[Malheur v0.5.4] Malware Analyzer

Malheur is a tool for the automatic analysis of malware behavior (program behavior recorded from malicious software in a sandbox environment). It has been designed to support the regular analysis of malicious software and the development of detection and defense measures. Malheur allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes.Analysis of malware behavior?Malheur...

Read More

[TheHarvester v2.2] The Information Gathering Suite

The objective of this program is to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database. This tool is intended to help Penetration testers in the early stages of the penetration test in order to understand the customer footprint on the Internet. It is also useful for anyone that wants to know what an attacker can see about their...

Read More

[Hashcat v0.47] The world’s fastest CPU-based password recovery tool

Hashcat is the world’s fastest CPU-based password recovery tool.While it’s not as fast as its GPU counterparts oclHashcat-plus and oclHashcat-lite, large lists can be easily split in half with a good dictionary and a bit of knowledge of the command switches.Changelog v0.47added -m 123 = EPiadded -m 1430 = sha256(unicode($pass).$salt)added -m 1440 = sha256($salt.unicode($pass))added -m 1441 = EPiServer 6.x >= v4added -m 1711 = SSHA-512(Base64),...

Read More

[Ghost Phisher v1.5] GUI suite for phishing and penetration attacks

Ghost Phisher is an application of security which comes built-in with a fake DNS server , DHCP server fake, fake HTTP Server and also has a space for the automatic capture and recording credentials HTTP method of the form to a database. The program could be used for on-demand service of DHCP, DNS, or requests of the phishing attacks.The Software runs on any Linux machine with the programs prerequisites, But the program has been tested on...

Read More

[Kacak] Enumerate Users in Subnets

Kacak is a tool that can enumerate users specified in the configuration file for windows based networks. It uses metasploit smb_enumusers_domain module in order to achieve this via msfrpcd service. If you are wondering what the msfrpcd service is, please look at the https://github.com/rapid7/metasploit-framework/blob/master/documentation/msfrpc.txt . It also parse mimikatz results.Download KA...

Read More

[Pengowin] Repositorio de herramientas de seguridad para Windows

Un repositorio de mas de 200 herramientas relacionadas con todas las áreas de seguridad informática, actualizadas hasta la ultima versión disponible a la salida (27/11/2013) y algunas tools clásicas que fueron proyectos abandonados o discontinuos pero aun sirven.Todo empieza hace 5 años, a través de los cursos que ofrezco, en los cuales los alumnos que no tenían conocimientos de Linux, estaban desesperados por realizar las mismas técnicas de Ethical...

Read More

[Lynis v1.3.8] The Unix/Linux Hardening tool

Lynis is a security tool to audit and harden Unix and Linux based systems. It scans the system by performing many security control checks, looks for installed software and determines compliance to standards. Also will it detects security issues and errors in configuration. At the end of the scan it will provide the warnings and suggestions to help you improving the security defense of your systems.Some of the (future) features and usage options:...

Read More

[XSSless] An automated XSS payload generator written in python

An automated XSS payload generator written in python. UsageRecord request(s) with Burp proxySelect request(s) you want to generate, then right click and select "Save items"Use xssless to generate your payload: ./xssless.py burp_export_filePwn!A more detailed tutorial can be found hereFeaturesAutomated XSS payload generation from imported Burp proxy requestsPayloads are 100% asynchronous and won't freeze the user's browserCSRF tokens can be easily...

Read More

[Capstone] Ultimate Disassembly Framework

Capstone is a lightweight multi-platform, multi-architecture disassembly framework.Our target is to make Capstone the ultimate disassembly engine for binary analysis and reversing in the security community.FeaturesSupport hardware architectures: ARM, ARM64 (aka ARMv8), Mips & X86 (more details).Clean/simple/lightweight/intuitive architecture-neutral API.Provide details on disassembled instruction (called “decomposer” by others).Provide some semantics of the disassembled instruction, such as list of implicit registers read & written.Implemented...

Read More

[Beast-Check] SSL/TLS BEAST Vulnerability Check

A small perl script that checks a target server whether it is prone to BEAST vulnerability via target preferred cipher. It assumes no workaround (i.e. EMPTY FRAGMENT) applied in target server. Some sources said this workaround was disabled by default for compatibility reasons. This may be the reason why RC4 ciphersuite was widely chosen as highest preferred ciphersuite for the primary workaround. $ ./beast.pl===============================================SSL/TLS...

Read More

[Watcher] passive Web-security scanner

Watcher is a runtime passive-analysis tool for HTTP-based Web applications. Being passive means it won't damage production systems, it's completely safe to use in Cloud computing, shared hosting, and dedicated hosting environments. Watcher detects Web-application security issues as well as operational configuration issues. Watcher provides pen-testers hot-spot detection for vulnerabilities, developers quick sanity checks, and auditors PCI...

Read More

[flunym0us] Vulnerability Scanner for Wordpress and Moodle

Flunym0us is a Vulnerability Scanner for Wordpress and Moodle designed by Flu Project Team. Flunym0us has been developed in Python. Flunym0us performs dictionary attacks against Web sites. By default, Flunym0us includes a dictionary for Wordpress and other for Moodle.OperationFlunym0us requires python. Arguments allowed: -h, --help: Show this help message and exit -wp, --wordpress: Scan WordPress site -mo, --moodle: Scan Moodle site -H HOST,...

Read More

[RHEL 7] Red Hat Enterprise Linux 7 Beta

Red Hat Enterprise Linux 7 Beta showcases hundreds of new features and enhancements, including: Linux Containers - Enabling applications to be created and deployed in isolated environments with allocated resources and permissions.Performance Management – Using built in tools, you can optimize performance out-of-the-box.Physical and Hosted In-place Upgrades - In-place upgrades for common server deployment types are now supported....

Read More

[Twitter Password Dump] Command-line Tool to Recover Twitter Password from Web Browsers

Twitter Password Dump is the command-line tool to instantly recover your lost Twitter password from all the popular web browsers.Currently it can recover your Twitter password from following applications, Firefox Internet Explorer (v6.x - v10.x) Google Chrome Chrome Canary/SXS CoolNovo Browser Opera Browser Apple Safari Flock Browser SeaMonkey Browser Comodo Dragon BrowserIt automatically...

Read More

[RemotePasswordWiFi] Script in Ruby, for search passwords WiFi of remote routers

Script in Ruby, for search passwords WiFi of remote routers. Support Routers:*] Thomson *] Thechnicolorin next days:*] bee *] ciscoDownload RemotePasswordW...

Read More

[WinDbg v6.12.2.633] Debugging Tools for Windows

WinDbg is a graphical debugger from Microsoft. It is actually just one component of the Debugging Tools for Windows package, which also includes the KD, CDB, and NTSD debuggers. Its claim to fame is debugging memory dumps produced after a crash. It can even debug in kernel mode. For downloads and more information.This contains the 32-bit and 64-bit MSI's for Debugging Tools for Windows 6.12.2.633. Highlights in Version 6.12.2.633 This is the current...

Read More

[Avivore] The Twitter-searching Data Miner

Avivore is a Python-based tool that searches Twitter for keywords and then parses any tweets that are found. When parsing, it looks for the following sort of data:Phone numbers in NPA-NXX format (ex: 604-555-1212)IPv4 addresses (127.0.0.1)Blackberry PINs (ABCDEF12)It presently uses a SQLite backend to store the data that is found and outputs results via a Console. It has only been tested on Ubuntu Linux but there should be no real reason for it...

Read More

[Comodo Instant Malware Analysis] Online Automated Analysis System

If you have a suspicious file, please submit it online by using the form below. Once the file is submitted, COMODO Automated Analysis System will scan it and report back its findings.Comodo Instant Malware Analy...

Read More

[BTS PenTesting Lab] A vulnerable web application to learn common vulnerabilities

The most common question from students who is learning website hacking techniques is "how to test my skills legally without getting into troubles?".  So, i always suggest them to use some vulnerable web application such as DVWA. However, i felt dvwa is not suitable for new and advanced techniques.  Mutillidae is one of the best web application vulnerable app to date. However, I missed some techniques/features in Mutillidae.  so i thought it is better develop our own app to teach the web application pentesting for...

Read More

[Anubis] Online Analyzing Unknown Binaries

Anubis is a service for analyzing malware.Submit your Windows executable or Android APK and receive an analysis report telling you what it does. Alternatively, submit a suspicious URL and receive a report that shows you all the activities of the Internet Explorer process when visiting this URL. Anu...

Read More

[Websecurify] Web Security Testing Runtime

A Complete Suite Of Web Security ToolsThe Suite provides a complete and functional marketplace of highly integrated web application security tools. You will find that different areas are covered by various domain-specific solutions. The Suite consists of automated scanners, fuzzers, utilities and many other tools useful in numerous situations.Consistent And Easy To UseThe look and feel is consistent across all applications, which makes them...

Read More

[Bugtroid] Pentesting for Android

Bugtroid is an innovative tool developed by the team of Bugtraq-Team.The main features of this apk, is that it has more than 200 Android and Linux tools (PRO) for pentesting and forensics through its Smarthphone or tablet.It has a menu categorized according to the nature of the tool may find:AnonymitySearch PeopleAudit for frequencies 802.11 (Wireless and Bluetooth)Mapping NetworksRemoteDDOSSniffersPentestingSecurityForensicWeb AnalysisCryptographyBrute...

Read More

[Malware Classifier] Malware Analysis Tool

Adobe Malware Classifier is a command-line tool that lets antivirus analysts, IT administrators, and security researchers quickly and easily determine if a binary file contains malware, so they can develop malware detection signatures faster, reducing the time in which users' systems are vulnerable.Malware Classifier uses machine learning algorithms to classify Win32 binaries – EXEs and DLLs – into three classes: 0 for “clean,” 1 for “malicious,”...

Read More

[Wifitap] WLAN Traffic Injection Tool

Wifitap is a proof of concept for communication over WLAN networks using traffic injection. Wifitap allows direct communication with an associated station to a given access point directly, whilst not being being associated ourselves or being handled by access point.Wifitap is written in Python, and Python is damn slow. So don't expect it to work at 54Mbps.Download Wifi...

Read More

[VirusTotal] Online Malware Analysis Tool

VirusTotal, a subsidiary of Google, is a free online service that analyzes files and URLs enabling the identification of viruses, worms, trojans and other kinds of malicious content detected by antivirus engines and website scanners. At the same time, it may be used as a means to detect false positives, i.e. innocuous resources detected as malicious by one or more scanners. VirusTotal’s mission...

Read More

Tor Browser Bundle 3.5

The 2.x stable series of the Tor Browser Bundle has officially been deprecated, and all users are encouraged to upgrade to the 3.5 series.Packages are now available from the Tor download page as wellas the Tor Package archive.For now, the Pluggable Transports-capable TBB is still a separate package, maintained by David Fifield. For people already using TBB 3.5rc1, the changes are not substantial, and are included below.However, for users of TBB 2.x...

Read More

[Suricata 1.4.7] Open Source Next Generation Intrusion Detection and Prevention Engine

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field.OISF is part of and funded by the Department of Homeland Security's Directorate for Science and Technology HOST program (Homeland Open Security Technology), by the the Navy's Space and Naval Warfare...

Read More

[Rhino] Java Script Deobfuscate Tool

Rhino is an open-source implementation of JavaScript written entirely in Java. It is typically embedded into Java applications to provide scripting to end users. It is embedded in J2SE 6 as the default Java scripting engine. Rhino-debugger is a Graphical User Interface (GUI) that enables to debug JavaScript. It is convenient to malware analysts to deobfuscate JavaScript. Download Rh...

Read More

[Tor-ramdisk] Micro Linux distribution whose sole purpose is to securely host a Tor server purely in RAM

Tor-ramdisk is a uClibc-based micro Linux distribution whose sole purpose is to securely host a Tor server purely in RAM. For those not familiar with Tor, it is a system which allows the user to construct encrypted virtual tunnels which are randomly relayed between Tor servers (nodes) until the connection finally exits to its destination on the internet. The encryption and random relaying resist traffic analysis in that a malicious sniffer...

Read More

[PDFMiner] Python PDF parser and analyzer

PDFMiner is a tool for extracting information from PDF documents. Unlike other PDF-related tools, it focuses entirely on getting and analyzing text data. PDFMiner allows one to obtain the exact location of text in a page, as well as other information such as fonts or lines. It includes a PDF converter that can transform PDF files into other text formats (such as HTML). It has an extensible PDF parser that can be used for other purposes than text...

Read More

[GNU Privacy Guard] Complete and free implementation of the OpenPGP standard

GnuPG is the GNU project's complete and free implementation of the OpenPGP standard as defined by RFC4880. GnuPG allows to encrypt and sign your data and communication, features a versatile key management system as well as access modules for all kinds of public key directories. GnuPG, also known as GPG, is a command line tool with features for easy integration with other applications. A wealth of frontend applications and libraries are available....

Read More

[evasi0n7] iOS 7.x Jailbreak

Evasi0n Jailbreaking tools available for Apple iOS 7 users. This jailbreak utility/tool made by Evad3rs team after 3 months of iOS 7 launched. evasi0n is available for Mac and Windows, and is untethered. Here are the requirements posted on the evasi0n website:A computer, running Windows (XP minimum), Mac OS X (10.6 minimum) or Linux (x86 / x86_64)iTunes installed if you’re running WindowsAn iPhone, iPad or iPod running iOS 7.0 through 7.0.4 (you...

Read More

[WinAppDbg 1.5] Python Debugger

The WinAppDbg python module allows developers to quickly code instrumentation scripts in Python under a Windows environment.It uses ctypes to wrap many Win32 API calls related to debugging, and provides an object-oriented abstraction layer to manipulate threads, libraries and processes, attach your script as a debugger, trace execution, hook API calls, handle events in your debugee and set breakpoints of different kinds (code, hardware and memory)....

Read More