ghba is a PTR record (reverse DNS) scanner. It is a Golang rewrite of ghba.c that runs much faster than the original ghba.c. It can scan an entire private class C network in under a minute if 32 threads are available.
Currently being updated/maintained both here and at https://git.hardenedbsd.org/SoldierX/ghba
go
PassiveScanner is a script that uses free online services to passively enumerate and scan a domain's parameter, without actually touching the target network. The tool uses DNSDumpster to enumerate DNS information for a given domain and then checks the IPs against Zoomeye (Chinese shodan). Future versions of the tool will also incorporate Scans.io/Censys.io data as well as pull ip addresses from ASN information to also 'scan'.
Usage:
PassiveScanner -d targetdomain.com
Python 2.7
pip install dnsdumpster
This is a series of software that will allow you to connect to your computers from anywhere in the world, without using an untrusted middleman or closed source commerical software that may have an intentional backdoor.
You can transfer files between client and host computers, and control host computers almost as if you were in front of it.
I also have one thing that most of the commercial vendors I looked at do not appear to have: a native HTML5 web interface for both the remote control client AND the file manager.
The software on windows works in the UAC enviroment thanks to the help of a C++ and java native interface (JNI) code i found on github..
The software with the exception of the Java UAC interface is written in python-2.7
Windows Apple El Capitan, and Linux are currently tested and working. BSD and Solaris should work.
Major changes have been made In version 8.5:
- Now supports Left click, right click, full mouse drag AND double click.
- The python native Remote control client "RAPTORV" has been rewritten.
- Some performance and speed changes have been made.
- DPI Issues with Microsoft Windows have been resolved (your screen will be displayed properly)
- Easy configure and build scripts are now included! (this program is a pain in the ass to build without these scripts)
- A list of requirements is shipped with the software.
IMPORTANT:
Due to size constraints i am unable to supply the entire library source i used for building the java "winsysi" (windows system interact) tool.
I have supplied my pre-built jars and the source code to winsysi.
the winrobot library can be found at: https://github.com/caoym/WinRobot
also, microsoft security essentals flags parts of the java library as a trojan, Malwarebytes and other vendors i use do not flag the software at all.
Python-2.7
pywin32-220 (windows only)
twisted 15.0
autobahn 0.13.1
pygame-1.9.1
pillow-2.9.0
psutil-4.3.0
Tkinter
cxfreeze 4.3.2 (Windows)
cffi-1.6.0
cryptography-1.3.4
pyOpenSSL-16
Latest Java JRE (windows)
homebrew (Apple)
brew python2.7.x (Apple)
Xcode (Apple)
PyAutoGUI 0.9.33 (ALL)
pyobjc-2.51 or above (Apple)
pyinstaller-3.2 (Apple, Linux, Unix)
ARP Utils is a project written and maintained by xamnesiax which is designed to make the use of relatively advanced techniques - such as ARP Spoofing, easier to perform. ARP Utils, upon full release will consist of several main attacks
These attacks will include:
Man In The Middle (implemented)
ARP Poisoning (Unimplemented as of yet)
and DNS based phishing (Unimplemented as of yet)
This tool will primarily aid in accssing data which otherwisewould be hard to access, such as live DNS requests. Without these techniques, the attacker
would have to have access to the router, which may be above the access level of a common user.
This tool will also aid with the exfiltration of data from a victim via phishing, which is a technique that uses a cloned website to trick the victim in to disclosing private information - such as passwords, to the attacker.
VulnTrack monitors the nist vulnerability feed and compares it against your config file. When patterns are match based on your configuration, VulnTrack alerts you by email and/or desktop notification. Vulntrack also checks exploit-db.com for the existence of exploits for a matched vulnerability and checks against exploits that don't have an associated CVE. Useful for being notified about vulnerabilities in network appliances and other things that might not fall into your normal patch management routine. Also useful for profiling a network on a pentest to be notified if vulnerabilities related to that network are publicized during the engagement.
A few things to note:
* In version 1.1 VulnTrack-gtk has been replaced with vulntrack-cli, which is works on both Windows and Linux
* Still need to work out some issues with alerting.
* Acknowledge acknowledges you've seen the vulnerability and it won't show up anymore, however it still is in the database.
* Remove deletes the vulnerability from the database.
* Vulnerabilities with an exploit available are listed in red text
* The database comes pre populated with all exploits from 2017 to 4/24/19
python2.7
This is a Python-2.7 version of "DD" i wrote maybe about 2 years ago and dug up recently. It can make a backup of both windows and linux machines and it can also do "Hot" imaging, meaning it can backup a system while running.
python == 2.7
pywin32 >= 220
RoboAmp is a poor man's website monitoring software. It has two modes - ping and deep check. Ping check mode tests for basic network connectivity and deep check looks for a user specified error string to determine if the site is offline. RoboAmp outputs to the terminal, but can also output to a 16x2 LCD screen (via GPIO) when run on a Raspberry pi. RoboAmp also has the option to send SMS messages when a site goes down and comes back online via google voice. A google voice account is required for this functionality.
Usage:
RoboAmp -d/-p -u url [ -s str -p -l -g gmail -t timeout -v]
-d Deep check (check url content)
-p Ping check (check network connectivity)
-u URL of site to check
-s String to verify site is offline
-l Use 16x2 LCD (Raspberry PI)
-g Gmail address for gvoice SMS notification
-t Seconds to wait between checks
-v Turns on extra verbosity
wdivulge is a tool designed to find and download hidden files from a webserver. This is most commonly pictures, but you can adjust the file definitions to bruteforce any type of file that you'd like. wdivulge technically falls under the definition of a web fusker. The latest version supports socks proxies (including TOR) and custom user agents for better anonymity.
Please see the README.txt file for instructions on how to use it. Special thanks to cisc0ninja for testing this application and writing the original README file.
Please post bugs or suggestions to this thread.
Perl
LWP::UserAgent
LWP::Protocol::socks
DES_GEN was written as a POC for a specific application that shall remain anonymous several months ago.
The belief at the company was that cracking DES requires custom hardware (See EFF's US$250,000 DES cracking machine) so the vendor refused to update to newer methods of password storage.
Here's a single threaded x86 based slap in the face for that company written in perl none the less - yes a dictionary file and some fairly weak mutations cracked your root password in 46 minutes.
I'm not sure if anyone will get any use out of this, but here it is.
--If there is enough interest in updates or future releases Threading and CUDA support may be added. Cheers.
Perl, Word list, DES
The Menu Maker for C is a program that creates the source code for a command-line interface menu based on the input you provide. The program is targeted toward scripting and ease of building a more complex yet organized application. Simply compile and run. The produced source code is simple to modify, and new menu systems can easily be created by modifying an input file used to pipe input to the Menu Maker's stdin.
This release includes gcc-compatible source and a sample input file.
A more thorough tutorial is currently available in the Tutorials section.
GCC or similar compiler