Skip to content

Latest commit

 

History

History

02--Scanning & Vulnerability Assessment

README.md

  • 🔸 02 - Scanning & Vulnerability Assessment

    • TireFire

      Automate the scanning and enumeration of machines externally while maintaining complete control over scans shot to the target.
      Comfortable GUI-ish platform. Great for OSCP/HTB type Machines as well as penetration testing.

    • Silver: Mass scan IPs for vulnerable services

      masscan is fast, nmap can fingerprint software and vulners is a huge vulnerability database.
      Silver is a front-end that allows complete utilization of these programs by parsing data, spawning parallel processes, caching vulnerability data for faster scanning over time and much more.

      • image

    • Corsy: CORS Misconfiguration Scanner

      Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations.

      • image

    • PentMenu: A bash script for recon and DOS attacks

      A bash select menu for quick and easy network recon and DOS attacks

    • Legion: Automatic Enumeration Tool based in Open Source tools

      Legion is based in the Pentesting Methodology that you can find in book.hacktricks.xyz.
      Legion is a tool that uses several well-known opensource tools to automatically, semi-automatically or manually enumerate the most frequent found services running in machines that you could need to pentest.
      Basically, the goal of Legion is to extract all the information that you can from each opened network service, so you don't have to write and execute the same commands in a terminal every time you find that service.
      Some actions are repeated by more than one tool, this is done to be sure that all the possible information is correctly extracted.

      • image

    • Recon-X: Advanced Reconnaissance tool to enumerate attacking surface of the target.

      Recon-X is the ultimate tool to conveniently carry out the reconnaissance of your target and discover its attacking surface.
      The tool itself comes with two options for installation.
      First is the API mode, that is based on hackertarget API making it light and efficient and can be used for the identification of potential vulnerabilities.
      However, the API is the free one so the scans are limited to 100 calls per day per IP. So either you can use proxy to change your public IP after API counter exceedes, or you can go with the second mode of this tool, which uses the best OSINT tools available on github, making this a beast for doing reconnaissance.

      • image

    • Raccoon: A high performance offensive security tool for reconnaissance and vulnerability scanning

      Offensive Security Tool for Reconnaissance and Information Gathering

      • image

    • VulnX: Vulnx 🕷️ is An Intelligent Bot Auto Shell Injector that detects vulnerabilities in multiple types of Cms

      vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system.
      It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.

      • image

    • FinalRecon:

      FinalRecon is an automatic web reconnaissance tool written in python.
      Goal of FinalRecon is to provide an overview of the target in a short amount of time while maintaining the accuracy of results.
      Instead of executing several tools one after another it can provide similar results keeping dependencies small and simple.

      • image

    • Kerbrute:

      A tool to quickly bruteforce and enumerate valid Active Directory accounts through Kerberos Pre-Authentication

    • ppfuzz: Prototype Pollution Fuzzer

      A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀

    • CRLFuzz: A fast tool to scan CRLF vulnerability written in Go

      • image

    • Fuxploider: File upload vulnerability scanner and exploitation tool.

      Fuxploider is an open source penetration testing tool that automates the process of detecting and exploiting file upload forms flaws.
      This tool is able to detect the file types allowed to be uploaded and is able to detect which technique will work best to upload web shells or any malicious file on the desired web server. image

    • magicRecon ~ MagicRecon: Fast, simple and effective

      MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.