Clik here to view.
SEE - Sandboxed Execution Environment
Sandboxed Execution Environment (SEE) is a framework for building test automation in secured Environments.The Sandboxes, provided via libvirt, are customizable allowing high degree of flexibility....
View ArticleClik here to view.
Raptor WAF - Web Applicaiton to Train Attacks to Bypass
Raptor is an Open Source Tool, yout focus is study of attacks and find intelligent ways to block attacks.Raptor is made in pure C, don’t use regex or other common ways to block attacks, yes is diferent...
View ArticleClik here to view.
RouterhunterBR 2.0 - Automated Tool for Testing in Vulnerable Routers
The RouterhunterBR is an automated security tool que finds vulnerabilities and performs tests on routers and vulnerable devices on the Internet. The RouterhunterBR was designed to run over the Internet...
View ArticleClik here to view.
AndroL4b - A Virtual Machine For Assessing Android applications, Reverse...
AndroL4b is an android security virtual machine based on ubuntu Mate includes the collection of latest framework, tutorials and labs from different security geeks and researcher for reverse engineering...
View ArticleClik here to view.
Arpy - Mac OSX Arp Spoof (MITM) Tool
Arpy is an easy-to-use ARP spoofing MiTM tool for Mac. It provides 3 targeted functions: Packet Sniffing Visited Domains Visited Domains with Gource Each function will be explained below. Tested OS (to...
View ArticleClik here to view.
VBScan 0.1.4 - Black Box vBulletin Vulnerability Scanner
VBScan is an opensource project in perl programming language to detect VBulletin CMS vulnerabilities and analyses them.Why VBScan ?If you want to do a penetration test on a vBulletin Forum, VBScan is...
View ArticleClik here to view.
Gophish - Open-Source Phishing Toolkit
Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily setup and execute phishing engagements and security awareness...
View ArticleClik here to view.
NetworkMiner 2.0 - Network Forensic Analysis Tool (NFAT)
NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows (but also works in Linux / Mac OS X / FreeBSD). NetworkMiner can be used as a passive network sniffer/packet capturing tool in order...
View ArticleClik here to view.
SideDoor - Debian/Ubuntu Backdoor Using A Reverse SSH Tunnel
sidedoor maintains a reverse tunnel to provide a backdoor. sidedoor can be used to remotely control a device behind a NAT. sidedoor is packaged for Debian-based systems with systemd or upstart. It has...
View ArticleClik here to view.
CrackMapExecWin - The great CrackMapExec tool compiled for Windows
The great CrackMapExec tool compiled for Windows Features Latest 2.2 version Compiled for x86 so should work on x86 and x64 platforms Usage Download the whole archive Extract it and run...
View ArticleClik here to view.
htop 2.0 - An Interactive Process Viewer for Unix
htop is an interactive system-monitor process-viewer. It is designed as an alternative to the Unix program top. It shows a frequently updated list of the processes running on a computer, normally...
View ArticleClik here to view.
Maybe - See What A Program Does Before Deciding Whether You Really Want It To...
rm -rf pic* Are you sure? Are you one hundred percent sure? ... allows you to run a command and see what it does to your files without actually doing it! After reviewing the operations listed, you can...
View ArticleClik here to view.
JReFrameworker - Practical Managed Code Rootkits for Java
This project aims to extend the work done by Erez Metula in his book Managed Code Rootkits: Hooking into Runtime Environments. The work outlines a tool ReFrameworker that claims to be a framework...
View ArticleClik here to view.
Venom - Metasploit Shellcode Generator / Compiler / Listenner
The script will use msfvenom (metasploit) to generate shellcode in diferent formats ( c | python | ruby | dll | msi | hta-psh ), injects the shellcode generated into one funtion (example: python) "the...
View ArticleClik here to view.
NoSQLMap v0.6 - Automated NoSQL Database Pwnage
NoSQLMap is an open source Python tool designed to audit for as well as automate injection attacks and exploit default configuration weaknesses in NoSQL databases, as well as web applications using...
View ArticleClik here to view.
PyScan-Scanner - Vulnerability Scanner With Custom Payload
REQUIRE urllib2 BeautifulSoup requests START Change database information $bdd = new PDO('mysql:host=localhost;dbname=pyscan', 'user', 'password'); Update a Python gate panel_url =...
View ArticleClik here to view.
How Often Should You Scan Websites and Web Applications for Vulnerabilities?
Web Applications and Websites Exist in a Dynamic EnvironmentThere is no questioning the fact that the web application security landscape is in a constant state of flux. The pace of change is not only...
View ArticleClik here to view.
Foolav - Pentest Tool For Antivirus Evasion and Running Arbitrary Payload on...
Executable compiled with this code is useful during penetration tests where there is a need to execute some payload (meterpreter maybe?) while being certain that it will not be detected by antivirus...
View ArticleClik here to view.
Smod - MODBUS Penetration Testing Framework
smod is a modular framework with every kind of diagnostic and offensive feature you could need in order to pentest modbus protocol. It is a full Modbus protocol implementation using Python and Scapy....
View ArticleClik here to view.
SQLMap - Automatic SQL Injection And Database Takeover Tool
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection...
View Article