idb - Tool to simplify some common tasks for iOS pentesting and research

idb is a tool to simplify some common tasks for iOS pentesting and research. Originally there was a command line version of the tool, but it is no longer under development so you should get the GUI version. Installation idb has some prerequisites. As it turns out, things like ruby and Qt are...

Vision2 - Nmap's XML result parse and NVD's CPE correlation to search CVE

Nmap's XML result parse and NVD's CPE correlation to search CVE. You can use that to find public vulnerabilities in services... Nmap\s XML result parser and NVD's CPE correlation to search CVE Example: python vision2.py -f resultscan.xml -l 3 -o txt Coded by Mthbernades and CoolerVoid -...

XFLTReaT - Tunnelling Framework

This is just one thing of many things that was missing from the Internet. If you got tired of trying several tunnelling tools for each protocols, this must be your tool framework. Available modules TCP UDP ICMP SOCKS v4, 4a, 5 HTTP CONNECT DNS A/CNAME, PRIVATE, NULL - Proof of Concept Available...

DKMC - Malicious Payload Evasion Tool

Don't kill my cat is a tool that generates obfuscated shellcode that is stored inside of polyglot images. The image is 100% valid and also 100% valid shellcode. The idea is to avoid sandbox analysis since it's a simple "legit" image. For now the tool rely on PowerShell the execute the final...

PiFinger - Searches For Wifi-Pineapple Traces And Calculate Wireless Network Security Score

The purpose of this project is to determine whether the network we are connected for is opened by Wifi- Pineapple. In addition, the tool analyzes the wireless networks you have previously connected and gives you a security score. Features Is this network opened by pineapple? Have you been connect...

fses - Python Library To Scrap Url'S From Search Engines

Fucking Search Engines Scraper - python library to scrap url's from search engines Search Engines we scrap Ask Bing DuckDuck GO UOL Yahoo Install git clone https://github.com/mthbernardes/fses.git cd fses pip install -r requeriments.txt Usage Simple search using Ask from searchEngines.ask import...

NMapGUI - Advanced Graphical User Interface for NMap

NMapGUI is an advanced graphical user interface for NMap network analysis tool. It allows to extend and ease the typical usage of NMap by providen a visual and fast interface with the application. If you have any questions about NMapGUI usage or want to get in contact with me, please visit: Twitt...

Python Taint - A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

Static analysis of Python web applications based on theoretical foundations Control flow graphs, fixed point, dataflow analysis Features Detect Command injection Detect SQL injection Detect XSS Detect directory traversal Get a control flow graph Get a def-use and/or a use-def chain Search GitHub...

UniByAv - Shellcode Obfuscator Anti-Virus Friendly

UniByAv is a simple obfuscator that take raw shellcode and generate executable that are Anti-Virus friendly. The obfuscation routine is purely writtend in assembly to remain pretty short and efficient. In a nutshell the application generate a 32 bits xor key and brute force the key at run time th...

Luckystrike - A PowerShell based utility for the creation of malicious Office macro documents

A PowerShell based utility for the creation of malicious Office macro documents. To be used for pentesting or educational purposes only. Luckystrike is a menu-drive SET style PowerShell-based generator of malicious .xls and .doc documents. All your payloads are saved into a database for easy...

Demiguise - HTA Encryption Tool for RedTeams

What does it do? The aim of this project is to generate .html files that contain an encrypted HTA file. The idea is that when your target visits the page, the key is fetched and the HTA is decrypted dynamically within the browser and pushed directly to the user. This is an evasion technique to ge...

D0xk1t - Web-based OSINT and Active Reconaissance Suite

Active reconnaissance, information gathering and OSINT built in a portable web application. 1.0 Introduction 1. What is this? D0xk1t is an open-source , self-hosted and easy to use OSINT and active reconnaissance web application for penetration testers. Based off of the prior command-line script,...

sdnpwn - An SDN Penetration Testing Toolkit

The Open Networking Foundation defines SDN as “The physical separation of the network control plane from the forwarding plane, and where a control plane controls several devices”. What this means is that the decision making which would traditionally be performed by a router or a switch i.e...

WSSiP - Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa

Short for "WebSocket/Socket.io Proxy", this tool, written in Node.js, provides a user interface to capture, intercept, send custom messages and view all WebSocket and Socket.IO communications between the client and server. Upstream proxy support also means you can forward HTTP/HTTPS traffic to an...

Tulpar - Web Vulnerability Scanner

Tulpar is a open source web vulnerability scanner for written to make web penetration testing automated. Features Sql Injection GET Method XSS GET Method Crawl E-mail Disclosure Credit Card Disclosure Whois Command Injection GET Method Directory Traversal GET Method File Include GET Method Server...

BlackArch Linux v2017.08.30 - Penetration Testing Distribution

BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers. The repository contains 1859 tools. You can install tools individually or in groups. BlackArch Linux is compatible with existing Arch installs. ChangeLog: added more than 50 new tools bugfix:...

EvilAbigail - Automated Linux Evil Maid Attack

Automated Linux evil maid attack Scenario Laptop left turned off with FDE turned on Attacker boots from USB/CD/Network Script executes and backdoors initrd User returns to laptop, boots as normal Backdoored initrd loads: Debian/Ubuntu/Kali .so file into /sbin/init on boot, dropping a shell...

RedSnarf - A Pen-Testing / Red-Teaming Tool For Windows Environments

RedSnarf is a pen-testing / red-teaming tool by Ed Williams for retrieving hashes and credentials from Windows workstations, servers and domain controllers using OpSec Safe Techniques. RedSnarf functionality includes: Retrieval of local SAM hashes Enumeration of user/s running with elevated syste...

Wordpresscan - WPScan rewritten in Python + some WPSeku ideas

A simple Wordpress scanner written in python based on the work of WPScan Ruby version Install & Launch Dependencies pip install requests pip install tornado Install git clone https://github.com/swisskyrepo/Wordpresscan.git cd Wordpresscan Example 1 : Basic update and scan of a wordpress python...

DSSS - Damn Small SQLi Scanner

Damn SmallSQLi Scanner DSSS is a fully functional SQL injection vulnerability scanner supporting GET and POST parameters written in under 100 lines of code. As of optional settings it supports HTTP proxy together with HTTP header values User-Agent, Referer and Cookie. Sample runs $ python dsss.py...

Comission - WhiteBox CMS Analysis

CoMisSion is a tool to quickly analyze a CMS setup. The tool: checks for the core version; looks for the last core version; looks for vulnerabilities in core version used; checks for plugins version; looks for vulnerabilities in plugins version used; A complete report can be generated in XLSX or...

Sobelow - Security-Focused Static Analysis for the Phoenix Framework

Sobelow is a security-focused static analysis tool for the Phoenix framework. For security researchers, it is a useful tool for getting a quick view of points-of-interest. For project maintainers, it can be used to prevent introducing a number of common vulnerabilities. Currently Sobelow detects...

SQLMap v1.1.8 - Automatic SQL Injection And Database Takeover Tool

SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...

Nili - Tool for Network Scan, Man in the Middle, Protocol Reverse Engineering and Fuzzing

Nili is a Tool for Network Scan, Man in the Middle, Protocol Reverse Engineering and Fuzzing. Prerequisites Python - Python Programming Language Scapy - Interactive Packet Manipulation Program Netzob - Protocol Reverse Engineering, Modeling and Fuzzing Installing Here is some Instructions for...

DELTA - SDN Security Evaluation Framework

DELTA is a penetration testing framework that regenerates known attack scenarios for diverse test cases. This framework also provides the capability of discovering unknown security problems in SDN by employing a fuzzing technique. Agent-Manager is the control tower. It takes full control over all...

WINspect - Powershell-based Windows Security Auditing Toolbox

WINspect is part of a larger project for auditing different areas of Windows environments. It focuses on enumerating different parts of a Windows machine aiming to identify security weaknesses and point to components that need further hardening. The main targets for the current version are...

AVPASS - Tool For Leaking And Bypassing Android Malware Detection System

AVPASS is a tool for leaking the detection model of Android malware detection systems i.e., antivirus software, and bypassing their detection logics by using the leaked information coupled with APK obfuscation techniques. AVPASS is not limited to detection features used by detection systems, and...

BinaryAlert - Serverless, Real-time & Retroactive Malware Detection

BinaryAlert is an open-source serverless AWS pipeline where any file uploaded to an S3 bucket is immediately scanned with a configurable set of YARA rules. An alert will fire as soon as any match is found, giving an incident response team the ability to quickly contain the threat before it spread...

LANs.py - Inject Code, Jam Wifi, And Spy on Wifi Users

LANs.py Automatically find the most active WLAN users then spy on one of them and/or inject arbitrary HTML/JS into pages they visit. Individually poisons the ARP tables of the target box, the router and the DNS server if necessary. Does not poison anyone else on the network. Displays all most the...

ike-scan - Discover and fingerprint IKE hosts (IPsec VPN Servers)

Discover and fingerprint IKE hosts IPsec VPN Servers. Building and Installing ike-scan uses the standard GNU autoconf and automake tools, so installation is the normal process: Run git clone https://github.com/royhills/ike-scan.git to obtain the project source code Run cd ike-scan to enter source...

Knockpy - Enumerate Subdomain Scanner

Knockpy is a python tool designed to enumerate subdomains on a target domain through a wordlist. It is designed to scan for DNS zone transfer and to try to bypass the wildcard DNS record automatically if it is enabled. Now knockpy supports queries to VirusTotal subdomains, you can setting the...

iWant - CLI Based Decentralized Peer To Peer File Sharing

A commandline tool for searching and downloading files in LAN network, without any central server. Features Decentralized : There is no central server hosting files. Therefore, no central point of failure Easydiscovery of files: As easy as searching for something in Google. File download from...

Posh-SSH - PowerShell Module for automating tasks on remote systems using SSH

Windows Powershell module that leverages a custom version of the SSH.NET Library http://sshnet.codeplex.com/ to provide basic SSH functionality in Powershell. The main purpose of the module is to facilitate automating actions against one or multiple SSH enabled servers. This module is for Windows...

WPScan v2.9.4 - Black Box WordPress Vulnerability Scanner

WPScan is a black box WordPress vulnerability scanner. INSTALL WPScan comes pre-installed on the following Linux distributions: BackBox Linux Kali Linux Pentoo SamuraiWTF BlackArch On macOS WPScan is packaged by Homebrew as wpscan. Windows is not supported We suggest you use the official Docker...

mitm-router - Man-in-the-middle Wireless Access Point Inside a Docker Container

Turn any linux computer into a public Wi-Fi network that silently mitms all http traffic. Runs inside a Docker container using hostapd, dnsmasq, and mitmproxy to create a open honeypot wireless network named "Public". For added fun, change the network name to "xfinitywifi" to autoconnect anyone w...

Portia - Automate Techniques Commonly Performed On Internal Network Penetration Tests

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised: Privilege escalation Lateral movement Convenience modules Portia is a genus of jumping spider that feeds on other spiders - known for their...

Bytecode Viewer - A Java 8 Jar & Android Apk Reverse Engineering Suite (Decompiler, Editor, Debugger & More)

Bytecode Viewer is an Advanced Lightweight Java Bytecode Viewer, GUI Java Decompiler, GUI Bytecode Editor, GUI Smali, GUI Baksmali, GUI APK Editor, GUI Dex Editor, GUI APK Decompiler, GUI DEX Decompiler, GUI Procyon Java Decompiler, GUI Krakatau, GUI CFR Java Decompiler, GUI FernFlower Java...

EggShell - iOS/macOS Remote Administration Tool

EggShell is an iOS and macOS post exploitation surveillance pentest tool written in Python. This tool creates 1 line multi stage payloads that give you a command line session with extra functionality. EggShell gives you the power and convenience of uploading/downloading files, taking pictures,...

Cansina - Web Content Discovery Tool

Cansina is a Web Content Discovery Application. It is well known Web applications don't publish all their resources or public links, so the only way to discover these resources is requesting for them and check the response. Cansina duty is to help you making requests and filtering the responses t...

dockerscan - Docker Security Analysis and Hacking Tools

What's dockerscan A Docker analysis tools Very quick install python3.5 -m pip install -U pip python3.5 -m pip install dockerscan Show options: dockerscan -h Available actions Currently Docker Scan support these actions: Scan: Scan a network trying to locate Docker Registries Registry Delete: Dele...

Udp2raw-tunnel - A UDP Tunnel which tunnels UDP via FakeTCP/UDP/ICMP Traffic by using Raw Socket [Bypass UDP FireWalls]

A UDP Tunnel which tunnels UDP via FakeTCP/UDP/ICMP Traffic by using Raw Socket, helps you Bypass UDP FireWalls or Unstable UDP Environment. Its Encrypted, Anti-Replay and Multiplexed.It also acts as a Connection Stabilizer. Support Platforms A Linux host including desktop Linux, Android...

faker.js - Generate Massive Amounts of Fake Data

Generate massive amounts of fake data in Node.js and the browser. Demo https://cdn.rawgit.com/Marak/faker.js/master/examples/browser/index.html Hosted API Microservice http://faker.hook.io Supports all Faker API Methods Full-Featured Microservice Hosted by hook.io curl...

SJET - JMX Exploitation Toolkit

Java Management Extensions JMX is a Java technology that supplies tools for managing and monitoring applications, system objects, devices such as printers and service-oriented networks. Those resources are represented by objects called MBeans for Managed Bean. In the API, classes can be dynamical...

Plecost v1.1.1 - Wordpress Finger Printer Tool

What's Plecost? Plecost is a vulnerability fingerprinting and vulnerability finder for Wordpress blog engine. Why? There are a huge number of Wordpress around the world. Most of them are exposed to be attacked and be converted into a virus, malware or illegal porn provider, without the knowledge ...

Algo VPN - Set up a personal IPSEC VPN in the cloud

Algo VPN is a set of Ansible scripts that simplify the setup of a personal IPSEC VPN. It uses the most secure defaults available, works with common cloud providers, and does not require client software on most devices. Features Supports only IKEv2 with strong crypto: AES-GCM, SHA2, and P-256...

Koadic - COM Command & Control Framework (JScript RAT)

Koadic, or COM Command & Control, is a Windows post-exploitation rootkit similar to other penetration testing tools such as Meterpreter and Powershell Empire. The major difference is that Koadic does most of its operations using Windows Script Host a.k.a. JScript/VBScript, with compatibility in t...

SweetSecurity - Network Security Monitoring on Raspberry Pi type devices

Scripts to setup and install Bro IDS, Elasticsearch, Logstash, Kibana, and Critical Stack on any device. Getting Sweet Security Either download the Github repository manually, or clone the repo with the following command: $ git clone https://github.com/travisfsmith/sweetsecurity Prerequisites Mos...

PiSavar - Detects PineAP Module and Starts Deauthentication Attack (for fake access points)

The goal of this project is to find out the fake access points opened by the WiFi pineapple device using the PineAP module and to prevent clients from being affected by initiating a deauthentication attack to the attacking device. How PineAP Module Works Collects SSID information Creates SSID poo...

PyStat - Advanced Netstat Using Python For Windows

PyStat is an Advanced Netstat Using Python For Windows. Features Know remote address of process Know remote ports of process Know which user using process along with title & PID Changelogs: Auto Install python modules support added in install.py Installation Guide: Download the .zip file Extract...

MeterSSH v2.0 - Take Shellcode and Inject It Into Memory Over SSH

MeterSSH is a way to take shellcode, inject it into memory then tunnel whatever port you want to over SSH to mask any type of communications as a normal SSH connection. The way it works is by injecting shellcode into memory, then wrapping a port spawned meterpeter in this case by the shellcode ov...