Clik here to view.
CTF-Tools - Some setup scripts for security research tools
This is a collection of setup scripts to create an install of various security research tools. Of course, this isn't a hard problem, but it's really nice to have them in one place that's easily...
View ArticleClik here to view.
DbDat - Db Database Assessment Tool
DbDat performs numerous checks on a database to evaluate security. The categories of checks performed are configuration, privileges, users, and information. Checks are performed by running queries or...
View ArticleClik here to view.
Lynis 2.2.0 - Security Auditing Tool for Unix/Linux Systems
Lynis is an open source security auditing tool. Commonly used by system administrators, security professionals and auditors, to evaluate the security defenses of their Linux/Unix based systems. It runs...
View ArticleClik here to view.
Al-Khaser - Public Malware Techniques Used In The Wild
al-khaser is a PoC malware with good intentions that aimes to stress your anti-malware system. It performs a bunch of nowadays malwares tricks and the goal is to see if you catch them all. Possible...
View ArticleClik here to view.
Shocker - A tool to find and exploit servers vulnerable to Shellshock
A tool to find and exploit servers vulnerable to Shellshock Help Text usage: shocker.py -h, --help show this help message and exit --Host HOST, -H HOST A target hostname or IP address --file FILE, -f...
View ArticleClik here to view.
Jsprime - A JavaScript Static Security Analysis Tool
Today, more and more developers are switching to JavaScript as their first choice of language. The reason is simple JavaScript has now been started to be accepted as the mainstream programming for...
View ArticleClik here to view.
Kautilya - Tool for easy use of Human Interface Devices for offensive...
Kautilya is a toolkit which provides various payloads for a Human Interface Device which may help in breaking in a computer during penetration tests. List of Payloads Windows Gather Gather Information...
View ArticleClik here to view.
Guinevere - Automated Security Assessment Reporting Tool
This tool works with Gauntlet (a private tool) to automate assessment reporting. Main features include: Generate Assessment Report Export Assessment Generate Retest Report Generate Pentest Checklist...
View ArticleClik here to view.
Rack-Bug - Debugging Toolbar For Rack Applications Implemented As Middleware
Rack::Bug adds a diagnostics toolbar to Rack apps. When enabled, it injects a floating div allowing exploration of logging, database queries, template rendering times, etc. Features Password-based...
View ArticleClik here to view.
Meld - Visual Diff And Merge Tool Targeted At Developers
Meld is a visual diff and merge tool targeted at developers. Meld helps you compare files, directories, and version controlled projects. It provides two- and three-way comparison of both files and...
View ArticleClik here to view.
PentestBox 2.0 - Portable Penetration Testing Distribution for Windows...
PentestBox provides all security tools as a software package, eliminating requirement of Virtual machines or dualboot environments on Windows Operating System.It is created because more than 50% of...
View ArticleClik here to view.
LynxFramework - Extension Exploitation Framework
LynxFramework is an operating tool for web browser offering a specialized service in the effect browser extension development , namely Google Chrome and Firefox soon. The operation is based on the...
View ArticleClik here to view.
Firmwalker - Script for searching the extracted firmware file system for...
A simple bash script for searching the extracted or mounted firmware file system.It will search through the extracted or mounted firmware file system for things of interest such as: etc/shadow and...
View ArticleClik here to view.
JSRat - Reverse HTTP Shell Using JavaScript
JSRat is a reverse HTTP Shell by using JavaScript. JSRat use rundll32.exe to load the JavaScript code in cmd and a HTTP Shell is returned when the code is executed. The special part is that after...
View ArticleClik here to view.
Pentestly - Python and Powershell internal Penetration Testing Framework
Pentestly is a combination of expanding Python tools for use in penetration tests. The goal is to utilize a familiar user interface while making contributions to the framework easy with the power of...
View ArticleClik here to view.
RouterSploit - Router Exploitation Framework
The RouteSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of various modules that aids penetration testing operations: exploits - modules that take...
View ArticleClik here to view.
Payday - Payload generator that uses Metasploit and Veil
Payload generator that uses Metasploit and Veil. Takes IP address input and then builds payloads automatically. Calls Veil framework with supplied IP address and creates binaries and handlers. Uses...
View ArticleClik here to view.
Brosec - An interactive reference tool to help security professionals utilize...
Brosec is a terminal based reference utility designed to help us infosec bros and broettes with useful (yet sometimes complex) payloads and commands that are often used during work as infosec...
View ArticleClik here to view.
GetDataReport - Script to collect information to the client side
Script in PHP+JS for get information of target through a web application, use $_SERVER functions and JS functions for get information of our client. Plugin (WEBApps) in some web applications need to...
View ArticleClik here to view.
Gladius - Easy mode from Responder to Credentials
Gladius provides an automated method for cracking credentials from various sources during an engagement. We currently crack hashes from Responder, secretsdump.py, and smart_hashdump. Install pip...
View Article