mirror of
https://github.com/byReqz/blackmate.git
synced 2024-11-01 11:33:13 +00:00
188 lines
25 KiB
Plaintext
188 lines
25 KiB
Plaintext
0trace|1.5|A hop enumeration tool|http://jon.oberheide.org/0trace/
|
|
admsnmp|0.1|ADM SNMP audit scanner.|
|
|
allthevhosts|1.0|A vhost discovery tool that scrapes various web applications.|http://labs.portcullis.co.uk/tools/finding-all-the-vhosts/
|
|
apache-users|2.1|This perl script will enumerate the usernames on a unix system that use the apache module UserDir.|https://labs.portcullis.co.uk/downloads/
|
|
athena-ssl-scanner|0.6.2|a SSL cipher scanner that checks all cipher codes. It can identify about 150 different ciphers.|http://packetstormsecurity.com/files/93062/Athena-SSL-Cipher-Scanner.html
|
|
atscan|553.0076196|Server, Site and Dork Scanner.|https://github.com/AlisamTechnology/ATSCAN-V3.1
|
|
birp|60.1d7c49f|A tool that will assist in the security assessment of mainframe applications served over TN3270.|https://github.com/sensepost/birp
|
|
bluto|134.8defadb|Recon, Subdomain Bruting, Zone Transfers.|https://github.com/RandomStorm/Bluto
|
|
braa|0.82|A mass snmp scanner|http://s-tech.elsat.net.pl/braa/
|
|
camscan|1.0057215|A tool which will analyze the CAM table of Cisco switches to look for anamolies.|https://github.com/securestate/camscan
|
|
cangibrina|114.57dc151|Dashboard Finder.|https://github.com/fnk0c/cangibrina
|
|
cecster|5.15544cb|A tool to perform security testing against the HDMI CEC (Consumer Electronics Control) and HEC (HDMI Ethernet Channel) protocols.|https://github.com/nccgroup/CECster
|
|
changeme|43.599eddc|A default credential scanner.|https://github.com/ztgrace/changeme
|
|
check-weak-dh-ssh|0.1|Debian OpenSSL weak client Diffie-Hellman Exchange checker.|http://packetstormsecurity.com/files/66683/check_weak_dh_ssh.pl.bz2.html
|
|
cheetah-suite|21.2364713|Complete penetration testing suite (port scanning, brute force attacks, services discovery, common vulnerabilities searching, reporting etc.)|https://github.com/bl4de/Cheetah
|
|
chiron|0.9|An all-in-one IPv6 Penetration Testing Framework.|http://www.secfu.net/tools-scripts/
|
|
cipherscan|357.5d930c2|A very simple way to find out which SSL ciphersuites are supported by a target.|https://github.com/jvehent/cipherscan
|
|
ciscos|1.3|Scans class A, B, and C networks for cisco routers which have telnet open and have not changed the default password from cisco.|
|
|
climber|30.5530a78|Check UNIX/Linux systems for privilege escalation.|https://github.com/raffaele-forte/climber
|
|
cloudflare-enum|9.c1d8fca|Cloudflare DNS Enumeration Tool for Pentesters.|https://github.com/mandatoryprogrammer/cloudflare_enum
|
|
cmsmap|3.37b64be|A python open source Content Management System scanner that automates the process of detecting security flaws of the most popular CMSs.|https://www.dionach.com/blog/cmsmap-%E2%80%93-a-simple-cms-vulnerability-scanner
|
|
configpush|0.8.5|This is a tool to span /8-sized networks quickly sending snmpset requests with default or otherwise specified community string to Cisco devices.|http://packetstormsecurity.com/files/126621/Config-Push-snmpset-Utility.html
|
|
cpfinder|0.1|This is a simple script that looks for administrative web interfaces.|http://packetstormsecurity.com/files/118851/Control-Panel-Finder-Script.html
|
|
crackmapexec|270.58edfe1|A swiss army knife for pentesting Windows/Active Directory environments.|https://github.com/byt3bl33d3r/CrackMapExec
|
|
creepy|137.9f60449|A geolocation information gatherer. Offers geolocation information gathering through social networking platforms.|http://github.com/ilektrojohn/creepy.git
|
|
cvechecker|3.5|The goal of cvechecker is to report about possible vulnerabilities on your system, by scanning the installed software and matching the results with the CVE database.|http://cvechecker.sourceforge.net/
|
|
darkbing|0.1|A tool written in python that leverages bing for mining data on systems that may be susceptible to SQL injection.|http://packetstormsecurity.com/files/111510/darkBing-SQL-Scanner.1.html
|
|
davtest|1.0|Tests WebDAV enabled servers by uploading test executable files, and then (optionally) uploading files which allow for command execution or other actions directly on the target|http://code.google.com/p/davtest/
|
|
deblaze|0.3|A remote method enumeration tool for flex servers|http://deblaze-tool.appspot.com/
|
|
delldrac|0.1a|DellDRAC and Dell Chassis Discovery and Brute Forcer.|https://www.trustedsec.com/september/owning-dell-drac-awesome-hack/
|
|
dhcpig|69.cc4109a|Enhanced DHCPv4 and DHCPv6 exhaustion and fuzzing script written in python using scapy network library.|https://github.com/kamorin/DHCPig
|
|
dirb|2.22|A web content scanner, brute forceing for hidden files.|http://dirb.sourceforge.net/
|
|
dirbuster|1.0_RC1|An application designed to brute force directories and files names on web/application servers|http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project
|
|
dirscanner|0.1|This is a python script that scans webservers looking for administrative directories, php shells, and more.|http://packetstormsecurity.com/files/117773/Directory-Scanner-Tool.html
|
|
dmitry|1.3a|Deepmagic Information Gathering Tool. Gathers information about hosts. It is able to gather possible subdomains, email addresses, and uptime information and run tcp port scans, whois lookups, and more.|http://www.mor-pah.net/
|
|
dnmap|0.6|The distributed nmap framework|http://sourceforge.net/projects/dnmap/
|
|
dns2geoip|0.1|A simple python script that brute forces DNS and subsequently geolocates the found subdomains.|http://packetstormsecurity.com/files/118036/DNS-GeoIP.html
|
|
dnsa|0.5|DNSA is a dns security swiss army knife|http://packetfactory.openwall.net/projects/dnsa/index.html
|
|
dnsbf|0.3|Search for available domain names in an IP range.|http://code.google.com/p/dnsbf
|
|
dnsgoblin|0.1|Nasty creature constantly searching for DNS servers. It uses standard dns querys and waits for the replies.|http://nullsecurity.net/tools/scanner.html
|
|
dnspredict|0.0.2|DNS prediction|http://johnny.ihackstuff.com
|
|
dnstwist|151.c4215ef|Domain name permutation engine for detecting typo squatting, phishing and corporate espionage.|https://github.com/elceef/dnstwist
|
|
dpscan|0.1|Drupal Vulnerabilty Scanner.|https://github.com/insaneisnotfree/Blue-Sky-Information-Security
|
|
driftnet|1.1.5|Listens to network traffic and picks out images from TCP streams it observes.|http://www.ex-parrot.com/~chris/driftnet/
|
|
dripper|v1.r1.gc9bb0c9|A fast, asynchronous DNS scanner; it can be used for enumerating subdomains and enumerating boxes via reverse DNS.|http://www.blackhatlibrary.net/Dripper
|
|
droopescan|1.34.3|A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe.|https://github.com/droope/droopescan
|
|
dvcs-ripper|44.a9d3afe|Rip web accessible (distributed) version control systems: SVN/GIT/...|https://github.com/kost/dvcs-ripper
|
|
eazy|0.1|This is a small python tool that scans websites to look for PHP shells, backups, admin panels, and more.|http://packetstormsecurity.com/files/117572/EAZY-Web-Scanner.html
|
|
enum-shares|7.97cba5a|Tool that enumerates shared folders across the network and under a custom user account.|https://github.com/dejanlevaja/enum_shares
|
|
enumiax|1.0|An IAX enumerator.|http://sourceforge.net/projects/enumiax/
|
|
faraday|2447.2690215|A new concept (IPE) Integrated Penetration-Test Environment a multiuser Penetration test IDE. Designed for distribution, indexation and analyze of the generated data during the process of a security audit.|http://www.faradaysec.com/
|
|
fernmelder|6.c6d4ebe|Asynchronous mass DNS scanner.|https://github.com/stealth/fernmelder
|
|
fgscanner|11.893372c|An advanced, opensource URL scanner.|http://www.fantaghost.com/fgscanner
|
|
fierce|0.9.9|A DNS scanner|http://ha.ckers.org/fierce/
|
|
find-dns|0.1|A tool that scans networks looking for DNS servers.|https://packetstormsecurity.com/files/132449/Find-DNS-Scanner.html
|
|
flashscanner|10.c88c156|Flash XSS Scanner.|https://github.com/riusksk/FlashScanner
|
|
flunym0us|2.0|A Vulnerability Scanner for Wordpress and Moodle.|http://code.google.com/p/flunym0us/
|
|
forkingportscanner|1|Simple and fast forking port scanner written in perl. Can only scan on host at a time, the forking is done on the specified port range. Or on the default range of 1. Has the ability to scan UDP or TCP, defaults to tcp.|http://magikh0e.xyz/
|
|
fs-nyarl|1.0|A network takeover & forensic analysis tool - useful to advanced PenTest tasks & for fun and profit.|http://www.fulgursecurity.com/en/content/fs-nyarl
|
|
fsnoop|3.3|A tool to monitor file operations on GNU/Linux systems by using the Inotify mechanism. Its primary purpose is to help detecting file race condition vulnerabilities and since version 3, to exploit them with loadable DSO modules (also called "payload modules" or "paymods").|http://vladz.devzero.fr/fsnoop.php
|
|
ftp-spider|1.0|FTP investigation tool - Scans ftp server for the following: reveal entire directory tree structures, detect anonymous access, detect directories with write permissions, find user specified data within repository.|http://packetstormsecurity.com/files/35120/ftp-spider.pl.html
|
|
gggooglescan|0.4|A Google scraper which performs automated searches and returns results of search queries in the form of URLs or hostnames.|http://www.morningstarsecurity.com/research/gggooglescan
|
|
ghost-phisher|1.62|GUI suite for phishing and penetration attacks|http://code.google.com/p/ghost-phisher
|
|
gitrob|1.1.0|Scan Github For Sensitive Files.|http://michenriksen.com/blog/gitrob-putting-the-open-source-in-osint/
|
|
googlesub|1.3|A python script to find domains by using google dorks.|https://github.com/zombiesam/googlesub
|
|
greenbone-security-assistant|6.0.6|Greenbone Security Assistant (gsa) - OpenVAS web frontend|http://www.openvas.org/
|
|
grepforrfi|0.1|Simple script for parsing web logs for RFIs and Webshells v1.2|http://www.irongeek.com/downloads/grepforrfi.txt
|
|
gtp-scan|0.7|A small python script that scans for GTP (GPRS tunneling protocol) speaking hosts.|http://www.c0decafe.de/
|
|
halberd|0.2.4|Halberd discovers HTTP load balancers. It is useful for web application security auditing and for load balancer configuration testing.|http://halberd.superadditive.com/
|
|
hbad|1.0|This tool allows you to test clients on the heartbleed bug.|http://www.curesec.com/
|
|
hoppy|1.8.1|A python script which tests http methods for configuration issues leaking information or just to see if they are enabled.|https://labs.portcullis.co.uk/downloads/
|
|
host-extract|9|Ruby script tries to extract all IP/Host patterns in page response of a given URL and JavaScript/CSS files of that URL.|https://code.google.com/p/host-extract/
|
|
hsecscan|38.8b7aa50|A security scanner for HTTP response headers.|https://github.com/riramar/hsecscan
|
|
http-enum|0.3|A tool to enumerate the enabled HTTP methods supported on a webserver.|https://www.thexero.co.uk/tools/http-enum/
|
|
httpsscanner|1.2|A tool to test the strength of a SSL web server.|https://code.google.com/p/libre-tools/
|
|
iaxscan|0.02|A Python based scanner for detecting live IAX/2 hosts and then enumerating (by bruteforce) users on those hosts.|http://code.google.com/p/iaxscan/
|
|
icmpquery|1.0|Send and receive ICMP queries for address mask and current time.|http://www.angio.net/security/
|
|
iis-shortname-scanner|4.b92772a|An IIS shortname Scanner.|https://github.com/lijiejie/IIS_shortname_Scanner
|
|
ike-scan|1.9|A tool that uses IKE protocol to discover, fingerprint and test IPSec VPN servers|http://www.nta-monitor.com/tools/ike-scan/
|
|
infip|0.1|A python script that checks output from netstat against RBLs from Spamhaus.|http://packetstormsecurity.com/files/104927/infIP.1-Blacklist-Checker.html
|
|
inurlbr|31.5bb8b38|Advanced search in the search engines - Inurl scanner, dorker, exploiter.|https://code.google.com/p/inurlbr/
|
|
ipscan|3.4.1|Angry IP scanner is a very fast IP address and port scanner.|http://www.angryziber.com/
|
|
iptv|134.720cc12|Search and brute force illegal iptv server.|https://github.com/Pinperepette/IPTV
|
|
ipv6toolkit|2.0|SI6 Networks' IPv6 Toolkit|http://www.si6networks.com/tools/ipv6toolkit/
|
|
jsql|0.74|A lightweight application used to find database information from a distant server.|https://code.google.com/p/jsql-injection/
|
|
knock|223.61a1b8f|Subdomain scanner.|https://github.com/guelfoweb/knock
|
|
laf|12.7a456b3|Login Area Finder: scans host/s for login panels.|https://github.com/takeshixx/laf
|
|
letmefuckit-scanner|3.f3be22b|Scanner and Exploit Magento.|https://github.com/onthefrontline/LetMeFuckIt-Scanner
|
|
lfi-scanner|4.0|This is a simple perl script that enumerates local file inclusion attempts when given a specific target.|http://packetstormsecurity.com/files/102848/LFI-Scanner.0.html
|
|
linenum|18.b4c2541|Scripted Local Linux Enumeration & Privilege Escalation Checks|https://github.com/rebootuser/LinEnum
|
|
littleblackbox|0.1.3|Penetration testing tool, search in a collection of thousands of private SSL keys extracted from various embedded devices.|http://code.google.com/p/littleblackbox/wiki/FAQ
|
|
lotophagi|0.1|a relatively compact Perl script designed to scan remote hosts for default (or common) Lotus NSF and BOX databases.|http://packetstormsecurity.com/files/55250/lotophagi.rar.html
|
|
lte-cell-scanner|57.5fa3df8|LTE SDR cell scanner optimized to work with very low performance RF front ends (8bit A/D, 20dB noise figure).|https://github.com/Evrytania/LTE-Cell-Scanner
|
|
lynis|2.2.0|Security and system auditing tool to harden Unix/Linux systems|https://cisofy.com/lynis/
|
|
maligno|2.5|An open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS.|http://www.encripto.no/tools/
|
|
masscan|1.0.3|TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes|https://github.com/robertdavidgraham/masscan
|
|
modscan|0.1|A new tool designed to map a SCADA MODBUS TCP based network.|https://code.google.com/p/modscan/
|
|
mssqlscan|0.8.4|A small multi-threaded tool that scans for Microsoft SQL Servers.|http://www.cqure.net/wp/mssqlscan/
|
|
nbtscan|1.5.1|NBTscan is a program for scanning IP networks for NetBIOS name information.|http://www.inetcat.net/software/nbtscan.html
|
|
netbios-share-scanner|1.0|This tool could be used to check windows workstations and servers if they have accessible shared resources.|http://www.secpoint.com/netbios-share-scanner.html
|
|
netscan|1.0|Tcp/Udp/Tor port scanner with: synpacket, connect TCP/UDP and socks5 (tor connection).|http://packetstormsecurity.com/files/125569/Netscan-Port-Scanner.0.html
|
|
netscan2|43.c225f25|Active / passive network scanner.|https://github.com/walchko/netscan2
|
|
nikto|2.1.6|A web server scanner which performs comprehensive tests against web servers for multiple items|https://github.com/sullo/nikto
|
|
nmap|7.12|Utility for network discovery and security auditing|http://nmap.org/
|
|
nmbscan|1.2.6|Tool to scan the shares of a SMB/NetBIOS network, using the NMB/SMB/NetBIOS protocols.|http://nmbscan.gbarbier.org/
|
|
nsia|1.0.6|A website scanner that monitors websites in realtime in order to detect defacements, compliance violations, exploits, sensitive information disclosure and other issues.|http://threatfactor.com/Products/
|
|
o-saft|1258.d3f4742|A tool to show informations about SSL certificate and tests the SSL connection according given list of ciphers and various SSL configurations.|https://www.owasp.org/index.php/O-Saft
|
|
ocs|0.2|Compact mass scanner for Cisco routers with default telnet/enable passwords.|http://packetstormsecurity.com/files/119462/OCS-Cisco-Scanner.2.html
|
|
onionscan|39.35fd1d3|Scan Onion Services for Security Issues.|github.com/s-rah/onionscan
|
|
openvas-cli|1.4.3|The OpenVAS Command-Line Interface|http://www.openvas.org/
|
|
openvas-libraries|8.0.5|The OpenVAS libraries|http://www.openvas.org/
|
|
openvas-manager|6.0.6|A layer between the OpenVAS Scanner and various client applications|http://www.openvas.org/
|
|
openvas-scanner|5.0.4|The OpenVAS scanning Daemon|http://www.openvas.org/
|
|
paketto|1.10|Advanced TCP/IP Toolkit.|http://www.doxpara.com/paketto
|
|
panhunt|26.cd58866|Searches for credit card numbers (PANs) in directories.|https://github.com/Dionach/PANhunt
|
|
paranoic|1.7|A simple vulnerability scanner written in Perl.|http://packetstormsecurity.com/files/128065/Paranoic-Scan.7.html
|
|
passhunt|5.332f374|Search drives for documents containing passwords.|https://github.com/Dionach/PassHunt
|
|
pcredz|29.05ae40f|A tool that extracts credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, and more from a pcap file or from a live interface.|https://github.com/lgandx/PCredz
|
|
plcscan|0.1|This is a tool written in Python that will scan for PLC devices over s7comm or modbus protocols.|http://packetstormsecurity.com/files/119726/PLC-Device-Scanner.html
|
|
pnscan|1.11|A parallel network scanner that can be used to survey TCP network services.|http://www.lysator.liu.se/~pen/pnscan/
|
|
poison|1.5.41|A fast, asynchronous syn and udp scanner.|http://nologin.org/main.pl?action=codeList&
|
|
prads|1124.dabcaa2|Is a "Passive Real-time Asset Detection System".|http://gamelinux.github.io/prads/
|
|
praeda|37.093d1c0|An automated data/information harvesting tool designed to gather critical information from various embedded devices.|https://github.com/percx/Praeda
|
|
proxycheck|0.1|This is a simple proxy tool that checks for the HTTP CONNECT method and grabs verbose output from a webserver.|http://packetstormsecurity.com/files/61864/proxycheck.pl.txt.html
|
|
proxyscan|0.3|A security penetration testing tool to scan for hosts and ports through a Web proxy server.|http://packetstormsecurity.com/files/69778/proxyScan.3.tgz.html
|
|
pytbull|2.0|A python based flexible IDS/IPS testing framework shipped with more than 300 tests|http://pytbull.sourceforge.net/
|
|
ranger-scanner|108.0c70888|A tool to support security professionals to access and interact with remote Microsoft Windows based systems.|https://github.com/funkandwagnalls/ranger
|
|
rawr|73.0924126|Rapid Assessment of Web Resources. A web enumerator.|https://bitbucket.org/al14s/rawr/wiki/Home
|
|
relay-scanner|1.7|An SMTP relay scanner.|http://www.cirt.dk
|
|
responder|166.448db12|A LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.|https://github.com/SpiderLabs/Responder/
|
|
routerhunter|19.0c9cb3c|Tool used to find vulnerable routers and devices on the Internet and perform tests.|https://github.com/jh00nbr/Routerhunter.0
|
|
rtlizer|35.5614163|Simple spectrum analyzer.|https://github.com/csete/rtlizer
|
|
rtlsdr-scanner|942.209bb5d|A cross platform Python frequency scanning GUI for the OsmoSDR rtl-sdr library.|https://github.com/EarToEarOak/RTLSDR-Scanner
|
|
sambascan|0.5.0|Allows you to search an entire network or a number of hosts for SMB shares. It will also list the contents of all public shares that it finds.|http://sourceforge.net/projects/sambascan2/
|
|
sandy|6.531ab16|An open-source Samsung phone encryption assessment framework|https://github.com/donctl/sandy
|
|
sb0x|19.04f40fe|A simple and Lightweight framework for Penetration testing.|https://github.com/levi0x0/sb0x-project
|
|
scanssh|2.1|Fast SSH server and open proxy scanner.|http://www.monkey.org/~provos/scanssh/
|
|
scout2|602.750d021|Security auditing tool for AWS environments.|http://isecpartners.github.io/Scout2/
|
|
scrape-dns|58.3df392f|Searches for interesting cached DNS entries.|https://github.com/304GEEK/Scrape-DNS
|
|
seat|0.3|Next generation information digging application geared toward the needs of security professionals. It uses information stored in search engine databases, cache repositories, and other public resources to scan web sites for potential vulnerabilities.|http://thesprawl.org/projects/search-engine-assessment-tool/
|
|
shareenum|46.3bfa81d|Tool to enumerate shares from Windows hosts.|https://github.com/CroweCybersecurity/shareenum
|
|
simple-lan-scan|1.0|A simple python script that leverages scapy for discovering live hosts on a network.|http://packetstormsecurity.com/files/97353/Simple-LAN-Scanner.0.html
|
|
sipshock|6.1d636ab|A scanner for SIP proxies vulnerable to Shellshock.|https://github.com/zaf/sipshock
|
|
smbexec|148.7827616|A rapid psexec style attack with samba tools.|https://github.com/pentestgeek/smbexec
|
|
smbmap|54.57b0176|A handy SMB enumeration tool.|https://github.com/ShawnDEvans/smbmap
|
|
smbspider|10.7db9323|A lightweight python utility for searching SMB/CIFS/Samba file shares.|https://github.com/T-S-A/smbspider
|
|
smod|27.7679302|A modular framework with every kind of diagnostic and offensive feature you could need in order to pentest modbus protocol.|https://github.com/enddo/smod
|
|
smtp-test|3.acbe743|Automated testing of SMTP servers for penetration testing.|https://github.com/isaudits/smtp-test
|
|
smtp-vrfy|1.0|An SMTP Protocol Hacker.|
|
|
smtptx|1.0|A very simple tool used for sending simple email and do some basic email testing from a pentester perspective.|http://www.0x90.se/
|
|
snmpenum|1.7|snmp enumerator|http://www.filip.waeytens.easynet.be/
|
|
snmpscan|0.1|A free, multi-processes SNMP scanner|http://www.nothink.org/perl/snmpscan/index.php
|
|
snoopbrute|17.589fbe6|Multithreaded DNS recursive host brute-force tool.|https://github.com/m57/snoopbrute
|
|
sparta|17.bdbf244|Python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase.|http://sparta.secforce.com/
|
|
sqlivulscan|20.0d6655f|This will give you the SQLi Vulnerable Website Just by Adding the Dork.|https://github.com/Hadesy2k/sqlivulscan
|
|
ssdp-scanner|1.0|SSDP amplification scanner written in Python. Makes use of Scapy.|http://packetstormsecurity.com/files/127994/SSDP-Amplification-Scanner.html
|
|
ssh-user-enum|5.3d83131|SSH User Enumeration Script in Python Using The Timing Attack.|https://github.com/nccgroup/ssh-user-enum
|
|
sslcaudit|524.f218b9b|Utility to perform security audits of SSL/TLS clients.|https://github.com/grwl/sslcaudit
|
|
ssllabs-scan|1.2.0|Command-line client for the SSL Labs APIs|https://github.com/ssllabs/ssllabs-scan
|
|
sslmap|0.2.0|A lightweight TLS/SSL cipher suite scanner.|http://thesprawl.org/projects/latest/
|
|
sslscan|1.10.2|A fast tools to scan SSL services, such as HTTPS to determine the ciphers that are supported|https://github.com/DinoTools/sslscan/
|
|
strutscan|4.8712c12|Apache Struts2 vulnerability scanner written in Perl.|https://github.com/riusksk/StrutScan
|
|
subbrute|1.2.1|A DNS meta-query spider that enumerates DNS records and subdomains|https://github.com/TheRook/subbrute
|
|
svn-extractor|34.bc6da4d|A simple script to extract all web resources by means of .SVN folder exposed over network.|https://github.com/anantshri/svn-extractor
|
|
synscan|5.02|fast asynchronous half-open TCP portscanner|http://www.digit-labs.org/files/tools/synscan/
|
|
topera|19.3e230fd|An IPv6 security analysis toolkit, with the particularity that their attacks can't be detected by Snort.|https://github.com/toperaproject/topera
|
|
umap|25.3ad8121|The USB host security assessment tool.|https://github.com/nccgroup/umap
|
|
unicornscan|0.4.7|A new information gathering and correlation engine.|http://www.unicornscan.org/
|
|
upnpscan|0.4|Scans the LAN or a given address range for UPnP capable devices.|http://www.cqure.net/wp/upnpscan/
|
|
uw-loveimap|0.1|Multi threaded imap bounce scanner.|http://uberwall.org/bin/download/45/UWloveimap.tgz
|
|
uw-udpscan|0.1|Multi threaded udp scanner.|http://uberwall.org/bin/download/44/UWudpscan.tar.gz
|
|
uw-zone|0.1|Multi threaded, randomized IP zoner.|http://uberwall.org/bin/download/43/UWzone.tgz
|
|
v3n0m|167.b5e59d7|A tool to automate mass SQLi d0rk scans and Metasploit Vulns.|https://github.com/v3n0m-Scanner/V3n0M-Scanner
|
|
vane|1855.6a47cd8|A vulnerability scanner which checks the security of WordPress installations using a black box approach.|https://github.com/delvelabs/vane
|
|
videosnarf|0.63|A new security assessment tool for pcap analysis|http://ucsniff.sourceforge.net/videosnarf.html
|
|
vscan|10.da4e47e|HTTPS / Vulnerability scanner.|https://github.com/pasjtene/Vscan
|
|
vulscan|2.0|A module which enhances nmap to a vulnerability scanner|http://www.computec.ch/projekte/vulscan/
|
|
waffit|137.4149c12|Identify and fingerprint Web Application Firewall (WAF) products protecting a website.|https://github.com/sandrogauci/wafw00f
|
|
webenum|0.1|Tool to enumerate http responses using dynamically generated queries and more. Useful for penetration tests against web servers.|http://code.google.com/p/webenum/
|
|
webpwn3r|35.3fb27bb|A python based Web Applications Security Scanner.|https://github.com/zigoo0/webpwn3r
|
|
webrute|3.3|Web server directory brute forcer.|https://github.com/BlackArch/webrute
|
|
wpscan|2050.943bfc3|A vulnerability scanner which checks the security of WordPress installations using a black box approach.|http://wpscan.org
|
|
xcname|9.08942ae|A tool for enumerating expired domains in CNAME records.|https://github.com/mandatoryprogrammer/xcname
|
|
xpire-crossdomain-scanner|1.0cb8d3b|Scans crossdomain.xml policies for expired domain names.|https://github.com/mandatoryprogrammer/xpire-crossdomain-scanner
|
|
xsstracer|5.f2ed21a|Python script that checks remote web servers for Clickjacking, Cross-Frame Scripting, Cross-Site Tracing and Host Header Injection.|https://github.com/1N3/XSSTracer
|
|
yasat|839|Yet Another Stupid Audit Tool.|http://yasat.sourceforge.net/
|
|
zmap|2.1.1|Fast network scanner designed for Internet-wide network surveys|https://zmap.io/
|