Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
ccc77cc66c14526824fd39dfb2539bb601249e9b70c87d1d0f2f917e23db0975
PHI.I is an effective NFS scanner. It is intended to be left running in a screen session somewhere, scans randomly and requires very little user interaction. It finds large numbers of exported NFS directories, and lists the contents of directories that are exported to everyone. There are very large numbers of completely open NFS shares, despite it being an issue for at least 30 years. Written in bash.
4d49999e7cbd3abdea5d95a215b932ff2d670f5fee5e8283608f5ed63da4d697
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
7657ee66f81f72504c70a3a321f4fe87ddb5754f32e6a3c4234fd38a5c23c28c
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
c48c9a7e0abd16efb2d35975f105f10f5d25b1b9439a4d1e7933579b9f159a11
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
9022a0e1b3ee1dc9cd1323efcc0e5f8f24bc521e19e9779efd9d23a3aa3e5577
Mosca is a tool that checks code for poor security practices akin to using grep against it for static analysis.
e41af96879d8dec33d2e18584d6b875e208df5971930fcea5b0a6b4764aefcbb
VBScan is a black box vBulletin vulnerability scanner written in perl.
c12e918da14aa71629c893643a7bac1ab6f469fdb72a868b4f2e8689e00a88fb
NetSTR is an open source small, fast and easy to use port scanner and packet sniffer. IPv4 scanner can perform ranged, single or use an internal top ports list plus it has a flexible timers/port capability. IPv6 single port single host is supported. The tcp and arp sniffers print an easy to read dump format and have a full packet decode capability. Additionally netstr sports a fuzzy passive network scanner.
0362e46af780f0720501428c67c098df5a2b564a8a01114787c8fa2a054d6ab9
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
64fe15be52fa77bce14250867da87e8c262fb0e9229517c4e2d2d5a38223bea4
NetSTR is an open source small, fast and easy to use port scanner and packet sniffer. IPv4 scanner can perform ranged, single or use an internal top ports list plus it has a flexible timers/port capability. IPv6 single port single host is supported. The tcp and arp sniffers print an easy to read dump format and have a full packet decode capability. Additionally netstr sports a fuzzy passive network scanner.
527b33f5e8d6682ce147aa8a109073f4fc693e7ee7fd3a3e04ed5ccfae520f44
XSSer is an open source penetration testing tool that automates the process of detecting and exploiting XSS injections against different applications. It contains several options to try to bypass certain filters, and various special techniques of code injection.
e76427aab3dc3833b04e100ded60a2eb29b0f01256f63bdd522d21a5e322a603
A2SV is an SSL scanning tool that checks to see if a service is vulnerable to Heartbleed, Poodle, and CCS injection vulnerabilities.
d04aa9e4dd8c4999c2469d655c05516950962503f92a52f6ad92b1b0d2bcde70
VBScan is a black box vBulletin vulnerability scanner written in perl.
50b8c3cf5f0259a2730560b37dcd93d7b6a81dd0fe12fb9e513ed77090111d08
RouterHunterBR is a tool to find and perform tests in vulnerable routers on the Internet.
1ddc5a12ad6e7c7a42c3e0467c9f7b55a7745e71c153509b840cbc3aafaf71fd
Maligno is an open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded with Base64 prior to transmission.
769542adfb8846bf766f80097cea25abe83f88a40a0b96d35c82ce0750d272ef
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
5999c2cffd231caf3082a5169fbac2f4a3f5db8309355c5615c98998718198ff
WebSploit is an advanced man-in-the-middle framework.
ca066d95bf2ed138095c5332c7ee439d901f194246020b3239d98f0a6ec64c5f
DNS Spider is a multithreaded bruteforcer of subdomains that leverages a wordlist and/or character permutation.
a90aefae7da1aa551b84f0d928a33148efdd96e29752d17dd31962c49fe72368
This python script checks for the OpenSSL memory leak named Heartbleed and as noted in CVE-2014-0160. It can be used for different SSL TLS versions and multiple (HTTPS/SMTP/IMAP/POP3) protocols. It is optimized for mass scans.
89791cf81b92b962ceaf4da83a28781f5cf9ed884168321574cab9f157657409
testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.
750ab7dbeec01260783457205c07b100e9cbc5d67dd5cadf512a58d057e028eb
This is a perl script for performing SQL injection scans against a target site.
139b62728dd6b4c9441400351f509ee6364315609ff302ac2730a8b6939a0de3
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
ed6f8cfbda6dc76a56a994465188b49419267492ebc6d5328e0947479bd2714b
Simple Packet Sender (SPS) is a Linux packet crafting tool. It supports IPv4, IPv6 (but not extension headers yet), and tunneling IPv6 over IPv4. Written in C on Linux with GUI built using GTK+. Both source and binaries are included. Features include packet crafting and sending one, multiple, or flooding packets of type TCP, ICMP, or UDP. All values within ethernet frame can be modified arbitrarily. Supports TCP, ICMP and UDP data as well, with input from either keyboard as UTF-8/ASCII, keyboard as hexadecimal, or from file. Various other features exist as well.
19e7b2489ee6fea121cb02cc84547508ff085ab23af5e2a56e60ad310de4459a
Maligno is an open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded with Base64 prior to transmission.
549ccede1b9f9d75bd845ea45ed774a3e8c54a2ff4cb364a483ed8a4e46f9920
Maligno is an open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded with Base64 prior to transmission.
d8dfdb3144906acd4e280cd20b793c5221f74fc92d87b50b3387d41967240e6f