Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.
e5c56aed374969acc0d9b93fac8849bb83482705761f98a010ffad11047b6ca6
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to the remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Note that this version is the win32 compiled version. Original code by Michal Zalewski, compiling by David Coomber.
b1b3a50167e875ae8a49b1069e893267ee5dd2ab3c6ef6b733760e63b4bdc904
arp-scan sends ARP (Address Resolution Protocol) queries to the specified targets, and displays any responses that are received. It allows any part of the outgoing ARP packets to be changed, allowing the behavior of targets to non-standard ARP packets to be examined. The IP address and hardware address of received packets are displayed, together with the vendor details. These details are obtained from the IEEE OUI and IAB listings, plus a few manual entries. It includes arp-fingerprint, which allows a system to be fingerprinted based on how it responds to non-standard ARP packets.
f50e2f3a2ec6cfe4e4d15a6de0cfb5c707b7e703687800deb35456f914492ee4
Porkbind is a robust and recursive DNS server vulnerability scanner which retrieves version.bind information for the nameservers and produces a report.
e2042cffd50725e3631e0d348b420eb2d16764850cc6974805a852d7d3ec9889
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
1e6c3e28b8679bb9a5c15fa9668268056d2e47050ed2da83b24ea5d18ccfae08
Python script that cracks a 256-bit WPA-PSK hash (64 char) using wpa_passphrase and a wordlist.
64f83af457754e31a3d03e207fb755e633bab664fab632e28121f6d198cb0ca0
PKtAnon performs network trace anonymization. It is highly configurable and uses anonymization profiles. Anonymization profiles allow for mapping of arbitrary anonymization primitives to protocol attributes, thus providing high flexibility and easy usability. A huge number of anonymization primitives and network protocols are supported and ready to use for online and offline anonymization.
7d45e23f5e5ba5c2813a0c9087dd4c80a009fe688cb0243269ad42a6d00b293b
dnsenum is a perl script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack, and then performs reverse look-ups on the results. It has been completely revamped.
012840d5f521fcaf033cb67e1dbeee5f49398700d9da40ab5af751a15ceb0760
Bsqlbf was originally written by A. Ramos from www.514.es and was intended to exploit blind sql injection against mysql backend database. This is a modified version of the same tool. It supports blind sql injection against the following databases: MS-SQL, MY-SQL, PostgresSQL, and Oracle.
c091db89e6b694d98f6c7efbfa64437271a49377901cfc83e7daae6a73b121f3
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
dcb1e7c56142881d9ede36c33467ced19afcf30898134c38a0ad4b49b7a7dc3c
This code utilizes the p0f derived OS signature database of disco to actively fingerprint operating systems. It is able to fingerprint hosts based on a single SYN-ACK received from a probed port, and as such can be used to identify multiple hosts NAT Masquerading behind a single IP.
865238503c148718bb001eb113497666968941a9099c1924ac39f4004ddbb782
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
38f028cd62f36b27e390174472bbd35cf86b5d227e6acfb91353c80aef0b6ca0
This Ruby code will test a specified Host's SSL certificate against the Debian-based blacklist of keys (RSA 2048 and DSA 1024) generated during the period where openssl on Debian-based installs suffered from a weakness in random number generation. Note that the blacklist is embedded in the code so the file is about 23 MB.
288124a67c707a0fcf89edfbedf7c4788dd853dd55871cba94ecfe308e0ea1ae
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
e312925c3a88adcbaf242f9a2e1d47c30c9041b15512ec09273576dc7eec87fd
sqlninja is a small tool to exploit SQL injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote shell on the vulnerable database server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of taking over a database Server when a SQL injection vulnerability has been discovered. It is written in perl and runs on Unix-like boxes.
48b7d75f816a3c6179dc709399e74dcd9a38412988214346216298cd265d1f0c
Debian OpenSSL weak client Diffie-Hellman Exchange checker version 0.1.
f751596b32f587e79025ba709c16d9fdad9f31526709e13da3da0d3110928de6
Volatile is an automatic SQL injection exploitation tool that takes advantage of applications discovered in search results and attempts to leverage xp_cmdshell.
edad62c53111bcd7fee6eb2bdddc7b3d981d4df4a09d216896a0b1023d7afaa3
SQL Playground (SP) is a tool written in Perl that aims to exploit SQL injection vulnerabilities while presenting itself in a command line shell. Full paper provided to explain use.
75be991fcf358733f7aba32f37159a14403e1e0a1f2ac6105973847c1f6b3010
Blind SQL injection tool for MySQL servers using a true-false method. You can obtain MySQL information and extract data from tables without the use of quotes.
6b79a23433909018cede551c9ed5088439fea762c64d36abaf2a90dab8f7a976
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
9fea0328c9bc110b187da529ec186ac3bb3ba08ef95dde78f1b50625942b5a35
FTPNullSearch is a FTP scanner that can scan a range of IPs looking for servers that allow anonymous logins. Written for Linux.
a91386c0c329e353023f79d969c12450058c95171a3888661eccbe4d0319d520
ProxyStrike is an active Web Application Proxy and is a tool designed to find vulnerabilities while browsing an application. It current has SQL injection and cross site scripting modules. This is the Windows version. Written in Python.
da770b4014ebd251157864ec374ad5b81d1ca7e37682b8813de1fb246c9ae242
ProxyStrike is an active Web Application Proxy and is a tool designed to find vulnerabilities while browsing an application. It current has SQL injection and cross site scripting modules. This is the Linux / Mac OSX version. Written in Python.
6911c85050d2dd1521c1b8f2b5f0a8a6bbc3fe11c7e60d55551550068026cde6
Simple and compact TCP port scanner.
fd6d5f859bbcc997a354b1cb06ac667dcbd4040bcf8153ee871ddfd39c502986
The Goolag Scanner is a tool that has been released by the Cult of the Dead Cow to automate Google hacking using 1,500 predefined search queries.
b0e95f32dd1a7d1debe5e540a6fc6f3cf116c92fdddd1737461b586fd3b66187