[CookieCatcher] Session Hijacking Tool

CookieCatcher is an open source application which was created to assist in the exploitation of XSS (Cross Site Scripting) vulnerabilities within web applications to steal user session IDs (aka Session Hijacking). The use of this application is purely educational and should not be used without proper permission from the target application.Features:- Prebuilt payloads to steal cookie data- Just copy and paste payload into a XSS vulnerability- Will...

Read More

[Resolver v1.0.9] The reverse/bruteforce DNS lookup

Resolver is a windows based tool which designed to preform a reverse DNS Lookup for a given IP address or for a range of IP’s in order to find its PTR. Updated to Version 1.0.3 added dns records brute force.Resolver features:Resolve a Single IPResolve an IP RangeResolve IP’s provided in a text fileExport Results to a text fileCopy results to ClipboardDNS Records brute forceDownload Resolver v1....

Read More

[Process Magic v2.0] Command-line Tool to Hide Windows Application or Launch New Process in Hidden Mode

Process Magic is the command-line tool to Hide any Windows application or launch new application in Hidden or Invisible mode. In addition to hiding any Windows process, it also allows you to Unhide any previously Hidden application.Note that it hides the application by hiding its main window. So it will be seen in Task Manager or any process listing tools. It will be ideal when you want to hide your application from other users to prevent it from...

Read More

[Wi-fEye] Automated Network Testing Tool

Wi-fEye is an automated wirelress penetration testing tool written in python , its designed to simplify common attacks that can be performed on wifi networks so that they can be executed quickly and easily.Wifi has three main menus :Cracking menu: contains attacks that could allow us to crack wifi passwords weather is WEP , WPA or WPA2:Enable monitor modeView avalale Wireless NetworksLaunch Airodump-ng on a specific APWEP cracking: here you...

Read More

[Linux Exploit Suggester] Grab the Linux Operating Systems release version, and return a suggestive list of possible exploits

Linux Exploit Suggester; based on operating system release number.This program run without arguments will perform a 'uname -r' to grab the Linux Operating Systems release version, and return a suggestive list of possible exploits. Nothing fancy, so a patched/back-ported patch may fool this script.Additionally possible to provide '-k' flag to manually enter the Kernel Version/Operating System Release Version.This script has been extremely useful...

Read More

[Hidden File Finder v2.5] Tool to Find and Unhide/Remove all the Hidden Files

Hidden File Finder is the free software to quickly scan and discover all the Hidden files on your Windows system. It performs swift multi threaded scan of all the folders parallely and quickly uncovers all the hidden files. It automatically detects the Hidden Executable Files (EXE, DLL, COM etc) and shows them in red color for easier identification. Similarly 'Hidden Files' are shown in black color and 'Hiddden Folders' are shown in blue color.One...

Read More

[oclHashcat-plus v0.15] Advanced Password Recovery

This version is the result of over 6 months of work, having modified 618,473 total lines of source code.Before we go into the details of the changes, here's a quick summary of the major changes:Added support for cracking passwords longer than 15 charactersAdded support for mask-files, which enables password policy-specific candidate generation using PACKAdded support for multiple dictionaries in attack modes other than straight modeRewrote workload...

Read More

[Network Password Decryptor v6.0] Windows Network Password Recovery Tool

Network Password Decryptor is the free tool to instantly recover network authentication passwords.In addition to the network authentication passwords it can also recover passwords stored by other windows apps such as Outlook, Windows Live Messenger, Remote Destktop etc.These network passwords are stored in encrypted format and even administrator cannot view these passwords. Also some type of passwords cannot be decrypted even...

Read More

11 Firefox Add-ons to Hack and PenTest

1. Tamper DataTamper data is an great tool to to view and modify HTTP/HTTPS headers and post parameters. We can alter each request going from our machine to destination host with this. Thus it helps in security testing web application by modifying POST parameters. It can be used in performing XSS and SQL Injection attacks by modifying header data.Add Tamper data to Firefox:https://addons.mozilla.org/en-us/firefox/addon/tamper-data/2. FirebugFirebug...

Read More

[GoLismero v2.0] The Web Knife

GoLismero is an open source framework for security testing. It's currently geared towards web security, but it can easily be expanded to other kinds of scans.The most interesting features of the framework are:Real platform independence. Tested on Windows, Linux, *BSD and OS X.No native library dependencies. All of the framework has been written in pure Python.Good performance when compared with other frameworks written in Python and other scripting...

Read More

[Yersinia v0.7.3] The network protocols assessment tool

Yersinia is a network tool designed to take advantage of some weakeness in different network protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems.Currently, there are some network protocols implemented, but others are coming (tell us which one is your preferred). Attacks for the following network protocols are implemented (but of course you are free for implementing new ones):Spanning Tree Protocol...

Read More

[Router Password Decryptor] Tool to Recover Login/PPPoE/WEP/WPA/WPA2 Passwords from Router/Modem Config file

Router Password Decryptor is the FREE tool to instantly recover internet login/PPPoE authentication passwords, Wireless WEP keys, WPA/WPA2 Passphrases from your Router/Modem configuration file.Currently it supports password recovery from following type of Routers/Modems: Cisco Juniper DLink BSNL In addition to this, it also has unique 'Smart Mode' feature (experimental) to recover passwords from any type of Router/Modem configuration...

Read More

[Nmap v6.40] Free Security Scanner For Network Exploration & Security Audits

Nmap (“Network Mapper”) is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for network inventory, managing service upgrade schedules, monitoring host or service uptime, and many other tasks. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering,...

Read More

[Xenotix XSS Exploit Framework v4] Advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework

OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework. It provides Zero False Positive scan results with its unique Triple Browser Engine (Trident, WebKit, and Gecko) embedded scanner. It is claimed to have the world’s 2nd largest XSS Payloads of about 1500+ distinctive XSS Payloads for effective XSS vulnerability detection and WAF Bypass. It is incorporated with a feature...

Read More

[ZMap v1.0.3] The Internet Scanner

ZMap is an open-source network scanner that enables researchers to easily perform Internet-wide network studies. With a single machine and a well provisioned network uplink, ZMap is capable of performing a complete scan of the IPv4 address space in under 45 minutes, approaching the theoretical limit of gigabit Ethernet.ZMap can be used to study protocol adoption over time, monitor service availability, and help us better understand large systems...

Read More

[fuzzdb] Attack and Discovery Pattern Database for Application Fuzz Testing

fuzzdb aggregates known attack patterns, predictable resource names, server response messages, and other resources like web shells into the most comprehensive Open Source database of malicious and malformed input test cases.What's in fuzzdb? Predictable Resource Locations - Because of the popularity of a small number of server types, platforms, and package formats, resources such as logfiles and administrative directories are typically located...

Read More

[The Backdoor Factory] Backdoors win32 PE files

Backdoors win32 PE files, to continue normal file execution (if the shellcode supports it), by patching the exe/dll directly.Some executables have built in protections, as such this will not work on all PE files. It is advisable that you test target PE files before deploying them to clients or using them in exercises.Win32 binaries now run on x64 working with ASLR for proper continued execution after shellcode has run.Recently tested on all 32bit...

Read More

[Malcom] Malware Communication Analyzer

Malcom is a tool designed to analyze a system's network communication using graphical representations of network traffic. This comes handy when analyzing how certain malware species try to communicate with the outside world.Malcom can help you:detect central command and control (C&C) serversunderstand peer-to-peer networksobserve DNS fast-flux infrastructuresquickly determine if a network artifact is 'known-bad'The aim of Malcom is to make...

Read More

[Vulscan] Module which enhances nmap to a vulnerability scanner

Vulscan is a module which enhances nmap to a vulnerability scanner. The nmap option -sV enables version detection per service which is used to determine potential flaws according to the identified product. The data is looked up in an offline version scip VulDB.InstallationPlease install the files into the following folder of your Nmap installation:Nmap\scripts\vulscan\*UsageYou have to run the following minimal command to initiate a simple vulnerability...

Read More

[LinEnum] Scripted Local Linux Enumeration & Privilege Escalation Checks

High-level summary of the checks/tasks performed by LinEnum:Kernel and distribution release detailsSystem Information: HostnameNetworking details:Current IPDefault route detailsDNS server informationUser Information: Current user detailsLast logged on usersList all users including uid/gid informationList root accountsExtract full details for ‘default’ uid’s such as 0, 1000, 1001 etcAttempt to read restricted files i.e. /etc/shadowList current users...

Read More

[I2P] Anonymizing Network

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties.Many applications are available that interface with I2P, including mail, peer-peer, IRC chat, and others.The I2P project was formed in 2003 to support the efforts of those trying to build a more free...

Read More

[Tunna Framework] Tool designed to bypass firewall restrictions on remote webservers

Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments. The web application file must be uploaded on the remote server. It will be used to make a local connection with services running on the remote web server or any other server in the DMZ. The local application communicates with the webshell over the HTTP protocol. It also exposes a...

Read More

[Introspy] Monitor app in your iDevice

The ProblemIn 2013, assessing the security of iOS applications still involves a lot of manual, time-consuming tasks - especially when performing a black-box assessment. Without access to source code, a comprehensive review of these application currently requires in-depth knowledge of various APIs and the ability to use relatively complex, generic tools such as Cycript, or Mobile Substrate - or just jump straight into the debugger.To simplify...

Read More

[Raft v3.0.1] Response Analysis and Further Testing Tool

Not an inspection proxy RAFT is a testing tool for the identification of vulnerabilities in web applications. RAFT is a suite of tools that utilize common shared elements to make testing and analysis easier. The tool provides visibility in to areas that other tools do not such as various client side storage. RAFT uses markup to create templates for fuzz testing.Download Raft v3....

Read More

[The Burp SessionAuth] Extension for Detection of Possible Privilege escalation vulnerabilities

Normally a web application should identify a logged in user by data which is stored on the server side in some kind of session storage. However, in web application audits someone can often observe that internal user identifiers are transmitted in HTTP requests as parameters or cookies. Applications which trust identity information provided by the client can be vulnerable to privilege escalation attacks. Finding all occurrences of identity data transmissions...

Read More