HackGit

2022-04-24 14:41:08 If you like the channel please support us!

Donate
https://www.buymeacoffee.com/HackGit

BTC:
bc1qq2kuplw92csl0yz9xcqmrcrcmnutvvuvj3s7h7

You can buy Bitcoin here or here (not advertising) Открыть/Комментировать

2022-04-24 14:14:00 Flagy

This is a Complete tool containing a box for Capture The Flag competition. Mostly I have inserted all the necessary tools. Some people have some trouble installing tools for the beginning stages.

Cryptography
Forensics
Reversing
Steganography
Web

https://github.com/arhaxor21/Flagy Открыть/Комментировать

2022-04-24 14:14:00 Password Generator

A fast, simple and powerful open-source utility tool for generating strong, unique and random passwords. Password Generator is free to use as a secure password generator on any computer, phone, or tablet.

https://github.com/sebastienrousseau/password-generator Открыть/Комментировать

2022-04-24 12:03:50 CVE-2022-29548

Proof of concept exploit for CVE-2022-29548: A reflected XSS issue exists in the Management Console of several WSO2 products.

This affects API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; API Manager Analytics 2.2.0, 2.5.0, and 2.6.0; API Microgateway 2.2.0; Data Analytics Server 3.2.0; Enterprise Integrator 6.2.0, 6.3.0, 6.4.0, 6.5.0, and 6.6.0; IS as Key Manager 5.5.0, 5.6.0, 5.7.0, 5.9.0, and 5.10.0; Identity Server 5.5.0, 5.6.0, 5.7.0, 5.9.0, 5.10.0, and 5.11.0; Identity Server Analytics 5.5.0 and 5.6.0; and WSO2 Micro Integrator 1.0.0.

https://github.com/cxosmo/CVE-2022-29548 Открыть/Комментировать

2022-04-24 11:11:00 ​Naabu

Port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner. It is a really simple tool that does fast SYN/CONNECT scans on the host/list of hosts and lists all ports that return a reply.

Features:
Fast And Simple SYN/CONNECT probe based scanning
Optimized for ease of use and lightweight on resources
Automatic IP deduplication for port scan
NMAP integration for service discovery
Multiple input support - STDIN/HOST/IP/CIDR
Multiple output format support - JSON/TXT/STDOUT

https://github.com/projectdiscovery/naabu Открыть/Комментировать

2022-04-24 11:00:39 AutoRecon

Multi-threaded #network #reconnaissance tool which performs automated enumeration of services. It is intended as a time-saving tool for use in CTFs and other penetration testing environments (e.g. OSCP). It may also be useful in real-world engagements.

The tool works by firstly performing port scans / service detection scans. From those initial results, the tool will launch further enumeration scans of those services using a number of different tools. For example, if HTTP is found, feroxbuster will be launched (as well as many others).

Everything in the tool is highly configurable. The default configuration performs no automated exploitation to keep the tool in line with OSCP exam rules. If you wish to add automatic exploit tools to the configuration, you do so at your own risk. The author will not be held responsible for negative actions that result from the mis-use of this tool. Открыть/Комментировать

2022-04-24 10:46:16 ​Wifipumpkin3

Powerful framework for #rogue #access point attack, written in Python, that allow and offer to security researchers, red teamers and reverse engineers to mount a wireless network to conduct a man-in-the-middle attack.

Features:
Rogue access point attack
Man-in-the-middle attack
Module for deauthentication attack
Module for extra-captiveflask templates
Rogue Dns Server
Captive portal attack (captiveflask)
Intercept, inspect, modify and replay web traffic
WiFi networks scanning
DNS monitoring service
Credentials harvesting
Transparent Proxies
LLMNR, NBT-NS and MDNS poisoner (Responder3)
RestFulAPI (disabled)
and more!

https://github.com/P0cL4bs/wifipumpkin3 Открыть/Комментировать

2022-04-24 10:24:46 ​BTCPay Server

Accept Bitcoin payments ₿

BTCPay Server is a free and open-source Bitcoin payment processor which allows you to accept bitcoin without fees or intermediaries.

https://github.com/btcpayserver/btcpayserver Открыть/Комментировать

2022-04-24 09:46:55 ​Coyote

A standalone C# post-exploitation implant for maintaining access to compromised Windows infrastructure during red team engagements.

https://github.com/TartarusLabs/Coyote Открыть/Комментировать

2022-04-24 09:43:19 ​Ecapture

Capture SSL/TLS Text Content Without CA Cert By eBPF.

SSL/TLS text context capture, support openssl\gnutls\nspr(nss) libraries.
bash audit, capture bash command for Host Security Audit.
mysql query SQL audit, support mysqld 5.6\5.7\8.0, and mariadDB.

https://github.com/ehids/ecapture Открыть/Комментировать