Weeman v1.7 - HTTP Server for Phishing

HTTP server for phishing in python. and framework Usually you will want to run Weeman with DNS spoof attack. see dsniff, ettercap. Press 1.7 - is out 25-03-2016 Added profiles Weeman framework 0.1 is out !!! Added command line options. Beautifulsoup dependency removed. Weeman will do the followin...

Blind-Sql-Bitshifting - Blind SQL Injection via Bitshifting

This is a module that performs blind SQL injection by using the bitshifting method to calculate characters instead of guessing them. It requires 7/8 requests per character, depending on the configuration. Usage import blind-sql-bitshifting as x Edit this dictionary to configure attack vectors...

Whitewidow - SQL Vulnerability Scanner

Whitewidow is an open source automated SQL vulnerability scanner, that is capable of running through a file list, or can scrape Google for potential vulnerable websites. It allows automatic file formatting, random user agents, IP addresses, server information, multiple SQL injection syntax, and a...

PenQ - The Security Testing Browser Bundle

PenQ is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre-configured with security tools for spidering, advanced web searching, fingerprinting, anonymous browsing, web server scanning, fuzzing, report generating and many more. PenQ is not just ...

IPGeoLocation - A tool to retrieve IP Geolocation information

A tool to retrieve IP Geolocation information Powered by ip-api Requirements Python 3.x Features Retrieve IP or Domain Geolocation. Retrieve your own IP Geolocation. Retrieve Geolocation for IPs or Domains loaded from file. Each target in new line. Define your own custom User Agent string. Select...

Metaphor - Stagefright with ASLR bypass

Metaphor - Stagefright with ASLR bypass By Hanan Be'er from NorthBit Ltd. Link to whitepaper: https://raw.githubusercontent.com/NorthBit/Public/master/NorthBit-Metaphor.pdf Metaphor's source code is now released! The source include a PoC that generates MP4 exploits in real-time and bypassing ASLR...

Htcap - web application scanner able to crawl single page application (SPA) in a recursive manner by intercepting ajax calls and DOM changes

htcap is a web application scanner able to crawl single page application SPA in a recursive manner by intercepting ajax calls and DOM changes. Htcap is not just another vulnerability scanner since it's focused mainly on the crawling process and uses external tools to discover vulnerabilities. It'...

Ubuntu 16.04 LTS (Xenial Xerus) - The leading OS for PC, tablet, phone and cloud

Ubuntu is an ancient African word meaning ‘humanity to others’. It also means ‘I am what I am because of who we all are’. The Ubuntu operating system brings the spirit of Ubuntu to the world of computers. Where did it all begin? Linux was already established as an enterprise server platform in...

Changme - A Default Credential Scanner

Changeme is designed to be simple to add new credentials without having to write any code or modules. changeme keeps credential data separate from code. All credentials are stored in yaml files so they can be both easily read by humans and processed by changeme. Credential files can be created by...

Tsusen - Network Traffic Sensor

Tsusen 津波センサー is a standalone network sensor made for gathering information from the regular traffic coming from the outside i.e. Internet on a daily basis e.g. mass-scans, service-scanners, etc.. Any disturbances should be closely watched for as those can become a good prediction base of...

Ranger - Tool To Access And Interact With Remote Microsoft Windows Based Systems

A tool to support security professionals access and interact with remote Microsoft Windows based systems. This project was conceptualized with the thought process, we did not invent the bow or the arrow, just a more efficient way of using it. Ranger is a command-line driven attack and penetration...

ROPInjector - Convert any Shellcode in ROP and patch it into a given Portable Executable (PE)

A tool written in C Win32 to convert any shellcode in ROP and patch it into a given portable executable PE. It supports only 32-bit target PEs and the x86 instruction set. Published in Blackhat USA 2015, "ROPInjector: Using Return Oriented Programming for Polymorphism and Antivirus Evasion" More...

PeerTweet - Decentralized Feeds using BitTorrent's DHT

BitTorrent's DHT is probably one of the most resilient and censorship-resistant networks on the internet. PeerTweet uses this network to allow users to broadcast tweets to anyone who is listening. When you start PeerTweet, it generates a hash @33cwte8iwWn7uhtj9MKCs4q5Ax7B which is similar to your...

DET - Data Exfiltration Toolkit

DET is provided AS IS, is a proof of concept to perform Data Exfiltration using either single or multiple channels at the same time. The idea was to create a generic toolkit to plug any kind of protocol/service. Slides DET has been presented at BSides Ljubljana on the 9th of March 2016 and the...

OnionScan - Onion Services Security Scan

The purpose of this tool is to make you a better onion service provider. You owe it to yourself and your users to ensure that attackers cannot easily exploit and deanonymize. Go Dependencies h12.me/socks - For the Tor SOCKS Proxy connection. github.com/xiam/exif - For EXIF data extraction...

FruityWifi v2.4 - Wireless Network Auditing Tool

FruityWifi is a wireless network auditing tool. The application can be installed in any Debian based system adding the extra packages. Tested in Debian, Kali Linux, Kali Linux ARM Raspberry Pi, Raspbian Raspberry Pi, Pwnpi Raspberry Pi, Bugtraq. v2.4 Utils have been added replaces "ifconfig -a"...

v0lt - Security CTF Toy Tools

v0lt is an attempt to regroup every tool I used/use/will use in security CTF, Python style. A lot of exercises were solved using bash scripts but Python may be more flexible, that's why. Nothing to do with Gallopsled. It's a toy toolkit, with small but specific utils only. Requirements and...

GEF - Multi-Architecture GDB Enhanced Features for Exploiters & Reverse-Engineers

GEF is aimed to be used mostly by exploiters and reverse-engineers. It provides additional features to GDB using the Python API to assist during the process of dynamic analysis or exploit development. GEF fully relies on GDB API and other Linux specific source of information such as /proc/pid . A...

Gladius - Easy mode from Responder to Credentials

Gladius provides an automated method for cracking credentials from various sources during an engagement. We currently crack hashes from Responder, secretsdump.py, and smarthashdump. Install pip install watchdog git clone https://www.github.com/praetorian-inc/gladius cd gladius git clone...

GetDataReport - Script to collect information to the client side

Script in PHP+JS for get information of target through a web application, use $SERVER functions and JS functions for get information of our client. Plugin WEBApps in some web applications need to collect information from the client to perform tasks with this plugin will be easier to work with the...

Brosec - An interactive reference tool to help security professionals utilize useful payloads and commands

Brosec is a terminal based reference utility designed to help us infosec bros and broettes with useful yet sometimes complex payloads and commands that are often used during work as infosec practitioners. An example of one of Brosec's most popular use cases is the ability to generate on the fly...

Payday - Payload generator that uses Metasploit and Veil

Payload generator that uses Metasploit and Veil. Takes IP address input and then builds payloads automatically. Calls Veil framework with supplied IP address and creates binaries and handlers. Uses msfvenom to create payloads and writes resource handler files in the same way that Veil does...

RouterSploit - Router Exploitation Framework

The RouteSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of various modules that aids penetration testing operations: exploits - modules that take advantage of identified vulnerabilities creds - modules designed to test credentials against...

Pentestly - Python and Powershell internal Penetration Testing Framework

Pentestly is a combination of expanding Python tools for use in penetration tests. The goal is to utilize a familiar user interface while making contributions to the framework easy with the power of Python. Blog post: Pentestly Framework: When Pentesting Meets Python and Powershell Author:...

JSRat - Reverse HTTP Shell Using JavaScript

JSRat is a reverse HTTP Shell by using JavaScript. JSRat use rundll32.exe to load the JavaScript code in cmd and a HTTP Shell is returned when the code is executed. The special part is that after running the cmd command, rundll32.exe will remain in the background to continuously connect to the...

Firmwalker - Script for searching the extracted firmware file system for goodies!

A simple bash script for searching the extracted or mounted firmware file system. It will search through the extracted or mounted firmware file system for things of interest such as: etc/shadow and etc/passwd list out the etc/ssl directory search for SSL related files such as .pem, .crt, etc...

LynxFramework - Extension Exploitation Framework

LynxFramework is an operating tool for web browser offering a specialized service in the effect browser extension development , namely Google Chrome and Firefox soon. The operation is based on the script for the injection in the order to retrieve data targeted. LynxFramework est un outil...

PentestBox 2.0 - Portable Penetration Testing Distribution for Windows Environments

PentestBox provides all security tools as a software package, eliminating requirement of Virtual machines or dualboot environments on Windows Operating System. It is created because more than 50% of penetration testing distribution users uses windows. Source So it provides an efficient platform f...

Meld - Visual Diff And Merge Tool Targeted At Developers

Meld is a visual diff and merge tool targeted at developers. Meld helps you compare files, directories, and version controlled projects. It provides two- and three-way comparison of both files and directories, and has support for many popular version control systems. Meld helps you review code...

Rack-Bug - Debugging Toolbar For Rack Applications Implemented As Middleware

Rack::Bug adds a diagnostics toolbar to Rack apps. When enabled, it injects a floating div allowing exploration of logging, database queries, template rendering times, etc. Features Password-based security IP-based security Rack::Bug instrumentation/reporting is broken up into panels. Panels in...

Guinevere - Automated Security Assessment Reporting Tool

This tool works with Gauntlet a private tool to automate assessment reporting. Main features include: Generate Assessment Report Export Assessment Generate Retest Report Generate Pentest Checklist Generate Assessment Report This option will generate you .docx report based on the vulnerabilities...

Kautilya - Tool for easy use of Human Interface Devices for offensive security and penetration testing

Kautilya is a toolkit which provides various payloads for a Human Interface Device which may help in breaking in a computer during penetration tests. List of Payloads Windows Gather Gather Information Hashdump and Exfiltrate Keylog and Exfiltrate Sniffer WLAN keys dump Get Target Credentials Dump...

Jsprime - A JavaScript Static Security Analysis Tool

Today, more and more developers are switching to JavaScript as their first choice of language. The reason is simple JavaScript has now been started to be accepted as the mainstream programming for applications, be it on the web or on the mobile; be it on client-side, be it on the server side...

Shocker - A tool to find and exploit servers vulnerable to Shellshock

A tool to find and exploit servers vulnerable to Shellshock Help Text usage: shocker.py -h, --help show this help message and exit --Host HOST, -H HOST A target hostname or IP address --file FILE, -f FILE File containing a list of targets --port PORT, -p PORT The target port number default=80...

Al-Khaser - Public Malware Techniques Used In The Wild

al-khaser is a PoC malware with good intentions that aimes to stress your anti-malware system. It performs a bunch of nowadays malwares tricks and the goal is to see if you catch them all. Possible uses You are making an anti-debug plugin and you want to check its effectiveness. You want to ensur...

Lynis 2.2.0 - Security Auditing Tool for Unix/Linux Systems

Lynis is an open source security auditing tool. Commonly used by system administrators, security professionals and auditors, to evaluate the security defenses of their Linux/Unix based systems. It runs on the host itself, so it can perform very extensive security scans. Supported operating system...

DbDat - Db Database Assessment Tool

DbDat performs numerous checks on a database to evaluate security. The categories of checks performed are configuration, privileges, users, and information. Checks are performed by running queries or reading database configuration files. The goal of this tool is to highlight issues that need...

CTF-Tools - Some setup scripts for security research tools

This is a collection of setup scripts to create an install of various security research tools. Of course, this isn't a hard problem, but it's really nice to have them in one place that's easily deployable to new machines and so forth. Installers for the following tools are included: Category | To...

Ruby-Nmap - A Rubyful interface to the Nmap exploration tool and security / port scanner

A Ruby interface to nmap , the exploration tool and security / port scanner. Features Provides a Ruby interface for running nmap. Provides a Parser for enumerating nmap XML scan files. Examples Run Nmap from Ruby: require 'nmap/program' Nmap::Program.scan do |nmap| nmap.synscan = true...

Machinae - Security Intelligence Collector

Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data: IP addresses, domain names, URLs, email addresses, file hashes and SSL fingerprints. It was inspired by Automater , another excellent tool for collecting information. The Machinae...

SSLyze - Fast And Full-Featured SSL Scanner

SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL servers. Key features include: Multi-processed and multi-threaded...

OnionCat - An Anonymous VPN-Adapter (P2P layer 3 VPN based on Tor or I2P)

OnionCat is a VPN-adapter which allows to connect two or more computers or networks through VPN-tunnels. It is designed to use the anonymization networks Tor or I2P as its transport, hence, it provides location-based anonymity while still creating tunnel end points with private unique IP addresse...

Striptls - Proxy POC Implementation Of STARTTLS Stripping Attacks

poc implementation of STARTTLS stripping attacks SMTP SMTP.StripFromCapabilities - server response capability patch SMTP.StripWithInvalidResponseCode - client STARTTLS stripping, invalid response code SMTP.UntrustedIntercept - STARTTLS interception client and server talking ssl requires server.pe...

Kitty - Fuzzing Framework Written In Python

Kitty is an open-source modular and extensible fuzzing framework written in python, inspired by OpenRCE's Sulley and Michael Eddington's and now Deja Vu Security's Peach Fuzzer . Goal When we started writing Kitty, our goal was to help us fuzz unusual targets --- meaning proprietary and esoteric...

Chuckle - An Automated SMB Relay Script

Chuckle is an automated SMB Relay Script. Chuckle requires a few tools to work: SMBRelayX.py Veil latest version from git Responder Chuckle will detect which version you are using. Nmap Nbtscan unixwiz MSFconsole Usuage should be fairly simple, run as root or use sudo: sudo ./chuckle.sh Wait a...

HEVD - HackSys Extreme Vulnerable Driver

HackSys Extreme Vulnerable Driver is intentionally vulnerable Windows driver developed for security enthusiasts to learn and polish their exploitation skills at Kernel level. HackSys Extreme Vulnerable Driver caters wide range of vulnerabilities ranging from simple Buffer Overflows to complex Use...

Lobotomy - Android Reverse Engineering Framework & Toolkit

Lobotomy is an Android security toolkit that will automate different Android assessments and reverse engineering tasks. The goal of the Lobotomy toolkit is to provide a console environment, which would allow a user to load their target Android APK once, then have all the necessary tools without...

Climber - Check UNIX/Linux Systems For Privilege Escalation

Automated auditing tool to check UNIX/Linux systems misconfigurations which may allow local privilege escalation. Dependencies python = 2.7 python-crypto python-mako python-paramiko Note Climber needs Exscript, a Python module and a template processor for automating network connections over...

Malware-Jail - Sandbox for semi-automatic Javascript malware analysis and payload extraction

Sandbox for semi-automatic Javascript malware analysis and payload extraction. Written for Node.js malware-jail is written for Node's 'vm' sandbox . Currently implements WScript Windows Scripting Host context env/wscript.js , at least the part frequently used by malware. Internet browser context ...

Wordpress-Exploit-Framework - A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems

A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems. What do I need to run it? Ensure that you have Ruby 2.2.x installed on your system and then install all required dependencies by opening a command prompt / terminal in...