Clik here to view.
Bluto v2.3.5 – DNS: Recon, Enummeration, BruteForce | Email Enummeration |...
Changelog Version 2.3.5 (02/08/2016): + MetaData Scraping From Document Hunt On Target Domain. + Target Domain Parsed As Argument. bluto v2.3.5 The target domain is queried for MX and NS records....
View ArticleClik here to view.
bluebox-ng v1.0.2 – VoIP pentesting framework written using Node powers.
Changelog v1.0.2: * Style changed. * Test engine added. * bin; Keeping the client “alive” forever. * index.js; Added a lost dependency and a minor renaming. * package.json; Lost dependency added. * New...
View ArticleClik here to view.
Recon-ng v4.8.1 ~ a full-featured Web Reconnaissance framework.
Changelog v4.8.1 stable & stagging version: * Added the threatcrowd module. * Updated the GHDB. * Fixed a bug in the fullcontact module. * Fixed a bug in the hashes_org module. recon-ng v4.8.1...
View ArticleClik here to view.
v3n0M v4.0.6 – Popular Pentesting scanner in Python3.5 for SQLi/XSS/LFI/RFI...
Changelog v4.0.6 Stable, 14th August 2016: * Re-added LFI, XSS and Other Checks from previous versions. * Added Self-Updater. * Improved Search_Ignore list. example v3n0M v4.0.6 running on windows...
View ArticleClik here to view.
PenBox v2 – A Penetration Testing Framework.
Changelog v2: + Adding tools Shellnoob + Adding tools jboss-autopwn + adding sniper: recon + added Get server banner + added Bypass Cloudflare + added BruteX – Automatically brute force all services...
View ArticleClik here to view.
rage_fuzzer – a dumb protocol-unaware packet fuzzer/replayer.
rage against the network is a dumb protocol-unaware packet fuzzer/replayer. Basic ideas: * ridiculously easy to use (near-zero setup cost) * protocol-unaware; blind brute-force fuzzing * fairly quick...
View ArticleClik here to view.
ridenum v1.6 is a null session RID cycle attack for brute forcing domain...
~~~~~~~~~~~~~~~~~~~ Changelog version 1.6: ~~~~~~~~~~~~~~~~~~~ * added the ability to specify creds if you want to pull the entire domain and do a username/pw dump when null sessions are not available...
View ArticleClik here to view.
smod v1.0.3 – MODBUS Penetration Testing Framework.
Changelog v1.0.3: + writeSingleCoils.py update Modules + Update How To use at README.md smod v1.0.3 smod is a modular framework with every kind of diagnostic and offensive feature you could need in...
View ArticleClik here to view.
OSPTF – Open Source Penetration Test Framework.
OSPTF – Open Source Penetration Test Framework. is a Based on Open Source Penetration Test Tools. Requirements: * All Linux * Python ( Python 2 ) * Ruby ## Feature Version: + (CUI VERSION) + (GUI BETA...
View ArticleClik here to view.
revealrk – Reveal Rootkit detects processes hidden by rootkits on POSIX systems.
Reveal Rootkit detects processes hidden by rootkits. It is intended to run out of cron or similar services on a regular base and avoids verbose output as long as nothing was found. It’s fast and...
View ArticleClik here to view.
Inveigh v1.2 is a Windows PowerShell LLMNR/NBNS spoofer/man-in-the-middle tool.
Changelog inveigh v1.2: 1. Added Inveigh-Unprivileged.ps1 (replaces Inveigh-BruteForce.ps1) – This script contains only LLMNR/NBNS spoofing and hash capture methods that do not require local admin...
View ArticleClik here to view.
Auto_EAP – Automated Brute-Force Login Attacks Against EAP Networks.
Auto_EAP.py is a script designed to perform automated brute-force authentication attacks against various types of EAP networks. These types of wireless networks provide an interface to facilitate...
View ArticleClik here to view.
knmap – KNXnet/IP scanning and auditing tool for KNX home automation...
KNXmap is A tool for scanning and auditing KNXnet/IP gateways on IP driven networks. KNXnet/IP defines Ethernet as physical communication media for KNX (EN 50090, ISO/IEC 14543). KNXmap also allows to...
View ArticleClik here to view.
Nishang v0.6.9 – PowerShell for penetration testing and offensive security.
Changelog Nishang v0.6.9: – Get-PassHashes now use Reflection. Thanks to Zer1t0 on GitHub. The payload dumps password hashes using the modified powerdump script from MSF. Administrator privileges are...
View ArticleClik here to view.
BLACKBOx v2 – A Penetration Testing Framework.
BLACKBOx – A Penetration Testing Framework. Dependencies: + Python 2.7x + git Roadmap & Changelog 1.8v: + ADD XSS/SQLi/RCE Scanner to google & bing dorker module ! + Fix LFI & Hashkiller...
View ArticleClik here to view.
RC-EXPLOITER v1.1.7 – Brute-forcing WAN/LAN services.
Changelog RC-Exploiter v1.1.7: + bin/help.faq + exploits/rpc.rc + rc-exploiter.sh + settings [DISCLAMER] The author does not hold any responsibility about the bad use of this script, remmenber that...
View ArticleClik here to view.
worm-ssh – python script for Create a worm that bruteforces SSH and “infect”...
worm-ssh is python scripting for Create a worm that bruteforces SSH and “infect” the system. Dependencies: + Nmap + Python 2.7.x + Of Course Internet Traffic Right? worm-ssh Script List: *...
View ArticleClik here to view.
vsaudit – VOIP/SIP Security Audit Framework.
vsaudit is an opensource tool to perform attacks to general voip services It allows to scans the whole network or single host to do the gathering phase, then it is able to search for most known...
View ArticleClik here to view.
The Social-Engineer Toolkit (SET) v7.4.1 Codename: ‘recharged’.
Roadmap and Changelog social-engineer-toolkit v7.4.1: * converted all powershell encodedcommand to abbreviated version 7.4 * added better obfuscation around encodedcommand * added new third party...
View ArticleClik here to view.
urlfuzz – Another web fuzzer written in NodeJS.
urlfuzz is another web fuzzer, but using the power of async/non-blocking I/O functions provided by NodeJS allowing you to perform VERY FAST web requests. urlfuzz Fuzzeable items * URL * POST data *...
View Article