6011 matches found
Cyber Probe - Capturing, Analysing and Responding to Cyber Attacks
Cyberprobe is a distributed software architecture for monitoring of networks against attack. It consists of two components: cyberprobe, which collects data packets and forwards them over a network in standard streaming protocols; and cybermon which decodes protocols, and invokes user-defined logi...
dedsploit - Framework For Attacking Network Protocols
Framework for attacking network protocols and network exploitation. I. Introduction I don't look back anymore. I don't regret. I look forward Aiden Pearce Yes, Watch Dogs has heavily influenced us when writing this framework. This entire project brought upon a lot of the ideals from the Watch Dog...
Dripcap - Caffeinated Packet Analyzer
Caffeinated packet analyzer. Dripcap is a modern packet analyzer based on Electron. Getting Started Download & Install Capturing Packet Filtering Display Filter Syntax Advanced Usage Build from source Import Pcap Files Install Add-on Packages Create & Publish Your Package Create Theme Package...
tinyshell - Python Client with PHP Shell
python Client with php shell , allows to connect and send commands over current protocol using POST and GET Requests Features 1. connect with direct session with no need for reverse connection . 2. support password protection . 3. can be binded to any file with no damage . 4. using GET/POST reque...
CodeWarrior - Just Another Manual Code Analysis Tool And Static Analysis Tool
Just another manual code analysis tool and static analysis tool Codewarrior runs at HTTPd with TLS, uses KISS principle https://en.wikipedia.org/wiki/KISSprinciple Directories: web/ = local of javascripts and html and css sources src/ = C source code, this code talking with web socket eggs/ =...
LazyMap - Automate NMAP Scans and Generate Custom Nessus Policies Automatically
Automate NMAP scans and custom Nessus polices. Installing git clone https://github.com/commonexploits/port-scan-automation.git How To Use ./lazymap.sh Features Discovers live devices Auto launches port scans on only the discoverd live devices Can run mulitple instances on multiple adaptors at onc...
l0l - The Exploit Development Kit
l0l a exploit development kit. with C++ language scripting. Yet, are being developed. Then the beta version will be published. Status Shellcodes : 5 Injectors : 0 Encoders : 0 Backdoors : 6 Install - Requirements : g++ and Python. $ make or, l0l.cpp compile the file.. Exp: $ g++ -o l0l l0l.cpp Ru...
MacroShop - Collection of scripts to aid in delivering payloads via Office Macros
Collection of scripts to aid in delivering payloads via Office Macros. Most are python. 1. macrosafe.py Generates safe for VB inclusion into an excel spreadsheet. Requires a batch file generated by Veil-Evasion powershell payloads. To include, enable the developer menu in Office, head to Visual...
APT2 - Automated Penetration Toolkit
This tool will perform an NMap scan, or import the results of a scan from Nexpose, Nessus, or NMap. The processesd results will be used to launch exploit and enumeration modules according to the configurable Safe Level and enumerated service information. All module results are stored on localhost...
Intercepter-NG v1.9 - Multifunctional Network Toolkit for Android
Intercepter-NG is a multifunctional network toolkit for various types of IT specialists. It has functionality of several famous separate tools and more over offers a good and unique alternative of Wireshark for android. The main features are: Network discovery with OS detection Network traffic...
JShielder - LAMP/LEMP Secure Deployment
JSHielder is an Open Source tool developed to help SysAdmin and developers secure there Linux Servers in which they will be deploying any web application. This tool automates the process of installing all the necessary packages to host a web application and Hardening a Linux server with little...
Xplico v1.1.1 - Open Source Network Forensic Analysis Tool (NFAT)
The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email POP, IMAP, and SMTP protocols, all HTTP contents, each VoIP call SIP, FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is ...
UserProfilesView - View User Profiles Information On Your Windows
UserProfilesView displays the list of all user profiles that you currently have in your system. For each user profile, the following information is displayed: Domain\User Name, Profile Path, Last Load Time, Registry File Size, User SID, and more. You can save the profiles list into...
Hsecscan - A Security Scanner For HTTP Response Headers
hsecscan A security scanner for HTTP response headers. Requirements Python 2.x Usage $ ./hsecscan.py usage: hsecscan.py -h -P -p -u URL -R -U User-Agent -d 'POST data' -x PROXY A security scanner for HTTP response headers. optional arguments: -h, --help show this help message and exit -P,...
LMD - Linux Malware Detect
Linux Malware Detect LMD is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and...
Sonar.js - Framework for identifying and launching exploits against internal network hosts
A framework for identifying and launching exploits against internal network hosts. Works via WebRTC IP enumeration, WebSocket host scanning, and external resource fingerprinting. How does it work? Upon loading the sonar.js payload in a modern web browser the following will happen: sonar.js will u...
BetterCap - A complete, modular, portable and easily extensible MITM framework
BetterCap is an attempt to create a complete, modular, portable and easily extensible MITM framework with every kind of features could be needed while performing a man in the middle attack. It's currently able to sniff and print from the network the following informations: URLs being visited. HTT...
WS-Attacker - Modular Framework for Web Services Penetration Testing
XML-based SOAP Web Services are a widely used technology, which allows the users to execute remote operations and transport arbitrary data. It is currently adapted in Service Oriented Architectures, cloud interfaces, management of federated identities, eGovernment, or millitary services. The wide...
SmartSniff v2.16 - Capture TCP/IP packets on your network adapter
SmartSniff is a network monitoring utility that allows you to capture TCP/IP packets that pass through your network adapter, and view the captured data as sequence of conversations between clients and servers. You can view the TCP/IP conversations in Ascii mode for text-based protocols, like HTTP...
Beeswarm - Active IDS made easy
Beeswarm is an active IDS project that provides easy configuration, deployment and management of honeypots and clients. The system operates by luring the hacker into the honeypots by setting up a deception infrastructure where deployed drones communicate with honeypots and intentionally leak...
WebBrowserPassView v1.56 - Recover lost passwords stored in your Web browser
WebBrowserPassView is a password recovery tool that reveals the passwords stored by the following Web browsers: Internet Explorer Version 4.0 - 11.0, Mozilla Firefox All Versions, Google Chrome, Safari, and Opera. This tool can be used to recover your lost/forgotten password of any Website,...
Bing Dork Scanner - Tool to extract urls from a bing search
This is a simple script with GUI, to extract urls from a bing search. Support only HTTP proxy. Required Perl Modules: LWP Gtk2 Glib uft8 threads threads::shared URI::Escape Download Bing Dork Scanner...
Browser Password Remover - Browser Website Login Password Removal Software
Browser Password Remover is the free software to quickly display and remove all the stored website login passwords from popular browsers. Most of the web browsers allow users to remember passwords and stores them into local database file. This file and all the stored passwords within it can be...
Volafox - Mac OS X & BSD Memory Analysis Toolkit
Volafox is an open source toolkit that you can use for Mac OS X and BSD forensics. The tool is a python based and allows investigating security incidents and finding information for malwares and any malicious program on the system. Security analyst can have the following information using this...
Parsero v0.75 - Attacking Robots.txt Files
Parsero is a free script written in Python which reads the Robots.txt file of a web server and looks at the Disallow entries. The Disallow entries tell the search engines what directories or files hosted on a web server mustn't be indexed. For example, "Disallow: /portal/login" means that the...
Online JavaScript Beautifier - Beautify, unpack or deobfuscate JavaScript and HTML
This little beautifier will reformat and reindent bookmarklets, ugly JavaScript, unpack scripts packed. Online JavaScript Beautifier...
ModSecurity v2.8.0 - Open Source Web Application Firewall
ModSecurity ™is an open source, free web application firewall WAF Apache module. With over 70% of all attacks now carried out over the web application level, organizations need all the help they can get in making their systems secure. Changelog v2.8.0 Bug fix Build issue: Now using autotools to...
OWASP ZAP 2.3.0.1 - An easy to use integrated penetration testing tool for finding vulnerabilities in web applications
The OWASP Zed Attack Proxy ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration...
Scout - Download and analyze webpage components to identify infected files
Uses the Pinpoint engine to download and analyze webpage components to identify infected files. Scout has a built-in HTTP Request Simulator that will render user-specified HTML files, catch the resulting HTTP requests, then drop the responses. Scout includes the ability to screenshot the webpage...
[PingInfoView] Ping monitor utility
PingInfoView is a small utility that allows you to easily ping multiple host names and IP addresses, and watch the result in one table. It automatically ping to all hosts every number of seconds that you specify, and displays the number of succeed and failed pings, as well as the average ping tim...
[OpenedFilesView] View opened/locked files in your system (sharing violation issues)
OpenedFilesView displays the list of all opened files on your system. For each opened file, additional information is displayed: handle value, read/write/delete access, file position, the process that opened the file, and more... Optionally, you can also close one or more opened files, or close t...
[GoldenEye v2.1] DoS Tool
GoldenEye is a HTTP/S Layer 7 Denial-of-Service Testing Tool. It uses KeepAlive and Connection: keep-alive paired with Cache-Control options to persist socket connection busting through caching when possible until it consumes all available sockets on the HTTP/S server. Changelog v2.1 2014-02-20...
[USBLogView] Records the details of any USB device that is plugged or unplugged into your system
USBLogView is a small utility that runs in the background and records the details of any USB device that is plugged or unplugged into your system. For every log line created by USBLogView, the following information is displayed: Event Type Plug/Unplug, Event Time, Device Name, Description, Device...
[Ncrack] High-Speed Network Authentication Cracker
Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients. Ncrack was designed using a...
[GoLismero v2.0] Merge results of security tools (OpenVas, Wfuzz, SQLMap, DNS recon, robot analyzer...)
GoLismero is an Open Source security tools that can run their own security tests and manage a lot of well known security tools OpenVas, Wfuzz, SQLMap, DNS recon, robot analyzer... take their results, feedback to the rest of tools and merge all of results. And all of this automatically. Changelog...
[Quarks PwDump] Dump Windows Credentials
Quarks PwDump is new open source tool to dump various types of Windows credentials: local account, domain accounts, cached domain credentials and bitlocker. The tool is currently dedicated to work live on operating systems limiting the risk of undermining their integrity or stability. It requires...
[EtherApe] A graphical network monitor
EtherApe is a graphical network monitor for Unix modeled after etherman. Featuring link layer, IP and TCP modes, it displays network activity graphically. Hosts and links change in size with traffic. Color coded protocols display. It supports Ethernet, FDDI, Token Ring, ISDN, PPP, SLIP and WLAN...
[MailPasswordDecryptor v4.0] All-in-one eMail Password Recovery Software
Mail Password Decryptor is the FREE software to instantly recover Mail Account passwords from popular email clients and other desktop applications. You can recover your lost password for email accounts like Gmail, Yahoo Mail, Hotmail or Windows Live Mail from email applications such as Microsoft...
[WebSploit Framework] Scan And Analysis Remote System From Vulnerability
WebSploit Is An Open Source Project For Scan And Analysis Remote System From Vulnerability. WebSploit Is An Open Source Project For : Social Engineering Works Scan,Crawler & Analysis Web Automatic Exploiter Support Network Attacks +Autopwn - Used From Metasploit For Scan and Exploit Target Servic...
[GDB] GNU Project Debugger
GDB, the GNU Project debugger, allows you to see what is going on inside' another program while it executes - or what another program was doing at the moment it crashed. GDB can do four main kinds of things plus other things in support of these to help you catch bugs in the act: Start your progra...
[Cryptocat] Chat Client with encrypted conversations on iPhone and Android
Cryptocat is an experimental browser-based chat client for easy to use, encrypted conversations. It aims to make encrypted, private chat easy to use and accessible. We want to break down the barrier that prevents the general public from having an accessible privacy alternative that they already...
[SQL injection test environment] A collection of web pages vulnerable to SQL injection flaws
A collection of web pages vulnerable to SQL injection flaws and more: conf/ - operating system configuration files used by deployment.sh. dbs/ - standalone databases for some database management systems e.g. Microsoft Access. libs/ - web API libraries to connect to the database management...
[sniffMyPackets v1.0] A Maltego Set of Transforms for pcap analysis
sniffMyPackets is a set of Maltego transforms written using the Canari framework that allow for the analysis of pcap files. Currently there are over 60 transforms that cover things such as: extracting TCP/UDP streams rewriting IP src/dst addresses for pcap replay SHA1 & MD5 hashing Rebuilding of...
[SterJo Task Manager v.2.6] Advanced utility for process managing
SterJo Task Manager is a FREE an advanced utility for process managing which allows you to get details on everything that’s running on your computer. The program is divided in several sections covering the main parts of each system. “Processes” gives you more details about all processes and also...
[OWASP Broken Web Applications Project VM v1.1] Collection of vulnerable web applications
The Broken Web Applications BWA Project is a collection of vulnerable web applications that is distributed on a Virtual Machine. The Broken Web Applications BWA Project produces a Virtual Machine running a variety of applications with known vulnerabilities for those interested in: Learning about...
[ZMap v1.0.3] The Internet Scanner
ZMap is an open-source network scanner that enables researchers to easily perform Internet-wide network studies. With a single machine and a well provisioned network uplink, ZMap is capable of performing a complete scan of the IPv4 address space in under 45 minutes, approaching the theoretical...
[OWASP Zed Attack Proxy 2.1.0] An easy to use integrated penetration testing tool for finding vulnerabilities in web applications
The OWASP Zed Attack Proxy ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration...
[EMET v4.0] Enhanced Mitigation Experience Toolkit
The Enhanced Mitigation Experience Toolkit EMET is designed to help prevent hackers from gaining access to your system. Software vulnerabilities and exploits have become an everyday part of life. Virtually every product has to deal with them and consequently, users are faced with a stream of...
[Wireshark v1.10.0 RC2] The world’s foremost network protocol analyzer
Wireshark is the world’s foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto and often de jure standard across many industries and educational institutions. Wireshark development thrives thanks to the...
[AttackVector Linux] Linux distro for anonymized penetration based on Kali and TAILS
AttackVector Linux is a new distribution for anonymized penetration and security. It is based on Kali and TAILS, which are both based on Debian. While Kali requires a modified kernel for network drivers to use injection and so forth, the Tor Project's TAILS is designed from the bottom up for...