1052 matches found
Hacking Maytag: Coin-Operated Laudromat Machines
Most Maytag commercial washers and dryers out there use a common controller platform. It dates back to the 80s and is still produced. So almost all Maytag with digital control panel is exploitable in this way. The identifying features are green vacuum florescent display with a four-digit numerica...
Damn Vulnerable Web Application: DVWA
Damn Vulnerable Web Application DVWA is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid...
Secure Anti Forensic Anonymous Operating System: kodachi
Secure Anti Forensic Anonymous Operating System Linux Kodachi operating system is based on Debian 8.6 it will provide you with a secure, anti forensic, and anonymous operating system considering all features that a person who is concerned about privacy would need to have in order to be secure...
Fuzzing Windows Binaries: WinAFL
AFL is a popular fuzzing tool for coverage-guided fuzzing. The tool combines fast target execution with clever heuristics to find new execution paths in the target binary. It has been successfully used to find a large number of vulnerabilities in real products. For more info about the original...
Mobile Security Framework: MobSF
Mobile Security Framework is an intelligent, all-in-one open source mobile application Android/iOS automated pen-testing framework capable of performing static and dynamic analysis. We’ve been depending on multiple tools to carry out reversing, decoding, debugging, code review, and pen-test and...
Access Point Impersonation Attacks: hostapd-wpe
hostapd-wpe – Wireless Pwnage Edition – hostapd-wpe is the replacement for FreeRADIUS-WPE . It implements IEEE 802.1x Authenticator and Authentication Server impersonation attacks to obtain client credentials, establish connectivity to the client, and launch other attacks where applicable...
Oracle Database Attacking Tool: ODAT
ODAT Oracle Database Attacking Tool is an open source penetration testing tool that tests the security of Oracle Databases remotely . Usage examples of ODAT: You have an Oracle database listening remotely and want to find valid SIDs and credentials in order to connect to the database You have a...
Free Open Source Self Hosted VirusTotal: Malice
Free Open Source Self Hosted VirusTotal Malice’s mission is to be a free open source version of VirusTotal that anyone can use at any scale from an independent researcher to a fortune 500 company.’ Ubuntu Install: Install Go $ sudo add-apt-repository ppa:ubuntu-lxc/lxd-stable $ sudo apt-get updat...
Suricata Based IDS/IPS Distro: SELKS
SELKS is both Live and installable Network Security Management ISO based on Debian implementing and focusing on a complete and ready to use Suricata IDS/IPS ecosystem with its own graphic rule manager. From start to analysis of IDS/IPS and NSM events in 30 sec. The name comes from its major...
Open Source GPS Tracking System: Traccar
Traccar is an open source GPS tracking system for various GPS tracking devices. This Maven Project is written in Java and works on most platforms with installed Java Runtime Environment. System supports more than 80 different communication protocols from popular vendors. It includes web interface...
Xtreme Vulnerable Web Application: XVWA
XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security. It’s not advisable to host this application online as it is designed to be “Xtremely Vulnerable”. It is recommended to host this application in local/controlled environment an...
Multi-Honeypot Platform: T-Pot
Multi-Honeypot Platform T-Pot is based on Ubuntu Server 16.10 LTS. The honeypot daemons as well as other support components being used have been paravirtualized using docker . This allowed developers to run multiple honeypot daemons on the same network interface without problems and make the enti...
Python Windows Event Log Parser: python-evtx
Python Windows Event Log Parser python-evtx is a pure Python parser for recent Windows Event Log files those with the file extension “.evtx”. The module provides programmatic access to the File and Chunk headers, record templates, and event entries. For example, you can use python-evtx to review...
Dex to Java Decompiler: jadx
Command line and GUI tools for produce Java source code from Android Dex and Apk files Building from source git clone https://github.com/skylot/jadx.git cd jadx ./gradlew dist on Windows, use gradlew.bat instead of ./gradlew Scripts for run jadx will be placed in build/jadx/bin and also packed to...
Damn Vulnerable Web Services: DVWS
Damn Vulnerable Web Services is a vulnerable testing environment that can be used to learn real world web service vulnerabilities. The aim of this project is to aid security professionals in testing their skills and tools in a legal environment. This application is designed to understand the...
PowerShell Penetration Testing Framework: Nishang
Nishang is an open source framework and collection of powerful PowerShell scripts and payloads that you can use during penetration testing audit, post exploitation phase or other stages of offensive security auditing. Nishang is useful during various phases of a security auditing process and has...
ICS & SCADA Situational Awareness: Grassmarlin
ICS & SCADA Situational Awareness GRASSMARLIN is an open-source software tool that provides a method for discovering and cataloging Supervisory Control & Data Acquisition SCADA and Industrial Control System ICS hosts on IP-based networks. GRASSMARLIN uses a variety of sources to generate this dat...
Windows Anti Recon Tool: SAMRi10
Windows Anti Recon Tool “SAMRi10” tool is a short PowerShell PS script which alters remote SAM access default permissions on Windows 10 & Windows Server 2016. This hardening process prevents attackers from easily getting some valuable recon information to move laterally within their victim’s...
Open Redirect DDoS Tool: UFONet
Open Redirect DDoS Tool UFONet – is a tool designed to launch DDoS attacks against a target, using ‘Open Redirect’ vectors on third party web applications, like botnet. UFONet abuses OSI Layer 7-HTTP to create/manage ‘zombies’ and to conduct different attacks using; GET/POST, multithreading,...
CAN bus analysis tool: Kayak
CAN bus analysis tool Kayak is a application for CAN bus diagnosis and monitoring. Its main goals are a simple interface and platform independence. Kayak is implemented in pure Java and has no platform specific dependencies. It includes a complete CAN bus abstraction model that can be included in...
Intel Engine Firmware Analysis Tool: MEAnalyzer
ME Analyzer is a tool which parses Intel Engine & PMC firmware images from the Converged Security Management Engine, Converged Security Trusted Execution Engine, Converged Security Server Platform Services, Management Engine, Trusted Execution Engine, Server Platform Services & Power Management...
Bash: How to open TCP/UDP sockets
How to open TCP/UDP sockets using a built-in feature in Bash ? Bash shell has a built-in feature that allows to open TCP/UDP sockets using a simple syntax. This is very useful when tools like netcat are not installed or we don’t have the permission to use it. The syntax is $ exec...
General Purpose Fuzzing: Honggfuzz
Honggfuzz is a general-purpose fuzzing tool. Given a starting corpus of test files, Hongfuzz supplies and modifies input to a test program and utilize the ptrace API / POSIX signal interface to detect and log crashes. Features Easy setup : No complicated configuration files or setup necessary —...
Perform Local Searches For Known Vulnerabilities: cve-search
cve-search is a tool to import CVE Common Vulnerabilities and Exposures and CPE Common Platform Enumeration into a MongoDB to facilitate search and processing of CVEs. The main objective of the software is to avoid doing direct and public lookup into the public CVE databases. This is usually fast...
Build Your Own IPsec VPN Server: Auto Setup Scripts
Set up your own IPsec VPN server in just a few minutes, with both IPsec/L2TP and Cisco IPsec on Ubuntu, Debian and CentOS. All you need to do is provide your own VPN credentials, and let the scripts handle the rest. An IPsec VPN encrypts your network traffic, so that nobody between you and the VP...
nMap Vulnerability Scanner: Vulscan
Vulscan is a module which enhances nmap to a vulnerability scanner. The nmap option -sV enables version detection per service which is used to determine potential flaws according to the identified product. The data is looked up in an offline version scip VulDB. Version 2.0 of Nmap NSE Vulscan is...
Facebook CTF: Capture the Flag Platform
The Facebook CTF is a platform to host Jeopardy and “King of the Hill” style Capture the Flag competitions. Due to the high cost and technical requirements of building and running CTF environments, few publicly available resources exist for schools, students, and non-profit organizations to use...
Windows Packet Sniffing Library: Npcap
Nmap Project’s packet sniffing library for Windows, based on WinPcap/Libpcap improved with NDIS 6 and LWF Npcap is an update of WinPcap to NDIS 6 Light-Weight Filter LWF .aspx technique. It supports Windows Vista, 7, 8 and 10. It is sponsored but not officially supported by the Nmap Project and...
Printer Exploitation Toolkit: PRET
Printer Exploitation Toolkit PRET is a new tool for printer security testing developed in the scope of a Master’s Thesis at Ruhr University Bochum. PRET connects to a device via network or USB and exploits the features of a given printer language. Currently PostScript , PJL and PCL are supported...
Transparent SSL TLS interception: SSLsplit
Transparent SSL TLS interception: SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. It is intended to be useful for network forensics, application security analysis, web application security testing, network security auditing, penetration testing and...
Android IMSI-Catcher Detector: AIMSICD
AIMSICD is an app to detect IMSI-Catchers . IMSI-Catchers are false mobile towers base stations acting between the target mobile phones and the real towers of service providers. As such they are considered a Man-In-The-Middle MITM attack. In the USA the IMSI-Catcher technology is known under the...
Secure Socket Funneling: SSF
Secure Socket Funneling SSF is a network tool and toolkit. It provides simple and efficient ways to forward data from multiple sockets TCP or UDP through a single secure TLS link to a remote computer. Multiplex Various Network Data Flows SSF is cross platform Windows, Linux, OSX and shipped as...
WeakerThan Linux
Weakerthan is a penetration testing distribution which is built from Debian Squeeze. For the desktop environment it uses Fluxbox. This operating system is ideal for WiFi hacking as it contains plenty of Wireless tools. It has a very well maintained website and a devoted community. Built from Debi...
Open Source Intelligence and Forensics : Maltego
Maltego is an open source intelligence and forensics application Maltego is a visual link analysis tool that, out the box, comes with open source intelligence OSINT plugins, called transforms. The tool offers real-time data mining and information gathering as well as the representation of this...
Geolocation OSINT Tool Creepy
Geolocation OSINT Tool Creepy Creepy is a geolocation OSINT tool. Gathers geolocation related information from online sources, and allows for presentation on map, search filtering based on exact location and/or date, export in csv format or kml for further analysis in Google Maps. What’s new in...
Linux Embedded Firmware Dynamic Analysis: FIRMADYNE
FIRMADYNE is an automated and scalable system for performing emulation and dynamic analysis of Linux-based embedded firmware. It includes the following components: modified kernels MIPS: v2.6.32 , ARM: v4.1 , v3.10 for instrumentation of firmware execution; a userspace NVRAM library to emulate a...
Rogue Access Point Toolkit : hostapd-mana
hostapd-mana is a featureful rogue wifi access point tool. It can be used for a myriad of purposes from tracking and deanonymising devices aka Snoopy, gathering corporate credentials from devices attempting EAP aka WPE or attracting as many devices as possible to connect to perform MitM attacks...
Damn Vulnerable iOS App: DVIA
Damn Vulnerable iOS App DVIA is an iOS application that is damn vulnerable. Its main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their iOS penetration testing skills in a legal environment. This application covers all the common vulnerabilities...
Targeted WPA2-Enterprise Evil Twin Attacks: eaphammer
Targeted WPA2-Enterprise Evil Twin Attacks EAPHammer is a toolkit for performing targeted evil twin attacks against WPA2-Enterprise networks. It is designed to be used in full scope wireless assessments and red team engagements. As such, focus is placed on providing an easy-to-use interface that...
Edit and Replay Network Traffic: tcpreplay
Edit and Replay Network Traffic Tcpreplay is a suite of GPLv3 licensed utilities for UNIX and Win32 under Cygwin operating systems for editing and replaying network traffic which was previously captured by tools like tcpdump and Ethereal / Wireshark . It allows you to classify traffic as client o...
Software Defined Radio Attack Tool: RFCrack
RFCrack is my personal RF test bench, it was developed for testing RF communications between any physical device that communicates over sub Ghz frequencies. IoT devices, Cars, Alarm Systems etc… Testing was done with the Yardstick One on OSX, but RFCrack should work fine in linux. Current support...
Windows PowerShell LLMNR/NBNS spoofer: Inveigh
Windows PowerShell LLMNR/NBNS spoofer Inveigh is a Windows PowerShell LLMNR/NBNS spoofer designed to assist penetration testers that find themselves limited to a Windows system. This can commonly occur while performing phishing attacks, USB drive attacks, VLAN pivoting, or simply being restricted...
Open-Source Disk Encryption for Windows: LibreCrypt
LibreCrypt is an Open-Source “on-the-fly” transparent disk encryption for Windows both 32 and 64 bit. LUKS compatible – formerly DoxBox. This software can create “virtual disks” on your computer – anything written to these disks is automatically encrypted before being stored on your computer’s ha...
Simple IOC and Incident Response Scanner: Loki
LOKI is a free and simple IOC scanner, a complete rewrite of main analysis modules of our full featured APT Scanner THOR. IOC stands for „Indicators of Compromise“. These indicators can be derived from published incident reports, forensic analyses or malware sample collections in your Lab. LOKI...
ZigBee Security Research Toolkit: KillerBee
KillerBee framework is a tool for attacking ZigBee and IEEE 802.15.4 networks. KillerBee is designed to simplify the process of sniffing packets from the air interface or a supported packet capture file libpcap or Daintree SNA, and for injecting arbitrary packets. Helper functions including IEEE...
Real-time File Scanning System: Strelka
Strelka is a real-time file scanning system used for threat hunting, threat detection, and incident response. Based on the design established by Lockheed Martin’s Laika BOSS and similar projects, Strelka’s purpose is to perform file extraction and metadata collection at huge scale. Strelka differ...
Fast TCP tunnel over HTTP: chisel
Chisel is a fast TCP tunnel, transported over HTTP, secured via SSH. Single executable including both client and server. Written in Go Golang. Chisel is mainly useful for passing through firewalls, though it can also be used to provide a secure endpoint into your network. Chisel is very similar t...
Open Source Security Incident and Event Management: SIEMonster
Open Source Security Incident and Event Management SIEMonster is free, documented open source Security Incident and Event Management SIEM designed and engineering with stable, supported open source products developed for security, scalability and functionality. The product was developed by...
SS7 Pentesting Toolkit: ss7MAPer
SS7 Pentesting Toolkit The toolkit is build upon the Osmocom SS7 stack and implements some basic MAP messages. At its current state tests against the HLR are ready for use, in future versions tests against VLR , MSC and SMSC will follow. The tool is written in Erlang; to get it running you will...
Damn Vulnerable Node Application: DVNA
Damn Vulnerable Node Application DVNA is a node.js web application that is damn vulnerable. Its main goal is to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and to aid...