Reconky is a script written in bash to automate the task of recon and information gathering.This Bash Script allows you to collect some information that will help you identify what to do next and where to look for the required target.

Continue reading “reconky-a-great-content-discovery-bash-script-for-bug-bounty-hunters-which-automate-lot-of-task-and-organized-it”

FUSE – A Penetration Testing Tool For Finding File Upload Bugs

FUSE is a penetration testing system designed to identify Unrestricted Executable File Upload (UEFU) vulnerabilities. The details of the testing strategy is in our  paper, “FUSE: Finding File Upload Bugs via Penetration Testing”, which appeared in NDSS 2020. To see how to configure and execute FUSE, see the followings.

Continue reading “FUSE – A Penetration Testing Tool For Finding File Upload Bugs”


  • Viper is a graphical intranet penetration tool, which modularizes and weaponizes the tactics and technologies commonly used in the process of Intranet penetration
  • Viper integrates basic functions such as bypass anti-virus software, intranet tunnel, file management, command line and so on
  • Viper has integrated 80+ modules, covering Resource Development / Initial Access / Execution / Persistence / Privilege Escalation / Defense Evasion / Credential Access / Discovery / Lateral Movement / Collection and other categories
  • Viper’s goal is to help red team engineers improve attack efficiency, simplify operation and reduce technical threshold
  • Viper supports running native msfconsole in browser and multi – person collaboration

Continue reading “viper-intranet-pentesting-tool-with-webui”