1052 matches found
Create a Fake AP and Sniff Data: mitmAP
A python program to create a fake AP and sniff data new in 2.0: SSLstrip2 for HSTS bypass Image capture with Driftnet TShark for command line .pcap capture Features: SSLstrip2 Driftnet Tshark Full featured access point, with configurable speed limit mitmproxy Wireshark DNS Spoofing Saving results...
Windows Exploit Suggester
Windows Exploit Suggester This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins. Windows...
Mobile Application Reverse Engineering: MARA
Mobile Application Reverse engineering and Analysis Framework MARA is a M obile A pplication R everse engineering and A nalysis Framework. It is a tool that puts together commonly used mobile application reverse engineering tools, in order to make the task or reverse engineering and analysis easi...
Ruby Web Applications Vulnerability Scanner: Yasuo
Ruby Web Applications Vulnerability Scanner Yasuo is a ruby script that scans for vulnerable 3rd-party web applications While working on a network security assessment internal, external, redteam gigs etc., we often come across vulnerable 3rd-party web applications or web front-ends that allow us ...
Distributed Network Vulnerability Scanner: Prowler
Prowler is a Network Vulnerability Scanner implemented on a Raspberry Pi Cluster, first developed during Singapore Infosec Community Hackathon – HackSmith v1.0. Capabilities Scan a network a particular subnet or a list of IP addresses for all IP addresses associated with active network devices...
Python Network Recon Framework: ivre
IVRE Instrument de veille sur les réseaux extérieurs or DRUNK Dynamic Recon of UNKnown networks is a network recon framework, including two modules for passive recon one p0f -based and one Bro -based and one module for active recon mostly Nmap -based, with a bit of ZMap . External programs /...
Network Anti-Reconnaissance Tool: Nova
Nova: Network Anti-Reconnaissance Tool The Network Obfuscation and Virtualized Anti-Reconnaissance Nova system is an open-source software tool developed to detect network based reconnaissance efforts, to deny the attacker access to real network data while providing false information regarding the...
RF Fuzzing Framework: TumbleRF
TumbleRF is a framework that orchestrates the application of fuzzing techniques to RF systems. While fuzzing has always been a powerful mechanism for fingerprinting and enumerating bugs within software systems, the application of these techniques to wireless and hardware systems has historically...
Open Distributed Threat Intelligence: Yeti
Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository. Yeti will also automatically enrich observables e.g. resolve domains, geolocate IPs so that you don’t have to. Yeti provides an interface for humans shiny...
TOR Mail Encrypted Server: OnionMail
TOR Mail Encrypted Server for Hidden Services OnionMail is an anonymous, encrypted mail server made to run on TOR network without losing the ability to communicate with the Internet. All OnionMail servers are configured as TOR hidden services and use SSL via STARTTLS. To use OnionMail all you nee...
SSL and TLS protocol test suite and fuzzer: tlsfuzzer
tlsfuzzer is a combination of TLS test framework, ready-to-use tests and hopefully in the future a fuzzer for TLS protocol. The aim is to have ability to test TLS implementation everywhere a fairly recent version of Python can run 2.6, 3.2 or later. Current implementation efforts focus on testing...
Injecting Fake Updates: Evilgrade
Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. It comes with pre-made binaries agents, a working default configuration for fast pentests, and has it’s own WebServer and DNSServer modules. Easy to set up new...
Pure python post-exploitation RAT for macOS & OSX: EvilOSX
A pure python, post-exploitation, RAT Remote Administration Tool for macOS / OSX. Features Emulate a simple terminal instance Undetected by anti-virus OpenSSL AES-256 encrypted payloads, HTTPS communication Multi-threaded No client dependencies pure python Persistent Simple extendable module syst...
Qt C++ radare2 GUI: Cutter
A Qt and C++ GUI for radare2 reverse engineering framework originally named Iaito. Cutter is not aimed at existing radare2 users. It instead focuses on those whose are not yet radare2 users because of the learning curve, because they don’t like CLI applications or because of the...
The Windows Malware Analysis Distribution: flare-vm
FLARE VM is a freely available and open sourced Windows-based security distribution designed for reverse engineers, malware analysts, incident responders, forensicators, and penetration testers. Inspired by open-source Linux-based security distributions like Kali Linux, REMnux and others, FLARE V...
Automated DLL Enumerator: rattler
Rattler helps identify which application DLL’s are vulnerable to DLL preloading attacks. In a nutshell, DLL preloading attacks allow you to trick applications into loading and executing malicious DLL’s. DLL preloading attacks can result in escalation of privileges, persistence and RCE in some...
Intrusion Detection Avoidance Payload Generator: NPS_Payload
This script will generate payloads for basic intrusion detection avoidance. It utilizes publicly demonstrated techniques from several different sources. Written by Larry Spohn @Spoonman1091 Payload written by Ben Mauch @Ben0xA aka dirtyben. This tool provides a way to generate a PowerShell payloa...
Simple Snort Installation: Snorter
Simple Snort Installation Tricky script which mades Snort installation simply as a script execution is. The script installs: Snort : Open Source IDS. Barnyard2 : Interpreter for Snort unified2 binary output files. PulledPork : Snort rule management. WebSnort : Web Interface for PCAP analysis...
Open Source Firewall: OPNsense
Open Source Firewall: OPNsense OPNsense is an open source, easy-to-use and easy-to-build FreeBSD based firewall and routing platform. OPNsense includes most of the features available in expensive commercial firewalls, and more in many cases. It brings the rich feature set of commercial offerings...
Binary Analysis IDE: BinDiff
BinDiff is a comparison tool for binary files that helps to quickly find differences and similarities in disassembled code. It is used by security researchers and engineers across the globe to identify and isolate fixes for vulnerabilities in vendor-supplied patches and to analyze multiple versio...
Fast Packet Networking Toolkit: Snabb Switch
Snabb Switch is open source software for solving novel problems in networking. Blending the latest techniques for high-performance x86 packet processing together with a high-level LuaJIT programming interface. The goal is to offer the easiest way to create and deploy new network functions in larg...
Network Forensic Analysis Tool: Xplico
The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email POP, IMAP, and SMTP protocols, all HTTP contents, each VoIP call SIP, FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is ...
Tor Messenger
Tor Project launched its first beta version of Tor Messenger – its long-in-the-works, open source instant messenger client based on Instantbird. The Messenger is designed for both simplicity and privacy by default: It integrates the “Off-the-Record” OTR protocol to encrypt messages and routes the...
Automated basic digital reconnaissance: InstaRecon
Automated basic digital reconnaissance Great for getting an initial footprint of your targets and discovering additional subdomains. InstaRecon will do: DNS direct, PTR, MX, NS lookups Whois domains and IP lookups Google dorks in search of subdomains Shodan lookups Reverse DNS lookups on entire...
Advanced Man in the Middle Attack Framework: Evilginx
Evilginx is an attack framework for setting up phishing pages. Instead of serving templates of sign-in pages lookalikes, Evilginx becomes a relay between the real website and the phished user . Phished user interacts with the real website, while Evilginx captures all the data being transmitted...
Twitter OSINT Tool Tinfoleak
tinfoleak is an open-source tool within the OSINT Open Source Intelligence and SOCMINT Social Media Intelligence disciplines, that automates the extraction of information on Twitter and facilitates subsequent analysis for the generation of intelligence. Taking a user identifier, geographic...
Advanced Policy Firewall: APF
Advanced Policy Firewall APF is an iptablesnetfilter based firewall system designed around the essential needs of today’s Internet deployed servers and the unique needs of custom deployed Linux installations. The configuration of APF is designed to be very informative and present the user with an...
Distributed nmap Framework: dnmap
dnmap is a framework to distribute nmap scans among several clients. It reads an already created file with nmap commands and send those commands to each client connected to it. The framework use a client/server architecture. The server knows what to do and the clients do it. All the logic and...
Track People on the Internet: trape
Trape is a OSINT analysis and research tool, which allows people to track and execute intelligent social engineering attacks in real time. It was created with the aim of teaching the world how large Internet companies could obtain confidential information such as the status of sessions of their...
Python Pentesting Framework: PytheM
pythem is a multi-purpose pentest framework written in Python. It has been developed to be used by security researchers and security professionals. The tool intended to be used only for acts within the law. I am not liable for any undue and unlawful act practiced by this tool, for more informatio...
Distributed, Search Optimized Full Packet Capture System: PCAPDB
Distributed, Search Optimized Full Packet Capture System PcapDB is a distributed, search-optimized open source packet capture system. It was designed to replace expensive, commercial appliances with off-the-shelf hardware and a free, easy to manage software system. Captured packets are reorganize...
Node.js Security Scanner: Web Exploit Detector
Node.js Security Scanner: Web Exploit Detector The Web Exploit Detector is a Node.js application and NPM module used to detect possible infections, malicious code and suspicious files in web hosting environments. This application is intended to be run on web servers hosting one or more websites...
Gateway Edge Service: Zuul
Zuul is a gateway service that provides dynamic routing, monitoring, resiliency, security, and more. Zuul is the front door for all requests from devices and web sites to the backend of the Netflix streaming application. As an edge service application, Zuul is built to enable dynamic routing,...
Object Scanning System: Laika BOSS
Laika is an object scanner and intrusion detection system that strives to achieve the following goals: Scalable Work across multiple systems High volume of input from many sources Flexible Modular architecture Highly configurable dispatching and dispositioning logic Tactical code insertion withou...
Kali Linux
Kali Linux Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security Ltd. Mati Aharoni, Devon Kearns and Raphaël Hertzog are the core developers. Kali Linux is preinstalled with over 300...
OpenGraphiti: Data Visualization Engine
OpenGraphiti is a free and open source 3D data visualization engine for data scientists to visualize semantic networks and to work with them. It offers an easy-to-use API with several associated libraries to create custom-made datasets. It leverages the power of GPUs to process and explore the da...
Next Generation Snort IPS: Snort3
The Snort++ project has been hard at work for a while now and we have released the third alpha of the next generation Snort IPS Intrusion Prevention System. This file will show you what Snort++ has to offer and guide you through the steps from download to demo. If you are unfamiliar with Snort yo...
Modern Honeypot Network
Modern Honeypot Network Multi-snort and honeypot sensor management, uses a network of VMs, small footprint SNORT installations, stealthy dionaeas, and a centralized server for management. Honeypot Deployed sensors with intrusion detection software installed: Snort, Kippo, Conpot, and Dionaea...
Web Application Security Scanner: w3af
w3af is a Web Application Attack and Audit Framework The project’s goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. Identify and exploit a SQL injection One of the most difficult parts of securing your application is to identify the...
Search Engine For Hackers: OSINT SPY
Performs OSINT scan on email/domain/ipaddress/organization using OSINT-SPY. It can be used by Data Miners, Infosec Researchers, Penetration Testers and cyber crime investigator in order to find deep information about their target. It includes gathering data from various public sources and their...
Pharos Static Binary Analysis Framework
The Pharos static binary analysis framework is a project of the Software Engineering Institute at Carnegie Mellon University. The framework is designed to facilitate the automated analysis of binary programs. It uses the ROSE compiler infrastructure developed by Lawrence Livermore National...
Network File System Monitor: nfstrace
Network File System Monitor NFS and CIFS tracing/monitoring/capturing/analyzing tool It performs live Ethernet 1 Gbps – 10 Gbps packets capturing and helps to determine NFS/CIFS procedures in raw network traffic. Furthermore, it performs filtration, dumping, compression, statistical analysis,...
Usermode Archive Sandbox: ZipJail
Usermode Archive Sandbox ZipJail is a usermode sandbox for unpacking archives using the unzip , rar , 7z , and unace utilities. Through the use of the tracy library it limits the attack surfaces to an absolute minimum in case a malicious archive tries to exploit known or unknown vulnerabilities i...
Analyzing Linux Malware Sandbox: Limon
Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect the Linux malware before execution, during execution, and after execution post-mortem analysis by...
Stealthy PHP Web Shell Backdoor: Weevely
Stealthy PHP Web Shell Backdoor Weevely is a command line web shell dinamically extended over the network at runtime used for administration and pen testing of remote web accesses. It provides a weaponized telnet-like console through a PHP script running on the target, even in restricted...
Free Fast Traffic Generator: Mausezahn
Mausezahn is a free fast traffic generator written in C which allows you to send nearly every possible and impossible packet. It is mainly used to test VoIP or multicast networks but also for security audits to check whether your systems are hardened enough for specific attacks. Mausezahn can be...
Automated Android Malware Analysis: CuckooDroid
CuckooDroid is an extension of Cuckoo Sandbox the Open Source software for automating analysis of suspicious files. CuckooDroid brigs to cuckoo the capabilities of execution and analysis of android application. CuckooDroid is an automated, cross-platform, emulation and analysis framework based on...
Public Port Scan Scrapper: scanless
Public Port Scan Scrapper Command-line utility for using websites that can perform port scans on your behalf. Useful for early stages of a penetration test or if you’d like to run a port scan on a host and have it not come from your IP address. scanless adj: lacking respectable morals. That girl ...
Auditing CAN Devices: CANSPY
A Platform for Auditing CAN Devices In the past few years, several tools have been released allowing hobbyists to connect to CAN buses found in cars. This is welcomed as the CAN protocol is becoming the backbone for embedded computers found in smartcars. Its use is now even spreading outside the...
High Precision WiFi Indoor Positioning Framework: FIND
High Precision WiFi Indoor Positioning Framework The Framework for Internal Navigation and Discovery FIND allows you to use your Android smartphone or WiFi-enabled computer laptop or Raspberry Pi or etc. to determine your position within your home or office. You can easily use this system in plac...