1052 matches found
Deliberately Insecure Web Application: OWASP WebGoat
WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. You can install and practice with WebGoat in either J2EE or WebGoat for .Net in ASP.NET. In each lesson, users must demonstrate their understanding of a security issue by...
Lightweight Disassembly Framework: Capstone
Lightweight Disassembly Framework Capstone is a multi-platform, multi-architecture lightweight disassembly framework. Capstone Disassembly Engine v3.0 Released Our target is to make Capstone the ultimate disassembly engine for binary analysis and reversing in the security community. Features...
Passively Sniff Wireless Devices: iSniff GPS
Passively Sniff Wireless Devices iSniff GPS passively sniffs for SSID probes, ARPs and MDNS Bonjour packets broadcast by nearby iPhones, iPads and other wireless devices. The aim is to collect data which can be used to identify each device and determine previous geographical locations, based sole...
System Level Exploration: sysdig
Linux system exploration and troubleshooting tool with first class support for containers Sysdig instruments your physical and virtual machines at the OS level by installing into the Linux kernel and capturing system calls and other OS events. Sysdig also makes it possible to create trace files f...
Network Security Monitor Framework: Bro
Bro is a passive, open-source network traffic analyzer. It is primarily a security monitor that inspects all traffic on a link in depth for signs of suspicious activity. More generally, however, Bro supports a wide range of traffic analysis tasks even outside of the security domain, including...
Peer-to-Peer Framework: GNUnet
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP IPv4 and IPv6, TCP IPv4 and IPv6, HTTP, o...
Wireless and Wired Network Interceptor: the Interceptor
The Interceptor is a wireless wired network tap. Basically, a network tap is a way to listen in to network traffic as it flows past. I haven’t done extensive research but all the ones I found when looking passed the copy of the traffic onto a specified wired interface which was then plugged into ...
The Automated Collection and Enrichment Platform: ACE
The Automated Collection and Enrichment ACE platform is a suite of tools for threat hunters to collect data from many endpoints in a network and automatically enrich the data. The data is collected by running scripts on each computer without installing any software on the target. ACE supports...
Security and Privacy Assurance Research: SPARTA Framework
Security and Privacy Assurance Research Developed as a part of MIT Lincoln Laboratory’s test and evaluation role in the SPAR Security and Privacy Assurance Research program , SPARTA SPAR Testing and Assessment framework is a set of software applications used to evaluate the functionality and...
Meterpreter Session Proxy: Metasploit Aggregator
Meterpreter Session Proxy The Metasploit Aggregator is a proxy for Meterpreter sessions. Normally, Meterpreter sessions connect directly to a Metasploit listener. However, this has a few problems: 1. Multiple users cannot easily share the session once it is established, without some sort of...
Visual Malware Analysis: ProcDOT
Visual Malware Analysis There are plenty of tools for behavioral malware analysis. The defacto standard ones, though, are Sysinternals’s Process Monitor also known as Procmon and PCAP generating network sniffers like Windump, Tcpdump, Wireshark, and the like. These “two” tools cover almost...
Static Code Analyzer: PVS-Studio
Static Code Analyzer PVS-Studio performs static code analysis and generates a report that helps a programmer find and fix bugs. PVS-Studio performs a wide range of code checks, it is also useful to search for misprints and Copy-Paste errors. Examples of such errors: V501 , V517 , V522 , V523 ,...
Analyze Web-based Network Traffic: squidmagic
Analyze Web-based Network Traffic squidmagic is a tool designed to analyze a web-based network traffic to detect central command and control C&C servers and Malicious site, using Squid proxy server and Spamhaus. Install Ubuntu 16.04 Clone this repo & execute the script squidmagic ./install.sh ✓...
Multi-Architecture GDB Enhanced Features for Exploiters & Reverse-Engineers: GEF
Multi-Architecture GDB Enhanced Features for Exploiters & Reverse-Engineers GEF is a kick-ass set of commands for X86, ARM, MIPS, PowerPC and SPARC to make GDB cool again for exploit dev. It is aimed to be used mostly by exploiters and reverse-engineers, to provides additional features to GDB usi...
Test IPv6 Security: THC-IPv6
Test IPv6 Security: THC-IPv6 Attacking IPV6 Weaknesses with a complete tool set for exploiting the inherent IPV6 and ICMP6 protocol weaknesses, with included easy to use packet factory library. THC-IPV6 v3.2 Released Included Tools parasite6 icmp neighbor solitication/advertisement spoofer, puts...
SSL Enabled Basic Auth Credential Harvester: phishery
An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector Phishery is a Simple SSL Enabled HTTP server with the primary purpose of phishing credentials via Basic Authentication. Phishery also provides the ability easily to inject the URL into a .docx Word document...
Microsoft Exchange Sensitive Data Search: MailSniper
Microsoft Exchange Sensitive Data Search MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms passwords, insider intel, network architecture information, etc.. It can be used as a non-administrative user to search their own...
Automated Malware Incident Response & Analysis: AMIRA
Automated Malware Incident Response & Analysis AMIRA is a service for automatically running the analysis on the OSXCollector output files. The automated analysis is performed via OSXCollector Output Filters, in particular The One Filter to Rule Them All : the Analyze Filter. AMIRA takes care of...
Modern Reverse Proxy: Traefik
Modern Reverse Proxy Træfɪk is a modern HTTP reverse proxy and load balancer made to deploy microservices with ease. It supports several backends Docker , Swarm , Mesos/Marathon , Kubernetes , Consul , Etcd , Zookeeper , BoltDB , Rest API, file… to manage its configuration automatically and...
Windows shell: Babun
Would you like to use a linux-like console on a Windows host without a lot of fuzz? Try out babun! Installation Just download the dist file from http://babun.github.io , unzip it and run the install.bat script. After a few minutes babun starts automatically. The application will be installed to t...
Cowrie SSH Honeypot
Cowrie is a medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker. Cowrie is directly based on Kippo by Upi Tamminen. Features Some interesting features: Fake filesystem with the ability to add/remove file...
Wireless Toolsuite: WRAITH
Wireless reconnaissance, collection and exploitation toolsuite Attack vectors, rogue devices, interfering networks are best visualized and identified over time. Current tools i.e. Kismet, Aircrack-ng and Wireshark are excellent tools but none are completely suitable for collecting and analyzing t...
How to: Version Control
How to: Version Control In Linux, /etc directory contains important system-related or application-specific configuration files. Especially in a server environment, it is wise to back up various server configurations in /etc directory regularly, to save trouble from any accidental changes in the...
Transparent proxy that decrypts SSL traffic: sslnuke
Transparent proxy that decrypts SSL traffic We have all heard over and over that SSL without verification is not secure. If an SSL connection is not verified with a cached certificate, it can easily be hijacked by any attacker. So in 2013, one would think we had totally done away with this proble...
Web Application Penetration Testing Tool: Tracy
Tracy is a pentesting tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner. tracy should be used during the mapping-the-application phase of the pentest to identify sources of input and their corresponding outputs. tracy...
Simple tc Command Wrapper Tool: tcconfig
Simple tc Command Wrapper Tool A Simple tc command wrapper tool. Easy to set up traffic control of network bandwidth/latency/packet-loss to a network interface. Traffic control features Traffic shaping target Apply traffic shaping rules to specific target: Outgoing/Incoming packets Certain IP...
WinAPI User Hunter: hunter
WinAPI User Hunter During Red Team engagements it is common to track/hunt specific users. Assuming we already have access to a desktop as a normal user no matter how, always “assume compromise” in a Windows Domain and we want to spread laterally. We want to know where the user is logged on, if he...
Spear Phishing Helper: Hemingway
Spear Phishing Helper This tool was built to allow simpler campaigns of phishing. It does not try to resolve issues with SMTP relaying or reputation but rather to allow a penetration tester or red team member to create a phishing campaign with a ready made server for the phishing. We also assume...
Human Interface Device Exploit Deployment: Brutal
Human Interface Device Exploit Deployment Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device Payload Teensy . Extremely useful for executing scripts on a target machine without the need for human-to-keyboard...
Phishing Template Generation Made Easy: SimplyTemplate
Phishing Template Generation Made Easy. The goal of this project was to hopefully speed up Phishing Template Gen as well as an easy way to ensure accuracy of your templates. All templates will provide you with a small meta tag. This tag will help you quickly identify the capabilities of the modul...
Download Wayback Machine Archive: waybackpack
Download Wayback Machine archive for a given URL Waybackpack is a command-line tool that lets you download the entire Wayback Machine archive for a given URL. Waypackback is written in pure Python, depends only on requests , and should work wherever Python works. Should be compatible with both...
Modular File Scanning Analysis Framework: MultiScanner
MultiScanner is a file analysis framework that allows the user to evaluate a set of files with a set of tools. Tools can be custom built python scripts, web APIs, software running on another machine, etc. Tools are incorporated by creating modules that run in the MultiScanner framework. Modules a...
Vulnerability Static Analysis for Containers: clair
Clair is an open source project for the static analysis of vulnerabilities in appc and docker containers Vulnerability data is continuously imported from a known set of sources and correlated with the indexed contents of container images in order to produce lists of vulnerabilities that threaten ...
Protecting Personal Information: Freedom Box
FreedomBox is a personal server that protects your privacy. It hosts on demand applications such as file sharing, shared calendaring, instant messaging, secure voice conference calling, blog and wiki. FreedomBox is a free software stack, a subset of the Debian universal operating system, that can...
Python Fuzzing Framework: Kitty
Kitty is an open-source modular and extensible fuzzing framework written in python, inspired by OpenRCE’s Sulley and Michael Eddington’s and now Deja Vu Security’s Peach Fuzzer . Goal The goal of Kitty was to help with fuzzing unusual targets — proprietary and esoteric protocols over non-TCP/IP...
OWASP Mth3l3m3nt Framework
OWASP Mth3l3m3nt Framework is a penetration testing aiding tool and exploitation framework. Mth3l3m3nt provides the ability to create or do custom LFI and RFI exploits fast with little or no effort at all. It also enables you to store all your quick wins based on its ability to manage HTTP bots,...
OWASP ZeroDay Cyber Research Shellcoder
OWASP ZeroDay Cyber Research Shellcoder Generator is an open source software in python language which lets you generate customized shellcodes for listed operation systems. This software can be run on Linux under python 2.7.x. Installation Download last version. Extract and run installer.py or use...
Minimalistic CLI Tool to Manage Encrypted Volumes: Tomb
Tomb is an 100% free and open source system for file encryption on GNU/Linux, facilitating the backup of secret files. Tomb is written in code that is easy to review and links commonly shared components. Tomb generates encrypted storage folders to be opened and closed using their associated...
Auditing Network Activity: Argus
Auditing Network Activity Argus is a fixed-model Real Time Flow Monitor designed to track and report on the status and performance of all network transactions seen in a data network traffic stream. Argus provides a common data format for reporting flow metrics such as connectivity, capacity,...
Network Security Assessment: Subterfuge
Subterfuge is no longer a Beta! Now it is a full fledged network security assessment tool in its own right Walk into Starbucks, plop down a laptop, click start, watch the credentials roll in. Enter Subterfuge, a Framework to take the arcane art of Man-in-the-Middle Attack and make it as simple as...
Packet Trace Parser: Sniffer
Sniffer is a C program that parses and interprets captured Ethernet traffic containing IP datagrams UDP/TCP, and stores the captured payloads, email messages and HTTP cookies sent into files. General Supply any pcap file, produced by tcpdump, that contains a packet trace for the program to use as...
iOS Security Testing Framework: needle
iOS Security Testing Framework Needle is an open source, modular framework to streamline the process of conducting security assessments of iOS apps. Assessing the security of an iOS application typically requires a plethora of tools, each developed for a specific need and all with different modes...
Verified, Efficient TLS Implementation In C: Project Everest
Verified, Efficient TLS Implementation In C The HTTPS ecosystem HTTPS and TLS protocols, X.509 public key infrastructure, crypto algorithms is the foundation on which Internet security is built. Unfortunately, this ecosystem is extremely brittle, with headline-grabbing attacks such as FREAK and...
Command line Network Diagnostic Tool: myLG
Command line Network Diagnostic Tool myLG, my looking glass is software utility which combines the functions of the different network probes in one network diagnostic tool. Features Popular looking glasses ping/trace/bgp like Telia, Level3 More than 200 countries DNS Lookup information Local fast...
Large Scale Brute Force Cryptanalysis: Wisecracker
Large scale brute force cryptanalysis needs a tremendous amount of computational power that government agencies like the NSA and companies like Google® have. An average security researcher might want to have such capabilities as well but they do not have the tools or the computational resources...
Abusing BITS: BITSInject
Windows’ BITS service is a middleman for your download jobs. You start a BITS job, and from that point on, BITS is responsible for the download. But what if we tell you that BITS is a careless middleman? We have uncovered the way BITS maintains its jobs queue using a state file on disk, and found...
Anti-DDoS Solution Based on iptables: nShield
Anti-DDoS Solution Based on iptables An Easy and Simple Anti-DDoS solution for VPS, Dedicated Servers and IoT devices based on iptables Requirements Linux System with python, iptables Nginx Will be installed automatically by install.sh Quickstart cd /home/ && git clone...
Open Source File System Digital Forensics: The Sleuth Kit
Open Source File System Digital Forensics The Sleuth Kit is an open source forensic toolkit for analyzing Microsoft and UNIX file systems and disks. The Sleuth Kit enables investigators to identify and recover evidence from images acquired during incident response or from live systems. The Sleuth...
Advanced Forensics File Format: AFF4
The Advanced Forensics File format 4 was originally designed and published in “Extending the advanced forensic format to accommodate multiple data sources, logical evidence, arbitrary information and forensic workflow” M.I. Cohen, Simson Garfinkel and Bradley Schatz, digital investigation 6 2009...
Packet Capture Utility: Stenographer
Stenographer is a full-packet-capture utility for buffering packets to disk for intrusion detection and incident response purposes. It provides a high-performance implementation of NIC-to-disk packet writing, handles deleting those files as disk fills up, and provides methods for reading back...