Clik here to view.
Audit CouchDB - The Simple, Clear, CouchDB Security Assessment
Audit CouchDB is a simple tool with a powerful message. Given an Apache CouchDB URL, it will tell you everything you ever wanted to know about its security. Objective Audit CouchDB will perform the...
View ArticleClik here to view.
ATSCAN v6.2 - Search / Site / Server Scanner
Description:SEARCH engineXSS scanner.Sqlmap.LFI scanner.Filter wordpress and Joomla sites in the server.Find Admin page.Decode / Encode MD5 + Base64.Ports scan.Scan E-mails in sites.Use proxy.Random...
View ArticleClik here to view.
Appie v3 - Android Pentesting Portable Integrated Environment
Appie is a software package that has been pre-configured to function as an Android Pentesting Environment on any windows based machine without the need of a Virtual Machine(VM) or dualboot.It is...
View ArticleClik here to view.
IIS Short Name Scanner - Scanner For IIS Short File Name Disclosure...
Scanner for IIS short file name (8.3) disclosure vulnerability by using the tilde (~) character. Description Microsoft IIS contains a flaw that may lead to an unauthorized information disclosure. The...
View ArticleClik here to view.
Faraday 1.0.17 - Collaborative Penetration Test and Vulnerability Management...
Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distribution, indexation and analysis of the generated data during the...
View ArticleClik here to view.
SFTPfuzzer - Simple FTP Fuzzer
SFTPfuzzer (Simple FTP Fuzzer) is a very simple software written in Python 2.7 (by 0x8b30cc), that allows you to easily fuzz username and password field in an FTP Server, looking for a buffer overflow...
View ArticleClik here to view.
Gitminer - Automatic Search For GitHub
Advanced search tool and automation in Github. This tool aims to facilitate research by code or code snippets on github through the site's search page. MOTIVATION Demonstrates the fragility of trust in...
View ArticleClik here to view.
Whatportis - A Command To Search Port Names And numbers
It often happens that we need to find the default port number for a specific service, or what service is normally listening on a given port. Usage This tool allows you to find what port is associated...
View ArticleClik here to view.
Wordpress-Exploit-Framework - A Ruby framework for developing and using...
A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems. What do I need to run it? Ensure that you have Ruby 2.2.x installed on...
View ArticleClik here to view.
Malware-Jail - Sandbox for semi-automatic Javascript malware analysis and...
Sandbox for semi-automatic Javascript malware analysis and payload extraction. Written for Node.jsmalware-jail is written for Node's 'vm' sandbox . Currently implements WScript (Windows Scripting Host)...
View ArticleClik here to view.
Climber - Check UNIX/Linux Systems For Privilege Escalation
Automated auditing tool to check UNIX/Linux systems misconfigurations which may allow local privilege escalation. Dependencies python >= 2.7 python-crypto python-mako python-paramiko Note Climber...
View ArticleClik here to view.
Lobotomy - Android Reverse Engineering Framework & Toolkit
Lobotomy is an Android security toolkit that will automate different Android assessments and reverse engineering tasks. The goal of the Lobotomy toolkit is to provide a console environment, which would...
View ArticleClik here to view.
HEVD - HackSys Extreme Vulnerable Driver
HackSys Extreme Vulnerable Driver is intentionally vulnerable Windows driver developed for security enthusiasts to learn and polish their exploitation skills at Kernel level. HackSys Extreme Vulnerable...
View ArticleClik here to view.
Chuckle - An Automated SMB Relay Script
Chuckle is an automated SMB Relay Script.Chuckle requires a few tools to work:SMBRelayX.pyVeil (latest version from git)Responder (Chuckle will detect which version you are using.)NmapNbtscan...
View ArticleClik here to view.
Kitty - Fuzzing Framework Written In Python
Kitty is an open-source modular and extensible fuzzing framework written in python, inspired by OpenRCE's Sulley and Michael Eddington's (and now Deja Vu Security's) Peach Fuzzer . Goal When we started...
View ArticleClik here to view.
Striptls - Proxy POC Implementation Of STARTTLS Stripping Attacks
poc implementation of STARTTLS stripping attacks SMTP SMTP.StripFromCapabilities - server response capability patch SMTP.StripWithInvalidResponseCode - client STARTTLS stripping, invalid response code...
View ArticleClik here to view.
OnionCat - An Anonymous VPN-Adapter (P2P layer 3 VPN based on Tor or I2P)
OnionCat is a VPN-adapter which allows to connect two or more computers or networks through VPN-tunnels. It is designed to use the anonymization networks Tor or I2P as its transport, hence, it provides...
View ArticleClik here to view.
SSLyze - Fast And Full-Featured SSL Scanner
SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify...
View ArticleClik here to view.
Machinae - Security Intelligence Collector
Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data: IP addresses, domain names, URLs, email addresses, file hashes and SSL...
View ArticleClik here to view.
Ruby-Nmap - A Rubyful interface to the Nmap exploration tool and security /...
A Ruby interface to nmap , the exploration tool and security / port scanner. Features Provides a Ruby interface for running nmap. Provides a Parser for enumerating nmap XML scan files. Examples Run...
View Article