JADX - Java source code from Android Dex and Apk files

Command line and GUI tools for produce Java source code from Android Dex and Apk files.Usagejadx[-gui] [options] <input file> (.dex, .apk, .jar or .class)options: -d, --output-dir - output directory -j, --threads-count - processing threads count -f, --fallback - make simple dump (using goto instead of 'if', 'for', etc) --cfg - save methods control flow graph to dot file --raw-cfg - save methods control flow graph...

Read More

MalwaRE - Malware Repository Framework

malwaRE is a malware repository website created using PHP Laravel framework, used to manage your own malware zoo. malwaRE was based on the work of Adlice team with some extra features.If you guys have any improvements, please let me know or send me a pull request.Features Self-hosted solution (PHP/Mysql server needed)VirusTotal results (option for uploading unknown samples)Search filters available (vendor, filename, hash, tag)Vendor name is picked...

Read More

DAws - Advanced Web Shell (Windows/Linux)

There's multiple things that makes DAws better than every Web Shell out there:Bypasses Disablers; DAws isn't just about using a particular function to get the job done, it uses up to 6 functions if needed, for example, if shell_exec was disabled it would automatically use exec or passthru or system or popen or proc_open instead, same for Downloading a File from a Link, if Curl was disabled then file_get_content is used instead and this Feature...

Read More

Appie - Android Pentesting Portable Integrated Environment

Appie is a software package that has been pre-configured to function as an Android Pentesting Environment.It is completely portable and can be carried on USB stick.This is a one stop answer for all the tools needed in Android Application Security Assessment.Difference between Appie and existing environments ?Tools contained in Appie are running on host machine instead of running on virtual machine.Less Space Needed(Only 600MB compared to atleast...

Read More

SmartSniff v2.16 - Capture TCP/IP packets on your network adapter

SmartSniff is a network monitoring utility that allows you to capture TCP/IP packets that pass through your network adapter, and view the captured data as sequence of conversations between clients and servers. You can view the TCP/IP conversations in Ascii mode (for text-based protocols, like HTTP, SMTP, POP3 and FTP.) or as hex dump. (for non-text base protocols, like DNS) SmartSniff provides 3 methods for capturing TCP/IP packets :Raw...

Read More

Beeswarm - Active IDS made easy

Beeswarm is an active IDS project that provides easy configuration, deployment and management of honeypots and clients. The system operates by luring the hacker into the honeypots by setting up a deception infrastructure where deployed drones communicate with honeypots and intentionally leak credentials while doing so. The project has been release in a beta version, a stable version is expected within three months.Installing...

Read More

CapTipper - Malicious HTTP traffic explorer tool

CapTipper is a python tool to analyze, explore and revive HTTP malicious traffic.CapTipper sets up a web server that acts exactly as the server in the PCAP file, and contains internal tools, with a powerful interactive console, for analysis and inspection of the hosts, objects and conversations found.The tool provides the security researcher with easy access to the files and the understanding of the network flow,and is useful when trying to...

Read More

Ghiro 0.2 - Automated Digital Image Forensics Tool

Sometime forensic investigators need to process digital images as evidence. There are some tools around, otherwise it is difficult to deal with forensic analysis with lot of images involved. Images contain tons of information, Ghiro extracts these information from provided images and display them in a nicely formatted report. Dealing...

Read More

Sysmon v2.0 - System Activity Monitor for Windows

System Monitor (Sysmon) is a Windows system service and device driver that, once installed on a system, remains resident across system reboots to monitor and log system activity to the Windows event log. It provides detailed information about process creations, network connections, and changes to file creation time. By collecting the events it generates using Windows Event Collection or SIEM agents and subsequently analyzing them, you can...

Read More

Grinder - System to Automate the Fuzzing of Web Browsers

Grinder is a system to automate the fuzzing of web browsers and the management of a large number of crashes. Grinder Nodes provide an automated way to fuzz a browser, and generate useful crash information (such as call stacks with symbol information as well as logging information which can be used to generate reproducible test cases at a later stage). A Grinder Server provides a central location to collate crashes and, through a web interface,...

Read More

Gitrob - Reconnaissance tool for GitHub organizations

Gitrob is a command line tool that can help organizations and security professionals find such sensitive information. The tool will iterate over all public organization and member repositories and match filenames against a range of patterns for files, that typically contain sensitive or dangerous information.How it worksLooking for sensitive information in GitHub repositories is not a new thing, it has been known for a while that things such...

Read More

Exploit Pack - Open Source Security Project for Penetration Testing and Exploit Development

Exploit Pack, is an open source GPLv3 security tool, this means it is fully free and you can use it without any kind of restriction. Other security tools like Metasploit, Immunity Canvas, or Core Iimpact are ready to use as well but you will require an expensive license to get access to all the features, for example: automatic exploit launching, full report capabilities, reverse shell agent customization, etc. Exploit Pack is fully free, open source...

Read More

ProGuard - Java class file Shrinker, Optimizer, Obfuscator and Preverifier

ProGuard is a free Java class file shrinker, optimizer, obfuscator, and preverifier. It detects and removes unused classes, fields, methods, and attributes. It optimizes bytecode and removes unused instructions. It renames the remaining classes, fields, and methods using short meaningless names. Finally, it preverifies the processed code for Java 6 or higher, or for Java Micro Edition. Some uses of ProGuard are: Creating more compact code, for...

Read More

Password Sniffer Console - Command-line Tool to Sniff and Capture HTTP/FTP/POP3/SMTP/IMAP Passwords

Password Sniffer Console is the all-in-one command-line based Password Sniffing Tool to capture Email, Web and FTP login passwords passing through the network. It automatically detects the login packets on network for various protocols and instantly decodes the passwords.Here is the list of supported protocols, HTTP (BASIC authentication) FTP POP3 IMAP SMTP In addition to recovering your own lost passwords, you can use this tool in following...

Read More

PortExpert - Monitors all applications connected to the Internet

PortExpert gives you a detailed vision of your personnal computer cybersecurity. It automatically monitors all applications connected to the Internet and give you all the information you might need to identify potential threats to your system.FeaturesMonitor of application using TCP/UDP communicationsUser-friendly interfaceIdentifies remote servers (WhoIs service)Allows to open containing folder of any applicationsAllow to easily search for more...

Read More

Tribler - Download Torrents using Tor-inspired onion routing

Tribler is a research project of Delft University of Technology. Tribler was created over nine years ago as a new open source Peer-to-Peer file sharing program. During this time over one million users have installed it successfully and three generations of Ph.D. students tested their algorithms in the real world.Tribler is the first client which continuously improves upon the aging BitTorrent protocol from 2001 and addresses its flaws....

Read More

FirePassword - Firefox Username & Password Recovery Tool

FirePassword is first ever tool (back in early 2007) released to recover the stored website login passwords from Firefox Browser.Like other browsers, Firefox also stores the login details such as username, password for every website visited by the user at the user consent. All these secret details are stored in Firefox sign-on database securely in an encrypted format. FirePassword can instantly decrypt and recover these...

Read More

Crowbar - Brute Forcing Tool for Pentests

Crowbar (crowbar) is brute forcing tool that can be used during penetration tests. It is developed to brute force some protocols in a different manner according to other popular brute forcing tools. As an example, while most brute forcing tools use username and password for SSH brute force, Crowbar uses SSH key. So SSH keys, that are obtained during penetration tests, can be used to attack other SSH servers. Currently Crowbar supports OpenVPNSSH...

Read More

Instant PDF Password Protector - Password Protect PDF file

Instant PDF Password Protector is the Free tool to quickly Password Protect PDF file on your system.With a click of button, you can lock or protect any of your sensitive/private PDF documents. You can also use any of the standard Encryption methods - RC4/AES (40-bit, 128-bit, 256-bit) based upon the desired security level. In addition to this, it also helps you set advanced restrictions to prevent Printing, Copying or Modification of target PDF...

Read More

Hyperfox - HTTP and HTTPs Traffic Interceptor

Hyperfox is a security tool for proxying and recording HTTP and HTTPs communications on a LAN.Hyperfox is capable of forging SSL certificates on the fly using a root CA certificate and its corresponding key (both provided by the user). If the target machine recognizes the root CA as trusted, then HTTPs traffic can be succesfully intercepted and recorded.Hyperfox saves captured data to a SQLite database for later inspection and also provides a web...

Read More

LINSET - WPA/WPA2 Hack Without Brute Force

How it worksScan the networks.Select network.Capture handshake (can be used without handshake)We choose one of several web interfaces tailored for me (thanks to the collaboration of the users)Mounts one FakeAP imitating the originalA DHCP server is created on FakeAPIt creates a DNS server to redirect all requests to the HostThe web server with the selected interface is launchedThe mechanism is launched to check the validity of the passwords that...

Read More

WiFiPhisher - Fast automated phishing attacks against WiFi networks

Wifiphisher is a security tool that mounts fast automated phishing attacks against WiFi networks in order to obtain secret passphrases and other credentials. It is a social engineering attack that unlike other methods it does not include any brute forcing. It is an easy way for obtaining credentials from captive portals and third party login pages or WPA/WPA2 secret passphrases.Wifiphisher works on Kali Linux and is licensed under the MIT license.From...

Read More

SniffPass - Password Monitoring/Sniffing Software (Web/FTP/Email)

SniffPass is small password monitoring software that listens to your network, capture the passwords that pass through your network adapter, and display them on the screen instantly. SniffPass can capture the passwords of the following Protocols: POP3, IMAP4, SMTP, FTP, and HTTP (basic authentication passwords). You can use this utility to recover lost Web/FTP/Email passwords.Using SniffPassIn order to start using SniffPass, follow the instructions...

Read More

Kali Linux NetHunter - Android penetration testing platform

NetHunter is a Android penetration testing platform for Nexus and OnePlus devices built on top of Kali Linux, which includes some special and unique features. Of course, you have all the usual Kali tools in NetHunter as well as the ability to get a full VNC session from your phone to a graphical Kali chroot, however the strength of NetHunter does not end there.We’ve incorporated some amazing features into the NetHunter OS which are both powerful...

Read More