Category Archives: Vulnerabilities & attacks

wig – WebApp Information Gatherer

wig is a web application information gathering tool, which can identify numerous Content Management Systems and other administrative applications.

Shellphish – Phishing Tool for 18 Social Media

Shellphish is a phishing Tool that will create web sever with login page for major online social medias website including Instagram, Facebook, Twitter, Snapchat, Github, Yahoo, Protonmail.

WAFNinja – Tool to Bypass Web Application Firewalls

WAFNinja is a CLI tool written in Python. It shall help penetration testers to bypass a WAF by automating steps necessary for bypassing input validation. The tool was created with the objective to be easily extendible, simple to use and

Wafpass – Analyzing WAF Bypass Methods

WAFPASS is a tool to analyze parameters with all payloads' bypass methods, aiming at benchmark security solutions like WAF.

vscan – Vulnerability Scanner Using Nmap and NSE

vscan is a tool that puts an additional value into vulnerability scanning with nmap.

Pocsuite – Vulnerability Testing Framework

Pocsuite is an open-sourced remote vulnerability testing and proof-of-concept development framework developed by the Knownsec 404 Team

2FAssassin – Bypass Two-Factor-Authentication

2FAssassin is a tool that will help in exploiting certain misconfiguration or vulnerabilities on remote system to extract private keys from memory.