Nettfiske a tool Uses certstream SSL certificates live stream to identify possible phishing domain names. Use Cases Attempt to detect the use of Punycode and…
Ever get excessively bothered by the test phishing emails that InfoSec sends to educate you and your co-workers? PhishThis is here to help. PhishThis will…
Legal Disclamer: The author does not hold any responsibility for the bad use of this tool, remember that attacking targets without prior consent is illegal…
Changelog Recon-Ng v4.9.3: + Added the “count” parameter to the API call in the twitter module. + Fixed a bug in the ssl_san module. +…
GOWAPT is the younger brother of wfuzz(https://github.com/xmendez/wfuzz) a swiss army knife of WAPT, it allow pentester to perform huge activity with no stress at all,…
WLT3Serial is an Native Java-based deserialization exploit for WebLogic T3 (and T3S) listeners (as outlined HERE). Requires third-party dependencies ysoserial and wlthint3client. Advantages/Disadvantages compared to…
ratched is a Man-in-the-Middle (MitM) proxy that specifically intercepts TLS connections. It is intended to be used in conjunction with the Linux iptabes REDIRECT target;…
Disclaimer! Code samples are provided for educational purposes. Adequate defenses can only be built by researching attack techniques available to malicious actors. Using this code…