# edgesecurityteam/ehole **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/edgesecurityteam-ehole).** 3,436 stars · 416 forks · Go · apache-2.0 ## Links - GitHub: https://github.com/EdgeSecurityTeam/EHole - Homepage: https://forum.ywhack.com/ - awesome-repositories: https://awesome-repositories.com/repository/edgesecurityteam-ehole.md ## Description EHole is a specialized toolkit for network asset parsing, binary transformation, payload generation, and vulnerability research. It functions as an asset discovery and fingerprinting tool designed to identify software versions and high-value assets across IP ranges and URLs using custom fingerprints. The project provides a vulnerability research toolkit for decrypting software credentials and retrieving factory default passwords for security devices and web applications. It also includes a security payload generator for encoding and escaping command strings to bypass shell tokenization and execute reverse shells across different operating systems. The toolkit covers broader capability areas including network asset parsing to extract identifiers from raw text and security scanner outputs, binary data transformation for converting files to hexadecimal strings, and network target management for filtering and sorting IP address lists. It also features system identification through keyword matching and regular expressions to detect specific software versions. ## Tags ### Networking & Communication - [Resource Fingerprinting](https://awesome-repositories.com/f/networking-communication/network-resource-discovery/resource-fingerprinting.md) — Implements a toolkit for identifying software versions and high-value assets across network ranges using custom fingerprints. - [Domain Extraction Parsers](https://awesome-repositories.com/f/networking-communication/domain-extraction-parsers.md) — Provides parsers to isolate IP addresses, domains, and subdomains from raw text and scanner outputs. - [IP Address Range Calculators](https://awesome-repositories.com/f/networking-communication/ip-address-range-calculators.md) — Processes lists of IP addresses to isolate unique entries and calculate C-class network counts. ([source](https://forum.ywhack.com/bountytips.php)) - [Target List Sanitizers](https://awesome-repositories.com/f/networking-communication/network-reliability-diagnostics/network-filtering/target-list-sanitizers.md) — Isolates individual IP addresses from blocks of text to create clean, organized target lists. ([source](https://forum.ywhack.com/IPSorter.php)) ### Security & Cryptography - [External Asset Discovery](https://awesome-repositories.com/f/security-cryptography/external-asset-discovery.md) — Implements external asset discovery by integrating with third-party search engine APIs to identify targets and software versions. - [Asset Discovery Integrations](https://awesome-repositories.com/f/security-cryptography/asset-discovery-integrations.md) — Integrates with external search engine APIs to discover assets and fingerprint targets across IP ranges and CIDR blocks. ([source](https://cdn.jsdelivr.net/gh/edgesecurityteam/ehole@main/README.md)) - [Credential Recovery Utilities](https://awesome-repositories.com/f/security-cryptography/credential-recovery-utilities.md) — Decrypts application ciphertexts and looks up default passwords for security gateways and management tools. - [Default Credential Lookups](https://awesome-repositories.com/f/security-cryptography/default-credential-lookups.md) — Matches identified software versions against a database of known factory default usernames and passwords. - [Credential Decryptors](https://awesome-repositories.com/f/security-cryptography/identity-access-management/authentication-strategies/session-and-credential-handling/credential-security-utilities/credential-decryptors.md) — Implements reverse encryption to recover credentials and database connection strings from security gateways. ([source](https://forum.ywhack.com/decrypt.php)) - [OS-Specific Payload Templates](https://awesome-repositories.com/f/security-cryptography/os-specific-payload-templates.md) — Templates command strings based on the target operating system to ensure compatible reverse shell execution. - [Payload Encoders](https://awesome-repositories.com/f/security-cryptography/payload-encoders.md) — Formats commands and converts data to Base64 or hexadecimal to bypass shell restrictions. - [Reverse Shell Payloads](https://awesome-repositories.com/f/security-cryptography/security/offensive-operations/vulnerability-research-analysis/injection-exploitation-techniques/command-injection-payloads/reverse-shell-payloads.md) — Creates formatted commands for downloading files or initiating reverse shells across different operating system environments. ([source](https://forum.ywhack.com/Convert.php)) - [Vulnerability Research](https://awesome-repositories.com/f/security-cryptography/security/offensive-operations/vulnerability-research-analysis/vulnerability-research.md) — Provides a research toolkit for decrypting software credentials and retrieving factory default passwords. - [Server Fingerprinting](https://awesome-repositories.com/f/security-cryptography/server-fingerprinting.md) — Identifies specific server software versions by matching keywords and regular expressions in response bodies and headers. ([source](https://cdn.jsdelivr.net/gh/edgesecurityteam/ehole@main/README.md)) - [System Fingerprinting Tools](https://awesome-repositories.com/f/security-cryptography/system-fingerprinting-tools.md) — Uses custom rules and keyword matching to identify specific software and operating systems based on network responses. - [Target System Fingerprinting](https://awesome-repositories.com/f/security-cryptography/target-system-fingerprinting.md) — Allows the creation of reusable JSON identification rules to specify target system names and matching keywords. ([source](https://cdn.jsdelivr.net/gh/edgesecurityteam/ehole@main/README.md)) - [Security Payload Generators](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-testing-tools/exploit-development-utilities/payload-creation-tools/security-payload-generators.md) — Ships a utility for encoding and escaping command strings to bypass shell tokenization and execute reverse shells. - [Scan Result Analyzers](https://awesome-repositories.com/f/security-cryptography/security-vulnerability-scanning/scan-result-analyzers.md) — Provides utilities to parse and filter raw security scanner outputs to isolate assets and categorize vulnerabilities. - [Target Management](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-testing/wireless-security-auditing/target-management.md) — Cleans and sorts IP address lists and CIDR blocks to create organized target sets for security assessments. ### Data & Databases - [Software Version Detection](https://awesome-repositories.com/f/data-databases/storage-abstraction/local-filesystem-storage/media-asset-managers/asset-discovery-systems/software-version-detection.md) — Identifies specific software versions and high-value assets across IP addresses and URLs. ([source](https://forum.ywhack.com/center.php)) - [Scan Target Importers](https://awesome-repositories.com/f/data-databases/external-data-connectors/scan-target-importers.md) — Processes local files containing lists of URLs to perform bulk identification of software versions. ([source](https://cdn.jsdelivr.net/gh/edgesecurityteam/ehole@main/README.md)) - [Pattern-Based Extraction](https://awesome-repositories.com/f/data-databases/text-processing-utilities/text-extraction/pattern-based-extraction.md) — Employs regular expressions to parse raw text and isolate networking identifiers like IP addresses and domain names. ### Software Engineering & Architecture - [Software Version Signatures](https://awesome-repositories.com/f/software-engineering-architecture/naming-conventions/rule-based-pattern-matching/software-version-signatures.md) — Uses predefined JSON rules to identify specific software versions by matching keywords and regular expressions in responses. ### Development Tools & Productivity - [Shell Argument Escapers](https://awesome-repositories.com/f/development-tools-productivity/command-argument-parsers/shell-argument-escapers.md) — Formats command strings to bypass shell interpretation and ensure special characters are processed correctly by Windows. ([source](https://forum.ywhack.com/escape.php)) - [Scan Result Parsing](https://awesome-repositories.com/f/development-tools-productivity/external-service-integrations/nmap-integration/scan-result-parsing.md) — Provides capabilities to parse network scan files to isolate and categorize discovered assets. ([source](https://forum.ywhack.com/fscan.php)) - [Base64 Encoders](https://awesome-repositories.com/f/development-tools-productivity/output-formatting-utilities/base64-encoders/base64-encoders.md) — Provides utilities to transform shell commands into Base64 strings to bypass security filters during execution. - [Payload Encoders](https://awesome-repositories.com/f/development-tools-productivity/output-formatting-utilities/base64-encoders/base64-encoders/payload-encoders.md) — Encodes command strings into Base64 format to bypass shell tokenization and preserve special characters. ([source](https://forum.ywhack.com/coding.php)) ### Programming Languages & Runtimes - [Security Software Identification](https://awesome-repositories.com/f/programming-languages-runtimes/literal-matching/literal-pattern-matching/process-name-filters/security-software-identification.md) — Categorizes installed security and management software by comparing active system process names against a known library. ### Scientific & Mathematical Computing - [Binary-to-Hexadecimal Conversions](https://awesome-repositories.com/f/scientific-mathematical-computing/decimal-string-formatting/binary-to-hexadecimal-conversions.md) — Converts binary files into hexadecimal strings to facilitate the analysis and transmission of non-textual data. ### System Administration & Monitoring - [Security Software Identifiers](https://awesome-repositories.com/f/system-administration-monitoring/windows-software-management/security-software-identifiers.md) — Analyzes Windows process names to identify installed security software and operations management tools. ([source](https://forum.ywhack.com/bountytips.php))