Pinned Repositories
AIB_online_banking
Security theatre at Allied Irish Banks: a demonstration in python
Cartero
Cartero - Social Engineering Framework
commix
Automated All-in-One OS Command Injection and Exploitation Tool
Digitalbank
Android Digital Bank Vulnerable Mobile App
enumXFF
Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions
node-reverse-trojan
An example of a reverse RAT (remote administration tool / trojan horse) written in NodeJS. Highly experimental.
Pronto
Quick OSINT on twitter accounts.
scripts
Scripts I use during pentest engagements.
the-backdoor-factory
Patch PE, ELF, Mach-O binaries with shellcode
tw2inky
Maps recent tweets to linkedin profiles (OSINT)
CyberScions's Repositories
CyberScions/Responder
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
CyberScions/cupp
Common User Passwords Profiler (CUPP)
CyberScions/poet
Post-exploitation tool
CyberScions/gitlist
CyberScions/discover
For use with Kali Linux. Custom bash scripts used to automate various pentesting tasks.
CyberScions/httpscreenshot
CyberScions/thp2
thp2 setup
CyberScions/instarecon
Automated digital reconnaissance
CyberScions/MozDef
MozDef: The Mozilla Defense Platform
CyberScions/lynis
Lynis - Security auditing and hardening tool for Unix/Linux based systems
CyberScions/wfuzz
Web application bruteforcer
CyberScions/TheWind
a MITM attack tool
CyberScions/AIB_online_banking
Security theatre at Allied Irish Banks: a demonstration in python
CyberScions/rext
Router EXploitation Toolkit - small toolkit for easy creation and usage of various python scripts that work with embedded devices.
CyberScions/AntiXSS-Auditor
An audit assistant for finding AntiXSS vulnerabilities
CyberScions/meaniechrome
Malicious chrome extension. Needs Developer mode on. Used the skeleton of Adblocker after I saw they injected js into the page. It'll hijack your browser and (in the case of the demo) point to either a box on the LAN or external web server. It's all still subject to restrictions (most HTTPS sites only allow it over HTTPS, some have whitelists for contents like Facebook, etc). Included remote.js, which would be the remote payload controlled on the external server.
CyberScions/ngExam
An AngularJS exam with questions from beginner to expert by @gdi2290
CyberScions/SecLists
SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
CyberScions/Cartero
Cartero - Social Engineering Framework
CyberScions/drozer
The Leading Security Assessment Framework for Android.
CyberScions/phishing-frenzy
Ruby on Rails Phishing Framework
CyberScions/TekDefense-Automater
Automater - IP URL and MD5 OSINT Analysis
CyberScions/CMSmap
CyberScions/rips
RIPS - A static source code analyser for vulnerabilities in PHP scripts
CyberScions/dirs3arch
HTTP(S) directory/file brute forcer
CyberScions/the-backdoor-factory
Patch PE, ELF, Mach-O binaries with shellcode
CyberScions/NoSQLMap
Automated Mongo database and NoSQL web application exploitation tool
CyberScions/ssh-badkeys
A collection of static SSH keys (public and private) that have made their way into software and hardware products.
CyberScions/DVIA
Damn Vulnerable iOS App (DVIA) is an iOS application that is damn vulnerable. Its main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their iOS penetration testing skills in a legal environment. This application covers all the common vulnerabilities found in iOS applications (following OWASP top 10 mobile risks) and contains several challenges that the user can try. This application also contains a section where a user can read various articles on iOS application security. This project is developed and maintained by @prateekg147. The vulnerabilities and solutions covered in this app are tested upto iOS 8.1 .
CyberScions/plecost
Plecost - Wordpress finger printer Tool