madsimba

1,327 Flips | 5 Magazines | 22 Likes | 14 Following | 21 Followers | @madsimba | Keep up with madsimba on Flipboard, a place to see the stories, photos, and updates that matter to you. Flipboard creates a personalized magazine full of everything, from world news to life’s great moments. Download Flipboard for free and search for “madsimba”

Penetration-Testing/README.md at master · Kinimiwar/Penetration-Testing

<b>Awesome Penetration Testing</b><p>A collection of awesome penetration testing resources<p>Online Resources<p>Penetration Testing Resources<br>• Exploit …

Information Security

Airgeddon – A Swiss Army WiFi Hacking Tool

Today LHN have been looking at Airgeddon, on initial inspection it seems to be a multi purpose all-in-one Swiss army knife tool for hacking WiFi, the …

Forensics

One-Lin3r v1.1 - Gives You One-Liners That Aids In Penetration Testing Operations

One-Lin3r is simple and light-weight framework inspired by the web-delivery module in Metasploit.<br>It consists of various one-liners that aids in …

Linux

Tools for Exploring .NET Internals

15 Jun 2018 - 1888 words<p>Whether you want to look at what your code is doing ‘<i>under-the-hood</i>’ or you’re trying to see what the ‘<i>internals</i>’ of the CLR …

Command-line

Pentester's Windows NTFS Tricks Collection | SEC Consult

In this blog post René Freingruber (@ReneFreingruber) from the SEC Consult Vulnerability Lab shares different filesystem tricks which were collected …

Cybersecurity

Port Forwarding in Windows | Windows OS Hub

Since Windows XP there is a built-in ability in Microsoft Windows to set up <b>network ports forwarding</b>. Due to it, any incoming TCP connection (IPv4 or …

Linux

Reverse Engineering

Engineering

Red Team Toolkits

The list(s) below are not intended to be a fully comprehensive list of physical security tools, but a mixed bag of devices and tools that we commonly …

Information Security

Command and Control – Browser

Red Teams are always focused in the discovery of innovative ways to establish connections back to their command and control infrastructure. The main …

Cybersecurity

Sharesniffer - Network Share Sniffer And Auto-Mounter For Crawling Remote File Systems

sharesniffer is a network analysis tool for finding open and closed file shares on your local network. It includes auto-network discovery and …

Linux

pydictor - A Powerful and Useful Hacker Dictionary Builder for a Brute-Force Attack

<b>pydictor</b> is a powerful and useful hacker dictionary builder for a brute-force attack.<b><br>Why I need to use pydictor ?</b><b></b><b><br>1. it always can help you</b>You can use …

Python Programming

Empire GUI

The Empire Multiuser GUI is a graphical interface to the Empire post-exploitation Framework. It was written in Electron and utilizes websockets …

Linux

List of Bug Bounty Programs

This list will help bug bounty hunters and security researchers to explore different bug bounty programs and responsible disclosure …

Information Security

Burpa - A Burp Suite Automation Tool

A Burp Suite Automation Tool With Slack Integration.<b><br>Requirements</b><br>• burp-rest-api<br>• Burp Suite Professional<br>• slackclient<b><br>Usage</b><b><br>TEST:</b><b><br>Download Burpa</b>

Automation

Galileo - Web Application Audit Framework

Galileo is an open source penetration testing tool for web application, which helps developers and penetration testers identify and exploit …

Forensics

Sn1per v4.4 - Automated Pentest Recon Scanner

Sn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities.<b><br>DEMO VIDEO:</b> <b><br>FEATURES:</b><br>• Automatically …

Information Security

Automated twitter loot collection

Twitter is a great place to find interesting things, being shared by fellow security researchers. If you search for keywords like #opendir or …

Samurai Email Discovery - Is A Email Discovery Framework That Grabs Emails Via Google Dork, Company Name, Or Domain Name

SED is a email discovery framework created 100% in BASH that grabs emails via google dork, company name, or domain name.<b><br>Requirements</b><br>• apt-install</b> …

How To: Use Maltego to Target Company Email Addresses That May Be Vulnerable from Third-Party Breaches

The easiest way around a security policy is to find users who don't follow it. The Have I Been Pwned database identifies accounts with information …

Easily Generate Hundreds of Phishing Domains

A convincing domain name is critical to the success of any phishing attack. With a single Python script, it’s possible to find hundreds of available …

Build a Beginner Hacking Kit with the Raspberry Pi 3 Model B+

If you want to follow Null Byte tutorials and try out Kali Linux, the Raspberry Pi is a perfect way to start. In 2018, the Raspberry Pi 3 Model B+ …

PowerLessShell

PowerLessShell rely on MSBuild.exe to remotely execute PowerShell scripts and commands without spawning powershell.exe. You can also execute raw …

AutoTTP

Automated Tactics Techniques & Procedures. Re-running complex sequences manually for regression tests, product evaluations, generate data for …

Got Privs? Crack Those Hashes! - Black Hills Information Security

Black Hills Information Security loves performing both internal penetration tests, as well as command and control testing for our customers. Thanks …

Seth

Seth is a tool written in Python and Bash to MitM RDP connections by attempting to downgrade the connection in order to extract clear text …

THREAT 9

We are releasing a new version of RouterSploit! For those that prefer experimenting rather than reading documentation, head to github and begin …

LM, NTLM, Net-NTLMv2, oh my!

A Pentester’s Guide to Windows Hashes<p>When attacking AD, passwords are stored and sent in different ways, depending on both where you find it and the …

FILELESS MALWARE ATTACKS : INTRO

Unlike attacks carried out using traditional malware, fileless malware attacks don’t entail attackers installing software on a victim’s machine. This …

Army researchers find the best cyber teams are antisocial cyber teams

High-performing blue teams are "purposive social systems"—they shut up and work.<p>Army researchers have discovered what experienced information …

Drupwn – Drupal Enumeration Tool & Security Scanner

Drupwn is a Python-based Drupal Enumeration Tool that also includes an exploit mode, which can check for and exploit relevant CVEs.Drupwn Drupal …