Search the Community

NoSQL scanner and injector. It aims to be fast, accurate, and highly usable, with an easy to understand command-line interface. Features Nosqli currently supports nosql injection detection for Mongodb. It runs the following tests: Error based – inject a variety of characters and payloads, searching responses for known Mongo errors Boolean Blind injection – inject parameters with true/false payloads and attempt to determine if an injection exists Timing injection – attempt to inject timing delays in the server, to measure the response. Changelog v0.5.4 Includes bug fix for open file error. [hide][Hidden Content]]

WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. It recognizes web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1700 plugins, each to recognize something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more. WhatWeb can be stealthy and fast, or thorough but slow. WhatWeb supports an aggression level to control the tradeoff between speed and reliability. When you visit a website in your browser, the transaction includes many hints of what web technologies are powering that website. Sometimes a single webpage visit contains enough information to identify a website but when it does not, WhatWeb can interrogate the website further. The default level of aggression, called ‘stealthy’, is the fastest and requires only one HTTP request of a website. This is suitable for scanning public websites. More aggressive modes were developed for use in penetration tests. Most WhatWeb plugins are thorough and recognize a range of cues from subtle to obvious. For example, most WordPress websites can be identified by the meta HTML tag, e.g. ‘<meta name=”generator” content=”WordPress 2.6.5″>’, but a minority of WordPress websites remove this identifying tag but this does not thwart WhatWeb. The WordPress WhatWeb plugin has over 15 tests, which include checking the favicon, default installation files, login pages, and checking for “/wp-content/” within relative links. Features: Over 1800 plugins Control the trade-off between speed/stealth and reliability Performance Tuning. Control how many websites to scan concurrently. Multiple log formats: Brief (greppable), Verbose (human readable), XML, JSON, MagicTree, RubyObject, MongoDB, ElasticSearch, SQL. Proxy support including TOR Custom HTTP headers Basic HTTP authentication Control over webpage redirection IP address ranges Fuzzy matching Result certainty awareness Custom plugins defined on the command line IDN (International Domain Name) support Changelog v.0.5.4 This is a minor release with three new plugins ✨, and one plugin updates 🔨. 🔧 FIXES #345 Fixed colour output problem with white text being invisible when users have a white terminal background (@urbanadventurer) #347 Fixed MongoDB compatibility logging issue (@juananpe) NEW PLUGINS BlockScout (@urbanadventurer) ElasticSearch (@urbanadventurer) Grafana (@urbanadventurer) PLUGIN UPDATES Kibana (@urbanadventurer) [hide][Hidden Content]]

Modern Phishing Tool With Advanced Functionality PHISHING | KEYLOGGER | INFORMATION_COLLECTOR | ALL_IN_ONE_TOOL | SOCIALENGINEERING DISCLAIMER TO BE USED FOR EDUCATIONAL PURPOSES ONLY The use of the HiddenEye & its resources/phishing-pages is COMPLETE RESPONSIBILITY of the END-USER. Developers assume NO liability and are NOT responsible for any misuse or damage caused by this program. Also we inform you that some of your your actions may be ILLEGAL and you CAN NOT use this software to test person or company without WRITTEN PERMISSION from them. AVAILABLE TUNNELLING OPTIONS** LOCALHOST LOCALXPOSE ([Hidden Content]) SERVEO ([Hidden Content]) NGROK ([Hidden Content]) LOCALTUNNEL (Package Version) ([Hidden Content]) OPENPORT ([Hidden Content]) PAGEKITE ([Hidden Content]) QUICK FIX [0.5.4] @An0nUD4Y An0nUD4Y released this 5 days ago This Release made to cover the issues Occured During/After the Github Mistakely Disable the Repo. QUICK CHANGES MADE Ngrok Fixed Few More Tunnels Got Fixed Installation Interface improved Few Phishing Pages Fixed Small issues Fixed Created A Backup Repo At GitLab (Check Readme) [HIDE][Hidden Content]]