A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Stars: ✭ 767 (+544.54%)

Mutual labels: penetration-testing, bugbounty, ctf-tools

Knary

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

Stars: ✭ 187 (+57.14%)

Mutual labels: penetration-testing, bugbounty, ctf-tools

aquatone

A Tool for Domain Flyovers

Stars: ✭ 43 (-63.87%)

Mutual labels: penetration-testing, bug-bounty, bugbounty

Pakuri

Penetration test Achieve Knowledge Unite Rapid Interface

Stars: ✭ 125 (+5.04%)

Mutual labels: penetration-testing, vulnerabilities, pentest-tool

Awesome Bbht

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Stars: ✭ 190 (+59.66%)

Mutual labels: penetration-testing, bug-bounty, bugbounty

Sn1per

Attack Surface Management Platform | Sn1perSecurity LLC

Stars: ✭ 4,897 (+4015.13%)

Mutual labels: penetration-testing, pentest-tool, hacking-tools

Rengine

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Stars: ✭ 3,439 (+2789.92%)

Mutual labels: penetration-testing, bug-bounty, bugbounty

tugarecon

Pentest: Subdomains enumeration tool for penetration testers.

Stars: ✭ 142 (+19.33%)

Mutual labels: penetration-testing, bug-bounty, bugbounty

PyParser-CVE

Multi source CVE/exploit parser.

Stars: ✭ 25 (-78.99%)

Mutual labels: penetration-testing, vulnerabilities, pentest-tool

Jwtxploiter

A tool to test security of json web token

Stars: ✭ 130 (+9.24%)

Mutual labels: penetration-testing, ctf-tools, pentest-tool

Offensive Docker

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

Stars: ✭ 328 (+175.63%)

Mutual labels: bug-bounty, bugbounty, ctf-tools

Security Tools

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Stars: ✭ 509 (+327.73%)

Mutual labels: bug-bounty, bugbounty, ctf-tools

credcheck

Credentials Checking Framework

Stars: ✭ 50 (-57.98%)

Mutual labels: bug-bounty, bugbounty, pentest-tool

VPS-Bug-Bounty-Tools

Script that automates the installation of the main tools used for web application penetration testing and Bug Bounty.

Stars: ✭ 44 (-63.03%)

Mutual labels: bug-bounty, bugbounty, hacking-tools

View All Similar Projects ➔

Docker for Pentesters

Project Name: Nightingale

==================================================

Docker for Pentesters: Pentesting Framework

Description

In today's technological era, docker is the most powerful technology in each and every domain, whether it is Development, cyber security, DevOps, Automation, or Infrastructure.

Considering the demand of the industry, I would like to introduce my idea to create a NIGHTINGALE: docker image for pentesters.

This docker image is ready to use environment will the required tools that are needed at the time of pentesting on any of the scopes, whether it can be web application penetration testing, network penetration testing, mobile, API, OSINT, or Forensics.

The best part is you can either create an altered docker image or pull the pre-built docker image from the hub.

Some of the best features are listed below, I would highly recommend going through it and starting penetrating into the application. Link to access tool list : tool list

Pros

No need to install multiple programming language support and multiple modules.
Booting process is very fast as per the virtualization concept.
Need as per use resource of the host machine.
All pre-install tools are installed and if you install any new software or tool use can go with that option.
You can perform vulnerability assessment and penetration testing of any scope.
You can access this docker container via browser by calling your local address.

Cons

You can run the container over cloud server but can’t perform mobile pentesting.
Creating tunnel with SSH can’t help you to provide the connection to your physical device or virtual environment.

Note: Nothing can be impossible, so I will definitely find a solution for the cons points 🤟

Why?

The Reason behind creating this Docker file is to make a platform-independent penetration toolkit. It includes all the useful tools that will be required for a penetration tester (You can refer to the tool list section for the same).

Architecture Diagram of the NIGHTINGALE.

Diagram

Docker Image Build and Run

Take a clone of the repository

git clone --depth 1 https://github.com/RAJANAGORI/Nightingale.git

Change the Directory

cd Nightingale

Now build the Docker Image.

docker build -t rajanagori/nightingale .

After Creating the Docker Image, Login into the image and Happy Hacking.... ;-)

docker run -ti --hostname nightingale  rajanagori/nightingale /bin/bash

Now, you can directly access Nightingale interactive terminal using the browser

docker run -it -p 0.0.0.0:8080:7681 -d rajanagori/nightingale /home/binaries/ttyd -p 7681 bash

If you want to run MobSF along with the nightingale then I will give you good news now you can do the same....!!

part 1

docker run -it -p 0.0.0.0:8080:7681 -p 0.0.0.0:8081:8081 -d rajanagori/nightingale /home/binaries/ttyd -p 7681 bash

part 2

cd /home/tools_mobile_vapt/Mobile-Security-Framework-MobSF/
source venv/bin/activate
./run 0.0.0.0:8081 &

Call your browser and hit 127.0.0.1:8080 for the nightingale terminal and 127.0.0.1:8081 for MobFs to become you will be prooo!!!!
If you want to bind your host machine directory to your container directory then you can do the same.

docker run -it -p 0.0.0.0:8080:7681 -p 0.0.0.0:8081:8081 -v /<your_host_machine_directory_path>:/<your_container_directory_path> -d rajanagori/nightingale /home/binaries/ttyd -p 7681 bash

For Localtunnel

Hit 127.0.0.1:8080 in your browser and you will be able to access the Nightingale terminal
Now, run the following command in your terminal

lt --port 7681 --subdomain nightingale

To start Runtime Mobile Security Framework

part 1

docker run -it -p 0.0.0.0:8080:7681 -p 0.0.0.0:8081:8081 -p 0.0.0.0:5000:5000 -d rajanagori/nightingale /home/binaries/ttyd -p 7681 bash

part 2

cd tools_mobile_vapt/rms && pm2 start rms.js --name rms

Now, hit 127.0.0.1:8080 and have fun with Nightingale !!!

To start, Restart and Stop the Postgresql database

To start the service

service postgresql start

To Restart the service

service postgresql restart

To Stop the service

service postgresql stop

Note: Use of Postgresql is for msfConsole.

Please feel free to contribute to the tool

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

RAJANAGORI / Nightingale

Programming Languages

Labels

Projects that are alternatives of or similar to Nightingale

Docker for Pentesters

Project Name: Nightingale

Docker for Pentesters: Pentesting Framework

Description

Pros

Cons

Why?

Architecture Diagram of the NIGHTINGALE.

Docker Image Build and Run

If you want to run MobSF along with the nightingale then I will give you good news now you can do the same....!!

part 1

part 2

For Localtunnel

To start Runtime Mobile Security Framework

part 1

part 2

To start, Restart and Stop the Postgresql database