GOWPT - Go Web Application Penetration Test

GOWPT is the younger brother of wfuzz a swiss army knife of WAPT, it allow pentester to perform huge activity with no stress at all, just configure it and it's just a matter of clicks. How to install To install gowpt just type: make sudo make install Usage From the -h menu Usage of gowpt: -H valu...

JexBoss - JBoss (and others Java Deserialization Vulnerabilities) verify and EXploitation Tool

JexBoss is a tool for testing and exploiting vulnerabilities in JBoss Application Server and others Java Platforms, Frameworks, Applications, etc. Requirements Python = 2.7.x urllib3 ipaddress Installation on Linux\Mac To install the latest version of JexBoss, please use the following commands: g...

Parrot Security 3.10 - Security Oriented GNU/Linux Distribution

Security GNU/Linux distribution designed with cloud pentesting and IoT security in mind. It includes a full portable laboratory for security and digital forensics experts, but it also includes all you need to develop your own softwares or protect your privacy with anonymity and crypto tools...

Invoke-Phant0m - Windows Event Log Killer

This script walks thread stacks of Event Log Service process spesific svchost.exe and identify Event Log Threads to kill Event Log Service Threads. So the system will not be able to collect logs and at the same time the Event Log Service will appear to be running. I have made this script for two...

AndroTickler - Penetration Testing and Auditing Toolkit for Android Apps

A java tool that helps to pentest Android apps faster, more easily and more efficiently. AndroTickler offers many features of information gathering, static and dynamic checks that cover most of the aspects of Android apps pentesting. It also offers several features that pentesters need during the...

Wazuh - Open Source Host and Endpoint Security

Wazuh helps you to gain deeper security visibility into your infrastructure by monitoring hosts at an operating system and application level. This solution, based on lightweight multi-platform agents, provides the following capabilities: Log management and analysis: Wazuh agents read operating...

Hyperfox - HTTP/HTTPs MITM proxy and traffic recorder with on-the-fly TLS cert generation

Hyperfox is a security tool for proxying and recording HTTP and HTTPs communications on a LAN. Hyperfox is capable of forging SSL certificates on the fly if you provide it with a root CA certificate and its corresponding key. If the target machine recognizes the root CA as trusted, then HTTPs...

CALDERA - Automated Adversary Emulation System

CALDERA is an automated adversary emulation system that performs post-compromise adversarial behavior within enterprise networks. It generates plans during operation using a planning system and a pre-configured adversary model based on the Adversarial Tactics, Techniques & Common Knowledge ATT&CK...

OWASP ZAP 2.7.0 - Penetration Testing Tool for Testing Web Applications

The OWASP Zed Attack Proxy ZAP is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It...

Droidefense - Advance Android Malware Analysis Framework

Droidefense originally named atom: a nalysis t hrough o bservation m achine is the codename for android apps/malware analysis/reversing tool. It was built focused on security issues and tricks that malware researcher have on they every day work. For those situations on where the malware has...

dirsearch v0.3.8 - Brute Force Directories and Files in Websites

dirsearch is a simple command line tool designed to brute force directories and files in websites. Operating Systems supported Windows XP/7/8/10 GNU/Linux MacOSX Features Multithreaded Keep alive connections Support for multiple extensions -e|--extensions asp,php Reporting plain text, JSON...

wildPwn - Brute forcer and shell deployer for WildFly (JBoss AS)

WildFly, formerly known as JBoss AS, or simply JBoss, is an application server authored by JBoss, now developed by Red Hat. WildFly is written in Java, and implements the Java Platform, Enterprise Edition Java EE specification. It runs on multiple platforms. WildFly is free and open-source...

Tiredful API - An intentionally designed broken web application based on REST API

Tiredful API is intentionally designed broken app. The aim of this web app is to teach developers, QA or security professionals about flaws present in webservices REST API due to insecure coding practice. Who can use Tiredful API? Web developers Web Pentesters Security Professionals Student What ...

ProcDump for Linux - A Linux version of the ProcDump Sysinternals tool

ProcDump is a Linux reimagining of the classic ProcDump tool from the Sysinternals suite of tools for Windows. ProcDump provides a convenient way for Linux developers to create core dumps of their application based on performance triggers. Installation & Usage Requirements Minimum OS: Ubuntu 14.0...

QuasarRAT - Remote Administration Tool for Windows

Quasar is a fast and light-weight remote administration tool coded in C. Providing high stability and an easy-to-use user interface, Quasar is the perfect remote administration solution for you. Features TCP network stream IPv4 & IPv6 support Fast network serialization NetSerializer Compressed...

ShellcodeToAssembly - Transform your Shellcode to Assembly (ARM, ARM64, MIPS, PPC, X86)

Transform your Shellcode to Assembly ARM, ARM64, MIPS, PPC, X86 Replace in shellcodetoasm.py with your shellcode. shellcode = '' Installation git clone https://github.com/blacknbunny/ShellcodeToAssembly.git && cd ShellcodeToAssembly/ && pip install -r requirements.txt && python2 shellcodetoasm.py...

Linux Expl0rer - Easy-To-Use Live Forensics Toolbox For Linux Endpoints

Easy-to-use live forensics toolbox for Linux endpoints written in Python & Flask. Capabilities ps View full process list Inspect process memory map & fetch memory strings easly Dump process memory in one click Automaticly search hash in public services VirusTotal AlienVault OTX users users list...

CryKeX - Linux Memory Cryptographic Keys Extractor

CryKeX - Linux Memory Cryptographic Keys Extractor Properties: Cross-platform Minimalism Simplicity Interactivity Compatibility/Portability Application Independable Process Wrapping Process Injection Dependencies: Unix - should work on any Unix-based OS BASH - the whole script root privileges...

N4xD0rk - Listing Subdomains About A Main Domain

Listing subdomains about the main domain using the technique called Hacking with search engines. Usage usage: n4xd0rk.py -h -d DOMAIN -i IP -o OPTION -n SEARCH -e EXPORT -l LANGUAGE This script searchs the subdomains about a domain using the results indexed of Bing search. optional arguments: -h,...

BootStomp - A Bootloader Vulnerability Finder

BootStomp is a boot-loader bug finder. It looks for two different class of bugs: memory corruption and state storage vulnerabilities. For more info please refer to the BootStomp paper at https://seclab.cs.ucsb.edu/academic/publishing/bootstomp-security-bootloaders-mobile-devices-2017 To run...

w3af - Web Application Attack and Audit Framework

w3af is an open source web application security scanner which helps developers and penetration testers identify and exploit vulnerabilities in their web applications. The scanner is able to identify 200+ vulnerabilities, including Cross-Site Scripting, SQL injection and OS commanding. Identify an...

Needl - Take Back Your Privacy. Lose Yourself In The Haystack.

Take back your privacy. Lose yourself in the haystack. Your ISP is most likely tracking your browsing habits and selling them to marketing agencies albeit anonymised. Or worse, making your browsing history available to law enforcement at the hint of a Subpoena. Needl will generate random Internet...

V3n0M-Scanner - Popular Pentesting scanner for SQLi/XSS/LFI/RFI and other Vulns

V3n0M is a free and open source scanner. Evolved from baltazar's scanner, it has adapted several new features that improve fuctionality and usability. It is mostly experimental software. This program is for finding and executing various vulnerabilities. It scavenges the web using dorks and...

InSpy - A Linkedin Enumeration Tool

InSpy is a python based LinkedIn enumeration tool. Inspy has two functionalities: TechSpy and EmpSpy. TechSpy - Crawls LinkedIn job listings for technlogoies used by the provided company. InSpy attempts to identify technologies by matching job descriptions to keywords from a new line delimited...

Sublist3r v1.0 - Fast subdomains enumeration tool for penetration testers

Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Sublist3r enumerates subdomains using many search engines such as Google, Yahoo, Bing, Baidu, and Ask...

Syhunt ScanTools 6.0 - Console Web Vulnerability Scan Tools

Syhunt ScanTools 6.0 adds advanced fingerprinting capabilities, enhanced spidering, injection and code scan capabilities, and a large number of improved checks. Adds the display of Hybrid, Dynamic and Code detailed scan statistics to the command-line tools. New fingerprinting capabilities - Becau...

Dr0p1t-Framework 1.3.2.1 - A Framework That Creates An Advanced FUD Dropper With Some Tricks

Have you ever heard about trojan droppers ? In short dropper is type of malware that downloads other malwares and Dr0p1t gives you the chance to create a stealthy dropper that bypass most AVs and have a lot of tricks. Features + Generated executable properties: The executable size is smaller...

CMSsc4n - Tool to identify if a domain is a CMS such as Wordpress, Moodle, Joomla, Drupal or Prestashop

Tool to identify if a domain is a CMS such as Wordpress, Moodle, Joomla, Drupal or Prestashop. Use python cmssc4n.py -h / | / |/ | | || | | | | \ / | | || | | | | |/| |\ / |/ | | ' \ | || | | | \ \ | | | | | | || ||/|/| || || || Tool to scan if a domain is a CMS Wordpress , Drupal, Joomla,...

Shodanwave - Exploring and Obtaining Information from Netwave IP Camera

Shodanwave is a tool for exploring and obtaining information from cameras specifically Netwave IP Camera. The tool uses a search engine called shodan that makes it easy to search for cameras online. What does the tool to? Look, a list! Search Brute force SSID and WPAPSK Password Disclosure E-mail...

0d1n v2.5 - Web Security Tool to Make Fuzzing at HTTP/S

Web security tool to make fuzzing at HTTP inputs, made in C with libCurl. 0d1n is a tool for automating customized attacks against web applications. You can do: Brute force passwords in auth forms Directory disclosure use PATH list to brute, and find HTTP status code Test list on input to find SQ...

Hijacker v1.4 - All-in-One Wi-Fi Cracking Tools for Android

Hijacker is a Graphical User Interface for the penetration testing tools Aircrack-ng , Airodump-ng , MDK3 and Reaver. It offers a simple and easy UI to use these tools without typing commands in a console and copy&pasting MAC addresses. This application requires an ARM android device with a...

HonSSH - Log all SSH communications between a client and server

HonSSH is a high-interaction Honey Pot solution. HonSSH will sit between an attacker and a honey pot, creating two separate SSH connections between them. Features Captures all connection attempts to a text file, database or email alerts. When an attacker sends a password guess, HonSSH can...

WebDavC2 - A WebDAV C2 Tool

WebDavC2 is a PoC of using the WebDAV protocol with PROPFIND only requests to serve as a C2 communication channel between an agent, running on the target system, and a controller acting as the actuel C2 server. Architecture WebDavC2 is composed of: a controller, written in Python, which acts as t...

difuze - Fuzzer for Linux Kernel Drivers

Fuzzer for Linux Kernel Drivers Tested on Ubuntu = 14.04.5 LTS As explained in our paper, There are two main components of difuze: Interface Recovery and Fuzzing Engine 1. Interface Recovery The Interface recovery mechanism is based on LLVM analysis passes. Every step of interface recovery are...

XSSSNIPER - An Automatic XSS Discovery Tool

XSSSNIPER is an handy xss discovery tool with mass scanning functionalities. Usage: Usage: xsssniper.py options Options: -h, --help show this help message and exit -u URL, --url=URL target URL --post try a post request to target url --data=POSTDATA post data to use --threads=THREADS number of...

arp-validator - Security Tool To Detect ARP Poisoning Attacks

Security Tool to detect arp poisoning attacks. Features Uses a faster approach in detection of arp poisoning attacks compared to passive approaches Detects not only presence of ARP Poisoning but also valid IP-MAC mapping when LAN hosts are using non-customized network stack Stores validated host...

Bucket Stream - Find interesting Amazon S3 Buckets by watching certificate transparency logs

Find interestingAmazon S3 Buckets by watching certificate transparency logs. This tool simply listens to various certificate transparency logs via certstream and attempts to find public S3 buckets from permutations of the certificates domain name. Some quick tips if you use S3 buckets: 1. Randomi...

M3UAScan - A Scanner for M3UA protocol to detect Sigtran supporting nodes

A Scanner for M3UA protocol to detect Sigtran supporting nodes M3UA stands for MTP Level 3 MTP3 User Adaptation Layer as defined by the IETF SIGTRAN working group in RFC 4666 .M3UA enables the SS7 protocol's User Parts e.g. ISUP, SCCP and TUP to run over IP instead of telephony equipment like ISD...

WhatWeb v0.4.9 - Next Generation Web Scanner

WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content management systems CMS, blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1700...

Cr3dOv3r v0.2 - Know The Dangers Of Credential Reuse Attacks

Your best friend in credential reuse attacks. Cr3dOv3r simply you give it an email then it does two simple jobs but useful : Search for public leaks for the email and if it any, it returns with all available details about the leak Using hacked-emails site API. Now you give it this email's old or...

Amber - POC Reflective PE Packer

Amber is a proof of concept packer, it can pack regularly compiled PE files into reflective PE files that can be used as multi stage infection payloads. If you want to learn the packing methodology used inside the Amber check out below. PS: This is not a complete tool some things may break so tak...

WPSploit - WordPress Plugin Code Scanner

This tool is intended for Penetration Testers who audit WordPress plugins or developers who wish to audit their own WordPress plugins. For more info click here. Usage $ git clone https://github.com/m4ll0k/wpsploit.git $ cd wpsploit $ python wpsploit.py pluginfile.php or $ wget...

Pipe Finder - Automated script to search in SMB protocol for availables pipe names

Automated script to search in SMB protocol for availables pipe names. Requirements metasploit-framework wget pipeauditv2.rb module https://github.com/peterpt/pipeauditorfb - It will be installed on first run How to Run git clone https://github.com/peterpt/pipefinder.git cd pipefinder && ./pipef...

net-Shield - An Easy and Simple Anti-DDoS solution for VPS, Dedicated Servers and IoT devices

An Easy and Simple Anti-DDoS solution for VPS,Dedicated Servers and IoT devices based on iptables. Requirements Linux System with python, iptables Nginx Will be installed automatically by install.sh Quickstart Running as a standalone software No install.sh required via DryRun option -dry to only...

Zeus-Scanner - Advanced Reconnaissance Utility

Zeus is an advanced reconnaissance utility designed to make web application reconnaissance simple. Zeus comes complete with a powerful built-in URL parsing engine, multiple search engine compatibility, the ability to extract URLs from both ban and webcache URLs, the ability to run multiple...

TeleShadow v2 - Advanced Telegram Desktop Session Hijacker!

Advanced Telegram Desktop Session Hijacker! Stealing desktop telegrams has never been so easy ! Set the email and sender details of the sender and recipient and send it to the victim after compiling. How do I use the session file? Delete everything inside folder at...

ysoserial.net - Deserialization payload generator for a variety of .NET formatters

A proof-of-concept tool for generating payloads that exploit unsafe .NET object deserialization. Description ysoserial.net is a collection of utilities and property-oriented programming "gadget chains" discovered in common .NET libraries that can, under the right conditions, exploit .NET...

The Endorser - An OSINT tool that allows you to draw out relationships between people on LinkedIn via endorsements/skills

An OSINT tool that allows you to draw out relationships between people on LinkedIn via endorsements/skills. Check out the example digraph, which is based on mine and my colleagues David Prince LinkedIn profile. By glancing at the visualisation you can easily see, by the number of "arrows", there ...

DR.CHECKER - A Soundy Vulnerability Detection Tool for Linux Kernel Drivers

DR.CHECKER: A Soundy Vulnerability Detection Tool for Linux Kernel Drivers Tested on Ubuntu = 14.04.5 LTS 1. Setup The implementation is based on LLVM, specifically LLVM 3.8. We also need tools like c2xml to parse headers. First, make sure that you have libxml required for c2xml: sudo apt-get...

EmbedInHTML - Embed and hide any file in an HTML file

What this tool does is taking a file any type of file, encrypt it, and embed it into an HTML file as ressource, along with an automatic download routine simulating a user clicking on the embedded ressource. Then, when the user browses the HTML file, the embedded file is decrypted on the fly, save...