1052 matches found
Shellcode Builder: Shell Factory
Shellcode Builder: Shell Factory Shell Factory is a framework for compiling shellcodes from a C++ source for multiple systems and architectures. It is composed of multiple parts: a Rakefile for compiling and linking against different compilers and architectures. the factory, a set of C++ headers ...
Powerful WiFi Social Trap: RogueSploit
Powerful WiFi Social Trap RogueSploit is an open source automated script made to create a Fake Access Point, with dhcpd server, dns spoofing, host redirection, browserautopwn1 or autopwn2 or beef+mitmf. What you need: Aircrack-ng Suite https://github.com/aircrack-ng/aircrack-ng Dhcpd server...
UNIX security auditing tool: lunar
UNIX security auditing tool Lockdown UNix Auditing and Reporting This scripts generates a scored audit report of a Unix host’s security. It is based on the CIS and other frameworks. Why a shell script? I wanted a tool that was able to run on locked down systems where other tools may not be...
Interactive Disassembler: Plasma
Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code. PLASMA is an interactive disassembler. It can generate a more readable assembly pseudo code with colored syntax. You can write scripts with the available Python api. The project is still in big...
Forensic File System Reconstruction: RecuperaBit
Forensic File System Reconstruction A software which attempts to reconstruct file system structures and recover files. Currently it supports only NTFS. RecuperaBit attempts reconstruction of the directory structure regardless of: missing partition table unknown partition boundaries...
Special Customizable Payload Generator: Hercules
Special Customizable Payload Generator HERCULES is a special customizable payload generator that can bypass all antivirus software. Installation Supported Platforms: Operative system | Version ---|--- Ubuntu | 16.04 / 15.10 Kali linux | Rolling / Sana Manjaro | Arch Linux | Black Arch | Parrot OS...
Network-based DNS logging in Go: GoPassiveDNS
A network-capture based DNS logger, inspired by passivedns. It uses gopacket to deal with libpcap and packet processing. It outputs JSON logs. It is intended to deal with high volume query capture in environments with anywhewre from one to hundreds of DNS resolvers. Why not use PassiveDNS from...
Command Line Certificate Examination Utility: certigo
Command Line Certificate Examination Utility Certigo is a utility to examine and validate certificates in a variety of formats. Install To install certigo, simply use: go get -u github.com/square/certigo Note that certigo requires Go 1.6 or later to build. Usage Certigo can read...
Obfuscated String Solver: Floss
Rather than heavily protecting backdoors with hardcore packers, many malware authors evade heuristic detections by obfuscating only key portions of an executable. Often, these portions are strings and resources used to configure domains, files, and other artifacts of an infection. These key...
Run Binaries From Memory: Pazuzu
Pazuzu is a Python script that allows you to embed a binary within a precompiled DLL which uses reflective DLL injection. The goal is that you can run your own binary directly from memory. This can be useful in various scenarios. For example, if you want to exploit a vulnerability and run your ow...
Automate Incident Handling Process : IntelMQ
IntelMQ is a solution for CERTs for collecting and processing security feeds, pastebins, tweets and log files using a message queuing protocol. It’s a community driven initiative called IHAP Incident Handling Automation Project which was conceptually designed by European CERTs during several...
Fast and Full Featured SSL Scanner: SSLyze
SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL servers. SSLyze is all Python code but it uses an OpenSSL wrapper...
Open-Source Phishing Toolkit: gophish
Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily setup and execute hishing engagements and security awareness training. Installing Gophish Using Pre-Built Binaries Gophish is provided as a pre-built binary fo...
Email Reconnaissance Tool: SimplyEmail
This tool was based off the work of theHarvester and kind of a port of the functionality. This was just an expansion of what was used to build theHarvester and will incorporate his work but allow users to easily build Modules for the Framework. Current Platforms Supported: Kali Linux 2.0 A few...
Automate Vulnerability Scanning: Seccubus
Seccubus automates regular vulnerability scans with vrious tools and aids security people in the fast analysis of its output, both on the first scan and on repeated scans. The goal is to reduce the analysis time for subsequent scans of the same infrastructure by only reporting delta findings...
Reverse Engineering Malicious Software: REMnux Distro
REMnux v6 – A Linux Toolkit for Reverse-Engineering and Analyzing Malware – has been released. REMnux v6 updates the tools that were present in the earlier revisions of the distro and introduces several new ones. Moreover, it implements major architectural changes behind the scenes to allow REMnu...
WordPress FingerPrinter Tool: Plecost
Plecost is a vulnerability fingerprinting and vulnerability finder for WordPress blog engine Why? There are a huge number of WordPress around the world. Most of them are exposed to be attacked and be converted into a virus, malware or illegal porn provider, without the knowledge of the blog owner...
Fast Password Cracker: John the Ripper
Fast Password Cracker John the Ripper is a fast password cracker, currently available for many flavors of Unix 11 are officially supported, not counting different architectures, Windows, DOS, BeOS, and OpenVMS the latter requires a contributed patch. Its primary purpose is to detect weak Unix...
Open Source Vulnerability Scanner: OpenVAS
OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.The powerful and comprehensive OpenVAS solution is available as Free Software and maintained on a daily basis. Open Source Vulnerability Scanner:...
A framework for creating proxies: Mallet
Mallet is a tool for creating proxies for arbitrary protocols, along similar lines to the familiar intercepting web proxies, just more generic. It is built upon the Netty framework, and relies heavily on the Netty pipeline concept, which allows the graphical assembly of graphs of handlers. In the...
Satellite Tracking Application: Gpredict
Gpredict is a real-time satellite tracking and orbit prediction application. It can track a large number of satellites and display their position and other data in lists, tables, maps, and polar plots radar view. Gpredict can also predict the time of future passes for a satellite, and provide you...
AWS infrastructure Security Auditing: Cloud Security Suite
CS Suite is a one stop tool for auditing the security posture of the AWS infrastructure and does system audits as well. CS Suite leverages current open source tools capabilities and has other missing checks added into one tool to rule them all. The major features include: Simple installation with...
Advance Android Malware Analysis Framework: Droidefense
Droidefense originally named atom: analysis through observation machine is the codename for android apps/malware analysis/reversing tool. It was built focused on security issues and tricks that malware researcher have on they every day work. For those situations on where the malware has...
Social Engineering Framework: Cartero
A robust Phishing Framework with a full featured CLI interface. The project was born out necessity through of years of engagements with tools that just didn’t do the job. Even though there are many projects out there, we were not able to find a suitable solution that gave us both easy of use and...
Centrally Manage SSH Administrative Access: KeyBox
Centrally Manage SSH Administrative Access KeyBox is a web-based SSH console that centrally manages administrative access to systems. Web-based administration is combined with management and distribution of user’s public SSH keys. Key management and administration is based on profiles assigned to...
Interactive CLI Tool for HTTP Inspection: Wuzz
Interactive cli tool for HTTP inspection Wuzz command line arguments are similar to cURL’s arguments, so it can be used to inspect/modify requests copied from the browser’s network inspector with the “copy as cURL” feature. Installation and usage $ go get github.com/asciimoo/wuzz $...
Security Using Pre-Existing Routing for Mobile Ad hoc Networks: SUPERMAN
Security Using Pre-Existing Routing for Mobile Ad hoc Networks The flexibility and mobility of Mobile Ad hoc Networks MANETs have made them increasing popular in a wide range of use cases. To protect these networks, security protocols have been developed to protect routing and application data...
Real Time Network Monitoring: Cyberprobe
Real Time Network Monitoring Cyberprobe is a distrbuted architecture for real-time monitoring of networks against attack. The software consists of a number of components, including: a probe, which collects data packets and forwards it over a network in standard streaming protocols. a monitor, whi...
Arbitrary TCP Connection Proxy: BinProxy
Arbitrary TCP Connection Proxy BinProxy is a proxy for arbitrary TCP connections. You can define custom message formats using the BinData gem. BinProxy is a tool for understanding and manipulating binary network traffic. BinProxy gives you a TCP proxy and an interface to write protocol-specific...
Continuous Security Integration Framework: CSI
Continuous Security Integration Framework It’s easy to agree that while corporate automation is a collection of proprietary source code, the core modules used to produce automated solutions should be open for all eyes to continuously promote trust and innovation…broad collaboration is key to any...
Deepmagic Information Gathering Tool: DMitry
Deepmagic Information Gathering Tool DMitry Deepmagic Information Gathering Tool is a UNIX/GNU Linux Command Line program coded purely in C with the ability to gather as much information as possible about a host. DMitry has a base functionality with the ability to add new functions, the basic...
Security Intelligence Collector: Machinae
Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data: IP addresses, domain names, URLs, email addresses, file hashes and SSL fingerprints. It was inspired by Automater , another excellent tool for collecting information. The Machinae...
PE Static Malware Analysis: PortEx
PortEx is a Java library for static malware analysis of portable executable files. Its focus is on PE malformation robustness and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. Features Reading Header information from: MSDOS Header, COFF File Header,...
XSS Payload Management Framework: Sleepy Puppy
Sleepy Puppy is a cross-site scripting XSS payload management framework which simplifies the ability to capture, manage, and track XSS propagation over long periods of time. Why Should I use Sleepy Puppy? Often when testing for client side injections HTML/JS/etc. security engineers are looking fo...
Malicious Microsoft Office Documents: Generate-Macro
This script will generate malicious Microsoft Excel Documents that contain VBA macros. This script will prompt you for an IP address and port you will receive your shell at this address and port and the name of the malicious document. From there, the script will then prompt you to choose from a...
Multi Purpose Bruteforcer: Patator
Multi Purpose Bruteforcer Patator was written out of frustration from using Hydra, Medusa, Ncrack, Metasploit modules and Nmap NSE scripts for password guessing attacks. Patator is a multi-threaded tool written in Python, that strives to be more reliable and flexible than his fellow predecessors...
RAWR – Rapid Assessment of Web Resources
RAWR is designed to make the process of web enumeration easy and efficient by providing pertinent information in usable formats. It uses NMaplive or from file, Metasploit, Qualys, Nexpose, or Nessus scan data to target web services for enumeration, then visits each host on each port with an...
Security auditing tool for AWS: AWS Scout2
Scout2 is an open source tool that helps assessing the security posture of AWS environments. Using the AWS API, the Scout2 Python scripts fetch CloudTrail, EC2, IAM, RDS, and S3, configuration data. The gathered configuration is analysed and stored as JSON objects in several JavaScript files. The...
Linux Performance Monitor: Nmon
Nmon Nigel’s performance Monitor for Linux is another very useful command line utility that can display information about various system resources like cpu, memory, disk, network etc. It was developed at IBM and later released open source. It is available for most common architectures like x86, A...
Dump Active Directory Domain Information: goddi
goddi go dump domain info dumps domain users, groups, domain controllers, and more in CSV output and it runs on Windows and Linux. Functionality StartTLS and TLS tls.Client func connections supported. Connections over TLS are default. All output goes to CSVs and are created in /csv/ in the curren...
Artificial Inteligent Packet Inspection Engine: AIEngine
AIEngine is a next generation interactive/programmable Python/Ruby/Java packet inspection engine with capabilities of learning without any human intervention, NIDS Network Intrusion Detection System functionality, DNS domain classification, network collector, network forensics and many others...
Monitor USB Devices: USB Canary
Monitor USB Devices for potential security breach USB Canary is a Linux tool that uses pyudev to monitor devices while your computer is locked. In case it detects someone plugging in or unplugging devices it can be configured to send you an SMS or alert you via Slack of the potential security...
Exploits and Security Tools Framework: EaST Framework
Exploits and Security Tools Framework Pentest framework environment is the basis of IT security specialist’s toolkit. This software is essential as for learning and improving of knowledge in IT systems attacks and for inspections and proactive protection. The need of native comprehensive open...
Automated Memory Analyzer For Malware Samples: VolatilityBot
Automated Memory Analyzer For Malware Samples VolatilityBot is an automation tool for researchers cuts all the guesswork and manual tasks out of the binary extraction phase, or to help the investigator in the first steps of performing a memory analysis investigation. Not only does it automaticall...
Security auditing tool for Unix/Linux systems: Lynis
Lynis Security Auditing Tool Lynis is an open source security auditing tool for UNIX derivatives like Linux, Mac OS X, BSD, and Solaris . Primary goal is to help users with auditing and hardening of Unix and Linux based systems. The software is very flexible and runs on almost every Unix based...
Identify Web Application Firewall: WAFW00F
WAFW00F Fingerprints and Identify Web Application Firewall WAF products WAFW00F is a Python tool to help you fingerprint and identify Web Application Firewall WAF products. It is an active reconnaissance tool as it actually connects to the web server, but it starts out with a normal HTTP response...
Very fast network stress tool: T50
T50 f.k.a. F22 Raptor is a tool designed to perform “Stress Testing”. The concept started on 2001, right after release ‘nb-isakmp.c’, and the main goal was: Having a tool to perform TCP/IP protocol fuzzer, covering common regularprotocols, such as: ICMP, TCP and UDP. Things have changed, and the...
DNS reconnaissance tool: Fierce
Fierce is a DNS reconnaissance tool for locating non-contiguous IP space Fierce is a semi-lightweight scanner that helps locate non-contiguous IP space and hostnames against specified domains. It’s really meant as a pre-cursor to nmap, unicornscan, nessus, nikto, etc, since all of those require...
Automated SQL Vulnerability Scanner: Whitewidow
Open Source Automated SQL Vulnerability Scanner Whitewidow is an open source automated SQL vulnerability scanner, that is capable of running through a file list, or can scrape Google for potential vulnerable websites. It allows automatic file formatting, random user agents, IP addresses, server...
Nginx Web Application Firewall: NAXSI
NAXSI means Nginx Anti XSS & SQL Injection . Technically, it is a third party nginx module, available as a package for many UNIX-like platforms. This module, by default, reads a small subset of simple and readable rules containing 99% of known patterns involved in website vulnerabilities. For...