1052 matches found
Database Firewall: DBShield
Database Firewall DBShield is a Database Firewall written in Go that has protection for MySQL/MariaDB, Oracle and PostgreSQL databases. It works in a proxy fashion inspecting traffic and dropping abnormal queries after a learning period to populate the internal database with regular queries. For...
Fastest Internet Port Scanner: MASSCAN
This is the fastest Internet port scanner. It can scan the entire Internet in under 6 minutes, transmitting 10 million packets per second. It produces results similar to nmap , the most famous port scanner. Internally, it operates more like scanrand , unicornscan , and ZMap , using asynchronous...
John the Ripper GUI Frontend: Johnny
Johnny the open source cross-platform GUI frontend for John the Ripper, the popular password cracker, written in C++ using the Qt framework. Johnny’s aim is to automate and simplify the password cracking routine on the Desktop as well as add extra functionality like session management and easy...
DumpsterFire Toolset: Security Incidents In A Box
The DumpsterFire Toolset is a modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support a...
Real Time Performance Monitoring: netdata
Real Time Performance Monitoring Netdata is a daemon that collects data in realtime per second and presents a web site to view and analyze them. The presentation is also real-time and full of interactive charts that precisely render all collected values. netdata is the fastest way to visualize...
Low Interaction Honeypot: HoneyPy
A low interaction honeypot with the capability to be more of a medium interaction honeypot. HoneyPy is written in Python and is intended to be easy to: deploy, extend functionality with plugins, and apply custom configurations. The level of interaction is determined by the functionality of a...
Build Your Own PwnPhone
Build Your Own PwnPhone We’ll attempt to show you how to build your own Pwn Phone running the Kali operating system and our AOPP Android Open Pwn Project image. Let’s get cracking… Flashing the Phone 1. Download the Recovery image for your device: https://twrp.me/Devices 2. Connect the device to...
MAT: Metadata Anonymisation Toolkit
MAT: Metadata Anonymisation Toolkit What is metadata? Metadata consists of information that characterizes data e.g. Word documents, pictures, music files, etc. In essence, metadata answers who, what, when, where, why, and how about every facet of the data that is being characterized. Why metadata...
Block Unauthorized macOS Outgoing Network Traffic: LuLu
LuLu is the free, shared-source firewall for macOS. It’s goal is simple; block any unknown outgoing connections, until approved by the user. While it was designed to generically detect malware by flagging unauthorized networking connections, LuLu can also be used to block OS components or 3rd-par...
LLMNR, NBT-NS and MDNS Responder for Windows
LLMNR, NBT-NS and MDNS Responder for Windows This tool is first an LLMNR, NBT-NS and MDNS responder, it will answer to specific NBT-NS NetBIOS Name Service queries based on their name suffix see: http://support.microsoft.com/kb/163409 . By default, the tool will only answers to File Server Servic...
Offline WPS Bruteforce Utility: PixieWPS
Pixiewps is a tool written in C used to bruteforce offline the WPS pin exploiting the low or non-existing entropy of some APs pixie dust attack Additional Video: http://video.adm.ntnu.no/pres/549931214e18d Pixiewps requires libssl. To install it: sudo apt-get install libssl-dev Installation:...
socat – Multipurpose Relay (SOcket CAT)
socat socat is a relay for bidirectional data transfer between two independent data channels. Each of these data channels may be a file, pipe, device serial line etc. or a pseudo terminal, a socket UNIX, IP4, IP6 – raw, UDP, TCP, an SSL socket, proxy CONNECT connection, a file descriptor stdin...
Web Services Penetration Testing: WS-Attacker
WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr University Bochum http://nds.rub.de/ and the Hackmanit GmbH http://hackmanit.de/ . The basic idea behind WS-Attacker is to provide a functionality to load WSDL...
Python Backdoor Framework: NXcrypt
Python Backdoor Framework: NXcrypt Features NXcrypt is a polymorphic ‘python backdoors’ crypter written in python by Hadi Mene h4d3s . The output is fully undetectable . NXcrypt can inject malicious python file into a normal file with multi-threading system . Run it with superuser’s permissions...
BGP Swiss Army Knife: ExaBGP
ExaBGP provides a convenient way to implement Software Defined Networking by transforming BGP messages into friendly plain text or JSON, which can then be easily handled by simple scripts or your BSS/OSS. It is routinely used to improve service resilience and provide protection against network or...
Backdooring Android APK: backdoor-apk
Backdooring Android APK backdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script should have working knowledge of Linux, Bash, Metasploit, Apktool, the Android SDK, smali, etc. This shell script is provided as-is without...
WPS attack tool: Penetrator-WPS
This is experimental tool that is capable of attacking multiple WPS-enabled wireless access points in real time Penetrator-WPS utilizes the pixie-dust attack every time it receives M3 message, unless it is disabled with -P – pixie-dust requires pixiewps to be installed. Installation First, you ne...
Office for Mac Macro Payload Generator: MacPhish
Attack vectors There are 4 attack vectors available: beacon creds meterpreter meterpreter-grant For the ‘creds’ method, macphish can generate the Applescript script directly, in case you need to run it from a shell. beacon On execution, this payload will signal our listening host and provide basi...
Process Heap Analysis Framework: Python Haystack
Process Heap Analysis Framework python-haystack is an heap analysis framework, focused on searching and reversing of C structure in allocated memory. The first function/API is the SEARCH function. It gives the ability to search for known record types in a process memory dump or live process’s...
Open Source Incident Management & Response Platform: Cyphon
Open Source Incident Management & Response Platform Cyphon is a big data platform that aggregates, standardizes, and enhances data for easier analysis. Many businesses rely on emails to manage alert notifications, which leaves their networks susceptible to overlooked incidents, alert fatigue and...
VPN daemon written in Go: GoVPN
GoVPN is simple secure virtual private network daemon. It uses Diffie-Hellman Encrypted Key Exchange DH-EKE for mutual zero-knowledge peers authentication and authenticated encrypted data transport. It is written entirely in Go programming language . All packets captured on a network interface ar...
PEI Stage Backdoor for UEFI Compatible Firmware: PeiBackdoor
PEI Stage Backdoor for UEFI Compatible Firmware This project implements early stage firmware backdoor for UEFI based firmware. It allows to execute arbitrary code written in C during Pre EFI Init PEI phase of Platform Initialization PI. This backdoor might be useful for low level manipulations wi...
packETH – Ethernet Packet Generator
packETH Ethernet Packet Generator packETH is GUI and CLI packet generator tool for ethernet. It allows you to create and send any possible packet or sequence of packets on the ethernet link. It is very simple to use, powerful and supports many adjustments of parameters while sending sequence of...
Wireless Network Monitoring Tool: Kismet
Kismet is a network detector, packet sniffer, and intrusion detection system for 802.11 wireless LANs. Kismet will work with any wireless card which supports raw monitoring mode, and can sniff 802.11a, 802.11b, 802.11g, and 802.11n traffic. The program runs under Linux, FreeBSD, NetBSD, OpenBSD,...
File System Crawler: diskover
diskover is an open source file system crawler and disk space usage software that uses Elasticsearch to index and manage data across heterogeneous storage systems. Using diskover, you are able to more effectively search and organize files and system administrators are able to manage storage...
Interface Aware Fuzzing for Kernel Drivers: DIFUZE
Device drivers are an essential part in modern Unix-like systems to handle operations on physical devices, from hard disks and printers to digital cameras and Bluetooth speakers. The surge of new hardware, particularly on mobile devices, introduces an explosive growth of device drivers in system...
Very Fast Network Logon Cracker: THC-Hydra
Very Fast Network Logon Cracker Number one of the biggest security holes are passwords, as every password security study shows. Hydra is a parallized login cracker which supports numerous protocols to attack. New modules are easy to add, beside that, it is flexible and very fast. This fast, and...
WordPress Exploit Framework
WordPress Exploit Framework is a Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems. Requirements Ensure that you have Ruby 2.2.x installed on your system and then install all required dependencies by opening a command...
Packet Capture Generator for IDS: Sniffles
Packet Capture Generator for IDS and Regular Expression Evaluation Sniffles is a tool for creating packet captures that will test IDS that use fixed patterns or regular expressions for detecting suspicious behavior. Sniffles works very simply. It takes a set of regular expressions or rules and...
Find Vulnerable Settings in AD Group Policy: Grouper
Grouper is a slightly wobbly PowerShell module designed for pentesters and redteamers although probably also useful for sysadmins which sifts through the usually very noisy XML output from the Get-GPOReport cmdlet part of Microsoft’s Group Policy module and identifies all the settings defined in...
Automated Information Gathering & Service Enumeration: Reconnoitre
A reconnaissance tool made for the OSCP labs to automate information gathering and service enumeration whilst creating a directory structure to store results, findings and exploits used for each host, recommended commands to execute and directory structures for storing loot and flags. Usage This...
Free Cross Platform Information Sharing: DemonSaw
THE FUTURE OF INFORMATION SHARING Finally, simple and truly secure sharing is available – for free – across every platform Demonsaw is a new type of information sharing application that allows you to share your files securely. It’s the next leap in the evolution of a free internet, and the debut ...
Python Remote Access Tool: Ares
Ares is a Python Remote Access Tool Only use this software according to your current legislation. Misuse of this software can raise legal and ethical issues which I don’t support nor can be held responsible for. Ares is made of two main programs: A Command aNd Control server, which is a Web...
Malware Communication Analyzer: Malcom
Malcom is a tool designed to analyze a system’s network communication using graphical representations of network traffic, and cross-reference them with known malware sources. This comes handy when analyzing how certain malware species try to communicate with the outside world. Malcom can help you...
Domain Name Permutation Engine: dnstwist
Domain Name Permutation Engine Domain name permutation engine for detecting typo squatting, phishing and corporate espionage See what sort of trouble users can get in trying to type your domain name. Find similar-looking domains that adversaries can use to attack you. Can detect typosquatters,...
Free Open Source Face Recognition Neural Network: OpenFace
OpenFace is a Python and Torch implementation of face recognition with deep neural networks and is based on the CVPR 2015 paper FaceNet: A Unified Embedding for Face Recognition and Clustering by Florian Schroff, Dmitry Kalenichenko, and James Philbin at Google. Torch allows the network to be...
Arch Linux Penetration Testers Layer: ArchAssault
Arch Linux Penetration Testers Layer 2014-09-30 – Tyler Bennett We have released a new iso, its updated with our latest tools. We have updated our custom kernel to 3.16.3, as well. We have corrected the size issue on the x8664 ISO, allowing it to be burned to a single layer DVD. Official Note: Th...
Web Application Testing: Vega
Vega is an open source platform to test the security of web applications. Vega can help you find and validate SQL Injections, Cross-Site Scripting XSS, inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows...
Disable Risky Windows Features: Hardentools
Hardentools is a collection of simple utilities designed to disable a number of “features” exposed by operating systems Microsoft Windows, for now, and primary consumer applications. These features, commonly thought for Enterprise customers, are generally useless to regular users and rather pose ...
Distributed YARA Malware Scanning System: KLara project
Klara project is aimed at helping Threat Intelligence researchers hunt for new malware using Yara . In order to hunt efficiently for malware, one needs a large collection of samples to search over. Researchers usually need to fire a Yara rule over a collection / set of malicious files and then ge...
Open Source Database Fuzzing: FuzzDB
FuzzDB is the most comprehensive Open Source database of malicious inputs, predictable resource names, greppable strings for server response messages, and other resources like web shells. It’s like an application security scanner, without the scanner. What’s in FuzzDB? Predictable Resource...
Protection Against Port Scanners: Portspoof
The portspoof program is designed to enhance OS security through emulation of legitimate service signatures on otherwise closed ports. It is meant to be a lightweight, fast, portable and secure addition to the any firewall system or security infrastructure. The general goal of the program is to...
Adversarial Robustness Toolbox: ART
The Adversarial Robustness Toolbox ART, an open source software library, supports both researchers and developers in defending deep neural networks against adversarial attacks, making AI systems more secure. Its purpose is to allow rapid crafting and analysis of attack and defense methods for...
Advanced Network Monitoring & MITM Attack Framework: Bettercap
Evil socket just announced the release of the second generation of bettercap , a complete re-implementation of the most complete and advanced Man-in-the-Middle attack framework. This release not only brings MITM attacks to the next level, but it aims to be the reference framework for network...
Android Security Assessment Framework: drozer
Android Security Assessment Framework drozer formerly Mercury is the leading security testing framework for Android. drozer allows you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps’ IPC endpoints and the...
Firmware File System Extraction: firmwalker
A simple bash script for searching the extracted or mounted firmware file system. It will search through the extracted or mounted firmware file system for things of interest such as: etc/shadow and etc/passwd list out the etc/ssl directory search for SSL related files such as .pem, .crt, etc...
Monitoring Large-Scale Networks: YAF
Monitoring Large-Scale Networks Why does the world need another network flow event generator? yaf was originally intended as an experimental implementation tracking developments in the IETF IPFIX working group, specifically bidirectional flow representation, archival storage formats, and structur...
DNS Enumeration Script: DNSRecon
DNS reconnaissance is part of the information gathering stage on a penetration test engagement. When a penetration tester is performing a DNS reconnaissance he is trying to obtain as much information as he can regarding the DNS servers and their records. The information that can be gathered can...
Website Traffic Visualization: Logstalgia
Website Traffic Visualization Logstalgia is a website traffic visualization that replays or streams web-server access logs as a pong-like battle between the web server and an never ending torrent of requests. Requests appear as colored balls the same color as the host which travel across the scre...
CLI Magic: I Didn’t Know That !
Command Editing Shortcuts Ctrl + a – go to the start of the command line Ctrl + e – go to the end of the command line Ctrl + k – delete from cursor to the end of the command line Ctrl + u – delete from cursor to the start of the command line Ctrl + w – delete from cursor to start of word i.e...