1052 matches found
Tunnel TCP connections over HTTP: Tunna
Tunnel TCP connections over HTTP Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments. In a fully firewalled inbound and outbound connections restricted – except the webserver port. The...
RTSP Surveillance Camera Access Multitool: Cameradar
RTSP Surveillance Camera Access Multitool Cameradar hacks its way into RTSP CCTV cameras Cameradar allows you to: Detect open RTSP hosts on any accessible target Get their public info hostname, port, camera model, etc. Bruteforce your way into them to get their stream route for example /live.sdp...
Open Source Cross Platform RAT: Pupy
Open Source Cross Platform RAT: Pupy Pupy is an opensource, cross-platform Windows, Linux, OSX, Android, multi function RAT Remote Administration Tool and post-exploitation tool mainly written in python. It features a all-in-memory execution guideline and leaves very low footprint. Pupy can...
Node.js VoIP penetration testing framework : Bluebox-ng
Bluebox-ng : Node.js VoIP penetration testing framework Features Auto VoIP/UC penetration test Report generation Performance RFC compliant SIP TLS and IPv6 support SIP over websockets and WSS support RFC 7118 SHODAN, exploitsearch.net and Google Dorks SIP common security tools scan,...
Subdomain Discovery Tool: SubFinder
SubFinder is a subdomain discovery tool that uses various techniques to discover massive amounts of subdomains for any target. It has been aimed as a successor to the sublist3r project . SubFinder uses Passive Sources, Search Engines, Pastebins, Internet Archives, etc to find subdomains and then ...
Wireless GUI Android Security Assessment: Hijacker
Hijacker is a Graphical User Interface for the penetration testing tools Aircrack-ng, Airodump-ng , MDK3 and Reaver . It offers a simple and easy UI to use these tools without typing commands in a console and copy&pasting MAC addresses. This application requires an ARM android device with an...
What the Fuzz: Radamsa
What the Fuzz: Radamsa Radamsa is a test case generator for robustness testing, a.k.a. a fuzzer. It is typically used to test how well a program can withstand malformed and potentially malicious inputs. It works by reading sample files of valid data and generating interestingly different outputs...
Cold Disk Quick Response: CDQR
Cold Disk Quick Response tool The CDQR tool uses Plaso to parse disk images with specific parsers and create easy to analyze custom reports. The parsers were chosen based on my experience and triaging best practices and the custom reports group like items together to make analysis easier. The...
Linux Enumeration And Privilege Escalation – LinEnum
LinEnum will automate many Local Linux Enumeration & Privilege Escalation checks documented in this cheat sheet . It’s a very basic shell script that performs over 65 checks, getting anything from kernel information to locating possible escalation points such as potentially useful SUID/GUID files...
GRR Rapid Response
GRR Rapid Response is an incident response framework focused on remote live forensics. GRR consists of an agent client that can be deployed to a target system, and server infrastructure that can manage and talk to the agent. Client Features: Cross-platform support for Linux, OS X and Windows...
Target Reconnaissance Framework: Pown Recon
Pown Recon is a target reconnaissance framework powered by graph theory. The benefit of using graph theory instead of flat table representation is that it is easier to find the relationships between different types of information which comes quite handy in many situations. Graph theory algorithms...
Nmap Web Dashboard and Reporting: WebMap
Features Import and parse Nmap XML files Statistics and Charts on discovered services, ports, OS, etc… Inspect a single host by clicking on its IP address Attach labels on a host Insert notes for a specific host Create a PDF Report with charts, details, labels and notes Copy to clipboard as Nikto...
Payload Generation Framework: SharpShooter
SharpShooter is a payload creation framework for the retrieval and execution of arbitrary CSharp source code. SharpShooter is capable of creating payloads in a variety of formats, including HTA, JS, VBS and WSF. It leverages James Forshaw’s DotNetToJavaScript tool to invoke methods from the...
Windows Forensic Data Collection: IR-rescue
Windows Forensic Data Collection ir-rescue is a Windows Batch script that collects a myriad of forensic data from 32-bit and 64-bit Windows systems while respecting the order of volatility. It is intended for incident response use at different stages in the analysis and investigation process. It...
Automated Wireless Penetration Testing: Wi-fEye
Wi-fEye is an automated wireless penetration testing tool written in python , its designed to simplify common attacks that can be performed on wifi networks so that they can be executed quickly and easily. Wifi has three main menus : 1. Cracking menu: contains attacks that could allow us to crack...
Data Center Security Testing Tool: Infection Monkey
The Infection Monkey is an open source security tool for testing a data center’s resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self propagate across a data center and reports success to a centralized Command and ControlC&C server. The Infection...
Applicative Protocol Multiplexer: SSLH
sslh accepts connections on specified ports, and forwards them further based on tests performed on the first data packet sent by the remote client. Probes for HTTP, SSL, SSH, OpenVPN, tinc, XMPP are implemented, and any other protocol that can be tested using a regular expression, can be...
Red Team’s SIEM: RedELK
Red Team’s SIEM – easy deployable tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability for the Red Team in long term operations. When performing multi-month, multi-C2teamserver and multi-scenario red team operations, you are working with an...
Post-Exploitation Framework for Linux Written in Bash: Orc
Orc is a simple post-exploitation written in bash. I wrote this because I myself needed a more featureful post-exploitation toolkit for Linux. It’s part of a larger bundle of scripts and tools, but I’ll add those as I write and re-write them. It takes the form of an ENV script, so load orc into a...
Bruteforce BitCoin Wallet
The purpose of this program is to try to find the password of an encrypted Peercoin or Bitcoin, Litecoin, etc… wallet file i.e. wallet.dat. It can be used in two ways: try all the possible passwords given a charset try all the passwords in a file There is a command line option to specify the numb...
Machine Learning Penetration Testing: GyoiThon
GyoiThon is a growing penetration test tool using Deep Learning. Deep Learning improves classification accuracy in proportion to the amount of learning data. Therefore, GyoiThon will be taking in new learning data during every scan. Since GyoiThon uses various features of software included in HTT...
The Firmware Analysis and Comparison Tool: FACT
The Firmware Analysis and Comparison Tool formerly known as Fraunhofer’s Firmware Analysis Framework FAF is intended to automate most of the firmware analysis process. It unpacks arbitrary firmware files and processes several analysis. Additionally, it can compare several images or single files...
An Open Source SIP Sniffer: pcapsipdump
An open-source libpcap-based SIP sniffer with per-call sorting capabilities. Listens on a network interface and saves SIP/RTP sessions to files. Each session goes in a separate, fancy-named .pcap file. Those could be opened with tcpdump, wireshark and friends. SIP/RTP sessions are written to disk...
Android Security Virtual Machine: Androl4b
Android Security Virtual Machine AndroL4b is an android security virtual machine based on ubuntu-mate includes the collection of latest framework, tutorials and labs from different security geeks and researchers for reverse engineering and malware analysis. The tools directory contains tools and...
Intentionally Vulnerable Machine for Exploit Testing: Metasploitable3
Intentionally Vulnerable Machine for Exploit Testing Metasploitable3 is a free virtual machine that allows you to simulate attacks largely using Metasploit. It has been used by people in the security industry for a variety of reasons: such as training for network exploitation, exploit development...
An Open-Source Pre and Post Callback-Based Framework for macOS Kernel Monitoring: Kemon
If third-party vendors want to add new features to the macOS kernel, such as antivirus capabilities, ransomware blocking, data breach auditing, behavior monitoring and so on, they usually need the support of the system’s exported interfaces. At present, only two known official interfaces are...
Web Reconnaissance Framework: Recon-ng
Recon-ng is a full-featured Web Reconnaissance framework written in Python. Complete with independent modules, database interaction, built in convenience functions, interactive help, and command completion, Recon-ng provides a powerful environment in which open source web-based reconnaissance can...
Credit Card Magstripe Spoofer: MagSpoof
MagSpoof is a device that can spoof/emulate any magnetic stripe or credit card. It can work “wirelessly”, even on standard magstripe/credit card readers, by generating a strong electromagnetic field that emulates a traditional magnetic stripe card. MagSpoof does not enable you to use credit cards...
Automated Dynamic Application Penetration Testing: ADAPT
ADAPT is a tool that performs Automated Dynamic Application Penetration Testing for web applications. It is designed to increase accuracy, speed, and confidence in penetration testing efforts. ADAPT automatically tests for multiple industry standard OWASP Top 10 vulnerabilities, and outputs...
Command-line Network Packet Crafting and Injection Utility: nemesis
The Nemesis Project is designed to be a command line based, portable human IP stack for UNIX-like and Windows systems. The suite is broken down by protocol, and should allow for useful scripting of injected packets from simple shell scripts. Key Features ARP/RARP, DNS, ETHERNET, ICMP, IGMP, IP,...
Advanced Man In The Middle Framework: Xerosploit
Xerosploit is a penetration testing toolkit whose goal is to perform man in the middle attacks for penetration testing purposes. It brings various modules together that will help you perform very efficient attacks. You can also use it to perform denial of service attacks and port scanning. Powere...
Automating Penetration Testing Tasks: ODIN
ODIN Observe, Detect, and Investigate Networks is a Python tool for automating intelligence gathering, testing and reporting. ODIN is still in active development. ODIN is designed to be run on Linux. About 90% of it will absolutely work on Windows or MacOS with Python 3 and a copy of urlcrazy, bu...
A WebSocket Manipulation Proxy: WSSiP
Short for “WebSocket/Socket.io Proxy”, this tool, written in Node.js, provides a user interface to capture, intercept, send custom messages and view all WebSocket and Socket.IO communications between the client and server. Upstream proxy support also means you can forward HTTP/HTTPS traffic to an...
Open Source Distributed Secure Skype Alternative: Tox Messenger
Open Source Distributed Secure Skype Alternative Distributed FOSS secure messenger with audio and video chat capabilities Tox began a few years ago, in the wake of Edward Snowden’s leaks regarding NSA spying activity. The idea was to create an instant messaging protocol that ran without any kind ...
Mobile Forensics: Santoku
Santoku is a platform for mobile forensics, mobile malware analysis and mobile application security assessment. The free Santoku Community Edition is a collaborative project to provide a pre-configured Linux environment with utilities, drivers and guides for these areas. Boot into Santoku and get...
KNX Home Automation Security Auditing: KNXmap
KNX Home Automation Security Auditing A tool for scanning and auditing KNXnet/IP gateways on IP driven networks. KNXnet/IP defines Ethernet as physical communication media for KNX EN 50090, ISO/IEC 14543. KNXmap also allows to scan for devices on the KNX bus via KNXnet/IP gateways. In addition to...
DNS Traffic Capture: DNSCAP
dnscap is a network capture utility designed specifically for DNS traffic. It produces binary data in pcap3 and other format. This utility is similar to tcpdump1, but has a number of features tailored to DNS transactions and protocol options. DNS-OARC uses dnscap for DITL data collections. Some o...
ProcDump Sysinternals Tool for Linux
ProcDump is a Linux reimagining of the classic ProcDump tool from the Sysinternals suite of tools for Windows. ProcDump provides a convenient way for Linux developers to create core dumps of their application based on performance triggers. Requirements Minimum OS: Red Hat Enterprise Linux / CentO...
Information Security Preparedness Tool: Metta
Metta is an open-source information security preparedness tool for adversarial simulation. As an emerging concept, the industry has yet to settle on a definitive definition of adversarial simulation, but it involves simulating components of targeted attacks in order to test both an organization’s...
Generic Signature Format for SIEM Systems: Sigma
Sigma is a generic and open signature format that allows you to describe relevant log events in a straight forward manner. The rule format is very flexible, easy to write and applicable to any type of log file. The main purpose of this project is to provide a structured form in which researchers ...
Windows Packet Divert: WinDivert
Windows Packet Divert WinDivert is a user-mode packet capture-and-divert package for Windows Vista, Windows 2008, Windows 7, Windows 8 and Windows 10. WinDivert allows usermode programs to capture/modify/drop network packets sent to/from the Windows network stack. In summary, WinDivert can captur...
Damn Vulnerable Web Sockets: DVWS
Damn Vulnerable Web Sockets Damn Vulnerable Web Sockets DVWS is a vulnerable web application which works on web sockets for client-server communication. The flow of the application is similar to DVWA . You will find more vulnerabilities than the ones listed in the application. Requirements In the...
Visualizing Windows Active Directory Event Logs: LogonTracer
Investigate malicious logon by visualizing and analyzing Windows active directory event logs. LogonTracer associates a host name or an IP address and account name found in logon-related events and displays it as a graph. This way, it is possible to see in which account login attempt occurs and...
Automated Modular Cryptanalysis Tool: FeatherDuster
Automated Modular Cryptanalysis Tool FeatherDuster is a tool written by Daniel “unicornfurnace” Crowley of NCC Group for breaking crypto which tries to make the process of identifying and exploiting weak cryptosystems as easy as possible. Cryptanalib is the moving parts behind FeatherDuster, and...
Windows Local Privilege Escalation: PowerUp
PowerUp is a powershell tool to assist with local privilege escalation on Windows systems. It contains several methods to identify and abuse vulnerable services, as well as DLL hijacking opportunities, vulnerable registry settings, and escalation opportunities. The privesc/powerup/allchecks modul...
Static Analysis Tool: Bindead
The tool is based on the dynamic instrumentation framework PIN from Intel. Currently PIN is only working with the x86 architecture. Additionally, bintrace currently is limited to the Linux platform but will be ported to Windows when there is the need to. Actually, building for Windows might work...
Reconnaissance Swiss Army Knife: ReconDog
Main Features Wizard + CLA interface Can extracts targets from STDIN piped input and act upon them All the information is extracted with APIs, no direct contact is made to the target Utilities Censys : Uses censys.io to gather massive amount of information about an IP address. NS Lookup : Does na...
Open Source CAN Network Analysis: BUSMASTER
Open Source CAN Network Analysis BUSMASTER is an open source PC software for the design, monitoring, analysis, and simulation of CAN networks. Using its powerful functions and user-programmability one can simulate CAN system of any complexity. Additionally it provides options to analyze data byte...
Web Testing Framework Samurai
The Samurai Web Testing Framework is a virtual machine, supported on VirtualBox and VMWare, that has been pre-configured to function as a web pen-testing environment. The VM contains the best of the open source and free tools that focus on testing and attacking websites. In developing this...
Firewall and Privatizing Proxy: macOS Fortress
macOS-Fortress is a Firewall, Blackhole, and Privatizing Proxy for Trackers, Attackers, Malware, Adware, and Spammers. It is Kernel-level, OS-level, and client-level security for macOS. Built to address a steady stream of attacks visible on snort and server logs, as well as blocks ads, malicious...