Hacking tools :: CodePwn

February 23, 2022Http-Protocol-Exfil - Exfiltrate Files Using The HTTP Protocol Version ("HTTP/1.0" Is A 0 And "HTTP/1.1" Is A 1)

Use the HTTP protocol version to send a file bit by bit ("HTTP/1.0" is a 0 and "HTTP/1.1" is a 1). It uses GET requests so the Blue Team would...

by KitPloit in HTTP, Http-Protocol-Exfil, Listener

February 23, 2022Scarce-Apache2 - A Framework For Bug Hunting Or Pentesting Targeting Websites That Have CVE-2021-41773 Vulnerability In Public

This tool can scan websites with CVE-2021-41773 Vulnerability that are affecting Apache2 Webserver, ScaRCE can run too for executing Remote Command Injections at the webservers that found from the scanning...

by KitPloit in Bug Hunting, Cve 2021 41773, LFI, LFI Vulnerability, Scarce-Apache2

February 23, 2022GC2 - A Command And Control Application That Allows An Attacker To Execute Commands On The Target Machine Using Google Sheet And Exfiltrate Data Using Google Drive

  GC2 (Google Command and Control) is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrates data using Google...

by KitPloit in VirusTotal, Red Teaming, Exfiltration, GC2-sheet, Google

February 23, 2022Dockerized-Android - A Container-Based Framework To Enable The Integration Of Mobile Components In Security Training Platforms

  Dockerized Android is a container-based framework that allows to execute and Android Emulator inside Docker and control it through a browser. This project has been developed in order to provide...

by KitPloit in CyberRange, Cybersecurity, Dockerized-Android

February 23, 2022PeTeReport - An Open-Source Application Vulnerability Reporting Tool

PeTeReport (PenTest Report) is an open-source application vulnerability reporting tool designed to assist pentesting/redteaming efforts, by simplifying the task of writting and generation of reports.Focused in product security, the tool...

by KitPloit in Vulnerability, Management, Markdown, Pentesters, Petereport

February 23, 2022Web-Hacking-Toolkit - A Multi-Platform Web Hacking Toolkit Docker Image With Graphical User Interface (GUI) Support

  A multi-platform web hacking toolkit Docker image with Graphical User Interface (GUI) support.   Installation Docker   Pull the image from Docker Hub:   docker pull signedsecurity/web-hacking-toolkit   Run a container and attach a shell: docker run --rm -it --name...

by KitPloit in Docker Images, Dockerhub, Web Hacking Toolkit, Web Security, Web Hacking Toolkit

February 23, 2022Melting-Cobalt - A Cobalt Strike Scanner That Retrieves Detected Team Server Beacons Into A JSON Object

  A tool to hunt/mine for Cobalt Strike beacons and "reduce" their beacon configuration for later indexing. Hunts can either be expansive and internet wide using services like SecurityTrails, Shodan, or...

by KitPloit in Melting-Cobalt, Shodan, Slack, Splunk, Zoomeye

February 23, 2022Vimana - An Experimental Security Framework That Aims To Provide Resources For Auditing Python Web Applications

Vimana is a modular security framework designed to audit Python web applications.The base of the Vimana is composed of crawlers focused on frameworks (in addition to the generic...

by KitPloit in Devsecops, Django Security, Hacking Framework, Vimana-Framework

February 23, 2022aDLL - Adventure of Dinamic Link Library

aDLL is a binary analysis tool focused on the automatic discovery of DLL Hijacking vulnerabilities. The tool analyzes the image of the binary loaded in memory to search...

by KitPloit in Memory, aDLL, Library, Windows 10

February 23, 2022ADLab - Custom PowerShell Module To Setup An Active Directory Lab Environment To Practice Penetration Testing

  The purpose of this module is to automate the deployment of an Active Directory lab for practicing internal penetration testing. Credits to Joe Helle and his PowerShell for Pentesters course regarding...

by KitPloit in Activedirectory, ADLab