1052 matches found
Bluetooth scanner: Bluelog
Bluelog is a Linux Bluetooth scanner written to do a single task, log devices that are in discoverable mode. It is intended to be used as a site survey tool, determining how many discoverable Bluetooth devices there are in the area. It has also proven to be very well suited to Bluetooth traffic...
Defending Elections from Foreign Adversaries: Election Buster
Election Buster is an open source tool created in 2014 to identify malicious domains masquerading as candidate webpages and voter registration systems. During 2016, fake domains were used to compromise credentials of a Democratic National Committee DNC IT services company, and foreign adversaries...
Identify Misconfigured CloudFront Domains: CloudFrunt
CloudFrunt is a tool for identifying misconfigured CloudFront domains. CloudFront is a Content Delivery Network CDN provided by Amazon Web Services AWS. CloudFront users create “distributions” that serve content from specific sources an S3 bucket, for example. Each CloudFront distribution has a...
Web Application Vulnerability Scanner: Wapiti
Wapiti allows you to audit the security of your web applications. It performs “black-box” scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti act...
Data Exfiltration over DNS Request Covert Channel: DNSExfiltrator
DNSExfiltrator allows for transfering exfiltrate a file over a DNS request covert channel. This is basically a data leak testing tool allowing to exfiltrate data over a covert channel. DNSExfiltrator has two sides: 1. The server side , coming as a single python script dnsexfiltrator.py , which ac...
A Managed Password Cracking Tool: GoCrack
FireEye’s Innovation and Custom Engineering ICE team released a tool called GoCrack that allows red teams to efficiently manage password cracking tasks across multiple GPU servers by providing an easy-to-use, web-based real-time UI to create, view, and manage tasks. Simply deploy a GoCrack server...
TCP Stream Replay Tool: TCPCopy
Although the real live flow is important for the test of Internet server applications, it is hard to simulate it as online environments are too complex. To support more realistic testing of Internet server applications, we develop a live flow reproduction tool – TCPCopy, which could generate the...
Web Application Security Scanner: Spaghetti
Spaghetti is a web application security scanner tool. It is designed to find various default and insecure files, configurations and misconfigurations. Spaghetti is built on python2.7 and can run on any platform which has a Python environment. Installation $ git clone...
Automated Privilege Escalation: portia
Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised Privilege escalation Lateral movement Convenience modules Portia is a genus of jumping spider that feeds on other spiders – known for their...
AWS CIS Benchmark Tool: Prowler
Tool based on AWS-CLI commands for AWS account hardening, following guidelines of the CIS Amazon Web Services Foundations Benchmark 1.1 . It covers hardening and security best practices for all regions related to: Identity and Access Management 24 checks Logging 8 checks Monitoring 15 checks...
Portable Virtual Private Network: goSecure
Portable Virtual Private Network goSecure is an easy to use and portable Virtual Private Network VPN solution. The system consists of a single server and one or many clients. strongSwan is used to establish a Suite B IPsec tunnel with pre-shared keys between the server and clients. The core crypt...
SIP-Based DoS Attack Simulator: SIP-DAS
SIP-DAS DoS Attack Simulator is a tool developed to simulate SIP-based DoS attacks. It has been developed to be used in academic work to help developing novel SIP-based DDoS attacks and defense approaches in original. SIP-DAS was originally written in Java, but it has been rewritten using Python,...
Personalized User Focused Security: Stethoscope
Stethoscope is a web application that collects information from existing device data sources e.g., JAMF or LANDESK on a given user’s devices and gives them clear and specific recommendations for securing their systems. Stethoscope consists of two primary pieces: a Python-based back-end and a...
Docker Security Analysis Tools: dockerscan
Docker Security Analysis Tools Currently Docker Scan support these actions: Registry Delete: Delete remote image / tag Info: Show info from remote registry Push: Push and image like Docker client Upload: Upload random a file Image Analyze: Looking for sensitive information in a Docker image...
Malicious Debian Package Generator: kimi
Malicious Debian Package generator Script to generate malicious debian packages debain trojans. Kimi is a script which generates Malicious debian package for metasploit which consists of bash file. the bash file is deployed into “/usr/local/bin/” directory. Backdoor gets executed just when victim...
Stealth Post Exploitation Framework: PhpSploit
Stealth Post Exploitation Framework PhpSploit is a remote control framework, aiming to provide a stealth interactive shell-like connection over HTTP between client and web server. It is a post-exploitation tool capable to maintain access to a compromised web server for privilege escalation...
Google Cloud Platform Audit
Google Cloud Platform Audit gcp-audit takes a set of projects and audits them for common issues as defined by its ruleset. Issues can include, but are certainly not limited to, storage buckets with read/write permissions for anyone and compute engine instances with services exposed to the Interne...
Universal MITM Web Server: CopyCat
Universal MITM Web Server CopyCat is a Node.js based universal MITM web server. Used with DNS spoofing or another redirect attack, this server will act as a MITM for web traffic between the victim and a real server. Most often we see DNS spoofing used to redirect victims to an attackers server...
Simple Twitter Metadata Scraper
Simple Twitter Metadata Scraper The goal of this simple python script is to analyze a Twitter profile through its tweets by detecting: Average tweet activity, by hour and by day of the week Timezone and language set for the Twitter interface Sources used mobile application, web browser, …...
Tests Crypto Libraries Against Known Attacks: Wycheproof
Rests Crypto Libraries Against Known Attacks Project Wycheproof tests crypto libraries against known attacks. It is developed and maintained by members of Google Security Team, but it is not an official Google product. In cryptography, subtle mistakes can have catastrophic consequences. Good...
IT Threat GeoDashboard: Suspicious
IT Threat GeoDashboard Suspicious is a combination of Open Source software configured to give end users a view on IT threats over an interactive geographical dashboard. You’ll just need an Internet Browser to access the dashboard. This application has been build on a GNU/Linux environment and may...
Python JSON Fuzzer: PyJFuzz
Python JSON Fuzzer PyJFuzz is a small, extensible and ready-to-use framework used to fuzz JSON inputs , such as mobile endpoint REST API, JSON implementation, Browsers, cli executable and much more. Dependencies In order to work PyJFuzz need a single dependency, bottle , you can install it from...
High Throughput Fuzzer: Grr
High Throughput Fuzzer GRR is an x86 to amd64 binary translator. GRR was created to emulate and fuzzer DECREE challenge binaries. GRR was created for the DARPA Cyber Grand Challenge. Features Code cache persistence avoids translation overheads across separate runs. Optimization of the code cache,...
The YAWAST Antecedent Web Application Security Toolkit
The YAWAST Antecedent Web Application Security Toolkit YAWAST is an application meant to simplify initial analysis and information gathering for penetration testers and security auditors. It performs basic checks in these categories: TLS/SSL – Versions and cipher suites supported; common issues...
WPA WPA2 Phishing Tool: Linset
WPA WPA2 Phishing Tool: Linset Linset Is Not a Social Enginering Tool To run linset in Kali-linux, only two2 additional programs are requiredrqr. They are lighttpd and php5-cgi. apt-get install lighttpd apt-get install php5-cgi After you unzip the download, place the linset folder found in the...
Python Keylogger: Radium
Python Keylogger With Multiple Features Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording logging the keys struck on a keyboard, typically covertly, so that the person using the keyboard is unaware that their actions are being monitored. Keyloggi...
Centralized IPTables Firewall Control Script: CFC
Centralized IPTables Firewall Control Script Centralized firewall control provides a centralized way to manage the firewall on multiple servers or loadbalancers running iptables. This way you can quickly allow/block/del/search abuse ranges etc. with one command on several servers. It accesses tho...
Not Your Average Banner Grabber: BannerGrab
Not Your Average Banner Grabber BannerGrab is a PHP-based banner-grabber, which not only helps you find juicy response headers but also, fetches subdomains, and scans the site’s plugins/themes/components if the site is running WordPress/Joomla. To get the subdomains, It uses one of the best...
Scrapy Python Crawler: Crawlpy
Python web spider/crawler based on scrapy with support for POST/GET login, variable level of recursions/depth and optionally save to disk. Requirements python 2.7 lxml pip pip install Scrapy Features POST/GET Login prior crawling Can handle logins that requires dynamic CSRF token Variable level o...
IDPS SandBox AntiVirus Stealth Killer: MorphAES
IDPS SandBox AntiVirus Stealth Killer MorphAES is the world’s first polymorphic shellcode/malware engine, with metamorphic properties and capability to bypass sandboxes, which makes it undetectable for an IDPS, it’s cross-platform as well and library-independent. Properties: Polymorphism AES...
Incident Response Forensic Framework: nightHawk Response
Incident Response Forensic Framework Custom built application for asynchronus forensic data presentation on an ElasticSearch backend. This application is designed to ingest a Mandiant Redline “collections” file and give flexibility in search/stack and tagging. The application was born out of the...
Fully Integrated Defense Operation: FIDO
Fully Integrated Defense Operation Fully Integrated Defense Operation FIDO plays a important role in the defense of the Netflix corporate network. The premise of FIDO is simple… each year companies are receiving an ever increasing amount of security related alerts. Instead of hiring more analyst ...
Incident Response Suite: CimSweep
Incident Response Suite used to engage in offensive reconnaissance CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across all versions of Windows. CimSweep may also be used to engage in offensive reconnaisance without...
Black Box WordPress Vulnerability Scanner: WPScan
WPScan is a Black Box WordPress Vulnerability Scanner that attempts to find known security weaknesses within WordPress installations. The application is provided for security professionals or WordPress administrators to help them find security problems and vulnerabilities in their installations. ...
Powershell Penetration Testing Framework: Pentestly
Python Powershell penetration testing framework Pentestly is a combination of expanding Python tools designed for use in penetration tests. The goal is to utilize a familiar user interface while making contributions to the framework easy with the power of Python. Current features Import NMAP XML...
Sandboxed Execution Environment: SEE
Sandboxed Execution Environment SEE is a framework for building test automation in secured Environments. The Sandboxes, provided via libvirt, are customizable allowing high degree of flexibility. Different type of Hypervisors Qemu, VirtualBox, LXC can be employed to run the Test Environments...
Social Media Mining: MassMine
MassMine is a social media mining and archiving application that simplifies the process of collecting and managing large amounts of data across multiple sources. It is designed with the researcher in mind, providing a flexible framework for tackling individualized research needs. MassMine is...
PowerShell Incident Response: Psrecon
Psrecon is an open source script that you can use to gather data from a remote Windows host using PowerShell v2 or later, organizes the data into folders, hashes all extracted data, hashes PowerShell and various system properties, and sends the data off to the security team. The data can be pushe...
Nosql Exploitation Framework
The Tool focuses on scanning and exploiting NoSQL Databases which makes the pentesters life easy. The tool currently has support for Mongo,Couch-db and Redis,with further additions to be made soon.It supports Enumerating NoSQL Db’s,Dumping Nosql db’s,Dictionary attacks and Shodan Search...
Send-Only Postfix Server
Postfix is an MTA Mail Transfer Agent, an application used to send and receive email. In this tutorial, we will install and configure Postfix so that it can be used to send emails by local applications only. Why would you want to do that? If you’re already using a third-party email provider for...
Sniff Sensitive Data From Interface or pcap: net-creds
Thoroughly sniff passwords and hashes from an interface or pcap file. Concatenates fragmented packets and does not rely on ports for service identification. Sniffs URLs visited POST loads sent HTTP form logins/passwords HTTP basic auth logins/passwords HTTP searches FTP logins/passwords IRC...
Collect DNS Records Passively: PassiveDNS
Collect DNS Records Passively A tool to collect DNS records passively to aid Incident handling, Network Security Monitoring NSM and general digital forensics. PassiveDNS sniffs traffic from an interface or reads a pcap-file and outputs the DNS-server answers to a log file. PassiveDNS can...
Next Generation Web Scanner – WhatWeb
Next Generation Web Scanner WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content management systems CMS, blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded...
Meterpreter over SSH – MeterSSH
Meterpreter over SSH As penetration testers, it’s crucial to identify what types of attacks are detected and what’s not. After running into a recent penetration test with a next generation firewall, most analysis has shifted away from the endpoints and more towards network analysis. While there...
Ring 0 Army Knife: r0ak
r0ak is a Windows command-line utility that enables you to easily read, write, and execute kernel-mode code with some limitations from the command prompt, without requiring anything else other than Administrator privileges. Motivation The Windows kernel is a rich environment in which hundreds of...
Subdomain Enumeration Tool: Amass
Amass is the subdomain enumeration tool with the greatest number of disparate data sources that performs analysis of the resolved names in order to deliver the largest number of quality results. Amass performs scraping of data sources, recursive brute forcing, crawling of web archives, permuting...
Network and System Reconnaissance Tool: Sandmap
Sandmap is a tool supporting network and system reconnaissance using the massive Nmap engine . It provides a user-friendly interface, automates and speeds up scanning and allows you to easily use many advanced scanning techniques. Key Features simple CLI with the ability to run pure Nmap engine...
Easy Intelligence Gathering: theHarvester
The objective of this program is to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database. This tool is intended to help Penetration testers in the early stages of the penetration te...
An ssh-agent for every domain: SSHecret
If you have an encrypted ssh key for each domain you access you should, and you keep your unlocked keys in a single ssh-agent you maybe shouldn’t, AND you’ve ever decided you need to forward your ssh-agent, then you should feel bad. If you forward an ssh-agent with all your unique keys for every...
AWS Auditing & Hardening Tool: Zeus
Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices. It checks security settings according to the profiles the user creates and changes them to recommended settings based on the CIS AWS Benchmark source at request of the user. Identity and Access...