Lucene search
K
N0whereMost viewed

1052 matches found

n0where
n0where
added 2016/06/16 2:4 a.m.38 views

General Purpose Blocker: uBlock

General Purpose Blocker An efficient blocker for Chromium and Firefox. Fast and lean. uBlock Origin or uBlock₀ is not an ad blocker ; it’s a general-purpose blocker. uBlock₀ blocks ads through its support of the Adblock Plus filter syntax . uBlock₀ extends the syntax and is designed to work with...

7AI score
Exploits0References9
n0where
n0where
added 2016/06/15 5:13 p.m.38 views

Live Platform for Android Security Professionals: Android Tamer

AndroidTamer started out as a VirtualMachine for Android Security Professionals. This Environment allows people to work on large array of android security related task’s ranging from Malware Analysis, Penetration Testing and Reverse Engineering. AndroidTamer is, at this point the only fully...

0.1AI score
Exploits0
n0where
n0where
added 2015/04/12 5:34 p.m.38 views

Open-Source Host-Based Intrusion Detection System: OSSEC

OSSEC is a platform to monitor and control your systems. It mixes together all the aspects of HIDS host-based intrusion detection, log monitoring, and Security Incident Management SIM/Security Information and Event Management SIEM together in a simple, powerful, and open source solution. Key...

0.4AI score
Exploits0References1
n0where
n0where
added 2013/01/31 10:55 p.m.38 views

Multipurpose Sniffer: Ettercap

Ettercap is a multipurpose sniffer / interceptor/logger for switched LAN Ettercap is a free and open source network security tool for man-in-the-middle attacks on LAN . It can be used for computer network protocol analysis and security auditing. It runs on various Unix-like operating systems...

7.6AI score
Exploits0References1
n0where
n0where
added 2018/09/02 5:52 a.m.37 views

Dynamic Binary Analysis Tool: Manticore

Manticore is a prototyping tool for dynamic binary analysis, with support for symbolic execution, taint analysis, and binary instrumentation. Manticore comes with an easy-to-use command line tool that quickly generates new program “test cases” or sample inputs with symbolic execution. Each test...

1AI score
Exploits0References3
n0where
n0where
added 2018/08/22 6:21 p.m.37 views

Covert Backdoor Transmission Method: GhostTunnel

GhostTunnel is a covert backdoor transmission method that can be used in an isolated environment. It can attack the target through the HID device only to release the payload agent, then the HID device can be removed after the payload is released. GhostTunnel use 802.11 Probe Request Frames and...

1AI score
Exploits0References1
n0where
n0where
added 2018/04/20 4:33 a.m.37 views

Real-time Network Packet Manipulation Framework: Polymorph

Polymoprh is a framework written in the Python3 programming language that allows the modification of network packets in real time, providing maximum control to the user over the contents of the packet. This framework is intended to provide an effective solution for real-time modification of netwo...

1.9AI score
Exploits0References2
n0where
n0where
added 2018/03/24 4:5 a.m.37 views

PowerShell Downgrade Attack: Unicorn

PowerShell Downgrade Attack Magic Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber’s powershell attacks and the powershell bypass technique presented by David Kennedy TrustedSec and Josh Kelly at Defcon 18. Usage ...

1.4AI score
Exploits0References1
n0where
n0where
added 2018/02/12 6:15 a.m.37 views

Open Source Static Code Analyser: StaCoAn

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications. This tool will look for interesting lines in the code which can contain: Hardcoded credentials API keys URL’s of API’s Decryption keys Major coding...

7.5AI score
Exploits0References2
n0where
n0where
added 2017/08/15 5:1 a.m.37 views

Automate Linux Swap Analysis: swap_digger

swapdigger is a bash script used to automate Linux swap analysis for post-exploitation or forensics purpose. It automates swap extraction and searches for Linux user credentials, Web form credentials, Web form emails, HTTP basic authentication, WiFi SSID and keys, etc. Download Use the following...

0.1AI score
Exploits0References1
n0where
n0where
added 2017/08/08 9:47 p.m.37 views

Linux Ad & Malware Blocking Script: Hostsblock

Hostsblock is a bash script designed to take advantage of /etc/hosts file to provide system-wide blocking of internet advertisements, malicious domains, trackers, and other undesirable content. To do so, it downloads a configurable set of blocklists and processes their entries into a single...

Exploits0References3
n0where
n0where
added 2017/07/10 2:53 p.m.37 views

Free Personal Self Hosted Dynamic DNS

Free Personal Self Hosted Dynamic DNS with BIND and DNSSEC Environment: Server: static IP, running BIND Home: dynamic IP, running Debian/buntu Key Generation First step is to generate a key on the server. /etc/bind $ sudo dnssec-keygen -a HMAC-MD5 -b 512 -n HOST home.dynamic.n0where.net This...

7.1AI score
Exploits0
n0where
n0where
added 2017/06/15 5:33 a.m.37 views

Chat With Hacker Assistant: hackerbot

Chat with your assistant and enjoy hacking This bot is a combination of chatbot and hacking tools Chatting Twitter account analysis Url scan File scan Ip scan Linux enumeration Linux priv escalation checker Shellshock Mimipenguin Installation git clone https://github.com/omergunal/hackerbot cd...

0.4AI score
Exploits0References1
n0where
n0where
added 2017/05/02 4:33 a.m.37 views

x86 to LLVM Bitcode Translation Framework: McSema

x86 to LLVM Bitcode Translation Framework McSema lifts x86 and amd64 binaries to LLVM bitcode modules. McSema support both Linux and Windows binaries, and most x86 and amd64 instructions, including integer, FPU, and SSE operations. McSema is separated into two conceptual parts: control flow...

0.1AI score
Exploits0References6
n0where
n0where
added 2017/03/13 5:19 a.m.37 views

Port Scan Attack Detector: PSAD

Port Scan Attack Detector The Port Scan Attack Detector psad is a lightweight system daemon written in is designed to work with Linux iptables/ip6tables/firewalld firewalling code to detect suspicious traffic such as port scans and sweeps, backdoors, botnet command and control communications, and...

7.9AI score
Exploits0References2
n0where
n0where
added 2015/09/22 5:44 a.m.37 views

Online Automated Tasks: Huginn

Huginn is a system for building agents that perform automated tasks for you online. They can read the web, watch for events, and take actions on your behalf. Huginn’s Agents create and consume events, propagating them along a directed graph. Think of it as a hackable Yahoo! Pipes plus IFTTT on yo...

7.3AI score
Exploits0References4
n0where
n0where
added 2015/08/28 12:52 p.m.37 views

Hackable HTTP proxy: Toxy

toxy is a fully programmatic and hackable HTTP proxy to simulate server failure scenarios and unexpected network conditions It was mainly designed for fuzzing/evil testing purposes, when toxy becomes particularly useful to cover fault tolerance and resiliency capabilities of a system, especially ...

Exploits0References8
n0where
n0where
added 2014/11/09 9:4 p.m.37 views

SSH Encryption and Connection Process

SSH Encryption and Connection Process Introduction SSH, or secure shell, is a secure protocol and the most common way of safely administering remote servers. Using a number of encryption technologies, SSH provides a mechanism for establishing a cryptographically secured connection between two...

7.4AI score
Exploits0
n0where
n0where
added 2014/08/10 4:38 a.m.37 views

Digital Forensics Toolkit: DEFT

DEFT acronym for Digital Evidence & Forensics Toolkit is a distribution made for Computer Forensics, with the purpose of running live on systems without tampering or corrupting devices hard disks, pendrives, etc… connected to the PC where the boot process takes place. The system is based on GNU...

0.4AI score
Exploits0
n0where
n0where
added 2014/08/05 9:17 p.m.37 views

Distributed Packet Monitoring System: Packetbeat

Packetbeat is a distributed packet monitoring system that can be used for application performance management. Think of it like a distributed real-time Wireshark with a lot more analytics features. Agents sniff the traffic between your application processes, parse on the fly protocols like HTTP,...

0.7AI score
Exploits0References1
n0where
n0where
added 2012/02/04 12:25 a.m.37 views

Wi-Fi network scanner: inSSIDer

inSSIDer is the best free Wi-Fi network scanner for Windows 7, Vista and XP The free inSSIDer software utility for Windows, iOS, and Android is one of the most useful and easy-to-interpret wireless networking tools I’ve encountered. InSSIDer displays information about the wireless networks in...

7AI score
Exploits0
n0where
n0where
added 2010/08/18 6:40 a.m.37 views

Encrypt Your Network Traffic: Tcpcrypt

Tcpcrypt is a protocol that attempts to encrypt almost all of your network traffic. Unlike other security mechanisms, Tcpcrypt works out of the box: it requires no configuration, no changes to applications, and your network connections will continue to work even if the remote end does not support...

7.7AI score
Exploits0References1
n0where
n0where
added 2018/08/21 6:36 p.m.36 views

Open source memory scanner written in C++: XenoScan

XenoScan is a memory scanner which can be used to scan the memory of processes to locate the specific locations of important values. These types of tools are typically used when hacking video games, as they allow one to locate the values representing the game’s state in memory. XenoScan is writte...

0.3AI score
Exploits0References1
n0where
n0where
added 2018/04/26 3:8 p.m.36 views

A PowerShell Toolkit for Attacking SQL Server: PowerUpSQL

The PowerUpSQL module includes functions that support SQL Server discovery, auditing for common weak configurations, and privilege escalation on scale. It is intended to be used during internal penetration tests and red team engagements. However, PowerUpSQL also includes many functions that could...

2.4AI score
Exploits0References12
n0where
n0where
added 2017/08/08 5:39 p.m.36 views

Serverless, Real-time Malware Detection: BinaryAlert

BinaryAlert is an open-source serverless AWS pipeline where any file uploaded to an S3 bucket is immediately scanned with a configurable set of YARA rules. An alert will fire as soon as any match is found, giving an incident response team the ability to quickly contain the threat before it spread...

0.2AI score
Exploits0References3
n0where
n0where
added 2017/08/07 9:21 p.m.36 views

The Ultimate Hosts Blacklist

The Ultimate hosts file for protecting your computer or device against over a million bad web sites. Protect your children and family from gaining access to bad web sites and protect your devices and pc from being infected with Malware or Ransomware. A hosts file for use on any operating system t...

7.4AI score
Exploits0References12
n0where
n0where
added 2017/02/16 5:2 a.m.36 views

Generate Backdoor With msfvenom: TheFatRat

Generate Backdoor With msfvenom A tool to generate backdoor with msfvenom easily a part from metasploit framework. This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac. The malware, created with this tool also have an ability to...

0.3AI score
Exploits0References1
n0where
n0where
added 2016/09/27 4:19 p.m.36 views

Anonymous Offline Communications System: PirateBox

Anonymous Offline Communications System PirateBox creates offline wireless networks designed for anonymous file sharing, chatting, message boarding, and media streaming. You can think of it as your very own portable offline Internet in a box! When users join the PirateBox wireless network and ope...

7.3AI score
Exploits0
n0where
n0where
added 2016/08/30 3:6 p.m.36 views

Dynamic Instrumentation Tool Platform: DynamoRIO

Dynamic Instrumentation Tool Platform DynamoRIO is a runtime code manipulation system that supports code transformations on any part of a program, while it executes. DynamoRIO exports an interface for building dynamic tools for a wide variety of uses: program analysis and understanding, profiling...

1.4AI score
Exploits0References4
n0where
n0where
added 2016/08/27 8:48 p.m.36 views

Universal Serial aBUSe: USaBUSe

Universal Serial aBUSe Universal Serial aBUSe is a project released at Defcon 24 by Rogan Dawes. The team took some fairly common attacks fake keyboards in small USB devices that type nasty things and extended them to provide us with a bi-directional binary channel over our own wifi network to gi...

7.5AI score
Exploits0References2
n0where
n0where
added 2016/04/07 3:38 p.m.36 views

DIY Web Proxy: proxenet

proxenet is a multi-threaded proxy which allows you to manipulate your HTTP requests and responses using your favorite scripting language. No need to learn Java like for Burp or Python like for mitmproxy . proxenet supports heaps of languages and more can be added easily. proxenet is a C-based...

0.1AI score
Exploits0References1
n0where
n0where
added 2016/01/11 6:38 p.m.36 views

Capturing and Analyzing Network Flow Data: Joy

A package for capturing and analyzing network flow data and intraflow data, for network research, forensics, and security monitoring. Joy is a BSD-licensed libpcap-based software package for extracting data features from live network traffic or packet capture pcap files, using a flow-oriented mod...

0.1AI score
Exploits0References1
n0where
n0where
added 2015/03/31 7:10 a.m.36 views

Open Source Whistleblower Platform: SecureDrop

SecureDrop an open source whistleblower submission system SecureDrop is an open-source software platform for secure communication between journalists and sources whistleblowers.It was originally designed and developed by Aaron Swartz and Kevin Poulsen under the name DeadDrop. After Aaron Swartz’s...

6.7AI score
Exploits0References46
n0where
n0where
added 2014/04/25 3:25 p.m.36 views

Analyze Cryptographic Specifications: Cryptol

The Cryptol specification language was designed by Galois for the NSA’s Trusted Systems Research Group as a public standard for specifying cryptographic algorithms. A reference specification can serve as the formal documentation for a cryptographic module. Unlike current specification mechanisms,...

0.5AI score
Exploits0References3
n0where
n0where
added 2013/01/05 6:16 p.m.36 views

Cyber Attack Management Tool: Armitage

Armitage is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework. Armitage aims to make Metasploit usable for security practitioners who understand hacking but don’t use Metasploit every...

0.5AI score
Exploits0References1
n0where
n0where
added 2018/03/19 12:40 a.m.35 views

Intentionally Insecure Webapp for Security Training: OWASP Juice Shop

OWASP Juice Shop is an intentionally insecure webapp for security trainings written entirely in JavaScript which encompasses the entire OWASP Top Ten and other severe security flaws. Juice Shop is written in Node.js, Express and AngularJS. It was the first application written entirely in JavaScri...

0.4AI score
Exploits0References6
n0where
n0where
added 2017/11/28 5:0 a.m.35 views

Linux Memory Cryptographic Keys Extractor: CryKeX

Some work has been already published regarding the subject of cryptograhic keys security within DRAM. Basically, we need to find something that looks like a key entropic and specific length and then confirm its nature by analyzing the memory structure around it C data types. The idea is to dump...

0.6AI score
Exploits0References2
n0where
n0where
added 2017/08/12 12:57 a.m.35 views

Wireless Auditing & Security Testing Toolkit: BoopSuite

BoopSuite is an up and coming suite of wireless tools designed to be easy to use and powerful in scope, that support both the 2 and 5 GHz spectrums. Written purely in python. A handshake sniffer CLI and GUI, a monitor mode enabling script and a deauth script are all parts of this suite with more ...

0.1AI score
Exploits0References1
n0where
n0where
added 2017/06/23 12:5 a.m.35 views

An Analytical Framework for Network Data: Flare

An Analytical Framework for Network Data Flare is a network analytic framework designed for data scientists, security researchers, and network professionals. Written in Python, it is designed for rapid prototyping and development of behavioral analytics, and intended to make identifying malicious...

0.8AI score
Exploits0References1
n0where
n0where
added 2017/06/05 8:14 p.m.35 views

Car Backdoor Maker: CBM

Car Backdoor Maker For the first time, a hardware backdoor tool is presented having several advanced features, such as: remote control via SMS commands, automated launch of attack payloads at a GPS location or when a specific car status is reached; and a configuration interface that allows users ...

3.7AI score
Exploits0References1
n0where
n0where
added 2017/04/25 4:28 p.m.35 views

Inject Custom Code Into PE File: InfectPE

Inject Custom Code Into PE File Using this tool you can inject x-code/shellcode into PE file. InjectPE works only with 32-bit executable files. Why you need InjectPE? You can test your security products. Use in a phishing campaign. Learn how PE injection works. …and so on. In the project, there i...

0.1AI score
Exploits0References1
n0where
n0where
added 2016/12/19 5:38 a.m.35 views

SDN Security Evaluation Framework: DELTA

DELTA is a penetration testing framework that regenerates known attack scenarios for diverse test cases. This framework also provides the capability of discovering unknown security problems in SDN by employing a fuzzing technique. Agent-Manager is the control tower. It takes full control over all...

7.7AI score
Exploits0References1
n0where
n0where
added 2016/12/19 5:28 a.m.35 views

Analyze Suspected Malware Documents: QuickSand

Analyze Suspected Malware Documents QuickSand is a compact C framework to analyze suspected malware documents to 1 identify exploits in streams of different encodings, 2 locate and extract embedded executables. By having the ability to locate embedded obfuscated executables, QuickSand could detec...

0.4AI score
Exploits0References1
n0where
n0where
added 2016/12/08 4:5 a.m.35 views

Extremely Fast Flexible Web Fuzzer: Filebuster

Extremely Fast Flexible Web Fuzzer Filebuster was built based on one of the fastest HTTP classes in the world of PERL – Furl::HTTP. Also the thread modelling is a bit optimized to run as fast as possible. Features It packs a ton of features like: The already mentioned Regex patterns Supports...

7AI score
Exploits0References1
n0where
n0where
added 2016/11/21 5:27 a.m.35 views

From XSS to RCE: XSSer

From XSS to RCE This demonstrates how an attacker can utilize XSS to execute arbitrary code on the web server when an administrative user inadvertently triggers a hidden XSS payload. Custom tools and payloads integrated with Metasploit’s Meterpreter in a highly automated approach will be...

2.8AI score
Exploits0References1
n0where
n0where
added 2016/11/03 1:59 a.m.35 views

Architecture Neutral Dynamic Analysis: PANDA

Architecture Neutral Dynamic Analysis PANDA is an open-source Platform for Architecture Neutral Dynamic Analysis. It is built upon the QEMU whole system emulator, and so analyses have access to all code executing in the guest and all data. PANDA adds the ability to record and replay executions,...

7.5AI score
Exploits0References7
n0where
n0where
added 2016/09/12 5:34 p.m.35 views

MITM BLE Security Assessment: gattacker

MITM BLE Security Assessment A Node.js package for BLE Bluetooth Low Energy Man-in-the-Middle & more The tool creates exact copy of attacked device in Bluetooth layer, and then tricks mobile application to interpret its broadcasts and connect to it instead the original device. At the same time, i...

0.7AI score
Exploits0References1
n0where
n0where
added 2016/04/17 11:53 a.m.35 views

Ruggedization Framework For Security Testing: Gauntlt

Gauntlt is a ruggedization framework that is enables security testing that is usable by devs, ops and security. Gauntlt provides hooks to a variety of security tools and puts them within reach of security, dev and ops teams to collaborate to build rugged software. It is built to facilitate testin...

7.2AI score
Exploits0References6
n0where
n0where
added 2016/03/06 1:43 a.m.35 views

Active Directory Honeytoken Tripwire: DCEPT

DCEPT D omain C ontroller E nticing P assword T ripwire is a honeytoken-based tripwire for Microsoft’s Active Directory. Honeytokens are pieces of information intentionally littered on system so they can be discovered by an intruder. In the case of DCEPT, the honeytokens are credentials that woul...

0.1AI score
Exploits0References1
n0where
n0where
added 2015/11/04 9:14 p.m.35 views

Distributed Password Cracking: CrackLord

Over the past several years the world of password cracking has exploded with new tools and techniques. These new techniques have made it easier than ever to reverse captured password hashes. With the addition of powerful techniques, from GPGPU cracking to rainbow tables, it is easier than ever to...

7.1AI score
Exploits0References2
Total number of security vulnerabilities1052