Marcos Henrique's Projects
AD - Notificação por E-mail de quando a Senha Expira
Extrair a lista de usuários do Active Directory e envia por E-mail.
Criar Usuários via PowerShell com CSV
Active Directory Integrated DNS dumping by any authenticated user
ADRT - Active Directory Report Tool
HTTP parameter discovery suite.
Find domains and subdomains related to a given domain
An Bash&Python Script For Generating Payloads that Bypasses All Antivirus so far [FUD]
AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.
Steal Net-NTLM Hash using Bad-PDF
bap - http Basic Authentication honeyPot
OSINT automation for hackers.
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.
Information Gathering tool for a Website or IP address
Six Degrees of Domain Admin
CATPHISH project - For phishing and corporate espionage. Perfect for RED TEAM.
Network brute force tool, written in Python. Faster than other existing solutions (including the main leader in the network brute force market).
CeWL is a Custom Word List Generator
:fire: CHAOS is a free and open-source Remote Administration Tool that allow generate binaries to control remote operating systems.
Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
CredPhish is a PowerShell script designed to invoke legitimate credential prompts and exfiltrate passwords over DNS.
Criptografia com Certificado
Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools.
Crowley-scan is a tool to search for and analyze vulnerable targets open to the internet.
IP obfuscator made to make a malicious ip a bit cuter
Test tool for CVE-2020-1472
# D-TECT D-TECT - Pentest the Modern Web Author: [Shawar Khan] (https://shawarkhan.com/about/) Disclaimer: I am not responsible for any damage done using this tool. This tool should only be used for educational purposes and for penetration testing. ###Compatibility: * Any platform using Python 2.7 ###Requirements: * Python 2.7 * Modules(included): Colorama, BeautifulSoup ###Description: **D-TECT** is an All-In-One Tool for Penetration Testing. This is specially programmed for Penetration Testers and Security Researchers to make their job easier, instead of launching different tools for performing different task. **D-TECT** provides multiple features and detection features which gather target information and finds different flaws in it. ###Features: * Sub-domain Scanning * Port Scanning * Wordpress Scanning * Wordpress Username Enumeration * Wordpress Backup Grabbing * Sensitive File Detection * Same-Site Scripting Scanning * Click Jacking Detection * Powerful XSS vulnerability scanning * SQL Injection vulnerability scanning * User-Friendly UI ###Usage: python d-tect.py #Screenshots: ###Menu: ![Menu](https://raw.githubusercontent.com/shawarkhanethicalhacker/D-TECT/master/Screenshots/menu.png) ###Banner Grabbing: ![Banner Grabbing](https://raw.githubusercontent.com/shawarkhanethicalhacker/D-TECT/master/Screenshots/banner.png) ###Click Jacking Detection: ![Click Jacking](https://raw.githubusercontent.com/shawarkhanethicalhacker/D-TECT/master/Screenshots/clickjacking.png) ###Port Scanner: ![Port Scanner](https://raw.githubusercontent.com/shawarkhanethicalhacker/D-TECT/master/Screenshots/portscan.png) ###WP Backup Grabber: ![WP Backup Grabber](https://raw.githubusercontent.com/shawarkhanethicalhacker/D-TECT/master/Screenshots/backup.png) ###Sensitive File Detection: ![File Detection](https://raw.githubusercontent.com/shawarkhanethicalhacker/D-TECT/master/Screenshots/filedetection.png) ###Cross-Site Scripting [ XSS ] Scanner: ![XSS Scanner](https://raw.githubusercontent.com/shawarkhanethicalhacker/D-TECT/master/Screenshots/xss.png) ###SQL Injection [ SQLI ] Scanner: ![SQLI Scanner](https://raw.githubusercontent.com/shawarkhanethicalhacker/D-TECT/master/Screenshots/sqli.png) ###Sub-domain Scanner: ![Sub-Domain Scanner](https://raw.githubusercontent.com/shawarkhanethicalhacker/D-TECT/master/Screenshots/subdomain.png) ###WP Username Enumeration: ![WP Username Enumeration](https://raw.githubusercontent.com/shawarkhanethicalhacker/D-TECT/master/Screenshots/usernameenumeration.png) ###Same Site Scripting detection: ![Same-Site Scripting](https://raw.githubusercontent.com/shawarkhanethicalhacker/D-TECT/master/Screenshots/samesitescripting.jpeg) # Special Thanks To: * Curt Smith * Tayyab Qadir * Mugees Ahmad
Web path scanner