Clik here to view.
Phan - Static Analyzer For PHP
Phan is a static analyzer for PHP. Getting it running Phan requires PHP 7+ with the php-ast extension loaded. The code you analyze can be written for any version of PHP. To get phan running; Clone the...
View ArticleClik here to view.
Cookiescanner - Tool to Check the Cookie Flag for a Multiple Sites
Tool to do more easy the web scan proccess to check if the secure and HTTPOnly flags are enabled in the cookies (path and expires too).This tools allows probe multiple urls through a input file, by a...
View ArticleClik here to view.
PentestPackage - A Package of Multiple Pentest Scripts
Contents:Wordlists - Comprises of password lists, username lists and subdomainsWeb Service finder - Finds web services of a list of IPs and also returns any URL rewritesGpprefdecrypt.* - Decrypt the...
View ArticleClik here to view.
Faraday 1.0.16 - Collaborative Penetration Test and Vulnerability Management...
Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distribution, indexation and analysis of the generated data during the...
View ArticleClik here to view.
JexBoss - Jboss Verify And Exploitation Tool
JexBoss is a tool for testing and exploiting vulnerabilities in JBoss Application Server.RequirementsPython <= 2.7.xInstallationTo install the latest version of JexBoss, please use the following...
View ArticleClik here to view.
CenoCipher - Easy-To-Use, End-To-End Encrypted Communications Tool
CenoCipher is a free, open-source, easy-to-use tool for exchanging secure encrypted communications over the internet. It uses strong cryptography to convert messages and files into encrypted...
View ArticleClik here to view.
jSQL Injection v0.73 - Java Tool For Automatic SQL Database Injection.
jSQL Injection is a lightweight application used to find database information from a distant server.jSQL is free, open source and cross-platform (Windows, Linux, Mac OS X, Solaris).jSQL is part of Kali...
View ArticleClik here to view.
Nipe - Script To Redirect All Traffic From The Machine To The Tor Network
Script to redirect all the traffic from the machine to the Tor network. [+] AUTOR: Vinicius Gouvea [+] EMAIL: vini@inploit.com [+] BLOG: https://medium.com/viniciusgouvea [+] GITHUB:...
View ArticleClik here to view.
Sublist3R - Fast Subdomains Enumeration Tool For Penetration Testers
Sublist3r is python tool that is designed to enumerate subdomains of websites using search engines. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are...
View ArticleClik here to view.
Blade - A Webshell Connection Tool With Customized WAF Bypass Payloads
Blade is a webshell connection tool based on console, currently under development and aims to be a choice of replacement of Chooper (中国菜刀). Chooper is a very cool webshell client with widly typies of...
View ArticleClik here to view.
Phpsploit - Stealth Post-Exploitation Framework
PhpSploit is a remote control framework, aiming to provide a stealth interactive shell-like connection over HTTP between client and web server. It is a post-exploitation tool capable to maintain access...
View ArticleClik here to view.
Vuvuzela - Private Messaging System That Hides Metadata
Vuvuzela is a messaging system that protects the privacy of message contents and message metadata. Users communicating through Vuvuzela do not reveal who they are talking to, even in the presence of...
View ArticleClik here to view.
Sawef - Send Attack Web Forms
SAWEF - Send Attack Web Forms DESCRIPTION The purpose of this tool is to be a Swiss army knife for anyone who works with HTTP, so far it she is basic, bringing only some of the few features that want...
View ArticleClik here to view.
IPTV Brute-Force - Search And Brute Force Illegal IPTV Server
This program is just a demonstration. DO NOT USE IT FOR PERSONAL purpose What is this? IPTV is a simple python script that let you crawl the search engines in order to fetch those sites that stream...
View ArticleClik here to view.
ParanoicScan - Vulnerability Scanner
Old Options Google & Bing Scanner that also scan : XSS SQL GET / POST SQL GET SQL GET + Admin Directory listing MSSQL Jet Database Oracle LFI RFI Full Source Discloure HTTP Information SQLi Scanner...
View ArticleClik here to view.
Kali NetHunter 3.0 - Android Mobile Penetration Testing Platform
What’s New in Kali NetHunter 3.0 NetHunter Android Application RewriteThe NetHunter Android application has been totally redone and has become much more “application centric”. Many new features and...
View ArticleClik here to view.
Winpayloads - Undetectable Windows Payload Generation
Undetectable Windows Payload Generation with extras Running on Python2.7Getting Startedgit clone https://github.com/Charliedean/Winpayloadscd WinPayloadssudo ./setup.shpython WinPayloads.pyMenu[1]...
View ArticleClik here to view.
Maltrail - Malicious Traffic Detection System
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV...
View ArticleClik here to view.
SAML Raider - SAML2 Burp Extension
SAML Raider is a Burp Suite extension for testing SAML infrastructures. It contains two core functionalities: Manipulating SAML Messages and manage X.509 certificates. This software was created by...
View ArticleClik here to view.
Hackazon - A Modern Vulnerable Web App
Hackazon is a free, vulnerable test site that is an online storefront built with the same technologies used in today’s rich client and mobile applications. Hackazon has an AJAX interface, strict...
View Article