1052 matches found
Synchronize Your DNS to Multiple Providers: DNSControl
Synchronize Your DNS to Multiple Providers DNSControl is a system for maintaining DNS zones. It has two parts: a domain specific language DSL for describing DNS zones plus software that processes the DSL and pushes the resulting zones to DNS providers such as Route53, CloudFlare, and Gandi. It ca...
Python Steganography Tool: Stegosaurus
Python Steganography Tool A steganography tool for embedding payloads within Python bytecode. Stegosaurus is a steganography tool that allows embedding arbitrary payloads in Python bytecode pyc or pyo files. The embedding process does not alter the runtime behavior or file size of the carrier fil...
Simple Static Malware Analyzer: SSMA
Simple Static Malware Analyzer SSMA is a simple malware analyzer written in Python 3. Features: Analyze PE file’s header and sections number of sections, entropy of sections/PE file, suspicious section names, suspicious flags in the characteristics of the PE file, etc. Searches for possible...
Collaborative Penetration Test & Vulnerability Management Platform: Faraday
Collaborative Penetration Test & Vulnerability Management Platform Faraday introduces a new concept – IPE Integrated Penetration-Test Environment a multiuser Penetration test IDE. Designed for distribution, indexation and analysis of the data generated during a security audit. The main purpose of...
Linux Network Analyzer: netsniff-ng
Linux Network Analyzer A Swiss army knife for your daily Linux network plumbing netsniff-ng is a free, performant Linux network analyzer and networking toolkit. If you will, the Swiss army knife for network packets. The gain of performance is reached by built-in zero-copy mechanisms, so that on...
WPA Enterprise Brute Force Attack Tool: Air-Hammer
WPA Enterprise Brute Force Attack Tool Air-Hammer is a new tool for performing online, horizontal brute-force attacks against wireless networks secured with WPA Enterprise. This is a completely different attack than the usual “ evil twin ” attacks against those networks. Although WPA Enterprise i...
USB Anti Forensic Tool: usbdeath
USB Anti Forensic Tool anti-forensic tool that writes udev rules for known usb devices and do some things at unknown usb device insertion or specific usb device removal. usbdeath is a small script inspired by usbkill , “an anti-forensic kill-switch that waits for a change on your USB ports and th...
HTTPS best practices: pshtt
HTTPS best practices “pshtt” is the sound you make when you feel mildly astonished. pshtt “pushed” is a tool to scan domains for HTTPS best practices. It saves its results to a CSV or JSON. pshtt was developed to push organizations— especially large ones like the US Federal Government — to adopt...
1-click IPSEC VPN in the Cloud: algo
1-click IPSEC VPN in the Cloud Algo short for “Al Gore”, the V ice P resident of N etworks everywhere for inventing the Internet is a set of Ansible scripts that simplifies the setup of an IPSEC VPN. It contains the most secure defaults available, works with common cloud providers, and does not...
DNS Analysis Tool: Bluto
The target domain is queried for MX and NS records. Sub-domains are passively gathered via NetCraft. The target domain NS records are each queried for potential Zone Transfers. If none of them gives up their spinach, Bluto will attempt to identify if SubDomain Wild Cards are being used. If they a...
Wireless Network Security Auditing Bash Script: airgeddon
airgeddon is a living project growing day by day. This is the list of features so far: Interface mode switcher Monitor-Managed keeping selection even on interface name changing DoS over wireless networks using different methods. “DoS Pursuit mode” available to avoid AP channel hopping available...
Fast Golang DNS Proxy: grimd
Fast golang dns proxy that can run anywhere, built to black-hole internet advertisements and malware servers Incoming requests spawn a goroutine and are served concurrently, and the block cache resides in-memory to allow for rapid lookups, allowing grimd to serve thousands of queries at once whil...
Pattern Matching Swiss Knife: YARA
YARA is a tool aimed at but not limited to helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families or whatever you want to describe based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strin...
Automated Security Assessment Reporting Tool: Guinevere
Automated Security Assessment Reporting Tool Automated Security Assessment Reporting Tool Guinevere works with Gauntlet to automate assessment reporting. Main features include: Generate Assessment Report Export Assessment Generate Retest Report Generate Pentest Checklist Generate Assessment Repor...
Test SSL Ciphersuite: Cipherscan
Test SSL Ciphersuite: Cipherscan Simple way to find out which SSL ciphersuites are supported by a target Cipherscan tests the ordering of the SSL/TLS ciphers on a given target, for all major versions of SSL and TLS. It also extracts some certificates informations, TLS options, OCSP stapling and...
Security Oriented Fuzzer: American Fuzzy Lop
American fuzzy lop is a security-oriented fuzzer that employs a novel type of compile-time instrumentation and genetic algorithms to automatically discover clean, interesting test cases that trigger new internal states in the targeted binary. This substantially improves the functional coverage fo...
proxychains-ng
ProxyChains is a UNIX program, that hooks network-related libc functions in DYNAMICALLY LINKED programs via a preloaded DLL dlsym, LDPRELOAD and redirects the connections through SOCKS4a/5 or HTTP proxies. It supports TCP only no UDP/ICMP etc. The way it works is basically a HACK; so it is possib...
Dshell – Network Forensic Analysis Framework
Dshell An extensible network forensic analysis framework. Enables rapid development of plugins to support the dissection of network packet captures. Key features: Robust stream reassembly IPv4 and IPv6 support Custom output handlers Chainable decoders Prerequisites Linux developed on Ubuntu 12.04...
HTTP/HTTPs MITM Proxy and Traffic Recorder: Hyperfox
HTTP/HTTPs MITM Proxy and Traffic Recorder Hyperfox is a security tool for proxying and recording HTTP and HTTPs communications on a LAN Network Hyperfox is capable of forging SSL certificates on the fly using a root CA certificate and its corresponding key both provided by the user. If the targe...
Bluetooth scanner: Bluelog
Bluelog is a Linux Bluetooth scanner written to do a single task, log devices that are in discoverable mode. It is intended to be used as a site survey tool, determining how many discoverable Bluetooth devices there are in the area. It has also proven to be very well suited to Bluetooth traffic...
Educational Ubuntu Linux Rootkit
The rootkit was tested to work on Linux kernels 2.6.32-38 and 4.4.0-22 as provided by Ubuntu in Ubuntu 10.04.4 LTS and Ubuntu 16.04 LTS respectively, but it should be very easy to port to kernels in-between, as well as newer ones. There is some architecture-specific code in the rootkit which is...
Network Security Monitoring: Security Onion
Network Security Monitoring NSM is, put simply, monitoring your network for security related events. It might be proactive, when used to identify vulnerabilities or expiring SSL certificates, or it might be reactive, such as in incident response and network forensics. Whether you’re tracking an...
Dynamic DNS Rebinding: Whonow DNS Server
A malicious DNS server for executing DNS Rebinding attacks on the fly. whonow lets you specify DNS responses and rebind rules dynamically using domain requests themselves . respond to DNS queries for this domain with 52.23.194.42 the first time it is requested and then 192.168.1.1 every time afte...
Popular Pentesting Scanner: v3n0m
v3n0m is a free and open source scanner. Evolved from baltazar’s scanner, it has adapted several new features that improve functionality and usability. It is mostly experimental software. This program is for finding and executing various vulnerabilities. It scavenges the web using dorks and...
DNS Diagnostics & Performance Measurement Tools: DNSDiag
Ever been wondering if your ISP is hijacking your DNS traffic ? Ever observed any misbehavior with your DNS responses? Ever been redirected to wrong address and suspected something is wrong with your DNS? Here we have a set of tools to perform basic audits on your DNS requests and responses to ma...
Transparent Proxy Server: sshuttle
Transparent proxy server that works as a poor man’s VPN. Forwards over ssh. Doesn’t require admin. Works with Linux and MacOS. Supports DNS tunneling. Sshuttle solves the following common case: Your client machine or router is Linux, FreeBSD, or MacOS. You have access to a remote network via ssh...
Simple multi-threaded web crawler: dcrawl
dcrawl is a simple, but smart, multi-threaded web crawler for randomly gathering huge lists of unique domain names. How it works? dcrawl takes one site URL as input and detects all links in the site’s body. Each found link is put into the queue. Successively, each queued link is crawled in the sa...
Advanced Hash Manipulation: Dagon
Advanced Hash Manipulation Named after the prince of Hell, Dagon day-gone is an advanced hash cracking and manipulation system, capable of bruteforcing multiple hash types, creating bruteforce dictionaries, automatic hashing algorithm verification, random salt generation from Unicode to ASCII, an...
IoT Network Security Analysis Tool: ASTo
IoT Network Security Analysis Tool Apparatus is a security framework to facilitate security analysis in IoT systems. To make the usage of the Apparatus framework easier the ASTo app was created ASTo stands for Apparatus Software Tool. ASTo is based on electron and cytoscape.js . The application i...
IPv6 Address Spoofing: sylkie
IPv6 Address Spoofing A command line tool and library for testing networks for common address spoofing security vulnerabilities in IPv6 networks using the Neighbor Discovery Protocol. Getting Started Dependencies libseccomp json-c Build Get the code and compile it! Get the code git clone...
An All In One Information Gathering Tool: RED HAWK
RED HAWK is An All In One Tool For Information Gathering, SQL Vulnerability Scanning and Crawling.Coded In PHP Scans That You Can Perform Using RED HAWK : Basic Scan Site Title NEW IP Address Web Server Detection IMPROVED CMS Detection Cloudflare Detection robots.txt Scanner Whois Lookup IMPROVED...
Digital Forensics Platform: Autopsy
Digital Forensics Platform Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It is used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from...
Low Interaction Honeypot: honeytrap
Honeytrap is a low-interaction honeypot and network security tool written to catch attacks against TCP and UDP services. In its default configuration, it runs as a daemon and starts server processes on demand when a connection attempt to a port is made. Different modes of operation are available...
PowerShell Payload Stager: PowerStager
PowerShell Payload Stager This script creates an executable stager that downloads a selected powershell payload, loads it into memory and executes it using obfuscated EC methods. The script will also encrypt the stager for dynamic signatures and some additional obfuscation. This enables the actua...
Mobile Ad Hoc Mesh Network: Serval Mesh
Mobile Ad Hoc Mesh Network Serval Mesh, and it is free software that allows smart-phones to communicate, even in the face of catastrophic failure of cellular networks. Serval Mesh allows people to make voice calls, send text messages and share files with other Serval Mesh users, without requiring...
Open Source Disk Encryption: VeraCrypt
VeraCrypt is a software for establishing and maintaining an on-the-fly-encrypted volume data storage device. On-the-fly encryption means that data is automatically encrypted right before it is saved and decrypted right after it is loaded, without any user intervention. No data stored on an...
MODBUS Penetration Testing Framework: smod
MODBUS Penetration Testing Framework smod is a modular framework with every kind of diagnostic and offensive feature you could need in order to pentest modbus protocol. It is a full Modbus protocol implementation using Python and Scapy. This software could be run on Linux/OSX under python 2.7.x...
SSH Server Auditing: ssh-audit
ssh-audit is a tool for ssh server auditing Features SSH1 and SSH2 protocol server support; grab banner, recognize device or software and operating system, detect compression; gather key-exchange, host-key, encryption and message authentication code algorithms; output algorithm information...
Dynamic Network Analysis Tool: FakeNet-NG
Dynamic Network Analysis Tool FakeNet-NG is a next generation dynamic network analysis tool for malware analysts and penetration testers. It is open source and designed for the latest versions of Windows. FakeNet-NG is based on the excellent Fakenet tool developed by Andrew Honig and Michael...
GDB Front End: PINCE
GDB Front End: PINCE is not Cheat Engine PINCE is a front-end/reverse engineering tool for the GNU Project Debugger GDB, focused on games. But it can be used for any reverse-engineering related stuff. PINCE is an abbreviation for “PINCE is not Cheat Engine”. PINCE’s GUI is heavily “inspired;D” by...
Complex Code Reuse Attacks: ROPMEMU
ROPMEMU is a framework to analyze, dissect and decompile complex code-reuse attacks Talos has developed ROPMEMU, a framework to analyze, dissect and decompile complex code-reuse attacks. It adopts a set of different techniques to analyze ROP chains and reconstruct their equivalent code in a form...
Python Based Windows Backdoor with Gmail C&C: gDog
A stealthy Python based Windows backdoor that uses Gmail as a command and control server Gdog is a stealthy Python Windows backdoor that uses Gmail as a command and control server. It is mostly inspired by Gcat with which it shares code base but it adds additional options and features and goes...
Adversary Resistant Computing Platform: SubgraphOS
Subgraph OS is an adversary resistant computing platform. The main purpose of Subgraph OS is to empower people to communicate, share, and collaborate without fear of surveillance and interference. What this means in practical terms is that users of Subgraph OS can safely perform their day-to-day...
Linux Privilege Escalation: RootHelper
Linux Privilege Escalation: Roothelper will aid in the process of privilege escalation on a Linux system that has been compromised, by fetching a number of enumeration and exploit suggestion scripts. The latest version downloads four scripts. Two enumeration shellscripts and two exploit suggester...
User Friendly Interactive Shell: Fish
Fish is a smart and user-friendly command line shell for OS X, Linux, and the rest of the family. fish includes features like syntax highlighting, autosuggest-as-you-type, and fancy tab completions that just work, with no configuration required. FISH is designed to work with any other shell like...
Vulnerability Assessment Penetration Testing: VAPT
The set of scripts included in this package will create a Kali/SamuraiWTF type environment for the performing of Vulnerability Assessments and Penetration Testing. The goal of this project was to allow a portable set of tools to be installed onto an Ubuntu or Raspbian system, allowing the tester ...
The Internet Scanner: ZMap
The Internet Scanner: ZMap ZMap is an open-source network scanner that enables researchers to easily perform Internet-wide network studies. With a single machine and a well provisioned network uplink, ZMap is capable of performing a complete scan of the IPv4 address space in under 45 minutes,...
Web Application Bruteforcer: 0d1n
0d1n is a Open Source web application bruteforcer and Fuzzer. If your objective is automate exhaustive tests and search for anomalies read vulnerabilities 0d1n can increase your productivity following web parameters, files, directories, forms and other things. With 0d1n you can brute force...
Lightweight System Monitoring: Monitorix
Lightweight System Monitoring Monitorix is a free, open source, lightweight system monitoring tool designed to monitor as many services and system resources as possible. It has been created to be used under production Linux/UNIX servers, but due to its simplicity and small size can be used on...
Archlinux Ultimate Install Script
Install and configure archlinux has never been easier! You can try it first with a virtualbox Prerequisites A working internet connection Logged in as ‘root’ How to get it With git Increase cowspace partition: mount -o remount,size=2G /run/archiso/cowspace Get list of packages and install git:...