6011 matches found
SMBMap - Samba Share Enumerator
SMBMap allows users to enumerate samba share drives across an entire domain. List share drives, drive permissions, share contents, upload/download functionality, file name auto-download pattern matching, and even execute remote commands. This tool was designed with pen testing in mind, and is...
MySQL Query Browser Password Dump - Command-line Tool to Recover Lost or Forgotten Passwords from MySQL Query Browser
MySQL Query Browser Password Dump is the free command-line tool to instantly recover your lost or forgotten passwords from MySQL Query Browser software. MySQL Query Browser is a simple software to manage your MySQL database connections and queries. By default, it stores all the database login...
ShellCheck - Automatically Detects Problems with sh/bash Scripts and Commands
ShellCheck is a static analysis and linting tool for sh/bash scripts. It's mainly focused on handling typical beginner and intermediate level syntax errors and pitfalls where the shell just gives a cryptic error message or strange behavior, but it also reports on a few more advanced issues where...
King Phisher - Phishing Campaign Toolkit
King Phisher is a tool for testing and promoting user awareness by simulating real world phishing attacks. It features an easy to use, yet very flexible architecture allowing full control over both emails and server content. King Phisher can be used to run campaigns ranging from simple awareness...
OpenVAS - The World's Most Advanced Open Source Vulnerability Scanner and Manager
The Open Vulnerability Assessment System OpenVAS is a framework of several services and tools. The core of this SSL-secured service-oriented architecture is the OpenVAS Scanner. The scanner very efficiently executes the actual Network Vulnerability Tests NVTs which are served with daily updates v...
SecuritySoftView - Displays the AntiVirus / AntiSpyware / Firewall registered with the security center of Windows
SecuritySoftView is a simple tool that displays the AntiVirus, AntiSpyware, and Firewall programs that are currently installed on your system and registered with the security center of Windows operating system. System Requirements This utility works on any version of Windows, starting from Window...
The Penetration Testers Framework (PTF) - Is a Way for Modular Support for Up-to-date Tools
A TrustedSec Project - The PenTesters Framework PTF is a Python script designed for Debian/Ubuntu based distributions to create a similar and familiar distribution for Penetration Testing. As pentesters, we've been accustom to the /pentest/ directories or our own toolsets that we want to keep...
Java LOIC - Low Orbit Ion Cannon. A Java based network stress testing application
Low Orbit Ion Cannon. The project is a Java implementation of LOIC written by Praetox but it's not related with the original project. The main purpose of Java LOIC is testing your network. Java LOIC should work on most operating systems. Download Java LOIC...
Fing - Find out Which Devices are Connected to your Wi-Fi Network
Find out which devices are connected to your Wi-Fi network, in just a few seconds. Fast and accurate, Fing is a professional App for network analysis. A simple and intuitive interface helps you evaluate security levels, detect intruders and resolve network issues. Discovers all devices connected ...
Bacula - Network Backup Tool for Linux, Unix, Mac, and Windows
Bacula is a set of computer programs that permits the system administrator to manage backup, recovery, and verification of computer data across a network of computers of different kinds. Bacula can also run entirely upon a single computer and can backup to various types of media, including tape a...
InstaRecon - Automated Digital Reconnaissance
Automated basic digital reconnaissance. Great for getting an initial footprint of your targets and discovering additional subdomains. InstaRecon will do: DNS direct, PTR, MX, NS lookups Whois domains and IP lookups Google dorks in search of subdomains Shodan lookups Reverse DNS lookups on entire...
Remote DLL Injector v2.0 - Command-line Tool to Inject DLL into Remote Process
Remote DLL Injector is the free command-line tool to Inject DLL into remote process. Currently it supports DLL injection using the CreateRemoteThread technique. Being a command-line tool makes it easy to integrate into your automation scripts. Also useful when you are remotely operating on the...
Custom-SSH-Backdoor - SSH Backdoor using Paramiko
Custom ssh backdoor, coded in python using Paramiko. Paramiko is a Python 2.6+, 3.3+ implementation of the SSHv2 protocol, providing both client and server functionality. While it leverages a Python C extension for low level cryptography PyCrypto, Paramiko itself is a pure Python interface around...
Tails 1.4 - The Amnesic Incognito Live System
Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity , and helps you to: use the Internet anonymously and circumvent censorship ; all connections to the Internet are forced to go through the...
FastNetMon - Very Fast DDoS Analyzer with Sflow/Netflow/Mirror Support
A high performance DoS/DDoS load analyzer built on top of multiple packet capture engines NetFlow, IPFIX, sFLOW, netmap, PFRING, PCAP. What can we do? We can detect hosts in our own network with a large amount of packets per second/bytes per second or flow per second incoming or outgoing from...
Autorize - Automatic Authorization Enforcement Detection (Extension for Burp Suite)
Autorize is an automatic authorization enforcement detection extension for Burp Suite. It was written in Python by Barak Tawily, an application security expert at AppSec Labs. Autorize was designed to help security testers by performing automatic authorization tests. Installation 1. Download Burp...
Kunai - Pwning & Info Gathering via User Browser
Sometimes there is a need to obtain ip address of specific person or perform client-side attacks via user browser. This is what you need in such situations. Kunai is a simple script which collects many informations about a visitor and saves output to file; furthermore, you may try to perform...
SmartSniff v2.17 - Capture TCP/IP packets on your network adapter
SmartSniff is a network monitoring utility that allows you to capture TCP/IP packets that pass through your network adapter, and view the captured data as sequence of conversations between clients and servers. You can view the TCP/IP conversations in Ascii mode for text-based protocols, like HTTP...
Double the bang for your buck with Acunetix Vulnerability Scanner
Acunetix have announced that they are extending their current free offering of the network security scan, part of their cloud-based web and network vulnerability scanner. Those signing up for a trial of the online version of Acunetix vulnerability scanner will now be able to scan their perimeter...
wig - WebApp Information Gatherer
wig is a web application information gathering tool, which can identify numerous Content Management Systems and other administrative applications. The application fingerprinting is based on checksums and string matching of known files for different versions of CMSes. This results in a score being...
Password Cracking Suite
How To Use It: git clone https://github.com/TecnoHack/Password-Cracking-Suite.git chmod +x csuit.py ./csuit.py Dics Path: In this path, you can add any dictionary you would like to use. Tools Path: In this path, the script will install 3rd party tools. You can download some here:...
Wireless Network Watcher v1.79 - Show who is connected to your wireless network
Wireless Network Watcher is a small utility that scans your wireless network and displays the list of all computers and devices that are currently connected to your network. For every computer or device that is connected to your network, the following information is displayed: IP address, MAC...
Graudit - Find potential security flaws in source code using grep
Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It's comparable to other static analysis applications like RATS, SWAAT and flaw-finder while keeping the technical requirements to a minimum and being very...
SQLassie - Effective Database Security
SQLassie is a free MySQL database firewall that prevents SQL injection attacks at runtime. SQLassie uses Bayesian classifiers to determine the likelihood of a query being an attack. This approach produces fewer false positives than other similar approaches. Security SQLassie prevents injection...
WifiInfoView v1.79 - WiFi Scanner for Windows 7/8/Vista
WifiInfoView scans the wireless networks in your area and displays extensive information about them, including: Network Name SSID, MAC Address, PHY Type 802.11g or 802.11n, RSSI, Signal Quality, Frequency, Channel Number, Maximum Speed, Company Name, Router Model and Router Name Only for routers...
GoAccess - Real-time Web Log Analyzer and Interactive Viewer
GoAccess is an open source real-time web log analyzer and interactive viewer that runs in a terminal in nix systems. It provides fast and valuable HTTP statistics for system administrators that require a visual server report on the fly. Features GoAccess parses the specified web log file and...
Tor Browser 4.5 - Everything you Need to Safely Browse the Internet
The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical...
BackBox Linux 4.2 - Ubuntu-based Linux Distribution Penetration Test and Security Assessment
BackBox is a Linux distribution based on Ubuntu. It has been developed to perform penetration tests and security assessments. Designed to be fast, easy to use and provide a minimal yet complete desktop environment, thanks to its own software repositories, always being updated to the latest stable...
Packet Sender - The UDP and TCP Network Test Utility
Packet Sender is an open source utility to allow sending and receiving TCP and UDP packets. It is available free no ads / no bundleware for Windows , Mac , and Linux. It can be used for both commercial and personal use license. It's designed to be very easy to use while still providing enough...
MobaXterm - Terminal for Windows with X11 server, tabbed SSH client, network tools and much more...
MobaXterm is your ultimate toolbox for remote computing. In a single Windows application, it provides loads of functions that are tailored for programmers, webmasters, IT administrators and pretty much all users who need to handle their remote jobs in a more simple fashion. MobaXterm provides all...
Sptoolkit Rebirth - Phishing Education Toolkit
The spt rebirth project is an open source phishing education toolkit that aims to help in securing the mind as opposed to securing computers. Organizations spend billions of dollars annually in an effort to safeguard information systems, but spend little to nothing on the under trained and...
Burp Suite Professional v1.6.16 - The Leading Toolkit for Web Application Security Testing
Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security...
Rekall - The Most Complete Memory Analysis Framework
The Rekall Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory RAM samples. The extraction techniques are performed completely independent of the system being investigated but...
Net-creds - Sniff passwords and hashes from an interface or pcap file
Thoroughly sniff passwords and hashes from an interface or pcap file. Concatenates fragmented packets and does not rely on ports for service identification. Sniffs URLs visited POST loads sent HTTP form logins/passwords HTTP basic auth logins/passwords HTTP searches FTP logins/passwords IRC...
Lynis 2.1.0 - Security Auditing Tool for Unix/Linux Systems
Lynis is an open source security auditing tool. Commonly used by system administrators, security professionals and auditors, to evaluate the security defenses of their Linux/Unix based systems. It runs on the host itself, so it can perform very extensive security scans. Supported operating system...
AutoReaver - Mutliple Access Point Targets Attack Using Reaver
AutoReaver is bash script which provides multiple access point attack using reaver and BSSIDs list from a text file. If processed AP reaches rate limit, script goes to another from the list, and so forth. HOW IT WORKS ? Script takes AP targets list from text file in following format BSSID CHANNEL...
Watcher v1.5.8 - Web Security Testing Tool and Passive Vulnerability Scanner
Watcher is a runtime passive-analysis tool for HTTP-based Web applications. Being passive means it won't damage production systems, it's completely safe to use in Cloud computing, shared hosting, and dedicated hosting environments. Watcher detects Web-application security issues as well as...
OWASP ZAP 2.4.0 - Penetration Testing Tool for Testing Web Applications
ZAP is an OWASP Flagship project, and is currently the most active open source web application security tool. For a quick introduction to the new release see this video: Some of the most significant changes include: ‘Attack’ Mode A new ‘attack’ mode has been added that means that applications tha...
Aircrack-ng 1.2 RC 2 - WEP and WPA-PSK keys cracking program
Here is the second release candidate. Along with a LOT of fixes, it improves the support for the Airodump-ng scan visualizer. Airmon-zc is mature and is now renamed to Airmon-ng. Also, Airtun-ng is now able to encrypt and decrypt WPA on top of WEP. Another big change is recent version of GPSd now...
Forpix - Software for detecting affine image files
forpix is a forensic program for identifying similar images that are no longer identical due to image manipulation. Hereinafter I will describe the technical background for the basic understanding of the need for such a program and how it works. From image files or files in general you can create...
Woodpecker hash Bruteforce - Multithreaded program to perform a brute-force attack against a hash
Woodpecker hash Bruteforce is a fast and easy-to-use multithreaded program to perform a brute-force attack against a hash. It supports many common hashing algorithms such as md5, sha1, etc. It runs on Windows and Mac OS. You can use dictionary, alphabet-based or random bruteforce. Here you can...
Commix - Automated All-in-One OS Command Injection and Exploitation Tool
Commix short for command injection exploiter has a simple environment and it can be used, from web developers, penetration testers or even security researchers to test web applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using this tool, ...
Netsparker 4 - Easier to Use, More Automation and Much More Web Security Checks
Netsparker Web Application Security Scanner version 4. The main highlight of this new version is the new fully automated Form Authentication mechanism; it does not require you to record anything, supports 2 factor authentication and other authentication mechanisms that require a one time code to...
Kadimus - LFI Scan & Exploit Tool
Kadimus is a tool to check sites to lfi vulnerability , and also exploit it Features: Check all url parameters /var/log/auth.log RCE /proc/self/environ RCE php://input RCE data://text RCE Source code disclosure Multi thread scanner Command shell interface through HTTP Request Proxy support...
3vilTwinAttacker - Create Rogue Wi-Fi Access Point and Snooping on the Traffic
This tool create an rogue Wi-Fi access point , purporting to provide wireless Internet services, but snooping on the traffic. Software dependencies: Recommended to use Kali linux. Ettercap. Sslstrip. Airbase-ng include in aircrack-ng. DHCP. Nmap. Install DHCP in Debian-based Ubuntu $ sudo apt-get...
Project Artillery - Full Suite for Protection against Attack on Linux and Windows
Project Artillery is an open source project aimed at the detection of early warning indicators and attacks. The concept is that Artillery will spawn multiple ports on a system giving the attacker the idea that multiple ports are exposed. Additionally, Artillery actively monitors the filesystem fo...
ProxyDroid - Set Proxys (Http / Socks4 / Socks5) on your Android devices
ProxyDroid is an app that can help you to set the proxy http / socks4 / socks5 on your android devices. FEATURES 1. Support HTTP / HTTPS / SOCKS4 / SOCKS5 proxy 2. Support basic / NTLM / NTLMv2 authentication methods 3. Individual proxy for only one or several apps 4. Multiple profiles support 5...
BlueScreenView - Blue Screen of Death (STOP error) information in dump files
BlueScreenView scans all your minidump files created during 'blue screen of death' crashes, and displays the information about all crashes in one table. For each crash, BlueScreenView displays the minidump filename, the date/time of the crash, the basic crash information displayed in the blue...
AVCaesar - Malware Analysis Engine and Repository
AVCaesar is a malware analysis engine and repository, developed by malware.lu within the FP7 project CockpitCI. Functionalities AVCaesar can be used to: Perform an efficient malware analysis of suspicious files based on the results of a set of antivirus solutions, bundled together to reach the...
netool.sh - MitM Pentesting Opensource T00lkit
netool.sh toolkit provides a fast and easy way For new arrivals to IT security pentesting and also to experience users to use allmost all features that the Man-In-The-Middle can provide under local lan, since scanning, sniffing and social engeneering attacks "spear phishing attacks"... DESCRIPTIO...