Clik here to view.
Updates The Harvester v-2.5 : is a tool for gathering E-mail, subdomain and...
Changelog in 2.5: ———————– -Replaced httplib by Requests http library (for Google related) -Fixed Google searches theHarvester is a tool for gathering e-mail accounts, subdomain names, virtual hosts,...
View ArticleClik here to view.
Updates wifiphiser v-26-12-2014 : Fast automated phishing attacks against WPA...
Changelog 26-12-2014: + Improved minimal template. + Remove anything config-relate : – wifiphiser.py – config.ini Fast automated phishing attacks against WPA networks Wifiphisher is a security tool...
View ArticleClik here to view.
Updates subdomain-bruteforcer (SubBrute) v-1.1 – A python subdomain...
SubBrute is a community driven project with the goal of being the fastest, and most accurate subdomain enumeration tool. Some of the magic behind SubBrute is that it uses open revolvers as a kind of...
View ArticleClik here to view.
Updates The Backdoor Factory (BDF) v-2.3.6 : Patch PE, ELF, Mach-O binaries...
NOTICE: For security professionals and researchers only. Changelog : 12/27/2014 + Added payloadtests.py + This script will output patched files in backdoored that will allow for the user to test the...
View ArticleClik here to view.
Updates mitmproxy v-0.11.2 : is an interactive, SSL-capable man-in-the-middle...
Changelog mitmproxy v-0.11.2: * Configuration files – mitmproxy.conf, mitmdump.conf, common.conf in the .mitmproxy directory. * Better handling of servers that reject connections that are not SNI. *...
View Articlewraith v-0.0.1 released : Wireless assault, reconnaissance, collection and...
A. CONFIGURATION 1) Postgresql ensure postgresql 9.3 is installed configure postgresql and nidus db sudo apt-get install postgresql-9.3-postgis-2.1 sudo -u postgres psql CREATE EXTENSION adminpack; #...
View Articleintelengine – Information gathering and exploitation architecture.
intelengine aims to be an information gathering and exploitation architecture, it is based on the use of transforms, that convert one data type into another. For instance, a simple transform would be...
View ArticleClik here to view.
Updates SQLMAP v-06.01.2015 : Automatic SQL injection and database takeover...
Changelog : – Minor update of Patch for an Issue #1095 – update of COPYRIGHT sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws...
View ArticleClik here to view.
BeEF version 0.4.5.1-alpha released : is short for The Browser Exploitation...
The Browser Exploitation Framework (BeEF) is a powerful professional security tool. BeEF is pioneering techniques that provide the experienced penetration tester with practical client side attack...
View ArticleClik here to view.
Update jSQL Injection v-0.6 Alpha : a java tool for automatic database...
This version includes major changes : – 10 dbs vendors supported: MySQL Oracle MSSQLServer PostgreSQL DB2 Firebird Informix Ingres MaxDb Sybase – JUnit tests – No more hex encoding: injection speed x 2...
View ArticleClik here to view.
Updates Android Network Spoofer v-2.1.1
Changelog v-2.1.1: Updated changelog and RedirectSpoof fix. Network Spoofer lets you change websites on other people’s computers from an Android phone. Features include: + Flip pictures upside down +...
View ArticleClik here to view.
Updates O-Saft v-15.01.07: OWASP SSL audit for testers / OWASP SSL advanced...
Version: 15.01.07: + BUGFIX + * avoid huge memory consumtion (fix for issue/39) + CHANGES + * command line parsing improved + NEW + * new files in contrib/ Tool DESCRIPTIONS: This tools lists...
View Articlepowershell: post-exploitation – DomainEnum module v.0.0.6 released.
The DomainEnum module is intended to support post-exploitation activities from within the user context on the target domain. It will enumerate domain computers, servers, users, emails, groups, group...
View ArticleNosqlmap v-0.5 Released : Automated NoSQL Database Pwnage.
change v-0.5 (MAJOR RELEASE): – Web app attacks-Added $gt no value attack for PHP/ExpressJS applications. Thanks go to Petko D. Petkov for this one! – Web app attacks-Corrected labeling to reflect...
View ArticleClik here to view.
NWPusher v-0.6.2 released : OS X and iOS application and framework to play...
changelog 0.6.2 (2015-01-15) : – Add underlying error reason code Testing push notifications for your iOS or Mac app can be a pain. You might consider setting up your own server or use one of the many...
View ArticleSlither – Python Web Attack Framework.
This framework is here to help you in your quest of conquering web applications. It is currently very BETA. Slither will contain modules to help you attack and exploit, but also handle some pretty...
View ArticleQuickjack is an intuitive, point-and-click tool for performing advanced and...
changelog 17-01-2015: added required file Quickjack allows you to easily perform clickjacking, or steal “clicks” from users on many websites, forcing the user to unknowingly click buttons or links...
View ArticleClik here to view.
Clepta is a modern keylogger.
Clepta is greek for Thief. Clepta is a JavaScript library made to be a PoC to show how easy it is to do targetted password extraction on websites. What does it do? Clepta is able to indentify forms...
View ArticleClik here to view.
Updates Nikto v-19.01.2015 : a web server assessment tool.
Changelog v-19.01.2015: + Add -404string to match body content for negative respons… …es; allows regex. This is added to the strings specified in db_404_strings. — Renamed -IgnoreCode to -404code to be...
View ArticleClik here to view.
Updates Seccubus_v2 v-2.13 – OWASP ZAP Proxy : Easy automated vulnerability...
released dates 0-01-2015 – 2.13 – OWASP ZAP Proxy Seccubus OWASP ZAP Proxy release The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in...
View Article