Lucene search
+L
N0whereMost viewed

1052 matches found

n0where
n0where
added 2015/09/14 2:30 a.m.27 views

Powershell Netcat: PowerCat

powercat is a powershell function. First you need to load the function before you can execute it. You can put one of the below commands into your powershell profile so powercat is automatically loaded when powershell starts. What’s netcat anyway ? netcat often abbreviated to nc is a computer...

0.9AI score
Exploits0References2
n0where
n0where
added 2015/07/22 2:51 a.m.27 views

Msfvenom Payload Creator: MPC

Msfvenom Payload Creator MPC is a wrapper to generate multiple types of payloads, based on users choice. The idea is to be as simple as possible only requiring one input to produce their payload. Fully automating msfvenom & Metasploit is the end goal well as to be be able to automate MPC itself...

0.1AI score
Exploits0References1
n0where
n0where
added 2015/05/08 2:41 p.m.27 views

focused Web Crawler: ACHE

ACHE is a focused Web crawler that can be customized to search for pages the belong to a given topic or have a given property. To configure ACHE, you need to: define a topic of interest e.g., Ebola, terrorism, cooking recipes; create a model to detect Web pages that belong to this topic; and...

0.8AI score
Exploits0References2
n0where
n0where
added 2015/03/16 6:47 p.m.27 views

Fast Incident Response: FIR

FIR Fast Incident Response is an cybersecurity incident management platform designed with agility and speed in mind. It allows for easy creation, tracking, and reporting of cybersecurity incidents. FIR is for anyone needing to track cybersecurity incidents CSIRTs, CERTs, SOCs, etc.. It’s was...

0.1AI score
Exploits0References2
n0where
n0where
added 2013/07/28 7:3 p.m.27 views

Anonymous Offline File-Sharing and Communications System: PirateBox

PirateBox creates offline wireless networks designed for anonymous file sharing, chatting, message boarding, and media streaming. You can think of it as your very own portable offline Internet in a box! When users join the PirateBox wireless network and open a web browser, they are automatically...

0.6AI score
Exploits0
n0where
n0where
added 2012/09/26 10:31 p.m.27 views

Portable Multi-boot Security Suite: Katana

Katana is a portable multi-boot security suite which brings together many of today’s best security distributions and portable applications to run off a single Flash Drive. It includes distributions which focus on Pen-Testing, Auditing, Forensics, System Recovery, Network Analysis, and Malware...

0.6AI score
Exploits0
n0where
n0where
added 2018/08/21 4:25 p.m.26 views

Backdooring and Breaking Signatures: SMBetray

In SMB connections, the security mechanisms protecting the integrity of the data passed between the server and the client are SMB signing and encryption. The signatures in on SMB packets when SMB signing is used are based on keys derived from information sent over the net in cleartext during the...

0.3AI score
Exploits0References1
n0where
n0where
added 2018/08/01 5:21 p.m.26 views

Build Your Own Botnet: BYOB

BYOB is an open-source project that provides a framework for security researchers and developers to build and operate a basic botnet to deepen their understanding of the sophisticated malware that infects millions of devices every year and spawns modern botnets, in order to improve their ability ...

0.4AI score
Exploits0References1
n0where
n0where
added 2018/06/18 8:11 p.m.26 views

Lightweight and Practical Kernel Protector for x86: Shadow-Box

Shadow-box is a security monitoring framework for operating systems using state-of-the-art virtualization technologies. Shadow-box has a novel architecture inspired by a shadow play. We made Shadow-box from scratch, and it is primarily composed of a lightweight hypervisor and a security monitor...

Exploits0References1
n0where
n0where
added 2018/04/20 4:18 a.m.26 views

An Intelligent Network Security Scanner: Red Team Arsenal

Red Team Arsenal is a web/network security scanner which has the capability to scan all company’s online facing assets and provide an holistic security view of any security anomalies. It’s a closely linked collections of security engines to conduct/simulate attacks and monitor public facing asset...

Exploits0References1
n0where
n0where
added 2017/09/25 3:22 a.m.26 views

Open Source Wireless Security Framework: SniffAir

SniffAir is an open-source wireless security framework. Sniffair allows for the collection, management, and analyzation of wireless traffic. In additional, SniffAir can also be used to preform sophisticated wireless attacks. SniffAir was born out of the hassle of managing large or multiple pcap...

0.1AI score
Exploits0References1
n0where
n0where
added 2017/09/20 5:48 a.m.26 views

Python Network Hacking Toolkit: Habu

These are basic functions that help with some tasks for Ethical Hacking and Penetration Testing. Much of the functions are really basic like get our public IP address, but are really useful in some cases. Installation To install Habu, simply: $ pip install habu Dependencies Habu requires: Click...

0.2AI score
Exploits0References2
n0where
n0where
added 2017/08/25 5:21 p.m.26 views

Web-based OSINT and Active Reconnaissance Suite: D0xk1t

Active reconnaissance, information gathering and OSINT built in a portable web application. D0xk1t is an open-source , self-hosted and easy to use OSINT and active reconnaissance web application for penetration testers. Based off of the prior command-line script, D0xk1t is now fully capable of...

6.8AI score
Exploits0References1
n0where
n0where
added 2017/08/07 10:20 p.m.26 views

PowerShell Obfuscation Detection Framework: Revoke-Obfuscation

Revoke-Obfuscation is an open-source PowerShell v3.0+ framework for detecting obfuscated PowerShell commands and scripts at scale. It relies on PowerShell’s AST Abstract Syntax Tree to rapidly extract thousands of features from any input PowerShell script and compare this feature vector against o...

7.4AI score
Exploits0References3
n0where
n0where
added 2017/07/03 4:49 p.m.26 views

Advanced Stealthy Dropper: Dr0p1t Framework

Advanced Stealthy Dropper In short dropper is type of trojans that downloads other malwares and Dr0p1t gives you the chance to create a stealthy dropper that bypass most AVs and have a lot of tricks. Features + Generated executable properties: The executable size is smaller compared to other...

7.4AI score
Exploits0References2
n0where
n0where
added 2017/06/22 6:52 a.m.26 views

Automatically Exercise BloodHound Attack Plan: GoFetch

GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application. GoFetch first loads a path of local admin users and computers generated by BloodHound and converts it to its own attack plan format. Once the attack plan is ready, GoFetch advances towards the...

1.8AI score
Exploits0References1
n0where
n0where
added 2017/03/20 5:11 a.m.26 views

BGP Hijack Detection: TaBi

BGP Hijack Detection Developed since 2011 for the needs of the French Internet Resilience Observatory , TaBi is a framework that ease the detection of BGP IP prefixes conflicts, and their classification into BGP hijacking events. The term prefix hijacking refers to an event when an AS, called an...

7.5AI score
Exploits0References2
n0where
n0where
added 2017/02/16 6:48 a.m.26 views

Simple OpenVPN Raspberry Pi Installer: piVPN

Simple OpenVPN Raspberry Pi Installer This is a set of shell scripts that serve to easily turn your Raspberry Pi TM into a VPN server using the free, open-source OpenVPN software. The master branch of this script installs and configures OpenVPN on Raspbian Jessie and has been tested on Ubuntu 14....

7.3AI score
Exploits0References2
n0where
n0where
added 2017/02/13 8:0 p.m.26 views

WAF Security Benchmark: WAFPASS

WAF Security Benchmark WAFPASS Analysing parameters with all payloads’ bypass methods, aiming at benchmarking security solutions like WAF. Today a great number of website owners around the globe use “Web Application Firewalls” to improve their security. However, these security applications suffer...

7AI score
Exploits0References1
n0where
n0where
added 2017/01/06 5:36 a.m.26 views

Platform Independent Meta Information Editor: ExifTool

Platform Independent Meta Information Editor ExifTool is a platform-independent Perl library plus a command-line application for reading, writing and editing meta information in a wide variety of files. ExifTool supports many different metadata formats including EXIF, GPS, IPTC, XMP, JFIF, GeoTIF...

Exploits0
n0where
n0where
added 2016/12/27 5:10 a.m.26 views

Multiplatform Open Source Binary Analysis: BARF Project

BARF : A multiplatform open source Binary Analysis and Reverse engineering Framework The analysis of binary code is a crucial activity in many areas of the computer sciences and software engineering disciplines ranging from software security and program analysis to reverse engineering. Manual...

0.1AI score
Exploits0References6
n0where
n0where
added 2016/12/07 6:19 a.m.26 views

Malware Analysis Windows VM: Malboxes

Malware Analysis Windows VM Vagrant box builder and config generator for malware analysis. The malware battle online is far from being over. Several thousands of new malware binaries are collected by antivirus companies every day. Most organizations don’t have the expertise on staff to know if th...

0.2AI score
Exploits0References2
n0where
n0where
added 2016/12/07 5:52 a.m.26 views

Powerful Extensible Wireless Drop Box: Pina Colada

Powerful Extensible Wireless Drop Box Pina Colada, a powerful and extensible wireless drop box, capable of performing a wide range of remote offensive attacks on a network. It can currently be controlled only via a command line interface, but a Command and Control remote server functionality is...

0.3AI score
Exploits0References2
n0where
n0where
added 2016/12/06 2:0 p.m.26 views

Ubuntu-based PenTest Linux Distribution: BackBox

BackBox Linux is a penetration testing and security assessment oriented Linux distribution providing a network and systems analysis toolkit. It includes some of the most commonly known/used security and analysis tools, aiming for a wide spread of goals, ranging from web application analysis to...

0.4AI score
Exploits0
n0where
n0where
added 2016/08/10 6:32 a.m.26 views

Open Source Pentesting Management And Automation Platform: Vulnreport

Open Source Pentesting Management And Automation Platform Vulnreport is a platform for managing penetration tests and generating well-formatted, actionable findings reports without the normal overhead that takes up security engineer’s time. It is designed to accelerate management of penetration...

7.6AI score
Exploits0References1
n0where
n0where
added 2016/08/04 2:55 a.m.26 views

OS X Forensic Evidence Collection: OSXCollector

OS X Forensic Evidence Collection: OSXCollector Forensic Collection The collection script runs on a potentially infected machine and outputs a JSON file that describes the target machine. OSXCollector gathers information from plists, SQLite databases and the local file system. Forensic Analysis...

6.5AI score
Exploits0References1
n0where
n0where
added 2016/07/01 1:41 a.m.26 views

Web Spidering Framework: Malspider

Web Spidering Framework That Detects Characteristics of Web Compromises Malspider is a web spidering framework that inspects websites for characteristics of compromise. Malspider has three purposes: Website Integrity Monitoring : monitor your organization’s website or your personal website for...

7AI score
Exploits0References1
n0where
n0where
added 2016/04/15 1:10 p.m.26 views

Extensible Debugger UI For Hackers: Voltron

Voltron is an extensible debugger UI toolkit written in Python. It aims to improve the user experience of various debuggers LLDB, GDB, VDB and WinDbg by enabling the attachment of utility views that can retrieve and display data from the debugger host. By running these views in other TTYs, you ca...

1.9AI score
Exploits0References3
n0where
n0where
added 2015/10/28 10:27 p.m.26 views

TrustedSec Attack Platform: TAP

TAP is a remote penetration testing platform builder. For folks in the security industry, traveling often times becomes a burden and adds a ton of cost to the customer. TAP was designed to make the deployment of these boxes super simple and create a self-healing and stable platform to deploy remo...

7.6AI score
Exploits0References1
n0where
n0where
added 2015/10/25 9:59 p.m.26 views

System Hardening Guide

The purpose of system hardening is to eliminate as many security risks as possible. Hardening is the process of securing a system by reducing its attack surface. A system has a larger vulnerability surface the more functions it fulfills; in principle a single-function system is more secure than a...

7.2AI score
Exploits0
n0where
n0where
added 2015/10/09 2:58 p.m.26 views

WPS Wireless Attack Tool: Pyxiewps

Pyxiewps is a wireless attack tool writen in python that uses reaver, pixiewps, macchanger and aircrack to retrieve the WPS pin of any vulnerable AP in seconds. There are already a lot of tools, reaver included, that can attack an access point AP using the Pixie Dust vulnerability but this tool w...

0.2AI score
Exploits0References1
n0where
n0where
added 2015/08/28 9:24 p.m.26 views

Penetration Testers Distro: Pentoo

Pentoo is a Live CD and Live USB designed for penetration testing and security assessment. Based on Gentoo Linux , Pentoo is provided both as 32 and 64 bit installable livecd. Pentoo is also available as an overlay for an existing Gentoo installation. It features packet injection patched wifi...

0.6AI score
Exploits0
n0where
n0where
added 2015/08/09 5:0 p.m.26 views

Automate Security Audit: netool.sh

Netool is a toolkit written in bash, python and ruby and provides easy automation for frameworks like Nmap, Driftnet, Sslstrip, Metasploit and Ettercap – mostly MitM attacks. This toolkit makes tasks as SNIFFING tcp/udp traffic, Man-In-The-Middle attacks, SSL-sniff, DNS-spoofing, D0S attacks in...

0.4AI score
Exploits0
n0where
n0where
added 2015/03/20 6:54 p.m.26 views

High-Speed Packet Generator: MoonGen

MoonGen is a high-speed scriptable packet generator. The whole load generator is controlled by a Lua script: all packets that are sent are crafted by a user-provided script. Thanks to the incredibly fast LuaJIT VM and the packet processing library DPDK, it can saturate a 10 GBit Ethernet link wit...

0.1AI score
Exploits0References3
n0where
n0where
added 2015/01/26 2:50 p.m.26 views

WordPress Vulnerability Scanner: vane

Vane is a GPL fork of the now non-free popular wordpress vulnerability scanner WPScan. Install Vane Prerequisites Windows not supported Ruby = 1.9 RubyGems Git Debian/Ubuntu sudo apt-get install libcurl4-gnutls-dev libopenssl-ruby libxml2 libxml2-dev libxslt1-dev ruby-dev git clone...

7.4AI score
Exploits0References1
n0where
n0where
added 2013/07/22 7:22 p.m.26 views

Open Source Steganography Web Service: DarkJPEG

DarkJPEG is a new generation open source steganography web service. It is supposed to serve people’s needs for the freedom of communication even in those countries which break human rights by forcing some kind of Internet censorship or even denying to use cryptography by law. The service uses...

Exploits0References2
n0where
n0where
added 2012/11/28 12:48 a.m.26 views

SQL Injection framework: Seringa

Seringa – SQL Injection framework Seringa Romanian for seringe is an SQL injection framework featuring high customizability and a user-friendly interface. It is completely open source. Uses the .NET 4.0 framework and Windows Presentation FoundationWPF for the GUI. With regard to design it utilize...

0.1AI score
Exploits0References1
n0where
n0where
added 2018/08/23 4:23 p.m.25 views

Offensive and Defensive Cryptography: Crypton

Crypton is an educational library to learn and practice Offensive and Defensive Cryptography. It is basically a collection of explanation and implementation of all the existing vulnerabilities and attacks on various Encryption Systems Symmetric and Asymmetric, Digital Signatures, Message...

1.4AI score
Exploits0References1
n0where
n0where
added 2018/05/24 6:52 p.m.25 views

Windows Packer Project for Defenders: DARKSURGEON

Darksurgeon is a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense. Darksurgeon has three stated goals: Accelerate incident response, digital forensics, malware analysis, and network defense with a preconfigured Windows 10 environment...

Exploits0References1
n0where
n0where
added 2018/02/23 6:53 a.m.25 views

Microsoft SQL Database Attacking Tool: MSDAT

MSDAT M icro s oft SQL D atabase A ttacking T ool is an open source penetration testing tool that tests the security of Microsoft SQL Databases remotely. Usage examples of MSDAT: You have a Microsoft database listening remotely and you want to find valid credentials in order to connect to the...

1AI score
Exploits0References1
n0where
n0where
added 2017/08/16 4:22 a.m.25 views

Capturing, Analyzing and Responding to Cyber Attacks: cyberprobe

The Cyberprobe project is an open-source distributed architecture for real-time monitoring of networks against attack. The software consists of two components: a probe, which collects data packets and forwards it over a network in standard streaming protocols. a monitor, which receives the stream...

0.2AI score
Exploits0References1
n0where
n0where
added 2017/08/12 1:14 a.m.25 views

Brute-force Attack Dictionary Builder: pydictor

A powerful and useful hacker dictionary builder for a brute-force attack You can use pydictor to generate a general blast wordlist, a custom wordlist based on Web content, a social engineering wordlist, and so on; You can use the pydictor built-in tool to safe delete, merge, unique, merge and...

7.4AI score
Exploits0References1
n0where
n0where
added 2017/08/10 5:59 p.m.25 views

Packet Manipulation Framework: PcapPlusPlus

PcapPlusPlus is a multiplatform C++ network sniffing and packet parsing and manipulation framework. PcapPlusPlus is meant to be lightweight, efficient and easy to use. What makes PcapPlusPlus different from similar C++ wrappers for libpcap/WinPcap? Designed to be lightweight and efficient Support...

1AI score
Exploits0References1
n0where
n0where
added 2017/08/08 6:7 p.m.25 views

Man-in-the-middle Router

Turn any linux computer into a public Wi-Fi network that silently mitms all http traffic. Runs inside a Docker container using hostapd , dnsmasq , and mitmproxy to create a open honeypot wireless network named “Public”. For added fun, change the network name to “xfinitywifi” to autoconnect anyone...

7.1AI score
Exploits0References1
n0where
n0where
added 2017/06/22 11:24 p.m.25 views

Hiding SSH Servers Behind HTTP: sshttp

Hiding SSH Servers Behind HTTP In case your FW policy forbids SSH access to the DMZ or internal network from outside, but you still want to use ssh on machines which only have one open port, e.g. HTTP , you can use sshttpd . sshttpd can multiplex the following protocol pairs: SSH/HTTP SSH/HTTPS...

6.8AI score
Exploits0References2
n0where
n0where
added 2017/03/20 6:22 p.m.25 views

SSH Configuration & Policy Scanner: ssh_scan

SSH Configuration & Policy Scanner SSH, or secure shell, is a secure protocol and the most common way of safely administering remote servers. Using a number of encryption technologies, SSH provides a mechanism for establishing a cryptographically secured connection between two parties,...

7.6AI score
Exploits0References1
n0where
n0where
added 2017/01/03 7:3 a.m.25 views

Exploit the Credentials Present in Files and Memory: PowerMemory

PowerMemory is a PowerShell post-exploitation tool. It uses Microsoft binaries and therefore is able to execute on a machine, even after the Device Guard Policies have been set. In the same way, it will bypass antivirus detection. PowerMemory can retrieve credentials information and manipulate...

0.5AI score
Exploits0References2
n0where
n0where
added 2016/12/01 4:23 a.m.25 views

Cyber Swiss Army Knife: CyberChef

Cyber Swiss Army Knife CyberChef is a simple, intuitive web app for carrying out all manner of “cyber” operations within a web browser. These operations include creating hexdumps, simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, data compression and...

6.7AI score
Exploits0References9
n0where
n0where
added 2016/11/28 5:17 a.m.25 views

Domain Password Audit Tool: DPAT

Domain Password Audit Tool This is a python script that will generate password use statistics from password hashes dumped from a domain controller and a password crack file such as oclHashcat.pot generated from the oclHashcat tool during password cracking. The report is an HTML report with...

7AI score
Exploits0References3
n0where
n0where
added 2016/09/13 10:1 p.m.25 views

Linux Memory Extractor: LiME

Linux Memory Extractor LiME formerly DMD is A Loadable Kernel Module LKM which allows for volatile memory acquisition from Linux and Linux-based devices, such as Android. This makes LiME unique as it is the first tool that allows for full memory captures on Android devices. It also minimizes its...

Exploits0References2
Total number of security vulnerabilities1052