Category: Penetration Testing

Cybersecurity, Penetration Testing

WPSeku: a Black-box WordPress Security Scanner

WPSeku is a Black-box WordPress vulnerability scanner that can be used to scan remote WordPress installations to find security issues. What is a Black-box scanner? Black-box security testing refers to a method of software security testing in which the security controls, defences and design of an application are tested from the outside-in, with little or […]

Penetration Testing, Python

Wifite 2: a complete rewrite of Wifite

A Python script for auditing wireless networks Do you know Wifite? It’s a great wifi auditing tool, designed for use with pentesting distributions of Linux, such as Kali Linux, Pentoo, BackBox and any Linux distributions with wireless drivers patched for injection (so the script appears to also operate with Ubuntu 11/10, Debian 6, and Fedora 16). The […]

Cybersecurity, Penetration Testing, Python

Raven: a tool for gathering information about company employees using google and Linkedin

Useful during a pentest Raven is a tool developed by 0x09AL to gather information about an organization employees using Linkedin. It’s developed using python, Selenium e geckodriver Features Automatically check found emails in haveibeenpwned.com Output in CSV format Installation Simply run setup.sh as root. The script resolves some python dependencies and installs geckodriver and xvfb: pip install […]

Cybersecurity, Penetration Testing, Python

“Spaghetti”, a Python Web Application security scanner

Designed to find various default and insecure files, configurations and misconfigurations. Spaghetti is a web application security scanner built on python2.7, designed to find various default and insecure files, configurations and misconfigurations. It’s developed and mantained by Momo Outaadi(m4ll0k), that have also developed Infoga, an information gathering tool. Features Fingerprints Server Frameworks (CakePHP,CherryPy,Django,…) Firewall (Cloudflare,AWS,Barracuda,…) […]