The Exploit Next Generation® SQL Fingerprint tool uses a combination of crafted packets for SQL Server Resolution Protocol (SSRP) and Tabular Data Stream Protocol (TDS) (protocols natively used by Microsoft SQL Server) to accurately perform version fingerprinting and determine the exact Microsoft SQL Server version.
a9da9389d828f4a7b3af5d779e87fb3ae513be7cc7645331252f6b8c668f4c79
Topera is a brand new TCP port scanner under IPv6, with the particularity that these scans are not detected by Snort.
591c744698ada00f812cd2bae062173152d060dc4796b746a1157dcf07e16e57
WordPress version 3.5 has the XML-RPC interface enabled by default. This tool uses the Pingback API to perform portscanning.
4e148f46aa9ea85dd8ac723066ebdb2a21047032dde632464b55d619c9359123
This is a simple script that looks for administrative web interfaces.
8b38d74ef497e3a86e7bc96c10d42b6295ff2d4263d94398896acce9df4f3109
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
e6a88e969264ff23bd5837a47e5b60b8c4d36fc8a2326c6b377f8447ecf2adea
This is the telnet encrypt key id priv8 modified version of synscan.
941d0545a6636757939b84f3cf7f19204935caab6241cc3cf55bcb2b2b71ba5e
HostBox SSH is a python script will scan servers and routers for insecure SSH configurations.
66ff8b884cc577d7992b8ab5e5bbaa86a19582ea7720431f16288019bd7f2ea8
v3n0m Scanner is a mutation of smartd0rk3r and can search for 10,446 Google dorks. It then performs several checks for vulnerabilities in the sites.
76aa04ba373e47d64d01e9442b8c29083d7886303ce636a3a5e5ae5f3a1ca0e4
sshscan is a horizontal SSH scanner that scans large swaths of IPv4 space for a single SSH user and pass. It uses iplist.txt as the input of IP addresses in the form of X.X.X.X, X.X.X.X/XX, X.X.X.X-X.X.X.X, or X.X.X.X-X with X-X in any octet.
a4091d1867acb30417cfb6d1f117763ad5ee9ac54bf8dec47433e19b57fc8de8
Spiga is a configurable web resource scanner. spiga.conf provides the functions, actions, and resources for spiga.py.
d9ff5592ebdf970884de4bb8d74471d5d09b3d7b310612794b04c551c3091ebf
Seringa (Romanian for seringe) is an SQL injection framework featuring high customizability and a user-friendly interface. It is completely open source. Uses the .NET 4.0 framework and Windows Presentation Foundation (WPF) for the GUI. With regard to design it utilizes the Strategy Pattern to distinguish between various SQLi strategies whilst storing other relevant data such as exploits, payloads and patterns in xml files so that the framework can be easily customized from the outside (a manifestation of the Open-Closed Principle).
12c6c7ca253db5b9a765be47d038f7aafa4725d090e4409dd3208b0d3aa802e9
HostBox SSH is a python script will scan servers and routers for insecure SSH configurations.
357b430d5880a2895e02e42da73691c2a1ff1fed1383e9a6c9521150eb847208
ISME is a small framework to test IP phones from several editors. It can gather information from IP phone infrastructures, test their web servers for default login/password combinations, and also implement attacks against the systems. ISME has been written in perl with a perl/Tk interface to provide a portable and easy to use tool. Full documentation is also provided.
005bb4e3debe6a2d061f32cac8be7405b70d70dd01daa3593789c1e34a3b464e
This is a python script that scans webservers looking for administrative directories, php shells, and more.
ff7251ea44de62a616b371d565e92e2f876c702145c837892f6b213ac06e1b31
This is a small python tool that scans websites to look for PHP shells, backups, admin panels, and more.
eae76aaf398f8283420ca6cccb69d3b75a9e6c4026d44fa9fd0ff9eed3f493d3
Dark D0rk3r is a python script that performs dork searching and searches for local file inclusion and SQL injection errors.
abad4118aa1bd7caa5f21d47d70ee43209c1c04544e2dde8f419bedfff043fe2
Smartd0rk3r is a python script that performs dork searching and searches for local file inclusion and SQL injection errors. It is based on darkd0rk3r.
0d06a0a3c09aff5089d2b9aeac9f7115436c6645c436de3784e3837c44fca1bf
Dark D0rk3r is a python script that performs dork searching and searches for local file inclusion and SQL injection errors.
72521d168ff071da1414d3758c4871bfc735691c5a5cd96ebd42aa755f6e6126
This is a modified version of synscan that checks credentials against MySQL instances and logs the output to mysqljack.pot.
24847c2c7a4902a7f34c01a46299bad29d65594d3c31354d49f56ff691b37f51
SinFP3 is a complete framework for network discovery. Its main purpose is to perform active fingerprinting, but it can also do passive fingerprinting. Both modes are available over IPv4 and IPv6. This new version introduces a plugin-based architecture, allowing anyone to develop their own tools around the framework.
cc39d157143cb1731e88b425752b9ed94bda6f8c149d27e9242a7ae0ad536412
This toolkit houses various IPv6 tools that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 9.0, NetBSD 5.1, OpenBSD 5.0, Mac OS 10.8.0, and Ubuntu 11.10.
37fde545740ff58ff27a5cb9590cb1aef36206d163471d31c5f7531f501e90c5
Skipfish is a fully automated, active web application security reconnaissance tool. It is high speed, has a low false positive rate, and is easy to use.
12ea7c74ed8a3fa29668d95172f46c976997cd393c908a7704b97610bfcd350a
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
f7f306a66c641020e7c7a820eaa3743e2700ddee6e26cca37440db95df56b986
ISME is a small framework to test IP phones from several editors. It can gather information from IP phone infrastructures, test their web servers for default login/password combinations, and also implement attacks against the systems. ISME has been written in perl with a perl/Tk interface to provide a portable and easy to use tool. Full documentation is also provided.
052944b549e2c683c0e76cceb786430d87744dc8c6db6eb95c053a158d07f5a5
Dark D0rk3r is a python script that performs dork searching and searches for local file inclusion and SQL injection errors.
d5e18476351c15cadf4a4c449aee566b2e265d0424264cd5d1d72bcd319463cd