Clik here to view.
WS-Attacker version-1.6 released.
============================== changelog v-1.6 -12. May 2015: ============================== New XML-Encryption Attack Plugin: – Automatically detects XML-Encryption Attack countermeasures – Attacks...
View ArticleClik here to view.
WPSploit – Exploiting WordPress With Metasploit.
WPSploit – Exploiting WordPress With Metasploit. This repository is designed for creating and/or porting of specific exploits for WordPress using metasploit as exploitation tool. Example WordPress...
View ArticleUpdates t50 v-5-5-rc1 : The fatest network packet injector.
Changelog v5-5.rc1: – Some minor fixes on send_packet() function. T50 (f.k.a. F22 Raptor) is a tool designed to perform “Stress Testing”. The concept started on 2001, right after release ‘nb-isakmp.c’,...
View ArticleClik here to view.
Poodle Attack – PoC implementation of the POODLE attack.
Intoduction: SSL 3.0 [RFC6101] is an obsolete and insecure protocol. While for most practical purposes it has been replaced by its successors TLS 1.0 [RFC2246], TLS 1.1 [RFC4346], and TLS 1.2...
View ArticleClik here to view.
DLL_Injector – Enumerates Processes and Injects a DLL Into User Defined Process.
DLL Injector written in C++, this tool for Enumerates Processes and Injects a DLL Into User Defined Process. Input PID and DLL Path to Inject, Test.dll is Provided: Example Output : Input PID and DLL...
View ArticleMITM_Toolkit – A toolkit for automating MITM attack management.
MITM_Toolkit is A toolkit for automating MITM attack management with ettercap. Incremental Poison This shell script accepts 3 arguments. The interface you are using (eth1, eth2, etc…), the number of...
View ArticleAttacksible – Ansible Provisioned Security Testing Platform.
Attacksible – Ansible Provisioned Security Testing Platform. Tested on: + Fedora 19,20,21 + CentOS 7 (however a bunch of tools will be missing) + Debian of various releases Feature Tools: – Annonimity...
View ArticleClik here to view.
Arpy is an easy-to-use ARP spoofing MiTM tool.
Arpy is an easy-to-use ARP spoofing MiTM tool for Mac. It provides 3 targeted functions: + Packet Sniffing + Visited Domains + Visited Domains with Gource (https://code.google.com/p/gource/) Sample...
View ArticleClik here to view.
Updates Veil-Evasion v-2.20 : is a tool designed to generate metasploit...
Changelog v-05.19.2015: + This release includes Go language payloads. This is the latest stable version of Veil-Evasion. Veil-Evasion is a tool designed to generate metasploit payloads that bypass...
View ArticleClik here to view.
Updates Exploits v-20/05/2015 : Miscellaneous proof of concept exploit code.
Changelog and tool added 20/05/2015: Add SuiteShell : Exploit for SuiteCRM Post-Authentication Shell Upload. Disclosure Timeline: 05/05/2015: Vulnerability discovered and validated. SuiteCRM contacted...
View ArticleClik here to view.
WPA Attack – Extremly simple script that can be used to crack WPA network...
WPA Attack is a Extremly simple script that can be used to crack WPA network password. How it works, It runs 3 separated konsole processes: – aircrack-ng which is used to crack passphrase using .cap...
View ArticleClik here to view.
Updates MITMf v-0.9.7 : Framework for Man-In-The-Middle attacks.
Changelog MITMf v0.9.7 : – Config file now updated on the fly – Addition of the ScreenShotter and Ferret-NG plugins – Responder code re-written – Addition of a SMB server (Impacket) – JavaPwn plugin...
View ArticleClik here to view.
Updates O-Saft v-15.05.15: OWASP SSL audit for testers / OWASP SSL advanced...
Version: 15.05.15: + BUGFIX + * adapted to new commands, typo corrected + CHANGES + * bugfix: need IO::Socket::INET->new() instead of IO::Socket::SSL->new() Tool DESCRIPTIONS: This tools lists...
View ArticleClik here to view.
OWASP WebGoat Benchmark Edition (WBE) v-1.1 released.
Changelog WBE version: 1.1 : – test name, category, real vulnerability, cwe ; XSS, SQLi, Xpath Traversal, Cryptography, Hash, LDAPi, TrustBound. The OWASP WebGoat Benchmark is a Java test suite...
View ArticleClik here to view.
Ufonet v0.5b – Invasion released – DDoS attacks via Web Abuse.
NOTE: “THIS CODE IS NOT FOR EDUCATIONAL PURPOSE” UFONet – is a tool designed to launch DDoS attacks against a target, using ‘Open Redirect’ vectors on third party web applications, like botnet. UFONet...
View ArticleClik here to view.
ArpSpoof – ARP cache poisoning’s program for the MITM attack.
The man-in-the middle attack intercepts a communication between two systems. For example, in an http transaction the target is the TCP connection between client and server. Using different techniques,...
View ArticlePyxiewps is a wireless attack tool to retrieve the WPS pin in seconds.
Pyxiewps is a wireless attack tool writen in python that uses reaver, pixiewps, macchanger and aircrack to retrieve the WPS pin of any vulnerable AP in seconds. It is meant for educational purposes...
View ArticleAeon – a Network Attacking Tool.
AEON is a web attack tool used for security and pen testing. Currently in beta/ Version 0.1.1. with Modules : + DDoS. C + Flooding.c + Sniffer.c + Spoofer.c + TcpScanner.c Platforms: Currently AEON is...
View ArticleClik here to view.
Instarecon v-0.1.0 released – Basic automated digital reconnaissance.
Change v-0.1.0: Shodan key provided – <shodan_key> Automated basic digital reconnaissance. Great for getting an initial footprint of your targets and discovering additional subdomains. InstaRecon...
View ArticleMySQL-Injector, Admin Finder and Dorkster released.
MySQL-Injector : Dumps SQL DBs using Union and Error-Based injections. +SOCK5 Support (socksipy) Admin-Finder : Admin-Finder Attempts to Find Admin Logins/Directories on a Server. Dorkster : A Simple...
View Article