Lucene search
K
N0whereMost viewed

1052 matches found

n0where
n0where
added 2017/08/15 6:20 a.m.50 views

Create a Fake AP and Sniff Data: mitmAP

A python program to create a fake AP and sniff data new in 2.0: SSLstrip2 for HSTS bypass Image capture with Driftnet TShark for command line .pcap capture Features: SSLstrip2 Driftnet Tshark Full featured access point, with configurable speed limit mitmproxy Wireshark DNS Spoofing Saving results...

0.8AI score
Exploits0References1
n0where
n0where
added 2017/01/31 5:6 a.m.50 views

Windows Exploit Suggester

Windows Exploit Suggester This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins. Windows...

0.2AI score
Exploits0References1
n0where
n0where
added 2016/12/13 3:29 a.m.50 views

Mobile Application Reverse Engineering: MARA

Mobile Application Reverse engineering and Analysis Framework MARA is a M obile A pplication R everse engineering and A nalysis Framework. It is a tool that puts together commonly used mobile application reverse engineering tools, in order to make the task or reverse engineering and analysis easi...

3.6AI score
Exploits0References14
n0where
n0where
added 2015/05/30 4:30 p.m.50 views

Ruby Web Applications Vulnerability Scanner: Yasuo

Ruby Web Applications Vulnerability Scanner Yasuo is a ruby script that scans for vulnerable 3rd-party web applications While working on a network security assessment internal, external, redteam gigs etc., we often come across vulnerable 3rd-party web applications or web front-ends that allow us ...

8.5AI score
Exploits0References1
n0where
n0where
added 2018/03/22 5:15 a.m.49 views

Distributed Network Vulnerability Scanner: Prowler

Prowler is a Network Vulnerability Scanner implemented on a Raspberry Pi Cluster, first developed during Singapore Infosec Community Hackathon – HackSmith v1.0. Capabilities Scan a network a particular subnet or a list of IP addresses for all IP addresses associated with active network devices...

7.5AI score
Exploits0References2
n0where
n0where
added 2015/07/14 5:41 p.m.49 views

Python Network Recon Framework: ivre

IVRE Instrument de veille sur les réseaux extérieurs or DRUNK Dynamic Recon of UNKnown networks is a network recon framework, including two modules for passive recon one p0f -based and one Bro -based and one module for active recon mostly Nmap -based, with a bit of ZMap . External programs /...

0.1AI score
Exploits0References2
n0where
n0where
added 2013/01/04 11:10 p.m.49 views

Network Anti-Reconnaissance Tool: Nova

Nova: Network Anti-Reconnaissance Tool The Network Obfuscation and Virtualized Anti-Reconnaissance Nova system is an open-source software tool developed to detect network based reconnaissance efforts, to deny the attacker access to real network data while providing false information regarding the...

0.8AI score
Exploits0References1
n0where
n0where
added 2018/06/20 6:34 p.m.48 views

RF Fuzzing Framework: TumbleRF

TumbleRF is a framework that orchestrates the application of fuzzing techniques to RF systems. While fuzzing has always been a powerful mechanism for fingerprinting and enumerating bugs within software systems, the application of these techniques to wireless and hardware systems has historically...

7.2AI score
Exploits0References2
n0where
n0where
added 2017/08/15 6:30 a.m.48 views

Open Distributed Threat Intelligence: Yeti

Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository. Yeti will also automatically enrich observables e.g. resolve domains, geolocate IPs so that you don’t have to. Yeti provides an interface for humans shiny...

7.1AI score
Exploits0References2
n0where
n0where
added 2016/05/25 4:22 p.m.48 views

TOR Mail Encrypted Server: OnionMail

TOR Mail Encrypted Server for Hidden Services OnionMail is an anonymous, encrypted mail server made to run on TOR network without losing the ability to communicate with the Internet. All OnionMail servers are configured as TOR hidden services and use SSL via STARTTLS. To use OnionMail all you nee...

0.9AI score
Exploits0References1
n0where
n0where
added 2015/11/04 11:19 p.m.48 views

SSL and TLS protocol test suite and fuzzer: tlsfuzzer

tlsfuzzer is a combination of TLS test framework, ready-to-use tests and hopefully in the future a fuzzer for TLS protocol. The aim is to have ability to test TLS implementation everywhere a fairly recent version of Python can run 2.6, 3.2 or later. Current implementation efforts focus on testing...

7.2AI score
Exploits0References1
n0where
n0where
added 2010/11/07 8:41 p.m.48 views

Injecting Fake Updates: Evilgrade

Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. It comes with pre-made binaries agents, a working default configuration for fast pentests, and has it’s own WebServer and DNSServer modules. Easy to set up new...

0.8AI score
Exploits0References1
n0where
n0where
added 2018/06/18 8:34 p.m.47 views

Pure python post-exploitation RAT for macOS & OSX: EvilOSX

A pure python, post-exploitation, RAT Remote Administration Tool for macOS / OSX. Features Emulate a simple terminal instance Undetected by anti-virus OpenSSL AES-256 encrypted payloads, HTTPS communication Multi-threaded No client dependencies pure python Persistent Simple extendable module syst...

Exploits0References2
n0where
n0where
added 2017/12/11 4:56 p.m.47 views

Qt C++ radare2 GUI: Cutter

A Qt and C++ GUI for radare2 reverse engineering framework originally named Iaito. Cutter is not aimed at existing radare2 users. It instead focuses on those whose are not yet radare2 users because of the learning curve, because they don’t like CLI applications or because of the...

2AI score
Exploits0References1
n0where
n0where
added 2017/08/07 9:35 p.m.47 views

The Windows Malware Analysis Distribution: flare-vm

FLARE VM is a freely available and open sourced Windows-based security distribution designed for reverse engineers, malware analysts, incident responders, forensicators, and penetration testers. Inspired by open-source Linux-based security distributions like Kali Linux, REMnux and others, FLARE V...

0.2AI score
Exploits0References2
n0where
n0where
added 2017/08/07 7:25 p.m.47 views

Automated DLL Enumerator: rattler

Rattler helps identify which application DLL’s are vulnerable to DLL preloading attacks. In a nutshell, DLL preloading attacks allow you to trick applications into loading and executing malicious DLL’s. DLL preloading attacks can result in escalation of privileges, persistence and RCE in some...

0.4AI score
Exploits0References1
n0where
n0where
added 2017/08/07 6:58 p.m.47 views

Intrusion Detection Avoidance Payload Generator: NPS_Payload

This script will generate payloads for basic intrusion detection avoidance. It utilizes publicly demonstrated techniques from several different sources. Written by Larry Spohn @Spoonman1091 Payload written by Ben Mauch @Ben0xA aka dirtyben. This tool provides a way to generate a PowerShell payloa...

1.8AI score
Exploits0References3
n0where
n0where
added 2017/05/09 4:18 a.m.47 views

Simple Snort Installation: Snorter

Simple Snort Installation Tricky script which mades Snort installation simply as a script execution is. The script installs: Snort : Open Source IDS. Barnyard2 : Interpreter for Snort unified2 binary output files. PulledPork : Snort rule management. WebSnort : Web Interface for PCAP analysis...

0.1AI score
Exploits0References5
n0where
n0where
added 2017/02/02 5:20 a.m.47 views

Open Source Firewall: OPNsense

Open Source Firewall: OPNsense OPNsense is an open source, easy-to-use and easy-to-build FreeBSD based firewall and routing platform. OPNsense includes most of the features available in expensive commercial firewalls, and more in many cases. It brings the rich feature set of commercial offerings...

0.4AI score
Exploits0
n0where
n0where
added 2016/03/21 4:3 a.m.47 views

Binary Analysis IDE: BinDiff

BinDiff is a comparison tool for binary files that helps to quickly find differences and similarities in disassembled code. It is used by security researchers and engineers across the globe to identify and isolate fixes for vulnerabilities in vendor-supplied patches and to analyze multiple versio...

0.6AI score
Exploits0References1
n0where
n0where
added 2015/12/11 1:34 a.m.47 views

Fast Packet Networking Toolkit: Snabb Switch

Snabb Switch is open source software for solving novel problems in networking. Blending the latest techniques for high-performance x86 packet processing together with a high-level LuaJIT programming interface. The goal is to offer the easiest way to create and deploy new network functions in larg...

6.8AI score
Exploits0References7
n0where
n0where
added 2015/11/04 10:26 p.m.47 views

Network Forensic Analysis Tool: Xplico

The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email POP, IMAP, and SMTP protocols, all HTTP contents, each VoIP call SIP, FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is ...

0.1AI score
Exploits0
n0where
n0where
added 2015/10/30 2:15 a.m.47 views

Tor Messenger

Tor Project launched its first beta version of Tor Messenger – its long-in-the-works, open source instant messenger client based on Instantbird. The Messenger is designed for both simplicity and privacy by default: It integrates the “Off-the-Record” OTR protocol to encrypt messages and routes the...

1AI score
Exploits0References2
n0where
n0where
added 2015/05/26 12:32 a.m.47 views

Automated basic digital reconnaissance: InstaRecon

Automated basic digital reconnaissance Great for getting an initial footprint of your targets and discovering additional subdomains. InstaRecon will do: DNS direct, PTR, MX, NS lookups Whois domains and IP lookups Google dorks in search of subdomains Shodan lookups Reverse DNS lookups on entire...

0.5AI score
Exploits0References3
n0where
n0where
added 2018/08/01 3:1 p.m.46 views

Advanced Man in the Middle Attack Framework: Evilginx

Evilginx is an attack framework for setting up phishing pages. Instead of serving templates of sign-in pages lookalikes, Evilginx becomes a relay between the real website and the phished user . Phished user interacts with the real website, while Evilginx captures all the data being transmitted...

0.7AI score
Exploits0References1
n0where
n0where
added 2017/10/02 4:13 a.m.46 views

Twitter OSINT Tool Tinfoleak

tinfoleak is an open-source tool within the OSINT Open Source Intelligence and SOCMINT Social Media Intelligence disciplines, that automates the extraction of information on Twitter and facilitates subsequent analysis for the generation of intelligence. Taking a user identifier, geographic...

0.2AI score
Exploits0
n0where
n0where
added 2017/09/26 4:54 a.m.46 views

Advanced Policy Firewall: APF

Advanced Policy Firewall APF is an iptablesnetfilter based firewall system designed around the essential needs of today’s Internet deployed servers and the unique needs of custom deployed Linux installations. The configuration of APF is designed to be very informative and present the user with an...

7.1AI score
Exploits0References1
n0where
n0where
added 2012/03/27 10:32 p.m.46 views

Distributed nmap Framework: dnmap

dnmap is a framework to distribute nmap scans among several clients. It reads an already created file with nmap commands and send those commands to each client connected to it. The framework use a client/server architecture. The server knows what to do and the clients do it. All the logic and...

0.3AI score
Exploits0
n0where
n0where
added 2018/11/26 8:17 a.m.45 views

Track People on the Internet: trape

Trape is a OSINT analysis and research tool, which allows people to track and execute intelligent social engineering attacks in real time. It was created with the aim of teaching the world how large Internet companies could obtain confidential information such as the status of sessions of their...

0.6AI score
Exploits0References1
n0where
n0where
added 2017/08/15 4:11 a.m.45 views

Python Pentesting Framework: PytheM

pythem is a multi-purpose pentest framework written in Python. It has been developed to be used by security researchers and security professionals. The tool intended to be used only for acts within the law. I am not liable for any undue and unlawful act practiced by this tool, for more informatio...

7.2AI score
Exploits0References2
n0where
n0where
added 2017/06/02 6:36 p.m.45 views

Distributed, Search Optimized Full Packet Capture System: PCAPDB

Distributed, Search Optimized Full Packet Capture System PcapDB is a distributed, search-optimized open source packet capture system. It was designed to replace expensive, commercial appliances with off-the-shelf hardware and a free, easy to manage software system. Captured packets are reorganize...

6.9AI score
Exploits0References2
n0where
n0where
added 2017/04/26 4:42 p.m.45 views

Node.js Security Scanner: Web Exploit Detector

Node.js Security Scanner: Web Exploit Detector The Web Exploit Detector is a Node.js application and NPM module used to detect possible infections, malicious code and suspicious files in web hosting environments. This application is intended to be run on web servers hosting one or more websites...

6.7AI score
Exploits0References1
n0where
n0where
added 2016/04/19 8:40 p.m.45 views

Gateway Edge Service: Zuul

Zuul is a gateway service that provides dynamic routing, monitoring, resiliency, security, and more. Zuul is the front door for all requests from devices and web sites to the backend of the Netflix streaming application. As an edge service application, Zuul is built to enable dynamic routing,...

7.9AI score
Exploits0References2
n0where
n0where
added 2015/08/07 10:24 p.m.45 views

Object Scanning System: Laika BOSS

Laika is an object scanner and intrusion detection system that strives to achieve the following goals: Scalable Work across multiple systems High volume of input from many sources Flexible Modular architecture Highly configurable dispatching and dispositioning logic Tactical code insertion withou...

0.8AI score
Exploits0References2
n0where
n0where
added 2015/02/09 4:0 p.m.45 views

Kali Linux

Kali Linux Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security Ltd. Mati Aharoni, Devon Kearns and Raphaël Hertzog are the core developers. Kali Linux is preinstalled with over 300...

7.5AI score
Exploits0References1
n0where
n0where
added 2015/01/13 10:57 p.m.45 views

OpenGraphiti: Data Visualization Engine

OpenGraphiti is a free and open source 3D data visualization engine for data scientists to visualize semantic networks and to work with them. It offers an easy-to-use API with several associated libraries to create custom-made datasets. It leverages the power of GPUs to process and explore the da...

0.3AI score
Exploits0References3
n0where
n0where
added 2014/12/12 10:47 a.m.45 views

Next Generation Snort IPS: Snort3

The Snort++ project has been hard at work for a while now and we have released the third alpha of the next generation Snort IPS Intrusion Prevention System. This file will show you what Snort++ has to offer and guide you through the steps from download to demo. If you are unfamiliar with Snort yo...

6.9AI score
Exploits0References3
n0where
n0where
added 2014/08/01 2:36 p.m.45 views

Modern Honeypot Network

Modern Honeypot Network Multi-snort and honeypot sensor management, uses a network of VMs, small footprint SNORT installations, stealthy dionaeas, and a centralized server for management. Honeypot Deployed sensors with intrusion detection software installed: Snort, Kippo, Conpot, and Dionaea...

7.5AI score
Exploits0References2
n0where
n0where
added 2010/06/25 8:53 p.m.45 views

Web Application Security Scanner: w3af

w3af is a Web Application Attack and Audit Framework The project’s goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. Identify and exploit a SQL injection One of the most difficult parts of securing your application is to identify the...

8.1AI score
Exploits0References1
n0where
n0where
added 2017/09/19 6:23 a.m.44 views

Search Engine For Hackers: OSINT SPY

Performs OSINT scan on email/domain/ipaddress/organization using OSINT-SPY. It can be used by Data Miners, Infosec Researchers, Penetration Testers and cyber crime investigator in order to find deep information about their target. It includes gathering data from various public sources and their...

0.2AI score
Exploits0References1
n0where
n0where
added 2017/09/06 3:41 a.m.44 views

Pharos Static Binary Analysis Framework

The Pharos static binary analysis framework is a project of the Software Engineering Institute at Carnegie Mellon University. The framework is designed to facilitate the automated analysis of binary programs. It uses the ROSE compiler infrastructure developed by Lawrence Livermore National...

7.2AI score
Exploits0References4
n0where
n0where
added 2017/03/13 6:10 a.m.44 views

Network File System Monitor: nfstrace

Network File System Monitor NFS and CIFS tracing/monitoring/capturing/analyzing tool It performs live Ethernet 1 Gbps – 10 Gbps packets capturing and helps to determine NFS/CIFS procedures in raw network traffic. Furthermore, it performs filtration, dumping, compression, statistical analysis,...

2.3AI score
Exploits0References2
n0where
n0where
added 2016/09/04 9:21 p.m.44 views

Usermode Archive Sandbox: ZipJail

Usermode Archive Sandbox ZipJail is a usermode sandbox for unpacking archives using the unzip , rar , 7z , and unace utilities. Through the use of the tracy library it limits the attack surfaces to an absolute minimum in case a malicious archive tries to exploit known or unknown vulnerabilities i...

0.7AI score
Exploits0References1
n0where
n0where
added 2016/02/29 6:17 p.m.44 views

Analyzing Linux Malware Sandbox: Limon

Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect the Linux malware before execution, during execution, and after execution post-mortem analysis by...

7.6AI score
Exploits0References2
n0where
n0where
added 2015/07/02 10:56 a.m.44 views

Stealthy PHP Web Shell Backdoor: Weevely

Stealthy PHP Web Shell Backdoor Weevely is a command line web shell dinamically extended over the network at runtime used for administration and pen testing of remote web accesses. It provides a weaponized telnet-like console through a PHP script running on the target, even in restricted...

0.1AI score
Exploits0References8
n0where
n0where
added 2011/01/26 11:8 p.m.44 views

Free Fast Traffic Generator: Mausezahn

Mausezahn is a free fast traffic generator written in C which allows you to send nearly every possible and impossible packet. It is mainly used to test VoIP or multicast networks but also for security audits to check whether your systems are hardened enough for specific attacks. Mausezahn can be...

0.3AI score
Exploits0
n0where
n0where
added 2017/08/15 1:59 a.m.43 views

Automated Android Malware Analysis: CuckooDroid

CuckooDroid is an extension of Cuckoo Sandbox the Open Source software for automating analysis of suspicious files. CuckooDroid brigs to cuckoo the capabilities of execution and analysis of android application. CuckooDroid is an automated, cross-platform, emulation and analysis framework based on...

1.1AI score
Exploits0References1
n0where
n0where
added 2017/05/08 4:18 a.m.43 views

Public Port Scan Scrapper: scanless

Public Port Scan Scrapper Command-line utility for using websites that can perform port scans on your behalf. Useful for early stages of a penetration test or if you’d like to run a port scan on a host and have it not come from your IP address. scanless adj: lacking respectable morals. That girl ...

7.2AI score
Exploits0References1
n0where
n0where
added 2016/10/25 5:39 a.m.43 views

Auditing CAN Devices: CANSPY

A Platform for Auditing CAN Devices In the past few years, several tools have been released allowing hobbyists to connect to CAN buses found in cars. This is welcomed as the CAN protocol is becoming the backbone for embedded computers found in smartcars. Its use is now even spreading outside the...

0.2AI score
Exploits0References1
n0where
n0where
added 2016/10/07 3:31 a.m.43 views

High Precision WiFi Indoor Positioning Framework: FIND

High Precision WiFi Indoor Positioning Framework The Framework for Internal Navigation and Discovery FIND allows you to use your Android smartphone or WiFi-enabled computer laptop or Raspberry Pi or etc. to determine your position within your home or office. You can easily use this system in plac...

6.4AI score
Exploits0References3
Total number of security vulnerabilities1052