Tool #7 on our #network #pentestingtools list is Evilgophish. This tool builds upon Evilginx and GoPhish, both great tools. When they are together as Evilgophish, you can elevate your #redteaming or #pentesting engagements! Unlike the OG GoPhish, Evilgophish has SMS phishing capabilities and comes with a blacklist that contains IP addresses/blocks owned by the likes of ProofPoint, Microsoft, and Trend Micro. See the other tools we picked for this list here: https://bfx.social/3wRCX0n

Tool #7 on our #network #pentestingtools list is Evilgophish. This tool builds upon Evilginx and GoPhish, both great tools. When they are together as Evilgophish, you can elevate your #redteaming or #pentesting engagements! Unlike the OG GoPhish, Evilgophish has SMS phishing capabilities and comes with a blacklist that contains IP addresses/blocks owned by the likes of ProofPoint, Microsoft, and Trend Micro. See the other tools we picked for this list here: bfx.social/3wRCX0n

Tool #7 on our #network #pentestingtools list is Evilgophish. This tool builds upon Evilginx and GoPhish, both great tools. When they are together as Evilgophish, you can elevate your #redteaming or #pentesting engagements! Unlike the OG GoPhish, Evilgophish has SMS phishing capabilities and comes with a blacklist that contains IP addresses/blocks owned by the likes of ProofPoint, Microsoft, and Trend Micro. See the other tools we picked for this list here: bfx.social/3wRCX0n

Tool #6 on our #network #pentestingtools list is the dynamic duo of Aireplay-ng and Aircrack-ng. These #wireless network #pentesting tools go together like two peas in a pod!

See the other 7 tools we picked for this #pentesting tool list here: https://bfx.social/3wRCX0n

I made a Burp extension! Are you tired of manually copying request headers from Burp, formatting them like

-H 'User-Agent:Something' 

and pasting them into your command to use them with cURL, Gobuster, Wfuzz, fuff, Feroxbuster etc.?

I sure was. So I made this:
https://github.com/n0kovo/burp-copy-headers-as-args

You're welcome ❤️

#burpsuite #pentest #pentesting #bugbountytips #bugbounty #foss #appsec #hacking #tools #infosec #redteam #redteaming #PentestingTools #fuzzing #bapp

Tool #5 on our #network #pentestingtools list is Wifite2. Use this tool to retrieve a router’s password via several different methods, such as by way of Offline Pixie-Dust attacks or Online Brute-Force PIN attacks.

See the other 7 tools we picked for this #pentesting tool list here ⬇

https://bfx.social/3wRCX0n

Tool #4 on our #network #pentestingtools list is Arp-Scan. This command line tool makes discovering and detecting the characteristics of IP hosts much more accessible! See the other 7 tools we picked for this #pentesting tool list here: https://bfx.social/3Jm2WVc

Tool #3 on our #network #pentestingtools list is NP by Bishop Fox’s Liam Somerville! This #opensource tool makes it easy to summarize and query the output of multiple different port scanners so you can spend more time #hacking and less time grepping. See the other 7 tools we picked for this #pentesting tool list here: https://bfx.social/3wRCX0n

Tool #2 on our #network #pentestingtools list is Pompem! Use the #Python-based #Pompem to find #exploits and #vulnerabilities.

See the other 7 tools we picked for this #pentesting tool list here: https://bfx.social/3Jm2WVc

🔥 FirebaseExploiter

👉 a vulnerability discovery tool that discovers Firebase Database which are open and can be exploitable

👉 Primarily built for mass hunting bug bounties and for penetration testing.

https://github.com/securebinary/firebaseExploiter

#infosec #pentesting #bugbounty #bugbountytips #redteaming #pentestingtools

A collection of #FoSs #infosec tools I’ve been working on. Contributions and feedback welcome:

‪ https://github.com/Root-Down-Digital/pentesting-resources

#PentestingTools #opensource

Tool #1 on our #network #pentestingtools list is the classic #Nmap. Use this tool to scan both large and small networks on a wide range of operating systems. See the other 7 tools we picked for this #pentesting tool list here: https://bishopfox.com/blog/8-network-pen-testing-tools

We just dropped our latest #hacking tool list, "8 Network Pen Testing Tools For Your Hacker Arsenal."

Some of the tools we included are:
- Nmap (naturally)
- Arp-Scan
- CloudFox

Let us know what #network #pentestingtools you recommend, too! https://bishopfox.com/blog/8-network-pen-testing-tools

Tools and Techniques for Red Team / Penetration Testing

📌Collection of tools and resources that can be useful for red teaming activities

https://github.com/A-poc/RedTeam-Tools

#infosec #redteaming #redteamingtips #bugbountytips #pentesting #appsec #RedteamTools #kalilinux #PentestingTools

What tools do other pentesters and bounty hunters use to manage their work, notes, and reporting needs? I'd love some input. AttackForge looks interesting but I'd prefer something Open Source personally. #bugbounties #bountyhunting #pentesting #PentestingTools

What tools do other pentesters and bounty hunters use to manage their work, notes, and reporting needs? I'd love some input. AttackForge looks interesting but I'd prefer something Open Source personally. #bugbounties #bountyhunting #pentesting #PentestingTools

Latest version of #nuclei released featuring –

→ URL Fuzzing
→ Automatic http probing
→ ASN/CIDR Input
→ Session/value sharing in workflows
→ Custom template (GitHub/S3)
→ Search engine query+template execution
https://github.com/projectdiscovery/fuzzing-templates

#bugbounty #pentesting #infosec #redteaming #bugbountytips #PentestingTools

#Fireproxng:
Next generation #fireprox by @sprocket_ed

To create pass-through proxies that rotate the source IP address with every request!

fireproxng also includes some evasion features that are not present in the original fireprox.
https://github.com/Sprocket-Security/fireproxng

#infosecurity #infosec #PentestingTools #Pentesting