Cppcheck 1.84 A tool for static C/C++ code analysis cpptest 1.1.2 A portable and powerful, yet simple, unit testing framework for handling automated tests in C++. Cr3dov3r 38.e934c90 Search for public leaks for email addresses + check creds against 16 websites. Crackhor 2.ae7d83f A Password cracking utility. Crackle 104.0fc1938 Crack and decrypt BLE encryption crackmapexec 4 A swiss army knife for pentesting Windows/Active Directory environments.
In this tutorial, we will be using an active tool called Maltego, developed by Paterva, that can do many of these tasks with one simple scan. WonderHowTo Null Byte. “Maltego is a unique platform developed to deliver a clear threat picture to the environment that an organization owns and operates. Maltego’s unique advantage is to demonstrate the complexity and severity of single points of failure as well as trust relationships that exist currently within the scope of your infrastructure.
Shareenum 46.3bfa81d Tool to enumerate shares from Windows hosts. Sharesniffer 50.ee21a79 Network share sniffer and auto-mounter for crawling remote file systems. Shellcheck 0.5.0 Shell script analysis tool shellcode-factory 95.1a2b63e Tool to create and test shellcodes from custom assembly sources. Shellcodecs 0.1 A collection of shellcode, loaders, sources, and generators provided with documentation designed to ease the exploitation and shellcode programming process. Shellen 55.2bea7c5 Interactive shellcoding environment to easily craft shellcodes.
Proxychains-ng 4.13 A hook preloader that allows to redirect TCP traffic of existing dynamically linked programs through one or more SOCKS or HTTP proxies proxycheck 0.1 This is a simple proxy tool that checks for the HTTP CONNECT method and grabs verbose output from a webserver. Proxyp 2013 Small multithreaded Perl script written to enumerate latency, port numbers, server names, & geolocations of proxy IP addresses. Proxyscan 0.3 A security penetration testing tool to scan for hosts and ports through a Web proxy server. Proxytunnel 22.214.171.124 a program that connects stdin and stdout to a server somewhere on the network, through a standard HTTPS proxy ps1encode A tool to generate and encode a PowerShell based Metasploit payloads. Pscan 1.3 A limited problem scanner for C source files pshitt 23.dae7931 A lightweight fake SSH server designed to collect authentication data sent by intruders.
Ace 1.10 Automated Corporate Enumerator. A simple yet powerful VoIP Corporate Directory enumeration tool that mimics the behavior of an IP Phone in order to download the name and extension entries that a given phone can display on its screen interface ad-ldap-enum 39.41ac756 An LDAP based Active Directory user and group enumeration tool. Adfind 29.179602f Simple admin panel finder for php,js,cgi,asp and aspx admin panels. Admid-pack 0.1 ADM DNS spoofing tools - Uses a variety of active and passive methods to spoof DNS packets. Very powerful.
Burpsuite 1.7.37 An integrated platform for attacking web applications (free edition). Buttinsky 138.1a2a1b2 Provide an open source framework for automated botnet monitoring. Bvi 1.4.0 A display-oriented editor for binary files operate like 'vi' editor. Bytecode-viewer 2.9.11 A Java 8/Android APK Reverse Engineering Suite. C5scan 29.33a500c Vulnerability scanner and information gatherer for the Concrete5 CMS. Cachedump 1.1 A tool that demonstrates how to recover cache entry information: username and hashed password (called MSCASH). Cadaver 0.23.3 Command-line WebDAV client for Unix camscan 1.0057215 A tool which will analyze the CAM table of Cisco switches to look for anamolies.
Hyperion-crypter 1.2 A runtime encrypter for 32-bit portable executables. Iaxflood 0.1 IAX flooder. Iaxscan 0.02 A Python based scanner for detecting live IAX/2 hosts and then enumerating (by bruteforce) users on those hosts. Ibrute 12.3a6a11e An AppleID password bruteforce tool. It uses Find My Iphone service API, where bruteforce protection was not implemented. Icloudbrutter 15.1f64f19 Tool for AppleID Bruteforce. Icmpquery 1.0 Send and receive ICMP queries for address mask and current time.
Atstaketools 0.1 This is an archive of various @Stake tools that help perform vulnerability scanning and analysis, information gathering, password auditing, and forensics. Auto-xor-decryptor 7.2eb176d Automatic XOR decryptor tool. Automato 26.0aa769d Should help with automating some of the user-focused enumeration tasks during an internal penetration test.
Gitminer 44.4292b5e Tool for advanced mining for content on Github. Gitrob 7.7be4c53 Reconnaissance tool for GitHub organizations. Gittools A repository with 3 tools for pwn'ing websites with.git repositories available'. Gloom 95.607162b Linux Penetration Testing Framework. Glue 363.ffb921f A framework for running a series of tools. Gnuradio 126.96.36.199 General purpose DSP and SDR toolkit.
Vulnerability Analysis • • • • • • • • • • • 5. Passwords and Hashes 5.
Pirana 0.3.1 Exploitation framework that tests the security of a email content filter. Pixd 7.873db72 Colourful visualization tool for binary files.
Sayonara, Zetsubou-Sensei (さよなら 絶望先生, Sayonara Zetsubō Sensei?, literally Goodbye, Mr. Despair) is a Japanese manga by Kōji Kumeta, serialized in Weekly Shōnen Magazine. Sayonara zetsubou sensei crunchyroll download.
Padbuster 10.320a020 Automated script for performing Padding Oracle attacks. Pafish 163.184b3fc A demonstration tool that employs several techniques to detect sandboxes and analysis environments in the same way as malware families do. Paketto 1.10 Advanced TCP/IP Toolkit.
Payloadmask 16.ff38964 Web Payload list editor to use techniques to try bypass web application firewall. Pblind 1.0 Little utility to help exploiting blind sql injection vulnerabilities. Pcapfex 1.0 Packet CAPture Forensic Evidence eXtractor. Pcapfix 1.1.1 Tries to repair your broken pcap and pcapng files. Pcapsipdump 0.2 A tool for dumping SIP sessions (+RTP traffic, if available) to disk in a fashion similar to 'tcpdump -w' (format is exactly the same), but one file per sip session (even if there is thousands of concurrect SIP sessions). Pcapteller 1.1 A tool designed for traffic manipulation and replay.
Levye A brute force tool which is support sshkey, vnckey, rdp, openvpn. Lfi-autopwn 3.0 A Perl script to try to gain code execution on a remote server via LFI lfi-exploiter 1.1 This perl script leverages /proc/self/environ to attempt getting code execution out of a local file inclusion vulnerability. Lfi-fuzzploit 1.1 A simple tool to help in the fuzzing for, finding, and exploiting of local file inclusion vulnerabilities in Linux-based PHP applications. Lfi-image-helper 0.8 A simple script to infect images with PHP Backdoors for local file inclusion attacks.
Then he casually put his headphones back on and ignored us. One common task that Maltego is used for is doing infrastructure footprints on an organisation's network. This post will detail a possible methodology used for network footprints as well as demonstrate how they can be performed in Maltego. Finally the post will show how the process is drastically simplified with the use of machines that automates the process of running transforms in Maltego. Network footprinting methodology. When performing a footprint on a domain the goal is to find as much information about the domain as possible on an infrastructure level.
Rtlizer Simple spectrum analyzer. Rtlsdr-scanner 1012.d559405 A cross platform Python frequency scanning GUI for the OsmoSDR rtl-sdr library. Rtp-flood 1.0 RTP flooder rtpbreak 1.3a Detects, reconstructs and analyzes any RTP session rubilyn 0.0.1 64bit Mac OS-X kernel rootkit that uses no hardcoded address to hook the BSD subsystem in all OS-X Lion & below. It uses a combination of syscall hooking and DKOM to hide activity on a host.
Ike-scan 1.9 A tool that uses IKE protocol to discover, fingerprint and test IPSec VPN servers ikecrack 1.00 An IKE/IPSec crack tool designed to perform Pre-Shared-Key analysis of RFC compliant aggressive mode authentication ikeprobe 0.1 Determine vulnerabilities in the PSK implementation of the VPN server. Ikeprober 1.12 Tool crafting IKE initiator packets and allowing many options to be manually set. Useful to find overflows, error conditions and identifiyng vendors ilty 1.0 An interception phone system for VoIP network.
Mausezahn 0.40 A free fast traffic generator written in C which allows you to send nearly every possible and impossible packet. Mbenum 1.5.0 Queries the master browser for whatever information it has registered. Mboxgrep 0.7.9 A small, non-interactive utility that scans mail folders for messages matching regular expressions. It does matching against basic and extended POSIX regular expressions, and reads and writes a variety of mailbox formats. Mdcrack 1.2 MD4/MD5/NTLM1 hash cracker mdk3 v6 WLAN penetration tool mdns-recon 10.81ecf94 An mDNS recon tool written in Python.
Netsniff-ng 0.6.4 A high performance Linux network sniffer for packet inspection. Netstumbler 0.4.0 Well-known wireless AP scanner and sniffer.
Panhunt 47.500f304 Searches for credit card numbers (PANs) in directories. Panoptic 185.df35a6c A tool that automates the process of search and retrieval of content for common log and config files through LFI vulnerability.