A dead simple library providing the foundational logic for efficient password brute force attacks against authentication interfaces.
Bruteforcing on Hidden parameters to find SSRF vulnerability using GET and POST MethodsNOTE
Dumping revelant information on compromised targets without AV detection DPAPI dumping Lots of credentials are protected by DPAPI. We aim at locating those “secured” credentials, and retreive them using : User password Domaine DPAPI BackupKey Local machine DPAPI Key (protecting TaskScheduled blob)
A multi-platform web hacking toolkit Docker image with Graphical User Interface (GUI) support.Installation
Vimana is a modular security framework designed to audit Python web applications.The base of the Vimana is composed of crawlers focused on
An HTTP Request Smuggling / Desync testing tool written in Python 3Acknowledgements
FeaturesProtocol Agnostic – Currently supporting HTTP, HTTPS, HTTP/2. Other protocols are on the way.Scenario-Based – Create your flow in a JSON file. Without a line of code!Different Load Types – Test your system’s limits across different load types.Installation