Hacking Tools

PingRAT is a tool designed to secretly passes C2 traffic through firewalls using ICMP payloads. This method allows PingRAT to bypass firewall restrictions and evade detection.

Genzai is a tool designed to identify and analyze IoT (Internet of Things) dashboards across single or multiple targets. It scans for default password issues and potential vulnerabilities based on specific paths and software versions.

SiteDorks is a tool that allows users to query multiple websites across various search engines such as Google, Bing, Brave, DuckDuckGo, Yahoo, and Yandex. It utilizes predefined lists of “dorkable” websites—websites that can be searched using specific advanced search queries (dorks) with a default list containing 576 websites.

dnstwist is a tool designed to identify potentially malicious domains that adversaries might use to target your organization. It generates an extensive list of domain permutations based on a provided domain name and verifies their activity. This tool can detect typosquatting, phishing attacks, fraud, and brand impersonation.

pphack is a tool designed for detecting prototype pollution vulnerabilities in client-side JavaScript code.

Certina is an OSINT tool for red teamers, bug bounty hunters and pentesters to discover subdomains from web certificate data.

403jump is a tool designed for penetration testers and bug bounty hunters to audit the security of web applications and identify potential vulnerabilities. It aims to bypass HTTP 403 (Forbidden) pages using various techniques.

NetScout is an OSINT tool that finds domains, subdomains, directories, endpoints and files for a given seed URL.

WAF bypass is an open source tool to analyze the security of any WAF for False Positives and False Negatives using predefined and customizable payloads. Check your WAF before an attacker does.