{"uuid": "22d95b33-5b44-4979-8ea8-2bcdba3ccea5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-X574-M823-4X7W", "type": "seen", "source": "https://t.me/NinjaSec/217", "content": "1. File Droppers / Remote Execution Tools\n\nUmbrella \u2013 File dropper for pentests, executes files silently\nhttps://github.com/4w4k3\n\nDocEx \u2013 Document-based data exfiltration\nhttps://github.com/DarkSpaceSecurity/DocEx\n---\n\n2. Wireless Attacks / Wi-Fi Pentesting\n\nWifiphisher \u2013 Rogue access point framework\nhttps://github.com/wifiphisher/wifiphisher.git\n---\n\n3. Termux Tool Collections\n\nTermuxBlack \u2013 BlackArch-like repo for Termux\nhttps://github.com/Hax4us/TermuxBlack\n\nDevilX \u2013 110+ tools installer\nhttps://github.com/MrHacker-X/DevilX.git\n\nLazyMux \u2013 Easy installer for pentesting tools\nhttps://github.com/Gameye98/Lazymux\n\nT-Remix \u2013 Termux customizer with password and prompt themes\nhttps://github.com/Bhaviktutorials/T-Remix\n\nDh-All \u2013 300+ hacking tools in one installer\nhttps://github.com/DH-AL/Dh-All\n---\n\n4. OSINT / Recon / Information Gathering\n\nSMWYG \u2013 Massive credentials database for OSINT\nhttps://github.com/Viralmaniar/SMWYG-Show-Me-What-You-Got.git\n\nTrape \u2013 Real-time OSINT and social engineering framework\nhttps://github.com/jofpin/trape.git\n\nSnoop \u2013 Social media OSINT by username\nhttps://github.com/AnkhCornp/Snoop\n\nRadar \u2013 Tech & service detection via DNS footprints\nhttps://github.com/Elite-Security-Systems/radar\n\nOSINT Tool Collection \u2013 100s of OSINT utilities\nhttps://github.com/cipher387/osint_stuff_tool_collection\n\nCustom OSINT Search Engines\nhttps://github.com/paulpogoda/OSINT-CSE\n\nONIOFF \u2013 Inspect Deep Web (onion) URLs\nhttps://github.com/k4m4/onioff.git\n---\n\n5. Phishing / Social Engineering Tools\n\nWishFish \u2013 Front camera phishing via link\nhttps://github.com/kinghacker0/WishFish\n\nBlackPhish \u2013 Phishing tool (BETA)\nhttps://github.com/iinc0gnit0/BlackPhish\n\nBlack Mafia (PUBG Phishing)\nhttps://github.com/lovehacker404/Phishing\n\nSocialFish \u2013 Phishing & information collector\nhttps://github.com/UndeadSec/SocialFish\n---\n\n6. Exploits & Vulnerability Research\n\nCommix \u2013 Command injection automation\nhttps://github.com/commixproject/commix.git\n\nUFONet \u2013 DDoS via botnets\nhttps://github.com/epsylon/ufonet.git\n\nURLFinder \u2013 Extract URLs from multiple sources\nhttps://github.com/projectdiscovery/urlfinder\n\nOSEP Resource (PEN-300)\nhttps://github.com/In3x0rabl3/OSEP\n\nFaraday \u2013 Vulnerability management platform\n\nCore: https://github.com/infobyte/faraday.git\n\nFrontend: https://github.com/infobyte/faraday_angular_frontend.git\n---\n\n7. SMS / Call Bombers\n\nXLR8_BOMBER \u2013 SMS/Call spam tool\nhttps://github.com/khansaad1275/XLR8_BOMBER\n\nMaster Bomber 2.0 \u2013 Online SMS/Call bomber\nhttps://github.com/jatinkalwar/m-bomber2.O\n---\n\n8. Remote Access / RATs\n\nAsyncRAT Dark Mode\nhttps://github.com/MonsterCadd/AsyncRAT-Dark-Mode\n---\n\n9. Bash / Virus Tools\n\nInfect \u2013 Bash-based Android virus spreader (warning: destructive)\nhttps://github.com/noob-hackers/infect\n---\n\n10. Brute Force & Automation\n\nBrutegram \u2013 Instagram brute forcer\nhttps://github.com/Err0r-ICA/Brutegram\n---\n\n11. Mobile Forensics / Analysis\n\n./Phone \u2013 Mobile forensic toolkit\nhttps://github.com/cyb3rfortr3ss/Phone\n---\n\n12. Video / Media Tools\n\nbash2mp4 \u2013 YouTube video downloader for Termux\nhttps://github.com/htr-tech/bash2mp4\n\nInsta_report_eyes \u2013 Instagram report sender\nhttps://github.com/z6il/Insta_report_eyes\n---\n\n13. Operating Systems / Environment Tools\n\nInstall Ubuntu on Termux (No Root)\nhttps://github.com/tahmidrayat/ubuntu\n---\n\n14. Hacking Toolkits & Generators\n\nKitHack \u2013 Toolkit and backdoor generator\nhttps://github.com/AdrMXR/KitHack\n\nBossAdv \u2013 2FA Bypass + Tunneling tool\nhttps://github.com/The-Boss-Hacker/BossAdv.git\n---\n\n15. Compilation / Exploit Injectors\n\nElfDoor-gcc \u2013 Inject payload into binaries via gcc\nhttps://github.com/MatheuZSecurity/ElfDoor-gcc\n---\n\n16. Vulnerability / Exploit Databases\n\n0day.today \u2013 Database of public and private exploits\nhttps://0day.today\n---\n\n17. Notable Links / References\n\nViteJS Advisory\nhttps://github.com/vitejs/vite/security/advisories/GHSA-x574-m823-4x7w\n\ngrugq Snippet (Operational Security)\nhttps://gist.github.com/grugq/03167bed45e774551155\n\nKali Linux 2024.4 Release Notes\nhttps://kali.org/blog/kali-linux-2024-4-release/\n\n#GrayHats", "creation_timestamp": "2025-04-19T16:26:39.000000Z"}