FantaGhost is a perl script that assists with penetration testing by scanning for hidden directories and pages.
de3d7da80da7a9e25f88605774eee513ce090e983c4a83f3f0bae900bb0affb7ISME is a small framework to test IP phones from several editors. It can gather information from IP phone infrastructures, test their web servers for default login/password combinations, and also implement attacks against the systems. ISME has been written in perl with a perl/Tk interface to provide a portable and easy to use tool. Full documentation is also provided.
ecb0015dcaf2c33676782b33e8df8f700c71993eb29d2d41c8dc2453fdec7dc0Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
10532b626e8182605e3ca9215d856a20145f776c30c729387f374dd753230a15Sparty is an open source tool written in python to audit web applications using sharepoint and frontpage architecture. The motivation behind this tool is to provide an easy and robust way to scrutinize the security configurations of sharepoint and frontpage based web applications. Due to the complex nature of these web administration software, it is required to have a simple and efficient tool that gathers information, check access permissions, dump critical information from default files and perform automated exploitation if security risks are identified. A number of automated scanners fall short of this and Sparty is a solution to that.
f7b4720b68387a85282ee51ecffe1c6bd87d4c236fb4fcacbe37fb52ae430b18WATOBO, the Web Application Toolbox, is a tool that enables security professionals to perform highly efficient (semi-automated) web application security audits. It acts like a local proxy and analyzes the traffic on the fly for helpful information and vulnerabilities. It also has automated scanning capabilities, e.g. SQL injection, cross site scripting and more.
ecc5cef05aa502575841bd3e15d42e0dc6e464feff4a873f60fa69774446b024fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
6c364875431542e3f00b8c2fc0e354e4ddf333ed282f83e28a0d6a79326572d5arp-scan sends ARP (Address Resolution Protocol) queries to the specified targets, and displays any responses that are received. It allows any part of the outgoing ARP packets to be changed, allowing the behavior of targets to non-standard ARP packets to be examined. The IP address and hardware address of received packets are displayed, together with the vendor details. These details are obtained from the IEEE OUI and IAB listings, plus a few manual entries. It includes arp-fingerprint, which allows a system to be fingerprinted based on how it responds to non-standard ARP packets.
ce908ac71c48e85dddf6dd4fe5151d13c7528b1f49717a98b2a2535bd797d892fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
ebf0f5a55992e516fa44063993cbcc51bb9555cef769ac9ab5d8be77a8df99dcAgainst is a very fast ssh attack script which includes a multithreaded port scanning module (tcp connect) for discovering possible targets and a multithreaded brute-forcing module which attacks in parallel (multiprocessing) all discovered hosts or given ip addresses from a list.
a381147676345ca9c836e4c1462e3640dcacda8fa9c672bb180705d90835376bWeb Soul is a plugin based scanner for attacking and data mining web sites. Written in Perl.
ca415409ae86c574f541ca482e698ed751209791460f27cc6c8ca5dd4207e578Maligno is an open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded with Base64 prior to transmission.
31f2d0097dcb428cdfb4e14b20982cbccf4d799920eaa871858214dbddcd6c85aidSQL SQL injection detection and exploitation tool is a modular PHP scanner that allows you to develop your own plugins for use.
ede98363826326ac8e65d9fb102f11c06147d57f5417e955d5fa2422c49f5e89This is a python script for searching Bing for sites that may have local and remote file inclusion vulnerabilities.
b57e9c6371c8ee26ae27e8621e28c0050585e84a7b11dc144d70b52d742a8976This is a SQL injection tool similar to havij but is super fast per the author.
bb0ace9f65db972df40d580e46e07ff19b711b4e9d4df7895f33dec8cc400b54This php script fingerprints a given Joomla system and then uses Packet Storm's archive to check for bugs related to the installed components.
88262f0098e3ae940b541af13f63757e65e56df737aad47c872d4403ce361308ISME is a small framework to test IP phones from several editors. It can gather information from IP phone infrastructures, test their web servers for default login/password combinations, and also implement attacks against the systems. ISME has been written in perl with a perl/Tk interface to provide a portable and easy to use tool. Full documentation is also provided.
aec14a937bbc7b54b411e858d71799f4d45d60a0a002a29bca604e2bf90dccffThis is a simple python tool written to extract all web resources by leveraging an exposed .SVN folder.
2675f79a415d1f1f96f60a6a337e25c1fb941c47573e612e32d8468062080155This toolkit houses various IPv6 tools that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 9.0, NetBSD 5.1, OpenBSD 5.0, Mac OS 10.8.0, and Ubuntu 11.10.
8392ec6c2414194f839d154313ea7965a2c6503286828f22860c4c50a635d099wdivulge is a tool designed to find and download hidden files from a webserver. This is most commonly pictures, but you can adjust the file definitions to bruteforce any type of file that you'd like. wdivulge technically falls under the definition of a web fusker.
29e6623de8a65649d70f952b6b3e9f12a7eefe3ca42b4b1101b33bdfcc5fc10bThis toolkit houses various IPv6 tools that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 9.0, NetBSD 5.1, OpenBSD 5.0, Mac OS 10.8.0, and Ubuntu 11.10.
182d3e7b34ea800eae21d5fbf5fd4fa7f13792f27d9a4c5f61947ae0e178a720HostBox SSH is a SSH password/account scanner written in python.
36d0695c3fcf2240852de6eb7a08d01edaa9bc4492c28e29d3b4d044c37e3e6dISME is a small framework to test IP phones from several editors. It can gather information from IP phone infrastructures, test their web servers for default login/password combinations, and also implement attacks against the systems. ISME has been written in perl with a perl/Tk interface to provide a portable and easy to use tool. Full documentation is also provided.
5aef8c3878ccdf4212191b79817bd3ebee7e973b448abb904f5c4514370f4194Compact mass scanner for Cisco routers with default telnet/enable passwords.
867a0b5fd20fabea27f9b864ebcfd8aa4198e3378d494f86556283265b4301b0This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.
652f806668e2da16c60d530a21a840a2cbd6cb4da1794bfc93cc12dac7a062feMpctp is a tool for manipulation of raw packets that allows a large number of options. Its primary purpose is to diagnose and test several scenarios that involving the use of the types of TCP/IP packets. It is able to send certain types of packets to any specific target and manipulations of various fields at runtime. These fields can be modified in its structure as the the Source/Destination IP address and Source/Destination MAC address.
877f0fde7a1b9bb0cdd0999db9a608db6beb44a3c5860736fcb665139c816ff8
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed