Search Results for "dox-tool"

Ligolo-ng is a simple, lightweight and fast tool that allows pentesters to establish tunnels from a reverse TCP/TLS connection using a tun interface (without the need of SOCKS). When running the relay/proxy server, a tun interface is used, packets sent to this interface are translated and then transmitted to the agent's remote network. You need to download the Wintun driver (used by WireGuard) and place the wintun.dll in the same folder as Ligolo.

BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. ...

Alan Framework is a post-exploitation framework useful during red-team activities. You can run your preferred tool directly in-memory. JavaScript script execution (in-memory without third party dependency) Fully compliant SOCKS5 proxy. Supported agent types: Powershell (x86/x64), DLL (x86/x64), Executable (x86/x64), Shellcode (x86/x64). Server.exe can be executed in Linux (via dotnet core) The network communication is fully encrypted with a session key not recoverable from the agent binary or from a traffic dump. ...

...The purpose of PyExfil is to set as many exfiltrations, and now also communication, techniques that CAN be used by various threat actors/malware around to bypass various detection and mitigation tools and techniques. You can track changes at the official GitHub page. Putting it simply, it’s meant to be used as a testing tool rather than an actual Red Teaming tool. Although most techniques and methods should be easily ported and compiled to various operating systems, some stable some experimental, the transmission mechanism should be stable on all techniques. Clone it, deploy on a node in your organization and see which systems can catch which techniques.

A tool to dump the login password from the current linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz. Takes advantage of cleartext credentials in memory by dumping the process and extracting lines that have a high probability of containing passwords. Will attempt to calculate each word's probability by checking hashes in memory, and regex searches. 2.0 introduces a clean port that aims to increase the speed of execution and portability

...It automates swap extraction and searches for Linux user credentials, Web form credentials, Web form emails, HTTP basic authentication, WiFi SSID and keys, etc. swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.