[Facebook Password Decryptor v5.0] Facebook Password Recovery Software

Facebook Password Decryptor is the FREE software to instantly recover Facebook account passwords stored by popular Web Browsers and Messengers. It is one of our most popular software with over One Million downloads worldwide. It supports recovering of the stored Facebook login password from most ...

[MAC Address Scanner] Desktop Tool to Find MAC address of Remote Computers on Local Network

MAC Address Scanner is the free desktop tool to remotely scan and find MAC Address of all systems on your local network. It allows you to scan either a single host or range of hosts at a time. During the scan, it displays the current status for each host. After the completion, you can generate...

[bWAPP bee-box] Linux VMware virtual machine pre-installed with bWAPP

bee-box is a custom Linux VMware virtual machine pre-installed with bWAPP. bee-box gives you several ways to hack and deface the bWAPP website. It's even possible to hack the bee-box to get root access... With bee-box you have the opportunity to explore all bWAPP vulnerabilities! This project is...

[DLL Finder v1.5] Tool to quickly find the matching DLL in all running Processes

DLL Finder is the command-line tool to quickly find the matching DLL in all running Processes. For each discovered DLL in a process it displays, Target Process Name Process ID Full DLL Name DLL Base Address DLL Load Count DLL File Path On 64 bit system, 32-bit processes are shown with suffix "32"...

[Netsparker v3.0.2.0 Community Edition] Web Application Security Scanner

Netsparker can crawl, attack and identify vulnerabilities in all custom web applications regardless of the platform and the technology they are built on, just like an actual attacker. It can identify web application vulnerabilities like SQL Injection, Cross-site Scripting XSS, Remote Code Executi...

[Arachni v0.4.3] Ruby framework aimed towards helping penetration testers

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. Arachni is smart, it trains itself by learning from the HTTP responses it receives during the audit process. Unlike other...

[Snort 2.9.5] Network intrusion prevention and detection system (IDS/IPS)

Snort® is an open source network intrusion prevention and detection system IDS/IPS developed by Sourcefire. Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and nearly 400,000...

[Zarp v0.1.2] The Python Network Attack Tool

Zarp is a network attack tool centered around the exploitation of local networks. This does not include system exploitation, but rather abusing networking protocols and stacks to take over, infiltrate, and knock out. Sessions can be managed to quickly poison and sniff multiple systems at once,...

[Salted Hash Kracker v1.5] Recover the Password from Salted Hash text

Salted Hash Kracker is the free all-in-one tool to recover the Password from Salted Hash text. These days most websites and applications use salt based hash generation to prevent it from being cracked easily using precomputed hash tables such as Rainbow Crack. In such cases, 'Salted Hash Kracker'...

[Chrome Password Decryptor v4.6] Recover all stored passwords from Google Chrome

Chrome Password Decryptor is the FREE tool to instantly recover all stored passwords from Google Chrome browser. It automatically detect the default Chrome profile path for the current user and displays all the stored login passwords in clear text after decrypting them. It also shows all the...

[WebVulScan] Web Application Vulnerability Scanner

WebVulScan is a web application vulnerability scanner. It is a web application itself written in PHP and can be used to test remote, or local, web applications for security vulnerabilities. As a scan is running, details of the scan are dynamically updated to the user. These details include the...

[Hardanger] Web Application Penetration Testing Platform

Hardanger is an Open Source web application penetration testing tool led by security researchers from SecurityWire. The project aims to bridge the gap between current open source web application testing tools commonly used in a Linux environment and bring the same level of tools to native Windows...

[Hidden File Finder] Scan and discover all the Hidden files on your Windows

Hidden File Finder is the free software to quickly scan and discover all the Hidden files on your Windows system. It performs swift multi threaded scan of all the folders parallely and quickly uncovers all the hidden files. It automatically detects the Hidden Executable Files EXE, DLL, COM etc an...

[Dradis Pro v1.7] Framework to enable effective information sharing

Dradis Pro is framework to enable effective information sharing, specially during security assessments. Dradis is a self-contained web application that provides a centralised repository of information to keep track of what has been done so far, and what is still ahead. Changelog v1.7 This is the...

[EMET v4.0] Enhanced Mitigation Experience Toolkit

The Enhanced Mitigation Experience Toolkit EMET is designed to help prevent hackers from gaining access to your system. Software vulnerabilities and exploits have become an everyday part of life. Virtually every product has to deal with them and consequently, users are faced with a stream of...

[OWASP Bricks] Modular Deliberately Vulnerable Web Application

Bricks is a deliberately vulnerable web application built on PHP and MySQL. The project focuses on variations of commonly seen application security vulnerabilities and exploits. Each 'brick' has some sort of vulnerability which can be exploited using tools Mantra and ZAP. The mission is to 'break...

[PyMal] The Malware Analysis Framework

PyMal is a python based interactive Malware Analysis Framework. It is built on the top of three pure python programes Pefile, Pydbg and Volatility. The main aim of the project is to combine all the Malware Analysis related tools into a single interface for rapid analysis. PyMal have several wrapp...

[Process Magic] Tool to Hide any Windows application in Hidden or Invisible mode

Process Magic is the command-line tool to Hide any Windows application or launch new application in Hidden or Invisible mode. In addition to hiding any Windows process, it also allows you to Unhide any previously Hidden application. Note that it hides the application by hiding its main window. So...

[pweb-suite] Perl based web application penetration testing tools

Written completely in Perl, this suite of tools covers a lot of the basics for penetration testing and vulnerability detection automation. This Suite formerly known as the "pCrack Suite" of tools is used primarily or web application vulnerability testing. xssPlay in Action! YouTube Download...

[Nishang v.0.2.7] PowerShell for Penetration Testing

Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security and post exploitation during Penetraion Tests. The scripts are written on the basis of requirement by the author during real Penetration Tests.It contains many interesting script...

[DLL Magic] Tool to Hide DLL in any Windows Process

DLL Magic is the simple command-line tool to Hide DLL in any Windows Process. Every Process maintains internal database of loaded Modules/DLLs in the form of three linked lists. Each of these linked list represents the order in which DLLs are loaded, here are they Load Order Memory Order...

[Malwasm] Offline debugger for malware's reverse engineering

Malwasm is a tool based on Cuckoo Sandbox available here. Malwasm was designed to help people that do reverse engineering. Malwasm step by step: the malware to analyse is executed through Cuckoo Sandbox during the execution, malwasm logs all activites of the malware with pintool all activities ar...

[John the Ripper v1.8.0] Fast Password Cracker

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt3 password hash types most commonly found on various Unix systems, supported out of the box are...

[Hashcat v0.45] Advanced Password Recovery

changes v0.44 - v0.45: Release with some new algorithms: AIX smd5 AIX ssha1, ssha256, ssha512 GOST R 34.11-94 We managed also to fix some bugs and implement some additional feature requests Full changelog: type: feature file: hashcat-cli desc: show status screen also when all hashes were recovere...

[PenQ] The Security Testing Browser Bundle

PenQ is an open source Linux based penetration testing browser bundle we built over Mozilla Firefox. It comes pre-configured with security tools for spidering, advanced web searching, fingerprinting, anonymous browsing, web server scanning, fuzzing, report generating and more. PenQ is configured ...

AndroRat - Remote Administration Tool for Android

Androrat is a client/server application developed in Java Android for the client side and in Java/Swing for the Server. The name Androrat is a mix of Android and RAT Remote Access Tool. It has been developed in a team of 4 for a university project. It has been realised in one month. The goal of t...

[Suricata 1.4.2] Next Generation Intrusion Detection and Prevention Engine

TheSuricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. OISF is part of and funded by the Department of Homela...

[Veil v1.2] A Payload Generator to Bypass Antivirus

Veil is a tool designed to generate metasploit payloads that bypass common anti-virus solutions. Veil was designed to run on Kali Linux, but should function on any system capable of executing python scripts. Simply call Veil from the command line, and follow the menu to generate a payload. Upon...

[Sandcat Browser 4.0] The fastest web browser with many useful security and developer oriented tools

Sandcat Browser, The fastest web browser with many useful security and developer oriented tools updated to version 4.0 with the fastest scripting language packed with features for pen-testers. Sandcat 4 adds a large number of enhancements, new features, extensions and bug fixes, and provides a...

[aidSQL] A tool that will aid you when trying to find vulnerable spots in your site

Is a PHP application provided for detecting security holes in your website/s. It's a modular application, meaning that you can develop your very own plugins for SQL injection detection & exploitation. 2013-05-27 NEW aidSQL Release which supports MS SQL SERVER 2000 Database injection and reverse...

[SET v5.1] The Social-Engineer Toolkit codename “Name of the Doctor”

The Social-Engineer Toolkit SET version 5.1 codename “ Name of the Doctor ” has been released. This version adds a complete rewrite of the MSSQL Bruter as well as a new attack vector utilizing the PSExec functionality within Metasploit. The MSSQL Bruter now incorporates UDP port 1434 quick...

[Aircrack-ng 1.2 Beta 1] 802.11 WEP and WPA-PSK keys cracking tool

Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making the attack much faster compared ...

[jSQL Injection v0.4] Java tool for automatic database injection

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL is free, open source and cross-platform Windows, Linux, Mac OS X, Solaris. Version 0.4 features: GET, POST, header, cookie methods Normal, error based, blind, time based algorithms Automatic...

[Wireshark v1.10.0 RC2] The world’s foremost network protocol analyzer

Wireshark is the world’s foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto and often de jure standard across many industries and educational institutions. Wireshark development thrives thanks to the...

[DroidSQLi] MySQL Injection tool for Android

DroidSQLi is the first automated MySQL Injection tool for Android. It allows you to test your MySQL-based web application against SQL injection attacks. DroidSQLi supports the following injection techniques: - Time based injection - Blind injection - Error based injection - Normal injection...

[Wireshark v1.8.7] The world’s foremost network protocol analyzer

Wireshark is the world’s foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto and often de jure standard across many industries and educational institutions. Wireshark development thrives thanks to the...

[PacketFence v4.0] Open Source network access control (NAC)

PacketFence is a fully supported, trusted, Free and Open Source network access control NAC solution. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, 802.1X support, layer-2 isolation of problematic devices,...

[DEP Process Scanner] Tool to scan and show all the DEP enabled Processes

DEP Process Scanner is the free command-line tool to scan and show all the DEP enabled Processes. Data Execution Prevention DEP is a security feature introduced since Windows XP SP2 onwards and designed to prevent an application executing code from a non-executable memory regions such as Stack or...

[Hook Analyser 2.5] Application (and Malware) Analysis tool

Application and Malware Analysis tool. Hook Analyser is a hook tool which could be potentially helpful in reversing application and analysing malwares. Changelog v2.5 This has now five 5 key functionalities: 1. Spawn and Hook to Application – This feature allows analyst to spawn an application, a...

[AttackVector Linux] Linux distro for anonymized penetration based on Kali and TAILS

AttackVector Linux is a new distribution for anonymized penetration and security. It is based on Kali and TAILS, which are both based on Debian. While Kali requires a modified kernel for network drivers to use injection and so forth, the Tor Project's TAILS is designed from the bottom up for...

[TOPERA v0.0.2] Security tools for IPv6

Topera is a new security tools for IPv6, with the particularity that their attacks can’t be detected by Snort. Snort is the most known IDS/IPS and is widely used in many different critical environments. Some commercial tools Juniper or Checkpoint ones use it as detection engine also. Mocking snor...

[Cain & Abel v4.9.44] Password recovery tool for Microsoft Operating Systems

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords,...

[SpiderFoot v2.0] The Open Source Footprinting tool

SpiderFoot is a free, open-source footprinting tool, enabling you to perform various scans against a given domain name in order to obtain information such as sub-domains, e-mail addresses, owned netblocks, web server versions and so on. The main objective of SpiderFoot is to automate the...

[Process PEB Finder] Tool to find and display PEB Address of running Processes

Process PEB Finder is the console based tool to find and display PEB Address of running Processes on your system. PEB Process Environment Block is the part of Process memory where is stores important information including loaded modules, startup paramenters, environment variables, debug informati...

[Show Threads] Tool to list all the Threads in the running Process

Show Threads is the small command-line Tool to list all the Threads in the running Process. You can either specify the Process ID or Process Name to enumerate the threads. For each thread, it displays Thread ID and the Base Priority. Being a command-line tool makes it easy for automation. It can ...

[Santoku 0.4] Distribution dedicated to mobile forensics, malware analysis and security testing

Santoku includes a number of open source tools dedicated to helping you in every aspect of your mobile forensics, malware analysis, and security testing needs, including: Development Tools: Android SDK Manager AXMLPrinter2 Fastboot Heimdall src | howto Heimdall GUI src | howto SBF Flash Penetrati...

[ShellNoob v1.0] Shellcode Writing Toolkit

ShellNoob is a writing toolkit, that helps you to writting some shellcodes, converting to different formats, resolving some boring steps. Features: convert shellcode between different formats currently supported: asm, bin, hex, obj, exe, C, python, ruby, pretty interactive opcode-to-binary...

[TcpLogView v1.05] Another TCP Connection Log

TcpLogView is a simple utility that monitors the opened TCP connections on your system, and adds a new log line every time that a TCP connection is opened or closed. For every log line, the following information is displayed: Even Time, Event Type Open, Close, Listen, Local Address, Remote Addres...

[DEFT 7] Distribution with the best freeware Windows Computer Forensic tools

DEFT 7 is based on the new Kernel 3 Linux side and the DART Digital Advanced Response Toolkit with the best freeware Windows Computer Forensic tools. It’s a new concept of Computer Forensic system that use LXDE as desktop environment and WINE for execute Windows tools under Linux and mount manage...

[BSNL Password Decryptor] Tool to Recover the Login Password of BSNL modem/router

BSNL Password Decryptor is a free desktop tool to instantly recover the Login Password of BSNL modem/router. If you have lost login authentication password of your BSNL modem and you have backup configuration file then you can use this tool to quickly recover your password. It supports dual mode ...