This tool helps discover local file inclusion vulnerabilities. It creates a random user agent for the connection, supports nullbytes, supports common Unix systems, and more.
0c1637f07029317c9015b1f6d44d3a4c08567372e22ad7436e02997621345c13Hyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.
8f752061c0ba8ce3e771bf03b1d9c18849d7e1d91751323971e42695ac277db8LFImap is a python script that tests leverages local file inclusion vulnerabilities to figure out the root of a file system, looks inside of some files and more.
541dc1657012d42d82d1363b528f66bb2d6a2ccf0c083443b1475b4be48908c5Hyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.
af9ae528f2df822f1bb78005ebe736b8412d5750d5ad8278037b35790576a542Skipfish is a fully automated, active web application security reconnaissance tool. It is high speed, has a low false positive rate, and is easy to use.
0682c65365408c6d51c6381d0478bb9155d259a2bdb792defe36472fba43dfe1The Simple Local File Inclusion Exploiter tool helps you exploit LFI (Local File Inclusion) vulnerabilities. Post discovery, simply pass the affected URL and vulnerable parameter to this tool. You can also use this tool to scan a URL for LFI vulnerabilities.
ea5cb58e3cce77677069748f7e460b34d2b1081d8978484c039bc2c523a9ec03XSSer is an open source penetration testing tool that automates the process of detecting and exploiting XSS injections against different applications. It contains several options to try to bypass certain filters, and various special techniques of code injection.
8c71afc33432e1adab32907b8d378ff256986b2c14f4d7587b3da25139432944Scannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. Scannedonly was developed because of scalability problems with samba-vscan. Scannedonly comes in two parts: a Samba VFS module and (one or more) daemons. The daemon scans files and marks them when they are known to be clean. The samba module simply filters out files that aren't marked clean.
20601c0466034cc250ded1a16d737451cfbe05fbcaf4f667ff25fe004bd1340eaidSQL SQL injection detection and exploitation tool is a modular PHP scanner that allows you to develop your own plugins for use.
bc0d80a86a9635ed3843b30483350b08c6f20ece6d815dc61ff1240502ffd601WATOBO, the Web Application Toolbox, is a tool that enables security professionals to perform highly efficient (semi-automated) web application security audits. It acts like a local proxy and analyzes the traffic on the fly for helpful information and vulnerabilities. It also has automated scanning capabilities, e.g. SQL injection, cross site scripting and more.
7c1e710eec1da55d3deabf2188674969336e3a10322582883e32c802d758bd2eThis is a phpBB remote file inclusion scanner written in Perl.
93a467b53eb62570fc5e92ff28d8edecb743efdb81ac154adda4586ccb58ad9cWordPress SQL Injection Checker is a tool that attempts to check for known SQL injection vulnerabilities in a given WordPress installation. Written in Python.
9a96deb2b2d0ff7b5fb7d5407e526b70d81ef3aade072ac6acba9c02f46a3630This python script scans for 58 vulnerable Joomla component payloads.
26c1dd792718beea62e8eb0ab2d6c9e865e5fd26795e1320d27ddd6b697c5805Dorkmaster is a python script that crawls Google and Bing results looking for various pieces of software that has historically had vulnerabilities. This is useful for verifying that your company is in compliance with software run on a given site.
ca24afbbd6a865806dcb810a4208b7ad90140c55e976cb0579fe9d96a427c2ffUA-Tester (User-Agent Tester) is a Python script that enables penetration testers to compare response headers from a remote server based on a list of User-Agent strings. The script allows testers to isolate differences in response depending on the browser used to access a site. This can be important as a growing number of sites are catering for mobile devices by forwarding them to alternative (browser friendly) pages, or redirecting them to alternative servers entirely.
254676c67c7b522e642828ca8d076b317ca9957f162215e6ad765c0984d8c67ciScanner is a free open source tool written in Ruby that lets you detect and remove malicious code from webpages. iScanner will not only show you the infected files in your server but it is also able to clean these files by removing the malware code ONLY from the infected files.
2e0f5f3a1ea22c706232afdde1222ab65dd65fefcc33347fb4275ac6bf190c68NMB Scanner scans the shares of a SMB network, using the NMB and SMB protocols. It is useful for acquiring information on a local area network for such purposes as security auditing. It can obtain such information as NMB/SMB/Windows hostname, IP address, IP hostname, ethernet MAC address, Windows username, NMB/SMB/Windows domain name, and master browser. It can discover all the NMB/SMB/Windows hosts on a local area network by using the hosts lists maintained by master browsers.
1839ed5bbb6e562b6fc3078a43108380f49de81ea8f373981936514bbf33b20dMalware Check Tool is a python script that detects malicious files via checking md5 hashes from an offline set or via the virustotal site. It has http proxy support and an update feature.
1da2d31cf70bc80c92291577f2083b14031a5734ec0581920bfa1e0f0bde24abHyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.
641b340abb4a2b070368fbc32fbad68ac79578222c4c72aa96b8cc9a39c5589fJoomla web scanning perl script that gets the version, components and shows possible bugs.
34c4aee508ddefaa7c3e43bf6ee98ce17c6a65504525bd476490698efce3d3c2Athena is a SSL cipher scanner that checks all cipher codes. It can identify about 150 different ciphers.
ab328efae2073970504ced425560888a40351ffccf0762de763a120a64cb47bbDotDotPwn is a directory traversal scanner with a database of 871 payloads.
47254c2549152775e87ea36f793d29f7720b1e9b4c205f3487f8926af4a921b3WhatWeb is a next generation web scanner that identifies what websites are running. Flexible plugin architecture with over 300 plugins so far. Passive plugins use information in the headers, cookies, HTML body and URL. Aggressive plugins can identify versions of Joomla, phpBB, etc by making extra requests to the webserver.
9c9ab674ccca531106d1ae71068b6e4c59e2611154341959d1193818e14c9f6fHalberd discovers HTTP load balancers. It is useful for web application security auditing and for load balancer configuration testing.
5746484757b65191ae5062e9dda972eed7e876620ee348929b1b9490077d8f28This is a directory traversal scanner written in C#. Complete source included.
aae3b9039bb27f7f912f797a20634eccd12ee41bb22d222b0540fa5288ed8d95
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed