SimpleRmiDiscoverer is a JMX RMI scanning tool for unsecured (without enabled authentication) instances of JAVA JMX. It does not use standard Java RMI/JMX classes like other available tools but rather communicates directly over TCP. The tool is written in Java and is very useful in red teaming operations because JVM is still ubiquitous in corporate environments. It can be executed by unprivileged (non-admin) users.
93daab8314c5a134f408dc5214f71dbb47eac17e499aa7e761104430bd8a7f8f
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
97c3f6c9258eeaa609e3ccab62531670b425713dd17c0415f512201c2b8cc82e
testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.
22c5dc6dfc7500db94b6f8a48775f72b5149d0a372b8552ed7666016ee79edf0
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
98373a4cc9d0471ab9bebb249e442fcf94b6bf6d4e9c6fc0b22bca1506646c63
testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.
c2beb3ae1fc1301ad845c7aa01c0a292c41b95747ef67f34601f21fb2da16145
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
52891674347a463ce0fbbf1225cdb61f83c5db412d1c101cb48aa5f88a29e77d
Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.
bd64674b9152057bf1534ca7d7aab8cad4fccb1027813e0d0281f48823a82475
Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.
110d825ec7c2ba6a063398d63c1939d893f219fee6b5444c643f4b1cd9c71441
Photon is a relatively fast crawler designed for automating OSINT (Open Source Intelligence) with a simple interface and tons of customization options. It is written in Python. Photon essentially acts as a web crawler which is able to extract URLs with parameters, also able to fuzz them, secret AUTH keys, and a lot more.
92ad92ad238a3532346e652571299fb56a30940af4b868e592c00e6bde8ea83b
This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.
0a198af8d7876d7adb9c0517025bd6443d13399a188615a078cf3e45e120f19e
testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.
05768444d6cf3dc5812f8fb88695d17a82668089deddd6aaf969041ba4c10b10
MedSec is a network utility tool developed to perform some network, security administrator, and pentesting tasks. Basic functionality includes port scans, host discovery, banner grabbing, dns checks, subdomain enumeration, and more.
da3e4ac6caa379175e26ece82ffa34906d015bf85c441e6d363bb3c6707faa98
Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence. It was originally written by Google and open sourced in July of 2020.
9e5527ca4b40f218f5fc3dcb8685bd4dd7fecf7330f37e0ad5242e442db55a6b
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
3005346e90339c18a4c626169c6f1d9fb8643bb0d0a049bcaf64b7ccb4fd272c
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
b2c5df5ea6caccdaf672fded7ad195e050a2cde1e896fe8a5d3e0c0f96312473
Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.
3b42c5c21ad8b35302b4dac221d01252c0a94ae46bdc1c6876726f60d11b97cd
Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.
ee7d76549f3f237ce19d78280de108c705b1b1ecf62710a3a514ccacd508a5e8
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
c7359a388c829df667432d912d43bbd5c5f917763d20bffe0a998b6b714a8bb6
testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.
9de744fe0e51a03d42fa85e4b83340948baeaa7080427f90b0efd23e9106fece
jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.
fd59d2103793e3bc70faa07d858dbd00f7d7206758f08acdc980fd2df01e5a7c
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
cd2aadf020f60102c0fc1c54a2542985adc9371572d3088376c613e1b71f8c53
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
45f868edd4381e47b6d7beb0cabaaa40290660912190b8b2a1df4b1f090300c6
jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.
3d886ecab5d05daf6bf070120fb7231e28233a15a14067aaed248d57e0933530
Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.
8b696753a37506f0c3e8f542cb60e9f8198bb1bafd1a1dc97fbb9592becf31f3
Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.
a36cd6110a7e972c4b3d78b016825bb5d151b29feba7e2f6a8e74d347e302088