WPSploit – Exploiting WordPress With Metasploit. This repository is designed for creating and/or porting of specific exploits for WordPress using metasploit as exploitation tool. Latest…
Automated basic digital reconnaissance. Great for getting an initial footprint of your targets and discovering additional subdomains. InstaRecon will do: – DNS (direct, PTR, MX,…
Patrol is A platform for testing an Android device’s applications for IPC-related vulnerabilities. Network Protocol notes: +in this scenario, a report is associated with login…
pfsense_xmlrpc_backdoor is a sample payload and example use of abusing pfSense’s xmlrpc.php functions to establish a backdoor and get root level access to pfSense firewalls….
Jerricho is a simple bourne script that quickly drops several persistence mechanisms on a target Linux host. OS Support : Ubuntu, Centos, Debian, FreeBSD. TODO:…
Changelog 01.04.2015: + ElasticSearch Remote Code Execution (CVE-2015-1427) + ShellShock (httpd) Remote Code Execution (CVE-2014-6271) Miscellaneous proof of concept exploit code written at Xiphos Research…
ruby-SSLscanner is A simple and easy to use SSL Cipher scanner. Todo : + Checks for insecured TLS renogotiation + Checks for weak certificate key…
Dnsforwarder is a designed for anti-spoofing tool. Latest version 5.0.11: – Bug Fixing Compiling on win x86 and win x64 configure parameters: –enable-downloader = +…