Lucene search
K
N0whereMost viewed

1052 matches found

n0where
n0where
added 2017/03/20 6:37 p.m.23 views

Synchronize Your DNS to Multiple Providers: DNSControl

Synchronize Your DNS to Multiple Providers DNSControl is a system for maintaining DNS zones. It has two parts: a domain specific language DSL for describing DNS zones plus software that processes the DSL and pushes the resulting zones to DNS providers such as Route53, CloudFlare, and Gandi. It ca...

0.5AI score
Exploits0References2
n0where
n0where
added 2017/03/13 5:40 a.m.23 views

Python Steganography Tool: Stegosaurus

Python Steganography Tool A steganography tool for embedding payloads within Python bytecode. Stegosaurus is a steganography tool that allows embedding arbitrary payloads in Python bytecode pyc or pyo files. The embedding process does not alter the runtime behavior or file size of the carrier fil...

0.4AI score
Exploits0References1
n0where
n0where
added 2017/02/13 8:15 p.m.23 views

Simple Static Malware Analyzer: SSMA

Simple Static Malware Analyzer SSMA is a simple malware analyzer written in Python 3. Features: Analyze PE file’s header and sections number of sections, entropy of sections/PE file, suspicious section names, suspicious flags in the characteristics of the PE file, etc. Searches for possible...

7.3AI score
Exploits0References2
n0where
n0where
added 2017/02/02 5:40 a.m.23 views

Collaborative Penetration Test & Vulnerability Management Platform: Faraday

Collaborative Penetration Test & Vulnerability Management Platform Faraday introduces a new concept – IPE Integrated Penetration-Test Environment a multiuser Penetration test IDE. Designed for distribution, indexation and analysis of the data generated during a security audit. The main purpose of...

Exploits0References4
n0where
n0where
added 2016/11/11 5:11 p.m.23 views

Linux Network Analyzer: netsniff-ng

Linux Network Analyzer A Swiss army knife for your daily Linux network plumbing netsniff-ng is a free, performant Linux network analyzer and networking toolkit. If you will, the Swiss army knife for network packets. The gain of performance is reached by built-in zero-copy mechanisms, so that on...

7.3AI score
Exploits0References1
n0where
n0where
added 2016/10/08 4:38 p.m.23 views

WPA Enterprise Brute Force Attack Tool: Air-Hammer

WPA Enterprise Brute Force Attack Tool Air-Hammer is a new tool for performing online, horizontal brute-force attacks against wireless networks secured with WPA Enterprise. This is a completely different attack than the usual “ evil twin ” attacks against those networks. Although WPA Enterprise i...

Exploits0References3
n0where
n0where
added 2016/08/30 8:4 p.m.23 views

USB Anti Forensic Tool: usbdeath

USB Anti Forensic Tool anti-forensic tool that writes udev rules for known usb devices and do some things at unknown usb device insertion or specific usb device removal. usbdeath is a small script inspired by usbkill , “an anti-forensic kill-switch that waits for a change on your USB ports and th...

0.7AI score
Exploits0References2
n0where
n0where
added 2016/08/25 4:16 p.m.23 views

HTTPS best practices: pshtt

HTTPS best practices “pshtt” is the sound you make when you feel mildly astonished. pshtt “pushed” is a tool to scan domains for HTTPS best practices. It saves its results to a CSV or JSON. pshtt was developed to push organizations— especially large ones like the US Federal Government — to adopt...

7AI score
Exploits0References1
n0where
n0where
added 2016/08/06 1:35 p.m.23 views

1-click IPSEC VPN in the Cloud: algo

1-click IPSEC VPN in the Cloud Algo short for “Al Gore”, the V ice P resident of N etworks everywhere for inventing the Internet is a set of Ansible scripts that simplifies the setup of an IPSEC VPN. It contains the most secure defaults available, works with common cloud providers, and does not...

7AI score
Exploits0References2
n0where
n0where
added 2016/07/13 2:35 p.m.24 views

DNS Analysis Tool: Bluto

The target domain is queried for MX and NS records. Sub-domains are passively gathered via NetCraft. The target domain NS records are each queried for potential Zone Transfers. If none of them gives up their spinach, Bluto will attempt to identify if SubDomain Wild Cards are being used. If they a...

0.1AI score
Exploits0References1
n0where
n0where
added 2016/05/12 12:42 a.m.23 views

Wireless Network Security Auditing Bash Script: airgeddon

airgeddon is a living project growing day by day. This is the list of features so far: Interface mode switcher Monitor-Managed keeping selection even on interface name changing DoS over wireless networks using different methods. “DoS Pursuit mode” available to avoid AP channel hopping available...

7.4AI score
Exploits0References5
n0where
n0where
added 2016/05/10 10:19 p.m.23 views

Fast Golang DNS Proxy: grimd

Fast golang dns proxy that can run anywhere, built to black-hole internet advertisements and malware servers Incoming requests spawn a goroutine and are served concurrently, and the block cache resides in-memory to allow for rapid lookups, allowing grimd to serve thousands of queries at once whil...

0.9AI score
Exploits0References2
n0where
n0where
added 2016/04/15 11:49 a.m.23 views

Pattern Matching Swiss Knife: YARA

YARA is a tool aimed at but not limited to helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families or whatever you want to describe based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strin...

0.6AI score
Exploits0References3
n0where
n0where
added 2016/04/07 5:59 p.m.23 views

Automated Security Assessment Reporting Tool: Guinevere

Automated Security Assessment Reporting Tool Automated Security Assessment Reporting Tool Guinevere works with Gauntlet to automate assessment reporting. Main features include: Generate Assessment Report Export Assessment Generate Retest Report Generate Pentest Checklist Generate Assessment Repor...

0.3AI score
Exploits0References1
n0where
n0where
added 2015/09/21 9:24 p.m.23 views

Test SSL Ciphersuite: Cipherscan

Test SSL Ciphersuite: Cipherscan Simple way to find out which SSL ciphersuites are supported by a target Cipherscan tests the ordering of the SSL/TLS ciphers on a given target, for all major versions of SSL and TLS. It also extracts some certificates informations, TLS options, OCSP stapling and...

7.3AI score
Exploits0References2
n0where
n0where
added 2015/09/14 5:20 a.m.23 views

Security Oriented Fuzzer: American Fuzzy Lop

American fuzzy lop is a security-oriented fuzzer that employs a novel type of compile-time instrumentation and genetic algorithms to automatically discover clean, interesting test cases that trigger new internal states in the targeted binary. This substantially improves the functional coverage fo...

7.4AI score
Exploits0References3
n0where
n0where
added 2015/02/06 7:6 a.m.23 views

proxychains-ng

ProxyChains is a UNIX program, that hooks network-related libc functions in DYNAMICALLY LINKED programs via a preloaded DLL dlsym, LDPRELOAD and redirects the connections through SOCKS4a/5 or HTTP proxies. It supports TCP only no UDP/ICMP etc. The way it works is basically a HACK; so it is possib...

7.2AI score
Exploits0References1
n0where
n0where
added 2015/01/30 5:39 p.m.23 views

Dshell – Network Forensic Analysis Framework

Dshell An extensible network forensic analysis framework. Enables rapid development of plugins to support the dissection of network packet captures. Key features: Robust stream reassembly IPv4 and IPv6 support Custom output handlers Chainable decoders Prerequisites Linux developed on Ubuntu 12.04...

1.3AI score
Exploits0References6
n0where
n0where
added 2015/01/03 4:5 p.m.23 views

HTTP/HTTPs MITM Proxy and Traffic Recorder: Hyperfox

HTTP/HTTPs MITM Proxy and Traffic Recorder Hyperfox is a security tool for proxying and recording HTTP and HTTPs communications on a LAN Network Hyperfox is capable of forging SSL certificates on the fly using a root CA certificate and its corresponding key both provided by the user. If the targe...

0.1AI score
Exploits0References1
n0where
n0where
added 2012/06/21 12:44 a.m.23 views

Bluetooth scanner: Bluelog

Bluelog is a Linux Bluetooth scanner written to do a single task, log devices that are in discoverable mode. It is intended to be used as a site survey tool, determining how many discoverable Bluetooth devices there are in the area. It has also proven to be very well suited to Bluetooth traffic...

0.5AI score
Exploits0
n0where
n0where
added 2018/06/18 8:23 p.m.22 views

Educational Ubuntu Linux Rootkit

The rootkit was tested to work on Linux kernels 2.6.32-38 and 4.4.0-22 as provided by Ubuntu in Ubuntu 10.04.4 LTS and Ubuntu 16.04 LTS respectively, but it should be very easy to port to kernels in-between, as well as newer ones. There is some architecture-specific code in the rootkit which is...

0.3AI score
Exploits0References1
n0where
n0where
added 2018/04/08 3:0 p.m.22 views

Network Security Monitoring: Security Onion

Network Security Monitoring NSM is, put simply, monitoring your network for security related events. It might be proactive, when used to identify vulnerabilities or expiring SSL certificates, or it might be reactive, such as in incident response and network forensics. Whether you’re tracking an...

7AI score
Exploits0References2
n0where
n0where
added 2018/04/03 4:8 p.m.22 views

Dynamic DNS Rebinding: Whonow DNS Server

A malicious DNS server for executing DNS Rebinding attacks on the fly. whonow lets you specify DNS responses and rebind rules dynamically using domain requests themselves . respond to DNS queries for this domain with 52.23.194.42 the first time it is requested and then 192.168.1.1 every time afte...

6.9AI score
Exploits0References2
n0where
n0where
added 2017/11/07 5:30 a.m.22 views

Popular Pentesting Scanner: v3n0m

v3n0m is a free and open source scanner. Evolved from baltazar’s scanner, it has adapted several new features that improve functionality and usability. It is mostly experimental software. This program is for finding and executing various vulnerabilities. It scavenges the web using dorks and...

7.6AI score
Exploits0References1
n0where
n0where
added 2017/10/11 4:58 a.m.22 views

DNS Diagnostics & Performance Measurement Tools: DNSDiag

Ever been wondering if your ISP is hijacking your DNS traffic ? Ever observed any misbehavior with your DNS responses? Ever been redirected to wrong address and suspected something is wrong with your DNS? Here we have a set of tools to perform basic audits on your DNS requests and responses to ma...

Exploits0References3
n0where
n0where
added 2017/08/15 3:32 a.m.22 views

Transparent Proxy Server: sshuttle

Transparent proxy server that works as a poor man’s VPN. Forwards over ssh. Doesn’t require admin. Works with Linux and MacOS. Supports DNS tunneling. Sshuttle solves the following common case: Your client machine or router is Linux, FreeBSD, or MacOS. You have access to a remote network via ssh...

0.1AI score
Exploits0References1
n0where
n0where
added 2017/08/15 2:56 a.m.22 views

Simple multi-threaded web crawler: dcrawl

dcrawl is a simple, but smart, multi-threaded web crawler for randomly gathering huge lists of unique domain names. How it works? dcrawl takes one site URL as input and detects all links in the site’s body. Each found link is put into the queue. Successively, each queued link is crawled in the sa...

7.1AI score
Exploits0References1
n0where
n0where
added 2017/07/03 6:13 p.m.22 views

Advanced Hash Manipulation: Dagon

Advanced Hash Manipulation Named after the prince of Hell, Dagon day-gone is an advanced hash cracking and manipulation system, capable of bruteforcing multiple hash types, creating bruteforce dictionaries, automatic hashing algorithm verification, random salt generation from Unicode to ASCII, an...

0.3AI score
Exploits0References2
n0where
n0where
added 2017/06/26 5:3 a.m.22 views

IoT Network Security Analysis Tool: ASTo

IoT Network Security Analysis Tool Apparatus is a security framework to facilitate security analysis in IoT systems. To make the usage of the Apparatus framework easier the ASTo app was created ASTo stands for Apparatus Software Tool. ASTo is based on electron and cytoscape.js . The application i...

0.3AI score
Exploits0References1
n0where
n0where
added 2017/06/19 5:29 a.m.22 views

IPv6 Address Spoofing: sylkie

IPv6 Address Spoofing A command line tool and library for testing networks for common address spoofing security vulnerabilities in IPv6 networks using the Neighbor Discovery Protocol. Getting Started Dependencies libseccomp json-c Build Get the code and compile it! Get the code git clone...

0.2AI score
Exploits0References3
n0where
n0where
added 2017/06/12 6:57 p.m.22 views

An All In One Information Gathering Tool: RED HAWK

RED HAWK is An All In One Tool For Information Gathering, SQL Vulnerability Scanning and Crawling.Coded In PHP Scans That You Can Perform Using RED HAWK : Basic Scan Site Title NEW IP Address Web Server Detection IMPROVED CMS Detection Cloudflare Detection robots.txt Scanner Whois Lookup IMPROVED...

8AI score
Exploits0References1
n0where
n0where
added 2017/06/02 4:9 a.m.22 views

Digital Forensics Platform: Autopsy

Digital Forensics Platform Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It is used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from...

6.9AI score
Exploits0
n0where
n0where
added 2017/05/25 5:36 a.m.22 views

Low Interaction Honeypot: honeytrap

Honeytrap is a low-interaction honeypot and network security tool written to catch attacks against TCP and UDP services. In its default configuration, it runs as a daemon and starts server processes on demand when a connection attempt to a port is made. Different modes of operation are available...

0.7AI score
Exploits0References1
n0where
n0where
added 2017/04/26 4:19 p.m.22 views

PowerShell Payload Stager: PowerStager

PowerShell Payload Stager This script creates an executable stager that downloads a selected powershell payload, loads it into memory and executes it using obfuscated EC methods. The script will also encrypt the stager for dynamic signatures and some additional obfuscation. This enables the actua...

1.2AI score
Exploits0References1
n0where
n0where
added 2017/04/03 8:4 p.m.22 views

Mobile Ad Hoc Mesh Network: Serval Mesh

Mobile Ad Hoc Mesh Network Serval Mesh, and it is free software that allows smart-phones to communicate, even in the face of catastrophic failure of cellular networks. Serval Mesh allows people to make voice calls, send text messages and share files with other Serval Mesh users, without requiring...

0.3AI score
Exploits0
n0where
n0where
added 2016/09/08 4:10 a.m.22 views

Open Source Disk Encryption: VeraCrypt

VeraCrypt is a software for establishing and maintaining an on-the-fly-encrypted volume data storage device. On-the-fly encryption means that data is automatically encrypted right before it is saved and decrypted right after it is loaded, without any user intervention. No data stored on an...

0.9AI score
Exploits0
n0where
n0where
added 2016/09/02 6:46 p.m.22 views

MODBUS Penetration Testing Framework: smod

MODBUS Penetration Testing Framework smod is a modular framework with every kind of diagnostic and offensive feature you could need in order to pentest modbus protocol. It is a full Modbus protocol implementation using Python and Scapy. This software could be run on Linux/OSX under python 2.7.x...

Exploits0References1
n0where
n0where
added 2016/08/27 6:56 p.m.22 views

SSH Server Auditing: ssh-audit

ssh-audit is a tool for ssh server auditing Features SSH1 and SSH2 protocol server support; grab banner, recognize device or software and operating system, detect compression; gather key-exchange, host-key, encryption and message authentication code algorithms; output algorithm information...

1.7AI score
Exploits0References1
n0where
n0where
added 2016/08/04 3:59 a.m.22 views

Dynamic Network Analysis Tool: FakeNet-NG

Dynamic Network Analysis Tool FakeNet-NG is a next generation dynamic network analysis tool for malware analysts and penetration testers. It is open source and designed for the latest versions of Windows. FakeNet-NG is based on the excellent Fakenet tool developed by Andrew Honig and Michael...

0.1AI score
Exploits0References1
n0where
n0where
added 2016/06/27 3:3 a.m.22 views

GDB Front End: PINCE

GDB Front End: PINCE is not Cheat Engine PINCE is a front-end/reverse engineering tool for the GNU Project Debugger GDB, focused on games. But it can be used for any reverse-engineering related stuff. PINCE is an abbreviation for “PINCE is not Cheat Engine”. PINCE’s GUI is heavily “inspired;D” by...

7.7AI score
Exploits0References3
n0where
n0where
added 2016/06/15 3:39 p.m.22 views

Complex Code Reuse Attacks: ROPMEMU

ROPMEMU is a framework to analyze, dissect and decompile complex code-reuse attacks Talos has developed ROPMEMU, a framework to analyze, dissect and decompile complex code-reuse attacks. It adopts a set of different techniques to analyze ROP chains and reconstruct their equivalent code in a form...

0.8AI score
Exploits0References1
n0where
n0where
added 2016/05/14 12:22 p.m.22 views

Python Based Windows Backdoor with Gmail C&C: gDog

A stealthy Python based Windows backdoor that uses Gmail as a command and control server Gdog is a stealthy Python Windows backdoor that uses Gmail as a command and control server. It is mostly inspired by Gcat with which it shares code base but it adds additional options and features and goes...

0.8AI score
Exploits0References3
n0where
n0where
added 2016/03/17 12:19 a.m.22 views

Adversary Resistant Computing Platform: SubgraphOS

Subgraph OS is an adversary resistant computing platform. The main purpose of Subgraph OS is to empower people to communicate, share, and collaborate without fear of surveillance and interference. What this means in practical terms is that users of Subgraph OS can safely perform their day-to-day...

7.3AI score
Exploits0References2
n0where
n0where
added 2016/01/15 4:43 p.m.22 views

Linux Privilege Escalation: RootHelper

Linux Privilege Escalation: Roothelper will aid in the process of privilege escalation on a Linux system that has been compromised, by fetching a number of enumeration and exploit suggestion scripts. The latest version downloads four scripts. Two enumeration shellscripts and two exploit suggester...

0.4AI score
Exploits0References1
n0where
n0where
added 2015/09/23 6:19 p.m.22 views

User Friendly Interactive Shell: Fish

Fish is a smart and user-friendly command line shell for OS X, Linux, and the rest of the family. fish includes features like syntax highlighting, autosuggest-as-you-type, and fancy tab completions that just work, with no configuration required. FISH is designed to work with any other shell like...

7.4AI score
Exploits0References1
n0where
n0where
added 2015/08/09 7:17 p.m.22 views

Vulnerability Assessment Penetration Testing: VAPT

The set of scripts included in this package will create a Kali/SamuraiWTF type environment for the performing of Vulnerability Assessments and Penetration Testing. The goal of this project was to allow a portable set of tools to be installed onto an Ubuntu or Raspbian system, allowing the tester ...

7.5AI score
Exploits0References1
n0where
n0where
added 2015/06/17 2:15 p.m.22 views

The Internet Scanner: ZMap

The Internet Scanner: ZMap ZMap is an open-source network scanner that enables researchers to easily perform Internet-wide network studies. With a single machine and a well provisioned network uplink, ZMap is capable of performing a complete scan of the IPv4 address space in under 45 minutes,...

7.2AI score
Exploits0References1
n0where
n0where
added 2015/03/20 5:45 p.m.22 views

Web Application Bruteforcer: 0d1n

0d1n is a Open Source web application bruteforcer and Fuzzer. If your objective is automate exhaustive tests and search for anomalies read vulnerabilities 0d1n can increase your productivity following web parameters, files, directories, forms and other things. With 0d1n you can brute force...

7.9AI score
Exploits0References2
n0where
n0where
added 2013/11/22 8:9 p.m.22 views

Lightweight System Monitoring: Monitorix

Lightweight System Monitoring Monitorix is a free, open source, lightweight system monitoring tool designed to monitor as many services and system resources as possible. It has been created to be used under production Linux/UNIX servers, but due to its simplicity and small size can be used on...

7.2AI score
Exploits0
n0where
n0where
added 2013/11/22 7:20 p.m.22 views

Archlinux Ultimate Install Script

Install and configure archlinux has never been easier! You can try it first with a virtualbox Prerequisites A working internet connection Logged in as ‘root’ How to get it With git Increase cowspace partition: mount -o remount,size=2G /run/archiso/cowspace Get list of packages and install git:...

7.3AI score
Exploits0References1
Total number of security vulnerabilities1052