1052 matches found
Sandia Cyber Omni Tracker: SCOT
Sandia Cyber Omni Tracker The Sandia Cyber Omni Tracker SCOT is a cyber security incident response management system and knowledge base. Designed by cyber security incident responders, SCOT provides a new approach to manage security alerts, analyze data for deeper patterns, coordinate team effort...
WMI Based Agentless Post-Exploitation PowerShell RAT: WMImplant
WMImplant is a PowerShell based tool that leverages WMI to both perform actions against targeted machines, but also as the C2 channel for issuing commands and receiving results. WMImplant will likely require local administrator permissions on the targeted machine. It is designed to run both...
Open Source Smart Gateway: FalconGate
Open Source Smart Gateway Cyber attacks are on the raise. Hacker and cyber criminals are continuously improving their methods and building new tools and Malware with the purpose of hacking your network, spying on you and stealing valuable data. Recently a new business model has become popular amo...
Open Source Malware Analysis Platform: FAME
Open Source Malware Analysis Platform FAME is an open source malware analysis platform that is meant to facilitate analysis of malware-related files, leveraging as much knowledge as possible in order to speed up and automate end-to-end analysis. FAME should be seen as a malware analysis framework...
Python Remote Administration Tool: Stitch
Python Remote Administration Tool This is a cross platform python framework which allows you to build custom payloads for Windows, Mac OSX and Linux as well. You are able to select whether the payload binds to a specific IP and port, listens for a connection on a port, option to send an email of...
Test your barcode scanners: MalQR
Test your barcode scanners MalQR is a collection of malicious QR codes and barcodes you can use to test the security of your scanners. It gives you the ability to conduct such tests with easiness : you just need to have a smartphone, a tablet or a laptop with an internet connection and browse...
Linux Malware Detect: LMD
Linux Malware Detect LMD is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and...
Decompression Bomb Testing
Decompression Bomb Testing A decompression bomb is a file designed to crash or render useless the program or system reading it, i.e. a denial of service. The files in this project can be used to test whether an application is vulnerable to this type of attack. A zip bomb, also known as a zip of...
OS Instrumentation Framework: osquery
OS Instrumentation Framework osquery exposes an operating system as a high-performance relational database. This allows you to write SQL-based queries to explore operating system data. With osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open...
Web Application Security Scanner: Netsparker
THE ONLY FALSE POSITIVE FREE WEB APPLICATION SECURITY AND VULNERABILITY SCANNER Almost every business entity on the market today is trying hard to stretch out this year’s budget and somehow fit ‘security’ in the environment. Preferably, with minimal cost. Business owners, board directors, stock...
Configurable DNS Proxy: foghorn
Configurable DNS Proxy foghorn is a configurable DNS proxy to allow for black-, white-, and greylisting of DNS resources. DNS is an essential utility for the functioning of internet-connected resources, and one which a careful administrator can control. The foghorn utility provides a means to add...
Malware DNA Profiling Search Engine: CodexGigas
Malware DNA Profiling Search Engine Codex Gigas malware DNA profiling search engine discovers malware patterns and characteristics assisting individuals who are attracted in malware hunting. Codex Gigas is a malware profiling search engine that allows malware hunters and analysts to truly...
Evolutionary Knowledge Based Fuzzer: Choronzon
Evolutionary Knowledge Based Fuzzer Choronzon is an evolutionary fuzzer. It tries to imitate the evolutionary process in order to keep producing better results. To achieve this, it has an evaluation system to classify which of the fuzzed files are interesting and which should be dropped. Moreover...
Heuristics File System Secret Search: blueflower
blueflower is a command-line tool that looks for secrets such as private keys or passwords in a file structure. Interesting files are detected using heuristics on their names and on their content. Unlike some forensics tools, blueflower does not search in RAM, and does not attempt to identify...
Dynamic Tracing Tools for Linux: BCC
BCC – BPF Compiler Collection – is a toolkit for creating efficient kernel tracing and manipulation programs, and includes several useful tools and examples. It makes use of eBPF Extended Berkeley Packet Filters, a new feature that was first added to Linux 3.15. Much of what BCC uses requires Lin...
System Scanner: Binmap
Binmap is a system scanner; it takes a system or system image and walks through all files, looking for programs and libraries and collecting various information such as dependencies, symbols etc. It supports ELF and PE formats. binmap builds a database of hashes and informations for systems. One ...
Database Assessment Tool: DbDat
DbDat performs numerous checks on a database to evaluate security. The categories of checks performed are configuration, privileges, users, and information. Checks are performed by running queries or reading database configuration files. The goal of this tool is to highlight issues that need...
Dynamic Shellcode Injection: Shellter
Shellter is a dynamic shellcode injection tool, and probably the first dynamic PE infector ever created. It can be used in order to inject shellcode into native Windows applications currently 32-bit apps only. The shellcode can be something yours or something generated through a framework, such a...
Network Security Toolkit: NST
Network Security Toolkit NST is a bootable ISO image Live DVD based on Fedora providing easy access to best-of-breed Open Source Network Security Applications and should run on most x86/x8664 platforms. The main intent of developing this toolkit was to provide the security professional and networ...
Nscan: Fast internet-wide scanner
Nscan: Fast internet-wide scanner Nscan is a fast Network scanner optimized for internet-wide scanning purposes and inspired by Masscan and Zmap. It has it’s own tiny TCP/IP stack and uses Raw sockets to send TCP SYN probes. It doesn’t need to set SYN Cookies so it doesn’t wastes time checking if...
Meterpreter over SSH – MeterSSH
Meterpreter over SSH As penetration testers, it’s crucial to identify what types of attacks are detected and what’s not. After running into a recent penetration test with a next generation firewall, most analysis has shifted away from the endpoints and more towards network analysis. While there...
Browser Exploitation Framework: BeEF
Browser Exploitation Framework The Browser Exploitation Framework BeEF is a powerful professional security tool. BeEF is pioneering techniques that provide the experienced penetration tester with practical client side attack vectors. Unlike other security frameworks, BeEF focuses on leveraging...
Graphical Interface for Powershell Scripts: PoshSec Framework
The PoshSec Framework is a tool that is designed to provide a graphical interface for powershell scripts, funcions, modules and cmdlets The PoshSec Framework is not merely a defense tool. It can be used for offense, defense, and even system administration. The whole idea is to give people a tool...
Network Traffic Interception: Intercepter-NG
With great power comes great responsibility. New release for Intercepter-NG have been announced, this tool can be used for MITM attack on network during penetration test. the tool is very solid in sniffing passwords ,encrypted traffic , pictures transmitted over messengers and more. Intercepter i...
Mobile Terminal Application for Intermittent Connectivity: Mosh
Remote terminal application that allows roaming, supports intermittent connectivity, and provides intelligent local echo and line editing of user keystrokes. This is a replacement for SSH. It’s more robust and responsive, especially over Wi-Fi, cellular, and long-distance inks. Mosh is free...
Targeted Evil Twin Wireless Access Point Attack Toolkit: The Rogue Toolkit
The Rogue Toolkit is an extensible toolkit aimed at providing penetration testers an easy-to-use platform to deploy software-defined Access Points AP for the purpose of conducting penetration testing and red team engagements. By using Rogue, penetration testers can easily perform targeted evil tw...
NSE Nmap Script Development IDE: Halcyon
Halcyon IDE lets you quickly and easily develop scripts for performing advanced scans on applications and infrastructures with a range from recon to exploitation capabilities. It is the first IDE released exclusively for Nmap script development. Halcyon IDE is free and open source project always...
Web Application Spider: BlackWidow
BlackWidow is a python based web application spider to gather subdomains, URL’s, dynamic parameters, email addresses and phone numbers from a target website. This project also includes Inject-X fuzzer to scan dynamic URL’s for common OWASP vulnerabilities. Features: Automatically collect all URL’...
Wireless MITM Cryptocurrency Mining Pool: CoffeeMiner
Collaborative mitm cryptocurrency mining pool in wifi networks. This script performs autonomous MITM attack on WiFi networks. It will inject a javascript in the html pages and force all the devices connected to a WiFi network to mine cryptocurrency for the attacker. Warning: this project is for...
Open Source Threat Intelligence Gathering & Processing Framework: GOSINT
The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise IOCs. GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence. Applying threat intelligence to security operations enriches...
Open Source Invalid Traffic Detection: Nameles
Nameles provides an easy to deploy, scalable IVT detection and filtering solution that is proven to detect at a high level of accuracy ad fraud and other types of invalid traffic such as web scraping. Comprehensive Detection Detects display, video and in-app based ad fraud, web scraping and other...
Encrypted Exploit Delivery For The Masses: Ironsquirrel
This project aims at delivering browser exploits to the victim browser in an encrypted fashion. Ellyptic-curve Diffie-Hellman secp256k1 is used for key agreement and AES is used for encryption. By delivering the exploit code and shellcode to the victim in an encrypted way, the attack can not be...
Powershell-based Windows Security Auditing Toolbox: WINspect
WINspect is part of a larger project for auditing different areas of Windows environments. It focuses on enumerating different parts of a Windows machine aiming to identify security weaknesses and point to components that need further hardening. The main targets for the current version are...
iOS macOS Remote Administration Tool: EggShell
EggShell is an iOS and macOS post exploitation surveillance pentest tool written in Python. This tool creates 1 line multi stage payloads that give you a command line session with extra functionality. EggShell gives you the power and convenience of uploading/downloading files, taking pictures,...
Wide Range Mass Audit Toolkit: Leviathan
Leviathan is a mass audit toolkit which has wide range service discovery, brute force, SQL injection detection and running custom exploit capabilities. It consists open source tools such masscan, ncrack, dsss and gives you the flexibility of using them with a combination. The main goal of this...
Open Source SIP Sniffer: pcapsipdump
Open Source SIP Sniffer pcapsipdump is libpcap-based SIP sniffer with per-call sorting capabilities. It writes SIP/RTP sessions to disk in a same format, as “tcpdump -w”, but one file per SIP session even if there is thousands of concurrent SIP sessions. Each session goes in a separate, fancy-nam...
Shellcode Builder: Shell Factory
Shellcode Builder: Shell Factory Shell Factory is a framework for compiling shellcodes from a C++ source for multiple systems and architectures. It is composed of multiple parts: a Rakefile for compiling and linking against different compilers and architectures. the factory, a set of C++ headers ...
Network Reconnaissance & Vulnerability Assessment Tool: ReconScan
Network Reconnaissance & Vulnerability Assessment Tool The project currently consists of two major components: a script invoking and aggregating the results of existing tools, and a second script for automated analysis of the aforementioned results from the perspective of exploitability. In terms...
Windows Remote Incident Response: CimSweep
Windows Remote Incident Response CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across all versions of Windows. CimSweep may also be used to engage in offensive reconnaissance without the need to drop any payload to...
Forensic File System Reconstruction: RecuperaBit
Forensic File System Reconstruction A software which attempts to reconstruct file system structures and recover files. Currently it supports only NTFS. RecuperaBit attempts reconstruction of the directory structure regardless of: missing partition table unknown partition boundaries...
Special Customizable Payload Generator: Hercules
Special Customizable Payload Generator HERCULES is a special customizable payload generator that can bypass all antivirus software. Installation Supported Platforms: Operative system | Version ---|--- Ubuntu | 16.04 / 15.10 Kali linux | Rolling / Sana Manjaro | Arch Linux | Black Arch | Parrot OS...
Detect Shared Passwords: shard
A command line tool to detect shared passwords List available modules: $ java -jar shard-1.0.jar -l Available modules: Facebook LinkedIn Reddit Twitter Instagram Given a username and password shard will attempt to authenticate with multiple sites: $ java -jar shard-1.0.jar -u -p - Tried credentia...
Compression Side-Channel Attack Framework: Rupture
A COMPRESSION SIDE-CHANNEL ATTACK FRAMEWORK Rupture is a framework for easily conducting BREACH and other compression-based attacks Rupture is a framework for conducting network attacks against web services. It is focused on compression-attacks, but provides a generalized scalable system for...
Run Binaries From Memory: Pazuzu
Pazuzu is a Python script that allows you to embed a binary within a precompiled DLL which uses reflective DLL injection. The goal is that you can run your own binary directly from memory. This can be useful in various scenarios. For example, if you want to exploit a vulnerability and run your ow...
Malware Analysis System: Cuckoo Sandbox
Cuckoo Sandbox is an advanced, extremely modular, and 100% open source automated malware analysis system with infinite application opportunities. By default it is able to: Analyze many different malicious files executables, office documents, pdf files, emails, etc as well as malicious websites...
Open-Source Phishing Toolkit: gophish
Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily setup and execute hishing engagements and security awareness training. Installing Gophish Using Pre-Built Binaries Gophish is provided as a pre-built binary fo...
Private Messaging System: Vuvuzela
Vuvuzela is a messaging system that protects the privacy of message contents and message metadata. Users communicating through Vuvuzela do not reveal who they are talking to, even in the presence of powerful nation-state adversaries. Vuvuzela is the first system that provides strong metadata...
Exploit Database Git Repository
Exploit Database Git Repository The Exploit Database is an archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. Its aim is to serve as the most comprehensive collection of exploits gathered through direct...
Simulate Network Conditions: ATC
Simulate Network Conditions: ATC Augmented Traffic Control ATC is a tool to simulate network conditions. It allows controlling the connection that a device has to the internet. Developers can use ATC to test their application across varying network conditions, easily emulating high speed, mobile,...
Security Competition Infrastructure Automation Framework: Laforge
Laforge enables rapid development of infrastructure for the purpose of information security competitions. Using a simple and intuitive configuration language, Laforge manages a dependency graph and state management and allows for highly productive remote collaboration. The Laforge engine uses a...