[Wireshark v1.10.0 RC1] The world’s foremost network protocol analyzer

Wireshark is the world’s foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto (and often de jure) standard across many industries and educational institutions.Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998.Changelog v1.10.0 RC1Wireshark 1.10.0rc1 has been...

Read More

[Salted Hash Kracker v1.0] Tool to recover the Password from Salted Hash text

Salted Hash Kracker is the free all-in-one tool to recover the Password from Salted Hash text.These days most websites and applications use salt based hash generation to prevent it from being cracked easily using precomputed hash tables such as Rainbow Crack. In such cases, 'Salted Hash Kracker' will help you to recover the lost password from salted hash text.It also allow you to specify the salt position either in the beginning of password(salt+password)...

Read More

[IPv6 Toolkit v1.3.4] A security assessment and troubleshooting tool for the IPv6 protocols

A security assessment and troubleshooting tool for the IPv6 protocols.The SI6 Networks’ IPv6 toolkit is a set of IPv6 security/trouble-shooting tools, that can send arbitrary IPv6-based packets.Changelog v1.3.4IPv6-host tracking support in the scan6 tool.A new tool, address6, to analyze IPv6 addresses.Minor bug fixes.The toolkit runs on (at least) the latest versions of Linux, FreeBSD,NetBSD, OpenBSD, and MacOS.Supported platformsThe following platforms...

Read More

[Sanewall 1.0.0] Making sense of firewalling

Sanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful as well as easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any firewall need, including: control of any number of internal/external/virtual interfacescontrol of any combination of routed trafficsetting up DMZ...

Read More

[Arachni v0.4.2] web application security scanner (Boosted with new UI)

Arachni is an Open Source, feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications.It is smart, it trains itself by learning from the HTTP responses it receives during the audit process and is able to perform meta-analysis using a number of factors in order to correctly assess the trustworthiness of results and intelligently identify false-positives.It...

Read More

[MSF-Installer] Script to Automate Metasploit Framework Installation

Script to help with installing and configuring Metasploit Framework, Armitage and the Plugins I have written on OSX and LinuxTo use the script on OSX Java, Xcode and Command Development Tools from Xcode must be installed before running the script. In the case of OSX I also added the option of installing GNU GCC in the case you want to compile the old Ruby 1.8.7 that requieres it. When you download the script you must make it executable, when...

Read More

[Mercury v2.2.0] The Android Assessment Framework

Mercury is a security assessment framework for the Android platform. It allows you to dynamically interact with the Inter-Process Communication (IPC) endpoints exported by an application installed on a device.Mercury provides similar functionality to a number of static analysis tools, such as aapt, but offers far more flexibility by allowing you to interact with these endpoints from the context of an unprivileged application running on the same device.The...

Read More

[File Time Changer] Command-line Tool to quickly change the Date/Time stamp of the file

File Time Changer is the Free Command-line tool to quickly change the Date/Time stamp of the file.It also allows you to view the current date/time of the file before modifying it.You can view or modify all the 3 types of timestamp for the file,Creation Time Last Access TimeLast Modified TimeBeing a command-line tool makes it easy to automate through scripts.It works well on both 32-bit & 64-bit platforms starting from Windows XP to Windows...

Read More

[Kali Linux v1.0.3] Penetration Testing Distribution

Kali Linux is the new generation of the industry-leading BackTrack Linux penetration testing and security auditing Linux distribution.Kali is a complete re-build of BackTrack Linux, adhering completely to Debian development standards. All-new infrastructure has been put in place, all tools were reviewed and packaged, and we use Git for our VCS.More than 300 penetration testing tools: After reviewing every tool that was included in BackTrack, we eliminated...

Read More

[WAF-FLE] Web application firewall: fast log and event console

WAF-FLE is a OpenSource Console for ModSecurity, it allow the modsec admin to view and search events sent by mlogc (modsecurity event log handler).Features:Central event consoleSupport Modsecurity in “traditional” and “Anomaly Scoring”Able to receive events sent from mlogc (in real time or in batch using mlogc-batch-load.pl)No sensor number limitDashboard with recent events informationDrill down of events with filterEvery (almost) data is “clickable”...

Read More

[Resolver 1.0.9] Reverse DNS Lookup for a range of IP’s

Resolver is a windows based tool which designed to preform a reverse DNS Lookup for a given IP address or for a range of IP’s in order to find its PTR. Updated to Version 1.0.3 added dns records brute force. Version 1.0.4 added stop button.Features Resolve a single IP addressResolve a C class IP rangeResolve from a list of IP'sExport results to a text fileCopy Results to ClipboardDNS Records Brute forceDownload Resolver...

Read More

[Nessus 5.2] Nessus Vulnerability Scanner

New release of the Nessus vulnerability scanner! This is a major release (moving from 5.0.3 to 5.2.0) and includes several new features and enhancements, including:IPv6 is now supported on all platforms (including Windows)Nessus server support for Windows 8 and Windows 2012Add attachments within scan result reports Mac OS X preference pane Digitally-signed Nessus RPM packages for supporting distributionsSmaller memory footprint and reduced disk...

Read More

[Fern Wifi Cracker] Wireless security auditing and attack software to crack and recover WEP/WPA/WPS keys

Fern Wifi Cracker is a Wireless security auditing and attack software program written using the Python Programming Language and the Python Qt GUI library, the program is able to crack and recover WEP/WPA/WPS keys and also run other network based attacks on wireless or ethernet based networksOperating System SupportedThe Software runs on any Linux machine with the programs prerequisites, But the program has been tested on the following Linux based...

Read More

[Hidden CMD Detector] Discover Hidden Command prompts

Hidden CMD Detector is the free tool to discover Hidden Command prompts and detect any Hacker presence on your system.The first thing any Hacker does on getting access to remote system is to run a hidden Command shell. This tool can help you to automatically detect any such hidden cmd prompts and keep your system safe from hackers.It can help you to discover following type of command prompts,Normal/Hidden Command Prompts Renamed or custom Command...

Read More

[Vega v1.0] Web Application Security Scanner

Vega is an open source platform to test the security of web applications. Vega can help you find and validate SQL Injections, Cross-Site Scripting (XSS), inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows.Vega includes an automated scanner for quick tests and an intercepting proxy for tactical inspection. Vega can be extended using a powerful API in the...

Read More

[SPF v0.1.7] Smartphone Pentest Framework - Support of the SMS shell pivot

The smartphone penetration testing framework, the result of a DARPA Cyber Fast Track project, aims to provide an open source toolkit that addresses the many facets of assessing the security posture of these devices. We will look at the functionality of the framework including information gathering, exploitation, social engineering, and post exploitation through both a traditional IP network and through the mobile modem, showing how this framework...

Read More

[Brakeman v1.9.5] The Static analysis security scanner for Ruby on Rails

Brakeman is an open source vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at any stage of development.Unlike many web security scanners, Brakeman looks at the source code of your application. This means you do not need to set up your whole application stack to use it.Once Brakeman scans the application code, it produces a report of all security issues...

Read More

[Open SCAP v0.9.5] Support of SCE - Script Check Engine

SCAP is a line of standards managed by NIST. It was created to provide a standardized approach to maintaining the security of enterprise systems, such as automatically verifying the presence of patches, checking system security configuration settings, and examining systems for signs of compromise.The SCAP suite contains multiple complex data exchange formats that are to be used to transmit important vulnerability, configuration, and other security...

Read More

[EMET v4.0 Beta] Enhanced Mitigation Experience Toolkit

The enhanced Mitigation Experience Toolkit (EMET) is designed to help prevent hackers from gaining access to your system.Software vulnerabilities and exploits have become an everyday part of life. Virtually every product has to deal with them and consequently, users are faced with a stream of security updates. For users who get attacked before the latest updates have been applied or who get attacked before an update is even available, the results...

Read More

[ADEL] Android Data Extractor Lite

ADEL which is meant as an abbreviation of “Android Data Extractor Lite”. ADEL was developed for versions 2.x of Android and is able to automatically dump selected SQLite database files from Android devices and extract the contents stored within the dumped files. In this section we describe the main tasks of ADEL and what steps the tool actually performs.However, there are conditions that must apply for ADEL to work correctly. These conditions are...

Read More

[Cuckoo Sandbox v0.6] Software for Automating Analysis of Suspicious Files

Cuckoo Sandbox is an Open Source software for automating analysis of suspicious files. To do so it makes use of custom components that monitor the behavior of the malicious processes while running in an isolated environment.Cuckoo generates a handful of different raw data which include:Native functions and Windows API calls tracesCopies of files created and deleted from the filesystemDump of the memory of the selected processScreenshots of the desktop...

Read More