Lucene search
K
N0whereMost viewed

1052 matches found

n0where
n0where
added 2016/10/07 4:38 p.m.93 views

Transparent Proxy tunnels: anonym8

Transparent Proxy tunnels Transparent Proxy through TOR, I2P, Privoxy, Polipo and modify DNS, for a simple and better privacy and security; Include Anonymizing Relay Monitor arm, macchanger, hostname and wipe Cleans ram/cache & swap-space features. Tested on Debian Kali Parrot To use the graphica...

0.6AI score
Exploits0References1
n0where
n0where
added 2016/05/25 3:46 p.m.93 views

Tor Hidden Services Load Balancing: OnionBalance

Tor Hidden Services Load Balancing The OnionBalance software allows for Tor hidden service requests to be distributed across multiple backend Tor instances. OnionBalance provides load-balancing while also making onion services more resilient and reliable by eliminating single points-of-failure...

Exploits0References1
n0where
n0where
added 2018/12/10 1:26 a.m.92 views

A Post-Exploitation Scanning/Mapping Tool: Scavenger

SCAVENGER is a multi-threaded post-exploitation scanning tool for mapping systems and finding “interesting” and most frequently used files, folders and services. Once credentials are gained, it can scan remote systems Linux, Windows and OSX via services like SMB and SSH to scrape that system...

Exploits0References1
n0where
n0where
added 2016/12/17 5:30 a.m.92 views

Exploit Development IDE: Exploit Pack

Exploit Development IDE Exploit Pack is a full IDE for exploit development and penetration testing with base workspace and an extensible module system. It is written mostly in JAVA but its modules use Python as an engine and it can be used to develop packages or tools which then can be run inside...

Exploits0
n0where
n0where
added 2016/05/25 2:29 p.m.91 views

Reverse Engineering Cross Platform Disassembler: Panopticon

Reverse Engineering Cross Platform Disassembler Panopticon is a disassembler that understands the semantics of opcodes. This way it’s able to help the user by discovering and displaying invariants that would have to be discovered “by hand” in traditional disassemblers. This allows an interactive...

0.1AI score
Exploits0References6
n0where
n0where
added 2018/05/08 2:39 a.m.90 views

Real-Time Two-Factor Phishing Tool: ReelPhish

2FA adds an extra layer of authentication on top of the typical username and password. Two common 2FA implementations are one-time passwords and push notifications. One-time passwords are generated by a secondary device, such as a hard token, and tied to a specific user. These passwords typically...

0.1AI score
Exploits0References3
n0where
n0where
added 2016/12/13 3:45 a.m.90 views

OSINT Chrome Extension: ThreatPinch Lookup

OSINT Chrome Extension ThreatPinch was designed to enable information security professionals quick reference checks for commonly looked up indicators without having to leave the comfort of their current webpage. Be it, IPv4 addresses, MD5/SHA2 hashes, these indicators are usually copied and paste...

6.5AI score
Exploits0References2
n0where
n0where
added 2016/06/15 8:11 p.m.90 views

Stress Test Anti Malware System: al-khaser

Stress Test Anti Malware System al-khaser is a PoC malware with good intentions that aims to stress your anti-malware system. It performs a bunch of nowadays malwares tricks and the goal is to see if you catch them all. Some of the common use are: You are making an anti-debug plugin and you want ...

Exploits0References2
n0where
n0where
added 2015/09/13 3:4 a.m.90 views

Modular visual interface for GDB: GDB dashboard

Modular visual interface for GDB in Python This comes as a standalone single-file .gdbinit which, among the other things, enables a configurable dashboard showing the most relevant information during the program execution. Its main goal is to reduce the number of GDB commands issued to inspect th...

0.2AI score
Exploits0References2
n0where
n0where
added 2014/12/20 11:37 a.m.90 views

Wireless Network Auditing Tool: FruityWifi

FruityWifi is an open source tool to audit wireless networks. It allows the user to deploy advanced attacks by directly using the web interface or by sending messages to it. Initialy the application was created to be used with the Raspberry-Pi, but it can be installed on any Debian based system...

0.1AI score
Exploits0References7
n0where
n0where
added 2018/10/23 4:46 a.m.89 views

Hardware resistance & enhanced security for GnuPG

VSHG aims to provide a memory / hardware resistant reinforcement to GnuPG’s standard s2k key-derivation-function + a simplified interface for symmetric encryption . VSHG Very secure hash generator is a standalone Addon for GnuPG Gnu privacy guard . It is written as a shell script and is designed...

7.5AI score
Exploits0References1
n0where
n0where
added 2018/04/19 6:36 a.m.89 views

Hashcat Wrapper for Distributed Hashcracking: Hashtopolis

Hashtopolis is a multi-platform client-server tool for distributing hashcat tasks to multiple computers. The main goals for Hashtopolis’s development are portability, robustness, multi-user support, and multiple groups management. The application has two parts: Agent Multiple clients C, Python,...

7.3AI score
Exploits0References2
n0where
n0where
added 2017/03/28 4:9 a.m.88 views

CTF Framework and Exploit Development Library: pwntools

pwntools is a CTF framework and exploit development library. Written in Python, it is designed for rapid prototyping and development, and intended to make exploit writing as simple as possible. Whether you’re using it to write exploits, or as part of another software project will dictate how you...

0.3AI score
Exploits0References1
n0where
n0where
added 2017/03/27 2:19 p.m.88 views

Open Source Large Scale Full Packet Capturing: Moloch

Open Source Large Scale Full Packet Capturing Moloch is an open source, large scale, full packet capturing, indexing, and database system. Moloch augments your current security infrastructure to store and index network traffic in standard PCAP format, providing fast, indexed access. An intuitive...

7AI score
Exploits0References4
n0where
n0where
added 2018/11/21 12:16 a.m.87 views

Extract Digital Evidences From Images: Imago-Forensics

Imago is a python tool that extract digital evidences from images recursively. This tool is useful throughout a digital forensic investigation. If you need to extract digital evidences and you have a lot of images, through this tool you will be able to compare them easily. Imago allows to extract...

0.2AI score
Exploits0References1
n0where
n0where
added 2017/08/15 3:45 a.m.87 views

HTTP Load Generator: hey

hey is a tiny program that sends some load to a web application – ApacheBench ab replacement. hey was originally called boom and was influenced from Tarek Ziade’s tool at tarekziade/boom . Installation go get -u github.com/rakyll/hey Note: Requires go 1.7 or greater. Usage hey runs provided numbe...

7.1AI score
Exploits0References2
n0where
n0where
added 2017/01/30 6:3 a.m.87 views

Reverse IP Lookup Tool: RevIP

Reverse IP Lookup Tool: RevIP ReverseIP or RevIP is a ruby-based reverse IP-lookup tool, which finds all domains hosted on a web server and returns the HTTP status code of those domains. Installation You can “install” RevIP by simply adding an alias in your /.bashrc after cloning the git reposito...

1.1AI score
Exploits0References1
n0where
n0where
added 2017/11/28 4:50 a.m.86 views

Machine Learning Image Steganalysis: Aletheia

Aletheia is a steganalysis tool for the detection of hidden messages in images. The goal of steganalysis is to identify suspected packages, determine whether or not they have a payload encoded into them, and, if possible, recover that payload. Unlike cryptanalysis, steganalysis generally starts...

0.9AI score
Exploits0References1
n0where
n0where
added 2017/06/05 8:2 p.m.86 views

Endpoint Security Platform: Lima Charlie

LIMA CHARLIE is an endpoint security platform. It is itself a collection of small projects all working together to become the LC platform. LC gives you a cross-platform Windows, OSX, Linux, Android and iOS low-level environment allowing you to manage and push in memory additional modules to. The...

0.1AI score
Exploits0References3
n0where
n0where
added 2017/09/26 4:3 a.m.85 views

Advanced Dork Searching Utility: Zeus-Scanner

Zeus is an advanced reconnaissance utility designed to make web application reconnaissance simple. Zeus comes complete with a powerful built-in URL parsing engine, multiple search engine compatibility, the ability to extract URLs from both ban and webcache URLs, the ability to run multiple...

6.2AI score
Exploits0References4
n0where
n0where
added 2018/11/21 3:41 p.m.82 views

Modular Distributed Fingerprinting Engine: Scannerl

Scannerl is a modular distributed fingerprinting engine implemented by Kudelski Security. Scannerl can fingerprint thousands of targets on a single host, but can just as easily be distributed across multiple hosts. Scannerl is to fingerprinting what zmap is to port scanning. Scannerl works on...

7.5AI score
Exploits0References1
n0where
n0where
added 2018/11/12 3:29 p.m.82 views

Digital Forensics Distro: CAINE

Caine an acronym for Computer Aided Investigative Environment’ is an Ubuntu-based GNU/Linux live distribution live oriented to Computer Forensics computer forensics historically conceived by Giancarlo Giustini, within a project of Digital Forensics Interdepartmental Research Center for Security...

2.7AI score
Exploits0
n0where
n0where
added 2016/12/04 10:57 p.m.82 views

Aker SSH Gateway

Aker SSH Gateway Aker is a security tool that helps you configure your own Linux ssh jump/bastion host. Named after an Egyptian mythology deity who guarded the borders, Aker would act as choke point through which all your sysadmins and support staff access Linux production servers. Aker SSH gatew...

1.6AI score
Exploits0References1
n0where
n0where
added 2016/06/16 2:53 a.m.82 views

Capture Windows Kernel Activity: Fibratus

Capture Windows Kernel Activity: Fibratus Tool for exploration and tracing of the Windows kernel Fibratus is a tool which is able to capture the most of the Windows kernel activity – process/thread creation and termination, file system I/O, registry, network activity, DLL loading/unloading and mu...

Exploits0References2
n0where
n0where
added 2018/02/03 8:37 p.m.81 views

Automated Mass Exploiter: AutoSploit

As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets are collected automatically as well by employing the Shodan.io API. The program allows the user to enter their platform specific search query such as; Apache , IIS , etc, upon which a list of...

0.4AI score
Exploits0References3
n0where
n0where
added 2017/08/16 5:44 a.m.81 views

Encrypted, Anti-Replay, Multiplexed Udp Tunnel: Udp2raw-tunnel

A UDP Tunnel which tunnels UDP via FakeTCP/UDP/ICMP Traffic by using Raw Socket, helps you Bypass UDP FireWalls or Unstable UDP Environment. Its Encrpyted, Anti-Replay and Multiplexed. It also acts as a Connection Stabilizer. Features Send / Receive UDP Packet with fake-tcp/icmp headers...

7.4AI score
Exploits0References1
n0where
n0where
added 2016/11/08 3:8 a.m.81 views

Free Open Source Scalable Incident Response Platform: The Hive

Free Open Source Scalable Incident Response Platform TheHive is a scalable 3-in-1 open source and free solution designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly. TheHi...

6.8AI score
Exploits0References7
n0where
n0where
added 2018/09/12 7:44 p.m.80 views

Tor Browser for Android

Tor Browser for Android is the only official mobile browser supported by the Tor Project, developers of the world’s strongest tool for privacy and freedom online. Features BLOCK TRACKERS Tor Browser isolates each website you visit so third-party trackers and ads can’t follow you. Any cookies...

2.4AI score
Exploits0
n0where
n0where
added 2018/05/24 7:24 p.m.80 views

OWASP Joomla Vulnerability Scanner Project: JoomScan

OWASP JoomScan short for Joomla Vulnerability Scanner is an opensource project in perl programming language to detect Joomla CMS vulnerabilities and analysis. If you want to do a penetration test on a Joomla CMS, OWASP JoomScan is Your best shot ever! This Project is being faster than ever and...

0.8AI score
Exploits0References1
n0where
n0where
added 2017/05/09 6:27 a.m.80 views

GDB Exploit Development & Reverse Engineering: pwndbg

GDB Exploit Development & Reverse Engineering pwndbg /poʊndbæg/ is a GDB plug-in that makes debugging with GDB suck less, with a focus on features needed by low-level software developers, hardware hackers, reverse-engineers and exploit developers. Vanilla GDB is terrible to use for reverse...

7.4AI score
Exploits0References3
n0where
n0where
added 2016/03/16 7:35 p.m.80 views

Shared Host Integrated Password System: SHIPS

SHIPS is a solution to provide unique and rotated local super user or administrator passwords for environments where it is not possible or not appropriate to disable these local accounts for both Windows and Linux. Clients may be configured to rotate passwords automatically. Stored passwords can ...

Exploits0References2
n0where
n0where
added 2015/12/21 6:54 p.m.80 views

Modern Vulnerable Web App: Hackazon

Hackazon is a free, vulnerable test site that is an online storefront built with the same technologies used in today’s rich client and mobile applications. Hackazon has an AJAX interface, strict workflows and RESTful API’s used by a companion mobile app providing uniquely-effective training and...

7.5AI score
Exploits0References2
n0where
n0where
added 2014/08/06 6:44 p.m.80 views

Honeypot Linux Distro: HoneyDrive

HoneyDrive is the premier honeypot Linux distro. It is a virtual appliance OVA with Xubuntu Desktop 12.04.4 LTS edition installed. It contains over 10 pre-installed and pre-configured honeypot software packages such as Kippo SSH honeypot, Dionaea and Amun malware honeypots, Honeyd low-interaction...

7AI score
Exploits0
n0where
n0where
added 2018/11/12 5:20 a.m.78 views

Automatic SQL injection and database takeover tool: sqlmap

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...

Exploits0References2
n0where
n0where
added 2016/11/03 5:25 a.m.78 views

osquery Command And Control: Kolide

osquery Command And Control Kolide is an agentless osquery web interface and remote api server. Kolide uses the osquery remote apis to do ad-hoc distributed queries, osqueryd configurations and the collection and processing of scheduled queries packs. Kolide was designed to be extremely portable ...

Exploits0References1
n0where
n0where
added 2014/12/16 8:47 p.m.78 views

Mozilla Defense Platform: MozDef

Mozilla Defense Platform The inspiration for MozDef comes from the large arsenal of tools available to attackers. Suites like metasploit, armitage, lair, dradis and others are readily available to help attackers coordinate, share intelligence and finely tune their attacks in real time. Defenders...

0.4AI score
Exploits0References1
n0where
n0where
added 2017/08/08 5:51 p.m.77 views

Koadic C3 COM Command & Control – JScript RAT

Koadic, or COM Command & Control, is a Windows post-exploitation rootkit similar to other penetration testing tools such as Meterpreter and Powershell Empire. The major difference is that Koadic does most of its operations using Windows Script Host a.k.a. JScript/VBScript, with compatibility in t...

0.8AI score
Exploits0References1
n0where
n0where
added 2018/08/19 2:0 a.m.76 views

Dynamic API Call Tracer for Windows and Linux Applications: Drltrace

Drltrace is a dynamic API calls tracer for Windows and Linux applications designed primarily for malware analysis. Drltrace is built on top of DynamoRIO dynamic binary instrumentation framework. Motivation Malware analysis is not an easy task. Sophisticated software packers like Themida and...

0.3AI score
Exploits0References2
n0where
n0where
added 2018/03/29 2:54 p.m.76 views

PowerShell Runspace Post Exploitation Toolkit: p0wnedShell

p0wnedShell is an offensive PowerShell host application written in C that does not rely on powershell.exe but runs powershell commands and functions within a powershell runspace environment .NET. It has a lot of offensive PowerShell modules and binaries included to make the process of Post...

0.2AI score
Exploits0References3
n0where
n0where
added 2016/04/13 12:55 p.m.76 views

Generic Android Deobfuscator: Simplify

Simplify uses a virtual machine to execute an app and understand what it does. Then, it applies optimizations to create code that behaves identically but is easier for a human to understand. It is a generic deobfuscator because it doesn’t need any special configuration or code for different types...

1.2AI score
Exploits0References1
n0where
n0where
added 2017/02/07 5:12 a.m.75 views

Audit SIP Based VoIP Systems: SIPVicious

Audit SIP Based VoIP Systems SIPVicious suite is a set of tools that can be used to audit SIP based VoIP systems. The idea behind the tools is to aid administrators and security folks make informed decisions when evaluating the security of their SIP-based servers and devices. The tools are intend...

0.4AI score
Exploits0References1
n0where
n0where
added 2016/11/03 4:6 a.m.75 views

Binary Analysis Platform: angr

Binary Analysis Platform angr is a platform-agnostic binary analysis framework developed by the Computer Security Lab at UC Santa Barbara and their associated CTF team, Shellphish. angr is a suite of python libraries that let you load a binary and do a lot of cool things to it: Disassembly and...

7.2AI score
Exploits0References10
n0where
n0where
added 2018/11/08 3:45 a.m.74 views

Network Fingerprinting Standard: hassh

“HASSH” is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints can be easily stored, searched and shared in the form of an MD5 fingerprint. What can HASSH help with: Use in highly controlled, well understood environments...

0.6AI score
Exploits0References1
n0where
n0where
added 2018/02/03 2:13 a.m.74 views

Automate Network Attacks Against Active Directory: icebreaker

Break the ice with that cute Active Directory environment over there. Automates network attacks against Active Directory to deliver you piping hot plaintext credentials when you’re inside the network but outside of the Active Directory environment. Performs 5 different network attacks for plainte...

7.9AI score
Exploits0References2
n0where
n0where
added 2018/01/01 8:31 p.m.74 views

Fsociety Hacking Tools Pack

Fsociety Menu Information Gathering Password Attacks Wireless Testing Exploitation Tools Sniffing & Spoofing Web Hacking Private Web Hacking Post Exploitation INSTALL & UPDATE Information Gathering : Nmap Setoolkit Port Scanning Host To IP wordpress user CMS scanner XSStracer Dork – Google Dorks...

0.1AI score
Exploits0References1
n0where
n0where
added 2017/10/02 4:13 a.m.74 views

HTTP Virtual Host Scanner: VHostScan

A virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages. First presented at SecTalks BNE in September 2017 Key Benefits Quickly highlight unique content in catch-all scenarios Locate the outliers in catch-all scenarios where results...

6.8AI score
Exploits0References1
n0where
n0where
added 2016/01/22 5:17 p.m.74 views

Anonymous VPN Adapter: OnionCat

OnionCat is a VPN -adapter which allows to connect two or more computers or networks through VPN-tunnels. It is designed to use the anonymization networks Tor or I2P as its transport, hence, it provides location-based anonymity while still creating tunnel end points with private unique IP...

6.9AI score
Exploits0
n0where
n0where
added 2012/09/23 3:30 p.m.74 views

Ghost Phisher

Ghost Phisher is a computer security application that comes inbuilt with a Fake DNS Server, Fake DHCP Server, Fake HTTP server and also has an integrated area for automatic capture and logging of HTTP form method credentials to a database. The program could be used as an honey pot,could be used t...

1AI score
Exploits0
n0where
n0where
added 2018/09/12 7:31 p.m.73 views

Advanced Network Reconnaissance Toolkit: badKarma

badKarma is a python3 GTK+ toolkit that aim to assist penetration testers during all the network infrastructure penetration testing activity phases. It allow testers to save time by having point-and-click access to their toolkits, launch them against single or multiple targets and interacte with...

0.2AI score
Exploits0References1
n0where
n0where
added 2017/02/07 7:34 a.m.73 views

Dump and Analyze .Net Applications Memory: MemoScope.Net

Dump and Analyze .Net Applications Memory MemoScope.Net is a tool to analyze .Net process memory: it can dump an application’s memory in a file and read it later. The dump file contains all data objects and threads state, stack, call stack. MemoScope.Net will analyze the data and help you to find...

Exploits0References3
Total number of security vulnerabilities1052