Clik here to view.
GEF - Multi-Architecture GDB Enhanced Features for Exploiters &...
GEF is aimed to be used mostly by exploiters and reverse-engineers. It provides additional features to GDB using the Python API to assist during the process of dynamic analysis or exploit development....
View ArticleClik here to view.
v0lt - Security CTF Toy Tools
v0lt is an attempt to regroup every tool I used/use/will use in security CTF, Python style. A lot of exercises were solved using bash scripts but Python may be more flexible, that's why. Nothing to do...
View ArticleClik here to view.
FruityWifi v2.4 - Wireless Network Auditing Tool
FruityWifi is a wireless network auditing tool. The application can be installed in any Debian based system adding the extra packages. Tested in Debian, Kali Linux, Kali Linux ARM (Raspberry Pi),...
View ArticleClik here to view.
OnionScan - Onion Services Security Scan
The purpose of this tool is to make you a better onion service provider. You owe it to yourself and your users to ensure that attackers cannot easily exploit and deanonymize. Go Dependencies...
View ArticleClik here to view.
DET - Data Exfiltration Toolkit
DET (is provided AS IS), is a proof of concept to perform Data Exfiltration using either single or multiple channel(s) at the same time. The idea was to create a generic toolkit to plug any kind of...
View ArticleClik here to view.
PeerTweet - Decentralized Feeds using BitTorrent's DHT
BitTorrent's DHT is probably one of the most resilient and censorship-resistant networks on the internet. PeerTweet uses this network to allow users to broadcast tweets to anyone who is listening. When...
View ArticleClik here to view.
ROPInjector - Convert any Shellcode in ROP and patch it into a given Portable...
A tool written in C (Win32) to convert any shellcode in ROP and patch it into a given portable executable (PE). It supports only 32-bit target PEs and the x86 instruction set.Published in Blackhat USA...
View ArticleClik here to view.
Ranger - Tool To Access And Interact With Remote Microsoft Windows Based Systems
A tool to support security professionals access and interact with remote Microsoft Windows based systems. This project was conceptualized with the thought process, we did not invent the bow or the...
View ArticleClik here to view.
Tsusen - Network Traffic Sensor
Tsusen (津波センサー) is a standalone network sensor made for gathering information from the regular traffic coming from the outside (i.e. Internet) on a daily basis (e.g. mass-scans, service-scanners,...
View ArticleClik here to view.
Changme - A Default Credential Scanner
Changeme is designed to be simple to add new credentials without having to write any code or modules.changeme keeps credential data separate from code. All credentials are stored in yaml files so they...
View ArticleClik here to view.
Ubuntu 16.04 LTS (Xenial Xerus) - The leading OS for PC, tablet, phone and cloud
Ubuntu is an ancient African word meaning ‘humanity to others’. It also means ‘I am what I am because of who we all are’. The Ubuntu operating system brings the spirit of Ubuntu to the world of...
View ArticleClik here to view.
Htcap - web application scanner able to crawl single page application (SPA)...
htcap is a web application scanner able to crawl single page application (SPA) in a recursive manner by intercepting ajax calls and DOM changes.Htcap is not just another vulnerability scanner since...
View ArticleClik here to view.
Metaphor - Stagefright with ASLR bypass
Metaphor - Stagefright with ASLR bypass By Hanan Be'er from NorthBit Ltd. Link to whitepaper: https://raw.githubusercontent.com/NorthBit/Public/master/NorthBit-Metaphor.pdf Metaphor's source code is...
View ArticleClik here to view.
IPGeoLocation - A tool to retrieve IP Geolocation information
A tool to retrieve IP Geolocation information Powered by ip-api Requirements Python 3.x Features Retrieve IP or Domain Geolocation. Retrieve your own IP Geolocation. Retrieve Geolocation for IPs or...
View ArticleClik here to view.
PenQ - The Security Testing Browser Bundle
PenQ is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre-configured with security tools for spidering, advanced web searching, fingerprinting,...
View ArticleClik here to view.
Whitewidow - SQL Vulnerability Scanner
Whitewidow is an open source automated SQL vulnerability scanner, that is capable of running through a file list, or can scrape Google for potential vulnerable websites. It allows automatic file...
View ArticleClik here to view.
Blind-Sql-Bitshifting - Blind SQL Injection via Bitshifting
This is a module that performs blind SQL injection by using the bitshifting method to calculate characters instead of guessing them. It requires 7/8 requests per character, depending on the...
View ArticleClik here to view.
Weeman v1.7 - HTTP Server for Phishing
HTTP server for phishing in python. (and framework) Usually you will want to run Weeman with DNS spoof attack. (see dsniff, ettercap). Press 1.7 - is out 25-03-2016 Added profiles Weeman framework 0.1...
View ArticleClik here to view.
Hob0Rules - Password cracking rules for Hashcat based on statistics and...
Password cracking rules for Hashcat based on statistics and industry patterns. The following blog posts on passwords explain the statistical signifigance of these rulesets:Statistics Will Crack Your...
View ArticleClik here to view.
BlackArch Linux v2016.04.28 - Penetration Testing Distribution
BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers. The repository contains 1410tools. You can install tools individually or in groups. BlackArch Linux...
View Article