Search the Community

Hashtopolis is a multi-platform client-server tool for distributing hashcat tasks to multiple computers. The main goals for Hashtopolis’s development are portability, robustness, multi-user support, and multiple groups management. The application has two parts: Agent Multiple clients (C#, Python), easily customizable to suit any need. Server several PHP/CSS files operating on two endpoints: an Admin GUI and an Agent Connection Point Aiming for high usability even on restricted networks, Hashtopolis communicates over HTTP(S) using a human-readable, hashing-specific dialect of JSON. The server part runs on PHP using MySQL as the database backend. It is vital that your MySQL server is configured with performance in mind. Queries can be very expensive and proper configuration makes the difference between a few milliseconds of waiting and disastrous multi-second lags. The database schema heavily profits from indexing. Therefore, if you see a hint about pre-sorting your hashlist, please do so. The web admin interface is the single point of access for all client agents. New agent deployments require a one-time password generated in the New Agent tab. This reduces the risk of leaking hashes or files to rogue or fake agents. Features Easy and comfortable to use Accessible from anywhere via web interface Server component highly compatible with common web hosting setups Unattended agents File management for word lists, rules, … Self-updating of both Hashtopolis and Hashcat Cracking multiple hashlists of the same hash type as though they were a single hashlist Running the same client on Windows, Linux and OS X Files and hashes marked as “secret” are only distributed to agents marked as “trusted” Many data import and export options Rich statistics on hashes and running tasks Visual representation of chunk distribution Multi-user support User permission levels Various notification types Small and/or CPU-only tasks Group assignment for agents and users for fine-grained access-control Compatible with crackers supporting certain flags Changelog v0.13.1 Bugfixes When deleting a supertask that was created from an import, pretasks that were removed from this supertask should also be deleted (issue #865). Setting config values to false using the user API now works as intended. When using the rulesplit function an internal server error was thrown. (#836) Deleting the last Hashlist resulted in an fatal error issue #888. Enhancements Hash.hash is now of type MEDIUMTEXT to avoid issues with longer hashes (e.g. LUKS, issue #851). [hide][Hidden Content]]

A script that wraps around a multitude of packers, protectors, obfuscators, shellcode loaders, encoders, and generators to produce complex protected Red Team implants. Your perfect companion in Malware Development CI/CD pipeline, helping watermark your artifacts, collect IOCs, backdoor, and more. With ProtectMyTooling you can quickly obfuscate your binaries without having to worry about clicking through all the Dialogs, interfaces, and menus, creating projects to obfuscate a single binary, clicking through all the options available, and wasting time about all that nonsense. It takes you straight to the point – to obfuscate your tool. The aim is to offer the most convenient interface possible and allow to leverage of a daisy-chain of multiple packers combined on a single binary. That’s right – we can launch ProtectMyTooling with several packers at once: C:\> py ProtectMyTooling.py hyperion,upx mimikatz.exe mimikatz-obf.exe The above example will firstly pass mimikatz.exe to the Hyperion for obfuscation, and then the result will be provided to UPX for compression. Resulting with UPX(Hyperion(file)) Features Supports multiple different PE Packers, .NET Obfuscators, Shellcode Loaders/Builders Allows daisy-chaining packers where output from a packer is passed to the consecutive one: callobf,hyperion,upx will produce artifact UPX(Hyperion(CallObf(file))) Collects IOCs at every obfuscation step so that auditing & Blue Team requests can be satisfied Offers functionality to inject custom Watermarks to resulting PE artifacts – in DOS Stub, Checksum, as a standalone PE Section, to file’s Overlay Comes up with a handy Cobalt Strike aggressor script bringing protected-upload and protected-execute-assembly commands Straightforward command line usage [hide][Hidden Content]]

SQLi-Hunter SQLi-Hunter is a simple HTTP proxy server and a sqlmap api wrapper that makes dig SQLi easily. [hide][Hidden Content]]

SQLi-Hunter SQLi-Hunter is a simple HTTP proxy server and a sqlmap api wrapper that makes dig SQLi easily. [HIDE][Hidden Content]]

Trigmap is a wrapper for Nmap. You can use it to easily start Nmap scan and especially to collect informations into a well organized directory hierarchy. The use of Nmap makes the script portable (easy to run not only on Kali Linux) and very efficient thanks to the optimized Nmap algorithms. Details Trigmap can performs several tasks using Nmap scripting engine (NSE): Port Scan Service and Version Detection Web Resources Enumeration Vulnerability Assessment Common Vulnerabilities Test Common Exploits Test Dictionary Attacks Against Active Services Default Credentials Test [HIDE][Hidden Content]]