Whonix 13 - Anonymous Operating System

Whonix is a desktop operating system designed for advanced security and privacy. It realistically addresses attacks while maintaining usability. It makes online anonymity possible via fail-safe, automatic, and desktop-wide use of the Tor network. A heavily reconfigured Debian base is run inside...

Suricata 3.1 - Open Source IDS / IPS / NSM engine

Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation OISF. Suricata is developed by the OISF and its supporting vendors. Top 3 Reasons You Should Try Suricat...

Faraday v1.0.21 - Collaborative Penetration Test and Vulnerability Management Platform

Faraday is the Integrated Multiuser Risk Environment you were looking for! It maps and leverages all the knowledge you generate in real time, letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the impact and risk being assessed by the audit in real-time...

SimpleEmailSpoofer - A simple Python CLI to Spoof Emails (SPF/DMARC checking)

A few Python programs designed to help penetration testers with email spoofing. SimpleEmailSpoofer.py A program that spoofs emails. Currently in development spoofcheck.py A program that checks if a domain can be spoofed from. The program checks SPF and DMARC records for weak configurations that...

Scansploit - Tool for Injecting Malicious Payloads Into Barcodes (code128, QRCodes, DataMatrix and EAN13)

Tool for Injecting Malicious Payloads Into Barcodes Barcodes code128 QRCodes DataMatrix EAN13 Requirements Python3 PyStrich pip3 install pystrich Incase of jpeg error: sudo apt-get install libtiff5-dev zlib1g-dev libfreetype6-dev liblcms2-dev libwebp-dev tcl8.6-dev tk8.6-dev python-tk Pillow pip3...

lisa.py - An Exploit Dev Swiss Army Knife

lisa.py An Exploit Dev Swiss Army Knife. Installation Copy lisa.py and .lldbinit to / Use the following commands: ant4g0nist$ cp lisa.py /lisa.py ant4g0nist$ cp lldbinit /.lldbinit ant4g0nist$ lldb lllllll iiii l:::::l i::::i l:::::l iiii l:::::l l::::l iiiiiii ssssssssss aaaaaaaaaaaaa l::::l...

Pythem - Python Network/Pentesting Tool

PytheM is a python network/pentesting tool. Same has been developed in the hope that it will be useful and i don't take responsabillity of any misapplication of it. Only for GNU/Linux OS. Installation $sudo git clone https://github.com/m4n3dw0lf/PytheM/ $cd PytheM $sudo pip install -r...

THC-Hydra 8.2 - Network Logon Cracker

A very fast network logon cracker which support many different services. See feature sets and services coverage page - incl. a speed comparison against ncrack and medusa.Number one of the biggest security holes are passwords, as every password security study shows. This tool is a proof of concept...

Shadowd - Collection Of Tools To Detect, Record And Prevent Attacks On Web Applications

Shadow Daemon is a collection of tools to detect , record and prevent attacks on web application. Technically speaking, Shadow Daemon is a web application firewall that intercepts requests and filters out malicious parameters. It is a modular system that separates web application, analysis and...

BrowserBackdoor - Secure JavaScript WebSocket Backdoor and a Ruby Command-Line Listener

BrowserBackdoor is an Electron application that uses a JavaScript WebSocket Backdoor to connect to the listener. BrowserBackdoorServer is a WebSocket server that listens for incoming WebSocket connections and creates a command-line interface for sending commands to the remote system. The JavaScri...

RITM - Ruby In The Middle (HTTP/HTTPS Interception Proxy)

Ruby in the middle RITM is an HTTP/HTTPS interception proxy with on-the-fly certificate generation and signing, which leaves the user with the full power of the Ruby language to intercept and even modify requests and responses as she pleases. Installation gem install ritm Basic usage 1. Write you...

Lalin - Hackpack & Kali Linux Tools

Lalin is a remake of Lazykali by bradfreda with fixed bugs , added new features and uptodate tools . It's compatible with the latest release of Kali Rolling Changelog Lalin gets updated weekly with new features, improvements and bugfixes. Be sure to check out the Changelog How it works Extract Th...

XssPy - Web Application XSS Scanner

XssPy is a python tool for finding Cross Site Scripting vulnerabilities in websites. This tool is the first of its kind. Instead of just checking one page as most of the tools do, this tool traverses the website and find all the links and subdomains first. After that, it starts scanning each and...

Detux - The Multiplatform Linux Sandbox

Detux is a sandbox developed to do traffic analysis of the Linux malwares and capture the IOCs by doing so. QEMU hypervisor is used to emulate Linux Debian for various CPU architectures. The following CPUs are currently supported: x86 x86-64 ARM MIPS MIPSEL Use the Live version now:...

Firefox Security Toolkit - A Tool that Transforms Firefox Browsers into a Penetration Testing Suite

A tool that transforms Firefox Browsers into a penetration testing suite How? It downloads the most important extensions, and install it on your browser. The used extensions has been chosen by a survey among the information security community. Based on it's results, Firefox Security Toolkit was...

ArchStrike - Security Layer for Arch Linux

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x8664, ARMv6, and ARMv7. ArchStrike is a penetration testing and security layer on top of Arch Linux. We follow the Arch Linux standards very closely in order to keep our packages clean,...

Tails 2.4 - The Amnesic Incognito Live System

Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship almost anywhere you go and on any computer but leaving no trace unless you ask it to explicitly. It is a complete operating system designed to be used fr...

Tor Browser 6.0 - Everything you Need to Safely Browse the Internet

The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical...

Parrot OS 3.0 (Lithium) - Friendly OS designed for Pentesting, Computer Forensic, Hacking, Cloud pentesting, Privacy/Anonimity and Cryptography

Parrot Security OS is a cloud friendly operating system designed for Pentesting, Computer Forensic, Reverse engineering, Hacking, Cloud pentesting, privacy/anonimity and cryptography. Based on Debian and developed by Frozenbox network. Who can use it Parrot is designed for everyone, from the Pro...

WAFW00F - Identifies and Fingerprints Web Application Firewall (WAF) Products

WAFW00F allows one to identify and fingerprint Web Application Firewall WAF products protecting a website. How does it work? To do its magic, WAFW00F does the following: Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions If that is not successful, it...

Npcap - the Nmap Project's packet sniffing library for Windows

Npcap is an update of WinPcap to NDIS 6 Light-Weight Filter LWF technique. It supports Windows Vista, 7, 8 and 10 . It is sponsored by the Nmap Project and developed by Yang Luo under Google Summer of Code 2013 and 2015 . It also received many helpful tests from Wireshark and NetScanTools...

WifiChannelMonitor - Monitor APs and Wifi clients on selected channel (Monitor Mode) for Window

WifiChannelMonitor is a utility for Windows that captures wifi traffic on the channel you choose, using Microsoft Network Monitor capture driver in monitor mode, and displays extensive information about access points and the wifi clients connected to them. WifiChannelMonitor also allows you to vi...

Intercepter-NG v1.9 - Multifunctional Network Toolkit for Android

Intercepter-NG is a multifunctional network toolkit for various types of IT specialists. It has functionality of several famous separate tools and more over offers a good and unique alternative of Wireshark for android. The main features are: Network discovery with OS detection Network traffic...

BurpSuiteJSBeautifier - Burp Suite JavaScript Beautifier

Most of the websites compress their resources such as JS files in order to increase the loading speed. However, security testing and debugging a compressed resource is not an easy task. This is a Burp Suite open source extension which makes it possible to beautify most of the resources properly...

Bt2 - Blaze Telegram Backdoor Toolkit

bt2 is a Python-based backdoor in form of a IM bot that uses the infrastructure and the feature-rich bot API provided by Telegram, slightly repurposing its communication platform to act as a C&C. Dependencies Telepot requests Installation $ sudo pip install telepot $ sudo pip install requests PS:...

Faraday v1.0.20 - Collaborative Penetration Test and Vulnerability Management Platform

Faraday introduces a new concept - IPE Integrated Penetration-Test Environment a multiuser Penetration test IDE. Designed for distribution, indexation and analysis of the generated data during the process of a security audit. A brand new Faraday version is ready! Faraday v1.0.20 Community, Pro &...

WarBerryPi - Turn your Raspberry Pi into a War Machine

The WarBerry was built with one goal in mind; to be used in red teaming engagement where we want to obtain as much information as possible in a short period of time with being as stealth as possible. Just find a network port and plug it in. The scripts have been designed in a way that the approac...

stickyKeysHunter - A Script to Test an RDP Host for Sticky Keys and Utilman Backdoor

This bash script tests for sticky keys and utilman backdoors. The script will connect to an RDP server, send both the sticky keys and utilman triggers and screenshot the result. How does it work? 1. Connects to RDP using rdesktop 2. Sends shift 5 times using xdotool to trigger sethc.exe backdoors...

AutoNessus - Script to Communicate with Nessus API

This script communicates with the Nessus API in an attempt to help with automating scans. Depending on the flag issued with the script, you can list all scans, list all policies, start, stop, pause, and resume a scan. It may be helpful to create a cron job/scheduled task for automating the start ...

SMBCrunch - 3 Tools that Work Together to Simplify Reconaissance of Windows File Shares

One of the most time consuming tasks as a red teamer is diving into filesystems and shares, attempting to identify any potentially sensitive information. SMBCrunch allows a red teamer to quickly identify Windows File Shares in a network, performs a recursive directory listing of the provided...

Shellsploit - New Generation Exploit Development Kit

Shellsploit let's you generate customized shellcodes, backdoors, injectors for various operating system. And let's you obfuscation every byte via encoders. Install/Uninstall If you want to use Shellsploit, you have to install Capstone first. For the Capstone's installation: root$ sudo pip install...

Clair - Vulnerability Static Analysis for Containers

Clair is an open source project for the static analysis of vulnerabilities in appc and docker containers. Vulnerability data is continuously imported from a known set of sources and correlated with the indexed contents of container images in order to produce lists of vulnerabilities that threaten...

Doork - Google Dorks Passive Vulnerability Auditor

doork is a open-source passive vulnerability auditor tool that automates the process of searching on Google information about specific website based on dorks. doork can update his own database from ghdb and use it for find flaws without even contact the target endpoint. You can provide your custo...

transfer.sh - Easy and Fast File Sharing from the Command-line

Easy and fast file sharing from the command-line. This code contains the server with everything you need to create your own instance. Transfer.sh support currently the s3 Amazon S3 provider and local file system local. Usage Upload: $ curl --upload-file ./hello.txt https://transfer.sh/hello.txt...

EhTrace - Tool for Tracing Execution of Binaries on Windows

Eh'Trace pronounced ATrace is a binary tracing tool for Windows. Implemented in C but has some interesting properties that may make it suitable for tracing binaries when other methods are not sufficient, in particular EhTrace does not require changes to a binary to enable traces, despite being ab...

Netdata - Real-Time Performance Monitoring

netdata is a highly optimized Linux daemon providing real-time performance monitoring for Linux systems, Applications, SNMP devices, over the web ! It tries to visualize the truth of now , in its greatest detail , so that you can get insights of what is happening now and what just happened, on yo...

WiFi-Pumpkin v0.7.5 - Framework for Rogue Wi-Fi Access Point Attack

WiFi-Pumpkin is a security tool that provides the Rogue access point to Man-In-The-Middle and network attacks. Installation Kali 2.0/WifiSlax 4.11.1/Parrot 2.0.5 Python 2.7 git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git cd WiFi-Pumpkin chmod +x installer.sh ./installer.sh --install refer t...

Marfil - An Extension of the Aircrack-ng Suite used to assess WiFi Network Security

Marfil is an extension of the Aircrack-ng suite, used to assess WiFi network security. It allows to split the work of performing long running dictionary attacks among many computers. Motivation The Aircrack-ng suite provides the aircrack-ng tool, which is a 802.11 WEP and WPA/WPA2-PSK key crackin...

CJExploiter - Drag and Drop ClickJacking Exploit Development Assistance Tool

CJExploiter is drag and drop ClickJacking exploit development assistance tool. First open the "index.html" with your browser locally and enter target URL and click on "View Site". You can dynamically create your own inputs. Finally by click the "Exploit It" you can see the P0C. Summery...

RSPET - Python Reverse Shell and Post Exploitation Tool

RSPET Reverse Shell and Post Exploitation Tool is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario. Features Remote Command Execution Trafic masking XORed insted of cleartext; for better results use port 4431 Built-in File/Binary transfer both...

Airgeddon - A Multi-use Bash Script for Linux Systems to Audit Wireless Networks

Features Interface mode switcher Monitor-Managed. DoS over wireless networks with different methods. Assisted Handshake file capture. Cleaning and optimizing Handshake captured files. Offline password decrypt on WPA/WPA2 captured files dictionary and bruteforce. Compatibility with many Linux...

sIPI - Simple IP Information Tools

This tool is aimed for Incident Response Team and anyone what's want to know the behaviour of the "suspicious" IP Address. The tools do search looking for reputation info from a set of open threat intelligence sources. Information about this IP like malware activity, malicious activity, blacklist...

CANToolz aka YACHT (Yet Another Car Hacking Tool) - Framework for Black-Box CAN Network Analysis

CANToolz is a framework for analysing CAN networks and devices. This tool based on different modules which can be assembled in pipe together and can be used by security researchers and automotive/OEM security testers for black-box analysis and etc. You can use this software for ECU discovery, MIT...

Litesploit - Library and Intepreter for Penetration Testing Tools

Litesploit is a library and intepreter for penetration testing tools. This includes exploits, tools and litepreter. Litesploit support for Linux like ubuntu or debian, and more distro penetration testing like BackBox and Kali Linux. Platform | Support ---|--- Linux Ubuntu | Yes Linux Debian | Yes...

HostedNetworkStarter - Wifi Hotspot Creator for Windows 10/8/7

HostedNetworkStarter is a simple tool for Windows 7 and later that allows you to easily create a wifi hotspot with your wireless network adapter, using the Wifi hosted network feature of Windows operating system. With the wifi hotspot created by this tool, you can allow any device with wifi suppo...

Skydive - An Open Source Real-Time Network Topology and Protocols Analyzer

Skydive is an open source real-time network topology and protocols analyzer. It aims to provide a comprehensive way of understanding what is happening in the network infrastructure. Skydive agents collect topology informations and flows and forward them to a central agent for further analysis. Al...

Phishing Frenzy - Ruby on Rails Phishing Framework

Phishing Frenzy is an Open Source Ruby on Rails application that is leveraged by penetration testers to manage email phishing campaigns. The project was started in 2013 by the founder Brandon "zeknox" McCann. Brandon identified inefficiencies in the way that many penetration testers were conducti...

OWASP VBScan 0.1.6 - Black Box vBulletin Vulnerability Scanner Tool

OWASP VBScan short for VBulletin Vulnerability Scanner is an opensource project in perl programming language to detect VBulletin CMS vulnerabilities and analyses them . Why OWASP VBScan ? If you want to do a penetration test on a vBulletin Forum, OWASP VBScan is Your best shot ever! This Project ...

BlackArch Linux v2016.04.28 - Penetration Testing Distribution

BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers. The repository contains 1410 tools. You can install tools individually or in groups. BlackArch Linux is compatible with existing Arch installs. ChangeLog: added new improved BlackArch Linux...

Hob0Rules - Password cracking rules for Hashcat based on statistics and industry patterns

Password cracking rules for Hashcat based on statistics and industry patterns. The following blog posts on passwords explain the statistical signifigance of these rulesets: Statistics Will Crack Your Password Praetorian Password Cracking Rules Released Useful wordlists to utilize with these rules...