🌟kiterunner🌟

📝 Introduction

For the longest of times, content discovery has been focused on finding files and folders. While this approach is effective for legacy web servers that host static files or respond with 3xx’s upon a partial path, it is no longer effective for modern web applications, specifically APIs.

Over time, we have seen a lot of time invested in making content discovery tools faster so that larger wordlists can be used, however the art of content discovery has not been innovated upon.

Kiterunner is a tool that is capable of not only performing traditional content discovery at lightning fast speeds, but also bruteforcing routes/endpoints in modern applications.

Modern application frameworks such as Flask, Rails, Express, Django and others follow the paradigm of explicitly defining routes which expect certain HTTP methods, headers, parameters and values.

When using traditional content discovery tooling, such routes are often missed and cannot easily be discovered.

By collating a dataset of Swagger specifications and condensing it into our own schema, Kiterunner can use this dataset to bruteforce API endpoints by sending the correct HTTP method, headers, path, parameters and values for each request it sends.

Swagger files were collected from a number of datasources, including an internet wide scan for the 40+ most common swagger paths. Other datasources included GitHub via BigQuery, and APIs.guru.

🌐 Github
⬇️ Download

#FUZZ
➗➗➗➗➗➗➗➗➗➗➗➗
👤 T.me/MRvirusIRBOT
📢 T.me/BugCod3

🌟 Fast and customisable vulnerability scanner based on simple YAML based DSL. 🌟

📝
Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc. With powerful and flexible templating, Nuclei can be used to model all kinds of security checks.

We have a dedicated repository that houses various type of vulnerability templates contributed by more than 300 security researchers and engineers.

Install Nuclei
Nuclei requires go1.20 to install successfully. Run the following command to install the latest version -

⬇️

➜ ~ go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest

🌐 Github

#security #vulnerability_detection
➗➗➗➗➗➗➗➗➗➗➗➗
👤 T.me/MRvirusIRBOT
📢 T.me/BugCod3

🌟Quasar🌟

🔵Free, Open-Source Remote Administration Tool for Windows

📝
Quasar is a fast and light-weight remote administration tool coded in C#. The usage ranges from user support through day-to-day administrative work to employee monitoring. Providing high stability and an easy-to-use user interface, Quasar is the perfect remote administration solution for you.

Please check out the Getting Started guide.

➕ Features
⚪️TCP network stream (IPv4 & IPv6 support)
⚪️Fast network serialization (Protocol Buffers)
⚪️Encrypted communication (TLS)
⚪️UPnP Support (automatic port forwarding)
⚪️Task Manager
⚪️File Manager
⚪️Startup Manager
⚪️Remote Desktop
⚪️Remote Shell
⚪️Remote Execution
⚪️System Information
⚪️Registry Editor
⚪️System Power Commands (Restart, Shutdown, Standby)
⚪️Keylogger (Unicode Support)
⚪️Reverse Proxy (SOCKS5)
⚪️Password Recovery (Common Browsers and FTP Clients)
⚪️... and many more!

⬇️ Download
Latest stable release (recommended)

🌐 Github

#windows #administration #remote #desktop
➗➗➗➗➗➗➗➗➗➗➗➗
👤 T.me/MRvirusIRBOT
📢 T.me/BugCod3

🌟 UnamBinder 1.3.0 - A free silent native file binder 🌟

🔵 A free silent (hidden) open-source native file binder.

📝
Main Features
⚪️ Native or Managed - Builds the final executable as a native (C) or a managed (.NET C#) 32-bit file depending on choice

⚪️ Silent - Drops and executes (if enabled) files without any visible output unless the bound program has one

⚪️ Multiple files - Supports binding any amount of files

⚪️ Compatible - Supports all tested Windows version (Windows 7 to Windows 11) and all file types

⚪️ Windows Defender exclusions - Can add exclusions into Windows Defender to ignore any detections from the bound files

⚪️ Icon/Assembly - Supports adding an Icon and/or Assembly Data to the built file

⚪️ Fake Error - Supports displaying a fake error message when file is originally started

⬇️ Downloads
Pre-Compiled
Github

#c #windows #binder #open_source
➗➗➗➗➗➗➗➗➗➗➗➗
👤 T.me/MRvirusIRBOT
📢 T.me/BugCod3

🌟 REMCOS RAT🌟

⬇️ Download

#rat #windows #malware
➗➗➗➗➗➗➗➗➗➗➗➗
👤 T.me/MRvirusIRBOT
📢 T.me/BugCod3

🌟 A Python tool for DDos via proxy 🌟

⬇️ Download

#DDos #Proxy #L7 #L4
➗➗➗➗➗➗➗➗➗➗➗➗
👤 T.me/MRvirusIRBOT
📢 T.me/BugCod3

🌟 Welcome to HackTools 🛠 🌟

📝
The all-in-one Red Team browser extension for Web Pentesters

HackTools, is a web extension facilitating your web application penetration tests, it includes cheat sheets as well as all the tools used during a test such as XSS payloads, Reverse shells and much more.

With the extension you no longer need to search for payloads in different websites or in your local storage space, most of the tools are accessible in one click. HackTools is accessible either in pop up mode or in a whole tab in the Devtools part of the browser with F12.

➕ Current functions
⚪️ Dynamic Reverse Shell generator (PHP, Bash, Ruby, Python, Perl, Netcat)
⚪️ Shell Spawning (TTY Shell Spawning)
⚪️ MSF Venom Builder
⚪️ XSS Payloads
⚪️ Basic SQLi payloads
⚪️ Local file inclusion payloads (LFI)
⚪️ Data Encoding
⚪️ Obfuscated Files or Information
⚪️ Hash Generator (MD5, SHA1, SHA256, SHA512, SM3)
⚪️ Useful Linux commands (Port Forwarding, SUID)
⚪️ RSS Feed (Exploit DB, Cisco Security Advisories, CXSECURITY)
⚪️ CVE Search Engine
⚪️ Various method of data exfiltration and download from a remote machine

⬇️ Download
🌐 Chromium based browser
🔍 Mozilla Firefox
🌐 Instructions to build for Safari

😸 Github

◀️ Build from source code
➜ ~ git clone https://github.com/LasCC/Hack-Tools.git
➜ ~ cd Hack-Tools
➜ ~ npm install && npm run build

#Bug_bounty #Payloads #Addons #Tools
➗➗➗➗➗➗➗➗➗➗➗➗
👤 T.me/MRvirusIRBOT
📢 T.me/BugCod3

🌟 Discord Nitro Generator and Checker 🌟

A discord nitro generator and checker for all your nitro needs

It generates and checks discord nitro codes at the same time for maximum efficiency

📍 Getting Started
To get a local copy up and running follow these simple steps.

➕ Prerequisites
You need to install Python, that can be done here

⬇️ Download OR Clone the repo github

◀️ Install Python packages
➜ ~ python3.8 -m pip install -r requirements.txt

➡️ Usage
Run the main.py file using py -3 main.py The code will show you two prompts:

1. How many codes to generate
2. If you want to use a discord webhook, if you dont know how to get a discord webhook url it is located at

channel settings » intergrations » webhooks » create webhook

If you dont want to use a webhook simply leave this blank

The code will start generating and checking after that step

😸 Github

⚠️ This program has not been tested by our team ⚠️

#Python #Generator #Checker #Discord #Nitro
➗➗➗➗➗➗➗➗➗➗➗➗
👤 T.me/MRvirusIRBOT
📢 T.me/BugCod3

🌟 zetanize 🌟

HTML Form Parser For Humans

📝 Introduction
It's very easy to make HTTP requests in python, thanks to urllib and requests. However, there was no way to submit HTML forms on the go, well now there is.

🔰 Documentation
from zetanize import zetanize
forms = zetanize(html)

Well that's it! Just feed zetanize a HTML document and it will give you a dict of actionable form data.
Let's parse https://google.com for getting familiar:
from requests import get
from zetanize import zetanize

html = get('https://google.com').text
forms = zetanize(html)

👁 Here's the output:
{
"0": {
"action": "/search",
"inputs": [
{
"type": "hidden",
"name": "ie",
"value": "ISO-8859-1"
},
{
"type": "hidden",
"name": "hl",
"value": "en-IN"
},
{
"type": "hidden",
"name": "source",
"value": "hp"
},
{
"type": "hidden",
"name": "biw",
"value": ""
},
{
"type": "hidden",
"name": "bih",
"value": ""
},
{
"type": "",
"name": "q",
"value": ""
},
{
"type": "submit",
"name": "btnG",
"value": "Google Search"
},
{
"type": "submit",
"name": "btnI",
"value": "I"
},
{
"type": "hidden",
"name": "gbv",
"value": "1"
}
],
"method": "get"
}
}


⬇️ Download
😸 Github

#Mechanize #Html #Parser
➗➗➗➗➗➗➗➗➗➗➗➗
👤 T.me/MRvirusIRBOT
📢 T.me/BugCod3

🌟 Photon 🌟

Incredibly fast crawler designed for OSINT

Photon can extract the following data while crawling:
⚪️URLs (in-scope & out-of-scope)
⚪️URLs with parameters (example.com/gallery.php?id=2)
⚪️Intel (emails, social media accounts, amazon buckets etc.)
⚪️Files (pdf, png, xml etc.)
⚪️Secret keys (auth/API keys & hashes)
⚪️JavaScript files & Endpoints present in them
⚪️Strings matching custom regex pattern
⚪️Subdomains & DNS related data


⬇️ Download
😸 Github

#Python #Crawler #Osint #Spider
➗➗➗➗➗➗➗➗➗➗➗➗
👤 T.me/MRvirusIRBOT
📢 T.me/BugCod3

Xss Payload

<input/onmouseover="javaSCRIPT&colon;confirm&lpar;1&rpar;”



#Xss #Payload
➗➗➗➗➗➗➗➗➗➗➗➗
👤 T.me/BugCod3BOT
📢 T.me/BugCod3