Search the Community

Sifter is a OSINT, recon & vulnerability scanner. It incorporates a plethara of tools within different module sets that tries to cover every attack vector. Allowing you to quickly perform recon tasks and organize the results in one place. From OSINT to Recon, Exploitation, Post-Exploitation, OpSec, Threat Analysis, XSS, SQLinjection, Network Sca… Modules: #Enterprise Information Gatherers theHarvester Osmedeus ReconSpider CredNinja OSINT-Framework #Targeted Information Gatherers Maryam Seeker Sherlock xRay E2P (Email2Phone) ODIN CardPwn iKy #Domain Recon Gathering DnsTwist Armory SpiderFoot Pulsar SubFinder SubDover #MicroSoft Exploitation ActiveReign iSpy SMBGhost -- SMBGhost Scanner -- SMBGhost Exploit #Website Exploiters DDoS -- Dark-Star -- Impulse -- UFONet NekoBot xShock VulnX #Exploit Searching FindSploit ShodanSploit #Post-Exploitation EoP Exploit (Privilege Escalation Exploit) Potatoes -- BadPotato -- SweetPotato PEAS -- winPEAS -- linPEAS WinPwn CredHarvester PowerSharp ACLight2 PowerHub InveighZero #Exploitation Frameworks DanderFuzz - Equation Group, Courtesy of the Shadow Brokers (Obtained through issue request.) - FuzzBunch - Danderspritz NevrrMore - Private Exploitation framework I've been developing that will not be released opensource. Due to certain 0days and other exploits/tools it would cause too much unintentional/illintentioned damage. Thoron Metasploit #Phishing TigerShark #BruteForcing BruteDUM WBruter #Password Tools Mentalist DCipher Ciphey #Network Scanners Nmap AttackSurfaceMapper aSnip wafw00f Arp-Scan Espionage Intrigue-Core #HoneyPot Detection Systems HoneyCaught SniffingBear HoneyTel (telnet-iot-honeypot) HFish #Vulnerability Scanners Flan Rapidscan Yuki-Chan Katana-VF (Vulnerability Framework) OWASP-Nettacker Big IP Remote Execution Scanner #Router Tools RouterSploit MkCheck Airgeddon #WebApplication Scanners Sitadel OneFind AapFinder BFAC reNgine #Website Scanners & Enumerators Nikto Blackwidow Wordpress --- WPScan --- WPForce/Yertle Zeus-Scanner Dirb DorksEye Katana-DS (Dork Scanner) #Operational Security & Threat Analysis EventCleaner Threat Dragon #Cross-Site Scripting & SQL Injection SQLinjection --- WhiteWidow --- V3n0M-Scanner Cross-Site Scripting --- XSStrike --- finDOM-XSS --- XSS-Freak #Web Mini-Games This was added in order to have a fun way to pass time during the more time intensive modules. Such as nMap Full Port scan or a RapidScan run. Additions: - HFish - A most effective HoneyPot System. - EventCleaner - EventLog Cleaner for Windows, with some other useful functionality. - SubDover - MultiThreaded Subdomain Takeover Vulnerability Scanner. - Katana-DS (Dork Scanner) - Google Hacking/Dorking with Tor support. - Threat Dragon - Threat Modelling framework. - Ciphey - Automated decryption/decoding/cracking tool using language processing & artificial intelligence. - Cross-Site Scripting & SQLinjection - WhiteWidow - Automated SQLinjection Vulnerability Scanner. - V3n0M-Scanner - SQLi, XSS & LFI/RFI Vuln Scanner. [hide][Hidden Content]]

Additions: MkCheck - MikroTik Router Exploitation Framework. RouterSploit - Network Router Exploitation Framework. XSStrike - Cross Site Scripting detection suite. HoneyTel - TelNet-IoT-HoneyPot used to analyze collected botnet payloads. ACLight2 - Used to discover Shadow Admin accounts on an exploited system. SMBGhost - Now has a scanner, as well as an exploitative option. Overview Sifter is a osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the 'blue' vulnerabilities within microsft and if unpatched, exploit them. It uses tools like blackwidow and konan for webdir enumeration and attack surface mapping rapidly using ASM. Gathered info is saved to the results folder, these output files can be easily parsed over to TigerShark in order to be utilised within your campaign. Or compiled for a final report to wrap up a penetration test. [hide][Hidden Content]]