Active Directory Honeytoken Tripwire: DCEPT

DCEPT D omain C ontroller E nticing P assword T ripwire is a honeytoken-based tripwire for Microsoft’s Active Directory. Honeytokens are pieces of information intentionally littered on system so they can be discovered by an intruder. In the case of DCEPT, the honeytokens are credentials that woul...

Recursively Crawl Single Page Applications: htcap

htcap is a web application scanner able to crawl single page application SPA in a recursive manner by intercepting ajax calls and DOM changes. Htcap is not just another vulnerability scanner since it’s focused mainly on the crawling process and uses external tools to discover vulnerabilities. It’...

Open Source Big Data Analytics and Visualization: Lumify

Open Source Big Data Integration, Analytics, and Visualization Lumify is an open source project big data fusion, analysis, and visualization platform designed for anyone. Its intuitive web-based interface helps users discover connections and explore relationships in their data via a suite of...

Machine Learning Linux IPS: Stratosphere

This is the linux version of the Stratosphere IPS, a behavioral-based intrusion detection and prevention system that uses machine learning algorithms to detect malicious behaviors. It is part of a larger suite of programs that include the Stratosphere Windows IPS and the Stratosphere Testing...

Free Open Source Face Recognition Neural Network: OpenFace

OpenFace is a Python and Torch implementation of face recognition with deep neural networks and is based on the CVPR 2015 paper FaceNet: A Unified Embedding for Face Recognition and Clustering by Florian Schroff, Dmitry Kalenichenko, and James Philbin at Google. Torch allows the network to be...

Analyzing Linux Malware Sandbox: Limon

Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect the Linux malware before execution, during execution, and after execution post-mortem analysis by...

Cross Platform DNS Recon Tool: Sonar

Sonar is a reconnaissance tool for enumerating sub domains. It was modeled after Knock and DNSRecon though explicitly not written in Python to avoid the limitations of threading and dependencies. Sonar is statically compiled meaning it has no dependencies and even dynamically builds the default...

Linux Embedded Firmware Dynamic Analysis: FIRMADYNE

FIRMADYNE is an automated and scalable system for performing emulation and dynamic analysis of Linux-based embedded firmware. It includes the following components: modified kernels MIPS: v2.6.32 , ARM: v4.1 , v3.10 for instrumentation of firmware execution; a userspace NVRAM library to emulate a...

Android Pentesting Portable Integrated Environment: Appie

Appie is a software package that has been pre-configured to function as an Android Pentesting Environment on any windows based machine without the need of a Virtual MachineVM or dualboot. It is completely portable and can be carried on USB stick or your smartphone. It is one of its kind Android...

Protecting Personal Information: Freedom Box

FreedomBox is a personal server that protects your privacy. It hosts on demand applications such as file sharing, shared calendaring, instant messaging, secure voice conference calling, blog and wiki. FreedomBox is a free software stack, a subset of the Debian universal operating system, that can...

Self Hosted Git Service: Gogs

Gogs is a self-hosted Git service written in Go which is very easy to get running and has low system usage as well. It aspires to be the easiest, fastest, and most painless way to set up a self-hosted Git service. With Go, this can be done with an independent binary distribution across ALL...

Awesome Windows Exploitation Resources

A curated list of awesome Windows Exploitation resources. Windows stack overflows Stack Base Overflow Articles. Win32 Buffer Overflows Location, Exploitation and Prevention – by Dark spyrit 1999 Writing Stack Based Overflows on Windows – by Nish Bhalla’s 2005 Windows heap overflows Heap Base...

Powershell Penetration Testing Framework: Pentestly

Python Powershell penetration testing framework Pentestly is a combination of expanding Python tools designed for use in penetration tests. The goal is to utilize a familiar user interface while making contributions to the framework easy with the power of Python. Current features Import NMAP XML...

Damn Vulnerable Web Services: DVWS

Damn Vulnerable Web Services is a vulnerable testing environment that can be used to learn real world web service vulnerabilities. The aim of this project is to aid security professionals in testing their skills and tools in a legal environment. This application is designed to understand the...

Fast and Full Featured SSL Scanner: SSLyze

SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL servers. SSLyze is all Python code but it uses an OpenSSL wrapper...

Python Fuzzing Framework: Kitty

Kitty is an open-source modular and extensible fuzzing framework written in python, inspired by OpenRCE’s Sulley and Michael Eddington’s and now Deja Vu Security’s Peach Fuzzer . Goal The goal of Kitty was to help with fuzzing unusual targets — proprietary and esoteric protocols over non-TCP/IP...

UEFI firmware image viewer and editor: UEFITool

It supports parsing of full BIOS images starting with the flash descriptor or any binary files containing UEFI volumes. Original development was started here at MDL forums as a cross-platform analog to PhoenixTool ‘s structure mode with some additional features, but the program’s engine was prove...

Anonymous VPN Adapter: OnionCat

OnionCat is a VPN -adapter which allows to connect two or more computers or networks through VPN-tunnels. It is designed to use the anonymization networks Tor or I2P as its transport, hence, it provides location-based anonymity while still creating tunnel end points with private unique IP...

Malware Analysis System: Cuckoo Sandbox

Cuckoo Sandbox is an advanced, extremely modular, and 100% open source automated malware analysis system with infinite application opportunities. By default it is able to: Analyze many different malicious files executables, office documents, pdf files, emails, etc as well as malicious websites...

Database Assessment Tool: DbDat

DbDat performs numerous checks on a database to evaluate security. The categories of checks performed are configuration, privileges, users, and information. Checks are performed by running queries or reading database configuration files. The goal of this tool is to highlight issues that need...

Open Source Database Fuzzing: FuzzDB

FuzzDB is the most comprehensive Open Source database of malicious inputs, predictable resource names, greppable strings for server response messages, and other resources like web shells. It’s like an application security scanner, without the scanner. What’s in FuzzDB? Predictable Resource...

Iptables Firewall Generator: FireHOL

FireHOL is an iptables firewall generator producing stateful iptables packet filtering firewalls, on Linux hosts and routers with any number of network interfaces, any number of routes, any number of services served, any number of complexity between variations of the services including positive a...

Cross Platform ELF Analysis: ELF Parser

ELF Parser attempts to move ELF malware analysis forward by quickly providing basic information and static analysis of the binary. The end goal of ELF Parser is to indicate to the analyst if it thinks the binary is malicious / dangerous and if so why. Load Any Executable ELF ELF Parser supports...

Kali Linux: Kill Chain

Kill Chain for Kali Linux 2.0 is a unified console with an anonymizer that will perform these stages of attacks: Reconnaissance Weaponization Delivery Exploit Installation Command & Control And Actions Dependencies: Tor — For the console build in anonymizer. Set — Social-Engineer Toolkit SET,...

Linux Privilege Escalation: RootHelper

Linux Privilege Escalation: Roothelper will aid in the process of privilege escalation on a Linux system that has been compromised, by fetching a number of enumeration and exploit suggestion scripts. The latest version downloads four scripts. Two enumeration shellscripts and two exploit suggester...

RPISEC: Malware Analysis

This material was developed and used by RPISEC to teach Malware Analysis at Rensselaer Polytechnic Institute in Fall 2015. This was a university course developed and run solely by students, primarily using the Practical Malware Analysis book by Michael Sikorski and Andrew Honig, to teach skills i...

Multi protocol Test Suite

MTS Multi protocol Test Suite is a multi protocol testing tool specially designed for telecom IP-based architectures. With MTS Multi protocol Test Suite you get the powerful tool to: Test protocols with functional and regression tests Test load endurance and stress tests Simulate all network...

Shellcode Generator: Venom

Shellcode Generator The script will use msfvenom metasploit to generate shellcode in diferent formats c | python | ruby | dll | msi | hta-psh , injects the shellcode generated into one funtion example: python “the python funtion will execute the shellcode in ram” and uses compilers like: gcc gnu...

Open-Source Phishing Toolkit: gophish

Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily setup and execute hishing engagements and security awareness training. Installing Gophish Using Pre-Built Binaries Gophish is provided as a pre-built binary fo...

Network Security Policy Compiler: Netspoc

Netspoc is free software to manage all the packet filter devices inside your network topology. Filter rules for each device are generated from one central ruleset, using a description of your network topology. Netspoc generates ACLs and static routes for a given network policy, consisting of a se...

Capturing and Analyzing Network Flow Data: Joy

A package for capturing and analyzing network flow data and intraflow data, for network research, forensics, and security monitoring. Joy is a BSD-licensed libpcap-based software package for extracting data features from live network traffic or packet capture pcap files, using a flow-oriented mod...

Network Protocol Fuzzing: boofuzz

Boofuzz is a fork of and the successor to the Sulley fuzzing framework. Besides numerous bug fixes, boofuzz aims for extensibility, with the eventual goal of being able to fuzz literally anything. Sulley has been the preeminent open source fuzzer for some time, but has fallen out of maintenance...

Credit Card Magstripe Spoofer: MagSpoof

MagSpoof is a device that can spoof/emulate any magnetic stripe or credit card. It can work “wirelessly”, even on standard magstripe/credit card readers, by generating a strong electromagnetic field that emulates a traditional magnetic stripe card. MagSpoof does not enable you to use credit cards...

Packet Capture Utility: Stenographer

Stenographer is a full-packet-capture utility for buffering packets to disk for intrusion detection and incident response purposes. It provides a high-performance implementation of NIC-to-disk packet writing, handles deleting those files as disk fills up, and provides methods for reading back...

Kali Linux NetHunter

Official Offensive Security have obsessively been building Kali on weird and wonderful ARM hardware and today, we are proud to reveal their latest creation – the Kali Linux NetHunter. NetHunter is a Android penetration testing platform for Nexus devices built on top of Kali Linux, which includes...

Linux System Call Fuzzer: Trinity

System call fuzzers aren’t a particularly new idea. As far back as 1991, people have written apps that bomb syscall inputs with garbage data, that have had a variety of success in crashing assorted operating systems. After fixing the obvious dumb bugs however, a majority of the time these calls...

DHCP IP exhaustion attack: DHCPwn

DHCPwn is a tool used for testing DHCP IP exhaustion attacks. It can also be used to sniff local DHCP traffic. The DHCP protocol is connectionless and implemented via UDP. These two characteristics allow this attack to be performed. Since there is no actual connection being made between the clien...

Automated DeAuth Attack: zizzania

zizzania sniffs wireless traffic listening for WPA handshakes and dumping only those frames suitable to be decrypted one beacon + EAPOL frames + data. In order to speed up the process, zizzania sends IEEE 802.11 DeAuth frames to the stations whose handshake is needed, properly handling...

Firmware Analysis Tool: Binwalk

Binwalk is a fast, easy to use tool for analyzing and extracting firmware images Firmware Analysis Tool Binwalk is: Fast Flexible Extendable Easy to use Binwalk can: Find and extract interesting files / data from binary images Find and extract raw compression streams Identify opcodes for a variet...

Sandboxed Execution Environment: SEE

Sandboxed Execution Environment SEE is a framework for building test automation in secured Environments. The Sandboxes, provided via libvirt, are customizable allowing high degree of flexibility. Different type of Hypervisors Qemu, VirtualBox, LXC can be employed to run the Test Environments...

Modern Vulnerable Web App: Hackazon

Hackazon is a free, vulnerable test site that is an online storefront built with the same technologies used in today’s rich client and mobile applications. Hackazon has an AJAX interface, strict workflows and RESTful API’s used by a companion mobile app providing uniquely-effective training and...

Damn Vulnerable Node Application: DVNA

Damn Vulnerable Node Application DVNA is a node.js web application that is damn vulnerable. Its main goal is to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and to aid...

Dynamic Shellcode Injection: Shellter

Shellter is a dynamic shellcode injection tool, and probably the first dynamic PE infector ever created. It can be used in order to inject shellcode into native Windows applications currently 32-bit apps only. The shellcode can be something yours or something generated through a framework, such a...

Fast Packet Networking Toolkit: Snabb Switch

Snabb Switch is open source software for solving novel problems in networking. Blending the latest techniques for high-performance x86 packet processing together with a high-level LuaJIT programming interface. The goal is to offer the easiest way to create and deploy new network functions in larg...

Flexible DDoS Defense: Bohatei

DDoS defense today relies on expensive and proprietary hardware appliances deployed at fixed locations. This introduces key limitations with respect to flexibility e.g., complex routing to get traffic to these “chokepoints” and elasticity in handling changing attack patterns. We observe an...

Private Messaging System: Vuvuzela

Vuvuzela is a messaging system that protects the privacy of message contents and message metadata. Users communicating through Vuvuzela do not reveal who they are talking to, even in the presence of powerful nation-state adversaries. Vuvuzela is the first system that provides strong metadata...

Fastest Internet Port Scanner: MASSCAN

This is the fastest Internet port scanner. It can scan the entire Internet in under 6 minutes, transmitting 10 million packets per second. It produces results similar to nmap , the most famous port scanner. Internally, it operates more like scanrand , unicornscan , and ZMap , using asynchronous...

Offensive Powershell Console: PSPunch

PSPunch combines some of the best projects in the infosec powershell community into a self contained executable. It’s designed to evade antivirus and Incident Response teams. 1. It doesn’t rely on powershell.exe. Instead it calls powershell directly through the dotNet framework. 2. The modules th...

Automatic SQL Database Injection: jSQL Injection

jSQL Injection is a lightweight application used to find database information from a distant server. Tool is free, open source and cross-platform Windows, Linux, Mac OS X, Solaris. Features: GET, POST, header, cookie methods Normal, error based, blind, time based algorithms Automatic best algorit...

Volatile Memory Extraction: The Volatility Framework

The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory RAM samples. The extraction techniques are performed completely independent of the system being investigated...