From b3c0b9d13a9b9e86002679ebe7716ac3d2fd4de4 Mon Sep 17 00:00:00 2001 From: Anyon3 Date: Sat, 2 Jul 2016 17:25:11 +0000 Subject: [PATCH] Add files via upload --- categories/automation | 2 +- categories/backdoor | 4 ++-- categories/binary | 2 +- categories/cracker | 4 ++-- categories/crypto | 2 +- categories/debugger | 2 +- categories/defensive | 2 +- categories/devel | 1 + categories/disassembler | 4 ++-- categories/exploitation | 12 ++++++------ categories/firmware | 2 +- categories/fuzzer | 4 ++-- categories/mobile | 2 +- categories/networking | 6 +++--- categories/proxy | 2 +- categories/recon | 10 +++++----- categories/reversing | 2 +- categories/scanner | 17 +++++++++-------- categories/sniffer | 6 +++--- categories/webapp | 12 ++++++------ categories/wireless | 8 ++++---- 21 files changed, 54 insertions(+), 52 deletions(-) create mode 100644 categories/devel diff --git a/categories/automation b/categories/automation index 4851495..abfbc78 100644 --- a/categories/automation +++ b/categories/automation @@ -37,7 +37,7 @@ tiger|3.2.3|A security scanner, that checks computer for known problems. Can als tlssled|1.3|A Linux shell script whose purpose is to evaluate the security of a target SSL/TLS (HTTPS) web server implementation.|http://blog.taddong.com/2011/05/tlssled-v10.html unix-privesc-check|1.4|Tries to find misconfigurations that could allow local unprivilged users to escalate privileges to other users or to access local apps (e.g. databases)|http://pentestmonkey.net/tools/audit/unix-privesc-check username-anarchy|0.2|Tools for generating usernames when penetration testing.|http://www.morningstarsecurity.com/research/username-anarchy -veil|564.482e0cd|A tool designed to generate metasploit payloads that bypass common anti-virus solutions.|https://github.com/veil-evasion/Veil +veil|571.54d1d0e|A tool designed to generate metasploit payloads that bypass common anti-virus solutions.|https://github.com/veil-evasion/Veil vlan-hopping|21.a37ba4e|Easy 802.1Q VLAN Hopping|https://github.com/nccgroup/vlan-hopping voiphopper|2.04|A security validation tool that tests to see if a PC can mimic the behavior of an IP Phone. It rapidly automates a VLAN Hop into the Voice VLAN.|http://voiphopper.sourceforge.net/ wikigen|8.348aa99|A script to generate wordlists out of wikipedia pages.|https://github.com/zombiesam/wikigen diff --git a/categories/backdoor b/categories/backdoor index 88c98b5..2b165fb 100644 --- a/categories/backdoor +++ b/categories/backdoor @@ -1,7 +1,7 @@ aesshell|0.7|A backconnect shell for Windows and Unix written in python and uses AES in CBC mode in conjunction with HMAC-SHA256 for secure transport.|https://packetstormsecurity.com/files/132438/AESshell.7.html azazel|12.16ca8ac|A userland rootkit based off of the original LD_PRELOAD technique from Jynx rootkit.|https://github.com/chokepoint/azazel backcookie|45.35fb0a3|Small backdoor using cookie.|https://github.com/mrjopino/backcookie -backdoor-factory|172.d4de862|Patch win32/64 binaries with shellcode.|https://github.com/secretsquirrel/the-backdoor-factory +backdoor-factory|178.2d85ca4|Patch win32/64 binaries with shellcode.|https://github.com/secretsquirrel/the-backdoor-factory backdoorme|193.1a31041|A powerful utility capable of backdooring Unix machines with a slew of backdoors.|https://github.com/Kkevsterrr/backdoorme cymothoa|1|A stealth backdooring tool, that inject backdoor's shellcode into an existing process.|http://cymothoa.sourceforge.net/ dragon-backdoor|7.c7416b7|A sniffing, non binding, reverse down/exec, portknocking service Based on cd00r.c.|https://github.com/Shellntel/backdoors @@ -20,7 +20,7 @@ trixd00r|0.0.1|An advanced and invisible userland backdoor based on TCP/IP for U tsh|0.6|An open-source UNIX backdoor that compiles on all variants, has full pty support, and uses strong crypto for communication.|http://packetstormsecurity.com/search/?q=tsh tsh-sctp|2.850a2da|An open-source UNIX backdoor.|https://github.com/infodox/tsh-sctp u3-pwn|2.0|A tool designed to automate injecting executables to Sandisk smart usb devices with default U3 software install.|http://www.nullsecurity.net/tools/backdoor.html -unicorn|36.a81fdf2|A simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory.|https://github.com/trustedsec/unicorn +unicorn|37.92ee45a|A simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory.|https://github.com/trustedsec/unicorn webacoo|0.2.3|Web Backdoor Cookie Script-Kit.|https://bechtsoudis.com/webacoo/ webshells|14.112ea8c|Web Backdoors.|https://github.com/BlackArch/webshells webspa|0.8|A web knocking tool, sending a single HTTP/S to run O/S commands.|http://sourceforge.net/projects/webspa/ diff --git a/categories/binary b/categories/binary index fbd7ed2..c43542f 100644 --- a/categories/binary +++ b/categories/binary @@ -1,5 +1,5 @@ androguard|796.bf653d6|Reverse engineering, Malware and goodware analysis of Android applications and more.|https://github.com/androguard/androguard -angr|2973.97f400e|The next-generation binary analysis platform from UC Santa Barbara's Seclab.|https://github.com/angr/angr +angr|3081.7289895|The next-generation binary analysis platform from UC Santa Barbara's Seclab.|https://github.com/angr/angr binaryninja-python|13.83f59f7|Binary Ninja prototype written in Python.|https://github.com/Vector35/binaryninja-python bindead|4504.67019b9|A static analysis tool for binaries|https://bitbucket.org/mihaila/bindead bindiff|4.2.0|A comparison tool for binary files, that assists vulnerability researchers and engineers to quickly find differences and similarities in disassembled code.|http://www.zynamics.com/bindiff.html diff --git a/categories/cracker b/categories/cracker index 739f551..615f586 100644 --- a/categories/cracker +++ b/categories/cracker @@ -41,7 +41,7 @@ fang|20.4b176f3|A multi service threaded MD5 cracker.|https://github.com/evilsoc fcrackzip|1.0|Zip file password cracker|http://oldhome.schmorp.de/marc/fcrackzip.html fern-wifi-cracker|222|WEP, WPA wifi cracker for wireless penetration testing|http://code.google.com/p/fern-wifi-cracker/ ftp-scanner|0.2.5|Multithreaded ftp scanner/brute forcer. Tested on Linux, OpenBSD and Solaris.|http://wayreth.eu.org/old_page/ -hashcat|2.00|A multithreaded cross platform hash cracker.|http://hashcat.net/hashcat/ +hashcat|3.00|A multithreaded cross platform hash cracker.|http://hashcat.net/hashcat/ hashcat-utils|1.2|Utilites for Hashcat|http://hashcat.net/wiki/doku.php?id=hashcat_utils hasher|48.40173c5|A tool that allows you to quickly hash plaintext strings, or compare hashed values with a plaintext locally.|https://github.com/ChrisTruncer/Hasher hashtag|0.41|A python script written to parse and identify password hashes.|https://github.com/SmeegeSec/HashTag @@ -106,7 +106,7 @@ samdump2|3.0.0|Dump password hashes from a Windows NT/2k/XP installation|http:// samydeluxe|2.2ed1bac|Automatic samdump creation script.|http://github.com/jensp/samydeluxe sidguesser|1.0.5|Guesses sids/instances against an Oracle database according to a predefined dictionary file.|http://www.cqure.net/wp/tools/database/sidguesser/ sipcrack|0.2|A SIP protocol login cracker.|http://www.remote-exploit.org/codes_sipcrack.html -skul|11.6808dbe|A PoC to bruteforce the Cryptsetup implementation of Linux Unified Key Setup (LUKS).|https://github.com/cryptcoffee/skul +skul|14.e2c33ef|A PoC to bruteforce the Cryptsetup implementation of Linux Unified Key Setup (LUKS).|https://github.com/cryptcoffee/skul smbbf|0.9.1|SMB password bruteforcer.|http://packetstormsecurity.com/files/25381/smbbf.9.1.tar.gz.html snmp-brute|15.64ec0ce|SNMP brute force, enumeration, CISCO config downloader and password cracking script.|https://github.com/SECFORCE/SNMP-Brute speedpwn|8.3dd2793|An active WPA/2 Bruteforcer, original created to prove weak standard key generation in different ISP labeled routers without a client is connected.|https://gitorious.org/speedpwn/ diff --git a/categories/crypto b/categories/crypto index 12369a2..ed14593 100644 --- a/categories/crypto +++ b/categories/crypto @@ -1,6 +1,6 @@ aespipe|2.4d|Reads data from stdin and outputs encrypted or decrypted results to stdout.|http://loop-aes.sourceforge.net/aespipe/ auto-xor-decryptor|5.1f552be|Automatic XOR decryptor tool.|http://www.blog.mrg-effitas.com/publishing-of-mrg-effitas-automatic-xor-decryptor-tool/ -b2sum|54.003671f|BLAKE2 file hash sum check. Computes the BLAKE2 (BLAKE2b or -s, -bp, -sp) cryptographic hash of a given file.|https://blake2.net/ +b2sum|57.cb0506c|BLAKE2 file hash sum check. Computes the BLAKE2 (BLAKE2b or -s, -bp, -sp) cryptographic hash of a given file.|https://blake2.net/ bletchley|0.0.1|A collection of practical application cryptanalysis tools.|https://code.google.com/p/bletchley/ ciphertest|20.3224858|A better SSL cipher checker using gnutls.|https://github.com/OpenSecurityResearch/ciphertest ciphr|105.db79691|A CLI tool for encoding, decoding, encryption, decryption, and hashing streams of data.|https://github.com/frohoff/ciphr diff --git a/categories/debugger b/categories/debugger index efcb831..2546aac 100644 --- a/categories/debugger +++ b/categories/debugger @@ -5,4 +5,4 @@ ollydbg|201g|A 32-bit assembler-level analysing debugger|http://www.ollydbg.de peda|1.1|Python Exploit Development Assistance for GDB|https://github.com/longld/peda rr|4.2.0|A Record and Replay Framework.|https://github.com/mozilla/rr shellnoob|2.1|A toolkit that eases the writing and debugging of shellcode|https://github.com/reyammer/shellnoob -vivisect|469.c1a517b|A Python based static analysis and reverse engineering framework, Vdb is a Python based research/reversing focused debugger and programatic debugging API by invisigoth of kenshoto|http://visi.kenshoto.com/ +vivisect|482.cae2a9d|A Python based static analysis and reverse engineering framework, Vdb is a Python based research/reversing focused debugger and programatic debugging API by invisigoth of kenshoto|http://visi.kenshoto.com/ diff --git a/categories/defensive b/categories/defensive index 712b4cc..05e50e3 100644 --- a/categories/defensive +++ b/categories/defensive @@ -12,5 +12,5 @@ snort|2.9.8.2|A lightweight network intrusion detection system.|http://www.snort suricata|3.0.1|An Open Source Next Generation Intrusion Detection and Prevention Engine.|http://openinfosecfoundation.org/index.php/download-suricata tabi|6.6654ceb|BGP Hijack Detection.|https://github.com/ANSSI-FR/tabi tor-autocircuit|0.2|Tor Autocircuit was developed to give users a finer control over Tor circuit creation. The tool exposes the functionality of TorCtl library which allows its users to control circuit length, speed, geolocation, and other parameters.|http://www.thesprawl.org/projects/tor-autocircuit/ -tor-browser-en|6.0.1|Tor Browser Bundle: Anonymous browsing using firefox and tor|https://www.torproject.org/projects/torbrowser.html.en +tor-browser-en|6.0.2|Tor Browser Bundle: Anonymous browsing using firefox and tor|https://www.torproject.org/projects/torbrowser.html.en vidalia|0.2.21|Controller GUI for Tor.|https://www.torproject.org/vidalia diff --git a/categories/devel b/categories/devel new file mode 100644 index 0000000..7e881d9 --- /dev/null +++ b/categories/devel @@ -0,0 +1 @@ +python2-binaryornot|0.4.0|Ultra-lightweight pure Python package to check if a file is binary or text.|https://github.com/audreyr/binaryornot diff --git a/categories/disassembler b/categories/disassembler index f159883..af12da8 100644 --- a/categories/disassembler +++ b/categories/disassembler @@ -5,6 +5,6 @@ frida|284.79d63f5|An interactive disassembler based on LLVM and Qt.|https://www. libdisasm|0.23|A disassembler library.|http://bastard.sourceforge.net/libdisasm.html marc4dasm|6.f11860f|This python-based tool is a disassembler for the Atmel MARC4 (a 4 bit Harvard micro).|https://github.com/ApertureLabsLtd/marc4dasm pwntools|2.2.0|The CTF framework used by #Gallopsled in every CTF.|https://github.com/Gallopsled/pwntools -reverse|788.3824a34|Reverse engineering tool for x86/ARM/MIPS. Generates indented pseudo-C with colored syntax code.|https://github.com/joelpx/reverse +reverse|795.6617456|Reverse engineering tool for x86/ARM/MIPS. Generates indented pseudo-C with colored syntax code.|https://github.com/joelpx/reverse smali|2.1.1|An assembler/disassembler for Android's dex format|https://github.com/JesusFreke/smali -viper|1093.a9a7ae2|A Binary analysis framework.|https://github.com/botherder/viper +viper|1096.1637f84|A Binary analysis framework.|https://github.com/botherder/viper diff --git a/categories/exploitation b/categories/exploitation index ef5f019..fd4de20 100644 --- a/categories/exploitation +++ b/categories/exploitation @@ -3,7 +3,7 @@ armitage|150813|A graphical cyber attack management tool for Metasploit.|http:// armscgen|75.fdf2ff3|ARM Shellcode Generator (Mostly Thumb Mode).|https://github.com/alexpark07/ARMSCGen arpoison|0.7|The UNIX arp cache update utility|http://www.arpoison.net bed|0.5|Collection of scripts to test for buffer overflows, format string vulnerabilities.|http://www.aldeid.com/wiki/Bed -beef|0.4.7.0.194.g0234c54|The Browser Exploitation Framework that focuses on the web browser|http://beefproject.com/ +beef|0.4.7.0.195.g5fb1fa3|The Browser Exploitation Framework that focuses on the web browser|http://beefproject.com/ bfbtester|2.0.1|Performs checks of single and multiple argument command line overflows and environment variable overflows|http://sourceforge.net/projects/bfbtester/ binex|1.0|Format String exploit building tool.|http://www.morxploit.com/morxtool bitdump|34.6a5cbd8|A tool to extract database data from a blind SQL injection vulnerability.|https://github.com/nbshelton/bitdump @@ -39,7 +39,7 @@ killerbee|99|Framework and tools for exploiting ZigBee and IEEE 802.15.4 network leroy-jenkins|3.bdc3965|A python tool that will allow remote execution of commands on a Jenkins server and its nodes.|https://github.com/captainhooligan/Leroy-Jenkins lfi-autopwn|3.0|A Perl script to try to gain code execution on a remote server via LFI|http://www.blackhatlibrary.net/Lfi_autopwn.pl lisa.py|30.622f9fe|An Exploit Dev Swiss Army Knife.|https://github.com/ant4g0nist/lisa.py -metasploit|38676.3413059|An open source platform that supports vulnerability research, exploit development and the creation of custom security tools representing the largest collection of quality-assured exploits.|http://www.metasploit.com +metasploit|38754.fd07da3|An open source platform that supports vulnerability research, exploit development and the creation of custom security tools representing the largest collection of quality-assured exploits.|http://www.metasploit.com minimysqlator|0.5|A multi-platform application used to audit web sites in order to discover and exploit SQL injection vulnerabilities.|http://www.scrt.ch/en/attack/downloads/mini-mysqlat0r miranda-upnp|1.3|A Python-based Universal Plug-N-Play client application designed to discover, query and interact with UPNP devices|http://code.google.com/p/miranda-upnp/ mitmf|430.2dc1dd4|A Framework for Man-In-The-Middle attacks written in Python.|https://github.com/byt3bl33d3r/MITMf @@ -58,14 +58,14 @@ rext|40.43ca8f6|Router EXploitation Toolkit - small toolkit for easy creation an rfcat|150225|RF ChipCon-based Attack Toolset.|http://code.google.com/p/rfcat ropeme|1.0|ROPME is a set of python scripts to generate ROP gadgets and payload.|http://www.vnsecurity.net/2010/08/ropeme-rop-exploit-made-easy/ ropgadget|5.4|Lets you search your gadgets on your binaries (ELF format) to facilitate your ROP exploitation.|https://github.com/JonathanSalwan/ROPgadget -ropper|1.10.0|Show information about binary files and find gadgets to build rop chains for different architectures|https://github.com/sashs/Ropper +ropper|1.10.7|Show information about binary files and find gadgets to build rop chains for different architectures|https://github.com/sashs/Ropper roputils|189.07fc123|A Return-oriented Programming toolkit.|https://github.com/inaz2/roputils -routersploit|275.c026726|The Router Exploitation Framework.|https://github.com/reverse-shell/routersploit +routersploit|285.3e39991|The Router Exploitation Framework.|https://github.com/reverse-shell/routersploit rp|136.5f0841c|A full-cpp written tool that aims to find ROP sequences in PE/Elf/Mach-O x86/x64 binaries.|https://github.com/0vercl0k/rp -rspet|95.db9c012|A Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.|https://github.com/panagiks/RSPET +rspet|97.70cd210|A Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.|https://github.com/panagiks/RSPET shellcodecs|0.1|A collection of shellcode, loaders, sources, and generators provided with documentation designed to ease the exploitation and shellcode programming process.|http://www.blackhatlibrary.net/Shellcodecs shellme|3.8c7919d|Because sometimes you just need shellcode and opcodes quickly. This essentially just wraps some nasm/objdump calls into a neat script.|https://github.com/hatRiot/shellme -shellsploit-framework|250.a5fd60c|New Generation Exploit Development Kit.|https://github.com/b3mb4m/shellsploit-framework +shellsploit-framework|256.8198e14|New Generation Exploit Development Kit.|https://github.com/b3mb4m/shellsploit-framework shocker|60.239286f|A tool to find and exploit servers vulnerable to Shellshock.|https://github.com/nccgroup/shocker snarf-mitm|40.49cc8cb|SMB Man in the Middle Attack Engine / relay suite.|https://github.com/purpleteam/snarf sqlninja|0.2.999|A tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end.|http://sqlninja.sourceforge.net/ diff --git a/categories/firmware b/categories/firmware index 96f8f73..dc17dff 100644 --- a/categories/firmware +++ b/categories/firmware @@ -1,3 +1,3 @@ firmwalker|69.dd1ef71|Script for searching the extracted firmware file system for goodies.|https://github.com/craigz28/firmwalker firmware-mod-kit|099|Modify firmware images without recompiling.|http://code.google.com/p/firmware-mod-kit -uefi-firmware-parser|136.e6f122a|Parse BIOS/Intel ME/UEFI firmware related structures: Volumes, FileSystems, Files, etc|https://github.com/theopolis/uefi-firmware-parser +uefi-firmware-parser|141.fc50c86|Parse BIOS/Intel ME/UEFI firmware related structures: Volumes, FileSystems, Files, etc|https://github.com/theopolis/uefi-firmware-parser diff --git a/categories/fuzzer b/categories/fuzzer index 8215458..4388dab 100644 --- a/categories/fuzzer +++ b/categories/fuzzer @@ -1,4 +1,4 @@ -afl|2.15b|Security-oriented fuzzer using compile-time instrumentation and genetic algorithms|http://lcamtuf.coredump.cx/afl/ +afl|2.17b|Security-oriented fuzzer using compile-time instrumentation and genetic algorithms|http://lcamtuf.coredump.cx/afl/ backfuzz|36.8e54ed6|A network protocol fuzzing toolkit.|https://github.com/localh0t/backfuzz browser-fuzzer|3|Browser Fuzzer 3|http://www.krakowlabs.com/dev.html bunny|0.93|A closed loop, high-performance, general purpose protocol-blind fuzzer for C programs.|http://code.google.com/p/bunny-the-fuzzer/ @@ -13,7 +13,7 @@ firewalk|5.0|An active reconnaissance network security tool|http://packetfactory frisbeelite|1.2|A GUI-based USB device fuzzer.|https://github.com/nccgroup/FrisbeeLite ftester|1.0|A tool designed for testing firewall filtering policies and Intrusion Detection System (IDS) capabilities.|http://www.inversepath.com/ftester.html ftp-fuzz|1337|The master of all master fuzzing scripts specifically targeted towards FTP server sofware.|http://nullsecurity.net/tools/fuzzer.html -fuddly|259.2dcc410|Fuzzing and Data Manipulation Framework (for GNU/Linux).|https://github.com/k0retux/fuddly +fuddly|273.38468f5|Fuzzing and Data Manipulation Framework (for GNU/Linux).|https://github.com/k0retux/fuddly fusil|1.5|A Python library used to write fuzzing programs.|http://bitbucket.org/haypo/fusil/wiki/Home fuzzball2|0.7|A little fuzzer for TCP and IP options. It sends a bunch of more or less bogus packets to the host of your choice.|http://nologin.org/ fuzzdb|279.637a885|Attack and Discovery Pattern Database for Application Fuzz Testing|https://code.google.com/p/fuzzdb/ diff --git a/categories/mobile b/categories/mobile index 128326f..b68a566 100644 --- a/categories/mobile +++ b/categories/mobile @@ -9,5 +9,5 @@ cnamulator|5.4667c68|A phone CNAM lookup utility using the OpenCNAM API.|https:/ drozer|2.3.4|A security testing framework for Android - Precompiled binary from official repository.|https://github.com/mwrlabs/drozer kalibrate-rtl|11.aae11c8|Fork of http://thre.at/kalibrate/ for use with rtl-sdr devices.|https://github.com/steve-m/kalibrate-rtl mobsf|129.a594b08|An intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static, dynamic analysis and web API testing.|https://github.com/ajinabraham/Mobile-Security-Framework-MobSF -qark|15.930b99d|Tool to look for several security related Android application vulnerabilities.|https://github.com/linkedin/qark +qark|38.c270b84|Tool to look for several security related Android application vulnerabilities.|https://github.com/linkedin/qark smartphone-pentest-framework|104.fc45347|Repository for the Smartphone Pentest Framework (SPF).|https://github.com/georgiaw/Smartphone-Pentest-Framework diff --git a/categories/networking b/categories/networking index 87523d1..6ebbb23 100644 --- a/categories/networking +++ b/categories/networking @@ -1,5 +1,5 @@ afpfs-ng|0.8.1|A client for the Apple Filing Protocol (AFP)|http://alexthepuffin.googlepages.com/ -aiengine|526.23434ea|A packet inspection engine with capabilities of learning without any human intervention.|https://bitbucket.org/camp0/aiengine/ +aiengine|527.a98ad93|A packet inspection engine with capabilities of learning without any human intervention.|https://bitbucket.org/camp0/aiengine/ argus|3.0.8.1|Network monitoring tool with flow control.|http://qosient.com/argus/ argus-clients|3.0.8|Network monitoring client for Argus.|http://qosient.com/argus/ arp-scan|1.9|A tool that uses ARP to discover and fingerprint IP hosts on the local network|http://www.nta-monitor.com/tools/arp-scan/ @@ -19,7 +19,7 @@ dnsfilexfer|14.20743e0|File transfer via DNS.|https://github.com/leonjza/dnsfile dnsteal|23.9b3b929|DNS Exfiltration tool for stealthily sending files over DNS requests..|https://github.com/m57/dnsteal dump1090|386.bff92c4|A simple Mode S decoder for RTLSDR devices.|https://github.com/MalcolmRobb/dump1090 etherape|0.9.14|A graphical network monitor for various OSI layers and protocols|http://etherape.sourceforge.net/ -exabgp|3266.aad68f8|The BGP swiss army knife of networking.|https://github.com/Exa-Networks/exabgp +exabgp|3274.358ef42|The BGP swiss army knife of networking.|https://github.com/Exa-Networks/exabgp filibuster|164.f343308|A Egress filter mapping application with additional functionality.|https://github.com/subinacls/Filibuster flowinspect|96.1f62b3b|A network traffic inspection tool.|https://github.com/7h3rAm/flowinspect fping|3.13|A utility to ping multiple hosts at once|http://www.fping.org/ @@ -86,7 +86,7 @@ sockstat|0.3|A tool to let you view information about open connections. It is si spiped|1.5.0|A utility for creating symmetrically encrypted and authenticated pipes between socket addresses.|https://www.tarsnap.com/spiped.html sps|4.3|A Linux packet crafting tool. Supports IPv4, IPv6 including extension headers, and tunneling IPv6 over IPv4.|https://sites.google.com/site/simplepacketsender/ sslh|1.18|SSL/SSH/OpenVPN/XMPP/tinc port multiplexer|http://www.rutschle.net/tech/sslh.shtml -stunnel|5.32|A program that allows you to encrypt arbitrary TCP connections inside SSL|https://www.stunnel.org/ +stunnel|5.33|A program that allows you to encrypt arbitrary TCP connections inside SSL|https://www.stunnel.org/ swaks|20130209.0|Swiss Army Knife SMTP; Command line SMTP testing, including TLS and AUTH|http://jetmore.org/john/code/swaks/ tcpdump|4.7.4|A tool for network monitoring and data acquisition|http://www.tcpdump.org tcpextract|1.1|Extracts files from captured TCP sessions. Support live streams and pcap files.|https://pypi.python.org/pypi/tcpextract/1.1 diff --git a/categories/proxy b/categories/proxy index 6913f2d..94ad031 100644 --- a/categories/proxy +++ b/categories/proxy @@ -11,7 +11,7 @@ proxychains-ng|4.11|A hook preloader that allows to redirect TCP traffic of exis proxyp|2013|Small multithreaded Perl script written to enumerate latency, port numbers, server names, & geolocations of proxy IP addresses.|http://sourceforge.net/projects/proxyp/ sergio-proxy|0.2.1|A multi-threaded transparent HTTP proxy for manipulating web traffic|https://github.com/darkoperator/dnsrecon sshuttle|0.78.0|Transparent proxy server that forwards all TCP packets over ssh|https://github.com/sshuttle/sshuttle -ssrf-proxy|207.07b4937|Facilitates tunneling HTTP communications through servers vulnerable to Server-Side Request Forgery.|https://github.com/bcoles/ssrf_proxy +ssrf-proxy|208.655d935|Facilitates tunneling HTTP communications through servers vulnerable to Server-Side Request Forgery.|https://github.com/bcoles/ssrf_proxy starttls-mitm|7.b257756|A mitm proxy that will transparently proxy and dump both plaintext and TLS traffic.|https://github.com/ipopov/starttls-mitm striptls|48.65a7078|Proxy PoC implementation of STARTTLS stripping attacks.|https://github.com/tintinweb/striptls tftp-proxy|0.1|This tool accepts connection on tftp and reloads requested content from an upstream tftp server. Meanwhile modifications to the content can be done by pluggable modules. So this one's nice if your mitm with some embedded devices.|http://www.c0decafe.de/ diff --git a/categories/recon b/categories/recon index 71ea336..e2be896 100644 --- a/categories/recon +++ b/categories/recon @@ -17,7 +17,7 @@ fbid|11.b8106f8|Show info about the author by facebook photo url.|https://github flashlight|107.39594b5|Automated Information Gathering Tool for Penetration Testers.|https://github.com/galkan/flashlight geoedge|0.2|This little tools is designed to get geolocalization information of a host, it get the information from two sources (maxmind and geoiptool).| githack|6.b83a744|A `.git` folder disclosure exploit.|https://github.com/lijiejie/githack -gitminer|23.28d2cec|Tool for advanced mining for content on Github.|https://github.com/danilovazb/GitMiner +gitminer|29.e25f339|Tool for advanced mining for content on Github.|https://github.com/danilovazb/GitMiner goodork|2.2|A python script designed to allow you to leverage the power of google dorking straight from the comfort of your command line.|http://goo-dork.blogspot.com/ goofile|1.5|Command line filetype search|https://code.google.com/p/goofile/ goog-mail|1.0|Enumerate domain emails from google.|http://www.darkc0de.com/others/goog-mail.py @@ -27,7 +27,7 @@ hasere|1.0|Discover the vhosts using google and bing.|https://github.com/galkan/ idswakeup|1.0|A collection of tools that allows to test network intrusion detection systems.|http://www.hsc.fr/ressources/outils/idswakeup/index.html.en intrace|1.5|Traceroute-like application piggybacking on existing TCP connections|http://intrace.googlecode.com ircsnapshot|94.cb02a85|Tool to gather information from IRC servers.|https://github.com/bwall/ircsnapshot -ivre|912.4ea2a72|Network recon framework.|https://ivre.rocks/ +ivre|954.2a7f74c|Network recon framework.|https://ivre.rocks/ kacak|1.0|Tools for penetration testers that can enumerate which users logged on windows system.|https://github.com/galkan/kacak lanmap2|127.1197999|Passive network mapping tool.|http://github.com/rflynn/lanmap2 lbd|20130719|Load Balancing detector|http://ge.mine.nu/code/lbd @@ -56,11 +56,11 @@ recon-ng|4.8.0|A full-featured Web Reconnaissance framework written in Python.|h revipd|5.2aaacfb|A simple reverse IP domain scanner.|https://github.com/PypeRanger/revipd ripdc|0.2|A script which maps domains related to an given ip address or domainname.|http://nullsecurity.net/tools/scanner sctpscan|34.4d44706|A network scanner for discovery and security.|http://www.p1sec.com/ -simplyemail|456.c094a8f|Email recon made fast and easy, with a framework to build on http://CyberSyndicates.com.|https://github.com/killswitch-GUI/SimplyEmail +simplyemail|482.67fe027|Email recon made fast and easy, with a framework to build on http://CyberSyndicates.com.|https://github.com/killswitch-GUI/SimplyEmail sipi|10.10f087f|Simple IP Information Tools for Reputation Data Analysis.|https://github.com/ST2Labs/SIPI smbcrunch|4.46267a3|3 tools that work together to simplify reconaissance of Windows File Shares.|https://github.com/Raikia/SMBCrunch smtp-user-enum|1.2|Username guessing tool primarily for use against the default Solaris SMTP service. Can use either EXPN, VRFY or RCPT TO.|http://pentestmonkey.net/tools/user-enumeration/smtp-user-enum -sn1per|80.81324fe|Automated Pentest Recon Scanner.|https://github.com/1N3/Sn1per +sn1per|83.f402b9a|Automated Pentest Recon Scanner.|https://github.com/1N3/Sn1per spiderfoot|2.6.1|The Open Source Footprinting Tool.|http://spiderfoot.net/ ssl-hostname-resolver|1|CN (Common Name) grabber on X.509 Certificates over HTTPS.|http://packetstormsecurity.com/files/120634/Common-Name-Grabber-Script.html subdomainer|1.2|A tool designed for obtaining subdomain names from public sources.|http://www.edge-security.com/subdomainer.php @@ -75,4 +75,4 @@ vbrute|1.11dda8b|Virtual hosts brute forcer.|https://github.com/nccgroup/vbrute waldo|28.a33de7a|A lightweight and multithreaded directory and subdomain bruteforcer implemented in Python.|https://github.com/red-team-labs/waldo websearch|1.cce2384|Search vhost names given a host range. Powered by Bing..|https://github.com/PentesterES/WebSearch whatweb|4188.f467aa2|Next generation web scanner that identifies what websites are running.|http://www.morningstarsecurity.com/research/whatweb -zgrab|501.750e13a|Grab banners (optionally over TLS).|https://github.com/zmap/zgrab +zgrab|511.7b65b58|Grab banners (optionally over TLS).|https://github.com/zmap/zgrab diff --git a/categories/reversing b/categories/reversing index 3da9d88..befe019 100644 --- a/categories/reversing +++ b/categories/reversing @@ -1,4 +1,4 @@ -android-apktool|2.0.3|A tool for reengineering Android apk files.|http://forum.xda-developers.com/showthread.php?t=1755243 +android-apktool|2.1.1|A tool for reengineering Android apk files.|http://forum.xda-developers.com/showthread.php?t=1755243 bsdiff|4.3|bsdiff and bspatch are tools for building and applying patches to binary files.|http://www.daemonology.net/bsdiff/ capstone|3.0.4|A lightweight multi-platform, multi-architecture disassembly framework|http://www.capstone-engine.org/index.html flasm|1.62|Disassembler tool for SWF bytecode|http://www.nowrap.de/flasm.html diff --git a/categories/scanner b/categories/scanner index 6373852..52dccf6 100644 --- a/categories/scanner +++ b/categories/scanner @@ -3,9 +3,9 @@ admsnmp|0.1|ADM SNMP audit scanner.| allthevhosts|1.0|A vhost discovery tool that scrapes various web applications.|http://labs.portcullis.co.uk/tools/finding-all-the-vhosts/ apache-users|2.1|This perl script will enumerate the usernames on a unix system that use the apache module UserDir.|https://labs.portcullis.co.uk/downloads/ athena-ssl-scanner|0.6.2|a SSL cipher scanner that checks all cipher codes. It can identify about 150 different ciphers.|http://packetstormsecurity.com/files/93062/Athena-SSL-Cipher-Scanner.html -atscan|553.0076196|Server, Site and Dork Scanner.|https://github.com/AlisamTechnology/ATSCAN-V3.1 +atscan|605.d7d934e|Server, Site and Dork Scanner.|https://github.com/AlisamTechnology/ATSCAN-V3.1 birp|60.1d7c49f|A tool that will assist in the security assessment of mainframe applications served over TN3270.|https://github.com/sensepost/birp -bluto|134.8defadb|Recon, Subdomain Bruting, Zone Transfers.|https://github.com/RandomStorm/Bluto +bluto|141.2e87191|Recon, Subdomain Bruting, Zone Transfers.|https://github.com/RandomStorm/Bluto braa|0.82|A mass snmp scanner|http://s-tech.elsat.net.pl/braa/ camscan|1.0057215|A tool which will analyze the CAM table of Cisco switches to look for anamolies.|https://github.com/securestate/camscan cangibrina|114.57dc151|Dashboard Finder.|https://github.com/fnk0c/cangibrina @@ -21,7 +21,7 @@ cloudflare-enum|9.c1d8fca|Cloudflare DNS Enumeration Tool for Pentesters.|https: cmsmap|3.37b64be|A python open source Content Management System scanner that automates the process of detecting security flaws of the most popular CMSs.|https://www.dionach.com/blog/cmsmap-%E2%80%93-a-simple-cms-vulnerability-scanner configpush|0.8.5|This is a tool to span /8-sized networks quickly sending snmpset requests with default or otherwise specified community string to Cisco devices.|http://packetstormsecurity.com/files/126621/Config-Push-snmpset-Utility.html cpfinder|0.1|This is a simple script that looks for administrative web interfaces.|http://packetstormsecurity.com/files/118851/Control-Panel-Finder-Script.html -crackmapexec|270.58edfe1|A swiss army knife for pentesting Windows/Active Directory environments.|https://github.com/byt3bl33d3r/CrackMapExec +crackmapexec|275.928c9af|A swiss army knife for pentesting Windows/Active Directory environments.|https://github.com/byt3bl33d3r/CrackMapExec creepy|137.9f60449|A geolocation information gatherer. Offers geolocation information gathering through social networking platforms.|http://github.com/ilektrojohn/creepy.git cvechecker|3.5|The goal of cvechecker is to report about possible vulnerabilities on your system, by scanning the installed software and matching the results with the CVE database.|http://cvechecker.sourceforge.net/ darkbing|0.1|A tool written in python that leverages bing for mining data on systems that may be susceptible to SQL injection.|http://packetstormsecurity.com/files/111510/darkBing-SQL-Scanner.1.html @@ -53,12 +53,13 @@ fernmelder|6.c6d4ebe|Asynchronous mass DNS scanner.|https://github.com/stealth/f fgscanner|11.893372c|An advanced, opensource URL scanner.|http://www.fantaghost.com/fgscanner fierce|0.9.9|A DNS scanner|http://ha.ckers.org/fierce/ find-dns|0.1|A tool that scans networks looking for DNS servers.|https://packetstormsecurity.com/files/132449/Find-DNS-Scanner.html -flashscanner|10.c88c156|Flash XSS Scanner.|https://github.com/riusksk/FlashScanner +flashscanner|11.6815b02|Flash XSS Scanner.|https://github.com/riusksk/FlashScanner flunym0us|2.0|A Vulnerability Scanner for Wordpress and Moodle.|http://code.google.com/p/flunym0us/ forkingportscanner|1|Simple and fast forking port scanner written in perl. Can only scan on host at a time, the forking is done on the specified port range. Or on the default range of 1. Has the ability to scan UDP or TCP, defaults to tcp.|http://magikh0e.xyz/ fs-nyarl|1.0|A network takeover & forensic analysis tool - useful to advanced PenTest tasks & for fun and profit.|http://www.fulgursecurity.com/en/content/fs-nyarl fsnoop|3.3|A tool to monitor file operations on GNU/Linux systems by using the Inotify mechanism. Its primary purpose is to help detecting file race condition vulnerabilities and since version 3, to exploit them with loadable DSO modules (also called "payload modules" or "paymods").|http://vladz.devzero.fr/fsnoop.php ftp-spider|1.0|FTP investigation tool - Scans ftp server for the following: reveal entire directory tree structures, detect anonymous access, detect directories with write permissions, find user specified data within repository.|http://packetstormsecurity.com/files/35120/ftp-spider.pl.html +ftpscout|12.cf1dff1|Scans ftps for anonymous access.|https://github.com/RubenRocha/ftpscout gggooglescan|0.4|A Google scraper which performs automated searches and returns results of search queries in the form of URLs or hostnames.|http://www.morningstarsecurity.com/research/gggooglescan ghost-phisher|1.62|GUI suite for phishing and penetration attacks|http://code.google.com/p/ghost-phisher gitrob|1.1.0|Scan Github For Sensitive Files.|http://michenriksen.com/blog/gitrob-putting-the-open-source-in-osint/ @@ -83,7 +84,7 @@ ipscan|3.4.1|Angry IP scanner is a very fast IP address and port scanner.|http:/ iptv|134.720cc12|Search and brute force illegal iptv server.|https://github.com/Pinperepette/IPTV ipv6toolkit|2.0|SI6 Networks' IPv6 Toolkit|http://www.si6networks.com/tools/ipv6toolkit/ jsql|0.74|A lightweight application used to find database information from a distant server.|https://code.google.com/p/jsql-injection/ -knock|223.61a1b8f|Subdomain scanner.|https://github.com/guelfoweb/knock +knock|222.19f36ef|Subdomain scanner.|https://github.com/guelfoweb/knock laf|12.7a456b3|Login Area Finder: scans host/s for login panels.|https://github.com/takeshixx/laf letmefuckit-scanner|3.f3be22b|Scanner and Exploit Magento.|https://github.com/onthefrontline/LetMeFuckIt-Scanner lfi-scanner|4.0|This is a simple perl script that enumerates local file inclusion attempts when given a specific target.|http://packetstormsecurity.com/files/102848/LFI-Scanner.0.html @@ -104,7 +105,7 @@ nikto|2.1.6|A web server scanner which performs comprehensive tests against web nmap|7.12|Utility for network discovery and security auditing|http://nmap.org/ nmbscan|1.2.6|Tool to scan the shares of a SMB/NetBIOS network, using the NMB/SMB/NetBIOS protocols.|http://nmbscan.gbarbier.org/ nsia|1.0.6|A website scanner that monitors websites in realtime in order to detect defacements, compliance violations, exploits, sensitive information disclosure and other issues.|http://threatfactor.com/Products/ -o-saft|1258.d3f4742|A tool to show informations about SSL certificate and tests the SSL connection according given list of ciphers and various SSL configurations.|https://www.owasp.org/index.php/O-Saft +o-saft|1271.bfb8d1c|A tool to show informations about SSL certificate and tests the SSL connection according given list of ciphers and various SSL configurations.|https://www.owasp.org/index.php/O-Saft ocs|0.2|Compact mass scanner for Cisco routers with default telnet/enable passwords.|http://packetstormsecurity.com/files/119462/OCS-Cisco-Scanner.2.html onionscan|39.35fd1d3|Scan Onion Services for Security Issues.|github.com/s-rah/onionscan openvas-cli|1.4.3|The OpenVAS Command-Line Interface|http://www.openvas.org/ @@ -170,7 +171,7 @@ upnpscan|0.4|Scans the LAN or a given address range for UPnP capable devices.|ht uw-loveimap|0.1|Multi threaded imap bounce scanner.|http://uberwall.org/bin/download/45/UWloveimap.tgz uw-udpscan|0.1|Multi threaded udp scanner.|http://uberwall.org/bin/download/44/UWudpscan.tar.gz uw-zone|0.1|Multi threaded, randomized IP zoner.|http://uberwall.org/bin/download/43/UWzone.tgz -v3n0m|167.b5e59d7|A tool to automate mass SQLi d0rk scans and Metasploit Vulns.|https://github.com/v3n0m-Scanner/V3n0M-Scanner +v3n0m|168.5c20fa5|A tool to automate mass SQLi d0rk scans and Metasploit Vulns.|https://github.com/v3n0m-Scanner/V3n0M-Scanner vane|1855.6a47cd8|A vulnerability scanner which checks the security of WordPress installations using a black box approach.|https://github.com/delvelabs/vane videosnarf|0.63|A new security assessment tool for pcap analysis|http://ucsniff.sourceforge.net/videosnarf.html vscan|10.da4e47e|HTTPS / Vulnerability scanner.|https://github.com/pasjtene/Vscan @@ -179,7 +180,7 @@ waffit|137.4149c12|Identify and fingerprint Web Application Firewall (WAF) produ webenum|0.1|Tool to enumerate http responses using dynamically generated queries and more. Useful for penetration tests against web servers.|http://code.google.com/p/webenum/ webpwn3r|35.3fb27bb|A python based Web Applications Security Scanner.|https://github.com/zigoo0/webpwn3r webrute|3.3|Web server directory brute forcer.|https://github.com/BlackArch/webrute -wpscan|2050.943bfc3|A vulnerability scanner which checks the security of WordPress installations using a black box approach.|http://wpscan.org +wpscan|2053.825523a|A vulnerability scanner which checks the security of WordPress installations using a black box approach.|http://wpscan.org xcname|9.08942ae|A tool for enumerating expired domains in CNAME records.|https://github.com/mandatoryprogrammer/xcname xpire-crossdomain-scanner|1.0cb8d3b|Scans crossdomain.xml policies for expired domain names.|https://github.com/mandatoryprogrammer/xpire-crossdomain-scanner xsstracer|5.f2ed21a|Python script that checks remote web servers for Clickjacking, Cross-Frame Scripting, Cross-Site Tracing and Host Header Injection.|https://github.com/1N3/XSSTracer diff --git a/categories/sniffer b/categories/sniffer index d9047ae..9c247f7 100644 --- a/categories/sniffer +++ b/categories/sniffer @@ -1,4 +1,4 @@ -bettercap|801.2366d75|A complete, modular, portable and easily extensible MITM framework.|https://github.com/evilsocket/bettercap +bettercap|803.6de1aaa|A complete, modular, portable and easily extensible MITM framework.|https://github.com/evilsocket/bettercap bittwist|2.0|A simple yet powerful libpcap-based Ethernet packet generator. It is designed to complement tcpdump, which by itself has done a great job at capturing network traffic.|http://bittwist.sourceforge.net/ cdpsnarf|0.1.6|Cisco discovery protocol sniffer.|https://github.com/Zapotek/cdpsnarf creds|17.1ec8297|Harvest FTP/POP/IMAP/HTTP/IRC credentials along with interesting data from each of the protocols.|https://github.com/DanMcInerney/creds.py @@ -30,6 +30,6 @@ stenographer|426.98cf479|A packet capture solution which aims to quickly spool a tcpick|0.2.1|TCP stream sniffer and connection tracker|http://tcpick.sourceforge.net/ tuxcut|5.1|Netcut-like program for Linux written in PyQt.|http://bitbucket.org/a_atalla/tuxcut/ wifi-monitor|24.33b682e|Prints the IPs on your local network that're sending the most packets.|https://github.com/DanMcInerney/wifi-monitor -wireshark-cli|2.0.3|a free network protocol analyzer for Unix/Linux and Windows - CLI version|http://www.wireshark.org/ -wireshark-gtk|2.0.3|a free network protocol analyzer for Unix/Linux and Windows - GTK frontend|http://www.wireshark.org/ +wireshark-cli|2.0.4|a free network protocol analyzer for Unix/Linux and Windows - CLI version|http://www.wireshark.org/ +wireshark-gtk|2.0.4|a free network protocol analyzer for Unix/Linux and Windows - GTK frontend|http://www.wireshark.org/ xcavator|5.bd9e2d8|Man-In-The-Middle and phishing attack tool that steals the victim's credentials of some web services like Facebook.|https://github.com/nccgroup/xcavator diff --git a/categories/webapp b/categories/webapp index 324fb65..5699b9c 100644 --- a/categories/webapp +++ b/categories/webapp @@ -13,13 +13,13 @@ cjexploiter|4.fe2b191|Drag and Drop ClickJacking exploit development assistance cloudget|53.807d08e|Python script to bypass cloudflare from command line. Built upon cfscrape module.|https://github.com/eudemonics/cloudget cms-few|0.1|Joomla, Mambo, PHP-Nuke, and XOOPS CMS SQL injection vulnerability scanning tool written in Python.|http://packetstormsecurity.com/files/64722/cms_few.py.txt.html cmsfuzz|5.6be5a98|Fuzzer for wordpress, cold fusion, drupal, joomla, and phpnuke.|https://github.com/nahamsec/CMSFuzz -commix|584.4d00701|Automated All-in-One OS Command Injection and Exploitation Tool.|https://github.com/stasinopoulos/commix -crawlic|45.38944f0|Web recon tool (find temporary files, parse robots.txt, search folders, google dorks and search domains hosted on same server).|https://github.com/Ganapati/Crawlic +commix|594.9de7c65|Automated All-in-One OS Command Injection and Exploitation Tool.|https://github.com/stasinopoulos/commix +crawlic|46.50208c7|Web recon tool (find temporary files, parse robots.txt, search folders, google dorks and search domains hosted on same server).|https://github.com/Ganapati/Crawlic csrftester|1.0|The OWASP CSRFTester Project attempts to give developers the ability to test their applications for CSRF flaws.|http://www.owasp.org/index.php/Category:OWASP_CSRFTester_Project darkjumper|5.8|This tool will try to find every website that host at the same server at your target|http://sourceforge.net/projects/darkjumper/ dff-scanner|1.1|Tool for finding path of predictable resource locations.|http://netsec.rs/70/tools.html dirbuster-ng|9.0c34920|C CLI implementation of the Java dirbuster tool.|https://github.com/digination/dirbuster-ng -dirs3arch|151.e2ff186|HTTP(S) directory/file brute forcer.|https://github.com/maurosoria/dirs3arch +dirs3arch|153.ebcebc3|HTTP(S) directory/file brute forcer.|https://github.com/maurosoria/dirs3arch domi-owned|24.e87c358|A tool used for compromising IBM/Lotus Domino servers.|https://github.com/coldfusion39/domi-owned doork|4.3e2d70a|Passive Vulnerability Auditor.|https://github.com/AeonDave/doork drupalscan|0.5.2|Simple non-intrusive Drupal scanner.|https://rubygems.org/gems/DrupalScan/ @@ -29,14 +29,14 @@ dsss|116.6d14edb|A fully functional SQL injection vulnerability scanner (support dsxs|116.21427d6|A fully functional Cross-site scripting vulnerability scanner (supporting GET and POST parameters) written in under 100 lines of code.|https://github.com/stamparm/DSXS epicwebhoneypot|2.0a|Tool which aims to lure attackers using various types of web vulnerability scanners by tricking them into believing that they have found a vulnerability on a host.|http://sourceforge.net/projects/epicwebhoneypot/ eyewitness|518.b84b21e|Designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.|https://github.com/ChrisTruncer/EyeWitness -fbht|68.1ffc236|A Facebook Hacking Tool|https://github.com/chinoogawa/fbht-linux +fbht|69.95c8bd5|A Facebook Hacking Tool|https://github.com/chinoogawa/fbht-linux fhttp|1.3|This is a framework for HTTP related attacks. It is written in Perl with a GTK interface, has a proxy for debugging and manipulation, proxy chaining, evasion rules, and more.|http://packetstormsecurity.com/files/104315/FHTTP-Attack-Tool.3.html ghost-py|0.2.3|Webkit based webclient (relies on PyQT).|http://jeanphix.github.com/Ghost.py/ golismero|40.ece1eba|Opensource web security testing framework.|https://github.com/golismero/golismero grabber|0.1|A web application scanner. Basically it detects some kind of vulnerabilities in your website.|http://rgaucher.info/beta/grabber/ htcap|12.952aa27|A web application analysis tool for detecting communications between javascript and the server.|https://github.com/segment-srl/htcap httpforge|11.02.01|A set of shell tools that let you manipulate, send, receive, and analyze HTTP messages. These tools can be used to test, discover, and assert the security of Web servers, apps, and sites. An accompanying Python library is available for extensions.|http://packetstormsecurity.com/files/98109/HTTPForge.02.01.html -httppwnly|28.8c105f4|"Repeater" style XSS post-exploitation tool for mass browser control.|https://github.com/Danladi/HttpPwnly +httppwnly|36.a55b6f6|"Repeater" style XSS post-exploitation tool for mass browser control.|https://github.com/Danladi/HttpPwnly isr-form|1.0|Simple html parsing tool that extracts all form related information and generates reports of the data. Allows for quick analyzing of data.|http://www.infobyte.com.ar/ jaidam|10.a7d7c4a|Penetration testing tool that would take as input a list of domain names, scan them, determine if wordpress or joomla platform was used and finally check them automatically, for web vulnerabilities using two well-known open source tools, WPScan and Joomscan.|https://github.com/stasinopoulos/jaidam jomplug|0.1|This php script fingerprints a given Joomla system and then uses Packet Storm's archive to check for bugs related to the installed components.|http://packetstormsecurity.com/files/121390/Janissaries-Joomla-Fingerprint-Tool.html @@ -67,7 +67,7 @@ phpsploit|686.d61fca7|Stealth post-exploitation framework.|https://github.com/ni plecost|88.149fd34|Wordpress finger printer Tool.|https://github.com/iniqua/plecost plown|13.ccf998c|A security scanner for Plone CMS.|https://github.com/unweb/plown proxenet|589.3e07775|THE REAL hacker friendly proxy for web application pentests.|https://github.com/hugsy/proxenet -pyfiscan|1545.a50e4ea|Free web-application vulnerability and version scanner.|https://github.com/fgeek/pyfiscan +pyfiscan|1548.d2ed692|Free web-application vulnerability and version scanner.|https://github.com/fgeek/pyfiscan rww-attack|0.9.2|The Remote Web Workplace Attack tool will perform a dictionary attack against a live Microsoft Windows Small Business Server's 'Remote Web Workplace' portal. It currently supports both SBS 2003 and SBS 2008 and includes features to avoid account lock out.|http://packetstormsecurity.com/files/79021/Remote-Web-Workplace-Attack-Tool.html sawef|28.e65dc9f|Send Attack Web Forms.|https://github.com/danilovazb/sawef scrapy|1.0.5|A fast high-level scraping and web crawling framework.|http://scrapy.org diff --git a/categories/wireless b/categories/wireless index 0dfbe8a..47fb383 100644 --- a/categories/wireless +++ b/categories/wireless @@ -4,13 +4,13 @@ airoscript|45.0a122ee|A script to simplify the use of aircrack-ng tools.|http:// airpwn|1.4|A tool for generic packet injection on an 802.11 network.|http://airpwn.sourceforge.net aphopper|0.3|AP Hopper is a program that automatically hops between access points of different wireless networks.|http://aphopper.sourceforge.net/ apnbf|0.1|A small python script designed for enumerating valid APNs (Access Point Name) on a GTP-C speaking device.|http://www.c0decafe.de/ -batctl|2016.0|B.A.T.M.A.N. advanced control and management tool.|http://www.open-mesh.net/ +batctl|2016.2|B.A.T.M.A.N. advanced control and management tool|http://www.open-mesh.net/ batman-adv|2016.0|Batman kernel module, (included upstream since .38)|http://www.open-mesh.net/ batman-alfred|2016.0|Almighty Lightweight Fact Remote Exchange Daemon|http://www.open-mesh.org/ beholder|0.8.10|A wireless intrusion detection tool that looks for anomalies in a wifi environment.|http://www.beholderwireless.org/ cowpatty|4.6|Wireless WPA/WPA2 PSK handshake cracking utility|http://www.wirelessdefence.org/Contents/Files/ create_ap|206.a7fa8b5|This script creates a NATed or Bridged WiFi Access Point.|https://github.com/oblique/create_ap -eapeak|95.6298946|Analysis Suite For EAP Enabled Wireless Networks.|https://github.com/securestate/eapeak +eapeak|115.478a781|Analysis Suite For EAP Enabled Wireless Networks.|https://github.com/securestate/eapeak freeradius|3.0.11|The premier open source RADIUS server|http://www.freeradius.org/ fuzzap|14.f13932c|A python script for obfuscating wireless networks.|https://github.com/lostincynicism/FuzzAP g72x++|1|Decoder for the g72x++ codec.|http://www.ps-auxw.de/ @@ -44,8 +44,8 @@ wi-feye|1.1|An automated wireless penetration testing tool written in python, it wifi-pumpkin|84.c8fa6fc|Framework for Rogue Wi-Fi Access Point Attack.|https://github.com/P0cL4bs/WiFi-Pumpkin wificurse|0.3.9|WiFi jamming tool.|https://github.com/oblique/wificurse wifijammer|66.abf7ea0|A python script to continuosly jam all wifi clients within range.|https://github.com/DanMcInerney/wifijammer -wifiphisher|205.0bc2a82|Fast automated phishing attacks against WPA networks.|https://github.com/sophron/wifiphisher -wifiscanmap|105.eb4488e|Another wifi mapping tool.|https://github.com/mehdilauters/wifiScanMap +wifiphisher|243.1761d2c|Fast automated phishing attacks against WPA networks.|https://github.com/sophron/wifiphisher +wifiscanmap|106.3f45949|Another wifi mapping tool.|https://github.com/mehdilauters/wifiScanMap wifitap|2b16088|WiFi injection tool through tun/tap device.|https://github.com/GDSSecurity/wifitap wireless-ids|24.b132071|Ability to detect suspicious activity such as (WEP/WPA/WPS) attack by sniffing the air for wireless packets.|https://github.com/SYWorks/wireless-ids wirouter-keyrec|1.1.2|A powerful and platform independent software to recover the default WPA passphrases of the supported router models (Telecom Italia Alice AGPF, Fastweb Pirelli, Fastweb Tesley, Eircom Netopia, Pirelli TeleTu/Tele 2).|http://www.salvatorefresta.net/tools/