Clik here to view.
ZMap – Fast Open-Source Network Scanner
ZMap is a fast open-source network scanner designed for Internet-wide network surveys. On a typical desktop computer with a gigabit Ethernet connection, ZMap is capable scanning the entire public IPv4...
View ArticleClik here to view.
Radare – The Reverse Engineering Framework
Radare started out as a simple command line interface for a hexadecimal editor supporting 64 bit offsets to make searches and recovering data from hard-disks. It has evolved into a project that is...
View ArticleClik here to view.
Kali Linux – The Most Advanced Penetration Testing Linux Distribution
So Linux Live CDs based around hacking or penetration testing used to be a super big deal, they died down a bit in the last few years. The king of the hill back in 2011 used to be BackTrack and the...
View ArticleClik here to view.
WhatWeb – Identify CMS, Blogging Platform, Stats Packages & More
WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content management systems (CMS), blogging platforms,...
View ArticleClik here to view.
InsomniaShell – ASP.NET Reverse Shell Or Bind Shell
InsomniaShell is a tool for use during penetration tests, when you have ability to upload or create an arbitrary .aspx page. This .aspx page is an example of using native calls through pinvoke to...
View ArticleClik here to view.
BlueMaho Project – Bluetooth Security Testing Suite
BlueMaho is GUI-shell (interface) for a suite of tools best used for Bluetooth security testing. It is freeware, opensource, written on python, uses wxPython. It can be used for testing BT-devices for...
View ArticleClik here to view.
BlueScan – A Bluetooth Device Scanner
BlueScan is a BASH script that acts as a Bluetooth device scanner. It’s a tool designed to detect Bluetooth devices within the radio range of your system and extract as much information as possible...
View ArticleClik here to view.
OpenVAS 7 Released – Open Source Vulnerability Scanner
The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. The...
View ArticleClik here to view.
Gitrob – Scan Github For Sensitive Files
Developers generally like to share their code, and many of them do so by open sourcing it on GitHub, a social code hosting and collaboration service. Many companies also use GitHub as a convenient...
View ArticleClik here to view.
OAT – Oracle Auditing Tools For Database Security
Oracle Auditing Tools is a tool kit that could be used to audit security within Oracle database servers. OAT uses CREATE LIBRARY to be able to access the WinExec function in the kernel32.dll in Windows...
View ArticleClik here to view.
Droopescan – Plugin Based CMS Security Scanner
Droopescan is a plugin-based CMS security scanner that that will help you with identifying issues with several CMSs, mainly Drupal & Silverstripe. Droopescan aims to be the most accurate by...
View ArticleClik here to view.
Windows Credentials Editor (WCE) – List, Add & Change Logon Sessions
Windows Credentials Editor (WCE) is a security tool to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes, plaintext passwords and Kerberos tickets). This...
View ArticleClik here to view.
CMSmap – Content Management System Security Scanner
CMSmap is a Python open source Content Management System security scanner that automates the process of detecting security flaws of the most popular CMSs. The main purpose of CMSmap is to integrate...
View ArticleClik here to view.
Appie – Portable Android Security Testing Suite
Appie is a collection of software packages in a portable Windows format to help with Android security testing, specifically penetration testing Android applications. Appie since its latest release can...
View ArticleClik here to view.
wig – CMS Identification & Information Gathering Tool
wig is a web application information gathering tool, which can identify numerous Content Management Systems and other administrative applications. It’s strength is CMS identification, it can also...
View ArticleClik here to view.
XSSYA v2.0 Released – XSS Vulnerability Confirmation Tool
We first published about XSSYA back in 2014, and it seemed to be pretty popular, there’s not a whole lot of tools in the XSS (Cross Site Scripting) space. For those who are unfamiliar, XSSYA used to be...
View ArticleClik here to view.
Onapsis Bizploit v1.50 – SAP Penetration Testing Framework
Onapsis Bizploit is an SAP penetration testing framework to assist security professionals in the discovery, exploration, vulnerability assessment and exploitation phases of specialized SAP security...
View ArticleClik here to view.
Pentoo – Gentoo Based Penetration Testing Linux LiveCD
Pentoo is a Gentoo based penetrating testing linux LiveCD. It’s basically a Gentoo install with lots of customized tools, customized kernel, and much more. Here is a non-exhaustive list of the features...
View ArticleClik here to view.
Watcher – Passive Web Application Vulnerability Scanner
Ever find yourself looking for that show-stopper exploit in a Web-app, and forgetting to check out all the low-hanging fruit? That’s initially why the authors created Watcher – a passive web...
View ArticleClik here to view.
SamuraiWTF 3.x And Onwards – Web Testing Framework Linux LiveCD
The Samurai Web Testing Framework (AKA SamuraiWTF) is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and...
View Article