1052 matches found
Web Privacy Measurement Framework: OpenWPM
Web Privacy Measurement is the observation of websites and serves to detect, characterize and quantify privacy-impacting behaviors. Applications of Web Privacy Measurement include the detection of price discrimination, targeted news articles and new forms of browser fingerprinting. Although...
UEFI Firmware Parser
The UEFI firmware parser is a simple module and set of scripts for parsing, extracting, and recreating UEFI firmware volumes. This includes parsing modules for BIOS, OptionROM, Intel ME and other formats too. Please use the example scripts for parsing tutorials. Installation This module is includ...
Java RMI Enumeration & Attack Tool: BaRMIe
BaRMIe is a tool for enumerating and attacking Java RMI Remote Method Invocation services. RMI services often expose dangerous functionality without adequate security controls, however RMI services tend to pass under the radar during security assessments due to the lack of effective testing tools...
Windows NSA Information Assurance: Locklevel
Windows NSA Information Assurance LOCKLEVEL was a rapidly built prototype that demonstrates a method for scoring how well Windows systems have implemented some of the NSA Information Assurance top 10 mitigation strategies . This prototype is being shared to encourage industry adoption of these...
ARP Firewall: SCUTUM
SCUTUM is an ARP firewall that prevents your computer from being arp spoofed. Scutum controls “arptables” in your computer so it accepts ARP packets only from the gateway. This way, people with malicious intentions cannot spoof your arp table. Scutum also prevents other people from detecting your...
Open Source Full Featured Network Operating System: OpenSwitch
Open Source Full Featured Network Operating System OpenSwitch provides a fully-featured L2/L3 control plane stack, traditional and programmatic, declarative control plane. The 24×7 nature of global digital economy and the explosion of data have changed how we think about data center networking...
Phishing Kit Hunter
Phishing Kit Hunter PhishingKitHunter or PKHunter is a tool made for identifying phishing kits URLs used in phishing campaigns targeting your customers and using some of your own website files as CSS, JS, …. This tool – write in Python 3 – is based on the analysis of referer’s URL which GET...
Windows Penetration Testing Tool: RedSnarf
Windows Penetration Testing Tool RedSnarf is a pen-testing / red-teaming tool by Ed William and Richard Davy for retrieving hashes and credentials from Windows workstations, servers and domain controllers using OpSec Safe Techniques. RedSnarf aims to do the following: Leave no evidence on the hos...
Password Cracking Web Front-End: Hashview
Password Cracking Web Front-End Hashview is a tool for security professionals to help organize and automate the repetitious tasks related to password cracking. Hashview is a web application that manages hashcat https://hashcat.net commands. Hashview strives to bring constiency in your hashcat tas...
The Social-Engineer Toolkit (SET)
The Social-Engineer Toolkit SET is specifically designed to perform advanced attacks against the human element. SET has quickly became a standard tool in a penetration testers arsenal. SET is written by David Kennedy ReL1K and with a lot of help from the community it has incorporated attacks neve...
Mobile Application Security Training Platform: Security Shepherd
The OWASP Security Shepherd project is a web and mobile application security training platform. Security Shepherd has been designed to foster and improve security awareness among a varied skill-set demographic. The aim of this project is to take AppSec novices or experienced engineers and sharpen...
Bluetooth Smart MITM Framework: BtleJuice
Bluetooth Smart MITM Framework BtleJuice is a complete framework to perform Man-in-the-Middle attacks on Bluetooth Smart devices also known as Bluetooth Low Energy. It is composed of: an interception core an interception proxy a dedicated web interface Python and Node.js bindings How to install...
Analyzing TLS Libraries: TLS-Attacker
TLS-Attacker is a Java-based framework for analyzing TLS libraries. It is able to send arbitrary protocol messages in an arbitrary order to the TLS peer, and define their modifications using a provided interface. This gives the developer an opportunity to easily define a custom TLS protocol flow...
Versatile HTTP load testing: vegeta
Vegeta is a versatile HTTP load testing tool built out of a need to drill HTTP services with a constant request rate. Vegeta can be used both as a command line utility and a library. Install Pre-compiled executables Get them here . Homebrew on Mac OS X You can install Vegeta using the Homebrew...
Backdoor Framework
A little server framework for writing back doors Backdoor Framework Definitions: Backdoor: A backdoor is deliberate functionality that bypasses official publicly-documented authorization methods for that software and is intended by the author to be known to a limited audience. Protected Resource:...
PacketWhisper Exfiltration Toolset
PacketWhisper – Stealthily Transfer Data & Defeat Attribution Using DNS Queries & Text-Based Steganography, without the need for attacker-controlled Name Servers or domains; Evade DLP/MLS Devices; Defeat Data- & DNS Name Server Whitelisting Controls. Convert any file type e.g. executables, Office...
Lightning Fast Web Crawler: Photon
Photon is a lightning fast web crawler which extracts URLs, files, intel & endpoints from a target. 160 requests per second while extensive data extraction is just another day for Photon! Main Features Data Extraction Photon extracts the following data while crawling by default: URLs in-scope &...
DNS Rebinding Attack: DNS Rebind Toolkit
DNS Rebind Toolkit is a frontend JavaScript framework for developing DNS Rebinding exploits against vulnerable hosts and services on a local area network LAN. It can be used to target devices like Google Home, Roku, Sonos WiFi speakers, WiFi routers, “smart” thermostats, and other IoT devices. Wi...
SQL Injection Discovery Tool: SleuthQL
SleuthQL is a python3 script to identify parameters and values that contain SQL-like syntax. Once identified, SleuthQL will then insert SQLMap identifiers into each parameter where the SQL-esque variables were identified. SleuthQL aims to augment an assessor’s ability to discover SQL injection...
Compromising IPv4 Networks via IPv6: mitm6
mitm6 is a pentesting tool that exploits the default configuration of Windows to take over the default DNS server. It does this by replying to DHCPv6 messages, providing victims with a link-local IPv6 address and setting the attackers host as default DNS server. As DNS server, mitm6 will...
New and Improved Version of airpwn: airpwn-ng
Features Inject to all visible clients a.k.a Broadcast Mode Inject on both open networks and WEP/WPA protected networks Targeted injection with -t MAC:ADDRESS MAC:ADDRESS Gather all visible cookies Broadcast Mode Gather cookies for specific websites –websites websiteslist.txt In this scenario,...
Remotely Dump Linux RAM: LiMEaide
LiMEaide is a python application designed to remotely dump RAM of a Linux client and create a volatility profile for later analysis on your local host. I hope that this will simplify Linux digital forensics in a remote environment. In order to use LiMEaide all you need to do is feed a remote Linu...
Domain Analyzer
Domain analyzer is a security analysis tool which automatically discovers and reports information about the given domain. Its main purpose is to analyze domains in an unattended way. Domain analyzer takes a domain name and finds information about it, such as DNS servers, mail servers, IP addresse...
Advanced Discovery of Privileged Accounts: ACLight
ACLight is a tool for discovering privileged accounts through advanced ACLs Access Lists analysis. It includes the discovery of Shadow Admins in the scanned network. The tool queries the Active Directory AD for its objects’ ACLs and then filters and analyzes the sensitive permissions of each one...
Web Application Vulnerability Testing: ZAProxy
Web Application Vulnerability Testing The OWASP Zed Attack Proxy ZAP is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers. It can help you automatically find security vulnerabilities in your web applications while you are...
Detects Clickbait Headlines Using Deep Learning: Clickbait Detector
Detects Clickbait Headlines Using Deep Learning People continually fall for clickbait and as Wired in it’s article mentioned Whether you think clickbait is on the rise, obscurant and self-negating, not such a big deal, or the root of all evil, one thing is clear about it: It’s increasingly hard t...
Q&A: Web Application Security Scanning with Netsparker
Q&A with Huseyin Tufekcilerli, the lead developer of Netsparker Desktop web application security scanner More than 70% of all cyber breaches involve web applications, and almost 90% organizations believe their application security programs need to be improved. Web application security has risen t...
Portable Malware Analysis Sandbox: Noriben
Portable Malware Analysis Sandbox Noriben is a Python-based script that works in conjunction with Sysinternals Procmon to automatically collect, analyze, and report on runtime indicators of malware. In a nutshell, it allows you to run your malware, hit a keypress, and get a simple text report of...
Open Source Privacy Enhancing iOS Web Browser: Onion Browser
Open Source Privacy Enhancing iOS Web Browser Onion Browser is a free web browser for iPhone and iPad that encrypts and tunnels web traffic through the Tor network , with extra features to help you browse the internet privately. Features & Benefits Internet access is tunneled through the Tor...
One Click Symbolic Execution: Ponce
Ponce pronounced ‘poN θe pon-they is an IDA Pro plugin that provides users the ability to perform taint analysis and symbolic execution over binaries in an easy and intuitive fashion. With Ponce you are one click away from getting all the power from cutting edge symbolic execution. Entirely writt...
RunPE Extraction Tool: FridaExtract
FridaExtract is a Frida.re based RunPE extraction tool. RunPE type injection is a common technique used by malware to hide code within another process. It also happens to be the final stage in a lot of packers : NOTE: Frida now also supports extraction of injected PE files using the...
Multi Gigabit Packet Capturing: PFQ
PFQ is a functional networking framework designed for the Linux operating system that allows efficient packets capture/transmission 10G and beyond, in-kernel functional processing and packets steering across sockets/end-points. PFQ is highly optimized for multi-core architecture, as well as for...
Fast Subdomains Enumeration Tool: Sublist3r
Fast Subdomains Enumeration Tool Sublist3r is python tool that is designed to enumerate subdomains of websites using search engines. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Sublist3r currently supports the following search...
Automated Penetration Testing Toolkit: APT2
This tool will perform an NMap scan, or import the results of a scan from Nexpose, Nessus, or NMap. The processesd results will be used to launch exploit and enumeration modules according to the configurable Safe Level and enumerated service information. All module results are stored on localhost...
ICS SCADA NSA Situational Awareness: Grassmarlin
ICS SCADA NSA Situational Awareness: Grassmarlin Provide IP network situational awareness of industrial control systems ICS and Supervisory Control and Data Acquisition SCADA networks to support network security. Passively map, and visually display, an ICS/SCADA network topology while safely...
Create TCP UDP Connections Over Audio Channel: Quiet-lwip
Quiet-lwip is a binding for libquiet to lwip . This binding can be used to create TCP and UDP connections over an audio channel. This channel may be speaker-to-mic “over the air” or through a wired connection. This binding provides an abstract version which emits and consumes floating point sampl...
Usable Privacy Box: UpriBox
The upribox software is used to create Raspberry Pi images to turn your Raspberry Pi into a privacy-enhancing Wireless router. See the official Raspberry Pi documentation for pointers on how to install the upribox image on the SD card. Upon the first boot the SSH/VPN keys are automatically...
Onion Services Security Scan: OnionScan
OnionScan is a free and open source tool for investigating the Dark Web. For all the amazing technological innovations in the anonymity and privacy space, there is always a constant threat that has no effective technological patch – human error. Whether it is operational security leaks or softwar...
Self Hosted Git Service: Gogs
Gogs is a self-hosted Git service written in Go which is very easy to get running and has low system usage as well. It aspires to be the easiest, fastest, and most painless way to set up a self-hosted Git service. With Go, this can be done with an independent binary distribution across ALL...
Network Security Policy Compiler: Netspoc
Netspoc is free software to manage all the packet filter devices inside your network topology. Filter rules for each device are generated from one central ruleset, using a description of your network topology. Netspoc generates ACLs and static routes for a given network policy, consisting of a se...
Rogue Wi-Fi Access Point: 3vilTwinAttacker
This tool create an rogue Wi-Fi access point , purporting to provide wireless Internet services, but snooping on the traffic 3vilTwinAttacker is security tool that provide the Rogue access point to Man-In-The-Middle and network attacks. purporting to provide wireless Internet services, but snoopi...
CONPOT ICS SCADA Honeypot
CONPOT ICS SCADA Honeypot Conpot is a low interactive server side Industrial Control Systems honeypot designed to be easy to deploy, modify and extend. By providing a range of common industrial control protocols we created the basics to build your own system, capable to emulate complex...
Run a Command on Multiple Servers: ClusterSSH
Run a Command on Multiple Servers How to run a command on multiple servers at once? If you maintain multiple Linux servers, there are cases where you want to run the same commands on all the servers. For example, you may want to install/upgrade packages, patch the kernel, and update configuration...
Detailed Heap Profiler: Memoro
Memoro is a highly detailed heap profiler. Memoro not only shows you where and when your program makes heap allocations, but will show you how your program actually used that memory. Memoro collects detailed information on accesses to the heap, including reads and writes to memory and when they...
Command and Control via Legitimate Behavior over HTTP: TrevorC2
TrevorC2 is a client/server model for masking command and control through a normally browsable website. Detection becomes much harder as time intervals are different and does not use POST requests for data exfil. There are two components to TrevorC2 – the client and the server. The client can be...
Block All Domains That Serve Ads, Tracking Scripts and Malware: hBlock
Improve your security and privacy by blocking ads, tracking and malware domains. This POSIX-compliant shell script, designed for Unix-like systems, gets a list of domains that serve ads, tracking scripts and malware from multiple reputable sources and creates a hosts file that prevents your syste...
Ultimate Phishing Tool with Ngrok Integrated: SocialFish
Available Pages + Facebook: Traditional Facebook login page. Advanced login with Facebook. + Google: Traditional Google login page. Advanced login with Facebook. + LinkedIN: Traditional LinkedIN login page. + Github: Traditional Github login page. + Stackoverflow: Traditional Stackoverflow...
WebSocket C2 Communication Channel: WSC2
WSC2 is a PoC of using the WebSockets and a browser process to serve as a C2 communication channel between an agent, running on the target system, and a controller acting as the actuel C2 server. WSC2 is composed of: a controller, written in Python, which acts as the C2 server an agent running on...
Phishing Framework with 2FA Token Support: CredSniper
Easily launch a new phishing site fully presented with SSL and capture credentials along with 2FA tokens using CredSniper. The API provides secure access to the currently captured credentials which can be consumed by other applications using a randomly generated API token. Benefits Fully supporte...
SIP Based Audit and Attack Tool: Mr. SIP
Mr.SIP is a tool developed to audit and simulate SIP-based attacks. Originally it was developed to be used in academic work to help developing novel SIP-based DDoS attacks and defense approaches and then as an idea to convert it to a fully functional SIP-based penetration testing tool, it has bee...