Vega is a GUI-based, multi-platform, free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web applications. Vega also includes an intercepting proxy for interactive web application debugging. Vega attack modules are written in Javascript, users can easily modify them or write their own. This is the Windows 32-bit version.
aad4eea58cb70eb9f9a3c522f982077489d855b953bf6c30fe9e69c295845898
Vega is a GUI-based, multi-platform, free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web applications. Vega also includes an intercepting proxy for interactive web application debugging. Vega attack modules are written in Javascript, users can easily modify them or write their own. This is the Linux 64-bit version.
79b0faa76f914a0c26cf4ca2caecfa49914eab314ac80353d7d28ca80cdc2589
Vega is a GUI-based, multi-platform, free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web applications. Vega also includes an intercepting proxy for interactive web application debugging. Vega attack modules are written in Javascript, users can easily modify them or write their own. This is the Linux 32-bit version.
8ea6a4d731627a6b4e2c1666316af08385acd6507d9b252567b02a0faa05bc80
Vega is a GUI-based, multi-platform, free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web applications. Vega also includes an intercepting proxy for interactive web application debugging. Vega attack modules are written in Javascript, users can easily modify them or write their own. This is the Mac OS X 64-bit version.
f98c5c3496b4a9067e27396e9930598b9b91eca1b92f93f106307ab600f26eb7
Vega is a GUI-based, multi-platform, free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web applications. Vega also includes an intercepting proxy for interactive web application debugging. Vega attack modules are written in Javascript, users can easily modify them or write their own. This is the Mac OS X 32-bit version.
68d8eea7c407151d911b13b7a8fcec1ba0338f7ace0e93b2f6ae207db03938e5
WordPress Security Scanner can perform username enumeration, weak password cracking, version / vulnerability / plugin enumeration, and more.
c9c8e314f8ebdc87651ebdd42e92f9e439b9431b0beb3e3e535e0a805477e7ce
This is a python script that uses the Max-Forwards header in HTTP and SIP to perform a traceroute-like scanning functionality.
5e42c04c9cc710f988a0f3080b9bf3da5742497a0cc702712f9040b3b4444404
A small collection of scanners using SCAPY that scan for Remote Desktop, VNC, SSH and Telnet servers on networks. It can be used to build target lists or discover rogue services running on your networks. Written in Python.
af46bf1f61d6ac25ffe9a21f178bbd9262eb64e48d53371b8aa3e0e2721606b2
LFI Fuzzploit is a simple tool to help in the fuzzing for, finding, and exploiting of local file inclusion vulnerabilities in Linux-based PHP applications. Using special encoding and fuzzing techniques, lfi_fuzzploit will scan for some known and some not so known LFI filter bypasses and exploits using some advanced encoding/bypass methods to try to bypass security and achieve its goal which is ultimately, exploiting a local file inclusion.
164c07ad86594aa9bfe0936cec79654856d45223f5354927c0eba3f0fca68942
This is a basic TCP SYN scanner that is multi-threaded.
05a84a886d1c59a2eb79d1ef37a2e76d8540fbc184e6059c4dbc8ef23136fb77
Joomla web scanning perl script that gets the version, components and shows possible bugs.
dbf6afebc08cfab8556c7d449c2714a2f927de9e575f463d09ddc670e6dbb60d
LFI Fuzzploit is a simple tool to help in the fuzzing for, finding, and exploiting of local file inclusion vulnerabilities in Linux-based PHP applications. Using special encoding and fuzzing techniques, lfi_fuzzploit will scan for some known and some not so known LFI filter bypasses and exploits using some advanced encoding/bypass methods to try to bypass security and achieve its goal which is ultimately, exploiting a local file inclusion.
3a5d65839a39e161cd4eb55e8727cfcb58218b82ef4a1136b4b36f4b0ca58a14
This PHP script scans a given webserver for various phpMyAdmin administrative pages / directories.
43b359163a0d78664ab5ee845e18e82ef711188e22723956ec574d7fa9b891a4
DNS Spider is a multithreaded bruteforcer of subdomains that leverages a wordlist and/or character permutation.
39ad27d6d5242990a8105766614da17511aa4ebe6dcac490096e88bd2c6734bf
Multi Threaded TCP Port Scanner allows you to scan 65535 TCP ports on an IP address. You can specify how many threads to run and the timeout. Furthermore, it will tell you the MAC address of the target and the services that are running. You can scan IP addresses on your network and find out which open ports you have.
f7a1988b7fa2031d76134d53841a1a59fe4268b7b7ee60f194d73c64614abf0a
DNS Spider is a multithreaded bruteforcer of subdomains that leverages a wordlist and/or character permutation.
02a649bed1f95725457afba963b0b2b7dd633af23049f897e46fc3332e610df0
Short Fuzzy Rat is a web fuzzing script written in perl. It was inspired by Luca Carettoni's original fuzzing list of 879 attack vectors with 8 levels of recursion.
47d1089c602db79c18a245d91394adc793cb408d0f321f22b72996325a09af03
Plomp is a HTTP banner grabber script written in Perl that also sends malformed requests to the server in order to determine if the version information has been altered.
7046c3463928e49abe3a505f5061cd467763d59028f8751f33833e12e511ee9c
QuickRecon is a python script for simple information gathering. It attempts to find subdomain names, perform zone transfers and gathers emails from Google and Bing.
ea4d1b4a503d4c936ae72f89f163ab294c538b44f65fa7c1b4ced970c2a852a9
ndisc6 consists of three command line tools (ndisc6, rdisc6, and traceroute6) that perform ICMPv6 Neighbor Discovery, ICMPv6 Router Discovery, and IPv6 tcptraceroute/traceroute respectively. It is primarily meant for IPv6 networking diagnostics and monitoring.
6acec8a0cb9efa3ac98456f46c3016aeec0598b0c7557c95242b5228ad62ca7a
WATOBO, the Web Application Toolbox, is a tool that enables security professionals to perform highly efficient (semi-automated) web application security audits. It acts like a local proxy and analyzes the traffic on the fly for helpful information and vulnerabilities. It also has automated scanning capabilities, e.g. SQL injection, cross site scripting and more.
a78a5a6c40926c354bfc17aab3946366ddedf5ab4bbb887ce855dc666d9bbc86
arp-scan sends ARP (Address Resolution Protocol) queries to the specified targets, and displays any responses that are received. It allows any part of the outgoing ARP packets to be changed, allowing the behavior of targets to non-standard ARP packets to be examined. The IP address and hardware address of received packets are displayed, together with the vendor details. These details are obtained from the IEEE OUI and IAB listings, plus a few manual entries. It includes arp-fingerprint, which allows a system to be fingerprinted based on how it responds to non-standard ARP packets.
61055bf9e7c15e34f8adabebb4a9b035cb0030a3cd19b4f00df9fea483c0256f
WordPress Security Scanner can perform username enumeration, weak password cracking, version / vulnerability / plugin enumeration, and more.
d3fd1d47fbf3f104aeb62c53f9d31202ec9e2fdfd66aa921c9d4f8927122bf6f
Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. Arachni is smart, it trains itself by learning from the HTTP responses it receives during the audit process. Unlike other scanners, Arachni takes into account the dynamic nature of web applications and can detect changes caused while travelling through the paths of a web application's cyclomatic complexity. This way attack/input vectors that would otherwise be undetectable by non-humans are seamlessly handled by Arachni.
df5eb52282bc9cda9dccf0b49d00bc607b71300cc080cc1a667823a19d6f4889
This is a simple perl script called Viper LFI Scanner that enumerates local file inclusion attempts when given a specific target.
29bd41af57ba7569fad9b21b50e8ad9096741e3ee23063f560b4b57da70a4d8d