Sonar.js - Framework for identifying and launching exploits against internal network hosts

A framework for identifying and launching exploits against internal network hosts. Works via WebRTC IP enumeration, WebSocket host scanning, and external resource fingerprinting. How does it work? Upon loading the sonar.js payload in a modern web browser the following will happen: sonar.js will u...

AutoBrowser - Create Report and Screenshots of HTTP/s Based Ports on the Network

AutoBrowser is a tool written in python for penetration testers. The purpose of this tool is to create report and screenshots of http/s based ports on the network. It analyze Nmap Report or scan with Nmap, Check the results with http/s request on each host using headless web browser, Grab a...

Empire - PowerShell Post-Exploitation Agent

Empire is a pure PowerShell post-exploitation agent built on cryptologically-secure communications and a flexible architecture. Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz,...

Noriben - Your Personal, Portable Malware Sandbox

Noriben is a Python-based script that works in conjunction with Sysinternals Procmon to automatically collect, analyze, and report on runtime indicators of malware. In a nutshell, it allows you to run your malware, hit a keypress, and get a simple text report of the sample's activities. Noriben...

TestDisk - Partition Recovery and File Undelete for Windows, Linux and Mac

TestDisk is powerful free data recovery software! It was primarily designed to help recover lost partitions and/or make non-booting disks bootable again when these symptoms are caused by faulty software : certain types of viruses or human error such as accidentally deleting a Partition Table...

Intrigue - Intelligence Gathering Framework

Intrigue-core is an API-first intelligence gathering framework for Internet reconnaissance and research. Setting up a development environment The following are presumed available and configured in your environment redis sudo nmap zmap masscan java runtime Sudo is used to allow root access for...

FruityWifi v2.2 - Wireless Network Auditing Tool

FruityWifi is an open source tool to audit wireless networks. It allows the user to deploy advanced attacks by directly using the web interface or by sending messages to it. Initialy the application was created to be used with the Raspberry-Pi, but it can be installed on any Debian based system...

USBDeview v2.45 - View all installed/connected USB devices on your system

USBDeview is a small utility that lists all USB devices that currently connected to your computer, as well as all USB devices that you previously used. For each USB device, extended information is displayed: Device name/description, device type, serial number for mass storage devices, the date/ti...

NetRipper - Smart Traffic Sniffing for Penetration Testers

NetRipper is a post exploitation tool targeting Windows systems which uses API hooking in order to intercept network traffic and encryption related functions from a low privileged user, being able to capture both plain-text traffic and encrypted traffic before encryption/after decryption. NetRipp...

FireMasterCracker - Firefox Master Password Cracking Software

FireMasterCracker is the FREE software to Crack the Firefox Master Password. It is the GUI Version of FireMaster, FIRST ever tool to recover the lost Master Password of Firefox. Firefox browser uses Master password to protect the stored login passwords for all visited websites. If the master...

Wifresti - Find your wireless network password from Windows, Linux and Mac OS

Find your wireless network password from Windows , Linux and Mac OS. Wifresti is a simple Wi-Fi password recovery tool , compatible with Windows , and Unix systems Linux , Mac OS. Features Recover Wifi password on Windows Recover Wifi password on Unix Requirements An operating system tested on...

SubDomain Analyzer - Get detailed information of a domain

The "SubDomain Analyzer" tool written in Python language. The purpose of "SubDomain Analyzer" getting full detailed information of selected domain. The "SubDomain Analyzer" gets data from domain by following steps: 1. Trying to get the zone tranfer file. 2. Gathers all information from DNS record...

SQLChop - SQL Injection Detection Engine

SQLChop is a novel SQL injection detection engine built on top of SQL tokenizing and syntax analysis. Web input URLPath, body, cookie, etc. will be first decoded to the raw payloads that web app accepts, then syntactical analysis will be performed on payload to classify result. The algorithm behi...

CredCrack - Fast and Stealthy Credential Harvester

CredCrack is a fast and stealthy credential harvester. It exfiltrates credentials recusively in memory and in the clear. Upon completion, CredCrack will parse and output the credentials while identifying any domain administrators obtained. CredCrack also comes with the ability to list and enumera...

Hidden-tear - An open source ransomware-like file crypter

| | | | | | | | | | | | | | | | | ' | |/ |/ |/ \ ' \ | / / | '| | | | | | | | | | / | | | | || / | | | || |||,|,||| || \|,|| It's a ransomware-like file crypter sample which can be modified for specific purposes. Features Uses AES algorithm to encrypt files. Sends encryption key to a server...

Geotweet - Social engineering tool for human hacking

Another way to use Twitter and instagram. Geotweet is an osint application that allows you to track tweets and instagram and trace geographical locations and then export to google maps. Allows you to search on tags, world zones and user info and timeline. Requirements Python 2.7 PyQt4, tweepy,...

Katoolin - Automatically install all Kali Linux tools

Automatically install all Kali linux tools Features Add Kali linux repositories Remove kali linux repositorie Install Kali linux tools Requirements Python 2.7 An operating system tested on Ubuntu Instalation sudo su git clone https://github.com/LionSec/katoolin.git && cp katoolin/katoolin.py...

Whonix v11 - Anonymous Operating System

Whonix is an operating system focused on anonymity, privacy and security. It’s based on the Tor anonymity network, Debian GNU/Linux and security by isolation. DNS leaks are impossible, and not even malware with root privileges can find out the user’s real IP. Whonix consists of two parts: One...

SPF - SpeedPhish Framework

SPF SpeedPhish Framework is a python tool designed to allow for quick recon and deployment of simple social engineering phishing exercises. Requirements: dnspython twisted PhantomJS Usage: usage: spf.py -h -f -C --all --test -e -g -s --simulate -w -W -d -c --ip -v -y optional arguments: -h, --hel...

OWASP ZSC Shellcoder - Generate Customized Shellcodes

OWASP ZSC is an open source software in python language which lets you generate customized shellcodes for listed operation systems. This software can be run on Windows/Linux&Unix/OSX and others OS under python 2.7.x. Description Usage of shellcodes Shellcodesare small codes in assembly which coul...

Metasploit AV Evasion - Metasploit payload generator that avoids most Anti-Virus products

Metasploit payload generator that avoids most Anti-Virus products. Installing git clone https://github.com/nccgroup/metasploitavevasion.git chmod +x the avoid.sh file before use. How To Use ./avoid.sh Then follow the on screen prompts. Features Easily generate a Metasploit executable payload to...

Kali Linux 2.0 - The Best Penetration Testing Distribution

So, what’s new in Kali 2.0? There’s a new 4.0 kernel, now based on Debian Jessie, improved hardware and wireless driver coverage, support for a variety of Desktop Environments gnome, kde, xfce, mate, e17, lxde, i3wm, updated desktop environment and tools – and the list goes on. Kali Linux is Now ...

HTTPie - a CLI, cURL-like tool for humans

HTTPie pronounced aych-tee-tee-pie is a command line HTTP client. Its goal is to make CLI interaction with web services as human-friendly as possible. It provides a simple http command that allows for sending arbitrary HTTP requests using a simple and natural syntax, and displays colorized output...

PortDog - Simple Python Script to Detect Port Scanning Techniques

PortDog is a network anomaly detector aimed to detect port scanning techniques. It is entirely written in python and has easy-to-use interface. It was tested on Ubuntu 15. Please note that, it is not working on Windows OS due to suffering from capturing RAW packets.I am working on to write this...

FireMaster - The Firefox Master Password Cracking Tool

FireMaster is the First ever tool to recover the lost Master Password of Firefox. Master password is used by Firefox to protect the stored loign/password information for all visited websites. If the master password is forgotten, then there is no way to recover the master password and user will lo...

MPC - Msfvenom Payload Creator

Msfvenom Payload Creator MPC is a wrapper to generate multiple types of payloads, based on users choice. The idea is to be as simple as possible only requiring one input to produce their payload. Fully automating msfvenom & Metasploit is the end goal well as to be be able to automate MPC itself...

Netsparker Cloud - Online Web Application Security Scanner

Netsparker Cloud is an online web application security scanner built around the advanced scanning technology of Netsparker Web Application Security Scanner; the only false positive free automated desktop based web vulnerability scanner. Benefit from the Cloud AFFORDABLE AND MAINTENANCE FREE WEB...

BlackArch Linux v2015.07.31 - Penetration Testing Distribution

BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers. The repository contains 1239 tools. You can install tools individually or in groups. BlackArch Linux is compatible with existing Arch installs. The new ISOs include over 1230 tools for i686 and...

OWASP ZAP 2.4.1 - Penetration Testing Tool for Testing Web Applications

The OWASP Zed Attack Proxy ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration...

PEframe - Tool to perform static analysis on Portable Executable malware

PEframe is a open source tool to perform static analysis on Portable Executable malware. Usage $ peframe malware.exe $ peframe --option malware.exe Options --json Output in json --import Imported function and dll --export Exported function and dll --dir-import Import directory --dir-export Export...

Hook Analyser 3.2 - Malware Analysis Tool

Hook Analyser is a freeware application which allows an investigator/analyst to perform “static & run-time / dynamic” analysis of suspicious applications, also gather analyse & co-related threat intelligence related information or data from various open sources on the Internet. Essentially it’s a...

Burp Suite Professional v1.6.23 - The Leading Toolkit for Web Application Security Testing

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security...

BWA - OWASP Broken Web Applications Project

A collection of vulnerable web applications that is distributed on a Virtual Machine. Description The Broken Web Applications BWA Project produces a Virtual Machine running a variety of applications with known vulnerabilities for those interested in: learning about web application security testin...

Inveigh - A Windows PowerShell LLMNR/NBNS spoofer with challenge/response capture over HTTP/SMB

Inveigh is a Windows PowerShell LLMNR/NBNS spoofer designed to assist penetration testers that find themselves limited to a Windows system. This can commonly occur while performing phishing attacks, USB drive attacks, VLAN pivoting, or simply being restricted to a Windows system as part of client...

SET v6.5 - The Social-Engineer Toolkit “Mr Robot”

The Social-Engineer Toolkit SET was created and written by the founder of TrustedSec. It is an open-source Python-driven tool aimed at penetration testing around Social-Engineering. SET has been presented at large-scale conferences including Blackhat, DerbyCon, Defcon, and ShmooCon. With over two...

IVRE - A Python network recon framework, based on Nmap, Bro & p0f

IVRE Instrument de veille sur les réseaux extérieurs or DRUNK Dynamic Recon of UNKnown networks is a network recon framework, including two modules for passive recon one p0f-based and one Bro-based and one module for active recon mostly Nmap-based, with a bit of ZMap. The advertising slogans are:...

BackBox Linux 4.3 - Ubuntu-based Linux Distribution Penetration Test and Security Assessment

BackBox is a Linux distribution based on Ubuntu. It has been developed to perform penetration tests and security assessments. Designed to be fast, easy to use and provide a minimal yet complete desktop environment, thanks to its own software repositories, always being updated to the latest stable...

Passgen - Random Character Generator Crunch to Crack WPA/WPA2

Passgen is an alternative for the random character generator crunch which attempts to solve cracking WPA/WPA2 keys by randomizing the output opposed to generating a list like so, aaaaaaaa, aaaaaaab, aaaaaac, etc. Example usuage with aircrack-ng python passgen.py -l | sudo aircrack-ng --bssid...

Lynis 2.1.1 - Security Auditing Tool for Unix/Linux Systems

Lynis is an open source security auditing tool. Commonly used by system administrators, security professionals and auditors, to evaluate the security defenses of their Linux/Unix based systems. It runs on the host itself, so it can perform very extensive security scans. Supported operating system...

Egress-Assess - Tool used to Test Egress Data Detection Capabilities

Egress-Assess is a tool used to test egress data detection capabilities. Setup To setup, run the included setup script, or perform the following: 1. Install pyftpdlib 2. Generate a server certificate and store it as "server.pem" on the same level as Egress-Assess. This can be done with the...

Dharma - A generation-based, context-free grammar fuzzer

A generation-based, context-free grammar fuzzer. Requirements None Examples Generate a single test-case. % ./dharma.py -grammars grammars/webcrypto.dg Generate a single test case with multiple grammars. % ./dharma.py -grammars grammars/canvas2d.dg grammars/mediarecorder.dg Generating test-cases a...

KeyBox - A web-based SSH console that centrally manages administrative access to systems

KeyBox is a web-based SSH console that centrally manages administrative access to systems. Web-based administration is combined with management and distribution of user's public SSH keys. Key management and administration is based on profiles assigned to defined users. Administrators can login...

BetterCap - A complete, modular, portable and easily extensible MITM framework

BetterCap is an attempt to create a complete, modular, portable and easily extensible MITM framework with every kind of features could be needed while performing a man in the middle attack. It's currently able to sniff and print from the network the following informations: URLs being visited. HTT...

SIMP - System Integrity Management Platform

SIMP is a framework that aims to provide a reasonable combination of security compliance and operational flexibility. The ultimate goal of the project is to provide a complete management environment focused on compliance with the various profiles in the SCAP Security Guide Project and industry be...

MicEnum - Mandatory Integrity Control Enumerator for Windows

In the context of the Microsoft Windows family of operating systems, Mandatory Integrity Control MIC is a core security feature introduced in Windows Vista and implemented in subsequent lines of Windows operating systems. It adds Integrity LevelsIL-based isolation to running processes and objects...

yarGen - A Generator for Yara Rules (for malware researchers)

yarGen is a generator for Yara rules. What does yarGen do? The main principle is the creation of yara rules from strings found in malware files while removing all strings that also appear in goodware files. Since version 0.14.0 it uses naive-bayes-classifier by Mustafa Atik and Nejdet Yucesoy in...

Snitch - Information Gathering via dorks

Snitch is a tool which automate dorking process for specified domain. Using build-in dork categories, this tool helps gather informations about domain which can be found using search engines. It can be quite useful in early phases of pentest. Examples devil@hell:/snitch/$ python snitch.py // / / ...

Johnny - GUI for John the Ripper

Johnny is a cross-platform open-source GUI for the popular password cracker John the Ripper. Features 1. user could start, pause and resume attack though only one session is allowed globally, 2. all attack related options work, 3. all input file formats are supported pure hashes, pwdump, passwd,...

Q-shell - Quick Shell for Unix Administrator

q-shell is quick shell for remote login into Unix system, it use blowfish crypt algorithm to protect transport data from client to server, you can get two program: 'qsh' for client, and 'qshd' for server, those program can rename by any name with you prefer. Compile Just enter 'make' and it will...

Babun - A Windows shell you will love!

Would you like to use a linux-like console on a Windows host without a lot of fuzz? Try out babun! Installation Just download the dist file from http://babun.github.io, unzip it and run the install.bat script. After a few minutes babun starts automatically. The application will be installed to th...