Category Archives: Penetration Tools

10 Sep

Apache Struts CVE-2018-11776 Remote Code Execution Exploit

Check if the vulnerability exists against a single URL: Check if the vulnerability exists against a list of URLs:   Exploit a single URL:   Exploit a list of URLs: Demo: Python Requirements: Python2 or Python3 requests Author’s Disclaimer: “This project is made for educational and ethical testing purposes only. Usage of struts-pwn for attacking

Read More
03 Sep

Cr3dOv3r – Credential Reuse Attack Tool

Cr3dOv3r is a fairly simple Python-based set of functions that carry out the prelimary work as a credential reuse attack tool. You just give the tool your target email address then it does two fairly straightforward (but useful) jobs: Search for public leaks for the email and if it any, it returns with all available

Read More
01 Sep

Hack Windows with EternalBlue-DoublePulsar Exploit through Metasploit

What is Eternalblue-Doublepulsar? EternalBlue Malware Developed by National Security Agency (NSA) exploiting Windows based Server Message Block (SMBv1) and to be believed the tool has released by Shadow Brokers hackers Group in April 2017 and it has been used for Wannacry Cyber Attack. The DOUBLEPULSAR help us to provide a backdoor access to a windows

Read More
31 Aug

Johnny ~ John the Ripper for Windows

When it comes to the password cracking tools, John The Ripper turns out to be the top-most choice of most of the ethical hackers. This free and open source software is distributed in the form of source code. John The Ripper is primarily written in C programming language. It has been able to achieve the

Read More
31 Aug


Maltego is an interactive data mining tool that renders directed graphs for link analysis. The tool is used in online investigations for finding relationships between pieces of information from various sources located on the Internet. Maltego uses the idea of transforms to automate the process of querying different data sources. This information is then displayed

Read More
30 Aug


theHarvester is a tool for gathering subdomain names, e-mail addresses, virtual hosts, open ports/ banners, and employee names from different public sources (search engines, pgp key servers). Is a really simple tool, but very effective for the early stages of a penetration test or just to know the visibility of your company in the Internet.

Read More
28 Aug

Masscan – World’s Fastest Scanner

Masscan – Worlds fastest scanner can scan the entire Internet in under 6 minutes, transmitting 10 million packets per second. Masscan is an Internet-scale port scanner, useful for large-scale surveys of the Internet, or of internal networks. While the default transmit rate is only 100 packets/second, it can optional go as fast as 25 million

Read More
27 Aug

RouterSploit – Exploitation Framework for Embedded Devices

RouterSploit is a handy Python program which automates most of the tasks associated with compromising a router. Modeled after Metasploit, its commands will be familiar to anyone used to the Metasploit framework. It contains scanning and exploit modules and is available for Kali Linux (and macOS or Mac OS X if you want). Once you

Read More
26 Aug


RED HAWK’s is All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers. red hawk’s having so many options like given below. Features: Basic Scan Whois Lookup Geo-IP Lookup Grab Banners DNS Lookup Subnet Calculator Nmap Port Scan Sub-Domain Scanner Reverse IP Lookup & CMS Detection

Read More
25 Aug

Lazy Script for Kali Linux

This tool “lscript” is a script written by Aris Melachroinos, which allows you to automate penetration testing or hacking easily, in other word it means this bash script for when you feel lazy. Adds quite a few tools to Kali Linux. ~How to Install Features: Custom keyboard shortcuts, launch any tool within lscript Enabling-Disabling interfaces

Read More