The pentester's Swiss knife

prevent subdomain takeover

domain-protect: prevent subdomain takeover

domain-protect scan Amazon Route53 across an AWS Organization for domain records vulnerable to takeover scan Cloudflare for vulnerable DNS records take over vulnerable subdomains yourself before attackers and bug bounty researchers automatically create known issues in Bugcrowd or HackerOne...

PNG payload

EmbedPayloadInPng: Embed a payload inside a PNG file

EmbedPayloadInPng Embed a payload within a PNG file by splitting the payload across multiple IDAT sections. Each section is encrypted individually using its own 16-byte key with the RC4 encryption algorithm. Implementation This repository consists...

shell handler

Penelope: A Shell Handler

Penelope Penelope is a shell handler designed to be easy to use and intended to replace netcat when exploiting RCE vulnerabilities. It is compatible with Linux and macOS and requires Python 3.6 or higher....

golang tunnel

gost: GO Simple Tunnel

gost – GO Simple Tunnel Features Listening on multiple ports Multi-level forward proxies – proxy chain Standard HTTP/HTTPS/HTTP2/SOCKS4(A)/SOCKS5 proxy protocols support Probing resistance support for web proxy TLS encryption via negotiation support for SOCKS5...