full screen background image
Search
Monday 11 December 2017
  • :
  • :

Category: Tools

BootStomp – A Bootloader Vulnerability Finder

  BootStomp is a boot-loader bug finder. It looks for two different class of bugs: memory corruption and state storage...

w3af – Web Application Attack and Audit Framework

  w3af is an open source web application security scanner which helps developers and penetration testers identify and exploit...

Findsploit – Find exploits in local and online databases instantly

Find exploits in local and online databases instantly Finsploit is a simple bash script to quickly and easily search both local and online...

V3n0M-Scanner – Popular Pentesting scanner for SQLi/XSS/LFI/RFI and other Vulns

  V3n0M is a free and open source scanner. Evolved from baltazar’s scanner, it has adapted several new features that improve...

Sublist3r v1.0 – Fast subdomains enumeration tool for penetration testers

  Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters...

Syhunt ScanTools 6.0 – Console Web Vulnerability Scan Tools

Syhunt ScanTools 6.0 adds advanced fingerprinting capabilities, enhanced spidering, injection and code scan capabilities, and a large...

XSSSNIPER – An Automatic XSS Discovery Tool

XSSSNIPER is an handy xss discovery tool with mass scanning functionalities. Usage: Usage: xsssniper.py [options] Options: -h, --help show...

arp-validator – Security Tool To Detect ARP Poisoning Attacks

Security Tool to detect arp poisoning attacks. Features Uses a faster approach in detection of arp poisoning attacks compared to passive...

WhatWeb v0.4.9 – Next Generation Web Scanner

WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including...

pdfxpose: detecting suspicious PDF modifications

pdfxpose – A security tool for detecting suspicious PDF modifications commonly found in BEC. While investigating Business Email...

Amber – POC Reflective PE Packer

Amber is a proof of concept packer, it can pack regularly compiled PE files into reflective PE files that can be used as multi stage...

WPSploit – WordPress Plugin Code Scanner

This tool is intended for Penetration Testers who audit WordPress plugins or developers who wish to audit their own WordPress plugins. For...

0d1n v2.5 – Web Security Tool to Make Fuzzing at HTTP/S

Web security tool to make fuzzing at HTTP inputs, made in C with libCurl. 0d1n is a tool for automating customized attacks against web...

Zeus-Scanner – Advanced Reconnaissance Utility

Zeus is an advanced reconnaissance utility designed to make web application reconnaissance simple. Zeus comes complete with a powerful...

Hijacker v1.4 – All-in-One Wi-Fi Cracking Tools for Android

  Hijacker is a Graphical User Interface for the penetration testing tools Aircrack-ng, Airodump-ng, MDK3 and Reaver. It offers a...

DBC2 (DropboxC2) – A Modular Post-Exploitation Tool, Composed Of An Agent Running On The Victim’S Machine

DBC2 (DropboxC2) is a modular post-exploitation tool, composed of an agent running on the victim’s machine, a controler, running on...

Faraday v2.7 – Collaborative Penetration Test and Vulnerability Management Platform

Faraday is the Integrated Multiuser Risk Environment you have alwasy been looking for! It maps and leverages all the data you...

Habu – Python Network Hacking Toolkit

Habu: Network Hacking Toolkit I’m developing Habu to teach (and learn) some concepts about Python and Network Hacking. These are basic...

Cromos – Download and Inject code into Google Chrome extensions

Cromos is a tool for downloading legitimate extensions of the Chrome Web Store and inject codes in the background of the application and...

PoSh-R2 PowerShell: investigators and forensic analysts tool

PoSH-R2 is a set of Windows Management Instrumentation interface (WMI) scripts that investigators and forensic analysts can use to retrieve...

yarAnalyzer: Yara Rule Analyzer and Statistics

yarAnalyzer creates statistics on a yara rule set and files in a sample directory. Place some signatures with .yar extension in the...

Raptor WAF: Web application firewall

raptor waf Raptor is a Web application firewall made in C, uses DFA to block SQL injection, Cross site scripting and path traversal. Why...

Dex-Oracle – A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis

A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis. Also, the inspiration for another Android...

docker-onion-nmap – Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container

  Use nmap to scan hidden “onion” services on the Tor network. Minimal image based on alpine, using proxychains to wrap...

Paskto – Passive Web Scanner

  Paskto will passively scan the web using the Common Crawl internet index either by downloading the indexes on request or parsing...

Parrot Security 3.9 – Security GNU/Linux Distribution Designed with Cloud Pentesting and IoT Security in Mind

  Security GNU/Linux distribution designed with cloud pentesting and IoT security in mind. It includes a full portable laboratory for...

Phishruffus – Intelligent Threat Hunter And Phishing Servers

Phishruffus is a tool designed to identify threats and malicious DNS servers on the Internet that are used for the illicit practice of bank...

APs_Beacon – With this script you can spam WiFi APs/Hotspots

With this script you can spam WiFi APs. How to run it? Download “APs_Beacon.sh” and “SSID_List.txt” or type “git clone...

BlackOrphan – Tool built with Bash/nodeJs mainly for gaining a remote shell access to a Linux Box

BlackOrphan is a tool built with Bash/nodeJs mainly for gaining a remote shell access to a Linux Box BlackOrphan is a tool built with...

Linux Soft Exploit Suggester – Search Exploitable Software On Linux

linux-soft-exploit-suggester finds exploits for all vulnerable software in a system helping with the privilege escalation. It focuses on...