Hello 

 

Does Anyone remember this tweet ?

 

Ok because of replies , users asked to release the tool , sorry for the delay but we thought to present a good tool.

 

We are presenting Cazador  which make use of all available services , tools , techniques to help you while hacking/bug-hunting.

 

Cazador is a Spanish word means Hunter , not a normal hunter , the tool we are discussing is not a tool it is a collection consist of more than 50 tools.

 

The main idea when the project was planned ,  that i need a tool for each action i do while hacking.  and i landed in using multiple tools/scripts .

 

Once a time i came across multiple issues in which i was able to bypass the brute-force protection and the team requires a working POC, can you please write a shell or  python script to help us replicate ?  Of course let me write one ,  again and again , this is boring  and to be honest i am very lazy , why there is no tool to  that , Takes a request and generates a script , guess  what we created a one  which generates python code  with your configuration 😀 .

 

 

so why not to create a tool which do all actions required and avoid using dozens of tools.This is cazador unfortunately the project is under development so not all tools are available also you can suggest a tool regardless the simplicity cazador is a collection of simple tools  do not worry suggest even a text processor.

 

Most tools are available and we can not simulate the best in the community, although the tool has a repeater but we can not compare it with burp repeater although repeater is not a big deal.

 

The tool has many fuzzers but wfuzz is amazing , so  should   we use your tool ? we are giving you an already setup , you will not need to install any dependencies , setup requirements ,   we are offering  working tools they just waiting your clicks.

 

Cazador has dozens of tools which we can not cover all of them , The github repo will do.

 

To save the time and make the post simple , the tool is now in beta version and available via Github . Source code will be available soon.

 

Conclusion of the tools 

  • It has an amazing sub-domain scrabber ” a tool which uses an online service”. You can list subdomains of a target in seconds.
  • It has HTTP Pinger which displays the summary of HTTP responses of multiple domains.
  • It has TCP/HTTP/DNS servers.
  • Vulnerability scanners
  • File searcher
  • DNS lookup tools
  • Fuzzers to search for files , directories and reflected parameters
  • Amazing Text processor.Encoders/decoders/converters 
  • POC Generators
  • Pre-defined agenda
  • MisConfiguration detectors
  • It has a screenshotter which is using IE control , but  will be replaced in coming version .

 

The tool will  be fully-customizable as much as we can , newer version will :

  • enable you to set up a service , add your own lists  , build your own tools, ,generate reports  ,  it also has a Hackerone submitter to automate the process of  sending reports  but unfortunately  we disabled it for some reasons . It is written in c#  an amazing language unfortunately it currently works only on windows  , NO plans for a cross-platform version.

 

 

Happy Hacking 

 

  

 

 

 

LEAVE A REPLY

Please enter your comment!
Please enter your name here