darkweb should be familiar with VPN (Virtual Private Network) services and have done some research to find a trustworthy
May 4, 2019
No Comments
Payload Creator
Malicious – Malware Downloading Tool
Malicious is a malware downloading tool written in python 2 that contains 70 scripts to exploit android, windows, macosx and linux machines.
May 3, 2019
No Comments
Combo Lists
Generate HQ Combo lists with Pastebin Grabber
Kidux Pastebin Grabber allows one to easily obtain and create combo lists for cracking any account.
May 3, 2019
No Comments
Mobile hacking
Termux Hacks Guide – Commands, Tools and Tutorials
A Third Party developer called “Anonymous” has developed a Linux-self contained App called “Termux” which is used to install Linux based apps in Android and
May 3, 2019
No Comments
Tricks
How to Fix and Update Kali Linux Repositories
The single most common causes of a broken Kali Linux installation are following unofficial advice, and particularly arbitrarily populating the system’s sources.list file with unofficial repositories.
May 2, 2019
No Comments
Tricks
IDM Alternative for Kali Linux
Xtreme Download Manager is a powerful tool to increase download speed up-to 500%, save streaming videos from YouTube, Metacafe, Daily-Motion, Google Video or any other
May 2, 2019
No Comments
Social Media Hacking
WhatsApp Hacking using QRLJacking
QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the applications that relays on “Login with QR code” feature as
May 2, 2019
No Comments
TOR
How to Create your own .Onion Site
The Tor browser is a powerful free tool for browsing the internet anonymously that also unlocks a portion of the deep web in the form
May 2, 2019
No Comments
Website Hacking
Bulletproof Hosting – Web Hosting used by Hackers
You’ve heard of malware, ransomware, botnets, and the like. What you don’t hear about is the technology behind these threats. These threats all have to
May 2, 2019
No Comments
Information Gathering
Hackode – Information Gathering Tool for Android
Developed by Ravi Kumar, Hackode is a popular Android app meant to be used by professionals working in the cyber security domain as well as
May 2, 2019
No Comments
VPN
Most Secure VPN’s used by Hackers
With so many different VPNs on the market – all promising to keep you secure and anonymous – how can you find the best VPN
May 2, 2019
No Comments
Darkweb
What is the Dark Web and how to Access it Safely
It is extremely easy to access the dark web and even easier to be detected on it if you don’t take precautions. If you are
May 1, 2019
No Comments
VPN
8 Use cases of what you can do with a VPN
VPNs are well known and trusted tools for protecting users’ privacy when browsing the Internet. But if you think this is the only thing they
May 1, 2019
No Comments
VPN
Testing your VPN’s Encryption and Privacy – Complete Guide
One little secret of the VPN industry is that most VPNs leak .In one in-depth study of Android free VPN apps, researchers found that 84% of the
May 1, 2019
No Comments
Penetration Testing
Android Application Penetration Testing Checklist
Android is the biggest organized base of any mobile platform and is developing fast—every day. Besides, Android is rising as the most extended operating system
May 1, 2019
No Comments
Penetration Testing
Cloud Computing Penetration Testing Checklist & Important Considerations
Cloud Computing Penetration Testing is a method of actively checking and examining the Cloud system by simulating the attack from the malicious code.
May 1, 2019
No Comments
Penetration Testing
Web Server Penetration Testing Checklist
Web server pen testing performing under 3 major category which is identity, Analyse and Report Vulnerabilities such as authentication weakness, configuration errors, protocol Relation vulnerabilities.
May 1, 2019
No Comments
Open Source
100 Free Opensource Alternatives to Expensive Software
Certain types of software have long had a reputation for being very expensive. As cloud computing has become more popular, many popular software packages have
May 1, 2019
No Comments
SIEM
Intrusion Prevention Systems(IPS) and Its Detailed Function
Like an intrusion detection system (IDS), an intrusion prevention system (IPS) screens network traffic. An Intrusion Prevention System (IPS) is a framework that screens a
May 1, 2019
No Comments
h4a
SOC/SIEM – Indicator of Attacks Explained
IoAs is some events that could reveal an active attack before indicators of compromise become visible. Use of IoAs provides a way to shift from
April 30, 2019
No Comments
Darkweb
100 Working Deep Web, Onion and Dark Web Links
The Dark Web, Deep Web or Darknet is a term that refers specifically to a collection of websites that are publicly visible, but hide the
April 30, 2019
No Comments
Malware Analysis
Flerken – Obfuscated Command Detection Tool
Command line obfuscation has been proved to be a non-negligible factor in fileless malware or malicious actors that are “living off the land”. To bypass
April 30, 2019
No Comments
Cyber Awareness
Top 10 Hacker Forums on Darknet and Clearnet
Here we listed and documented the best forums for both networks — the “ClearNet” and “DarkWeb”. Before we get into this, it is important to
April 30, 2019
No Comments
Vulnerability Scanners
Kube Hunter – Hunt for Security Weaknesses in Kubernetes Clusters
Kube-hunter hunts for security weaknesses in Kubernetes clusters. The tool was developed to increase awareness and visibility for security issues in Kubernetes environments.
April 30, 2019
No Comments
Crime
Darknet’s Biggest Drug Website Dream Market to Shutdown Today
When Manhattan’s district attorney received a tip-off about suspicious ATM withdrawals in 2017, authorities never expected to unravel a sophisticated dark net drug operation on
April 30, 2019
No Comments
Cyber Awareness
Top 10 Cyber Security Podcasts
Production values aside, IT podcasts are frequently guilty of treating the audience like they are either an 83-year-old grandmother with only the vaguest notion of
April 30, 2019
No Comments
Crime
Darknet Investigation Leads to Largest Drug Seizure in New Jersey History
In New Jersey’s largest-ever drug bust, agents seized large quantities of fake Xanax and fentanyl-laced heroin, along with pill presses, mixers and other equipment. The
April 30, 2019
No Comments
h4a
Top 20 Operating Systems for Hackers, Pentesters, Blue and Red Teamers
Here we listed the best operating systems used today by hackers, pentesters, blue and red teamers. (basically anyone in the security sector) These include penetration
April 30, 2019
No Comments
h4a
Deft X – Digital Evidence & Forensics Toolkit
Born from an idea of Stefano Fratepietro, DEFT (acronym for Digital Evidence & Forensics Toolkit) is a distribution made for Digital Forensics and Incident Response,
April 30, 2019
No Comments
h4a
BackBox – Penetration Testing Distribution
BackBox Linux is a penetration testing and security assessment oriented Linux distribution providing a network and systems analysis toolkit. It includes some of the most
April 30, 2019
No Comments
h4a
T-Pot Linux – Multi Honeypot Platform
T-Pot is based on debian. The honeypot daemons as well as other support components being used have been paravirtualized using docker. This allowed developers to run
April 30, 2019
No Comments
h4a
Security Onion – Linux Distro for Intrusion Detection, Enterprise Security Monitoring, and Log Management
Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort,
April 30, 2019
No Comments
h4a
MobiSec – Mobile Penetration Testing Distribution
This project was a DARPA CFT funded project that is now being released through OWASP. It is focused on providing a live environment for mobile
April 30, 2019
No Comments
h4a
Redhunt OS – Virtual Machine for Adversary Emulation and Threat Hunting
RedHunt aims to be a one stop shop for all your threat emulation and threat hunting needs by integrating attacker’s arsenal as well as defender’s
April 30, 2019
No Comments
h4a
DracOS – Lightweight and Powerful Penetration Testing OS
Dracos Linux is an open source operating system provides to penetration testing. Packed with a ton of pentest tools including information gathering, forensics, malware analysis,
April 30, 2019
No Comments
h4a
Qubes OS 4.0.1 Releases
Qubes OS is a security-oriented operating system (OS). The OS is the software that runs all the other programs on a computer. Qubes is free
April 30, 2019
No Comments
h4a
BlackArch Linux – Lightweight Arch Linux Security Based OS
BlackArch Linux is an open source distribution of Linux derived from the lightweight and powerful Arch Linux operating system and designed from the ground up
April 30, 2019
No Comments
Self Hosted
Best Self Hosted Alternatives
Selfhosting is the process of locally hosting and managing applications instead of renting from SaaS providers. This is a long list of Free Software network
April 30, 2019
No Comments
h4a
Security Information and Event Management (SIEM) – A Detailed Explanation
SIEM software products and services combine security information management (SIM) and security event management (SEM). They provide real-time analysis of security alerts generated by network
April 30, 2019
No Comments
h4a
Better Visibility for an Analyst to Handle an Incident with Event ID
We are in the complex world where attacks are increasing day by day, so today the cyber intelligence depends on siem as a part of
April 30, 2019
No Comments
h4a
How to Build and Run a Cyber Security Operations Center
Today’s Cyber security operations center (CSOC) should have everything it needs to mount a competent defense of the ever-changing information technology (IT) enterprise. Here we’ll
April 30, 2019
No Comments
Data Breach
Darknet Vendor Dumps 5th Batch of Stolen Data
A hacker known as Gnosticplayers has dumped his fifth collection of stolen data on the dark web since February. The latest batch includes data from
April 30, 2019
No Comments
Information Gathering
pwnedOrNot – OSINT Tool to Find Passwords for Compromised Email Addresses
pwnedOrNot uses haveibeenpwned v2 api to test email accounts and tries to find the password in Pastebin Dumps.
April 29, 2019
No Comments
Payload Creator
EvilClippy – Assistant for Creating Malicious MS Office Documents.
A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on
April 29, 2019
No Comments
VPN
NordVPN Review
NordVPN is a very popular VPN service with a large customer base. While it is highly recommended on many sites, it can be difficult to
April 29, 2019
No Comments
VPN
VPN.ac Review
VPN.ac is a Romania-based VPN service that provides users with advanced encryption, very secure apps, and excellent performance. Their network consists entirely of dedicated bare-metal servers
April 29, 2019
No Comments
Cyber Awareness
5 Eyes, 9 Eyes, 14 Eyes – Explained
In short, these are just international surveillance alliances representing various countries around the world. These surveillance alliances work together to collect and share mass surveillance
April 29, 2019
No Comments
Cyber Awareness
How to Respond to a Cyber Attack on Your Business
Cyber security affects businesses of all sizes, and in every industry. Today it is a board-level agenda item, which has been placed at number three
April 29, 2019
No Comments
h4a
Rancher launches k3OS, the first Kubernetes operating system
Rancher Labs introduced k3OS, the industry’s first extremely lightweight operating system for Kubernetes. It has extremely low resource consumption, minimal operation, and second-level boot, which
April 29, 2019
No Comments
Operating Systems
Parrot Security OS 4.6 Released with New Updates
Parrot 4.6 Released by Parrot security with so many updates that bring all the hacking tools on the table with new futures and important bug
April 29, 2019
No Comments
Data Breach
Docker Hub Hacked – Hackers Gained Access to 190,000 Users Accounts
Docker Hub Hacked, sensitive data more than 190,000 accounts may have exposed. Docker Hub discovered the unauthorized access to a single Hub database On Thursday,
April 29, 2019
No Comments
h4a
Tortuga – An SMS Spamming tool for Andriod, Linux and Windows
An sms bombing tool for Andriod, Linux and Windows.
April 28, 2019
No Comments
Denial of Service
IP Booter for PS4 and Xbox
Due to popular demand we have listed free IP booters and a tutorial to kick users offline on your PS4 / Xbox.
April 28, 2019
No Comments
Denial of Service
How to kick players Offline on PS4 & Xbox
By attacking the designated IP address assigned to your opponent, you can kick/drop the player and he will be disconnected back to the main menu.
April 28, 2019
No Comments
Crime
Danish Man Sentenced to Four Years in Prison for Using Bitcoin to Launder Money
A 33-year-old Danish man was handed a four year and three month prison sentence for his role in an extortion case on April 8. The
April 28, 2019
No Comments
Social Media Hacking
Bruteforce Instagram Account with BruteSploit
This tool is made for Pentesters to use during a penetration test to enumerate and to use in CTF for combine, manipulation, permutation and transform
April 28, 2019
No Comments
Wifi Hacking
WiFi Pumpkin – Framework for Rogue Wi-Fi AP Attack
WiFi-Pumpkin is security auditing tool that provide the Rogue Access Point to MiTM (Man-In-The-Middle) and network attacks. This tool is capable of creating fake access
April 28, 2019
No Comments
Cyber Awareness
Netflix Produces Dark Web Drug Vendor Series – How to Sell Drugs Online Fast
A brand new Netflix series is inspired by the true story of a German teenager who ran a multi-million dollar dark web based drug empire
April 28, 2019
No Comments
Enumeration
Ranger – Tool to Access and Interact with remote Microsoft Windows based systems.
Ranger is a command-line driven attack and penetration testing tool, which has the ability to use an instantiated catapult server to deliver capabilities against Windows
April 27, 2019
No Comments
MiTM
Intercepter NG – Network Traffic Interception
Intercepter NG is very similar to wireshark in displaying network packets and able to capture traffic remotely so It enables you to run a packet
April 27, 2019
No Comments
Operating Systems
Linux Kodachi – Secure Anti Forensic Anonymous Operating System
Linux Kodachi operating system is based on Debian 9.5 Xbuntu 18.04 LTS, that it will provide you with a secure, anti-forensic, an anonymous operating system
April 27, 2019
No Comments
h4a
April 27, 2019
No Comments
Vulnerability Scanners
Osmedeus – Fully Automated Tool for Reconnaissance and Vulnerability Scanning
Osmedeus allows you to run a collection of awesome tools for reconnaissance and vulnerability scanning against a target.
April 27, 2019
No Comments
Penetration Testing
Reverie – Automated Pentest Tools Designed For Parrot Linux
This tool will automatically make your basic pentesting tasks like information gathering, security auditing, and reporting.
April 27, 2019
No Comments
Payload Creator
EasySploit – Metasploit Automation (EASIER And FASTER Than EVER)
EasySploit – Metasploit automation (EASIER and FASTER than EVER)
April 27, 2019
No Comments
Vulnerability
Air India Servers Down – Flight Operations Affected Several Hours All Over the World
Air India servers shut down for several hours due to the internal glitch that affects the flight operations all around the world and Thousands of
April 27, 2019
No Comments
Crime
60,000+ Stolen Credentials Available on Genesis Store
Genesis Store, an invite-only marketplace on the dark web, is offering more than 60,000 stolen profiles. The credentials on sale include credit card details, browser
April 26, 2019
No Comments
Wifi Hacking
Top 5 Network Adapters for Wifi Hacking
A detailed list of the top 5 network adapters for wifi hacking with kali linux.
April 26, 2019
No Comments
h4a
How to Hack any Facebook Account with Z-Shadow
Z-Shadow automates the phishing process by generating links you forward to the victim.
April 26, 2019
No Comments
h4a
iDope – Kickass Torrents Alternative
iDope is one of those torrent search engines that are worth being mentioned. It works similar to other well-known torrent search engines like Torrentz or Toorgle
April 25, 2019
No Comments
h4a
KickassTorrent Status, Alternatives and Proxies 2019
A list of KickassTorrents proxies, mirrors, and some of the popular and best alternatives.
April 25, 2019
No Comments
h4a
Top 10 Dark Web Search Engines of 2019
When we have to search something on the Internet, our mind by default goes to Google or Bing. Obviously, our mind is tuned that way,
April 25, 2019
No Comments
Reverse Engineering
Ropper – Find Gadgets to Build rop Chains for Different Architectures
You can use ropper to look at information about files in different file formats and you can find ROP and JOP gadgets to build chains
April 25, 2019
No Comments
Hacking News
Avengers: Endgame Leaked Online
Marvel’s latest and perhaps the most anticipated flick ever to be released Avengers: End Game has become an object of controversy lately as hackers and
April 25, 2019
No Comments
Anonymity
DemonSaw – Free Cross Platform Information Sharing
Demonsaw is a new type of information sharing application that allows you to share your files securely. It’s the next leap in the evolution of
April 25, 2019
No Comments
Wifi Hacking
Bully – WPS Brute Force Attack
Bully is a new implementation of the WPS (Wifi Protected Setup) brute force attack. It’s almost identical as other already existing WPS brute force attack
April 25, 2019
No Comments
Data Breach
Millions of Records Leaked From Unsecured Databases Containing Scraped LinkedIn Data
According to a recent report, some unprotected databases have leaked around 60 million records. The leaked data allegedly belongs to LinkedIn users. However, the data
April 25, 2019
No Comments
Crime
Darknet Vendor ‘JetSetLife’ Sentenced to 10 Years
A man who processed orders for the darknet vendor account “JetSetLife” has been sentenced to 10 years in prison.
April 25, 2019
No Comments
Packet Generators
Scapy – Interactive Packet Manipulation Tool
Scapy is a very powerful packet manipulation program and library, written in Python. It allows you to: forge / decode packets of a wide number
April 24, 2019
No Comments
Voice Changer
MorphVOX PRO Cracked – Hacker Voice Changer
If you want to make sure that your true identity remains a secret even if you want to talk over the Internet, you can rely
April 24, 2019
No Comments
Scrapers
Net Ghost – Fresh Proxy Scraper & Checker
Net Ghost is the ultimate free solution for all your proxy needs. If you’re looking for a free, simple and, easy to use program which
April 24, 2019
No Comments
Hacking News
Dark0de Hacking Forum Back Online Under New Management
After being down for over three years, one of the largest and most notorious hacking forums is back online under new ownership.
April 24, 2019
No Comments
Hardware Hacking
Lan Turtle – MiTM Usb Ethernet Adapter
The LAN Turtle is a covert Systems Administration and Pentesting tool providing stealth remote access, network intelligence gathering, and MiTM (man-in-the-middle) surveillance capabilities through a
April 23, 2019
No Comments
Hardware Hacking
Bash Bunny – Powerful Multi-Function USB Attack Device
Bash Bunny is a simple and powerful multi-function USB attack device and automation platform for all pentesters and sysadmins, designed by Hak5, which allows you
April 23, 2019
No Comments
Tricks
How to Find Gmail Account Creation Date
This question has immense value when it comes to Gmail password recovery. Why? When initiating a password reset using the Gmail Contact Form, you have
April 23, 2019
No Comments
Mobile hacking
Best Android Hack Codes
Secret hack codes are usually hidden from users to prevent misuse and exploit. These codes can reveal additional information, run manufacture tests, factory reset, check
April 23, 2019
No Comments
Vulnerability Scanners
Sitadel – Web Application Security Scanner
Sitadel is basically an update for WAScan making it compatible for python >= 3.4 It allows more flexibility for you to write new modules and
April 23, 2019
No Comments
Malware
APT34 Hacking Tools Leak
As reported by Catalin Climpanu, some of the tools used by OilRig attack group have been leaked by a persona using the “Lab Dookhtegan pseudonym”.
April 23, 2019
No Comments
Gaming
5 Nintendo 3ds Emulators for PC, Android & iOS 2019
The 3DS emulator enables to play your lovable classic games such as Super Mario, Top Gun, Base Wars. Ice climber with your iOS, Android and
April 23, 2019
No Comments
Wifi Hacking
Wifiphisher – The Rogue Access Point Framework
Wifiphisher is a rogue Access Point framework for conducting red team engagements or Wi-Fi security testing. Using Wifiphisher, penetration testers can easily achieve a man-in-the-middle
April 23, 2019
No Comments
Penetration Testing
PTF – Penetration Testers Framework
The PenTesters Framework (PTF) is a Python script designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. As pentesters,
April 23, 2019
No Comments
Wifi Hacking
WiFite2 – Automated Wireless Attack Tool
WiFite2 is a complete rewrite of Wifite – a Python script for auditing wireless networks. It runs existing wireless-auditing tools for you, so you won’t need
April 23, 2019
No Comments
Cyber Awareness
SS7 Hack Attack and Counter Measures
Signaling System No. 7 (SS7) is a series of telephony signaling protocols. Also known as CCS7 (Common Channel Signaling System 7) or CCIS7 (Common Channel Interoffice Signaling 7),
April 23, 2019
No Comments
SMS Hacking
SigPloit – Telecom Signaling Exploitation Framework SS7, GTP, Diameter & SIP
SiGploit a signaling security testing framework dedicated to Telecom Security professionals and reasearchers to pentest and exploit vulnerabilites in the signaling protocols used in mobile
April 23, 2019
No Comments
Enumeration
ZMap – The Internet Scanner
ZMap is an open source single packet network scanner designed for Internet-wide network surveys. On a typical desktop computer with a gigabit Ethernet connection, ZMap
April 23, 2019
No Comments
Sql Injection
SQLiv – Massive SQL Injection Vulnerability Scanner
Massive SQL Injection Vulnerability Scanner
April 23, 2019
No Comments
Cyber Awareness
A South African Platform for Combating Cyber Crime
South Africa has witnessed an explosion in cybercrime namely due to the advancement of ICT infrastructure and broadband connectivity in both the public and private
April 23, 2019
No Comments
Bruteforce
iCloudBrutter – AppleID Bruteforce
iCloudBrutter is a simple python (3.x) script to perform basic bruteforce attack againts AppleID.
April 22, 2019
No Comments
Mobile hacking
DroidJack – Android Remote Administration Tool [Cracked]
DroidJack is an android RAT which gives you the power to establish control over your victim’s Android devices with an easy to use GUI and
April 22, 2019
No Comments
Information Gathering
AQUATONE – DNS Reconnaissance
Aquatone is a tool for visual inspection of websites across a large amount of hosts and is convenient for quickly gaining an overview of HTTP-based
April 22, 2019
No Comments
Digital forensics
Skype Log Viewer – Download and View Skype History Without Skype
Skype Log Viewer allows you to view all of your Skype chat logs and then easily export them as text files.
April 21, 2019
No Comments
Open Source
Gpredict – Satellite Tracking Application
Gpredict is a real-time satellite tracking and orbit prediction application. It can track a large number of satellites and display their position and other data
April 21, 2019
No Comments
Digital forensics
Xplico – Network Forensic Analysis Tool
Xplico is an open source network forensic analysis tool that supports HTTP, SIP, IMAP, POP, SMTP, TCP, UDP, IPv6, Facebook, MSN, RTP, IRC, and Paltalk
April 21, 2019
No Comments
Bruteforce
SocialBox – A Bruteforce Attack Framework[ Facebook , Gmail , Instagram ,Twitter]
SocialBox is a Bruteforce Attack Framework [ Facebook , Gmail , Instagram ,Twitter ].
April 21, 2019
No Comments
Information Gathering
PhoneInfoga – Information Gathering Tool for Phone Numbers
One of the most advanced tools to scan phone numbers using only free resources. The goal is to first gather basic information such as country,
April 21, 2019
No Comments
Payload Creator
fireELF – Fileless Linux Malware Framework
fireELF is a opensource fileless linux malware framework thats crossplatform and allows users to easily create and manage payloads. By default is comes with ‘memfd_create’
April 18, 2019
No Comments
Sniffing and Session Hijacking
QRLJacker v2.0 – QRLJacking Exploitation Framework
QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the applications that relays on “Login with QR code” feature as
April 18, 2019
No Comments
Crime
Researchers Claim Billion-Dollar Hacking Group FIN7 Is Still on the Loose
A notorious hacking group known as FIN7 is still targeting individuals and businesses, despite the recent arrest of three of its members.
April 17, 2019
No Comments
Anonymity
Best Secure Browsers that Protect Your Privacy
A secure browser that protects your privacy is absolutely essential for staying safe online and keeping your data secure from third parties.
April 17, 2019
No Comments
Anonymity
Firefox Privacy – The Complete How-To Guide
Mozilla Firefox is arguably the best browser available that combines strong privacy protection features, good security, active development, and regular updates. The newest version of
April 17, 2019
No Comments
Hardware Hacking
Salamandra – Spy Microphone Detection Tool
Salamandra is a tool to detect and locate spy microphones in closed environments. It find microphones based on the strength of the signal sent by the
April 17, 2019
No Comments
Malware Analysis
FakeNet NG – Next Generation Dynamic Network Analysis Tool
FakeNet-NG is a next generation dynamic network analysis tool for malware analysts and penetration testers. It is open source and designed for the latest versions
April 17, 2019
No Comments
Vulnerability Testing
Hackazon – A Modern Vulnerable Web App
Hackazon is a free, vulnerable test site that is an online storefront built with the same technologies used in today’s rich client and mobile applications.
April 17, 2019
No Comments
Crime
5 Arrested in Paris for Stealing Fuel Using a Remote Control from the Dark Web
A five-man group suspected of stealing thousands of liters of fuel from Paris service stations have been arrested by French Police.
April 15, 2019
No Comments
Malware Analysis
FLOSS – Automatically extract obfuscated strings from Malware
The FireEye Labs Obfuscated String Solver (FLOSS) uses advanced static analysis techniques to automatically deobfuscate strings from malware binaries. You can use it just like
April 12, 2019
No Comments
Coding
DevKnox – Autocorrect Security Issues As You Write Code
DevKnox is a first of its kind security tool that enables developers to detect and resolve security issues as they write code in Android Studio.
April 12, 2019
No Comments
Cyber Awareness
Dragonblood Vulnerability Detected in the WPA3 Protocol
Almost one year after its launch, some very serious vulnerabilities that could lead to online password cracking have been detected in the next-generation Wi-Fi security
April 12, 2019
No Comments
Information Gathering
D0xk1t – Web based OSINT and Active Reconnaissance Suite
Active reconnaissance, information gathering and OSINT built in a portable web application. D0xk1t is an open-source, self-hosted and easy to use OSINT and active reconnaissance web application for penetration testers.
April 11, 2019
No Comments
Wifi Hacking
WiFi Bruteforcer – Android App to Crack WiFi Passwords
WiFi Bruteforcer is an android application that bruteforces WiFi passwords using an android device. It does not require a rooted device and is very fast
April 11, 2019
No Comments
Threat Intelligence
Yeti – Open Distributed Threat Intelligence
Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository.
April 11, 2019
No Comments
Remote Administration Tools
Vayne-RaT – An Advanced C# .NET RAT
Vayne-RaT is Free and Open Source Remote Administration Tool Coded In C#.
April 9, 2019
No Comments
Malware Analysis
MISP – Malware Information Sharing Platform and Threat Sharing
The objective of MISP is to foster the sharing of structured information within the security community and abroad.
April 9, 2019
No Comments
Information Gathering
ISeeYou – Tool To Get Exact Location of Users
ISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements.
April 9, 2019
No Comments
Crime
Login Details from Singaporean Government Agencies for Sale on the Dark Web
Asia is increasingly becoming a lucrative high-tech crime target for cybercriminals, Singapore receiving much of the attention.
April 9, 2019
No Comments
h4a
Evilginx 2 – Advanced MiTM Attack Framework
Evilginx 2 is a MiTM Attack Framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection.
April 6, 2019
No Comments
Information Gathering
Eagle Eye – Reverse Lookup Tool for Social Media Accounts
Stalk your Friends. Find their Instagram, FB and Twitter Profiles using Image Recognition and Reverse Image Search.
April 5, 2019
No Comments
Incident Response
RedELK – Red Team’s SIEM
Red Team’s SIEM – easy deployable tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability for
April 5, 2019
No Comments
Crime
Australian IT Worker Arrested for Allegedly Selling $300K in Streaming Logins
The Australian Federal Police recently announced the arrest of Evan Leslie McMahon, a 21-year-old IT professional, for selling login details obtained from various streaming services.
April 5, 2019
No Comments
Crime
Operation SaboTor Leads to 61 Arrests
J-CODE, a team working against online drug trafficking, recently arrested 61 individuals in connection with opioid trade on the dark web.
April 3, 2019
No Comments
Malware
WordPress developer Pigdig uses Customers as Zombies to Perform DDoS
Recently, a developer exposed a very serious “security incident” on his blog. A developer’s client sent him a call for help because after the customer
April 3, 2019
No Comments
h4a
Shadowave: Hacking Facebook ID By Sending Link
Shadowave is a website that provides a “verified” phishing page to gain login details of the victim.
April 3, 2019
No Comments
Sniffing and Session Hijacking
Mallet – A Framework For Creating Proxies
Mallet is a tool for creating proxies for arbitrary protocols, along similar lines to the familiar intercepting web proxies, just more generic.
April 3, 2019
No Comments
IOT Hacking
MQTT-PWN: Your IoT Swiss-Army Knife
MQTT-PWN intends to be a one-stop-shop for IoT Broker penetration-testing and security assessment operations, as it combines enumeration, supportive functions and exploitation modules while packing
April 3, 2019
No Comments
h4a
CQTools: The New Ultimate Hacking Toolkit
On March 27 and 28, 2019, Paula presented Briefings and Arsenal sessions at Black Hat Asia 2019 in Singapore. CQURE Team has written over 200
April 2, 2019
No Comments
Malware
Game of Thrones Downloads Widely Used to Spread Malware
In a recent report, security firm Kaspersky Lab says, based on data obtained from its Kaspersky Security Network, that Game of Thrones is the most
April 2, 2019
No Comments
Hardware Hacking
WarBerryPi – Tactical Exploitation
WarBerryPi was built to be used as a hardware implant during red teaming scenarios where we want to obtain as much information as possible in
April 2, 2019
No Comments
Spoofing
CarbonCopy – Tool to Create a Spoofed Certificate of any Website
A tool which creates a spoofed certificate of any online website and signs an Executable for AV Evasion. Works for both Windows and Linux.
April 2, 2019
No Comments
Post Exploitation
CrackMapExec – A Swiss Army Knife for Pentesting Networks
CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. Built with stealth in mind, CME follows
April 2, 2019
No Comments
Crime
Suspects Linked to Murder of Russian Investigator Arrested
Abdulaziz Abdulazizov, a 19-year-old student in St. Petersburg, is one suspect accused of carrying out a darknet-ordered hit to murder Yevgenia Shishkina, a senior investigator
April 2, 2019
No Comments
Data Breach
NHS Data Breach – 34000 Medical Marijuana Patients Exposed
The Natural Health Services Canada exposed personal information of medical marijuana patients in a breach. This NHS data breach reportedly affected as much as 34,000
April 1, 2019
No Comments
Crime
Bitcoin Scammer Claims to Have Made $760K Through Dark Web Typosquatting
A Bitcoin fraudster claims to have made 200 BTC, the equivalent of around $760,000, through dark web domain squatting.
April 1, 2019
No Comments
Website Hacking
Weevely Tutorial – Basic to Advance PHP Webshell
Weevely is a stealth PHP web shell that is designed for remote server administration and penetration testing.
April 1, 2019
No Comments
VPN
Warp VPN Released from Cloudflare
Today Cloudfare announced the 1.1.1.1 App with Warp performance and security technology. “We built Warp from the ground up to thrive in the harsh conditions
April 1, 2019
No Comments
TOR
Tor Browser 8.0.8 Released
The Tor Project, the organization behind the anonymity-focused Tor browser, has announced yet another release. The Tor browser 8.0.8 is now available for use.
April 1, 2019
No Comments
Cyber Awareness
Complete Penetration Testing & Hacking Tools List
Penetration testing & Hacking Tools are more often used by security industries to test the vulnerabilities in network and applications. Here you can find a
March 31, 2019
No Comments
Cheatsheets
Wireshark Cheatsheet
Wireshark, whose old name is Ethereal; It is a program that can run in many operating systems such as Windows, Linux, MacOS or Solaris and
March 31, 2019
No Comments
Cyber Awareness
Google releases final report on Android security
Compared with its competitors, the more open Android has always had a lot of problems in terms of security. Since then, Google has been more
March 31, 2019
No Comments
h4a
xPlay and Onion Porn Sites
When you can’t find your type of porn on the clearnet, XPlay is where you go to. It’s a full-fledged porn site on the Dark
March 31, 2019
No Comments
Crime
Bithumb Hacked – Hackers Transferred $20 Million Worth of Cryptocurrencies
Bithumb Hacked 3rd time, Yes, One of the worlds largest cryptocurrency exchange Bithumb Hacked by unknown cybercriminals and they have stolen nearly $20 million worth
March 31, 2019
No Comments
Website Hacking
WPScan – Black Box WordPress Vulnerability Scanner
WPScan is a free, for non-commercial use, black box WordPress vulnerability scanner written for security professionals and blog maintainers to test the security of their
March 30, 2019
No Comments
TOR
Onion Decoy – Unannounced Honeypots as a Tor Service
A platform to run private unannounced Honeypots as Tor Hidden Services (aka Onion Decoys) inside the Tor Network.
March 30, 2019
No Comments
h4a
How To Increase Your Instagram Followers Using Termux
With the help of Termux and Inshackle we can easily track unfollowers, Increase your followers, Download Stories, extract profile info and much more.
March 30, 2019
1 Comment
Data Breach
Toyota Hacked – Hackers Leaked 3.1 Million Customers Sensitive Information Online
Toyota hacked, yes, Toyota major subsidiaries network compromised by unknown hackers and they gained unauthorized access to the network where Toyota stored nearly 3.1 million
March 30, 2019
No Comments
Operating Systems
Ubuntu 19.04 (Disco Dingo) Beta is available for testing
The Ubuntu 19.04 (Disco Dingo) official version is scheduled to be released on April 18 this year, and today Canonical released the Ubuntu 19.04 Beta
March 29, 2019
No Comments
Information Gathering
WebTech – Identify Technologies used on Websites
WebTech is a Python software that can identify web technologies by visiting a given website, parsing a single response file or replaying a request described
March 29, 2019
No Comments
Social Media
Analysis: Drugs on Social Media vs. the Dark Web
Social media and darknet sites have replaced traditional systems as the most preferred vehicles of drug sales.
March 29, 2019
No Comments
Operating Systems
Commando VM – Windows-based Distribution for Penetration Testers Like Kali Linux
Commando VM launched by FireEye, aiming to provide a Windows distribution that focused on supporting penetration testers and red teamers.
March 29, 2019
No Comments
Vulnerability
Critical Vulnerability Patched In NVIDIA GeForce Experience
A serious vulnerability in NVIDIA GeForce Experience posed a severe threat to the gamers. More specifically, the software vulnerability threatened users of Windows systems.
March 29, 2019
No Comments
h4a
Evilgrade – MITM Attack Framework
Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates.
March 29, 2019
No Comments
Cryptography
WhatsYourSign – Display Cryptographic Signing Information on Mac’s
Verifying a file’s cryptographic signature can deduce its origin or trustability. Unfortunately on macs there’s no simple way to view a file’s signature via the
March 29, 2019
No Comments
TOR
Huge Collection of Deep Web Onion Links
We have compiled a massive list of onion links. See our contents at a glance to jump to the specific category or press control +
March 28, 2019
No Comments
TOR
Exitmap: A fast and modular scanner for Tor exit relays
Exitmap modules implement tasks that are run over (a subset of) all exit relays. If you have a background in functional programming, think of exitmap
March 28, 2019
No Comments
Data Breach
Verifications.io Leaks Personal Records of 2 Billion Users
Once again, there is another data leak exposing personal data and business intelligence information from an unsecured source.
March 28, 2019
No Comments
Incident Response
Beagle: Accelerating Incident Response with Graphs
Beagle is a tool which aims to accelerate an analyst’s ability to respond to incidents by allowing them to quickly and reliably generate incident response
March 28, 2019
No Comments
Threat Intelligence
IoT Hunter: A Framework Tool for Building IoT Threat Intelligence System
Tencent IoT Hunter is a framework tool which is developed to gather IoT threat intelligence. It focus on the whole IoT malware analysis life cycle
March 28, 2019
No Comments
Threat Intelligence
pytm – A Pythonic Framework for Threat Modeling
Define your system in Python using the elements and properties described in the pytm framework. Based on your definition, pytm can generate, a Data Flow
March 28, 2019
No Comments
Voip
Mr. SIP: SIP-Based Audit and Attack Tool
Mr.SIP is a tool developed to audit and simulate SIP-based attacks. Originally it was developed to be used in academic work to help developing novel
March 28, 2019
No Comments
Hardware Hacking
P4wnP1 – Raspberry Pi USB Attack Platform
P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W (required for HID backdoor).
March 28, 2019
No Comments
Operating Systems
Xiaopan OS – Pentesting Distribution for Wireless Security Enthusiasts
Xiaopan OS is an easy to use software package for beginners and experts that includes a number of advanced hacking tools to penetrate WPA/WPA2/WPS/WEP wireless
March 28, 2019
No Comments
Wifi Hacking
SniffAir – Framework For Wireless Pentesting
SniffAir is an open-source wireless security framework which allows you to collect, manage and analyze wireless traffic. It also provides the ability to perform sophisticated
March 28, 2019
No Comments
Denial of Service
BoNeSi – The DDoS Botnet Simulator
BoNeSi, the DDoS Botnet Simulator is a Tool to simulate Botnet Traffic in a tested environment on the wire. It is designed to study the
March 28, 2019
No Comments
Cyber Awareness
Cyber threat Defense Report 2019 : The Year of Threat Intelligence Powered by Machine Learning
Security analytics and machine learning processes are fueling the next generation of cyber defenses, helping to address persistent problems in the industry like a skills
March 28, 2019
No Comments
Malware
Jokeroo Ransomware Calling upon Hackers to Join Its Affiliate Program
Jokeroo, a new Ransomware-as-a-Service (RaaS), is now on offer to affiliates in several membership packages.
March 28, 2019
No Comments
Malware
Operation ShadowHammer – The ASUS Software Backdoor
Yesterday, Motherboard published a story by Kim Zetter on Operation ShadowHammer, a newly discovered supply chain attack that leveraged ASUS Live Update software.
March 27, 2019
No Comments
Data Breach
Hacker ‘Gnosticplayers’ Returns with 4th Round of Stolen Data on Dream Market
A darknet vendor named Gnosticplayers is selling 26 million records from six companies. This is the fourth in a series of data sales he’s made
March 27, 2019
No Comments
Operating Systems
Instantbox – Get a clean, ready-to-go Linux box in seconds.
Instantbox spins up a temporary linux systems with Instant webshell access from any browser
March 27, 2019
No Comments
Cyber Awareness
Russian Government Passes New Strict Internet Laws
Russians will experience stricter internet regulations now that President Putin has signed proposed bills by parliament into law.
March 27, 2019
No Comments
Cyber Awareness
Tor Feature Will Be Added to Firefox to Boost Anonymity
With the release of version 67 of Firefox, which is scheduled for May 2019, Mozilla is set to add a new anti-fingerprinting method for users
March 27, 2019
No Comments
CTF
Toppo 1.0 CTF Walkthrough
Toppo is a beginner level CTF and getting the first shell and then root, are only needed to succeed.
March 27, 2019
No Comments
CTF
SickOS 1.2 – CTF Walkthrough
SickOS 1.2 is the second Boot2Root Challenge in SickOS Series and is available at Vulnhub. This is an interesting CTF and requires think-out-of-the-box mentality. This
March 27, 2019
No Comments
Open Source
Guardicore – Cyber Threat Intelligence Tool to Discover Malicious IPs and Domains
Cyber Threat Intelligence tool launched by Guardicore Labs, it offers information based on malicious Internet IP addresses and domains detected by Guardicore.
March 26, 2019
No Comments
System Administration
SilkETW – Threat Intelligence Tool to Capture and Analyze Windows Events Logs
SilkETW is a flexible tool aimed to reduce the complexities of ETW(Event Tracing for Windows) and to put actionable data in the hands of researches
March 26, 2019
No Comments
Ransomware
How to create Ransomware Program – A Proof of Concept Windows Crypto-Ransomware
This project was developed for the Computer Security course at the developers academic degree. Basically, it will encrypt your files in background using AES-256-CTR, a
March 25, 2019
No Comments
Botnet
Blacknet – A Free MultiOS BotNET with PHP Panel
A Free MultiOS PHP Interface Botnet with VB.NET and Python based Stub and VB.NET Builder
March 25, 2019
No Comments
Information Gathering
OSIF – Open Source Information Facebook
OSIF is an accurate facebook account information gathering, all sensitive information can be easily gathered even though the target converts all of its privacy to
March 25, 2019
No Comments
Crime
Detroit Rapper Arrested for Alleged Darknet Fraud Activities
Rap verses are frequently brought in as “proof” in U.S. courts, with artists confronting discipline for their public portrayal and choice of lyrics.
March 25, 2019
No Comments
Denial of Service
Xerxes – Best DoS Tool 2019
Xerxes is the most powerful DOS tool of 2019 and comes with enhanced features for stress testing. It provides the capacity to launch multiple independent
March 25, 2019
No Comments
Ebooks
Hands-On Penetration Testing on Windows
Master the art of identifying vulnerabilities within the Windows OS and develop the desired solutions for it using Kali Linux.
March 24, 2019
No Comments
Ebooks
Metasploit Penetration Testing Cookbook – Third Edition
Over 100 recipes for penetration testing using Metasploit and virtual machines
March 24, 2019
No Comments
Ebooks
Hands-On Cybersecurity for Architects: Plan and design robust security architectures
Gain practical experience of creating security solutions and designing secure, highly available, and dynamic infrastructure for your organization
March 24, 2019
No Comments
Ebooks
The Hacker Playbook 3: Practical Guide To Penetration Testing
Back for the third season, The Hacker Playbook 3 (THP3) takes your offensive game to the pro tier. With a combination of new strategies, attacks,
March 24, 2019
No Comments
Ebooks
Penetration Testing: A Hands-On Introduction to Hacking
Penetration testers simulate cyber attacks to find security weaknesses in networks, operating systems, and applications. Information security experts worldwide use penetration techniques to evaluate enterprise
March 24, 2019
No Comments
Ebooks
Rtfm: Red Team Field Manual 1.0 Edition
The Red Team Field Manual (RTFM) is a no fluff, but thorough reference guide for serious Red Team members who routinely find themselves on a
March 24, 2019
No Comments
Hacking News
Critical Vulnerabilities Found in Recently Released NSA Reverse Engineering Tool “Ghidra”
Earlier this month, NSA open-sourced Ghidra – its reverse engineering tool. Right after its release, researchers began discovering bugs in the tool. One such critical
March 24, 2019
No Comments
Operating Systems
SigintOS – Signal Intelligence Linux Distribution
SigintOS; as the name suggests, SIGINT is an improved Linux distribution for Signal Intelligence. This distribution is based on Ubuntu Linux. It has its own
March 24, 2019
No Comments
Hacking News
A Google Photos Vulnerability Exposed Image Metadata To Potential Attackers
Google Photos offers numerous beneficial features to users for managing photos. One such feature includes auto-tagging of photos using image metadata. The app utilizes geo-coordinates,
March 22, 2019
No Comments
System Hacking
Virtual Reality – HTTP backdoor using steganographically encoded images hosted on imgur.com
This is a proof-of-concept stealthy backdoor aimed to aid red teams in maintaining control of their targets during security evaluation process. Project also intends to
March 22, 2019
No Comments
Denial of Service
ACsploit: A Tool for generating worst-case inputs for algorithms
ACsploit is an interactive command-line utility to generate worst-case inputs to commonly used algorithms. These worst-case inputs are designed to result in the target program
March 18, 2019
No Comments
Ebooks
CEH v10 : Certified Ethical Hacker v10 PDF Download
CEH v10 – Certified Ethical Hacker v10 full PDF is Available for Download now.
March 11, 2019
No Comments
Ebooks
CEH V10 : Certified Ethical Hacker v10 Lab Tools Download
CEH V10 : Certified Ethical Hacker v10 Lab Tools Download.
March 11, 2019
No Comments
Cheatsheets
Metasploit Cheat Sheet
The Metasploit Project is a computer security project that provides information on vulnerabilities, helping in the development of penetration tests and IDS signatures. Metasploit is
March 11, 2019
No Comments
h4a
PUBG Mobile Hack and cheat codes 2019
Player Unknown’s Battle Ground (Yes! PUBG is an acronym in case some of you did not know) is the latest addiction of gamers. It is
March 11, 2019
No Comments
Wifi Hacking
Wireless Security Auditing: Fern Wifi Cracker
Fern Wifi Cracker is a Wireless security auditing and attack software program written using the Python Programming Language and the Python Qt GUI library, the program is able
March 11, 2019
No Comments
Bruteforce
Password Cracker THC Hydra
You think your passwords are strong and secure? You are mistaken! There are numerous options to secure your password, but when it comes to the
March 11, 2019
No Comments
System Administration
Kage – Graphical User Interface for Metasploit Meterpreter and Session Handler
Kage (ka-geh) is a tool inspired by AhMyth designed for Metasploit RPC Server to interact with meterpreter sessions and generate payloads.
March 11, 2019
No Comments
Penetration Testing
Cat Nip – Automated Basic Pentest Tool
Cat Nip will perform an automatic penetration test on a desired website including information gathering, reconnaissance and reporting.
March 11, 2019
No Comments
Hacking News
Fileless Malware Becomes The Emerging Go-To Tactic for Hackers
A fileless malware, recently spotted by TrendMicro, steals online banking credentials by accessing remote control of users’ devices. It also steals devices and email accounts
March 11, 2019
No Comments
System Administration
Telnet Email Address Validation (Existence)
Whether it’s reconnaissance or some useful email address validation pre-processing, it might be handy to know a few things about telnet email address validation. This
March 7, 2019
No Comments
System Administration
DMARC Email Validation System
Domain-based Message Authentication, Reporting, and Conformance (DMARC) is a standard that helps protect email senders and recipients from spoofing, spam and phishing. With this, mail
March 7, 2019
No Comments
System Administration
DKIM Email Security Standard
DKIM email security standard was designed to make sure messages were not altered or compromised in transit between sender and receiver. It uses public-key cryptography
March 7, 2019
No Comments
System Administration
SPF Email Validation Protocol
Quick overview of SPF email validation protocol (Examples, Vulnerabilities).
March 7, 2019
No Comments
Reverse Engineering
.NET Debugger and Assembly Editor – dnSpy
dnSpy is a tool to reverse engineer .NET assemblies, including .NET debugger, a decompiler and an assembly editor. This tool can be easily extended by
March 7, 2019
No Comments
System Administration
Dante SOCKS5 Proxy Server Setup
Dante Socks Proxy Server is developed by Inferno Nettverk A/S, and it consists of a SOCKS server and a SOCKS client, implementing RFC 1928 and
March 7, 2019
No Comments
Website Hacking
CMSeeK: CMS Detection and Exploitation Tool
CMSeeK is a CMS detection and exploitation tool, written in Python3, capable of scanning numerous content management systems including WordPress, Joomla, Drupal, etc. It allows
March 7, 2019
No Comments
Wifi Hacking
Wireless Security Protocols: WEP, WPA, WPA2 and WPA3
A very short overview of Wireless Security Protocols including WEP, WPA, WPA2 and WPA3. For each of them we’ll try to point out both their
March 7, 2019
No Comments
h4a
Bypassing BIOS Passwords
There might be a time where you picked up an old laptop and had a bios password lock enabled but no clue to reset it.
March 7, 2019
No Comments
Reverse Engineering
Ghidra – Free Reverse Engineering Tool Released by NSA
NSA released Ghidra a free reverse Engineering tool for Malware analyst with an interactive GUI capability that runs on various platforms including Windows, Mac OS,
March 6, 2019
No Comments
Hacking News
MacOS Kernel Unpatched Vulnerability Publicly Disclosed
Google security researchers publicly disclosed the macOS kernel vulnerability.
March 4, 2019
No Comments
Operating Systems
Kali Linux 2019.1 Release
Since the first release in 2013 with 1.0.0, Kali Linux has updated 24 different versions with many upgrades and bug fixes. Here we will take
February 28, 2019
No Comments
Data Breach
TurboTax accounts breached in credential stuffing attack exposing users’ tax return information
Financial software company Intuit recently learned that TurboTax account users’ tax return information was compromised in a credential stuffing attack. In a security notice, Intuit
February 25, 2019
No Comments
Hacking News
Russian White-Hat Hackers Revenge-Prank VKontakte with Spam Worm
A full year after the Russian social media platform VKontakte failed to reward a security researcher for a vulnerability tip, or to even fix the
February 20, 2019
No Comments
Data Breach
Wendy’s Reaches $50 Million Breach Settlement With Banks
Where’s the breach? In 2015 and 2016, it was at Wendy’s, when attackers infected 1,025 of its restaurants’ point-of-sale systems with malware, leading to the
February 20, 2019
No Comments
Cross Site Scripting
XSS Payload List – Cross Site Scripting Vulnerability Payload List
Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites. XSS attacks occur
February 19, 2019
No Comments
Wifi Hacking
E013 – WiFi Password Stealer (for Windows)
A little VBScript E013 that steal Wifi passwords from Windows. Into the file WifiName.txt you can see the password of every saved wifi available on
February 19, 2019
No Comments
Wifi Hacking
Hcxdumptool – Small Tool To Capture Packets From WLAN Devices
Hcxdumptool is small tool to capture packets from wlan devices. After capturing, upload the “uncleaned” cap here to see if your application or the client
February 19, 2019
No Comments
Bruteforce
chntpw – Windows Password, Account Forensics & Change User Password
chntpw is a Kali Linux tool that can be used to edit the windows registry, reset a users password, and promote a user to administrator,
February 19, 2019
No Comments
h4a
List of Best Open Source SQL Injection Tools – 2019
SQL injection is a standout amongst the most widely recognized attacks against web applications. Here is the list of Best SQL Injection Tools 2019.
February 19, 2019
No Comments
Penetration Testing
fsociety – Mr Robot Penetration Testing Framework
fsociety is a penetration testing framework consists of all penetration testing tools that a hacker needs. It includes all the tools that involved in the
February 19, 2019
No Comments
Enumeration
How to use Masscan to Enumerate Large Number of Hosts Quickly
Masscan has been around for some time now and already it’s in use by pentesters all around. It’s a reconnaissance tool which can transmit up to 10 million
February 19, 2019
No Comments
Bruteforce
Instagram-Py – Python Script To Brute Force Attack
Instagram-Py is a straightforward python script to perform brute force attack against Instagram , this script can sidestep login restricting on wrong passwords , so
February 19, 2019
No Comments
Sql Injection
Havij Download – Advanced Automated SQL Injection Tool
Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.
February 19, 2019
No Comments
Remote Administration Tools
Splice-Admin: A Windows Remote Administration Tool
Splice Admin is a remote Windows administration tool. It allows you to retrieve information and interact with remote machines on your network.
February 6, 2019
No Comments
CTF
SecGen – Create vulnerable VM’s for CTF Challenges
SecGen creates vulnerable virtual machines so students can learn security penetration testing techniques. Boxes like Metasploitable2 are always the same, this project uses Vagrant, Puppet,
February 6, 2019
No Comments
h4a
Top 4 Linux Operating Systems for Privacy & Anonymity – 2019
With the development of the Internet, personal information is becoming more and more transparent. For preventing the leak information, many security teams are interested in developing
February 6, 2019
No Comments
CTF
H.A.S.T.E – Vulnhub CTF Challenge Walkthrough
Import VM to the Virtualbox and turn on. Use netdiscover to determine the IP Address of the machine, then add this IP to your local
February 6, 2019
No Comments
CTF
FartKnocker – CTF Walkthrough
Start the Virtual machine and use Netdiscover to find its IP Address. Register this IP to your local DNS file “/etc/hosts”. sudo netdiscover -r [IP/subnet]
February 6, 2019
No Comments
CTF
Tr0ll 1.0 – Walkthrough
Once the image loaded up,we need to figure out the IP address of the host. nmap -sn -PE 192.168.1.200-254 Ok, so the host pulled .207
February 6, 2019
No Comments
Enumeration
Nikto – Web Server Scanner
Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks
February 5, 2019
No Comments
Enumeration
Fierce – DNS reconnaissance tool
Fierce is a semi-lightweight scanner that helps locate non-contiguous IP space and hostnames against specified domains. It’s really meant as a pre-cursor to nmap, unicornscan,
February 5, 2019
No Comments
h4a
How To Hack Any Facebook Account Through Anomor
Anomor automates the phishing process by generating links you forward to the victim.
January 31, 2019
No Comments
Social Media Hacking
Tweetlord – Twitter profile dumper with authorization swapping
Tweetlord is an open source Twitter profile dumper (downloader) with the on-the-fly account swapping support for bypassing the rate limit restrictions.
January 31, 2019
No Comments
Social Media Hacking
InstaInsane – Multi-threaded Instagram Brute Forcer
Instainsane is an Shell Script to perform multi-threaded brute force attack against Instagram, this script can bypass login limiting and it can test infinite number
January 31, 2019
No Comments
Social Media Hacking
Hacking Facebook with Kali Linux
Here we will discuss how to hack Facebook with kali linux, as well as, to develop understanding of how fake web pages are created, so
January 31, 2019
No Comments
Ebooks
DotCom Secrets: The Underground Playbook for Growing Your Company Online
If you are currently struggling with getting traffic to your website, or converting that traffic when it shows up, you may think you’ve got a
January 31, 2019
No Comments
Ebooks
Practical Cyber Intelligence: How action-based intelligence can be an effective response to incidents
Your one stop solution to implement a Cyber Defense Intelligence program in to your organisation. Key Features Intelligence processes and procedures for response mechanisms Master
January 31, 2019
No Comments
Ebooks
Hackers: Heroes of the Computer Revolution
This 25th anniversary edition of Steven Levy’s classic book traces the exploits of the computer revolution’s original hackers — those brilliant and eccentric nerds from
January 31, 2019
No Comments
Ebooks
Mastering Kali Linux for Advanced Penetration Testing
A practical guide to testing your network’s security with Kali Linux, the preferred choice of penetration testers and hackers. About This Book Employ advanced pentesting
January 31, 2019
No Comments
Ebooks
Reversing: Secrets of Reverse Engineering
Beginning with a basic primer on reverse engineering-including computer internals, operating systems, and assembly language-and then discussing the various applications of reverse engineering, this book
January 31, 2019
No Comments
Ebooks
The Art of Memory Forensics
Memory forensics provides cutting edge technology to help investigate digital attacks Memory forensics is the art of analyzing computer memory (RAM) to solve digital crimes.
January 31, 2019
No Comments
Ebooks
Cypherpunks: Freedom and the Future of the Internet
Cypherpunks are activists who advocate the widespread use of strong cryptography (writing in code) as a route to progressive change. Julian Assange, the editor-in-chief of
January 31, 2019
No Comments
Ebooks
Linux Kernel Development (Developer’s Library) 3rd Edition
Linux Kernel Development details the design and implementation of the Linux kernel, presenting the content in a manner that is beneficial to those writing and
January 31, 2019
No Comments
Ebooks
The Art of Deception: Controlling the Human Element of Security
The world’s most infamous hacker offers an insider’s view of the low-tech threats to high-tech security. Kevin Mitnick’s exploits as a cyber-desperado and fugitive form
January 31, 2019
No Comments
Vulnerability
iPhone FaceTime Vulnerability Alert
The vulnerability allows an attacker to obtain victim audio before the victim answers a FaceTime call, causing user privacy to be compromised.
January 31, 2019
No Comments
Malware
Love You Malspam infecting victims in Japan ahead of Valentines Day
Love you malware changes tactics as it targets Japan and spreads the ransomware Gandcrab 5.1. Malspam campaign, “Love you,” named after its attachment’s subject title, has a
January 31, 2019
No Comments
Cyber Awareness
A YouTube Social Engineering Scam Poses As Popular Influencer Accounts
The BBC in the UK has recently highlighted a problem affecting fans of some high-profile YouTubers. It seems they are being targeted by a YouTube
January 31, 2019
No Comments
Data Breach
Airbus Data Breach Impacts European Employees
In a press release published on 30th January, European aerospace corporation Airbus announced they were the victim of a security breach. In the statement, the
January 31, 2019
No Comments
Documentary
Revolution OS (Documentary Film)
Revolution OS is a documentary film that tells the inside story of the hackers who rebelled against Microsoft and created GNU/Linux and the Open Source
January 31, 2019
No Comments
Mobile hacking
AIMSICD – Android IMSI-Catcher Detector
AIMSICD is an app to detect IMSI-Catchers. IMSI-Catchers are false mobile towers (base stations) acting between the target mobile phone(s) and the real towers of
January 31, 2019
No Comments
Mobile hacking
cSploit – Android App for Hackers
cSploit is a free/libre and open source (GPLed) Android network analysis and penetration suite which aims to be the most complete and advanced professional toolkit
January 31, 2019
No Comments
Hardware Hacking
Routersploit – A Framework for Exploiting Embedded Devices
Routersploit is an open source framework used for exploiting vulnerabilities in embedded devices like routers.
January 31, 2019
No Comments
Denial of Service
Hping3 – SYN Flooding, ICMP Flooding & Land Attacks
Hping3 is basically a TCP IP packet generator and analyzer! It is common for generating packets but mostly used for denial of service attacks or
January 31, 2019
No Comments
Evading Anti Virus and Firewalls
Veil Framework – Open Source Tool to Bypass Common Anti-Virus Solutions
Veil is a tool designed to generate metasploit payloads that bypass common anti-virus solutions.
January 31, 2019
No Comments
Evading Anti Virus and Firewalls
Avet – Anti-Virus Evasion Tool
Avet is a tool for building exe files with shellcode payloads for antivirus evasion.
January 31, 2019
No Comments
Can Hackers Be Heroes?
Can Hackers Be Heroes is a short documentary film from PBS Digital Studio. Many people think of hackers as cyber criminals, breaking into computer systems
January 31, 2019
No Comments
Documentary
Cyber War (Documentary Film)
Cyber War is a documentary film from Al Jazeera media network. The film is all about US cyber security and state-sponsored hacking attacks.
January 31, 2019
No Comments
Documentary
Inside the Dark Web (Documentary Film)
Inside the Dark Web turns to the topic of internet surveillance concerning the pros and cons of the ability for everything that passes over the
January 31, 2019
No Comments
Documentary
Zero Days (Documentary Film)
Zero Days is a documentary film produced by VPRO. The film talks about cyber security and online black markets. Zero Days paints a frightening portrait of
January 30, 2019
No Comments
Documentary
Hackers World: Anonymous Investigation (Documentary Film)
The 16×9 takes viewers into a “Hackers World” through interviews and news reports. It features the infamous hacker collective “Anonymous” — Anonymous is a decentralized
January 30, 2019
No Comments
Documentary
Free the Network – Hackers Take Back the Web (Documentary Film)
Free the Network is a documentary film from MotherBoard. The film talks about the Occupy Wall Street, hacktivism, and the hackers trying to build a
January 29, 2019
No Comments
Documentary
Defeating the Hackers (Documentary Film)
Defeating the Hackers is documentary film directed by Kate Dart for BBC Horizon series. The film explores the hacker community and computer security through various
January 29, 2019
No Comments
Documentary
Hacking Germany – Computers, Cyber Attacks and The Future (Documentary Film)
Cyber attacks are common and show how vulnerable our digitally interconnected lives have become.
January 29, 2019
No Comments
Open Source
GlobaLeaks – Opensource Whistleblowing Framework
GlobaLeaks is an open-source, free software intended to enable secure and anonymous whistleblowing initiatives developed by the Hermes Center for Transparency and Digital Human Rights. It is an
January 28, 2019
No Comments
Open Source
Cyphon – Open Source Incident Management & Response Platform
Cyphon is a big data platform that aggregates, standardizes, and enhances data for easier analysis. Many businesses rely on emails to manage alert notifications, which
January 28, 2019
No Comments
Open Source
CyBot – Open Source Threat Intelligence Chat Bot
Threat intelligence chat bots are useful friends. They perform research for you and can even be note takers or central aggregators of information.
January 28, 2019
No Comments
Open Source
DejaVU – Open Source Deception Framework
Deception techniques if deployed well can be very effective for organizations to improve network defense and can be a useful arsenal for blue teams to
January 28, 2019
No Comments
Mobile hacking
Tool-X – A Kali Linux Hacking Tool Installer for Android
Tool-X is Developed By Rajkumar Dusad. with the help of Tool-X you can install best hacking tools in Rooted or Non Rooted Android devices.
January 28, 2019
No Comments
Anonymity
How to Fully Anonymize Your System with Tor using Nipe
Nipe is a Script to make Tor Network your Default Gateway.
January 28, 2019
No Comments
Anonymity
OnionShare – Tool For Sharing Files Securely and Anonymously
OnionShare is an open source tool that allows you to share files securely and anonymously. It supports file(s) of any size.
January 28, 2019
No Comments
Anonymity
Ghost In The Net – Network Stealther
Ultimate Network Stealther that makes Linux a Ghost In The Net and protects from MITM/DOS/scan
January 28, 2019
No Comments
Keyloggers
Xnspy: The no-code cell phone spyware
Xnspy is a mobile spying app that offers the craziest spying features on both iPhone and Android smartphones.
January 28, 2019
No Comments
Keyloggers
Radium Keylogger – Python keylogger with multiple features
Keylogging is the malicious action of spying on the keyboard input of a target user. This is done in secret by malware applications that steal
January 28, 2019
No Comments
Keyloggers
BeeLogger – Generate Email Keyloggers
Beelogger allows you to generate a keylogger in a document format which can be executed via emails
January 28, 2019
No Comments
Keyloggers
Ghostpress – Free Anti Keylogger
Ghostpress is a free anti-keylogging software that prevent malicious software from capturing your keyboard presses.
January 28, 2019
No Comments
Keyloggers
Spykeyboard – Keylogger Which Sends Data to Gmail
Spykeyboard is a script which allows us to generate an undetectable keylogger which sends the captured keys to our gmail mail.
January 28, 2019
No Comments
IOT Hacking
IoTivity – Open-Source IoT Framework
Each day more and more devices are coming online, adding to the ever-growing Internet of Things (IoT). Analysts agree the IoT will grow to many
January 28, 2019
No Comments
IOT Hacking
Attify OS – Distro for pentesting IoT devices
Instead of spending time installing, configuring and setting up various tools required for IoT pentesting, here is a pre-made distro for you containing the tools
January 28, 2019
No Comments
IOT Hacking
Heathen – IoT Pentesting Framework
Heathen Internet of Things Penetration Testing Framework developed as a research project, which automatically help developers and manufacturers build more secure products in the Internet
January 28, 2019
No Comments
IOT Hacking
ASTo – IoT Network Security Analysis Tool
Apparatus is a security framework to facilitate security analysis in IoT systems. To make the usage of the Apparatus framework easier the ASTo app was
January 28, 2019
No Comments
IOT Hacking
Expl-iot – Internet of Things Exploitation Framework
Expliot is a framework for security testing IoT and IoT infrastructure. It provides a set of plugins (test cases) and can be extended easily to
January 28, 2019
No Comments
Documentary
Naked Citizens Documentary
Naked Citizens is a documentary film that shows how online and CCTV surveillance data is being used to arrest “terror suspects”.
January 28, 2019
No Comments
Ebooks
Tor and The Dark Net: Remain Anonymous and Evade NSA Spying
Are You Tired of All The Spying and Lack of Privacy on The Internet? Keep Reading to Learn The Secrets to Staying Anonymous
January 28, 2019
No Comments
Ebooks
Digital Forensics and Incident Response – Packt
A practical guide to deploying digital forensic techniques in response to cyber security incidents
January 28, 2019
No Comments
Ebooks
We Are Anonymous: Inside the Hacker World of LulzSec, Anonymous, and the Global Cyber Insurgency
WE ARE ANONYMOUS is the first full account of how a loosely assembled group of hackers scattered across the globe formed a new kind of
January 28, 2019
No Comments
Ebooks
The Basics of Hacking and Penetration Testing, Second Edition
he Basics of Hacking and Penetration Testing, 2nd Ed. serves as an introduction to the steps required to complete a penetration test or perform an
January 28, 2019
No Comments
Ebooks
The Hacker Playbook: Practical Guide To Penetration Testing
Just as a professional athlete doesn’t show up without a solid game plan, ethical hackers, IT professionals, and security researchers should not be unprepared, either.
January 28, 2019
No Comments
Sql Injection
Wide Range Mass Audit Toolkit: Leviathan
Leviathan is a mass audit toolkit which has wide range service discovery, brute force, SQL injection detection and running custom exploit capabilities.
January 28, 2019
No Comments
Sql Injection
Automated SQL Vulnerability Scanner: Whitewidow
Whitewidow is an open source automated SQL vulnerability scanner, that is capable of running through a file list, or can scrape Google for potential vulnerable
January 28, 2019
No Comments
Sql Injection
BBQSQL – Blind SQL Injection Framework
BBQSQL is a blind SQL injection framework written in Python. It is extremely useful when attacking tricky SQL injection vulnerabilities.
January 28, 2019
No Comments
Sql Injection
jSQL Injection – Automatic SQL Database Injection
jSQL Injection is a Java application for automatic SQL database injection.
January 28, 2019
No Comments
Sql Injection
SQLmap – Automatic SQL Injection and DB Takeover Tool
SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.
January 28, 2019
No Comments
Phishing
King Phisher – Phishing Campaign Toolkit
King Phisher is a tool for testing and promoting user awareness by simulating real world phishing attacks. Its flexible architecture allows you the full control
January 28, 2019
No Comments
Phishing
January 28, 2019
No Comments
Phishing
PhEmail – Open Source E-mail Phishing Tool
PhEmail is a python based email phishing tool that automates the process of sending phishing emails as part of a social engineering test.
January 28, 2019
No Comments
Phishing
Modlishka: Powerful Reverse Proxy
Modlishka is a very powerful Reverse Proxy tool that allows you to run phishing campaigns. It can be very useful to all pentesters since Modlishka
January 28, 2019
No Comments
Social Engineering
The Social-Engineer Toolkit (SET)
The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks against the human element.
January 28, 2019
No Comments
Sniffing and Session Hijacking
Evil Foca – Network Security Testing
Evil Foca is a tool for security pentesters and auditors whose purpose it is to test security in IPv4 and IPv6 data networks.
January 28, 2019
No Comments
Sniffing and Session Hijacking
Bettercap – Advanced Network Monitoring & MITM Attack Framework
BetterCAP is a powerful, flexible and portable tool created to perform various types of MITM attacks against a network, manipulate HTTP, HTTPS and TCP traffic
January 28, 2019
No Comments
Sniffing and Session Hijacking
Netripper – Smart Traffic Sniffing
NetRipper is a post exploitation tool targeting Windows systems which uses API hooking in order to intercept network traffic and encryption related functions from a
January 28, 2019
No Comments
Sniffing and Session Hijacking
WireShark – Well Known Network Protocol Analyzer
WireShark is the world’s foremost network protocol analyzer, and an essential tool for any system administrator or cybersecurity professional. This tool is also free and
January 28, 2019
No Comments
Reverse Engineering
Binwalk – Firmware Analysis Tool
Binwalk is a fast, easy to use tool for analyzing and extracting firmware images
January 27, 2019
No Comments
Reverse Engineering
Reverse Engineering Android APK Files: Apktool
ApkTool is a tool for reverse engineering 3rd party, closed, binary Android apps.
January 27, 2019
No Comments
Reverse Engineering
IDA – Interactive Disassembler
ID Pro combines an interactive, programmable, multi-processor disassembler coupled to a local and remote debugger and augmented by a complete plugin programming environment.
January 27, 2019
No Comments
Reverse Engineering
OllyDbg – 32 bit assembler level analysing debugger for Microsoft Windows
OllyDbg is a 32-bit assembler level analysing debugger for Microsoft Windows. Emphasis on binary code analysis makes it particularly useful in cases where source is
January 27, 2019
No Comments
Reverse Engineering
FLARE VM – a fully customizable, Windows-based security distribution for malware analysis, incident response & penetration testing
FLARE VM is the first of its kind freely available and open sourced Windows-based security distribution designed for reverse engineers, malware analysts, incident responders, forensicators,
January 27, 2019
No Comments
Remote Administration Tools
Pupy – A Cross-platform Remote Administration and Post-Exploitation Tool
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android), multi-function RAT (Remote Administration Tool) and post-exploitation tool mainly written in python. It features an all-in-memory
January 25, 2019
No Comments
Remote Administration Tools
JSRAT – Javascript Backdoor to Control Victim Machine
JSRAT is a python Script that can be used to get a remote shell of victim pc.
January 25, 2019
No Comments
Remote Administration Tools
EvilOSX – Pure python post-exploitation RAT for macOS & OSX
A pure python, post-exploitation, RAT (Remote Administration Tool) for macOS / OSX.
January 25, 2019
No Comments
Mobile hacking
Hacking Android Smart Phone Using AhMyth Android RAT
Ahmyth is an open source remote access tool and has many features you would expect to see in a RAT such as Geo location monitoring,
January 25, 2019
No Comments
Remote Administration Tools
QuasarRAT – Open-Source Remote Administration Tool for Windows
Quasar is a fast and light-weight remote administration tool coded in C#. Providing high stability and an easy-to-use user interface, Quasar is the perfect remote
January 25, 2019
No Comments
Mobile hacking
Pentesting Platform For Android Smartphones – ANDRAX
ANDRAX is the first and unique penetration testing platform developed specifically for Android smartphones, now available internationally. It has the ability to run natively on
January 23, 2019
No Comments
Penetration Testing
Network Penetration Testing Checklist
Network Penetration Testing determines vulnerabilities in the network posture by discovering Open ports, Troubleshooting live systems, services and grabbing system banners.
January 23, 2019
No Comments
Penetration Testing
Sn1per – Automated Pentest Recon Scanner
Sn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities.
January 23, 2019
No Comments
Penetration Testing
APT2 – Automated Penetration Testing Toolkit
This tool will perform an NMap scan, or import the results of a scan from Nexpose, Nessus, or NMap. The processed results will be used
January 23, 2019
No Comments
Operating Systems
Penetration Testers Distro: Pentoo
Pentoo is a Live CD and Live USB designed for penetration testing and security assessment. Based on Gentoo Linux, Pentoo is provided both as 32 and 64 bit installable
January 23, 2019
No Comments
Operating Systems
Parrot Security OS
Parrot is a cloud friendly operating system designed for Pentesting, Computer Forensic, Reverse engineering, Hacking, Cloud pentesting, privacy/anonimity and cryptography. Based on Debian and developed
January 23, 2019
No Comments
Operating Systems
Tails – The Amnestic Incognito Live System
Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship almost
January 23, 2019
No Comments
Operating Systems
BlackArch 2018.12.01
BlackArch Linux is an open source distribution of Linux derived from the lightweight and powerful Arch Linux operating system and designed from the ground up
January 23, 2019
No Comments
Operating Systems
Kali Linux 2018.4
Kali Linux is an advanced penetration testing Linux distribution used for penetration testing, ethical hacking and network security assessments.
January 23, 2019
No Comments
Information Gathering
Recon-ng – Web Reconnaissance Framework
Recon-ng is a full-featured Web Reconnaissance framework written in Python. Complete with independent modules, database interaction, built in convenience functions, interactive help, and command completion,
January 23, 2019
No Comments
Information Gathering
Maltego – Open Source Intelligence and Forensics
Maltego is a visual link analysis tool that, out the box, comes with open source intelligence (OSINT) plugins, called transforms.
January 23, 2019
No Comments
Information Gathering
Datasploit - Automated Open Source Intelligence Tool
An OSINT Framework to perform various recon techniques, aggregate all the raw data, and give data in multiple formats.
January 23, 2019
No Comments
Information Gathering
Spiderfoot – Open Source Intelligence Automation
SpiderFoot is an open source footprinting tool, available for Windows and Linux. It is written in Python and provides an easy-to-use GUI. SpiderFoot obtains a
January 23, 2019
No Comments
Information Gathering
OSINT Framework
OSINT Framework, as its name implies, is a cybersecurity framework, a collection of OSINT tools to make your intel and data collection tasks easier.
January 23, 2019
No Comments
Google Hacking
DorkMe – Google Dork Finder
DorkMe is a tool designed with the purpose of making easier the searching of vulnerabilities with Google Dorks, such as SQL Injection vulnerabilities.
January 23, 2019
No Comments
Google Hacking
Finding Vulnerable WordPress Sites with Google Dorks
Google Dorks To Find Vulnerable WordPress Sites
January 23, 2019
No Comments
Google Hacking
Latest Google Dorks List 2019 For Ethical Hacking and Penetration Testing
Google Dorks List “Google Hacking” is mainly referred to pull the sensitive information from Google using advanced search terms that help users to search the
January 23, 2019
No Comments
Google Hacking
Google Dorks for 2019 – Finding Insecure Websites
Google Dorks for 2019 – Finding Insecure Websites
January 23, 2019
No Comments
Fuzzing
softScheck Cloud Fuzzing Framework
The softScheck Cloud Fuzzing Framework (sCFF) is a set of tools, aiming to make Cloud fuzzing easy. It aims to become a framework where fuzzers
January 21, 2019
No Comments
Fuzzing
Mutiny Fuzzing Framework
The Mutiny Fuzzing Framework is a network fuzzer that operates by replaying PCAPs through a mutational fuzzer.
January 21, 2019
No Comments
Fuzzing
Radamsa – General Purpose Fuzzer
Radamsa is a test case generator for robustness testing, a.k.a. a fuzzer. It is typically used to test how well a program can withstand malformed
January 21, 2019
No Comments
Fuzzing
Peach Fuzzing Framework
Peach is a fuzzing framework which uses a DSL for building fuzzers and an observer based architecture to execute and monitor them.
January 21, 2019
No Comments
Fuzzing
Boofuzz – Network Protocol Fuzzing
Boofuzz is a fork of and the successor to the Sulley fuzzing framework. Besides numerous bug fixes, boofuzz aims for extensibility, with the eventual goal of being
January 21, 2019
No Comments
Enumeration
tgcd – TCP/IP Gender Changer Daemon utility
tgcd is a simple Unix network utility to extend the accessibility of TCP/IP based network services beyond firewalls. This can also be used by network analysts
January 21, 2019
No Comments
Enumeration
Nmap – Network Mapper
Nmap is a free and open source utility for network discovery and security auditing. Network mapper was designed to rapidly scan large networks, but works
January 21, 2019
No Comments
Enumeration
Dsniff – A Collection of tools for network auditing and penetration testing.
Dsniff, as the name implies, is a network sniffer – but designed for testing of a different sort.
January 21, 2019
No Comments
Enumeration
Responder – An LLMNR, NBT-NS, and mDNS Poisoner
Responder an LLMNR, NBT-NS and MDNS poisoner. It will answer to specific NBT-NS (NetBIOS Name Service) queries based on their name suffix. By default, the
January 21, 2019
No Comments
Enumeration
socat – Multipurpose relay (SOcket CAT)
A utility similar to the venerable Netcat that works over a number of protocols and through a files, pipes, devices (terminal or modem, etc.), sockets
January 21, 2019
No Comments
Digital forensics
CAINE – Computer Aided Investigative Environment
CAINE (Computer Aided INvestigative Environment) is an Ubuntu-based GNU/Linux live distribution created as a project of digital forensics.
January 17, 2019
No Comments
Digital forensics
Ghiro – Automated Digital Image Forensics Tool
Ghiro is an open source software for digital photo and digital image forensics. The forensic analysis is fully automated, report data can be searched or
January 17, 2019
No Comments
Digital forensics
Volatility Framework – Volatile memory extraction utility framework
The Volatility Framework is a totally open accumulation of tools, executed in Python under the GNU General Public License, for the extraction of computerized antiquities
January 17, 2019
No Comments
Digital forensics
Autopsy – A Digital Forensic Tool
The Autopsy is a forensic tool which is used by the military, law enforcement, and corporate examiners to investigate what had happened on a smartphone
January 17, 2019
No Comments
Digital forensics
SIFT- SANS Investigative Forensic Toolkit
The SIFT Workstation is a group of free open-source incident response and forensic tools designed to perform detailed digital forensic examinations in a variety of
January 17, 2019
No Comments
Denial of Service
Layer 7 Dos: Dissecting Application Layer DDoS Attacks
Layer 7 attacks harness the web application logic and aim at exhausting the resources of a web server as it processes “tough” queries, as well as
January 17, 2019
No Comments
Denial of Service
PyDDOZ – Powerful Application Layer 7 DDoS Tool
PyDDoZ is a powerful, human-friendly DDoS tool using application layer (L7) attack techniques. It has nice logging, proxifying, automated bots requests, randomizing data, multiple HTTP
January 17, 2019
No Comments
Denial of Service
Low Orbit Ion Cannon – An open source network stress tool
LOIC performs a denial-of-service (DoS) attack (or when used by multiple individuals, a DDoS attack) on a target site by flooding the server with TCP
January 17, 2019
No Comments
Denial of Service
ZIB – The Open Tor Botnet
ZIB is fully undetectable and bypasses all antivirus by running on top of Python27’s pyinstaller, which is used for many legitimate programs. The only possibility
January 17, 2019
No Comments
Denial of Service
DAVOSET – Tool For Performing DDoS Attacks Via Other Sites
Davoset is command line tool for conducting DDoS attacks on the sites via Abuse of Functionality and XML External Entities vulnerabilities at other sites.
January 17, 2019
No Comments
Cross Site Scripting
XSSER – From XSS to RCE
This presentation demonstrates how an attacker can utilise XSS to execute arbitrary code on the web server when an administrative user inadvertently triggers a hidden
January 17, 2019
No Comments
Cross Site Scripting
XSStrike – Advanced XSS Detection and Exploitation Suite
XSStrike is an advanced XSS detection suite. It has a powerful fuzzing engine and provides zero false positive result using fuzzy matching. XSStrike is the
January 17, 2019
No Comments
Cross Site Scripting
Burp Suite Professional – The Leading Toolkit for Web Application Security Testing
Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process,
January 17, 2019
No Comments
Cross Site Scripting
OWASP Xenotix XSS Exploit Framework
OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework. It provides Zero False Positive scan results with
January 17, 2019
No Comments
Cross Site Scripting
BeEF – Browser Exploitation Framework
The Browser Exploitation Framework (BeEF) is a powerful professional security tool. BeEF is pioneering techniques that provide the experienced penetration tester with practical client side
January 17, 2019
No Comments
Cryptography
Hash Algorithms
Hash functions, also called message digests and one-way encryption, are algorithms that, in some sense, use no key. Instead, a fixed-length hash value is computed
January 17, 2019
No Comments
Cryptography
Cryptomator – Cloud Client Side File Encryption
Multi-platform transparent client-side encryption of your files in the cloud. Cryptomator provides transparent, client-side encryption for your cloud.
January 17, 2019
No Comments
Cryptography
Secret Key Cryptography
With secret key cryptography, a single key is used for both encryption and decryption. Because a single key is used for both functions, secret key
January 17, 2019
No Comments
Cryptography
Crypton – Offensive and Defensive Cryptography
Crypton is an educational library to learn and practice Offensive and Defensive Cryptography.
January 17, 2019
No Comments
Cryptography
BeeCrypt – Cryptography Library Toolkit
BeeCrypt is a cryptography library toolkit that includes the highly optimized C as well as the implementations of the assembler of many well-known algorithms in
January 17, 2019
No Comments
Password Lists
Brutescrape – A web scraper for generating password files based on plain text found
Brutescrape is a tool designed to parse out text from specific web pages and generate password lists for bruteforcing with this text.
January 16, 2019
No Comments
Wifi Hacking
Aircrack-NG : Complete Suite Tools To Assess WiFi Network Security
Aircrack-ng is a complete suite of tools to assess WiFi network security. It focuses on different areas of WiFi security:
January 16, 2019
No Comments
Bruteforce
Hacker’s Favorite Tool: Mimikatz
Mimikatz is a post-exploitation tool written by Benjamin Delpy (gentilkiwi). It’s now well known for extracting plaintexts passwords, hash, PIN code and kerberos tickets from
January 16, 2019
No Comments
Password Lists
January 16, 2019
No Comments
Bruteforce
HashCat – World’s fastest and most advanced password recovery utility
hashcat is the world’s fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports
January 16, 2019
No Comments
Hacker Tools
11 Firefox Add-ons a Hacker Must Have
1. Tamper Data Tamper data is a great tool to view and modify HTTP/HTTPS headers and post parameters. We can alter each request going from
January 15, 2019
No Comments
Anonymity
How To Use Proxychains To Evade Detection
Whenever we send a packet to any hostnames or targets, that packet contains our IP address in the IP header. If we make a TCP
January 15, 2019
No Comments
