Joomla, Mambo, PHP-Nuke, and XOOPS CMS SQL injection vulnerability scanning tool written in Python.
a41f8044b60180a66a0dcaad4b63e48e9323a4faf732e5f20993458571fc225fFTP_AnoScan is a FTP scanner that can scan a range of IPs looking for servers that allow anonymous logins. Written for Linux.
770a6f10efe40f8336141be7d9de8569932428bbf02310b5e72fa553f17baba3fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
918dfe42d7a552e44b74c2bf3ba49f7a160d0c31f093cfbdc4efdf4bd73fc1f8Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.
8ca227a5185935eb4e9d9d9589b2b5a530796988f05cb346e009c89cdf86cd5ddnsenum is a perl script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack, and then performs reverse look-ups on the results. It has been completely revamped.
f8636376e43c759a0d0628986a8bd7bd7030180cdc08f6e862adb14954b7570bPixy is an open source vulnerability scanner that audits PHP applications for SQL injection and cross site scripting vulnerabilities. It is written in Java and also performs automatic resolution of file inclusions.
1efbf5349ce56b1930fd159abf9a3d580eadd4627972551442bb1397a4c8ef46Joomla SQL injection Scanner version 1.0. With the constant SQL injection vulnerabilities being discovered in relation to Joomla, it was only a matter of time.
7813dfb29e8d821329e907039666b94df576197d3b9b3a2d6a2a8f70e3749ef6Goolag Scanner version 1.0. This tool has been released by the Cult of the Dead Cow to automate Google hacking using 1,500 predefined search queries.
052f30701a3f98d4097362ef486c4e09cecdf65778832bd34781b2d744896d38ndisc consists or two small command line tools (ndisc and rdisc) that perform ICMPv6 Neighbor Discovery and ICMPv6 Router Discovery respectively. It is primarily meant for IPv6 networking diagnostics or to detect rogue IPv6 nodes or routers on an Ethernet segment.
72a75674e179fc52e370a4dd672fdca8b540291d34e593cfe2e032fd4ca35a13fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
9c097761644f7cbf79a72b6aadd95384ab2965187bb8d9f8346c7de9905db08dsqlninja is a small tool to exploit SQL injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote shell on the vulnerable database server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of taking over a database Server when a SQL injection vulnerability has been discovered. It is written in perl and runs on Unix-like boxes.
7c30080e8050ed7d3ed1826455aabcf4ab87b6721f47fdf13eecd99f5a4e65b7SQL injection digger is a command line program that looks for SQL injections and common errors in websites.
b76ba9f76bdaeffbdf068c3668af79e1c700692ab288ce7f8cdb25c51dbb034dPortBunny is a Linux-kernel-based port-scanner created by Recurity Labs. Its aim is to provide a reliable and fast TCP-SYN-port-scanner which performs sophisticated timing based on the use of so called "trigger"-packets. The port-scan is performed in 2 steps: First the scanner tries to find packets, to which the target responds ("triggers"). Second, the actual port-scan is performed. During the scan, the triggers, which were found in the first scanning-phase, are used to determine the optimal speed at which the target may be scanned.
cfe1e5b84b66577299d920dd6f1a1637e948dd4fb2a75ab5265de273ffb6287cThis code searches for Google Calendar accounts which exist and are not password protected.
3151bb236822f342ed070d2d4b6ddae739cbb33cf4ba0c9777a56abb9f7bb51bSynScan is a fast half-open port scanner. This tool will send TCP packets with the SYN flag to any block of destination addresses at very high speed. SynScan endeavors to send traffic as fast as the host network interface can support.
9bdddf9e48546043929eba3971edc11896b208e153617cd8f66f0af0cd74afa9SSLScan queries SSL services, such as HTTPS, in order to determine the ciphers that are supported. SSLScan is designed to be easy, lean and fast. The output includes preferred ciphers of the SSL service, the certificate and is in Text and XML formats.
37d90fe847bc0e7dd4ac661c9f868006d3b26eb524342bd5642889ac61308ec2SEAT (Search Engine Assessment Tool) is the next generation information digging application geared toward the needs of security professionals. SEAT uses information stored in search engine databases, cache repositories, and other public resources to scan a site for potential vulnerabilities. It's multi-threaded, multi-database, and multi-search-engine capabilities permit easy navigation through vast amounts of information with a goal of system security assessment. Furthermore, SEAT's ability to easily process additional search engine signatures as well as custom made vulnerability databases allows security professionals to adapt SEAT to their specific needs.
1dca56a6f60d703faf1e555a7c458656e20afac2c3cc327143a474f79f5a3b53ndisc consists or two small command line tools (ndisc and rdisc) that perform ICMPv6 Neighbor Discovery and ICMPv6 Router Discovery respectively. It is primarily meant for IPv6 networking diagnostics or to detect rogue IPv6 nodes or routers on an Ethernet segment.
3aadf5d1f3b4620833527511ee700a2f0365a10d62219ece882ca6424e8ffe0cHellsing is a utility designed for attacking web applications. It supports multiple vulnerabilities through the use of a configuration file.
fa12112c421352c6709b3bd8f058ca8e74db0f717e92ecfe0d1a694c9a5ff494This Joomla scanner scans for known vulnerable remote file inclusion paths and files. Written in Python.
45604294ef244a79ebe8850f4cab7ce49371c432e2c1496f411076ba40665cd3gwcheck is a simple program that checks if a host in an ethernet network is a gateway to Internet.
bbd330c1df80d2586e3ecb1e5671a1a0b3aef4ffd54dd4ef27c45ffaaa50491cNMB Scanner scans the shares of a SMB network, using the NMB and SMB protocols. It is useful for acquiring information on a local area network for such purposes as security auditing. It can obtain such information as NMB/SMB/Windows hostname, IP address, IP hostname, ethernet MAC address, Windows username, NMB/SMB/Windows domain name, and master browser. It can discover all the NMB/SMB/Windows hosts on a local area network by using the hosts lists maintained by master browsers.
e5f55548e256ded0dd8fc9067ac5c4a5df3d4d7489e871e2bd9b84ce04c7efebUnicornscan is a new information gathering and correlation engine built for and by members of the security research and testing communities. It was designed to provide an engine that is Scalable, Accurate, Flexible, and Efficient. It is released for the community to use under the terms of the GPL license. Unicornscan is an attempt at a User-land Distributed TCP/IP stack. It is intended to provide a researcher a superior interface for introducing a stimulus into and measuring a response from a TCP/IP enabled device or network.
06c1e7f7471bcf6d34f0094b8fe4fa117dd945f91e0a0c1c2575e12465f0e2ecThis is a simple proxy tool that checks for the HTTP CONNECT method and grabs verbose output from a webserver. It is primarily useful when verifying false positives from automated vulnerability assessment tools.
203ad5690055cb97040a956a45aea7128a31b0d77823f608d16c161a7e50eeccfwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
a5049331fd404514f4b723536db88d3b79b8b21537ecdf2d617a888b84101b37
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed