idb - iOS App Security Assessment Tool

idb is a tool to simplify some common tasks for iOS app security assessments and research. Please see the Documentation for a more detailed summary of each function. Features Assessment Setup SSH port forwarding Installation of helper utilities App Information Bundle information Registered URL...

Dripcap - Caffeinated Packet Analyzer

Caffeinated packet analyzer. Dripcap is a modern packet analyzer based on Electron. Getting Started Download & Install Capturing Packet Filtering Display Filter Syntax Advanced Usage Build from source Import Pcap Files Install Add-on Packages Create & Publish Your Package Create Theme Package...

XSSER - From XSS to RCE

From XSS to RCE 2.5 - Black Hat Europe Arsenal 2016 Demo Version 2.0 - 2015: https://www.youtube.com/playlist?list=PLIjb28IYMQgqqqApoGRCZO40vP-eKsgf Version 2.5 - 2016: https://www.youtube.com/playlist?list=PLRic6PgcrsWGkgacL6WFnSQKVRZIoofRj Requirements Python 2.7., version 2.7.11 was used for...

Fireaway - Next Generation Firewall Audit and Bypass Tool

Fireaway is a tool for auditing, bypassing, and exfiltrating data against layer 7/AppID inspection rules on next generation firewalls. These tactics are based on the principle of having to allow connections to establish through the NGFW in order to see layer 7 data to filter, as well as spoofing...

NEET - Network Enumeration and Exploitation Tool

Neet is a flexible, multi-threaded tool for network penetration testing. It runs on Linux and co-ordinates the use of numerous other open-source network tools, with the aim of gathering as much network information as possible in clear, easy-to-use formats. The core scanning engine finds and...

Vproxy - Forward HTTP/S Traffic To Proxy Instance

If you are familiar with mobile penetration testing and you did one before, you probably came across this kind of situation when you want to intercept the application HTTP or HTTPS traffic using your favorite proxy tool such as Burp Suite, Fiddler, Charles , etc. After modifying the WIFI connecti...

Faraday v2.2 - Collaborative Penetration Test and Vulnerability Management Platform

Faraday is the Integrated Multiuser Risk Environment you were looking for! It maps and leverages all the knowledge you generate in real time, letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the impact and risk being assessed by the audit in real-time...

F-Scrack - A Single File Bruteforcer Supports Multi-Protocol

F-Scrack is a single file bruteforcer supports multi-protocol, no extra library requires except python standard library, which is ideal for a quick test. Currently support protocol: FTP, MySQL, MSSQL，MongoDB，Redis，Telnet，Elasticsearch，PostgreSQL. Compatible with OSX, Linux, Windows, Python 2.6+...

Metasploitable3 - An Intentionally Vulnerable Machine for Exploit Testing

Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities. It is intended to be used as a target for testing exploits with metasploit . Metasploitable3 is released under a BSD-style license. See COPYING for more details. Building Metasploitable 3...

Brutal - Toolkit to quickly create various Payload, PowerShell Attack, Virus Attack and Launch Listener for a HID

Brutal is extremely useful for executing scripts on a target machine without the need for human-to-keyboard interaction HID -ATTACK .When you insert the device, it will be detected as a keyboard, and using the microprocessor and onboard flash memory storage, you can send a very fast set of...

httpstat - Curl Statistics Made Simple

httpstat visualizes curl1 statistics in a way of beauty and clarity. It is a single file Python script that has no dependency and is compatible with Python 3. Installation There are three ways to get httpstat : Download the script directly: wget...

deep-pwning - Metasploit for Machine Learning

Deep-pwning is a lightweight framework for experimenting with machine learning models with the goal of evaluating their robustness against a motivated adversary. Note that deep-pwning in its current state is no where close to maturity or completion. It is meant to be experimented with, expanded...

brut3k1t - Server-side Brute-force Module (ssh, ftp, smtp, facebook, and more)

Server-side brute-force module. Brute-force dictionary attack, jk attack that supports multiple protocols and services. 1. Introduction brut3k1t is a server-side bruteforce module that supports dictionary attacks for several protocols. The current protocols that are complete and in support are:...

slowloris - Low bandwidth DoS tool

Slowloris is basically an HTTP Denial of Service attack that affects threaded servers. It works like this: 1. We start making lots of HTTP requests. 2. We send headers periodically every 15 seconds to keep the connections open. 3. We never close the connection unless the server does so. If the...

Acunetix v11 - Web Application Security Testing Tool

London, UK – November 2016 – Acunetix, the pioneer in automated web application security software, has announced the release of version 11. New integrated vulnerability management features extend the enterprise’s ability to comprehensively manage, prioritise and control vulnerability threats –...

WinMACSpoofer - Windows Tool For Spoofing The Mac Address

Windows application for spoofing the MAC address and host name. Usage The program must be run in "administrator mode" for the functions to work properly 1. Set a new Random MAC address Press the randomize button to generate a random MAC address Click the random radio button and hit "Set New Mac" ...

creak - Poison, Reset, Spoof, Redirect MITM Script

Performs some of the most famous MITM attack on target addresses located in a local network. Among these, deny navigation and download capabilities of a target host in the local network performing an ARP poison attack and sending reset TCP packets to every request made to the router. Born as a...

myLG - Network Diagnostic Tool

myLG is an open source software utility which combines the functions of the different network probes in one network diagnostic tool. Features Popular looking glasses ping/trace/bgp: Telia, Level3 More than 200 countries DNS Lookup information Local ping and real-time trace route Packet analyzer -...

jSQL Injection v0.77 - Java application for automatic SQL database injection

jSQL Injection is a lightweight application used to find database information from a distant server. It's is free , open source and cross-platform Windows, Linux, Mac OS X. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in distributions lik...

PsTools - Utilities for listing the processes running on remote computers, running processes remotely, rebooting computers, and more

The PsTools suite includes command-line utilities for listing the processes running on local or remote computers, running processes remotely, rebooting computers, dumping event logs, and more. Introduction The Windows NT and Windows 2000 Resource Kits come with a number of command-line tools that...

CuckooDroid - Automated Android Malware Analysis with Cuckoo Sandbox

CuckooDroid is an extension of Cuckoo Sandbox the Open Source software for automating analysis of suspicious files, CuckooDroid brigs to cuckoo the capabilities of execution and analysis of android application. Installation - Easy integration script: git config --global user.email...

needle - The iOS Security Testing Framework

Needle is an open source, modular framework to streamline the process of conducting security assessments of iOS apps. Description Assessing the security of an iOS application typically requires a plethora of tools, each developed for a specific need and all with different modes of operation and...

hget - Rocket Fast, Interruptable, Resumable Download Accelerator

Rocket fast download accelerator written in golang. Current program working in unix system only. NOTE : hget is currently on highly development, its usage, architecture and code may change anytime at the future. It would be great if you can contribute whatever features that you want to use, I wil...

geoip-attack-map - Cyber Security GeoIP Attack Map Visualization

This geoip attack map visualizer was developed to display network attacks on your organization in real time. The data server follows a syslog file, and parses out source IP, destination IP, source port, and destination port. Protocols are determined via common ports, and the visualizations vary i...

WAFNinja - Penetration testers favorite for WAF Bypassing

WAFNinja is a CLI tool written in Python. It shall help penetration testers to bypass a WAF by automating steps necessary for bypassing input validation. The tool was created with the objective to be easily extendible, simple to use and usable in a team environment. Many payloads and fuzzing...

Hoper - Trace URL's jumps across the rel links to obtain the last URL

It shows all the hops that makes a url you specify to reach its endpoint. For example if you want to see the entire trip by email URL or like a URL shorten. Hoper returns you all URLs redirections. Installation $ gem install hoper Usage Type in your command line: $ hoper url Development After...

RecuperaBit - A Tool For Forensic File System Reconstruction

A software which attempts to reconstruct file system structures and recover files. Currently it supports only NTFS. RecuperaBit attempts reconstruction of the directory structure regardless of: missing partition table unknown partition boundaries partially-overwritten metadata quick format You ca...

OpenDoor - OWASP Directory Access Scanner

This application scans the site directories and find all possible ways to login, empty directories and entry points. Scans conducted in the dictionary that is included in this application. This software is written for informational purposes and is an open source product under the GPL license...

Radium-Keylogger - Python keylogger with multiple features

Python keylogger with multiple features. Features Applications and keystrokes logging Screenshot logging Drive tree structure Logs sending by email Password Recovery for Chrome Mozilla Filezilla Core FTP CyberDuck FTPNavigator WinSCP Outlook Putty Skype Generic Network Cookie stealer Keylogger st...

Sniffles - Packet Capture Generator for IDS and Regular Expression Evaluation

Sniffles is a tool for creating packet captures that will test IDS that use fixed patterns or regular expressions for detecting suspicious behavior. Sniffles works very simply. It takes a set of regular expressions or rules and randomly chooses one regular expression or rule. It then generates...

Whitewidow 1.5.0 - SQL Vulnerability Scanner

Whitewidow is an open source automated SQL vulnerability scanner, that is capable of running through a file list, or can scrape Google for potential vulnerable websites. It allows automatic file formatting, random user agents, IP addresses, server information, multiple SQL injection syntax, and a...

GATTacker - BLE (Bluetooth Low Energy) Man-in-the-Middle

A Node.js package for BLE Bluetooth Low Energy security assessment using Man-in-the-Middle and other attacks. Prerequisites see: https://github.com/sandeepmistry/noble https://github.com/sandeepmistry/bleno Install npm install gattacker Usage Configure Running both components Set up variables in...

Lynis 2.4.0 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

Google Explorer - Google Mass Explorer

+Google Mass Explorer This is a automated robot for google search engine. Make a google search, and parse the results for a especific exploit you define. The options can be listed with --help parameter. Intro: This project is a main project that i will keep upgrading when new exploits are...

BORG - Terminal Based Search For Bash Snippets

Borg was built out of the frustration of having to leave the terminal to search and click around for bash snippets. Borg's succint output also makes it easy to glance over multiple snippets quickly. Search borg "find all txt" 1 Find and delete .txt files in bash a find . -name ".txt" | xargs rm b...

BinProxy - BinProxy is a proxy for arbitrary TCP connections

BinProxy is a proxy for arbitrary TCP connections. You can define custom message formats using the BinData gem. Installation Prerequisites Ruby 2.3 or later A C compiler, Ruby headers, etc., are needed to compile several dependencies. On Ubuntu, sudo apt install build-essential ruby-dev should do...

datasploit - A tool to perform various OSINT techniques

A tool to perform various OSINT techniques, aggregate all the raw data, visualise it on a dashboard, and facilitate alerting and monitoring on the data. Overview of the tool: Performs OSINT on a domain / email / username / phone and find out information from different sources. Correlates and...

PCILeech - Direct Memory Access (DMA) Attack Software

The PCILeech use the USB3380 chip in order to read from and write to the memory of a target system. This is achieved by using DMA over PCI Express. No drivers are needed on the target system. The USB3380 is only able to read 4GB of memory natively, but is able to read all memory if a kernel modul...

AutoBrowser 4.0 - AutoBrowser Screenshot of HTTP/s Based Ports

AutoBrowser is a tool written in python for penetration testers. The purpose of this tool is to create reportJson file and screenshots of http/s based ports on the network. you can choose between analyze Nmap reportXML file -oX or scan with Nmap, then the tool automaticly Check the results with...

ssh-audit - SSH Server Auditing

ssh-audit is a tool for ssh server auditing. Features SSH1 and SSH2 protocol server support; grab banner, recognize device or software and operating system, detect compression; gather key-exchange, host-key, encryption and message authentication code algorithms; output algorithm information...

Auto_EAP - Automated Brute-Force Login Attacks Against EAP Networks

AutoEAP.py is a script designed to perform automated brute-force authentication attacks against various types of EAP networks. These types of wireless networks provide an interface to facilitate password guessing of domain credentials as radius servers check authentication against Active Director...

BBQSQL - A Blind SQL Injection Exploitation Tool

Blind SQL injection can be a pain to exploit. When the available tools work they work well, but when they don't you have to write something custom. This is time-consuming and tedious. BBQSQL can help you address those issues. BBQSQL is a blind SQL injection framework written in Python. It is...

ir-rescue - A Windows Batch Script To Comprehensively Collect Host Forensic Data

ir-rescue is a lightweight Windows Batch script that collects a myriad of forensic data from 32-bit and 64-bit Windows systems while respecting the order of volatility and artifacts that are changed with the execution of the script e.g. , prefetch files. It is intended for incident response use a...

King Phisher 1.5.2 - Phishing Campaign Toolkit

King Phisher is a tool for testing and promoting user awareness by simulating real world phishing attacks. It features an easy to use, yet very flexible architecture allowing full control over both emails and server content. King Phisher can be used to run campaigns ranging from simple awareness...

WP Security Audit Log - The Ultimate WordPress Audit Trail Plugin

The WP Security Audit Log plugin is a WordPress plugin that keeps an audit trail of everything that happens on your WordPress and WordPress multisite network. There are several WordPress audit trail / log plugins available, tough we chose to review WP Security Audit Log because it is has the most...

Ruler - A Tool To Abuse Exchange Services

Ruler is a tool that allows you to interact with Exchange servers through the MAPI/HTTP protocol. The main aim is abuse the client-side Outlook mail rules as described in: Silentbreak blog Silentbreak did a great job with this attack and it has served us well. The only downside has been that it...

VBScan 0.1.7 - Black Box vBulletin Vulnerability Scanner

OWASP VBScan short for VBulletin Vulnerability Scanner is an opensource project in perl programming language to detect VBulletin CMS vulnerabilities and analyses them . Why OWASP VBScan ? If you want to do a penetration test on a vBulletin Forum, OWASP VBScan is Your best shot ever! This Project ...

DracOS - Lightweight and Powerful Penetration Testing OS

Dracos Linux www.dracos-linux.org is the Linux operating system from Indonesian , open source is built based on the Linux From Scratch under the protection of the GNU General Public License v3.0. This operating system is one variant of Linux distributions, which is used to perform security testin...

yawast - The YAWAST Antecedent Web Application Security Toolkit

YAWAST is an application meant to simplify initial analysis and information gathering for penetration testers and security auditors. It performs basic checks in these categories: TLS/SSL - Versions and cipher suites supported; common issues. Information Disclosure - Checks for common information...

arch-audit - An utility like pkg-audit for Arch Linux

An utility like pkg-audit for Arch Linux. Based on Arch CVE Monitoring Team data Uses data collected by the awesome Arch CVE Monitoring Team . Installation From AUR The PKGBUILD is available on AUR . After the installation just execute arch-audit . From sources git clone...