Scout - Download and analyze webpage components to identify infected files

Uses the Pinpoint engine to download and analyze webpage components to identify infected files. Scout has a built-in HTTP Request Simulator that will render user-specified HTML files, catch the resulting HTTP requests, then drop the responses. Scout includes the ability to screenshot the webpage...

Mylar - Platform for building secure web applications

Web applications rely on servers to store and process confidential information. However, anyone who gains access to the server e.g., an attacker, a curious administrator, or a government can obtain all of the data stored there. Mylar protects data confidentiality even when an attacker gets full...

Agnitio - Manual Security Code Review Tool

A tool to help developers and security professionals conduct manual security code reviews in a consistent and repeatable way. Agnitio aims to replace the adhoc nature of manual security code review documentation, create an audit trail and reporting. The major changes in v2.1 are listed below:...

FBCacheView - Shows Facebook images stored in the cache of your Web browser

FBCacheView is a simple tool that scans the cache of your Web browser Internet Explorer, Firefox, or Chrome, and lists all images displayed in Facebook pages that you previously visited, including profile pictures, images uploaded to Facebook, and images taken from other Web sites. For every...

SNMPCheck - Enumerate the SNMP devices

Like to snmpwalk, snmpcheck allows you to enumerate the SNMP devices and places the output in a very human readable friendly format. It could be useful for penetration testing or systems monitoring. Distributed under GPL license and based on "Athena-2k" script by jshaw. Features snmpcheck support...

Linkedin Password Decryptor - Linkedin Password Recovery Software

Linkedin Password Decryptor is the all-in-one software to recover Linkedin passwords stored by popular Web Browsers. These days, most of the web browsers store the website login passwords to prevent hassale of entering the password again and again. Each web browser use their own encryption...

nbtscan - NETBIOS nameserver scanner

This is a command-line tool that scans for open NETBIOS nameservers on a local or remote TCP/IP network, and this is a first step in finding of open shares. It is based on the functionality of the standard Windows tool nbtstat, but it operates on a range of addresses instead of just one. I wrote...

DNSCrypt - A tool for securing communications between a client and a DNS resolver

dnscrypt-proxy provides local service which can be used directly as your local resolver or as a DNS forwarder, encrypting and authenticating requests using the DNSCrypt protocol and passing them to an upstream server. The DNSCrypt protocol uses high-speed high-security elliptic-curve cryptography...

FolderChangesView - Monitor files changes on Windows

FolderChangesView is a simple tool that monitors the folder or disk drive that you choose and lists every filename that is being modified, created, or deleted while the folder is being monitored. You can use FolderChangesView with any local disk drive or with a remote network share, as long as yo...

VirusTotal Scanner - Desktop Tool to Perform Quick Anti-virus Scan using VirusTotal

VirusTotal Scanner is the desktop tool to quickly perform Anti-virus scan using VirusTotal.com VirusTotal.com is a free online scan service that analyzes suspicious files using 40+ Anti-virus applications. It facilitates the quick detection of viruses, worms, trojans, all kinds of malware and...

Windows Domain Credentials Phishing Tool

While performing a Pen test for a client i needed to catch a domain user name and password, there are several ways to gain users passwords and it really depends on a lot of factors on how to get it in my case i didn’t had time to wait for the user to enter his credentials and get it using a key...

Pompem - Exploit Finder

Pompem is an open source tool, which is designed to automate the search for exploits in major databases. Developed in Python, has a system of advanced search, thus facilitating the work of pentesters and ethical hackers. In its current version, performs searches in databases: Exploit-db, 1337day,...

CrowdInspect - Scan of your running processes on Windows with Virus Total, WOT & MHR

CrowdInspect is a free professional grade tool for Microsoft Windows systems from CrowdStrike aimed to help alert you to the presence of malware that communicates over the network that may exist on your computer. It is a host-based real-time monitoring and recording tool utilizing multiple source...

SEES (Social Enginnering Email Sender) - A Social Engineering Attack/Audit Tool for Spear Phishing

What is SEES? Most of the companies nowadays have their firewalls, threat monitoring and prevention security appliances setup. With these mechanisms in place, security precautions are taken and incidents are monitored. Inbound traffic being restricted, SEES on the other hand is developed for...

URLCrazy - Test domain typos and variations to detect typo squatting, URL hijacking, phishing, and corporate espionage

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. Usage Detect typo squatters profiting from typos on your domain name Protect your brand by registering popular typos Identify typo domain names that will receive...

Nagios XI - The industry standard for IT infrastructure monitoring

Nagios XI is a system and network monitoring application. It watches hosts and services that you specify, alerting you when things go bad and when they get better. Some of its many features include monitoring of network services SMTP, POP3, HTTP, NNTP, ICMP, etc., monitoring of host resources...

DNSQuerySniffer - DNS Queries Sniffer

DNSQuerySniffer is a network sniffer utility that shows the DNS queries sent on your system. For every DNS query, the following information is displayed: Host Name, Port Number, Query ID, Request Type A, AAAA, NS, MX, and so on, Request Time, Response Time, Duration, Response Code, Number of...

MITMer - Automated Man-In-The-Middle Attack Tool

MITMer is a man-in-the-middle and phishing attack tool that steals the victim’s credentials of some web services like Facebook. Dependencies: python2 scapy python2-nfqueue How to: Run it as root. sudo python2 mitmer.py Select a network interface. After scanning the network for available hosts,...

Cpuminer - CPU miner for Litecoin and Bitcoin

cpuminer is a multi-threaded, highly optimized CPU miner for Litecoin, Bitcoin and other cryptocurrencies. Currently supported algorithms are SHA-256d and scrypt1024, 1, 1. It supports the getwork mining protocol as well as the Stratum mining protocol, and can be used for both solo and pooled...

[EMS] E-mail Spoofer

E-mail Spoofer is a tool designed for penetration testers who need to send phishing e-mails. It allows to send mails to a single recipient or a list, it supports plain text/html email formats, attachments, templates and more… Features Support for Plain text and HTML E-mail Templates Spoofing Send...

[JRT] Junkware Removal Tool

Junkware Removal Tool is a security utility that searches for and removes common adware, toolbars, and potentially unwanted programs PUPs from your computer. A common tactics among freeware publishers is to offer their products for free, but bundle them with PUPs in order to earn revenue. This to...

[AdwCleaner] Removal Tool for Adware, Toolbars and Hijacker

AdwCleaner is a free removal tool for : Adware ads softwares PUP/LPI Potentially Undesirable Program Toolbars Hijacker Hijack of the browser's homepage It works with a Search and Delete mode. It can be easily uninstalled using the mode "Uninstall". It's compatible with Windows XP, Vista, 7, 8, 8....

[VideoCacheView] Play offline/Save .flv video files from Web browser cache

After watching a video in a Web site, you may want to save the video file into your local disk for playing it offline in the future. If the video file is stored in your browser's cache, this utility can help you to extract the video file from the cache and save it for watching it in the future. I...

[Argus] Real Time Flow Monitor

Argus is a fixed-model Real Time Flow Monitor designed to track and report on the status and performance of all network transactions seen in a data network traffic stream. Argus provides a common data format for reporting flow metrics such as connectivity, capacity, demand, loss, delay, and jitte...

[SearchMyFiles] Alternative to 'Search For Files And Folders' module of Windows + Duplicates Search

SearchMyFiles is an alternative to the standard "Search For Files And Folders" module of Windows. It allows you to easily search files in your system by wildcard, by last modified/created/last accessed time, by file attributes, by file content text or binary search, and by the file size...

[Peepdf] PDF Analysis and Creation/Modification Tool

peepdf is a Python tool to explore PDF files in order to find out if the file can be harmful or not. The aim of this tool is to provide all the necessary components that a security researcher could need in a PDF analysis without using 3 or 4 tools to make all the tasks. With peepdf it's possible ...

[PingInfoView] Ping monitor utility

PingInfoView is a small utility that allows you to easily ping multiple host names and IP addresses, and watch the result in one table. It automatically ping to all hosts every number of seconds that you specify, and displays the number of succeed and failed pings, as well as the average ping tim...

[ODA] Online Web Based Disassembler

ODA stands for Online DisAssembler. ODA is a general purpose machine code disassembler that supports a myriad of machine architectures. Built on the shoulders of libbfd and libopcodes part of binutils, ODA allows you to explore an executable by dissecting its sections, strings, symbols, raw hex,...

[NetBScanner] NetBIOS Scanner

NetBScanner is a network scanner tool that scans all computers in the IP addresses range you choose, using NetBIOS protocol. For every computer located by this NetBIOS scanner, the following information is displayed: IP Address, Computer Name, Workgroup or Domain, MAC Address, and the company tha...

[Nsdtool] Toolset of scripts used to detect netgear switches in local networks

Nsdtool is a toolset of scripts used to detect netgear switches in local networks. The tool contains some extra features like bruteforce and setting a new password. Netgear has its own protocol called NSDP Netgear Switch Discovery Protocol, which is implemented to support security tests on the...

[MultiMonitorTool] Enable/disable/configure multiple monitors on Windows

MultiMonitorTool is a small tool that allows you to do some actions related to working with multiple monitors. With MultiMonitorTool, you can disable/enable monitors, set the primary monitor, save and load the configuration of all monitors, and move windows from one monitor to another. You can do...

[Ipdecap] Decapsulate traffic encapsulated within GRE, IPIP, 6in4, ESP (ipsec) protocols

Ipdecap can decapsulate traffic encapsulated within GRE, IPIP, 6in4, ESP ipsec protocols, and can also remove IEEE 802.1Q virtual lan header. It reads packets from an pcap file, removes the encapsulation protocol, and writes them to another pcap file. Goals are: Extract encapsulated tcp flow to...

[SSLsplit] Transparent and scalable SSL/TLS interception

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original...

[OpenedFilesView] View opened/locked files in your system (sharing violation issues)

OpenedFilesView displays the list of all opened files on your system. For each opened file, additional information is displayed: handle value, read/write/delete access, file position, the process that opened the file, and more... Optionally, you can also close one or more opened files, or close t...

[DNmap] Distributed Nmap Framwork

DNmap is a distributed nmap framwork using a client/server architecture. The server reads the commands from a file and send them to each client. The client execute the nmap command and send the results back. Download DNmap...

[WiFi Password Remover v2.0] Free Wireless (WEP/WPA/WPA2) Password/Profile Removal Software

WiFi Password Remover is the Free software to quickly recover and remove Wireless account passwords stored on your system. For each recovered Wi-Fi account, it displays following details, WiFi Name SSID Security Settings WEP-64/WEP-128/WPA2/AES/TKIP Password Type Password in Hex format Password i...

[CountryTraceRoute] Fast Traceroute with IP country information

CountryTraceRoute is a Traceroute utility, similar to the tracert tool of Windows, but with graphical user interface, and it's also much faster than tracert of Windows. CountryTraceRoute also displays the country of the owner of every IP address found in the Traceroute. After the Traceroute is...

[Blackhash] Audit Passwords Without Hashes

A traditional password audit typically involves extracting password hashes from systems and then sending those hashes to a third-party security auditor or an in-house security team. These security specialists have the knowledge and tools to effectively audit password hashes. They use password...

[Lynis 1.4.6] Security and System Auditing Tool to Harden Linux Systems

Lynis is an auditing tool for Unix/Linux. It performs a security scan and determines the hardening state of the machine. Any detected security issues will be provided in the form of a suggestion or warning. Beside security related information it will also scan for general system information,...

[ProcessThreadsView] View process threads information

ProcessThreadsView is a small utility that displays extensive information about all threads of the process that you choose. The threads information includes the ThreadID, Context Switches Count, Priority, Created Time, User/Kernel Time, Number of Windows, Window Title, Start Address, and more. Wh...

[Skipfish] Web Application Security Scanner

Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active but hopefully non-disruptive...

[DeviceIOView] View data transfer between a software and device driver

DeviceIOView allows you to watch the data transfer between a software or service and a device driver DeviceIoControl calls. For each call to a device driver, the following information is displayed: Handle, Control Code, number of input bytes, number of output bytes, the name of the device handle,...

[SkypeLogView] Skype Log Viewer (.dbb and main.db files)

SkypeLogView reads the log files created by Skype application, and displays the details of incoming/outgoing calls, chat messages, and file transfers made by the specified Skype account. You can select one or more items from the logs list, and then copy them to the clipboard, or export them into...

[wig] WebApp Information Gatherer (Identify CMS)

wig is a Python tool that identifies a websites CMS by searching for fingerprints of static files and extracting version numbers from known files. OS identification is done by using the value of the ‘server’ and ‘X-Powered-By’ in the response header. These values are compared to a database of whi...

[WakeMeOnLan] Turn on computers on your network with Wake-on-LAN packet

This utility allows you to easily turn on one or more computers remotely by sending Wake-on-LAN WOL packet to the remote computers. When your computers are turned on, WakeMeOnLan allows you to scan your network, and collect the MAC addresses of all your computers, and save the computers list into...

[Cisco Torch] Mass Scanning, Fingerprinting, and Exploitation Tool

Cisco Torch mass scanning, fingerprinting, and exploitation tool was written while working on the next edition of the "Hacking Exposed Cisco Networks", since the tools availalbe on the market could not meet our needs. The main feature that makes Cisco-torch different from similar tools is the...

[QuickSetDNS] Quickly change DNS servers of your Internet connection

QuickSetDNS is a simple tool that allows you to easily change the DNS servers that are used for your Internet connection. You can set the desired DNS servers from the user interface, by choosing from a list of DNS servers that you defined, or from command-line, without displaying any user...

[Nield v0.5.0] Network Interface Events Logging Daemon

nieldNetwork Interface Events Logging Daemon is a tool that receives notifications from the kernel through the netlink socket, and generates logs related to interfaces, neighbor cache ARP,NDP, IP address IPv4,IPv6, routing, FIB rules, traffic control.It can be configured using command-line option...

[Email Password Dump] Command-line Tool to Recover Lost Email Password from Outlook, Windows Live Mail, FoxMail, Thunderbird, MSN Messenger

Email Password Dump is the free command-line based all-in-one tool to instantly recover all your Email passwords from popular email clients and other desktop applications. Currently it can recover your lost email passwords from following applications, Microsoft Outlook Express Microsoft Outlook...

[ImageCacheViewer] View images in the cache of your Web browser

ImageCacheViewer is a simple tool that scans the cache of your Web browser Internet Explorer, Firefox, or Chrome, and lists the images displayed in the Web sites that you recently visited. For every cached image file, the following information is displayed: URL of the image, Web browser that was...