Clik here to view.
OAT – Microsoft OCS Assessment Tool (Office Communication Server)
OAT is an Open Source Microsoft OCS Assessment Tool designed to check the password strength of Lync and Microsoft Office Communication Server users. After a password is compromised, OAT demonstrates...
View ArticleClik here to view.
CeWL v5.1 – Password Cracking Custom Word List Generator
CeWL is a Custom Word List generator which spiders a given site to create a word list of all words it finds on that site. It can also grab email addresses and usernames found in the HTML and in some...
View ArticleClik here to view.
Wapiti – Web Application Vulnerability Scanner v2.3.0
Wapiti is a web application vulnerability scanner, it allows you to audit the security of your web applications. It performs “black-box” scans, i.e. it does not study the source code of the application...
View ArticleClik here to view.
InstaRecon – Automated Subdomain Discovery Tool
InstaRecon is an automated basic digital reconnaissance tool which is great for getting an initial footprint of your targets and discovering additional subdomains. In basic terms, it’s an automated...
View ArticleClik here to view.
Plecost – WordPress Fingerprinting Tool
Plecost is a WordPress fingerprinting tool, it can search and retrieve information about the plug-in versions installed in a WordPress installation. It can be used to analyse a single URL or perform an...
View ArticleClik here to view.
Web Security Dojo 2.0 – Self-Contained Web Hacking Training
Web Security Dojo is a free open-source self-contained web hacking training environment for Web Application Security penetration testing. Tools + Targets = Dojo What? Various web application security...
View ArticleClik here to view.
zzuf – Multi-Purpose Application Input Fuzzing Tool
zzuf is a transparent application input fuzzing tool or fuzzer. Its purpose is to find bugs in applications by corrupting their user-contributed data (which more than often comes from untrusted sources...
View ArticleClik here to view.
OWASP Zed Attack Proxy – Integrated Penetration Testing Tool
The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security...
View ArticleClik here to view.
Patator – Multi-threaded Service & URL Brute Forcing Tool
Patator is an extremely flexible, module, multi-threaded, multi-purpose service & URL brute forcing tool written in Python that can be used in many ways. Basically the author got tired of using...
View ArticleClik here to view.
Parrot Security OS – Debian Based Security Oriented Operating System
Parrot Security OS is a security oriented operating system designed for Penetration Testing, Computer Forensic, Reverse engineering, Hacking, Privacy/Anonymity and Cryptography. Instead of installing...
View ArticleClik here to view.
BTCrawler – Bluetooth Diagnostic & Discovery Tool
BTCrawler is an application used to to discover Bluetooth devices and the services they provide, it is useful if you wish to know which Bluetooth enabled devices are in your proximity for debugging,...
View ArticleClik here to view.
WATOBO – The Web Application Security Auditing Toolbox
WATOBO – The Web Application Security Auditing Toolbox – is intended to enable security professionals to perform highly efficient (semi-automated ) web application security audits. It is capable of...
View ArticleClik here to view.
AddressSanitizer – A Fast Memory Error Detector
AddressSanitizer (aka ASan) is a very fast memory error detector for C/C++, Tthe average slowdown of the instrumented program is ~2x. The tool works on x86 Linux and Mac, and ARM Android....
View ArticleClik here to view.
Passgen – Random Character Generator For WPA/WPA2 Key Cracking
Passgen is an simple Python alternative for the random character generator Crunch which attempts to solve cracking WPA/WPA2 keys by randomizing the output as opposed to generating a list like so...
View ArticleClik here to view.
Dharma – Generation-based Context-free Grammar Fuzzing Tool
Dharma is a tool used to create test cases for fuzzing of structured text inputs, such as markup and script. It takes a custom high-level grammar format as input, and produces random well-formed test...
View ArticleClik here to view.
Mimikatz – Gather Windows Credentials
Mimikatz is a tool to gather Windows credentials, basically a swiss-army knife of Windows credential gathering that bundles together many of the most useful tasks that you would perform on a Windows...
View ArticleClik here to view.
FruityWifi – Wireless Network Auditing Tool
FruityWifi is an open source wireless network auditing tool, it allows the user to deploy advanced attacks by directly using the web interface or by sending messages to it. Initially the application...
View ArticleClik here to view.
AuthMatrix for Burp Suite – Web Authorisation Testing Tool
AuthMatrix a web authorisation testing tool built as an extension to Burp Suite that provides a simple way to test authorisation in web applications and web services. With AuthMatrix, testers focus on...
View ArticleClik here to view.
DIRB – Domain Brute-forcing Tool
DIRB is a Web Content Scanner AKA a domain brute-forcing tool. It looks for existing (and/or hidden) Web Objects, it works by launching a dictionary based attack against a web server and analysing the...
View ArticleClik here to view.
BetterCap – Modular, Portable MiTM Framework
BetterCAP is a powerful, modular, portable MiTM framework that allows you to perform various types of Man-In-The-Middle attacks against the network. It can also help to manipulate HTTP and HTTPS...
View Article