Lucene search
K
N0whereMost viewed

1052 matches found

n0where
n0where
added 2017/11/02 4:50 p.m.28 views

Phishing Framework with 2FA Token Support: CredSniper

Easily launch a new phishing site fully presented with SSL and capture credentials along with 2FA tokens using CredSniper. The API provides secure access to the currently captured credentials which can be consumed by other applications using a randomly generated API token. Benefits Fully supporte...

0.2AI score
Exploits0References1
n0where
n0where
added 2017/09/12 4:57 a.m.28 views

SIP Based Audit and Attack Tool: Mr. SIP

Mr.SIP is a tool developed to audit and simulate SIP-based attacks. Originally it was developed to be used in academic work to help developing novel SIP-based DDoS attacks and defense approaches and then as an idea to convert it to a fully functional SIP-based penetration testing tool, it has bee...

0.3AI score
Exploits0References1
n0where
n0where
added 2017/08/06 6:21 p.m.28 views

Decentralized Peer to Peer File Sharing: iWant

A command-line tool for searching and downloading files in LAN network, without any central server. Features Decentralized : There is no central server hosting files. Therefore, no central point of failure Easy discovery of files : As easy as searching for something in Google. File download from...

1AI score
Exploits0References2
n0where
n0where
added 2017/07/03 4:49 p.m.28 views

Interactive Security Reference Tool: BroSec

Interactive Security Reference Tool An interactive reference tool to help security professionals utilize useful payloads and commands Brosec is a terminal based reference utility designed to help us infosec bros and broettes with useful yet sometimes complex payloads and commands that are often...

7.3AI score
Exploits0References5
n0where
n0where
added 2017/03/20 8:12 a.m.28 views

Distributed Security Alerting: Securitybot

Distributed Security Alerting Securitybot is an open-source implementation of a distributed alerting chat bot, as described in Ryan Huber’s blog post . Distributed alerting improves the monitoring efficiency of your security team and can help you catch security incidents faster and more...

7.6AI score
Exploits0References1
n0where
n0where
added 2017/03/09 6:12 a.m.28 views

Windows PE Binary Static Analysis Tool : BinSkim

Windows PE Binary Static Analysis Tool BinSkim is a binary static analysis tool that scans Windows Portable Executable PE files for security and correctness. Among the verifications performed by BinSkim are validations that the PE file has opted into all of the binary mitigations offered by the...

Exploits0References2
n0where
n0where
added 2017/03/02 8:24 p.m.28 views

Fully Featured Backdoor – Telegram C&C: BrainDamage

A python based backdoor which uses Telegram as C&C server. Features Persistance USB spreading Port Scanner Router Finder Run shell commands Keylogger Insert keystrokes Record audio Webserver Screenshot logging Download files in the host Execute shutdown, restart, logoff, lock Send drive tree...

0.1AI score
Exploits0References2
n0where
n0where
added 2017/01/24 8:5 a.m.28 views

Weapon of Mass Destruction: WMD

Weapon of Mass Destruction This is a python tool with a collection of IT security software. The software is incapsulated in “modules”. The modules does consist of pure python code and/or external third programs. Main functions 1 To use a module, run the command “use modulecall”, e.g. “use apsniff...

0.1AI score
Exploits0References1
n0where
n0where
added 2017/01/02 6:4 a.m.28 views

Securing DNS Communication: dnscrypt-proxy

dnscrypt-proxy is a flexible DNS proxy. It runs on your computer or router, and can locally block unwanted content, reveal where your devices are silently sending data to, make applications feel faster by caching DNS responses, and improve security and confidentiality by communicating to upstream...

2.9AI score
Exploits0References3
n0where
n0where
added 2016/11/28 5:53 a.m.28 views

Kernel Address Space Layout Randomization Recovery Software

Kernel Address Space Layout Randomization Recovery Software KASLRfinder is a small utility that can be used to find where in memory the Windows 10 kernel and its drivers are loaded – despite the addresses being randomized by Kernel Address Space Layout Randomization KASLR. The utility can be run ...

0.5AI score
Exploits0References1
n0where
n0where
added 2016/10/28 12:17 a.m.28 views

ARP Poison Attack Script: Creak

ARP Poison Attack Script Deny navigation and download capabilities of a target host in the local network performing an ARP poison attack and sending reset TCP packets to every request made to the router. Born as a didactic project for learning python language. Installation $ git clone...

0.2AI score
Exploits0References1
n0where
n0where
added 2016/10/07 2:40 p.m.28 views

CERT Basic Fuzzing Framework: BFF

CERT Basic Fuzzing Framework The CERT Basic Fuzzing Framework BFF is a software testing tool that finds defects in applications that run on the Linux and Mac OS X platforms. BFF performs mutational fuzzing on software that consumes file input. Mutational fuzzing is the act of taking well-formed...

0.4AI score
Exploits0References1
n0where
n0where
added 2016/07/21 5:56 p.m.28 views

SimplE RePort wrIting and COllaboration tool: Serpico

Serpico is at its core a report generation tool but targeted at creating information security reports. When building a report the user adds “findings” from the template database to the report. When there are enough findings, click ‘Generate Report’ to create the docx with your findings. The docx...

0.1AI score
Exploits0References2
n0where
n0where
added 2016/07/17 8:45 p.m.28 views

Python Steganography Tool: Matroschka

Python Steganography Tool Матрёшка mɐˈtrʲɵʂkə is a command-line steganography tool written in pure Python. You can use it to hide and encrypt images or text in the least significant bits of pixels in an image. Encryption The encryption uses HMAC-SHA256 to authenticate the hidden data. Therefore t...

7.2AI score
Exploits0References1
n0where
n0where
added 2016/05/25 12:16 p.m.28 views

Remote Vulnerability Testing Framework: Pocsuite

Pocsuite is an open-sourced remote vulnerability testing and proof-of-concept development framework developed by the Knownsec Security Team. It comes with a powerful proof-of-concept engine, many niche features for the ultimate penetration testers and security researchers. Requirements Python 2.6...

8AI score
Exploits0References1
n0where
n0where
added 2016/05/19 2:25 p.m.28 views

Python Web Application XSS Scanner: XssPy

Python Web Application XSS Scanner XssPy is a python tool for finding Cross Site Scripting vulnerabilities in websites. This tool is the first of its kind. Instead of just checking one page as most of the tools do, this tool traverses the website and find all the links and subdomains first. After...

6.4AI score
Exploits0References1
n0where
n0where
added 2016/05/12 12:43 p.m.28 views

Protocol Learning and Stateful Fuzzing: Pulsar

Pulsar is a network fuzzer with automatic protocol learning and simulation capabilites. The tool allows to model a protocol through machine learning techniques, such as clustering and hidden Markov models. These models can be used to simulate communication between Pulsar and a real client or serv...

0.4AI score
Exploits0References1
n0where
n0where
added 2016/04/19 3:57 p.m.28 views

Lightweight Lumberjack Log Indexer: LogZoom

LogZoom is a lightweight, Lumberjack-compliant log indexer based off the fine work of Hailo’s Logslam . It accepts the Lumberjack v2 protocol, which is currently supported by Elastic’s Filebeat . It was written with the intention of being a smaller, efficient, and more reliable replacement for...

7.1AI score
Exploits0References5
n0where
n0where
added 2016/01/14 11:18 p.m.28 views

Multi protocol Test Suite

MTS Multi protocol Test Suite is a multi protocol testing tool specially designed for telecom IP-based architectures. With MTS Multi protocol Test Suite you get the powerful tool to: Test protocols with functional and regression tests Test load endurance and stress tests Simulate all network...

0.5AI score
Exploits0
n0where
n0where
added 2016/01/04 4:4 p.m.28 views

DHCP IP exhaustion attack: DHCPwn

DHCPwn is a tool used for testing DHCP IP exhaustion attacks. It can also be used to sniff local DHCP traffic. The DHCP protocol is connectionless and implemented via UDP. These two characteristics allow this attack to be performed. Since there is no actual connection being made between the clien...

0.2AI score
Exploits0References1
n0where
n0where
added 2015/12/11 12:12 a.m.28 views

Flexible DDoS Defense: Bohatei

DDoS defense today relies on expensive and proprietary hardware appliances deployed at fixed locations. This introduces key limitations with respect to flexibility e.g., complex routing to get traffic to these “chokepoints” and elasticity in handling changing attack patterns. We observe an...

7.4AI score
Exploits0References1
n0where
n0where
added 2015/09/06 7:25 p.m.28 views

Decentralized P2P Websites: ZeroNet

Decentralized P2P websites using Bitcoin crypto and the BitTorrent network ZeroNet uses Bitcoin cryptography and BitTorrent technology to build a decentralized censorship-resistant network. Users can publish static or dynamic websites into ZeroNet and visitors can choose to also serve the website...

Exploits0References5
n0where
n0where
added 2015/06/30 6:8 p.m.28 views

Bridging OpenVPN

OpenVPN supports two very different means for interconnecting networks: routing and bridging. Routing refers to the interconnection of separate and independent “sub-networks” subnets which have non-overlapping ranges of IP addresses. Upon receiving a packet sent to it, a network “router” examines...

7AI score
Exploits0
n0where
n0where
added 2015/05/11 2:59 p.m.28 views

Extract Metadata From Files: ImageCat

Extract Metadata From Files This is an OODT RADIX application that uses Apache Solr , Apache Tika and Apache OODT to ingest 10s of millions of files images,but could be extended to other files in place, and to extract metadata and OCR information from those files/images using Tika and Tesseract O...

6.9AI score
Exploits0References5
n0where
n0where
added 2015/04/13 2:20 p.m.28 views

IPv6 toolkit

A security assessment and troubleshooting tool for the IPv6 protocols The SI6 Networks’ IPv6 toolkit is a set of IPv6 security/trouble-shoting tools, that can send arbitrary IPv6-based packets. IPv6 toolkit: List of Tools addr6: An IPv6 address analysis and manipulation tool. flow6: A tool to...

0.3AI score
Exploits0References2
n0where
n0where
added 2015/02/21 12:2 a.m.28 views

Open Source Log Analysis: GoAccess

GoAccess is an open source real-time web log analyzer and interactive viewer that runs in a terminal in nix systems . It provides fast and valuable HTTP statistics for system administrators that require a visual server report on the fly. Features GoAccess parses the specified web log file and...

7.1AI score
Exploits0References1
n0where
n0where
added 2015/02/06 6:5 a.m.28 views

Extract data from pcap files: PCredz

Extract data from pcap files with PCredz This tool extracts Credit card numbers, NTLMDCE-RPC, HTTP, SQL, LDAP, etc, Kerberos AS-REQ Pre-Auth etype 23, HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface. PCredz Features: Extract from a pcap file or from a live...

0.6AI score
Exploits0References1
n0where
n0where
added 2012/08/16 10:1 p.m.28 views

Android Security Evaluation Framework: ASEF

Have you ever looked at your Android applications and wondered if they are watching you as well? Whether it’s a bandwidth-hogging app, aggressive adware or even malware, it would be interesting to know if they are doing more than what they are supposed to and if your personal information is...

0.9AI score
Exploits0
n0where
n0where
added 2012/08/08 7:53 p.m.28 views

Wireless Security Auditing: Fern Wifi Cracker

Fern Wifi Cracker is a Wireless security auditing and attack software program written using the Python Programming Language and the Python Qt GUI library , the program is able to crack and recover WEP/WPA/WPS keys and also run other network based attacks on wireless or ethernet based networks Fer...

0.4AI score
Exploits0
n0where
n0where
added 2010/07/16 3:29 p.m.28 views

Encrypted UDP based FTP: UFTP

Encrypted UDP based FTP with multicast UPDATE: Version 4 of UFTP is now available! The protocol has been heavily altered to support a number of new features : The ability to send multiple files in a single session An SSL/TLS derived encryption layer to protect your data Multicast tunneling NAT...

0.3AI score
Exploits0
n0where
n0where
added 2018/08/01 4:47 p.m.27 views

Reconnaissance and Vulnerability Scanning Tool: Raccoon

Raccoon is a tool made for reconnaissance and information gathering with an emphasis on simplicity. It will do everything from fetching DNS records, retrieving WHOIS information, obtaining TLS data, detecting WAF presence and up to threaded dir busting and subdomain enumeration. Every scan output...

6.9AI score
Exploits0References4
n0where
n0where
added 2018/05/08 4:11 a.m.27 views

MITM RDP Connections: Seth

Seth is a tool written in Python and Bash to MitM RDP connections by attempting to downgrade the connection in order to extract clear text credentials. It was developed to raise awareness and educate about the importance of properly configured RDP connections in the context of pentests, workshops...

0.4AI score
Exploits0References2
n0where
n0where
added 2018/03/12 5:0 a.m.27 views

Python Scriptable Reverse Engineering Sandbox: PyREBox

PyREBox is a Python scriptable Reverse Engineering sandbox. It is based on QEMU, and its goal is to aid reverse engineering by providing dynamic analysis and debugging capabilities from a different perspective. PyREBox allows to inspect a running QEMU VM, modify its memory or registers, and to...

6.6AI score
Exploits0References6
n0where
n0where
added 2018/02/07 5:41 a.m.27 views

Automating Cracking Methodologies Through Hashcat: hate_crack

A tool for automating cracking methodologies through Hashcat from the TrustedSec team. Installation Get the latest hashcat binaries https://hashcat.net/hashcat/ OSX Install https://www.phillips321.co.uk/2016/07/09/hashcat-on-os-x-getting-it-going/ mkdir -p hashcat/deps git clone...

7.2AI score
Exploits0References1
n0where
n0where
added 2018/01/01 7:53 p.m.27 views

Software Defined Radio Trunked and Digital Radio Decoder: SDRtrunk

SDRtrunk is an integrated application for demodulating radio signals and decoding trunked radio network protocols and some related radio signal formats. The application does NOT require a discriminator tapped scanner and it does NOT require the use of audio piping applications like Virtual Audio...

1AI score
Exploits0References3
n0where
n0where
added 2017/11/02 3:17 p.m.27 views

PowerShell Post-Exploitation Agent: Empire

Empire is a post-exploitation framework that includes a pure-PowerShell2.0 Windows agent, and a pure Python 2.6/2.7 Linux/OS X agent. It is the merge of the previous PowerShell Empire and Python EmPyre projects. The framework offers cryptologically-secure communications and a flexible architectur...

0.2AI score
Exploits0References1
n0where
n0where
added 2017/10/28 6:58 p.m.27 views

Onion Routed Cloud: ORC

Onion Routed Cloud is a decentralized, anonymous, object storage platform owned and operated by allies in defense of human rights and opposition to censorship. ORC is a volunteer run cloud storage network that protects users from surveillance and puts them in control of their data. Use cases: For...

Exploits0References5
n0where
n0where
added 2017/10/28 4:52 a.m.27 views

Security Focused Desktop Operating System: Qubes OS

Qubes OS is a security-oriented operating system OS. The OS is the software that runs all the other programs on a computer. Some examples of popular OSes are Microsoft Windows, Mac OS X, Android, and iOS. Qubes is free and open-source software FOSS. This means that everyone is free to use, copy,...

0.2AI score
Exploits0
n0where
n0where
added 2017/08/08 6:30 p.m.27 views

Simplify the management of ip(6)tables based firewalls: fwgen

fwgen is a small framework to simplify the management of ip6tables based firewalls, that also integrates ipset support and zones in a non-restrictive way. It is not an abstraction layer of the iptables syntax, so you still need to understand how to write iptables rules and how packets are process...

7.4AI score
Exploits0References1
n0where
n0where
added 2017/06/19 5:37 a.m.27 views

Full-Fledged Phishing Framework: FirePhish

FirePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more. The features will continue to be expanded and will include website spoofing, click tracking, and extensive notification...

7AI score
Exploits0References3
n0where
n0where
added 2016/12/17 5:23 a.m.27 views

Remote msfconsole: msf-remote-console

Remote msfconsole A remote msfconsole written in Python 2.7 to connect to the msfrcpd server of metasploit. This tool gives you the ability to load modules permanently as daemon on your server like autopwn2. Although it gives you the ability to remotely use the msfrpcd server it is recommended to...

0.3AI score
Exploits0References1
n0where
n0where
added 2016/11/21 4:28 a.m.27 views

Server Side Bruteforce Module: brut3k1t

Server Side Bruteforce Module brut3k1t is a server-side bruteforce module that supports dictionary attacks for several protocols. The current protocols that are complete and in support are: ssh ftp smtp XMPP instagram facebook There will be future implementations of different protocols and servic...

7.7AI score
Exploits0References1
n0where
n0where
added 2016/09/19 7:27 p.m.27 views

Data Exfiltration Toolkit: DET

Data Exfiltration Toolkit DET is provided AS IS, is a proof of concept to perform Data Exfiltration using either single or multiple channels at the same time. This is a Proof of Concept aimed at identifying possible DLP failures. This should never be used to exfiltrate sensitive/live data. The id...

7.1AI score
Exploits0References1
n0where
n0where
added 2016/08/16 4:34 p.m.27 views

A Modular Recon Tool: RECON

Low Hanging Fruit: a Modular Recon Tool for Penetration Testing Reconnaissance is the absolute most important step in a penetration test. A good recon of the target could net you some vital information and low hanging fruit. Thus RECON was created. A set and forget type of recon scanner. No need ...

0.2AI score
Exploits0References1
n0where
n0where
added 2016/07/16 8:19 p.m.27 views

Swiss Army Knife for Mac OS X: m-cli

Swiss Army Knife for Mac OS X m-cli differs from other mac command line tools in that: Its main purpose is to manage administrative tasks and do it easier It doesn’t install 3rd party tools because it doesn’t have dependencies The installation is very easy and doesn’t require intervention It only...

7.3AI score
Exploits0References1
n0where
n0where
added 2015/09/14 2:30 a.m.27 views

Powershell Netcat: PowerCat

powercat is a powershell function. First you need to load the function before you can execute it. You can put one of the below commands into your powershell profile so powercat is automatically loaded when powershell starts. What’s netcat anyway ? netcat often abbreviated to nc is a computer...

0.9AI score
Exploits0References2
n0where
n0where
added 2015/07/22 2:51 a.m.27 views

Msfvenom Payload Creator: MPC

Msfvenom Payload Creator MPC is a wrapper to generate multiple types of payloads, based on users choice. The idea is to be as simple as possible only requiring one input to produce their payload. Fully automating msfvenom & Metasploit is the end goal well as to be be able to automate MPC itself...

0.1AI score
Exploits0References1
n0where
n0where
added 2015/03/16 6:47 p.m.27 views

Fast Incident Response: FIR

FIR Fast Incident Response is an cybersecurity incident management platform designed with agility and speed in mind. It allows for easy creation, tracking, and reporting of cybersecurity incidents. FIR is for anyone needing to track cybersecurity incidents CSIRTs, CERTs, SOCs, etc.. It’s was...

0.1AI score
Exploits0References2
n0where
n0where
added 2015/02/06 9:30 p.m.27 views

Subdomain Enumeration Tool: SubBrute

SubBrute is a community driven project with the goal of creating the fastest, and most accurate subdomain enumeration tool. Some of the magic behind SubBrute is that it uses open resolvers as a kind of proxy to circumvent DNS rate-limiting /TA13-088A . This design also provides a layer of...

0.3AI score
Exploits0References1
n0where
n0where
added 2012/12/06 6:40 p.m.27 views

Reverse engineering, Malware and Goodware analysis of Android applications: Androguard

Androguard is a full python tool to play with Android files. DEX, ODEX APK Android’s binary xml Android resources Disassemble DEX/ODEX bytecodes Decompiler for DEX/ODEX files You can either use the cli or graphical frontend for androguard, or use androguard purely as a library for your own tools...

7.5AI score
Exploits0References1
Total number of security vulnerabilities1052