Normal view

There are new articles available, click to refresh the page.
Before yesterdayDarknet

assetfinder – Find Related Domains and Subdomains

By: Darknet
29 December 2021 at 17:05
assetfinder is a Go-based tool to find related domains and subdomains that are potentially related to a given domain from a variety of sources including Facebook, ThreatCrowd, Virustotal and more. assetfinder uses a variety of sources including those in the infosec space and social networks which can give relevant info: crt.sh certspotter hackertarget threatcrowd wayback […]

CredNinja – Test Credential Validity of Dumped Credentials or Hashes

By: Darknet
5 January 2022 at 09:55
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently. At the core of it, you provide it with a list of credentials you have dumped (or hashes, it can pass-the-hash) and a list of systems on the domain (the author suggests scanning […]

CFRipper – CloudFormation Security Scanning & Audit Tool

By: Darknet
23 January 2022 at 17:15
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool, it aims to prevent vulnerabilities from getting to production infrastructure through vulnerable CloudFormation scripts. You can use CFRipper to prevent deploying insecure AWS resources into your Cloud environment. You can write your own compliance checks […]

Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage

By: Darknet
29 April 2022 at 17:32
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username, socialscan returns whether it is available, taken or invalid on online platforms. Other similar tools check username availability by requesting the profile page of the username in question and based on […]

APT-Hunter – Threat Hunting Tool via Windows Event Log

By: Darknet
4 March 2021 at 17:16
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs. [ad name=”Darknet_Body_468_Links”] This will help you to decrease the time to uncover suspicious activity and the tool will make good use of […]

Grype – Vulnerability Scanner For Container Images & Filesystems

By: Darknet
19 April 2021 at 10:11
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based operating systems. [ad name=”Darknet_Body_468_Links”] Features of Grype Vulnerability Scanner For Container Images & Filesystems Scan the contents of a container image or filesystem to find known vulnerabilities and find vulnerabilities […]

LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)

By: Darknet
7 May 2021 at 14:49
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks. [ad name=”Darknet_Body_468_Links”] SQLi and other injection attacks remain the top OWASP and CERT vulnerability. Current detection attempts frequently involve a myriad of regular expressions which are not only brittle and error-prone but also proven by […]

Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack

By: Darknet
27 May 2021 at 10:57
Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands and you have a vulnerable environment. [ad name=”Darknet_Body_468_Links”] Features of Vulhub Pre-Built Vulnerable Docker Environments For Learning To Hack Vulhub contains many frameworks, databases, applications, programming languages and more […]

Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory

By: Darknet
6 July 2021 at 16:16
Aclpwn.py is a tool that interacts with BloodHound to identify and exploit ACL based privilege escalation paths. [ad name=”Darknet_Body_468_Links”] It takes a starting and ending point and will use Neo4j pathfinding algorithms to find the most efficient ACL based privilege escalation path. Features of Aclpwn.Py Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py […]

Karkinos – Beginner Friendly Penetration Testing Tool

By: Darknet
30 August 2021 at 18:53
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a ‘Swiss Army Knife’ for pen-testing and/or hacking CTF’s. [ad name=”Darknet_Body_468_Links”] Karkinos Beginner Friendly Penetration Testing Tool Features Encoding/Decoding characters Encrypting/Decrypting text or files Reverse shell handling Cracking and generating hashes How to Install Karkinos Beginner Friendly Penetration Testing Tool Dependencies are: Any […]

assetfinder – Find Related Domains and Subdomains

By: Darknet
29 December 2021 at 17:05
assetfinder is a Go-based tool to find related domains and subdomains that are potentially related to a given domain from a variety of sources including Facebook, ThreatCrowd, Virustotal and more. [ad name=”Darknet_Body_468_Links”] assetfinder uses a variety of sources including those in the infosec space and social networks which can give relevant info: crt.sh certspotter hackertarget […]

CredNinja – Test Credential Validity of Dumped Credentials or Hashes

By: Darknet
5 January 2022 at 09:55
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently. [ad name=”Darknet_Body_468_Links”] At the core of it, you provide it with a list of credentials you have dumped (or hashes, it can pass-the-hash) and a list of systems on the domain (the author […]

CFRipper – CloudFormation Security Scanning & Audit Tool

By: Darknet
23 January 2022 at 17:15
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool, it aims to prevent vulnerabilities from getting to production infrastructure through vulnerable CloudFormation scripts. [ad name=”Darknet_Body_468_Links”] You can use CFRipper to prevent deploying insecure AWS resources into your Cloud environment. You can write your own […]

Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage

By: Darknet
29 April 2022 at 17:32
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username, socialscan returns whether it is available, taken or invalid on online platforms. Other similar tools check username availability by requesting the profile page of the username in question and based on […]
❌
❌