This is a simple little port scanning script written in python.
ad34cb9d3975247aeac90686a80c09eb62fbcb41dbb7d953b4454b12630d2829
Lightaidra is an IRC commanded tool that allows for scanning and exploiting routers. It also performs flooding.
e635493a0bb2cb118a4bfcf366984e92382fe1f4a65b187025ea0b667066c554
This is an automatic SQL Injection tool called FatCat. It has features that help you to extract the database information, table information, and column information from a web application.
d6543e663214a8df0076f59ba3d72d5f35619b7a0177b40574cb7a4a1d03b007
Dark D0rk3r is a python script that performs dork searching and searches for local file inclusion and SQL injection errors.
e01594c855c297a66c7de4fb7f73f8b55125cb6a8f3033145120cc7efa3dfe97
P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Version 3 is a complete rewrite of the original codebase, incorporating a significant number of improvements to network-level fingerprinting, and introducing the ability to reason about application-level payloads (e.g., HTTP).
ae853ced1e0f3446f86a75db60b1aa28e2344aae92002f1ae7860e5b0620124e
Dark D0rk3r is a python script that performs dork searching and searches for local file inclusion and SQL injection errors.
2cd563268ad9d548cc3b7f95e276dc7556b79d410ef730c9500bb9188a4e6032
PostTest is a jar file that will send POST requests to servers in order to test for the hash collision vulnerability discussed at the Chaos Communication Congress in Berlin.
bd550e19acbe2d399474ba43ff5e2e77c8272fcd31dcfc6416fb5526af110a23
Dark D0rk3r is a python script that performs dork searching and searches for local file inclusion and SQL injection errors.
9cb0b06c2ca91a77430609008c9cc5f0ec9707e4ea733ba57a80360f3cb14ee6
Dark D0rk3r is a python script that performs dork searching and searches for local file inclusion and SQL injection errors.
884794d3257eadf6e3fc02c695efed5f36b4700c719563298ebf6b08c76ae9b2
Dark D0rk3r is a python script that performs dork searching and searches for SQL injection errors.
a9e3c9cd5b600302dcc1f2341952a583fc80d08ab62cdd2e46374d1c9e8bc466
P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Version 3 is a complete rewrite of the original codebase, incorporating a significant number of improvements to network-level fingerprinting, and introducing the ability to reason about application-level payloads (e.g., HTTP).
b4d041b7f5b2f8accca3d9e64e5e1f672057d30337b51ea621cfebdf78c6beae
This is a very fast TCP port scanner for Linux that can scan multiple hosts and ports at once.
532b12c345a9b6c259dd867d345eb609f6e285aa29aed0c38f393a0f7247b67a
This is a simple ICMP ping sweeping tool that takes in a range of IP addresses.
f42e0187f536097a0191dec4e7b0d24b97b53a7add5c373fe34cd95f26a39102
The Exploit Next Generation® SQL Fingerprint tool uses well-known techniques based on several public tools capable of identifying the Microsoft SQL Server version (such as: SQLping and SQLver), but, instead of showing only the "raw version" (i.e., Microsoft SQL Version 10.00.2746), the Exploit Next Generation® SQL Fingerprint shows the mapped Microsoft SQL Server version (i.e., Microsoft SQL 2008 SP1 (CU5)).
bf4a7c2d83f70c89142fb442c4c5a64539b4f8b6d26e806e53e2c6a7329d4ac4
P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Version 3 is a complete rewrite of the original codebase, incorporating a significant number of improvements to network-level fingerprinting, and introducing the ability to reason about application-level payloads (e.g., HTTP).
dbc8dcdc290b010ac9b9917d53afc6ae8f0fe24ee6aae0ed5b337ca39cd35159
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
e272a89bb05740d89b6d0eef96460f165e52b285cb635d39794bf0db91a8a7d5
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
fe265965eb1ce8fac352e0bddea1d5ec6508c319bf88a5f63c2edecf2af6de54
Google Hack DB Tool is a database tool with almost 8,000 entries. It allows administrators the ability to check their site for vulnerabilities based on data stored in Google.
12b7469e4b9b834912c6f00c0fee5914c6b1ade79491520bd138743b393b095e
NiX API is a powerful anti-proxy, anti-fraud, and IP reputation lookup API. It uses the NiX database at cli.nixapi.com to determine IP country/region/city, data center details, satellite provider details, open proxy details, and Tor network association.
474102596a87d21818c553be365a5aee27299455bc52719a27f2ca79bcfa0979
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
125d5d1970d4ec04aabdd90dbc6c7f44e001a9608b9e4e267079f6bcd47b5370
This Python script is a tool that can be used to check windows workstations and servers if they have accessible shared resources.
600fe021cba9d7d5fbdbefacead259934ad572ebb61789e4d54d65b057e4460f
CSRFSCanner is a tool designed to identify the forms potentially vulnerable to CSRF/XSRF on a website. This detection is made on forms that are only accessible by logged-in users (cookies are needed to find these forms). The methodology used to identify these forms is the 4-pass reverse diff analysis. Then, in order to determine if a form may be vulnerable, the tool analyzes hidden and password fields to find an anti-CSRF token.
fd58e11b450986c60c0cd969f891ab765b1a2c2b2206cb75dbea974ece7c66c8
XssScanner is a tool designed to help penetration testers find cross site scripting vulnerabilities. It analyzes a webpage to determine which are the payloads that could be used according to the position of the parameter. Then, for each selected payload, XssScanner sends a request using the payload and checks the returned page to find the payload. The major feature of XssScanner is its ability to detect many encodings that do not change the behavior of the payload (eg: double quote encoded into ").
beced1c0c47a2a50b77bc4b4d0a52f446464a99e5678cece598afbfae7977461
XSSer is an open source penetration testing tool that automates the process of detecting and exploiting XSS injections against different applications. It contains several options to try to bypass certain filters, and various special techniques of code injection.
bef3399a296d2bc9f4afa5ff5d431dea9826fc32d8c59e4fc693a7006077308c
Vega is a GUI-based, multi-platform, free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web applications. Vega also includes an intercepting proxy for interactive web application debugging. Vega attack modules are written in Javascript, users can easily modify them or write their own. This is the Windows 64-bit version.
f501b5542283ff5314d059149275673e0bd3f582e2dd9bf874a957a697e82340