Dirs3arch v0.3.0 – HTTP(S) Directory/File Brute Forcer

  dirs3arch is a simple command line tool designed to brute force hidden directories and files in websites. It's written in python3 3 and all thirdparty libraries are included. Operating Systems supported Windows XP/7/8 GNU/Linux MacOSX Features Multithreaded Keep alive connections Support for multiple extensions (-e|--extensions asp,php) Reporting (plain text, JSON) Detect not found web … Đọc tiếp Dirs3arch v0.3.0 – HTTP(S) Directory/File Brute Forcer

PhEmail – Automate Sending Phishing Emails

  PhEmail is a python open source phishing email tool that automates the process of sending phishing emails as part of a social engineering test. The main purpose of PhEmail is to send a bunch of phishing emails and prove who clicked on them without attempting to exploit the web browser or email client but … Đọc tiếp PhEmail – Automate Sending Phishing Emails

CapTipper – Malicious HTTP traffic explorer tool

CapTipper is a python tool to analyze, explore and revive HTTP malicious traffic.CapTipper sets up a web server that acts exactly as the server in the PCAP file, and contains internal tools, with a powerful interactive console, for analysis and inspection of the hosts, objects and conversations found.The tool provides the security researcher with easy access … Đọc tiếp CapTipper – Malicious HTTP traffic explorer tool

Crowbar – Brute Forcing Tool for Pentests

Crowbar (crowbar) is brute forcing tool that can be used during penetration tests. It is developed to brute force some protocols in a different manner according to other popular brute forcing tools. As an example, while most brute forcing tools use username and password for SSH brute force, Crowbar uses SSH key. So SSH keys, … Đọc tiếp Crowbar – Brute Forcing Tool for Pentests

SPARTA – Network Infrastructure Penetration Testing Tool

SPARTA is a python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. It allows the tester to save time by having point-and-click access to his toolkit and by displaying all tool output in a convenient way. If little time is spent setting up commands … Đọc tiếp SPARTA – Network Infrastructure Penetration Testing Tool

RPEF – Abstracts and expedites the process of backdooring stock firmware images for consumer/SOHO routers

Router Post-Exploitation FrameworkCurrently, the framework includes a number of firmware image modules:'Verified' - This module is confirmed to work and is stable.'Unverified' - This module is believed to work or should work with little additional effort, but awaits being tested on a physical device.'Testing' - This module is currently undergoing development and is unstable for … Đọc tiếp RPEF – Abstracts and expedites the process of backdooring stock firmware images for consumer/SOHO routers

Sparty – MS Sharepoint and Frontpage Auditing Tool

Sparty is an open source tool written in python to audit web applications using sharepoint and frontpage architecture. The motivation behind this tool is to provide an easy and robust way to scrutinize the security configurations of sharepoint and frontpage based web applications. Due to the complex nature of these web administration software, it is … Đọc tiếp Sparty – MS Sharepoint and Frontpage Auditing Tool

Pompem – Exploit Finder Script & Web Version

Pompem is an open source tool, which is designed to automate the search for exploits in major databases. Developed in Python, has a system of advanced search, thus facilitating the work of pentesters and ethical hackers. In its current version, performs searches in databases: Exploit-db, 1337day, Packetstorm Security...This is Pompem Web Version (PHP sintax): WebPompemDownload Pompem

Zarp – Local Network Attack Framework

Zarp is a network attack tool centered around the exploitation of local networks. This does not include system exploitation, but rather abusing networking protocols and stacks to take over, infiltrate, and knock out. Sessions can be managed to quickly poison and sniff multiple systems at once, dumping sensitive information automatically or to the attacker directly. … Đọc tiếp Zarp – Local Network Attack Framework

mwebfp – Massive Web Fingerprinter

The "LowNoiseHG (LNHG) Massive Web Fingerprinter" ("mwebfp" from now on) was conceived in July 2013 after realizing the usefulness of webserver screenshots to pentesters, during an engagement with large external or internal IP address ranges, as a quick means of identification of critical assets, easily-exploitable services, forgotten/outdated servers and basic network architecture knowledge of the … Đọc tiếp mwebfp – Massive Web Fingerprinter