Clik here to view.
[Drozer] The Leading Security Testing Framework for Android.
drozer enables you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps’ IPC endpoints and the underlying OS. drozer...
View ArticleClik here to view.
[Zarp v0.1.3] Local Network Attack Tool
Zarp is a network attack tool centered around the exploitation of local networks. This does not include system exploitation, but rather abusing networking protocols and stacks to take over, infiltrate,...
View ArticleClik here to view.
[Samurai Web Testing Framework v2.1] Live linux environment that has been...
The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that...
View ArticleClik here to view.
[WATOBO 0.9.13] THE Web Application Toolbox
WATOBO is intended to enable security professionals to perform highly efficient (semi-automated) web application security audits. WATOBO works like a local proxy, similar to Webscarab, Paros or...
View ArticleClik here to view.
[Nishang v0.3.0] The PowerShell for Penetration Testing released (introducing...
Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security and post exploitation during Penetraion Tests. The scripts are written on the...
View ArticleClik here to view.
[MISP v2.1] Malware Information Sharing Platform
The problem that we experienced in the past was the difficulty to exchange information about (targeted) malwares and attacks within a group of trusted partners, or a bilateral agreement. Even today...
View ArticleClik here to view.
[Arachni v0.4.4] The Web Application Security Scanner Framework
Arachni is a Free/Open Source project, the code is released under the Apache License Version 2.0 and you are free to use it as you see fit. Initially started as an educational exercise, it has since...
View ArticleClik here to view.
[Auto Rooting v 1.0] Local root [2010 - 2011 - 2012]
Auto Rooting:2.6.32-46-20112.6.37 2.6.332.6.18-164-20102.6.18-1942.6.18-6-x86-20112.6.18-1642.6.18-274-20112.6.28-2011etc... CLICK HERE FOR LOGIN TO ARCHIVEDownload Auto Rooting v 1.0
View ArticleClik here to view.
[IronWASP v0.9.6.5] Open Source Advanced Web Security Testing Platform
IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testing. It is designed to be customizable to the extent where users can...
View ArticleClik here to view.
[Pyew v2.2] A Python tool for static malware analysis
Pyew is a (command line) python tool to analyse malware. It does have support for hexadecimal viewing, disassembly (Intel 16, 32 and 64 bits), PE and ELF file formats (it performs code analysis and let...
View ArticleClik here to view.
[The Burp SessionAuth] Extension for Detection of Possible Privilege...
Normally a web application should identify a logged in user by data which is stored on the server side in some kind of session storage. However, in web application audits someone can often observe...
View ArticleClik here to view.
[Raft v3.0.1] Response Analysis and Further Testing Tool
Not an inspection proxy RAFT is a testing tool for the identification of vulnerabilities in web applications. RAFT is a suite of tools that utilize common shared elements to make testing and analysis...
View ArticleClik here to view.
[Introspy] Monitor app in your iDevice
The Problem In 2013, assessing the security of iOS applications still involves a lot of manual, time-consuming tasks - especially when performing a black-box assessment. Without access to source code,...
View ArticleClik here to view.
[Tunna Framework] Tool designed to bypass firewall restrictions on remote...
Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments. The web application file must be...
View ArticleClik here to view.
[I2P] Anonymizing Network
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is...
View ArticleClik here to view.
[LinEnum] Scripted Local Linux Enumeration & Privilege Escalation Checks
High-level summary of the checks/tasks performed by LinEnum:Kernel and distribution release detailsSystem Information:HostnameNetworking details:Current IPDefault route detailsDNS server...
View ArticleClik here to view.
[Vulscan] Module which enhances nmap to a vulnerability scanner
Vulscan is a module which enhances nmap to a vulnerability scanner. The nmap option -sV enables version detection per service which is used to determine potential flaws according to the identified...
View ArticleClik here to view.
[Malcom] Malware Communication Analyzer
Malcom is a tool designed to analyze a system's network communication using graphical representations of network traffic. This comes handy when analyzing how certain malware species try to communicate...
View ArticleClik here to view.
[The Backdoor Factory] Backdoors win32 PE files
Backdoors win32 PE files, to continue normal file execution (if the shellcode supports it), by patching the exe/dll directly. Some executables have built in protections, as such this will not work on...
View ArticleClik here to view.
[fuzzdb] Attack and Discovery Pattern Database for Application Fuzz Testing
fuzzdb aggregates known attack patterns, predictable resource names, server response messages, and other resources like web shells into the most comprehensive Open Source database of malicious and...
View Article