Search the Community

TMail is a simple to use, fast and mobile-ready temporary email system with an impressive feature set. It takes just 4 min to install TMail on your server [Hidden Content] [hide][Hidden Content]]

PoshC2 is a proxy aware C2 framework used to aid penetration testers with red teaming, post-exploitation and lateral movement. PoshC2 is primarily written in Python3 and follows a modular format to enable users to add their own modules and tools, allowing an extendible and flexible C2 framework. Out-of-the-box PoshC2 comes PowerShell/C# and Python3 implants with payloads written in PowerShell v2 and v4, C++ and C# source code, a variety of executables, DLLs and raw shellcode in addition to a Python3 payload. These enable C2 functionality on a wide range of devices and operating systems, including Windows, *nix and OSX. Other notable features of PoshC2 include: Highly configurable payloads, including default beacon times, jitter, kill dates, user agents and more. A large number of payloads generated out-of-the-box which are frequently updated and maintained to bypass common Anti-Virus products. Auto-generated Apache Rewrite rules for use in a C2 proxy, protecting your C2 infrastructure and maintaining good operational security. A modular format allowing users to create or edit C#, PowerShell or Python3 modules which can be run in-memory by the Implants. Notifications on receiving a successful Implant, such as via text message or Pushover. A comprehensive and maintained contextual help and an intelligent prompt with contextual auto-completion, history and suggestions. Fully encrypted communications, protecting the confidentiality and integrity of the C2 traffic even when communicating over HTTP. Client/Server format allowing multiple team members to utilise a single C2 server. Extensive logging. Every action and response is timestamped and stored in a database with all relevant information such as user, host, implant number etc. In addition to this the C2 server output is directly logged to a separate file. Changelog v7.2 New Report template & style Updates to support Slack Notifications Add ability to chain SharpPBind implants to an arbitrary depth Fix Sharpsocks on Docker Misc minor fixes [hide][Hidden Content]]

Shellter Shellter is a dynamic shellcode injection tool, and the first truly dynamic PE infector ever created. It can be used in order to inject shellcode into native Windows applications (currently 32-bit applications only). The shellcode can be something yours or something generated through a framework, such as Metasploit. Shellter takes advantage of the original structure of the PE file and doesn’t apply any modification such as changing memory access permissions in sections (unless the user wants), adding an extra section with RWE access, and whatever would look dodgy under an AV scan. Shellter uses a unique dynamic approach which is based on the execution flow of the target application, and this is just the tip of the iceberg. Shellter is not just an EPO infector that tries to find a location to insert an instruction to redirect execution to the payload. Unlike any other infector, Shellter’s advanced infection engine never transfers the execution flow to a code cave or to an added section in the infected PE file. Main Features Compatible with Windows x86/x64 (XP SP3 and above) & Wine/CrossOver for Linux/Mac. Portable – No setup is required. Doesn’t require extra dependencies (python, .net, etc…). No static PE templates, framework wrappers etc… Supports any 32-bit payload (generated either by metasploit or custom ones by the user). Compatible with all types of encoding by metasploit. Compatible with custom encoding created by the user. Stealth Mode – Preserves Original Functionality. Multi-Payload PE infection. Proprietary Encoding + User Defined Encoding Sequence. Dynamic Thread Context Keys. Supports Reflective DLL loaders. Embedded Metasploit Payloads. Junk code Polymorphic engine. Thread context aware Polymorphic engine. User can use custom Polymorphic code of his own. Takes advantage of Dynamic Thread Context information for anti-static analysis. Detects self-modifying code. Traces single and multi-thread applications. Fully dynamic injection locations based on the execution flow. Disassembles and shows to the user available injection points. User chooses what to inject, when, and where. Command Line support. Free Most info: [Hidden Content] Download: [Hidden Content] Source: [Hidden Content]

Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security’s premium reporting add-on for Professional Penetration Testers, Bug Bounty Researchers and Corporate Security teams to manage large environments and pentest scopes. FEATURES: Automatically collects basic recon (ie. whois, ping, DNS, etc.) Automatically launches Google hacking queries against a target domain Automatically enumerates open ports via Nmap port scanning Automatically brute forces sub-domains gathers DNS info and checks for zone transfers Automatically checks for sub-domain hijacking Automatically runs targeted Nmap scripts against open ports Automatically runs targeted Metasploit scan and exploit modules Automatically scans all web applications for common vulnerabilities Automatically brute forces ALL open services Automatically test for anonymous FTP access Automatically runs WPScan, Arachni and Nikto for all web services Automatically enumerates NFS shares Automatically test for anonymous LDAP access Automatically enumerate SSL/TLS cyphers, protocols and vulnerabilities Automatically enumerate SNMP community strings, services and users Automatically list SMB users and shares, check for NULL sessions and exploit MS08-067 Automatically exploit vulnerable JBoss, Java RMI and Tomcat servers Automatically tests for open X11 servers Auto-pwn added for Metasploitable, ShellShock, MS08-067, Default Tomcat Creds Performs high-level enumeration of multiple hosts and subnets Automatically integrates with Metasploit Pro, MSFConsole and Zenmap for reporting Automatically gathers screenshots of all websites Create individual workspaces to store all scan output Changelog v7.2 – Added experimental OpenVAS API integration v7.2 – Improved Burpsuite 2.x API integration with vuln reporting v7.2 – Added hunter.io API integration to recon mode scans v7.2 – Added Cisco IKE Key Disclosure MSF exploit v7.2 – Added JBoss MSF vuln scanner module v7.2 – Added Apache CouchDB RCE MSF exploit v7.2 – Added IBM Tivoli Endpoint Manager POST Query Buffer Overflow exploit v7.2 – Added Java RMI MSF scanner v7.2 – New scan mode “vulnscan” v7.2 – New scan mode “massportscan” v7.2 – New scan mode “massweb” v7.2 – New scan mode “masswebscan” v7.2 – New scan mode “massvulnscan” v7.2 – Added additional Slack API notification settings v7.2 – Improved NMap port detection and scan modes v7.2 – Fixed issue with Censys API being enabled by default v7.2 – Fixed verbose errors in subjack/subover tools v7.2 – Fixed issue with NMap http scripts not working [HIDE][Hidden Content]]