Spyse OSINT gathering tool that scans the entire web, enrich and collect all the data in its own DB for instant access. Provided data: IPv4 hosts, sub/domains/whois, ports/banners/protocols, technologies, OS, AS, wide SSL/TLS DB and more. https://spyse.com/
ASlookup Made for identifying the owner of an IP range(CIDR), ASN, related ASN, registry, etc… http://aslookup.com
ace 1.10 Automated Corporate Enumerator. A simple yet powerful VoIP Corporate Directory enumeration tool that mimics the behavior of an IP Phone in order to download the name and extension entries that a given phone can display on its screen interface http://ucsniff.sourceforge.net/ace.html
against 0.2 A very fast ssh attacking script which includes a multithreaded port scanning module (tcp connect) for discovering possible targets and a multithreaded brute-forcing module which attacks parallel all discovered hosts or given ip addresses from a list. http://nullsecurity.net/tools/cracker.html
Amass v1.4.0 A tool that performs DNS subdomain enumeration by scraping the largest number of disparate data sources, recursive brute forcing, crawling of web archives, permuting and altering names, reverse DNS sweeping and other techniques https://github.com/caffix/amass/releases
anontwi 1.0 A free software python client designed to navigate anonymously on social networks. It supports Identi.ca and Twitter.com. http://anontwi.sourceforge.net/
aphopper 0.3 AP Hopper is a program that automatically hops between access points of different wireless networks. http://aphopper.sourceforge.net/
apnbf 0.1 A small python script designed for enumerating valid APNs (Access Point Name) on a GTP-C speaking device. http://www.c0decafe.de/
arachni 1.0.6 A feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. https://www.arachni-scanner.com
arpantispoofer 1.0.1.32 A utility to detect and resist BIDIRECTIONAL ARP spoofing. It can anti-spoof for not only the local host, but also other hosts in the same subnet. It is also a handy helper for gateways which don’t work well with ARP. http://arpantispoofer.sourceforge.net/
arpon 2.7 A portable handler daemon that make ARP protocol secure in order to avoid the Man In The Middle (MITM) attack through ARP Spoofing, ARP Cache Poisoning or ARP Poison Routing (APR) attacks. http://arpon.sourceforge.net/
artillery 1.0.2 A combination of a honeypot, file-system monitoring, system hardening, and overall health of a server to create a comprehensive way to secure a system https://www.trustedsec.com/downloads/artillery/
balbuzard 65.546c5dcf629c A package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). https://bitbucket.org/decalage/balbuzard/
bamf-framework 35.30d2b4b A modular framework designed to be a platform to launch attacks against botnets. https://github.com/bwall/BAMF
basedomainname 0.1 Tool that can extract TLD (Top Level Domain), domain extensions (Second Level Domain + TLD), domain name, and hostname from fully qualified domain names. http://www.morningstarsecurity.com/research
birp 60.1d7c49f A tool that will assist in the security assessment of mainframe applications served over TN3270. https://github.com/sensepost/birp
bittwist 2.0 A simple yet powerful libpcap-based Ethernet packet generator. It is designed to complement tcpdump, which by itself has done a great job at capturing network traffic. http://bittwist.sourceforge.net/
blindelephant 7 A web application fingerprinter. Attempts to discover the version of a (known) web application by comparing static files at known locations http://blindelephant.sourceforge.net/
bowcaster 0.1 This framework, implemented in Python, is intended to aid those developing exploits by providing useful set of tools and modules, such as payloads, encoders, connect-back servers, etc. Currently the framework is focused on the MIPS CPU architecture, but the design is intended to be modular enough to support arbitrary architectures. https://github.com/zcutlip/bowcaster
carwhisperer 0.2 Intends to sensibilise manufacturers of carkits and other Bluetooth appliances without display and keyboard for the possible security threat evolving from the use of standard passkeys. http://trifinite.org/trifinite_stuff_carwhisperer.html
casefile 1.0.1 The little brother to Maltego without transforms, but combines graph and link analysis to examine links between manually added data to mind map your information http://www.paterva.com/web6/products/casefile.php
cecster 5.15544cb A tool to perform security testing against the HDMI CEC (Consumer Electronics Control) and HEC (HDMI Ethernet Channel) protocols https://github.com/nccgroup/CECster
chaosreader 0.94 A freeware tool to trace tcp, udp etc. sessions and fetch application data from snoop or tcpdump logs. http://chaosreader.sourceforge.net/
chownat 0.08b Allows two peers behind two separate NATs with no port forwarding and no DMZ setup on their routers to directly communicate with each other http://samy.pl/chownat/
cisco-auditing-tool 1 Perl script which scans cisco routers for common vulnerabilities. Checks for default passwords, easily guessable community names, and the IOS history bug. Includes support for plugins and scanning multiple hosts. http://www.scrypt.net
cisco-global-exploiter 1.3 A perl script that targets multiple vulnerabilities in the Cisco Internetwork Operating System (IOS) and Catalyst products. http://www.blackangels.it
clusterd 129.0f04a49 Automates the fingerprinting, reconnaissance, and exploitation phases of an application server attack. https://github.com/hatRiot/clusterd
cms-explorer 1.0 Designed to reveal the specific modules, plugins, components and themes that various cms driven websites are running http://code.google.com/p/cms-explorer
complemento 0.7.6 A collection of tools for pentester: LetDown is a powerful tcp flooder ReverseRaider is a domain scanner that use wordlist scanning or reverse resolution scanning Httsquash is an http server scanner, banner grabber and data retriever http://complemento.sourceforge.net
conpot 0.3.1 ICS honeypot with the goal to collect intelligence about the motives and methods of adversaries targeting industrial control systems url=”http://conpot.org“
creepy 137.9f60449 A geolocation information gatherer. Offers geolocation information gathering through social networking platforms. http://github.com/ilektrojohn/creepy.git
cutycapt 10 A Qt and WebKit based command-line utility that captures WebKit’s rendering of a web page. http://cutycapt.sourceforge.net/
cvechecker 3.5 The goal of cvechecker is to report about possible vulnerabilities on your system, by scanning the installed software and matching the results with the CVE database. http://cvechecker.sourceforge.net/
cymothoa 1 A stealth backdooring tool, that inject backdoor’s shellcode into an existing process. http://cymothoa.sourceforge.net/
d4n155 1.50 Security audit tool for smart and dynamic wordlist using Google hacking attack and some calculations, after analysis is generated a graphical report. https://github.com/adasecurity/D4N155
davoset 1.2.3 A tool for using Abuse of Functionality and XML External Entities vulnerabilities on some websites to attack other websites. http://websecurity.com.ua/davoset/
davtest 1.0 Tests WebDAV enabled servers by uploading test executable files, and then (optionally) uploading files which allow for command execution or other actions directly on the target http://code.google.com/p/davtest/
dbd 1.50 A Netcat-clone, designed to be portable and offer strong encryption. It runs on Unix-like operating systems and on Microsoft Win32. https://github.com/gitdurandal/dbd
dbpwaudit 0.8 A Java tool that allows you to perform online audits of password quality for several database engines http://www.cqure.net/wp/dbpwaudit/
decker 0.0.11 A penetration testing orchestration and automation framework, which allows writing declarative, reusable configurations capable of ingesting variables and using outputs of tools it has run as inputs to others.
dinouml 0.9.5 A network simulation tool, based on UML (User Mode Linux) that can simulate big Linux networks on a single PC http://kernel.embedromix.ro/us/
dmitry 1.3a Deepmagic Information Gathering Tool. Gathers information about hosts. It is able to gather possible subdomains, email addresses, and uptime information and run tcp port scans, whois lookups, and more. http://www.mor-pah.net/
_dripper v1.r1.gc9bb0c9 A fast, asynchronous DNS scanner; it can be used for enumerating subdomains and enumerating boxes via reverse DNS. http://www.blackhatlibrary.net/Dripper
easyfuzzer 3.6 A flexible fuzzer, not only for web, has a CSV output for efficient output analysis (platform independant). http://www.mh-sec.de/downloads.html.en
encodeshellcode 0.1b This is an encoding tool for 32-bit x86 shellcode that assists a researcher when dealing with character filter or byte restrictions in a buffer overflow vulnerability or some kind of IDS/IPS/AV blocking your code. http://packetstormsecurity.com/files/119904/Encode-Shellcode.1b.html
epicwebhoneypot 2.0a Tool which aims to lure attackers using various types of web vulnerability scanners by tricking them into believing that they have found a vulnerability on a host. http://sourceforge.net/projects/epicwebhoneypot/
eyewitness 278.e72c21e Designed to take screenshots of websites, provide some server header info, and identify default credentials if possible. https://github.com/ChrisTruncer/EyeWitness
facebrute 7.ece355b This script tries to guess passwords for a given facebook account using a list of passwords (dictionary). https://github.com/emerinohdz/FaceBrute
fakeap 0.3.2 Black Alchemy’s Fake AP generates thousands of counterfeit 802.11b access points. Hide in plain sight amongst Fake AP’s cacophony of beacon frames. http://www.blackalchemy.to/project/fakeap/
fakedns 17.87d4216 A regular-expression based python MITM DNS server with correct DNS request passthrough and “Not Found” responses. https://github.com/Crypt0s/FakeDns
fl0p 0.1 A passive L7 flow fingerprinter that examines TCP/UDP/ICMP packet sequences, can peek into cryptographic tunnels, can tell human beings and robots apart, and performs a couple of other infosec-related tricks. http://lcamtuf.coredump.cx/
fsnoop 3.3 A tool to monitor file operations on GNU/Linux systems by using the Inotify mechanism. Its primary purpose is to help detecting file race condition vulnerabilities and since version 3, to exploit them with loadable DSO modules (also called “payload modules” or “paymods”). http://vladz.devzero.fr/fsnoop.php
ftester 1.0 A tool designed for testing firewall filtering policies and Intrusion Detection System (IDS) capabilities. http://www.inversepath.com/ftester.html
ftp-scanner 0.2.5 Multithreaded ftp scanner/brute forcer. Tested on Linux, OpenBSD and Solaris. http://wayreth.eu.org/old_page/
ftp-spider 1.0 FTP investigation tool – Scans ftp server for the following: reveal entire directory tree structures, detect anonymous access, detect directories with write permissions, find user specified data within repository. http://packetstormsecurity.com/files/35120/ftp-spider.pl.html
fusil 1.4 Fusil the fuzzer is a Python library used to write fuzzing programs. It helps to start process with a prepared environment (limit memory, environment variables, redirect stdout, etc.), start network client or server, and create mangled files http://bitbucket.org/haypo/fusil/wiki/Home
fuzzdiff 1.0 A simple tool designed to help out with crash analysis during fuzz testing. It selectively ‘un-fuzzes’ portions of a fuzzed file that is known to cause a crash, re-launches the targeted application, and sees if it still crashes. http://vsecurity.com/resources/tool
fuzztalk 1.0.0.0 An XML driven fuzz testing framework that emphasizes easy extensibility and reusability. https://code.google.com/p/fuzztalk
geoedge 0.2 This little tools is designed to get geolocalization information of a host, it get the information from two sources (maxmind and geoiptool).
getsids 0.0.1 Getsids tries to enumerate Oracle Sids by sending the services command to the Oracle TNS listener. Like doing ‘lsnrctl service’. http://www.cqure.net/wp/getsids/
goodork 2.2 A python script designed to allow you to leverage the power of google dorking straight from the comfort of your command line. http://goo-dork.blogspot.com/
hackersh 0.2.0 A shell for with Pythonect-like syntax, including wrappers for commonly used security tools http://www.hackersh.org/
halberd 0.2.4 Halberd discovers HTTP load balancers. It is useful for web application security auditing and for load balancer configuration testing. http://halberd.superadditive.com/
handle 0.0 An small application designed to analyze your system searching for global objects related to running proccess and display information for every found object, like tokens, semaphores, ports, files,.. http://www.tarasco.org/security/handle/index.html
hasher 32.e9d1394 A tool that allows you to quickly hash plaintext strings, or compare hashed values with a plaintext locally. https://github.com/ChrisTruncer/Hasher
hdmi-sniff 5.f7fbc0e HDMI DDC (I2C) inspection tool. It is designed to demonstrate just how easy it is to recover HDCP crypto keys from HDMI devices. https://github.com/ApertureLabsLtd/hdmi-sniff
heartbleed-honeypot 0.1 Script that listens on TCP port 443 and responds with completely bogus SSL heartbeat responses, unless it detects the start of a byte pattern similar to that used in Jared Stafford’s http://packetstormsecurity.com/files/126068/hb_honeypot.pl.txt
hexinject 1.5 A very versatile packet injector and sniffer that provides a command-line framework for raw network access. http://hexinject.sourceforge.net
hexorbase 6 A database application designed for administering and auditing multiple database servers simultaneously from a centralized location. It is capable of performing SQL queries and bruteforce attacks against common database servers (MySQL, SQLite, Microsoft SQL Server, Oracle, PostgreSQL). https://code.google.com/p/hexorbase/
honssh 47.0de60ec A high-interaction Honey Pot solution designed to log all SSH communications between a client and server. https://code.google.com/p/honssh/
hookanalyser 3.0 A hook tool which can be potentially helpful in reversing applications and analyzing malware. It can hook to an API in a process and search for a pattern in memory or dump the buffer. http://hookanalyser.blogspot.de/
host-extract 9 Ruby script tries to extract all IP/Host patterns in page response of a given URL and JavaScript/CSS files of that URL. https://code.google.com/p/host-extract/
hotspotter 0.4_ Hotspotter passively monitors the network for probe request frames to identify the preferred networks of Windows XP clients, and will compare it to a supplied list of common hotspot network names. http://www.remote-exploit.org/?page_id=418
htexploit 0.77 A Python script that exploits a weakness in the way that .htaccess files can be configured to protect a web directory with an authentication process http://www.mkit.com.ar/labs/htexploit/
httpbog 1.0.0.0 A slow HTTP denial-of-service tool that works similarly to other attacks, but rather than leveraging request headers or POST data Bog consumes sockets by slowly reading responses. http://sourceforge.net/projects/httpbog/
httpforge 11.02.01 A set of shell tools that let you manipulate, send, receive, and analyze HTTP messages. These tools can be used to test, discover, and assert the security of Web servers, apps, and sites. An accompanying Python library is available for extensions. http://packetstormsecurity.com/files/98109/HTTPForge.02.01.html
httpsniff 0.4 Tool to sniff HTTP responses from TCP/IP based networks and save contained files locally for later review. http://www.sump.org/projects/httpsniff/
iaxscan 0.02 A Python based scanner for detecting live IAX/2 hosts and then enumerating (by bruteforce) users on those hosts. http://code.google.com/p/iaxscan/
ibrute 12.3a6a11e An AppleID password bruteforce tool. It uses Find My Iphone service API, where bruteforce protection was not implemented. https://github.com/hackappcom/ibrute/
iheartxor 0.01 iheartxor is a tool for bruteforcing encoded strings within a boundary defined by a regular expression. It will bruteforce the key value range of 0x1 through 0x255. http://hooked-on-mnemonics.blogspot.com.es/p/iheartxor.html
ikecrack 1.00 An IKE/IPSec crack tool designed to perform Pre-Shared-Key analysis of RFC compliant aggressive mode authentication http://sourceforge.net/projects/ikecrack/
ikeprober 1.12 Tool crafting IKE initiator packets and allowing many options to be manually set. Useful to find overflows, error conditions and identifiyng vendors http://ikecrack.sourceforge.net/
inetsim 1.2.5 A software suite for simulating common internet services in a lab environment, e.g. for analyzing the network behaviour of unknown malware samples. http://www.inetsim.org
inguma 0.1.1 A free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler. http://inguma.sourceforge.net
intercepter-ng 0.9.8 A next generation sniffer including a lot of features: capturing passwords/hashes, sniffing chat messages, performing man-in-the-middle attacks, etc. http://intercepter.nerf.ru/#down
interrogate 0.0.4 A proof-of-concept tool for identification of cryptographic keys in binary material (regardless of target operating system), first and foremost for memory dump analysis and forensic usage. https://github.com/carmaa/interrogate
inundator 0.5 An ids evasion tool, used to anonymously inundate intrusion detection logs with false positives in order to obfuscate a real attack. http://inundator.sourceforge.net/
ipdecap 69.f3a08f6 Can decapsulate traffic encapsulated within GRE, IPIP, 6in4, ESP (ipsec) protocols, and can also remove IEEE 802.1Q (virtual lan) header. http://www.loicp.eu/ipdecap#dependances
isr-form 1.0 Simple html parsing tool that extracts all form related information and generates reports of the data. Allows for quick analyzing of data. http://www.infobyte.com.ar/
javasnoop 1.1 A tool that lets you intercept methods, alter data and otherwise hack Java applications running on your computer https://code.google.com/p/javasnoop/
joomscan 2012.03.10 Detects file inclusion, sql injection, command execution vulnerabilities of a target Joomla! web site. http://joomscan.sourceforge.net/
js-beautify 1.4.2 This little beautifier will reformat and reindent bookmarklets, ugly JavaScript, unpack scripts packed by Dean Edward?s popular packer, as well as deobfuscate scripts processed by javascriptobfuscator.com. https://github.com/einars/js-beautify
kippo 0.9 A medium interaction SSH honeypot designed to log brute force attacks and most importantly, the entire shell interaction by the attacker. https://github.com/desaster/kippo
kismet 2013_03_R1b 802.11 layer2 wireless network detector, sniffer, and intrusion detection system http://www.kismetwireless.net/
kismet-earth 0.1 Various scripts to convert kismet logs to kml file to be used in Google Earth. http://
laudanum 1.0 A collection of injectable files, designed to be used in a pentest when SQL injection flaws are found and are in multiple languages for different environments. http://laudanum.inguardians.com/#
lbmap 145.93e6b71 Proof of concept scripts for advanced web application fingerprinting, presented at OWASP AppSecAsia 2012. https://github.com/wireghoul/lbmap
lfimap 1.4.8 This script is used to take the highest beneficts of the local file include vulnerability in a webserver. https://code.google.com/p/lfimap/
lft 3.72 A layer four traceroute implementing numerous other features. http://pwhois.org/lft/
littleblackbox 0.1.3 Penetration testing tool, search in a collection of thousands of private SSL keys extracted from various embedded devices. http://code.google.com/p/littleblackbox/wiki/FAQ
lodowep 1.2.1 Lodowep is a tool for analyzing password strength of accounts on a Lotus Domino webserver system. http://www.cqure.net/wp/lodowep/
loki 0.2.7_ Python based framework implementing many packet generation and attack modules for Layer 2 and 3 protocols http://c0decafe.de/loki.html
magictree 1.3 A penetration tester productivity tool designed to allow easy and straightforward data consolidation, querying, external command execution and report generation http://www.gremwell.com
maligno 1.2 An open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. http://www.encripto.no/tools/
malmon 0.3 Hosting exploit/backdoor detection daemon. It’s written in python, and uses inotify (pyinotify) to monitor file system activity. It checks files smaller then some size, compares their md5sum and hex signatures against DBs with known exploits/backdoor. http://sourceforge.net/projects/malmon/
maltego 3.5.3 An open source intelligence and forensics application, enabling to easily gather information about DNS, domains, IP addresses, websites, persons, etc. http://www.paterva.com/web5
maltrieve 148.4ad4045 Originated as a fork of mwcrawler. It retrieves malware directly from the sources as listed at a number of sites. https://github.com/technoskald/maltrieve
mat 0.5 Metadata Anonymisation Toolkit composed of a GUI application, a CLI application and a library. https://mat.boum.org/
matahari 0.1.30 A reverse HTTP shell to execute commands on remote machines behind firewalls. http://matahari.sourceforge.net
mausezahn 0.40 A free fast traffic generator written in C which allows you to send nearly every possible and impossible packet. http://www.perihel.at/sec/mz/
mboxgrep 0.7.9 Mboxgrep is a small, non-interactive utility that scans mail folders for messages matching regular expressions. It does matching against basic and extended POSIX regular expressions, and reads and writes a variety of mailbox formats. http://mboxgrep.sourceforge.net
melkor 1.0 An ELF fuzzer that mutates the existing data in an ELF sample given to create orcs (malformed ELFs), however, it does not change values randomly (dumb fuzzing), instead, it fuzzes certain metadata with semi-valid values through the use of fuzzing rules (knowledge base). http://packetstormsecurity.com/files/127924/Melkor-ELF-Fuzzer.0.html
metasploit 29270.738fc78 An open source platform that supports vulnerability research, exploit development and the creation of custom security tools representing the largest collection of quality-assured exploits. http://www.metasploit.com
metoscan 05 Tool for scanning the HTTP methods supported by a webserver. It works by testing a URL and checking the responses for the different requests. http://www.open-labs.org/
mibble 2.9.3 Mibble is an open-source SNMP MIB parser (or SMI parser) written in Java. It can be used to read SNMP MIB files as well as simple ASN.1 files. http://www.mibble.org/
miranda-upnp 1.3 A Python-based Universal Plug-N-Play client application designed to discover, query and interact with UPNP devices http://code.google.com/p/miranda-upnp/
mitmap 0.1 Shell Script for launching a Fake AP with karma functionality and launches ettercap for packet capture and traffic manipulation. http://www.darkoperator.com/tools-and-scripts/
mitmer 22.b01c7fe A man-in-the-middle and phishing attack tool that steals the victim’s credentials of some web services like Facebook. https://github.com/husam212/MITMer
mobiusft 0.5.21 An open-source forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. http://savannah.nongnu.org/projects/mobiusft
moloch 0.9.2 An open source large scale IPv4 full PCAP capturing, indexing and database system. https://github.com/aol/moloch
monocle 1.0 A local network host discovery tool. In passive mode, it will listen for ARP request and reply packets. In active mode, it will send ARP requests to the specific IP range. The results are a list of IP and MAC addresses present on the local network. http://packetstormsecurity.com/files/99823/Monocle-Host-Discovery-Tool.0.html
morxcrack 1.2 A cracking tool written in Perl to perform a dictionary-based attack on various hashing algorithm and CMS salted-passwords. http://www.morxploit.com/morxcrack/
mptcp-abuse 6.b0eeb27 A collection of tools and resources to explore MPTCP on your network. Initially released at Black Hat USA 2014. https://github.com/Neohapsis/mptcp-abuse
mutator 51.164132d This project aims to be a wordlist mutator with hormones, which means that some mutations will be applied to the result of the ones that have been already done, resulting in something like: corporation -> C0rp0r4t10n_2012 https://bitbucket.org/alone/mutator/
netdiscover 0.3 An active/passive address reconnaissance tool, mainly developed for those wireless networks without dhcp server, when you are wardriving. It can be also used on hub/switched networks. http://nixgeneration.com/~jaime/netdiscover/
netmap 0.1.3 Can be used to make a graphical representation of the surounding network. http://netmap.sourceforge.net
nfex 2.5 A tool for extracting files from the network in real-time or post-capture from an offline tcpdump pcap savefile. It is based off of the code-base from the apparently defunct project tcpxtract. https://code.google.com/p/nfex/
ngrep 1.45 A grep-like utility that allows you to search for network packets on an interface. http://ngrep.sourceforge.net/
nield 0.5.1 A tool to receive notifications from kernel through netlink socket, and generate logs related to interfaces, neighbor cache(ARP,NDP), IP address(IPv4,IPv6), routing, FIB rules, traffic control. http://nield.sourceforge.net/
nikto 2.1.5 A web server scanner which performs comprehensive tests against web servers for multiple items http://www.cirt.net/nikto2
o-saft 513.6bcc35b A tool to show informations about SSL certificate and tests the SSL connection according given list of ciphers and various SSL configurations. https://www.owasp.org/index.php/O-Saft
oat 1.3.1 A toolkit that could be used to audit security within Oracle database servers. http://www.cqure.net/wp/test/
openstego 0.6.1 A tool implemented in Java for generic steganography, with support for password-based encryption of the data. http://www.openstego.info/
opensvp 64.56b2b8f A security tool implementing “attacks” to be able to the resistance of firewall to protocol level attack. https://github.com/regit/opensvp
ostinato 0.5.1 An open-source, cross-platform packet/traffic generator and analyzer with a friendly GUI. It aims to be “Wireshark in Reverse” and thus become complementary to Wireshark. http://code.google.com/p/ostinato/
packerid 1.4 Script which uses a PEiD database to identify which packer (if any) is being used by a binary. http://handlers.sans.org/jclausing/
packet-o-matic 351 A real time packet processor. Reads the packet from an input module, match the packet using rules and connection tracking information and then send it to a target module. http://www.packet-o-matic.org/
packit 1.0 A network auditing tool. Its value is derived from its ability to customize, inject, monitor, and manipulate IP traffic. http://packit.sourceforge.net/
panoptic 178.73b2b4c A tool that automates the process of search and retrieval of content for common log and config files through LFI vulnerability. https://github.com/lightos/Panoptic
paros 3.2.13 Java-based HTTP/HTTPS proxy for assessing web app vulnerabilities. Supports editing/viewing HTTP messages on-the-fly, spiders, client certificates, proxy-chaining, intelligent scanning for XSS and SQLi, etc. http://www.parosproxy.org
pcapsipdump 0.2 A tool for dumping SIP sessions (+RTP traffic, if available) to disk in a fashion similar to ‘tcpdump -w’ (format is exactly the same), but one file per sip session (even if there is thousands of concurrect SIP sessions). http://pcapsipdump.sourceforge.net/
pcredz 0.9 A tool that extracts credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, and more from a pcap file or from a live interface. https://github.com/lgandx/PCredz
php-vulnerability-hunter 1.4.0.20 An whitebox fuzz testing tool capable of detected several classes of vulnerabilities in PHP web applications. https://phpvulnhunter.codeplex.com/
plecost 2 Wordpress finger printer tool search and retrieve information about the plugins versions installed in WordPress systems. http://code.google.com/p/plecost/
powerfuzzer 1_beta Powerfuzzer is a highly automated web fuzzer based on many other Open Source fuzzers available (incl. cfuzzer, fuzzled, fuzzer.pl, jbrofuzz, webscarab, wapiti, Socket Fuzzer). It can detect XSS, Injections (SQL, LDAP, commands, code, XPATH) and others. http://www.powerfuzzer.com
praeda 37.093d1c0 An automated data/information harvesting tool designed to gather critical information from various embedded devices. https://github.com/percx/Praeda
proxychains-ng 4.8.1 A hook preloader that allows to redirect TCP traffic of existing dynamically linked programs through one or more SOCKS or HTTP proxies https://github.com/rofl0r/proxychains
proxyp 2013 Small multithreaded Perl script written to enumerate latency, port numbers, server names, & geolocations of proxy IP addresses. http://sourceforge.net/projects/proxyp/
proxytunnel 1.9.0 a program that connects stdin and stdout to a server somewhere on the network, through a standard HTTPS proxy http://proxytunnel.sourceforge.net
pwd-hash 2.0 A password hashing tool that use the crypt function to generate the hash of a string given on standard input. http://vladz.devzero.fr/pwd-hash.php
pwnat 0.3 A tool that allows any number of clients behind NATs to communicate with a server behind a separate NAT with no port forwarding and no DMZ setup on any routers in order to directly communicate with each other http://samy.pl/pwnat/
pyinstaller 2.1 A program that converts (packages) Python programs into stand-alone executables, under Windows, Linux, Mac OS X, Solaris and AIX. http://www.pyinstaller.org/
rainbowcrack 1.2 Password cracker based on the faster time-memory trade-off. With MySQL and Cisco PIX Algorithm patches. http://project-rainbowcrack.com/
rcracki-mt 0.7.0 A tool to perform rainbow table attacks on password hashes. It is intended for indexed/perfected rainbow tables, mainly generated by the distributed project www.freerainbowtables.comhttp://rcracki.sourceforge.net/
rdesktop-brute 1.5.0 It connects to windows terminal servers – Bruteforce patch included. http://www.rdesktop.org/ reaver 1.4 Implements a brute force attack against wifi protected setup WPS registrar PINs in order to recover WPA/WPA2 passphrases http://code.google.com/p/reaver-wps
redirectpoison 1.1 A tool to poison a targeted issuer of SIP INVITE requests with 301 (i.e. Moved Permanently) redirection responses. http://www.hackingexposedvoip.com/
regeorg 26.22fb8a9 The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn. https://github.com/sensepost/reGeorg
replayproxy 1.1 Forensic tool to replay web-based attacks (and also general HTTP traffic) that were captured in a pcap file. https://code.google.com/p/replayproxy/
responder 117.6c7a5dd A LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. https://github.com/SpiderLabs/Responder/
rfdump 1.6 A back-end GPL tool to directly inter-operate with any RFID ISO-Reader to make the contents stored on RFID tags accessible http://www.rfdump.org
rfidiot e302bb7 An open source python library for exploring RFID devices. http://rfidiot.org/
rifiuti2 0.5.1 A rewrite of rifiuti, a great tool from Foundstone folks for analyzing Windows Recycle Bin INFO2 file. https://code.google.com/p/rifiuti2/
ropper 91.212d5da It can show information about files in different file formats and you can find gadgets to build rop chains for different architectures. For disassembly ropper uses the awesome Capstone Framework. https://github.com/sashs/Ropper
rrs 1.70 A reverse (connecting) remote shell. Instead of listening for incoming connections it will connect out to a listener (rrs in listen mode). With tty support and more. http://www.cycom.se/dl/rrs
rubilyn 0.0.1 64bit Mac OS-X kernel rootkit that uses no hardcoded address to hook the BSD subsystem in all OS-X Lion & below. It uses a combination of syscall hooking and DKOM to hide activity on a host. http://nullsecurity.net/tools/backdoor.html
ruby-msgpack 0.5.8 MessagePack, a binary-based efficient data interchange format. http://msgpack.org/
rww-attack 0.9.2 The Remote Web Workplace Attack tool will perform a dictionary attack against a live Microsoft Windows Small Business Server’s ‘Remote Web Workplace’ portal. It currently supports both SBS 2003 and SBS 2008 and includes features to avoid account lock out. http://packetstormsecurity.com/files/79021/Remote-Web-Workplace-Attack-Tool.html
sambascan 0.5.0 Allows you to search an entire network or a number of hosts for SMB shares. It will also list the contents of all public shares that it finds. http://sourceforge.net/projects/sambascan2/
seat 0.3 Next generation information digging application geared toward the needs of security professionals. It uses information stored in search engine databases, cache repositories, and other public resources to scan web sites for potential vulnerabilities. http://thesprawl.org/projects/search-engine-assessment-tool/
sees 67.cd741aa Increase the success rate of phishing attacks by sending emails to company users as if they are coming from the very same company’s domain. https://github.com/galkan/sees/
sessionlist 1.0 Sniffer that intents to sniff HTTP packets and attempts to reconstruct interesting authentication data from websites that do not employ proper secure cookie auth. http://www.0xrage.com/
shellcodecs 0.1 A collection of shellcode, loaders, sources, and generators provided with documentation designed to ease the exploitation and shellcode programming process. http://www.blackhatlibrary.net/Shellcodecs
shellme 3.8c7919d Because sometimes you just need shellcode and opcodes quickly. This essentially just wraps some nasm/objdump calls into a neat script. https://github.com/hatRiot/shellme
silk 3.9.0 A collection of traffic analysis tools developed by the CERT NetSA to facilitate security analysis of large networks. https://tools.netsa.cert.org/silk/
skyjack 7.5f7a25e Takes over Parrot drones, deauthenticating their true owner and taking over control, turning them into zombie drones under your own control. https://github.com/samyk/skyjack
slowloris 0.7 A tool which is written in perl to test http-server vulnerabilites for connection exhaustion denial of service (DoS) attacks so you can enhance the security of your webserver. http://ha.ckers.org/slowloris/
sniffjoke 0.4.1 Injects packets in the transmission flow that are able to seriously disturb passive analysis like sniffing, interception and low level information theft. http://www.delirandom.net/sniffjoke/
snoopy-ng 93.e305420 A distributed, sensor, data collection, interception, analysis, and visualization framework. https://github.com/sensepost/snoopy-ng
snort 2.9.6.1 A lightweight network intrusion detection system. http://www.snort.org
spade 114 A general-purpose Internet utility package, with some extra features to help in tracing the source of spam and other forms of Internet harassment. http://www.hoobie.net/brutus/
sparty 0.1 An open source tool written in python to audit web applications using sharepoint and frontpage architecture. http://sparty.secniche.org/
spectools 2010_04_R1 Spectrum-Tools is a set of utilities for using the Wi-Spy USB spectrum analyzer hardware. Stable version. http://www.kismetwireless.net/spectools/
speedpwn 8.3dd2793 An active WPA/2 Bruteforcer, original created to prove weak standard key generation in different ISP labeled routers without a client is connected. https://gitorious.org/speedpwn/
spooftooph 0.5.2 Designed to automate spoofing or cloning Bluetooth device Name, Class, and Address. Cloning this information effectively allows Bluetooth device to hide in plain sight http://www.hackfromacave.com/projects/spooftooph.html
sqlninja 0.2.6_r1 A tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end http://sqlninja.sourceforge.net/
sqlpat 1.0.1 This tool should be used to audit the strength of Microsoft SQL Server passwords offline. http://www.cqure.net/wp/sqlpat/
sshuttle 198.9ce2fa0 Transparent proxy server that works as a poor man’s VPN. Forwards all TCP packets over ssh (and even DNS requests when using –dns option). Doesn’t require admin privileges on the server side. https://github.com/apenwarr/sshuttle
sslsniff 0.8 A tool to MITM all SSL connections on a LAN and dynamically generate certs for the domains that are being accessed on the fly http://www.thoughtcrime.org/software/sslsniff/
sslsplit 0.4.9 A tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. http://www.roe.ch/SSLsplit
stompy 0.0.4 an advanced utility to test the quality of WWW session identifiers and other tokens that are meant to be unpredictable. http://lcamtuf.coredump.cx/
swfintruder 0.9.1 First tool for testing security in Flash movies. A runtime analyzer for SWF external movies. It helps to find flaws in Flash. http://code.google.com/p/swfintruder/
taof 0.3.2 Taof is a GUI cross-platform Python generic network protocol fuzzer. http://taof.sf.net
tbear 1.5 Transient Bluetooth Environment Auditor includes an ncurses-based Bluetooth scanner (a bit similar to kismet), a Bluetooth DoS tool, and a Bluetooth hidden device locator. http://freshmeat.net/projects/t-bear
tcgetkey 0.1 A set of tools that deal with acquiring physical memory dumps via FireWire and then scan the memory dump to locate TrueCrypt keys and finally decrypt the encrypted TrueCrypt container using the keys. http://packetstormsecurity.com/files/119146/tcgetkey.1.html
tftp-proxy 0.1 This tool accepts connection on tftp and reloads requested content from an upstream tftp server. Meanwhile modifications to the content can be done by pluggable modules. So this one’s nice if your mitm with some embedded devices. http://www.c0decafe.de/
thc-ipv6 2.5 A complete tool set to attack the inherent protocol weaknesses of IPv6 and ICMP6, and includes an easy to use packet factory library. http://thc.org/thc-ipv6/
thc-keyfinder 1.0 Finds crypto keys, encrypted data and compressed data in files by analyzing the entropy of parts of the file. https://www.thc.org/releases.php
thc-pptp-bruter 0.1.4 A brute force program that works against pptp vpn endpoints (tcp port 1723). http://www.thc.org
thc-ssl-dos 1.4 A tool to verify the performance of SSL. To be used in your authorized and legitimate area ONLY. You need to accept this to make use of it, no use for bad intentions, you have been warned! http://www.thc.org/thc-ssl-dos/
theharvester 2.2a Python tool for gathering e-mail accounts and subdomain names from different public sources (search engines, pgp key servers) http://www.edge-security.com/theHarvester.php
topera 19.3e230fd An IPv6 security analysis toolkit, with the particularity that their attacks can’t be detected by Snort. https://github.com/toperaproject/topera
tor-autocircuit 0.2 Tor Autocircuit was developed to give users a finer control over Tor circuit creation. The tool exposes the functionality of TorCtl library which allows its users to control circuit length, speed, geolocation, and other parameters. http://www.thesprawl.org/projects/tor-autocircuit/
tpcat latest TPCAT is based upon pcapdiff by the EFF. TPCAT will analyze two packet captures (taken on each side of the firewall as an example) and report any packets that were seen on the source capture but didn’t make it to the dest. http://sourceforge.net/projects/tpcat/
tsh 0.6 An open-source UNIX backdoor that compiles on all variants, has full pty support, and uses strong crypto for communication. http://packetstormsecurity.com/search/?q=tsh
ubertooth 2012.10.R1 A 2.4 GHz wireless development board suitable for Bluetooth experimentation. Open source hardware and software. Tools only http://sourceforge.net/projects/ubertooth/
ubitack 0.3 Tool, which automates some of the tasks you might need on a (wireless) penetration test or while you are on the go. https://code.google.com/p/ubitack/
ufo-wardriving 4 Allows you to test the security of wireless networks by detecting their passwords based on the router model http://www.ufo-wardriving.com/
ufonet 9.5484a90 A tool designed to launch DDoS attacks against a target, using ‘Open Redirect’ vectors on third party web applications, like botnet. https://github.com/epsylon/ufonet
unicorn 9.a18cb5d A simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. https://github.com/trustedsec/unicorn
uniscan 6.2 A simple Remote File Include, Local File Include and Remote Command Execution vulnerability scanner. http://sourceforge.net/projects/uniscan/ *unix-privesc-check 1.4 Tries to find misconfigurations that could allow local unprivilged users to escalate privileges to other users or to access local apps (e.g. databases) http://pentestmonkey.net/tools/audit/unix-privesc-check
viproy-voipkit 2.0 VoIP Pen-Test Kit for Metasploit Framework http://viproy.com/
vivisect 20140803 A Python based static analysis and reverse engineering framework, Vdb is a Python based research/reversing focused debugger and programatic debugging API by invisigoth of kenshoto http://visi.kenshoto.com/
voiper 0.07 A VoIP security testing toolkit incorporating several VoIP fuzzers and auxilliary tools to assist the auditor. http://voiper.sourceforge.net/
voiphopper 2.04 A security validation tool that tests to see if a PC can mimic the behavior of an IP Phone. It rapidly automates a VLAN Hop into the Voice VLAN. http://voiphopper.sourceforge.net/
voipong 2.0 A utility which detects all Voice Over IP calls on a pipeline, and for those which are G711 encoded, dumps actual conversation to seperate wave files. http://www.enderunix.org/voipong/
vstt 0.5.0 VSTT is a multi-protocol tunneling tool. It accepts input by TCP stream sockets and FIFOs, and can send data via TCP, POP3, and ICMP tunneling. http://www.wendzel.de/dr.org/files/Projects/vstt/
waffit 30 A set of security tools to identify and fingerprint Web Application Firewall/WAF products protecting a website http://code.google.com/p/waffit/
wapiti 2.3.0 A vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, LDAP injections, CRLF injections… http://wapiti.sourceforge.net/
webenum 0.1 Tool to enumerate http responses using dynamically generated queries and more. Useful for penetration tests against web servers. http://code.google.com/p/webenum/
websploit 3.0.0 An Open Source Project For, Social Engineering Works, Scan, Crawler & Analysis Web, Automatic Exploiter, Support Network Attacks http://code.google.com/p/websploit/
wi-feye 1.0 An automated wireless penetration testing tool written in python, its designed to simplify common attacks that can be performed on wifi networks so that they can be executed quickly and easily. http://wi-feye.za1d.com/download.php
winfo 2.0 Uses null sessions to remotely try to retrieve lists of and information about user accounts, workstation/interdomain/server trust accounts, shares (also hidden), sessions, logged in users, and password/lockout policy, from Windows NT/2000/XP. http://www.ntsecurity.nu/toolbox/winfo/
wireless-ids 24.b132071 Ability to detect suspicious activity such as (WEP/WPA/WPS) attack by sniffing the air for wireless packets. https://github.com/SYWorks/wireless-ids
wireshark-cli 1.12.2 a free network protocol analyzer for Unix/Linux and Windows – CLI version http://www.wireshark.org/
wireshark-gtk 1.12.2 a free network protocol analyzer for Unix/Linux and Windows – GTK frontend http://www.wireshark.org/
wirouter-keyrec 1.1.2 A powerful and platform independent software to recover the default WPA passphrases of the supported router models (Telecom Italia Alice AGPF, Fastweb Pirelli, Fastweb Tesley, Eircom Netopia, Pirelli TeleTu/Tele 2). http://www.salvatorefresta.net/tools/
wnmap 0.1 A shell script written with the purpose to automate and chain scans via nmap. You can run nmap with a custom mode written by user and create directories for every mode with the xml/nmap files inside. http://nullsecurity.net/tools/automation.html
x-scan 3.3 A general network vulnerabilities scanner for scanning network vulnerabilities for specific IP address scope or stand-alone computer by multi-threading method, plug-ins are supportable. http://www.xfocus.org/
xcavator 5.bd9e2d8 Man-In-The-Middle and phishing attack tool that steals the victim’s credentials of some web services like Facebook. https://github.com/nccgroup/xcavator
xssscan 8340.db8ef4a Command line tool for detection of XSS attacks in URLs. Based on ModSecurity rules from OWASP CRS. https://github.com/gwroblew/detectXSSlib
zaproxy 2.3.1 A local intercepting proxy with integrated penetration testing tool for finding vulnerabilities in web applications. http://code.google.com/p/zaproxy/
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok