Clik here to view.
OWASP ZAP 2.7.0 - Penetration Testing Tool for Testing Web Applications
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security...
View ArticleClik here to view.
CALDERA - Automated Adversary Emulation System
CALDERA is an automated adversary emulation system that performs post-compromise adversarial behavior within enterprise networks. It generates plans during operation using a planning system and a...
View ArticleClik here to view.
Hyperfox - HTTP/HTTPs MITM proxy and traffic recorder with on-the-fly TLS...
Hyperfox is a security tool for proxying and recording HTTP and HTTPs communications on a LAN.Hyperfox is capable of forging SSL certificates on the fly if you provide it with a root CA certificate and...
View ArticleClik here to view.
Wazuh - Open Source Host and Endpoint Security
Wazuh helps you to gain deeper security visibility into your infrastructure by monitoring hosts at an operating system and application level. This solution, based on lightweight multi-platform agents,...
View ArticleClik here to view.
AndroTickler - Penetration Testing and Auditing Toolkit for Android Apps
A java tool that helps to pentest Android apps faster, more easily and more efficiently. AndroTickler offers many features of information gathering, static and dynamic checks that cover most of the...
View ArticleClik here to view.
Invoke-Phant0m - Windows Event Log Killer
This script walks thread stacks of Event Log Service process (spesific svchost.exe) and identify Event Log Threads to kill Event Log Service Threads. So the system will not be able to collect logs and...
View ArticleClik here to view.
Parrot Security 3.10 - Security Oriented GNU/Linux Distribution
Security GNU/Linux distribution designed with cloud pentesting and IoT security in mind.It includes a full portable laboratory for security and digital forensics experts, but it also includes all you...
View ArticleClik here to view.
JexBoss - JBoss (and others Java Deserialization Vulnerabilities) verify and...
JexBoss is a tool for testing and exploiting vulnerabilities in JBoss Application Server and others Java Platforms, Frameworks, Applications, etc.RequirementsPython >=...
View ArticleClik here to view.
GOWPT - Go Web Application Penetration Test
GOWPT is the younger brother of wfuzz a swiss army knife of WAPT, it allow pentester to perform huge activity with no stress at all, just configure it and it's just a matter of clicks.How to installTo...
View ArticleClik here to view.
Makin - Reveal Anti-Debugging Tricks
makin is to make initial malware assessment little bit easier, It helps to reveal a debugger detection techniques used by a sample.Supports x64 and x86How does it work?makin opens a sample as a...
View ArticleClik here to view.
mimikatz 2.1.1 - A Post-Exploitation Tool to Extract Plaintexts Passwords,...
Mimikatz is a post-exploitation tool written by Benjamin Delpy (gentilkiwi). After the initial exploitation phase, attackers may want to get a firmer foothold on the computer/network. Doing so often...
View ArticleClik here to view.
WhatWaf - Detect And Bypass Web Application Firewalls And Protection Systems
WhatWaf is an advanced firewall detection tool who's goal is to give you the idea of "There's a WAF?". WhatWaf works by detecting a firewall on a web application, and attempting to detect a bypass (or...
View ArticleClik here to view.
NoSQL Exploitation Framework 2.0 - A Framework For NoSQL Scanning and...
A FrameWork For NoSQL Scanning and Exploitation Framework Authored By Francis Alexander.Added Features:First Ever Tool With Added Support For Mongo,Couch,Redis,H-Base,CassandraSupport For NoSQL...
View ArticleClik here to view.
GhostInTheNet - Ultimate Network Stealther that makes Linux a Ghost In The...
Ultimate Network Stealther that makes Linux a Ghost In The Net and protects from MITM/DOS/scan.Properties:Network InvisibilityNetwork AnonymityProtects from...
View ArticleClik here to view.
XAttacker - Website Vulnerability Scanner & Auto Exploiter
XAttacker is a Website Vulnerability Scanner & Auto Exploiter developed by Mohamed RiahiInstallationgit clone https://github.com/Moham3dRiahi/XAttacker.gitAuto Cms Detect[1] WordPress :[+] Adblock...
View ArticleClik here to view.
ReverShellGenerator - A Tool to Generate Various Ways to Do a Reverse Shell
A tool to generate various ways to do a reverse shell.Usage exampleReverse Shell...
View ArticleClik here to view.
dnscrypt-autoinstall - Automatic installation and configuration of DNSCrypt
A script for installing and automatically configuring DNSCrypt on Linux-based systems.DescriptionDNSCrypt is a protocol for securing communications between a client and a DNS resolver by encrypting DNS...
View ArticleClik here to view.
certstreamcatcher - Catching phishing by observing certificate transparency logs
Catching phishing by observing certificate transparency logs. This tool is based on regex with effective standards for detecting phishing sites in real time using certstream.Installation$ cd /opt/$ git...
View ArticleClik here to view.
Invoke-PSImage - Embeds a PowerShell script in the pixels of a PNG file and...
Embeds a PowerShell script in the pixels of a PNG file and generates a oneliner to execute Invoke-PSImage takes a PowerShell script and embeds the bytes of the script into the pixels of a PNG image. It...
View ArticleClik here to view.
Bluepot - Bluetooth Honeypot
This code is from a University Project written in 2010. This is a newer version of the code than is on Google Code.Bluepot is a Bluetooth Honeypot written in Java, it runs on Linux.Bluepot was a third...
View Article