WATOBO, the Web Application Toolbox, is a tool that enables security professionals to perform highly efficient (semi-automated) web application security audits. It acts like a local proxy and analyzes the traffic on the fly for helpful information and vulnerabilities. It also has automated scanning capabilities, e.g. SQL injection, cross site scripting and more.
478a1566e4c6f7dc28d734eedcb6ba04390148a32396154c928a3e2488959054XSSer is an open source penetration testing tool that automates the process of detecting and exploiting XSS injections against different applications. It contains several options to try to bypass certain filters, and various special techniques of code injection.
4de4d18fc0472010c5289b7c509270a9628d2883314d90de3888b92ee68106a0This Python script is a tool that can be used to check windows workstations and servers if they have accessible shared resources.
50f0cef89cbe41efc8027f56d96fd61b7164ec2daabfe90f151d7876f0f60c47QuickRecon is a python script for simple information gathering. It attempts to find subdomain names, perform zone transfers and gathers emails from Google and Bing.
44d3ec57af0dc97b14b5c020752e414feebca30aa7690beb7e3ec23e8d74fa41YCrawler is a web crawler that is useful for grabbing all user supplied input related to a given website and will save the output. It has proxy and log file support.
602e299d0d83a27072e94350f35ff2215599c2fc81c708ab79ed31bcc7d34dc0Mpctp is a tool for manipulation of raw packets that allows a large number of options. Its primary purpose is to diagnose and test several scenarios that involving the use of the types of TCP/IP packets. It is able to send certain types of packets to any specific target and manipulations of various fields at runtime. These fields can be modified in its structure as the the Source/Destination IP address and Source/Destination MAC address.
8e8204b70f419814270efe1a84e5a1a57379fb615a273913b02f39c00bcd3841QuickRecon is a python script for simple information gathering. It attempts to find subdomain names, perform zone transfers and gathers emails from Google and Bing.
883ccd44f2129e5160ea8c433f5ff98e0a5fdf077fe8afbec99020d82d17bbafMpctp is a tool for manipulation of raw packets that allows a large number of options. Its primary purpose is to diagnose and test several scenarios that involving the use of the types of TCP/IP packets. It is able to send certain types of packets to any specific target and manipulations of various fields at runtime. These fields can be modified in its structure as the the Source/Destination IP address and Source/Destination MAC address.
6f0f8372777c1f62bd302fce108bb4f73fd33a976b35720e6bf09e7b10b6dfb0yInjector is a MySQL injection penetration tool. It has multiple features, proxy support, and multiple exploitation methods.
b52774ac099292a94a0f4f4c96f55843e963024e991196b4ce6f06d98c62454caidSQL SQL injection detection and exploitation tool is a modular PHP scanner that allows you to develop your own plugins for use.
e769c0ef9eb214b98a3f554a62fb6fd1b4b9c8ac94a53d3fcc19df62f382bad0This Python script is a tool that can be used to check windows workstations and servers if they have accessible shared resources.
54537a2f3c86ad8f52de968df257b060a5829f88749fc6e25a04fdb2eccaf7beQuickRecon is a python script for simple information gathering. It attempts to find subdomain names, perform zone transfers and gathers emails from Google and Bing.
dc87a58f04f0b475b53ccfc4234f13f78e8702769fabed12d980b08093c21c01Sambascan2 allows you to search an entire network or a number of hosts for SMB shares. It will also list the contents of all public shares that it finds. The difference between sambascan2 and other SMB viewers and scanners is that it will search everything using TCP/IP, and it will not send a lot of broadcast messages, so it can be used over LAN boundaries. It only uses SMB to list the shares and their contents.
d5a0c533e34a8f2f940ca2ddca16bb43b19cbd98de73b58e83dea97d8972dd00SimpleSPA is an application that consists of a single packet authorization mechanism designed for the purpose of hiding semi-public services like a SSH server. There is a server side (Linux only) and a client side (Windows and Linux). This application is similar to FWKnop and more of an academic/proof of concept application as opposed to a full blown commercial quality application. involves a client that creates a packet with a payload encrypted with the public half of two different RSA keys. The idea is that one key would be shared by all users and it would encrypt the user name of the individual. A second key specific to each individual user would encrypt a pre-shared key (just any old string, nothing secret about it really) and a timestamp (to counter replay attacks). The server would receive this packet and decrypt this first half of the packet, which would give us the user name of the person sending the packet. The server would then know which user specific second key to use to decrypt the pre-shared key and time stamp to evaluate them for acceptability. If all is good, then the server would open up a port for the semi-public service we were trying to conceal for a brief amount of time to allow for a connection to be made. PDF included that explains everything. Written in Java.
378f5402ded74b2de9cd170f0b9807fe64089a1ec6ed3df52cbfb01b705fce3dQuickRecon is a python script for simple information gathering. It attempts to find subdomain names, perform zone transfers and gathers emails from Google and Bing.
2feac3fdc6a1bf696c441b1994bd43190b9ba6ec49879406f940b6bee127e42dThis Python script is a tool that can be used to check windows workstations and servers if they have accessible shared resources.
2b220cf3cdaf3f4552cfe95010736765beabf1b919c019ab371e3b431d44e6ebGetHTTPStatus is a simple python script that scans a set of provided URLs and returns the status codes provided. It has the ability to use cookies if needed.
e2bc79b48cf3e7d09e13850c55cc2f6ce1a7c571a8ea3f55dd7677e2e33084aaThis Python script is a tool that can be used to check windows workstations and servers if they have accessible shared resources.
d2a52d5c575a937dda9b0844fef2f9aa7f4f1849fbdf2777ecaf4c2e001dccd3T50 Sukhoi PAK FA Mixed Packet Injector (f.k.a. F22 Raptor) is a tool designed to perform "Stress Testing". It is a powerful and an unique packet injection tool. The author has added in some anti-kiddo tricks.
1a4f11b993b8a80388bd33f4cc736819517ff227be6e83f04f3403aa15bb4234Witchxtool is a perl script that consists of a port scanner, LFI scanner, MD5 bruteforcer, dork SQL injection scanner, fresh proxy scanner, and a dork LFI scanner.
833d41e3d4cc5515b41acff39daf512f73c3e5420ec0e662d92add4c50aa6e45aidSQL SQL injection detection and exploitation tool is a modular PHP scanner that allows you to develop your own plugins for use.
ac0d3ebd50b8ed0d5e391ccaba376170718b01af8eda840d89a24f4b5cd7a4f7Simple LAN Scanner is a simple python script that leverages scapy for discovering live hosts on a network.
5b9a1073a20d03e4e93144a5db6e630a62b90fb9f3bbaace030de8b42c127d90Athena is a SSL cipher scanner. Unlike most scanners, rather than scanning the few ciphers openssl supports, it checks for every possible cipher by enumerating all 65536 cipher codes.
0186d8915b61e99df20eb35b58f7468b592c94275da88e1f632ef40e39db2829bsqlbf is a script that tests for blind SQL injection vulnerabilities.
43ce6c12a717c9a6f73e091617d1a01bc30f58d6bcacd0ff404dd72d7deab870Witchxtool is a perl script that consists of a port scanner, LFI scanner, MD5 bruteforcer, dork SQL injection scanner, fresh proxy scanner, and a dork LFI scanner.
3b07ac2beb17d889bb29196cd4ad335e183a17bfc2253989f49fea5b942a80ef
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed