1052 matches found
MITM BLE Security Assessment: gattacker
MITM BLE Security Assessment A Node.js package for BLE Bluetooth Low Energy Man-in-the-Middle & more The tool creates exact copy of attacked device in Bluetooth layer, and then tricks mobile application to interpret its broadcasts and connect to it instead the original device. At the same time, i...
Mercenary Linux
Mercenary-Linux is a “new-era” lightweight distribution of mostly Dockerized tools built for field expedient hunting, forensics, and malware analysis. This problem birthed MHF Mercenary Hunt Framework which allows the hunt team to easily perform hunt operations within a framework that aggregates...
Ruggedization Framework For Security Testing: Gauntlt
Gauntlt is a ruggedization framework that is enables security testing that is usable by devs, ops and security. Gauntlt provides hooks to a variety of security tools and puts them within reach of security, dev and ops teams to collaborate to build rugged software. It is built to facilitate testin...
Distributed Password Cracking: CrackLord
Over the past several years the world of password cracking has exploded with new tools and techniques. These new techniques have made it easier than ever to reverse captured password hashes. With the addition of powerful techniques, from GPGPU cracking to rainbow tables, it is easier than ever to...
DHCP exhaustion attack: DHCPig
dhcpig – an advanced DHCP exhaustion attack DHCPig initiates an advanced DHCP exhaustion attack. It will consume all IPs on the LAN, stop new users from obtaining IPs, release any IPs in use, then for good measure send gratuitous ARP and knock all windows hosts offline. It requires scapy =2.1...
Smart Traffic Sniffing: NetRipper
Smart Traffic Sniffing NetRipper is a post exploitation tool targeting Windows systems which uses API hooking in order to intercept network traffic and encryption related functions from a low privileged user, being able to capture both plain-text traffic and encrypted traffic before...
Parse Various Log Files: Plaso
Plaso is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline and thus plaso is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network...
Drag-and-Drop Encryption: miniLock
Drag-and-Drop Encryption miniLock The encryption project named minilock, is a free and open-source program plugin witch lets anybody encrypt and decrypt files in seconds utilizing drag-and-drop interface. minilock offers a region where your files should be dropped and it works with all file types...
How To Remove File Metadata
How To Remove File Metadata For those of you who want to remove file metadata from any shared data, you can use existing document or image editor software which typically have built-in metadata editing capability. In this tutorial, we will introduce a standalone metadata cleaner tool which is...
Open Source MySQL Injection: sqlsus
sqlsus is an open source MySQL injection and takeover tool, written in perl. Via a command line interface, you can retrieve the databases structure, inject your own SQL queries even complex ones, download files from the web server, crawl the website for writable directories, upload and control a...
Extreme GPU Bruteforcer
Extreme GPU Bruteforcer is a professional solution for the recovery of passwords from hashes using GPU. The software supports hashes of the following types: MySQL, MySQL5, DESUnix, MD4, MD5, MD5Unix, MD5APR, MD5phpBB3, MD5WordPress, LM, NTLM, SHA-1 and many others. On modern graphics cards from...
Microsoft Research Detours Package
Detours is a software package for monitoring and instrumenting API calls on Windows. Detours has been used by many ISVs and is also used by product teams at Microsoft. Detours is now available under a standard open source license MIT. This simplifies licensing for programmers using Detours and...
Query Windows Machine for RAM Artifacts: memtriage
Allows you to quickly query a live Windows machine for RAM artifacts. This tool utilizes the Winpmem drivers to access physical memory, and Volatility for analysis. Caveats: Doesn’t work with Device Guard enabled. Should be tested on machines before deploying. Example Usage usage: memtriage.exe -...
Salt Open Linux Vulnerability Scanner: Salt Scanner
Salt Open Linux Vulnerability Scanner A linux vulnerability scanner based on Vulners Audit API and Salt Open, with Slack notifications. Requirements Salt Open salt-master, salt-minion¹ Python 2.7 Salt pip install salt==2016.11.5 Slackclient pip install slackclient==1.0.5 Usage root@localhost pyth...
Find Exploits in Local and Online Databases: Findsploit
Find Exploits in Local and Online Databases Finsploit is a simple bash script to quickly and easily search both local and online exploit databases. This repository also includes “copysploit” to copy any exploit-db exploit to the current directory and “compilesploit” to automatically compile and r...
DNS Reconnaissance: AQUATONE
DNS Reconnaissance AQUATONE is a set of tools for performing reconnaissance on domain names. It can discover subdomains on a given domain by using open sources as well as the more common subdomain dictionary brute force approach. After subdomain discovery, AQUATONE can then scan the hosts for...
Run HTTP Flood DDoS Attacks: Wreckuests
Stress Testing: Run HTTP Flood DDoS Attacks Wreckuests is a script, which allows you to run DDoS attacks with HTTP-floodGET/POST. It’s written in pure Python and uses proxy-servers as “bots”. This script is published for educational purposes only! Features Cache bypass with random ?abcd=efg...
Monitor AWS & GCP Configurations: Security Monkey
Monitor AWS & GCP Configurations Security Monkey is an OpenSource application from Netflix NetflixOSS which monitors/alerts/reports one or multiple AWS/GCP accounts for anomalies. Security Monkey monitors your AWS and GCP accounts for policy changes and alerts on insecure configurations. It...
Reverse Engineering Communication Protocols: Netzob
Reverse Engineering Communication Protocols Netzob is an open source tool for reverse engineering, traffic generation and fuzzing of communication protocols. It allows to infer the message format and the state machine of a protocol through passive and active processes. The model can afterward be...
Social Engineering Attack Vector: QRLJacking
Social Engineering Attack Vector QRLJacking or Quick Response Code Login Jacking is a simple social engineering attack vector capable of session hijacking affecting all applications that rely on “Login with QR code” feature as a secure way to login into accounts. In a simple way, In a nutshell...
PE Executables Static Analyzer: Manalyze
PE Executables Static Analyzer Manalyze performs static analysis on PE files, in order to detect signs of malicious behavior. It is a versatile tool with a robust parser and a set of built-in tests, but can also be extended easily.Manalyze was written in C++ for Windows and Linux and is released...
Kali Linux NetHunter
Official Offensive Security have obsessively been building Kali on weird and wonderful ARM hardware and today, we are proud to reveal their latest creation – the Kali Linux NetHunter. NetHunter is a Android penetration testing platform for Nexus devices built on top of Kali Linux, which includes...
Robust ClamAV-based Linux Malware Scanner: MalScan
Malscan is a robust and fully featured scanning platform for Linux servers that greatly simplifies keeping your web servers secure and malware-free. It is built upon the ClamAV platform, providing all of the features of Clamscan with a host of new features and detection modes. Features Multiple...
SQLMap Web Front End
PHP Front end to work with the SQLMAP JSON API Server sqlmapapi.py to allow for a Web GUI to drive near full functionality of SQLMAP! Windows 2003 Server, IIS/6.0 + ASP + MS-SQL 2005 SQLMap Web GUI Requirements: Linux, Apache, PHP check your favorite distro’s wiki or forum pages, or use google PH...
WEP and WPA Cracking Tool Suite: Aircrack-ng
WEP and WPA Cracking Aircrack-ng Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making...
Common Reverse Shells
If you’re lucky enough to find a remote command execution vulnerability, you’ll more often than not want to connect back to your attacking machine to leverage an interactive shell. Below are a collection of reverse shells that use commonly installed programming languages, or commonly installed...
Bandwidth Monitor – NetHogs
Bandwidth Monitor NetHogs is a small ‘net top’ tool. Instead of breaking the traffic down per protocol or per subnet, like most tools do, it groups bandwidth by process. NetHogs does not rely on a special kernel module to be loaded. If there’s suddenly a lot of network traffic, you can fire up...
The Offensive Web Application Penetration Testing Framework: TIDoS
TIDoS Framework is a comprehensive web-app audit framework. TIDoS is made to be comprehensive and versatile. It is a highly flexible framework where you just have to select and use modules. But before that, you need to set your own API KEYS for various OSINT purposes. To do so, open up APIKEYS.py...
Automatize Obfuscation and Generation of MS Office Documents: macro_pack
The macropack is a tool used to automatize obfuscation and generation of MS Office documents for pentest, demo, and social engineering assessments. The goal of macropack is to simplify antimalware solutions bypass and automatize the process from vba generation to final Office document generation...
Vulnerability Assessment & Management Tool: Jackhammer
Jackhammer is a collaboration tool built with an aim of bridging the gap between Security team vs dev team , QA team and being a facilitator for TPM to understand and track the quality of the code going into production. It could do static code analysis and dynamic analysis with inbuilt...
Mozilla InvestiGator: MIG
Mozilla InvestiGator Mozilla’s real-time digital forensics and investigation platform MIG is a platform to perform investigative surgery on remote endpoints. It enables investigators to obtain information from large numbers of systems in parallel, thus accelerating investigation of incidents...
Fuzzer for Individual Method Parameters: RamFuzz
Fuzzer for Individual Method Parameters RamFuzz is a fuzzer for individual method parameters in unit tests. A unit test can use RamFuzz to generate random parameter values for methods under test. The values are logged, and the log can be replayed to repeat the exact same test scenario. But RamFuz...
Auto Backdooring Utility: backdoorme
Auto Backdooring Utility Backdoorme is a powerful utility capable of backdooring Unix machines with a slew of backdoors. Backdoorme uses a familiar metasploit interface with tremendous extensibility.Backdoorme relies on having an existing SSH connection or credentials to the victim, through which...
Instruction Trace Visualisation Tool: rgat
An instruction trace visualisation tool intended to help reverse engineers make the link between target behaviour and code. rgat uses dynamic binary instrumentation courtesy of DynamoRIO to produce graphs from running executables. It creates static and animated visualisations in realtime to suppo...
Offline Digital Forensics Tool for Binary Files: ByteForce
Offline Digital Forensics Tool for Binary Files Offline Digital Forensics Tool for Binary Files This tool can be used for offline digital forensics and malware analysis as it shows all raw bytes of a file and also the ASCII representations. As you can see from the screenshots, It can be used on a...
General Purpose Fuzzer: Radamsa
Radamsa is a test case generator for robustness testing, a.k.a. a fuzzer. It is typically used to test how well a program can withstand malformed and potentially malicious inputs. It works by reading sample files of valid data and generating interestringly different outputs from them. The main...
Exploit Search: XPL-Search
XPL SEARCH is a script made in PHP, to perform quick searches for vulnerabilities or exploits in multiple databases Dependencies: The XPL SEARCH is written in PHP and therefore, can be used both on Linux or Windows. The following items are required for the proper functioning of the script: PHP...
Multi Purpose Fuzzer: zzuf
Multi Purpose Fuzzer zzuf is a transparent application input fuzzer. Its purpose is to find bugs in applications by corrupting their user-contributed data which more than often comes from untrusted sources on the Internet. It works by intercepting file and network operations and changing random...
WiFiJammer – Continuously jam all wifi clients/routers
Continuously jam all wifi clients and access points within range. The effectiveness of this script is constrained by your wireless card. Alfa cards seem to effectively jam within about a block radius with heavy access point saturation. Granularity is given in the options for more effective...
Data Stream Encryption: ciphr
Data Stream Encryption Ciphr is a CLI tool for performing and composing encoding, decoding, encryption, decryption, hashing, and other various operations on streams of data. It takes provided data, file data, or data from stdin, and executes a pipeline of functions on the data stream, writing the...
Web Application Brute Force Attack: Crowbar
Web Application Brute Force Attack Crowbar was developed to brute force some protocols in a different manner then other ‘popular’ brute forcing tools. As an example, while most brute forcing tools use username and password for SSH brute forcing, Crowbar uses SSH keys. Currently Crowbar supports...
WPA Cluster Cracker: Moscrack
Moscrack WPA Cluster Cracker Moscrack facilitates the use of a WPA cracker on a cluster. Currently it works with Mosix clustering software, SSH, RSH and Pyrit. It works by reading a word list from STDIN or a file, breaking it into chunks and passing those chunks off to seperate processes that run...
Raspberrypi Wireless Attack Toolkit
Raspberrypi Wireless Attack Toolkit is a push-button wireless hacking and Man-in-the-Middle attack toolkit This project is designed to run on Embedded ARM platforms specifically v6 and RaspberryPi . It provides users with automated wireless attack tools that air paired with man-in-the-middle tool...
Social Media Enumeration & Correlation Tool: Social Mapper
Social Mapper is a Open Source Intelligence Tool that uses facial recognition to correlate social media profiles across different sites on a large scale. It takes an automated approach to searching popular social media sites for targets names and pictures to accurately detect and group a person’s...
Collecting & Hunting For IOCs With Gusto and Style: rastrea2r
Ever wanted to turn your AV console into an Incident Response & Threat Hunting machine? Rastrea2r pronounced “rastreador” – hunter- in Spanish is a multi-platform open source tool that allows incident responders and SOC analysts to triage suspect systems and hunt for Indicators of Compromise IOCs...
CERT Tapioca for MITM Analysis
CERT Tapioca is a utility for testing mobile or any other application using MITM techniques. CERT Tapioca development was sponsored by the United States Army Armament Research, Development and Engineering Center ARDEC as well as the United States Department of Homeland Security DHS. Installation...
Web Service Security Assessment Tool: WSSAT
WSSAT is an open source web service security scanning tool which provides a dynamic environment to add, update or delete vulnerabilities by just editing its configuration files. This tool accepts WSDL address list as input file and for each service, it performs both static and dynamic tests again...
Password Recovery Platform: Wavecrack
A user-friendly Web interface to share an hashcat cracking box among multiple users with some pre-defined options. Outline This Web application can be used to launch asynchronous password cracks with hashcat . The interface tries to be as user-friendly as possible and facilitates the password...
Ghost In The Net
Ultimate Network Stealther that makes Linux a Ghost In The Net and protects from MITM/DOS/scan Properties: Network Invisibility Network Anonymity Protects from MITM/DOS Transparent Cross-platform Minimalistic Dependencies: Linux 2.4.26+ – will work on any Linux-based OS, including Whonix and...
Linkedin Information Gathering Tool: raven
raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin. Usage of this is application is pretty simple. It requires at least three parameters. The first one is the company name , the second one is the count...