1052 matches found
Phishing Framework with 2FA Token Support: CredSniper
Easily launch a new phishing site fully presented with SSL and capture credentials along with 2FA tokens using CredSniper. The API provides secure access to the currently captured credentials which can be consumed by other applications using a randomly generated API token. Benefits Fully supporte...
SIP Based Audit and Attack Tool: Mr. SIP
Mr.SIP is a tool developed to audit and simulate SIP-based attacks. Originally it was developed to be used in academic work to help developing novel SIP-based DDoS attacks and defense approaches and then as an idea to convert it to a fully functional SIP-based penetration testing tool, it has bee...
Decentralized Peer to Peer File Sharing: iWant
A command-line tool for searching and downloading files in LAN network, without any central server. Features Decentralized : There is no central server hosting files. Therefore, no central point of failure Easy discovery of files : As easy as searching for something in Google. File download from...
Interactive Security Reference Tool: BroSec
Interactive Security Reference Tool An interactive reference tool to help security professionals utilize useful payloads and commands Brosec is a terminal based reference utility designed to help us infosec bros and broettes with useful yet sometimes complex payloads and commands that are often...
Distributed Security Alerting: Securitybot
Distributed Security Alerting Securitybot is an open-source implementation of a distributed alerting chat bot, as described in Ryan Huber’s blog post . Distributed alerting improves the monitoring efficiency of your security team and can help you catch security incidents faster and more...
Windows PE Binary Static Analysis Tool : BinSkim
Windows PE Binary Static Analysis Tool BinSkim is a binary static analysis tool that scans Windows Portable Executable PE files for security and correctness. Among the verifications performed by BinSkim are validations that the PE file has opted into all of the binary mitigations offered by the...
Fully Featured Backdoor – Telegram C&C: BrainDamage
A python based backdoor which uses Telegram as C&C server. Features Persistance USB spreading Port Scanner Router Finder Run shell commands Keylogger Insert keystrokes Record audio Webserver Screenshot logging Download files in the host Execute shutdown, restart, logoff, lock Send drive tree...
Weapon of Mass Destruction: WMD
Weapon of Mass Destruction This is a python tool with a collection of IT security software. The software is incapsulated in “modules”. The modules does consist of pure python code and/or external third programs. Main functions 1 To use a module, run the command “use modulecall”, e.g. “use apsniff...
Securing DNS Communication: dnscrypt-proxy
dnscrypt-proxy is a flexible DNS proxy. It runs on your computer or router, and can locally block unwanted content, reveal where your devices are silently sending data to, make applications feel faster by caching DNS responses, and improve security and confidentiality by communicating to upstream...
Kernel Address Space Layout Randomization Recovery Software
Kernel Address Space Layout Randomization Recovery Software KASLRfinder is a small utility that can be used to find where in memory the Windows 10 kernel and its drivers are loaded – despite the addresses being randomized by Kernel Address Space Layout Randomization KASLR. The utility can be run ...
ARP Poison Attack Script: Creak
ARP Poison Attack Script Deny navigation and download capabilities of a target host in the local network performing an ARP poison attack and sending reset TCP packets to every request made to the router. Born as a didactic project for learning python language. Installation $ git clone...
CERT Basic Fuzzing Framework: BFF
CERT Basic Fuzzing Framework The CERT Basic Fuzzing Framework BFF is a software testing tool that finds defects in applications that run on the Linux and Mac OS X platforms. BFF performs mutational fuzzing on software that consumes file input. Mutational fuzzing is the act of taking well-formed...
SimplE RePort wrIting and COllaboration tool: Serpico
Serpico is at its core a report generation tool but targeted at creating information security reports. When building a report the user adds “findings” from the template database to the report. When there are enough findings, click ‘Generate Report’ to create the docx with your findings. The docx...
Python Steganography Tool: Matroschka
Python Steganography Tool Матрёшка mɐˈtrʲɵʂkə is a command-line steganography tool written in pure Python. You can use it to hide and encrypt images or text in the least significant bits of pixels in an image. Encryption The encryption uses HMAC-SHA256 to authenticate the hidden data. Therefore t...
Remote Vulnerability Testing Framework: Pocsuite
Pocsuite is an open-sourced remote vulnerability testing and proof-of-concept development framework developed by the Knownsec Security Team. It comes with a powerful proof-of-concept engine, many niche features for the ultimate penetration testers and security researchers. Requirements Python 2.6...
Python Web Application XSS Scanner: XssPy
Python Web Application XSS Scanner XssPy is a python tool for finding Cross Site Scripting vulnerabilities in websites. This tool is the first of its kind. Instead of just checking one page as most of the tools do, this tool traverses the website and find all the links and subdomains first. After...
Protocol Learning and Stateful Fuzzing: Pulsar
Pulsar is a network fuzzer with automatic protocol learning and simulation capabilites. The tool allows to model a protocol through machine learning techniques, such as clustering and hidden Markov models. These models can be used to simulate communication between Pulsar and a real client or serv...
Lightweight Lumberjack Log Indexer: LogZoom
LogZoom is a lightweight, Lumberjack-compliant log indexer based off the fine work of Hailo’s Logslam . It accepts the Lumberjack v2 protocol, which is currently supported by Elastic’s Filebeat . It was written with the intention of being a smaller, efficient, and more reliable replacement for...
Multi protocol Test Suite
MTS Multi protocol Test Suite is a multi protocol testing tool specially designed for telecom IP-based architectures. With MTS Multi protocol Test Suite you get the powerful tool to: Test protocols with functional and regression tests Test load endurance and stress tests Simulate all network...
DHCP IP exhaustion attack: DHCPwn
DHCPwn is a tool used for testing DHCP IP exhaustion attacks. It can also be used to sniff local DHCP traffic. The DHCP protocol is connectionless and implemented via UDP. These two characteristics allow this attack to be performed. Since there is no actual connection being made between the clien...
Flexible DDoS Defense: Bohatei
DDoS defense today relies on expensive and proprietary hardware appliances deployed at fixed locations. This introduces key limitations with respect to flexibility e.g., complex routing to get traffic to these “chokepoints” and elasticity in handling changing attack patterns. We observe an...
Decentralized P2P Websites: ZeroNet
Decentralized P2P websites using Bitcoin crypto and the BitTorrent network ZeroNet uses Bitcoin cryptography and BitTorrent technology to build a decentralized censorship-resistant network. Users can publish static or dynamic websites into ZeroNet and visitors can choose to also serve the website...
Bridging OpenVPN
OpenVPN supports two very different means for interconnecting networks: routing and bridging. Routing refers to the interconnection of separate and independent “sub-networks” subnets which have non-overlapping ranges of IP addresses. Upon receiving a packet sent to it, a network “router” examines...
Extract Metadata From Files: ImageCat
Extract Metadata From Files This is an OODT RADIX application that uses Apache Solr , Apache Tika and Apache OODT to ingest 10s of millions of files images,but could be extended to other files in place, and to extract metadata and OCR information from those files/images using Tika and Tesseract O...
IPv6 toolkit
A security assessment and troubleshooting tool for the IPv6 protocols The SI6 Networks’ IPv6 toolkit is a set of IPv6 security/trouble-shoting tools, that can send arbitrary IPv6-based packets. IPv6 toolkit: List of Tools addr6: An IPv6 address analysis and manipulation tool. flow6: A tool to...
Open Source Log Analysis: GoAccess
GoAccess is an open source real-time web log analyzer and interactive viewer that runs in a terminal in nix systems . It provides fast and valuable HTTP statistics for system administrators that require a visual server report on the fly. Features GoAccess parses the specified web log file and...
Extract data from pcap files: PCredz
Extract data from pcap files with PCredz This tool extracts Credit card numbers, NTLMDCE-RPC, HTTP, SQL, LDAP, etc, Kerberos AS-REQ Pre-Auth etype 23, HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface. PCredz Features: Extract from a pcap file or from a live...
Android Security Evaluation Framework: ASEF
Have you ever looked at your Android applications and wondered if they are watching you as well? Whether it’s a bandwidth-hogging app, aggressive adware or even malware, it would be interesting to know if they are doing more than what they are supposed to and if your personal information is...
Wireless Security Auditing: Fern Wifi Cracker
Fern Wifi Cracker is a Wireless security auditing and attack software program written using the Python Programming Language and the Python Qt GUI library , the program is able to crack and recover WEP/WPA/WPS keys and also run other network based attacks on wireless or ethernet based networks Fer...
Encrypted UDP based FTP: UFTP
Encrypted UDP based FTP with multicast UPDATE: Version 4 of UFTP is now available! The protocol has been heavily altered to support a number of new features : The ability to send multiple files in a single session An SSL/TLS derived encryption layer to protect your data Multicast tunneling NAT...
Reconnaissance and Vulnerability Scanning Tool: Raccoon
Raccoon is a tool made for reconnaissance and information gathering with an emphasis on simplicity. It will do everything from fetching DNS records, retrieving WHOIS information, obtaining TLS data, detecting WAF presence and up to threaded dir busting and subdomain enumeration. Every scan output...
MITM RDP Connections: Seth
Seth is a tool written in Python and Bash to MitM RDP connections by attempting to downgrade the connection in order to extract clear text credentials. It was developed to raise awareness and educate about the importance of properly configured RDP connections in the context of pentests, workshops...
Python Scriptable Reverse Engineering Sandbox: PyREBox
PyREBox is a Python scriptable Reverse Engineering sandbox. It is based on QEMU, and its goal is to aid reverse engineering by providing dynamic analysis and debugging capabilities from a different perspective. PyREBox allows to inspect a running QEMU VM, modify its memory or registers, and to...
Automating Cracking Methodologies Through Hashcat: hate_crack
A tool for automating cracking methodologies through Hashcat from the TrustedSec team. Installation Get the latest hashcat binaries https://hashcat.net/hashcat/ OSX Install https://www.phillips321.co.uk/2016/07/09/hashcat-on-os-x-getting-it-going/ mkdir -p hashcat/deps git clone...
Software Defined Radio Trunked and Digital Radio Decoder: SDRtrunk
SDRtrunk is an integrated application for demodulating radio signals and decoding trunked radio network protocols and some related radio signal formats. The application does NOT require a discriminator tapped scanner and it does NOT require the use of audio piping applications like Virtual Audio...
PowerShell Post-Exploitation Agent: Empire
Empire is a post-exploitation framework that includes a pure-PowerShell2.0 Windows agent, and a pure Python 2.6/2.7 Linux/OS X agent. It is the merge of the previous PowerShell Empire and Python EmPyre projects. The framework offers cryptologically-secure communications and a flexible architectur...
Onion Routed Cloud: ORC
Onion Routed Cloud is a decentralized, anonymous, object storage platform owned and operated by allies in defense of human rights and opposition to censorship. ORC is a volunteer run cloud storage network that protects users from surveillance and puts them in control of their data. Use cases: For...
Security Focused Desktop Operating System: Qubes OS
Qubes OS is a security-oriented operating system OS. The OS is the software that runs all the other programs on a computer. Some examples of popular OSes are Microsoft Windows, Mac OS X, Android, and iOS. Qubes is free and open-source software FOSS. This means that everyone is free to use, copy,...
Simplify the management of ip(6)tables based firewalls: fwgen
fwgen is a small framework to simplify the management of ip6tables based firewalls, that also integrates ipset support and zones in a non-restrictive way. It is not an abstraction layer of the iptables syntax, so you still need to understand how to write iptables rules and how packets are process...
Full-Fledged Phishing Framework: FirePhish
FirePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more. The features will continue to be expanded and will include website spoofing, click tracking, and extensive notification...
Remote msfconsole: msf-remote-console
Remote msfconsole A remote msfconsole written in Python 2.7 to connect to the msfrcpd server of metasploit. This tool gives you the ability to load modules permanently as daemon on your server like autopwn2. Although it gives you the ability to remotely use the msfrpcd server it is recommended to...
Server Side Bruteforce Module: brut3k1t
Server Side Bruteforce Module brut3k1t is a server-side bruteforce module that supports dictionary attacks for several protocols. The current protocols that are complete and in support are: ssh ftp smtp XMPP instagram facebook There will be future implementations of different protocols and servic...
Data Exfiltration Toolkit: DET
Data Exfiltration Toolkit DET is provided AS IS, is a proof of concept to perform Data Exfiltration using either single or multiple channels at the same time. This is a Proof of Concept aimed at identifying possible DLP failures. This should never be used to exfiltrate sensitive/live data. The id...
A Modular Recon Tool: RECON
Low Hanging Fruit: a Modular Recon Tool for Penetration Testing Reconnaissance is the absolute most important step in a penetration test. A good recon of the target could net you some vital information and low hanging fruit. Thus RECON was created. A set and forget type of recon scanner. No need ...
Swiss Army Knife for Mac OS X: m-cli
Swiss Army Knife for Mac OS X m-cli differs from other mac command line tools in that: Its main purpose is to manage administrative tasks and do it easier It doesn’t install 3rd party tools because it doesn’t have dependencies The installation is very easy and doesn’t require intervention It only...
Powershell Netcat: PowerCat
powercat is a powershell function. First you need to load the function before you can execute it. You can put one of the below commands into your powershell profile so powercat is automatically loaded when powershell starts. What’s netcat anyway ? netcat often abbreviated to nc is a computer...
Msfvenom Payload Creator: MPC
Msfvenom Payload Creator MPC is a wrapper to generate multiple types of payloads, based on users choice. The idea is to be as simple as possible only requiring one input to produce their payload. Fully automating msfvenom & Metasploit is the end goal well as to be be able to automate MPC itself...
Fast Incident Response: FIR
FIR Fast Incident Response is an cybersecurity incident management platform designed with agility and speed in mind. It allows for easy creation, tracking, and reporting of cybersecurity incidents. FIR is for anyone needing to track cybersecurity incidents CSIRTs, CERTs, SOCs, etc.. It’s was...
Subdomain Enumeration Tool: SubBrute
SubBrute is a community driven project with the goal of creating the fastest, and most accurate subdomain enumeration tool. Some of the magic behind SubBrute is that it uses open resolvers as a kind of proxy to circumvent DNS rate-limiting /TA13-088A . This design also provides a layer of...
Reverse engineering, Malware and Goodware analysis of Android applications: Androguard
Androguard is a full python tool to play with Android files. DEX, ODEX APK Android’s binary xml Android resources Disassemble DEX/ODEX bytecodes Decompiler for DEX/ODEX files You can either use the cli or graphical frontend for androguard, or use androguard purely as a library for your own tools...