BackdoorFactory - Patch PE (x86/x64) and ELF (x86/x64 and ARM LE x32) binaries with shellcode

Patch win86/64 PE and linux86/64 binaries with shellcode. The goal of The Backdoor Factory is to patch executable binaries with user desired shellcode and continue normal execution of the binary prepatched state. Under a BSD 3 Clause License. This is done by either appending a code cave or using...

Lynis 1.5.9 - Security auditing tool for Unix/Linux systems

Lynis is an open source security auditing tool. Primary goal is to help users with auditing and hardening of Unix and Linux based systems. The software is very flexible and runs on almost every Unix based system including Mac. Even the installation of the software itself is optional! How it works...

FuckShitUp - Multi Vulnerabilities Scanner written in PHP

Basically, FSU is bunch of tools written in PHP-CLI. Using build-in functions, you are able to grab url's using search engines - and so, dork for interesting files and full path disclosures. Using list of url's, scanner will look for Cross Site Scripting, Remote File Inclusion, SQL Injection and...

CountryTraceRoute v1.22 - Fast Traceroute with IP country information

CountryTraceRoute is a Traceroute utility, similar to the tracert tool of Windows, but with graphical user interface, and it's also much faster than tracert of Windows. CountryTraceRoute also displays the country of the owner of every IP address found in the Traceroute. After the Traceroute is...

Oracle Password Auditor - Oracle Password Recovery & Auditing Tool

Oracle Password Auditor is the FREE Oracle database password recovery and auditing software. It not only helps you to recover lost or forgotten Oracle database password but also audit Oracle database setup in an corporate environment by discovering the weak password configurations. During auditin...

SlowHTTPTest - Application Layer DoS attack simulator

SlowHTTPTest is a highly configurable tool that simulates some Application Layer Denial of Service attacks. It works on majority of Linux platforms, OSX and Cygwin - a Unix-like environment and command-line interface for Microsoft Windows. It implements most common low-bandwidth Application Layer...

Sandcat Browser 5 - A Penetration-Oriented Browser

Sandcat is a lightweight multi-tabbed web browser that combines the speed and power of Chromium and Lua. Sandcat comes with built-in live headers, an extensible user interface and command line console, resource viewer, and many other features that are useful for web developers and pen-testers. He...

Bing Dork Scanner - Tool to extract urls from a bing search

This is a simple script with GUI, to extract urls from a bing search. Support only HTTP proxy. Required Perl Modules: LWP Gtk2 Glib uft8 threads threads::shared URI::Escape Download Bing Dork Scanner...

QuasiBot - Webshell Manager aka HTTP Botnet

QuasiBot is a complex webshell manager written in PHP, which operate on web-based backdoors implemented by user himself. Using prepared php backdoors, quasiBot will work as C&C trying to communicate with each backdoor. Tool goes beyond average web-shell managers, since it delivers useful function...

Tor Browser 3.6.3 - Use Tor on Windows, Mac OS X, or Linux without needing to install any software

The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical...

aNmap - Android Network Mapper (Nmap for Android)

Nmap is one of the most improtant tools for every cracker white, grey black hat "hacker". Nmap is a legendary hack tool and probably the prevelent networt security port scanner tool over the last 10 years on all major Operating Systems. So far it was available in windows, linux and Mac OS X. But...

Inxi - A newer, better system information script for irc, administration, and system troubleshooters

A newer, better system information script for irc, administration, and system troubleshooters. Inxi Options Inxi has a wide range of options and custom triggers, along with useful defaults like -b or -F. Plain inxi, no options, prints a single line of basic system information. Here is a screensho...

PwnPi - A Pen Test Drop Box distro for the Raspberry Pi

PwnPi is a Linux-based penetration testing dropbox distribution for the Raspberry Pi. It currently has 200+ network security tools pre-installed to aid the penetration tester. It is built a stripped down version of the Debian Wheezy image from the Raspberry Pi foundation's website and uses Openbo...

NoVirusThanks File Governor - Unlock locked files and folders

NoVirusThanks File Governor is an advanced program which allows for files and folders within the system to be unlocked so that normal file I/O operations can be completed when normally they would not be able to be due to operating system restrictions for files currently in use. Once a file or...

FolderTimeUpdate - Tool that scans all files and folders and updates the Modified Time of every folder according the latest modified time

FolderTimeUpdate is a simple tool for Windows that scans all files and folders under the base folder you choose, and updates the 'Modified Time' of every folder according the latest modified time of the files stored in it. This tool might be useful if, for example, you backup a cluster of folders...

PacketFence v4.3.0 - Free and Open Source network access control (NAC) solution

PacketFence is a fully supported , trusted , Free and Open Source network access control NAC solution. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, powerful BYOD management options, 802.1X support, layer...

MultiMonitorTool v1.63 - Multiple Monitors on Windows

MultiMonitorTool is a small tool that allows you to do some actions related to working with multiple monitors. With MultiMonitorTool, you can disable/enable monitors, set the primary monitor, save and load the configuration of all monitors, and move windows from one monitor to another. You can do...

Netsparker v3.5 - Web Application Security Scanner

Netsparker Web Application Security Scanner can find and report web application vulnerabilities such as SQL Injection and Cross-site Scripting XSS and security issues on all web applications and websites regardless of the platform and the technology they are built on. Netsparker is very easy to u...

Password Security Scanner - Check the security/strength of your passwords on Windows

This utility scans the passwords stored by popular Windows applications Microsoft Outlook, Internet Explorer, Mozilla Firefox, and more... and displays security information about all these passwords. The security information of every stored password includes the total number of characters, number...

Osueta - A simple Python script to exploit the OpenSSH User Enumeration Timing Attack

Osueta it's a simple Python2 script to exploit the OpenSSH User Enumeration Timing Attack, present in OpenSSH versions 5. and 6.. The script has the ability to make variations of the username employed in the bruteforce attack, and the possibility to establish a DOS condition in the OpenSSH server...

Viper - A binary management and analysis framework dedicated to malware and exploit researchers

Viper is a binary analysis and management framework. Its fundamental objective is to provide a solution to easily organize your collection of malware and exploit samples as well as your collection of scripts you created or found over the time to facilitate your daily research. Think of it as a...

Hash Compare - File Integrity Comparison Tool

Hash Compare is the FREE File Hash comparison tool. It performs Hash based Integrity Comparison using any of the the popular hash algorthms such as MD5 , SHA1 or SHA256. To make the task easier and quicker, it also supports the 'File Drag & Drop' feature. That means you can just drag & drop one o...

ProcessThreadsView - View process threads information On Windows

ProcessThreadsView is a small utility that displays extensive information about all threads of the process that you choose. The threads information includes the ThreadID, Context Switches Count, Priority, Created Time, User/Kernel Time, Number of Windows, Window Title, Start Address, and more. Wh...

RunFromProcess - Run a Windows program with a user of another process

RunFromProcess is a command-line utility that allows you to run a program from another process that you choose. The program that you run will be executed as a child of the specified process and it'll run with the same user and security context of the specified parent process. Using RunFromProcess...

Domain Analyzer Security Tool - Finds all the security information for a given domain name

Domain analyzer is a security analysis tool which automatically discovers and reports information about the given domain. Its main purpose is to analyze domains in an unattended way. Features It creates a directory with all the information, including nmap output files. It uses colors to remark...

Dirs3arch - HTTP(S) Directory/File Brute Forcer

dirs3arch is a simple command line tool designed to brute force directories and files in websites. Features Keep alive connections Multithreaded Detect not found web pages when 404 not found errors are masked .htaccess, web.config, etc. Recursive brute forcing Usage: dirs3arch.py -u|--url target...

Systemback - Simple system backup and restore application with extra features

Systemback makes it easy to create backups of system and users configuration files. In case of problems you can easily restore the previous state of the system. There are extra features like system copying, system installation and Live system creation. Download Systemback...

NWHT - Network Wireless Hacking Tools

Network Wireless Hacking Tools, new version and support your kali linux. Download NWHT...

Egresser - Tool to Enumerate Outbound Firewall Rules

Egresser is a tool to enumerate outbound firewall rules, designed for penetration testers to assess whether egress filtering is adequate from within a corporate network. Probing each TCP port in turn, the Egresser server will respond with the client’s source IP address and port, allowing the clie...

WhoIsConnectedSniffer - Detect who is connected to your network without scanning

WhoIsConnectedSniffer is a network discovery tool that listens to network packets on your network adapter using a capture driver WinpCap or MS network monitor and accumulates a list of computer and devices currently connected to your network. WhoIsConnectedSniffer uses various protocols to detect...

Moscrack v2.08b - Multifarious On-demand Systems Cracker (cracking WPA keys in parallel on a group of computers)

Moscrack is a perl application designed to facilitate cracking WPA keys in parallel on a group of computers. This is accomplished by use of either Mosix clustering software, SSH or RSH access to a number of nodes. With Moscrack's new plugin framework, hash cracking has become possible. SHA256/512...

screenFetch - The Bash Screenshot Information Tool

screenFetch is a "Bash Screenshot Information Tool". This handy Bash script can be used to generate one of those nifty terminal theme information + ASCII distribution logos you see in everyone's screenshots nowadays. It will auto-detect your distribution and display an ASCII version of that...

Mail Password Decryptor - All-in-one eMail Password Recovery Software

Mail Password Decryptor is the FREE software to instantly recover Mail Account passwords from popular email clients and other desktop applications. You can recover your lost password for email accounts like Gmail, Yahoo Mail, Hotmail or Windows Live Mail from email applications such as Microsoft...

SysExporter - Grab data from list-view, tree-view, combo box, WebBrowser control, and text-box

SysExporter utility allows you to grab the data stored in standard list-views, tree-views, list boxes, combo boxes, text-boxes, and WebBrowser/HTML controls from almost any application running on your system, and export it to text, HTML or XML file. Here's some examples for data that you can expo...

PwnStar - Script for multi attack (for all your fake-AP needs!)

A bash script to launch a Soft AP, configurable with a wide variety of attack options. Includes a number of index.html and server php scripts, for sniffing/phishing. Can act as multi-client captive portal using php and iptables. Launches classic exploits such as evil-PDF. De-auth with aireplay,...

ODAT - Oracle Database Attacking Tool

ODAT Oracle Database Attacking Tool is an open source penetration testing tool that test the security of Oracle Databases remotely. Usage examples of ODAT: You have an Oracle database listening remotely and want to find valid SIDs and credentials in order to connect to the database You have a val...

Browser Password Remover - Browser Website Login Password Removal Software

Browser Password Remover is the free software to quickly display and remove all the stored website login passwords from popular browsers. Most of the web browsers allow users to remember passwords and stores them into local database file. This file and all the stored passwords within it can be...

Wireshark v1.10.8 - The world’s foremost network protocol analyzer

Wireshark is the world’s foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto and often de jure standard across many industries and educational institutions. Wireshark development thrives thanks to the...

Daphne - Tool for killing, controlling and debugging processes in Windows

Daphne is a small application for killing, controlling and debugging Windows’ processes. It was born to kill a windows process and became almost a task manager replacement. You can kill a process by dragging the mouse over the windows, by right-clicking the process in the main process list, or by...

OWASP iOSForensic - Tool to help in forensics analysis on iOS

OWASP iOSForensic is a python tool to help in forensics analysis on iOS. It get files, logs, extract sqlite3 databases and uncompress .plist files in xml. OWASP iOSForensic provides: Application's files Conversion of .plist files in XML Extract all databases Conversion of binary cookies...

WebBrowserPassView - Recover lost passwords stored in your Web browser

WebBrowserPassView is a password recovery tool that reveals the passwords stored by the following Web browsers: Internet Explorer Version 4.0 - 10.0, Mozilla Firefox All Versions, Google Chrome, Safari, and Opera. This tool can be used to recover your lost/forgotten password of any Website,...

OAuth Request Crafter - Tool that helps you to play with OAuth signature protected URLs

OAuth Request Crafter is a tool that helps you to play with OAuth signature protected URLs. Features Support GET,POST,PUT and DELETE Proxy the Request Tamper URL, Parameters & Headers on the GO Add additional Headers and Cookie Why ? When dealing with OAuth signature protected URLs, For tampering...

Maligno - Penetration Testing Tool that Serves Metasploit Payloads

Maligno is an open source penetration testing tool that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded with Base64 prior to transmission. Changelog: Metasploit multi-host support, socks4a server...

Dradis v2.9 - Information Sharing For Security Assessments

Dradis is an open source framework to enable effective information sharing, specially during security assessments. It’s a tool specifically to help in the process of penetration testing. Penetration testing is about information: 1. Information discovery 2. Exploit useful information 3. Report the...

The Mole - Automatic SQL Injection Exploitation Tool

The Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. Features Support for injections using Mysql, SQL Server,...

SmartSPLAT - Tool to troubleshoot Checkpoint firewall issues and perform management tasks

Smart SPLAT is a freeware software to troubleshoot Checkpoint firewall issues and perform management tasks. It periodically checks for an update and when a new release is published, updates itself via the SmartSPLAT web site. SmartSPLAT lets you connect to your firewall via secure channel SSH...

Smart Pentester - An SSH based Penetration Testing Framework

Smart Pentester is an SSH based Penetration Testing Framework. It provides a GUI for well known tools like nmap, hping, tcpdump, volatility, hydra and etc. Smart Pentester Framework will provide you a User Interface for Penetration testing, Malware Analysis, Forensic Analysis, Cyber Intelligence,...

Hexorbase - Multiple Database Management and Audit Tool

HexorBase is a database application designed for administering and auditing multiple database servers simultaneously from a centralized location, it is capable of performing SQL queries and bruteforce attacks against common database servers MySQL, SQLite, Microsoft SQL Server, Oracle, PostgreSQL...

WebSiteSniffer v1.41 - Captures all Web site files downloaded by your Web browser while browsing the Internet

WebSiteSniffer is a packet sniffer tool that captures all Web site files downloaded by your Web browser while browsing the Internet, and stores them on your hard drive under the base folder that you choose. WebSiteSniffer allows you to choose which type of Web site files will be captured: HTML...

HackPorts - Mac OS X Penetration Testing Framework and Tools

HackPorts was developed as a penetration testing framework with accompanying tools and exploits that run natively on Mac platforms. HackPorts is a ‘super-project’ that leverages existing code porting efforts, security professionals can now use hundreds of penetration tools on Mac systems without...