Arsenal

---

Overview

Welcome to Arsenal, this repository is a collection of tools created by the VulNyx team for offensive security.

Tools

Below is a list of the tools included in this repository. Click on a tool to navigate to its folder and documentation.

• NYXscan - Fast & deep port scanner that makes initial enumeration of a target easy.
• WPgen - Automatic malicious plugin generator for WordPress.
• RSAcrack - Get the passphrase of a private key (id_rsa).
• ZIPcrack - Get the password of a compressed ZIP file.
• suForce - Obtains a user's password by abusing the su binary.
• RBF - Get Redis password by brute force attack.
• rsync-brute - Discover hidden rsync resources when [list=no] mode is enabled.
• LFIexec - Executing commands on a remote system by abusing PHP filter chains in an LFI.

(Add new tools here as the repository grows!)

Contributing

We welcome contributions to expand Arsenal! To contribute:

1. Fork the repository.
2. Create a new branch for your tool or improvement.
3. Ensure your tool has its own folder and includes:
   • A README.md file with a clear description, usage instructions, and examples.
   • Any required scripts, configurations, or dependencies.
4. Submit a pull request for review.

Disclaimer

Warning

All tools in this repository are intended for educational, ethical purposes only. The VulNyx team is not responsible for any misuse or damage caused by the improper use of these tools to third-party systems or infrastructures.

---