In terms of improvements, a new module has been added - Cyber Threat Intelligence . Threat Intel module is being created to gather and analy...
[TestingWhiz] Test Automation Tool
TestingWhiz™ is an easy, intuitive and affordable solution based on a robust FAST® automation engine. It uses effortless and intelligent rec...
[ModSecurity v2.7] Open Source Web Application Firewall
ModSecurity is an embeddable web application firewall, which means it can be deployed as part of your existing web server infrastructure ...
[CrowdRE] Reverse Engineering Tool
A new project called CrowdRE aims to make it easy for the reverse engineering of complex applications working in collaboration with ot...
[OWASP CSRFTester] Facilitates Ability to Test Applications for CSRF
OWASP CSRFTester is a tool for testing CSRF vulnerability in websites. Just when developers are starting to run in circles over Cross Site ...
[Faraday] Penetration Test IDE
Faraday introduces a new concept (IPE) Integrated Penetration-Test Environment a multiuser Penetration test IDE. Designed for distribution, ...
[APKinspector] Powerful GUI tool to analyze the Android applications
The goal of this project is to aide analysts and reverse engineers to visualize compiled Android packages and their corresponding DEX code...
[SSLSmart] Smart SSL Cipher Enumeration
SSLSmart is a highly flexible and interactive tool aimed at improving efficiency and reducing false positives during SSL testing. A number ...
[SSL Audit] Remotely scans web servers for SSL support
SSL Audit remotely scans web servers for SSL support, unlike other tools it is not limited to ciphers supported by SSL engines such as Ope...
[SSLDigger v1.02] Tool to assess the strength of SSL
SSLDigger v1.02 is a tool to assess the strength of SSL servers by testing the ciphers supported. Some of these ciphers are known to be in...
[BTCrack v1.1] The worlds first Bluetooth Pass phrase (PIN) Bruteforce Tool
BTCrack is the worlds first Bluetooth Pass phrase (PIN) bruteforce tool, BTCrack will bruteforce the Passkey and the Link key from captu...
[Harden SSL/TLS] Hardening the SSL/TLS settings
“Harden SSL/TLS” allows hardening the SSL/TLS settings of Windows 2000,2003,2008,2008R2, XP,Vista,7 . It allows locally and remotely set S...
[CommView for WiFi 7.0] Wireless Network Monitor and Analyzer
CommView for WiFi is a powerful wireless network monitor and analyzer for 802.11 a/b/g/n/ac networks. Loaded with many user-friendly feat...
[XSS Cheat Sheet] Bypassing Modern Web Application Firewall XSS Filters
While we doing web application penetration testing for our clients, we may some time have to face the Web application Firewall that blocks ...
[Hasere v0.2] Discover vHosts using Google and Bing
Hasere is a tool that can discovery the virtual hosts and related filetype using google and bing search engines. Optionally, it uses the n...
[Cryptocat] Chat Client with encrypted conversations on iPhone and Android
Cryptocat is an experimental browser-based chat client for easy to use, encrypted conversations. It aims to make encrypted, private chat eas...
[Harald scan] Bluetooth discovery scanning
Harald Scan is able to determine Major and Minor device class of device, as well as attempt to resolve the device's MAC address to the ...
[IP-reputation-snort-rule-generator] A tool to generate Snort rules based on public IP reputation data
A tool to generate Snort rules or Cisco IDS signatures based on public IP/domain reputation data. Usage ./tepig.pl [ [--file=LOCAL_FILE] | [...
[Sahi] Web Test Automation Tool
Sahi Pro is a powerful tool for automation of web application testing. Sahi Pro helps test web applications across different browsers with ...
[THC-Hydra 7.5] Fast Parallel Network Logon Cracker
Hydra is a parallelized network logon cracker which supports numerous protocols to attack, new modules are easy to add, beside that, it is ...
[Blue|Smash] Bluetooth Penetration Testing Suite
Blue|Smash is a free open source bluetooth pentest suite, powered by python for linux. I built Blue|Smash to aid me in my bluetooth advent...
[Sandboxie] Sandbox Your Browser / Software / Programs In Windows
Sandboxie enables you to easily sandbox your browser and other programs, it runs your applications in an isolated abstraction area called a...
[Evil Foca] IPv4 and IPv6 Penetration testing tool
Evil Foca is a tool for Pentesters and Security Auditors to perform security testing in IPv4/ IPv6 data networks. The tool is capable to do...
[NOSQLMap] NoSQLMap-Automated NoSQL Database pwnage
What is NoSQLMap? NoSQLMap is an open source Python tool designed to audit for as well as automate injection attacks and exploit default c...
[Python eBooks] Free eBooks to learn Python
Think Python Learn Python the Hard way, 3rd edition Advance Python Features Gone Bad Invent Your Own Computer Game With Python Hacking Sec...
[SkyJack] Drone engineered to autonomously seek out, hack, and wirelessly take full control over any other drones
SkyJack is a drone engineered to autonomously seek out, hack, and wirelessly take full control over any other drones within wireless or fl...
[sb0x] Caja de herramientas para pruebas de penetración
Ruquirment Sistema: para ejecutar sb0x necesita instalar Python 2.7.x Características Herramientas: 1. WordPress fuerza bruta 2. Escáner ser...
[Orchid] Tor Client for Java
Orchid is a Tor client implementation and library written in pure Java. It was written from the Tor specification documents, which are avai...
[Canaima GNU/Linux] Distro socio-tecnológica
Canaima GNU/Linux es un proyecto socio-tecnológico abierto, construido de forma colaborativa, centrado en el desarrollo de herramientas y ...
[MKBRUTUS] Password bruteforcer for MikroTik devices or boxes running RouterOS
Mikrotik brand devices ( www.mikrotik.com ), which runs the RouterOS operative system, are worldwide known and popular with a high network...
[SQL injection test environment] A collection of web pages vulnerable to SQL injection flaws
A collection of web pages vulnerable to SQL injection flaws and more: conf/ - operating system configuration files used by deployment.sh ...
[Splinter] RAT open source
Splinter The Rat es una RAT (Remote Administration Tool). Este tipo de herramientas normalmente nos permite tomar el control de un bot (si...
[Wireless Attack Toolkit (WAT)] A push-button wireless hacking and Man-in-the-Middle attack toolkit
This project is designed to run on Embedded ARM platforms (specifically v6 and RaspberryPi but I'm working on more). It provides users w...
[Wapiti 2.3.0] Web Application Vulnerability Scanner
Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source...
[ike-scan] Discover & Fingerprint IKE Hosts (IPsec VPN Servers)
ike-scan discovers IKE hosts and can also fingerprint them using the retransmission backoff pattern. ike-scan can perform the following fun...
[Exploit Pack] The most advanced and easy to use tool for pentesters
Exploit Pack is an open source GPLv3 licensed bundle of scripts ( known as exploits ) with an easy to use GUI and a SID IDE. It’s built on J...
[OWASP GoatDroid] Project that will help educate security to application developers Android
OWASP GoatDroid is a fully functional and self-contained training environment for educating developers and testers on Android security. Goat...