Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
992Proxy

Locked WebApp Pentest toolkit

itsMe

By MASTERitsMe
in Pentesting

 Share

Recommended Posts

itsMe Master Hacker

MASTERitsMe

Posted
Posted

This is the hidden content, please

Tools

Listeners

    HTTP Server
    DNS Server
    TCP Server
    POSTMessage Hooker
    Websocket Hooker

Analysis

    HTTP/JS-Files/Binary Analyze
    Analyze Files (Binary, Metadata, Text files, Js sinks)

Net Tools

    Get DNS Records
    Resolve Hosts
    Reverse IPs
    Passive DNS
    DNS History

Text Tools

    Text Processing
    Block construct
    Format generator
    pattern creation
    Encrypt/Decrypt data
    Hash Identification
    Crackers
    Payload Generators
    Encoders/Decoders
    Poc Generators (Python, Bash, HTML)

Recon

    Get Websites ScreenShots
    GET Subdomains (Scrabbing, Minning, DNS-brute-force, Http-brute-force)
    Site categorizer
    s3/GC bucket enumeration
    Github Lister
    Ip History

Scanners

    Detect Misconfiguration
    Port/vulnerability/ssl scanner
    Vulnerability Exploiters
    Waf Detection

Scrabbers

    Download Android apps (APK)
    Travis-CI logs fetching

if the app is not working properly, Download this archive dlls.zip and extract the dll files, put them in the application folder, beside the executable file

Some notes:

    This tool is meant primarily for bug hunters (especially beginners).
    This tool is not backdoored with any malicious software/tracking.
    This tool contains bugs more than features so use it carefully.
    Connections are issued using the .Net (SystemDotWeb) which is slow and limited by design, consider using many threads, this will be replaced with another solution.
    Memory is not carefully managed so be careful, do not use all the tools at the same time.
    Do not use it illegally
    Tools starting with _ are not built yet, I added buttons to remember writing them so I could build them in future, hence no need to reverse engineer the tool in order to enable them, if you have time feel free to do it no problem.
    Many third-parties are used without permission no APIS used.
    The source code is not published because the tool is a beta and the code is ugly and worse than my handwriting.
    The project is planned to be open-source with the first release.
    Suggestions are deeply welcome.
    Credits are reserved for all authors and third-parties.

This is the hidden content, please

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.