Tools list

Web security tool to make fuzzing at HTTP inputs, made in C with

0d1n 1:263.2d723ae
libCurl.
0trace 1.5 A hop enumeration tool.
3proxy 0.9.4 Tiny free proxy server.
3proxy-win32 0.8.13 Tiny free proxy server.
42zip 1:42 Recursive Zip archive bomb.
Auto Scanning to SSL Vulnerability (HeartBleed, CCS Injection, SSLv3
a2sv 140.cb24c4e
POODLE, FREAK, LOGJAM Attack, SSLv2 DROWN etc).
abcd 4.2738809 ActionScript ByteCode Disassembler.
abuse-ssl-
7.c28f98e Bypassing WAF by abusing SSL/TLS Ciphers.
bypass-waf
A password dictionary attack tool that targets windows authentication via
acccheck 0.2.1
the SMB protocol.
Automated Corporate Enumerator. A simple yet powerful VoIP Corporate
Directory enumeration tool that mimics the behavior of an IP Phone in
ace 1.10
order to download the name and extension entries that a given phone can
display on its screen interface
aclpwn 4.81480cc Active Directory ACL exploitation with BloodHound.
activedirectorye
1:0.5.0 Enumerate AD through LDAP.
num
ad-ldap-enum 88.60bc5bb An LDAP based Active Directory user and group enumeration tool.
adape-script 43.4d0b9ff Active Directory Assessment and Privilege Escalation Script.
A pentesting tool that allows to find misconfiguration through the the
adenum 36.fbbe14d
protocol LDAP and exploit some of those weaknesses with kerberos.
adfind 31.9808cb7 Admin Panel Finder.
Python3 tool to perform password spraying against Microsoft Online
adfspray 6.3d7745d
service using various methods.
adidnsdump 24.65169b2 Active Directory Integrated DNS dumping by any authenticated user.
ADM DNS spoofing tools - Uses a variety of active and passive methods
admid-pack 1:0.1
to spoof DNS packets. Very powerful.
adminpagefinde This python script looks for a large amount of possible administrative
0.1
r interfaces on a given site.
admsnmp 0.1 ADM SNMP audit scanner.
aesfix 1.0.1 A tool to find AES key in RAM
aeskeyfind 1.0 A tool to find AES key in RAM
aespipe 2.4f Reads data from stdin and outputs encrypted or decrypted results to stdout.
A backconnect shell for Windows and Unix written in python and uses
aesshell 0.7 AES in CBC mode in conjunction with HMAC-SHA256 for secure
transport.
An extensible open format for the storage of disk images and related
afflib 3.7.19
forensic information.
Security-oriented fuzzer using compile-time instrumentation and genetic
afl 2.57b
algorithms
4.06c.r45.g74b American Fuzzing Lop fuzzer with community patches and additional
aflplusplus
e9ab5 features.
afpfs-ng 0.8.2 A client for the Apple Filing Protocol (AFP)
agafi 1:1.1 A gadget finder and a ROP-Chainer tool for x86 platforms.
A very fast ssh attacking script which includes a multithreaded port
scanning module (tcp connect) for discovering possible targets and a
against 1:0.2
multithreaded brute-forcing module which attacks parallel all discovered
hosts or given ip addresses from a list.
aggroargs 51.c032446 Bruteforce commandline buffer overflows, linux, aggressive arguments.
A packet inspection engine with capabilities of learning without any
aiengine 1:2.0.1
human intervention.
aimage 3.2.5 A program to create aff-images.
aiodnsbrute 38.e773a4c Python 3 DNS asynchronous brute force utility.
air 2.0.0 A GUI front-end to dd/dc3dd designed for easily creating forensic images.
aircrack-ng 1.7 Key cracker for the 802.11 WEP and WPA-PSK protocols
A modification of aireplay that allows for a DoS of the AP. This program
airflood 0.1 fills the table of clients of the AP with random MACs doing impossible
new connections.
1:v11.11.r0.g3
airgeddon Multi-use bash script for Linux systems to audit wireless networks.
d95621
airgraph-ng 2:2.0.2 Graphing tool for the aircrack suite.
airopy 5.b83f11d Get (wireless) clients and access points.
airoscript 2:45.0a122ee A script to simplify the use of aircrack-ng tools.
airpwn 1.4 A tool for generic packet injection on an 802.11 network.
ajpfuzzer 0.6 A command-line fuzzer for the Apache JServ Protocol (ajp13).
albatar 34.4e63f22 A SQLi exploitation framework in Python.
allthevhosts 1.0 A vhost discovery tool that scrapes various web applications.
Generates permutations, alterations and mutations of subdomains and then
altdns 76.8c1de0f
resolves them.
2:2052.b8f852
amass In-depth subdomain enumeration written in Go.
0c
amber 254.a331b34 Reflective PE packer.
1:v2.4.1.r307.g
amoco Yet another tool for analysing binaries.
ed579ea
analyzemft 130.16d1282 Parse the MFT file from an NTFS filesystem.
analyzepesig 0.0.0.5 Analyze digital signature of PE file.
An efficient Android vulnerability scanner that helps developers or
androbugs 1.7fd3a2c
hackers find potential security vulnerabilities in Android applications.
2:2118.8d091c Reverse engineering, Malware and goodware analysis of Android
androguard
bb applications and more.
androick 8.522cfb4 A python tool to help in forensics analysis on android.
android-apktool 2.7.0 A tool for reengineering Android apk files.
android-ndk 2:r23.b Android C/C++ developer kit.
android-sdk 26.1.1 Google Android SDK.
android-sdk-
r23.0.1 Platform-Tools for Google Android SDK (adb and fastboot).
platform-tools
android-udev-
1:471.b4d81e6 Android udev rules.
rules
androidpincrack 2.ddaf307 Bruteforce the Android Passcode given the hash and salt.
A perl script that lets you search for 3rd party passwords, dump the call
androidsniffer 0.1
log, dump contacts, dump wireless configuration, and more.
androwarn 135.626c02d Yet another static code analyzer for malicious Android applications.
The next-generation binary analysis platform from UC Santa Barbara's
angr 1:9.1.11752
Seclab.
angr-
9.1.11752 This is the GUI for angr.
management
The next-generation binary analysis platform from UC Santa Barbaras
angr-py2 1:7.8.9.26
Seclab.
angrop 251.1391ca4 A rop gadget finder and chain builder.
A free software python client designed to navigate anonymously on social
anontwi 1.1b
networks. It supports Identi.ca and Twitter.com.
anti-xss 166.2725dc9 A XSS vulnerability scanner.
antiransom 5 A tool capable of detect and stop attacks of Ransomware using honeypots.
This perl script will enumerate the usernames on a unix system that use the
apache-users 2.1
apache module UserDir.
apachetomcatsc
3.2 Apache Tomcat vulnerability scanner.
anner
apacket 374.16e7036 Sniffer syn and backscatter packets.
AP Hopper is a program that automatically hops between access points of
aphopper 0.3
different wireless networks.
api-
59.eda15d6 Unofficial Python API for http://dnsdumpster.com/.
dnsdumpster
Android Application Identifier for Packers, Protectors, Obfuscators and
apkid 2:2.1.4
Oddities.
v2.6.1.r5.g1fd
apkleaks Scanning APK file for URIs, endpoints & secrets.
6f3c
apkstat 18.81cdad3 Automated Information Retrieval From APKs For Initial Analysis.
An IDE for decompiling/editing & then recompiling of android application
apkstudio 100.9e114ca
binaries.
A small python script designed for enumerating valid APNs (Access Point
apnbf 0.1
Name) on a GTP-C speaking device.
A runtime security testing & profiling framework for native apps on
appmon 177.f753c4d
macOS, iOS & android and it is built using Frida.
apt2 183.8075cdc Automated penetration toolkit.
aquatone 142.2daa022 a set of tools for performing reconnaissance on domain names.
A feature-full, modular, high-performance Ruby framework aimed
arachni 1.6.1.3 towards helping penetration testers and administrators evaluate the
security of web applications.
aranea 6.469b9ee A fast and clean dns spoofing tool.
Backdoor iOS packages and create the necessary resources for APT
arcane 2.750cb9f
repositories.
The open source self-hosted web archive. Takes browser
archivebox 903.59da482 history/bookmarks/Pocket/Pinboard/etc., saves HTML, JS, PDFs, media,
and more.
arduino 1:1.8.19 Arduino prototyping platform SDK
argon2 20190702 The password hash Argon2, winner of PHC.
argus 3.0.8.2 Network monitoring tool with flow control.
argus-clients 3.0.8.2 Network monitoring client for Argus.
arjun 214.70b5b28 HTTP parameter discovery suite.
armitage 4:150813 A graphical cyber attack management tool for Metasploit.
A simple Bash script designed to create encrypted macOS payloads
armor 5.bae27a6
capable of evading antivirus scanners.
armscgen 98.c51b7d6 ARM Shellcode Generator (Mostly Thumb Mode).
A tool that uses ARP to discover and fingerprint IP hosts on the local
arp-scan 1.10.0
network
arpalert 1:2.0.12 Monitor ARP changes in ethernet networks.
arpoison 0.7 The UNIX arp cache update utility
A portable handler daemon that make ARP protocol secure in order to
arpon 2.7 avoid the Man In The Middle (MITM) attack through ARP Spoofing, ARP
Cache Poisoning or ARP Poison Routing (APR) attacks.
arpstraw 27.ab40e13 Arp spoof detection tool.
arptools 13.41cdb23 A simple tool about ARP broadcast, ARP attack, and data transmission.
arpwner 26.f300fdf GUI-based python tool for arp posioning and dns poisoning attacks.
A combination of a honeypot, file-system monitoring, system hardening,
artillery 1:357.805a5d8 and overall health of a server to create a comprehensive way to secure a
system.
artlas 154.e5fdd8d Apache Real Time Logs Analyzer System.
Manipulation, canonicalization and identification of mixed boolean-
arybo 65.89d9a42
arithmetic symbolic expressions.
asleap 2.2 Actively recover LEAP/PPTP passwords.
asnmap v1.0.2.r0.g4bff Map organization network ranges using ASN information.
 fc3
asp-audit 2BETA An ASP fingerprinting tool and vulnerability scanner.
assetfinder 19.4e95d87 Find domains and subdomains potentially related to a given domain.
astra 487.57c1e41 Automated Security Testing For REST API's.
atear 139.245ec8d Wireless Hacking, WiFi Security, Vulnerability Analyzer, Pentestration.
Client/server implementation of the TFTP protocol that implements RFCs
atftp 0.8.0
1350, 2090, 2347, 2348, and 2349
athena-ssl- a SSL cipher scanner that checks all cipher codes. It can identify about 150
0.6.2
scanner different ciphers.
Open source tool that can suggest sqlmap tampers to bypass
atlas 7.77bd6c8
WAF/IDS/IPS.
atscan 2454.b1b241e Server, Site and Dork Scanner.
This is an archive of various @Stake tools that help perform vulnerability
atstaketools 0.1 scanning and analysis, information gathering, password auditing, and
forensics.
attacksurfacema
45.0a2e408 Tool that aims to automate the reconnaissance process.
pper
attk 2.0.1023 Trend Micro Anti-Threat Toolkit.
aurebeshjs 77.75a8fc6 Translate JavaScript to Other Alphabets.
auto-eap 18.ee36d37 Automated Brute-Force Login Attacks Against EAP Networks.
auto-xor-
7.2eb176d Automatic XOR decryptor tool.
decryptor
Should help with automating some of the user-focused enumeration tasks
automato 33.0561b59
during an internal penetration test.
This script communicates with the Nessus API in an attempt to help with
autonessus 24.7933022
automating scans.
autonse 25.7c87f4c Massive NSE (Nmap Scripting Engine) AutoSploit and AutoScanner.
autopsy 1:4.20.0 A GUI for The Sleuth Kit.
autopwn 190.fc80cef Specify targets and run sets of tools against them.
A multi-threaded network reconnaissance tool which performs automated
autorecon 277.b4567a2
enumeration of services.
autosint 234.e1f4937 Tool to automate common osint tasks.
autosploit 281.9a6a5ef Automate the exploitation of remote hosts.
autovpn 18.28b1a87 Easily connect to a VPN in a country of your choice.
1:v7.2.rc.r1.ge
avaloniailspy .NET Decompiler (port of ILSpy)
6562c2
avet 133.2f1d882 AntiVirus Evasion Tool
1:v0.6.1.r11.g1
avml A portable volatile memory acquisition tool for Linux.
55f084
aws-extender- Script to test S3 buckets as well as Google Storage buckets and Azure
17.a351154
cli Storage containers for common misconfiguration issues.
aws-inventory 19.9a2fa8e Discover resources created in an AWS account.
awsbucketdump 82.4684670 A tool to quickly enumerate AWS S3 buckets to look for loot.
A userland rootkit based off of the original LD_PRELOAD technique
azazel 15.a41fbb5
from Jynx rootkit.
aztarna 1.2.1 A footprinting tool for ROS and SROS systems.
ba-testpkg 8.8 BlackArch Linux Test Package.
backcookie 51.6dabc38 Small backdoor using cookie.
Shell script that simplifies the process of adding a backdoor to any
backdoor-apk 141.2710126
Android APK file
backdoor-
1:208.9972ac6 Patch win32/64 binaries with shellcode.
factory
A powerful utility capable of backdooring Unix machines with a slew of
backdoorme 308.f9755ca
backdoors.
backdoorppt 88.d0e7f91 Transform your payload.exe into one fake word doc (.ppt).
backfuzz 1:1.b0648de A network protocol fuzzing toolkit.
Tool to perform Android app analysis by backing up and extracting apps,
backhack 39.561ec86
allowing you to analyze and modify file system contents for apps.
backoori 55.988e507 Tool aided persistence via Windows URI schemes abuse.
A remote administration system which allows a user to control a computer
backorifice 1.0
across a tcpip connection using a simple console or GUI application.
bad-pdf 61.a8149ee Steal NTLM Hashes with Bad-PDF.
badkarma 85.2c46334 Advanced network reconnaissance toolkit.
A tool which interfaces with management or administration applications
badministration 16.69e4ec2
from an offensive standpoint.
bagbak 160.b0633a4 Yet another frida based App decryptor.
 A package of malware analysis tools in python to extract patterns of
67.d6349ef1bc
balbuzard interest from suspicious files (IP addresses, domain names, known file
55
headers, interesting strings, etc).
bamf- A modular framework designed to be a platform to launch attacks against
35.30d2b4b
framework botnets.
bandicoot 0.6.0 A toolbox to analyze mobile phone metadata.
A multiplatform open source Binary Analysis and Reverse engineering
barf 923.9547ef8
Framework.
barmie 1.01 Java RMI enumeration and attack tool.
barq 35.6f1a68c An AWS Cloud Post Exploitation framework.
base64dump 0.0.14 Extract and decode base64 strings from files.
Tool that can extract TLD (Top Level Domain), domain extensions
basedomainnam
0.1 (Second Level Domain + TLD), domain name, and hostname from fully
e
qualified domain names.
bashfuscator 338.7487348 Fully configurable and extendable Bash obfuscation framework.
bashscan 94.80c066c A port scanner built to utilize /dev/tcp for network and service discovery.
batctl 2023.0 B.A.T.M.A.N. advanced control and management tool
batman-adv 2019.2 Batman kernel module, (included upstream since .38)
batman-alfred 2022.0 Almighty Lightweight Fact Remote Exchange Daemon
bbqsql 261.b9859d2 SQL injection exploit tool.
bbscan 48.43c1088 A tiny Batch weB vulnerability Scanner.
bdfproxy 107.276c367 Patch Binaries via MITM: BackdoorFactory + mitmProxy
This is a utility to parse a Bit Defender log file, in order to sort them into a
bdlogparser 2
malware archive for easier maintanence of your malware collection.
Collection of scripts to test for buffer overflows, format string
bed 0.5
vulnerabilities.
beebug 25.cddb375 A tool for checking exploitability.
1:4191.82e4d3
beef The Browser Exploitation Framework that focuses on the web browser
64
beeswarm 1183.db51ea0 Honeypot deployment made easy http://www.beeswarm-ids.org/
A wireless intrusion detection tool that looks for anomalies in a wifi
beholder 0.8.10
environment.
belati 72.49577a1 The Traditional Swiss Army Knife for OSINT.
beleth 36.0963699 A Multi-threaded Dictionary based SSH cracker.
bettercap 2.32.0 A complete, modular, portable and easily extensible MITM framework.
bettercap-ui 1.3.0 Official Bettercap's Web UI.
An automated tool that checks for backup artifacts that may disclose the
bfac 53.18fb0b5
web-application's source code.
Performs checks of single and multiple argument command line overflows
bfbtester 2.0.1
and environment variable overflows
bfuzz 60.fdaefc0 Input based fuzzer tool for browsers.
bgp-md5crack 0.1 RFC2385 password cracker
bgrep 24.28029c9 Binary grep.
billcipher 32.97fba59 Information Gathering tool for a Website or IP address.
binaryninja-
3.3.3996 A new kind of reversing platform (demo version).
demo
binaryninja-
13.83f59f7 Binary Ninja prototype written in Python.
python
bind 9.18.14 The ISC DNS Server
bind-tools 9.16.5 The ISC DNS tools
4504.67019b9
bindead A static analysis tool for binaries
7b
A comparison tool for binary files, that assists vulnerability researchers
bindiff 6.0.0 and engineers to quickly find differences and similarities in disassembled
code.
binex 1.0 Format String exploit building tool.
binflow 5.7fb02a9 POSIX function tracing. Much better and faster than ftrace.
Enumerates all hostnames which Bing has indexed for a specific IP
bing-ip2hosts 1.0.5
address.
This is a python script for searching Bing for sites that may have local and
bing-lfi-rfi 0.1
remote file inclusion vulnerabilities.
bingoo 3.698132f A Linux bash based Bing and Google Dorking Tool.
A binary analysis IDE that allows to inspect, navigate, edit and annotate
binnavi 6.1.0
control flow graphs and call graphs of disassembled code.
binproxy 8.d02fce9 A proxy for arbitrary TCP connections.
binwalk 2.3.4 A tool for searching a given binary image for embedded files
 Binary and Directory tree comparison tool using the Fuzzy Hashing
binwally 4.0aabd8b
concept (ssdeep).
bios_memimage 1.2 A tool to dump RAM contents to disk (aka cold boot attack).
A tool that will assist in the security assessment of mainframe applications
birp 65.b2e108a
served over TN3270.
bitdump 34.6a5cbd8 A tool to extract database data from a blind SQL injection vulnerability.
A simple yet powerful libpcap-based Ethernet packet generator. It is
bittwist 2.0 designed to complement tcpdump, which by itself has done a great job at
capturing network traffic.
v1.5.0.r3.g27a Crack legacy zip encryption with Biham and Kocher known plaintext
bkcrack
9f22 attack.
Program for dumping the syskey bootkey from a Windows NT/2K/XP
bkhive 1.1.1
system hive.
BlackArch Linux is an Arch Linux-based penetration testing distribution
BlackArch for penetration testers and security researchers. You can install tools
2023.04.01
Linux individually or in groups. BlackArch Linux is compatible with existing
Arch installs.
blackbox- Dork scanner & bruteforcing & hash cracker tool with blackbox
4:1.7a25220
scanner penetration testing framework.
1:v2.0.r0.g27a
blackeye The most complete Phishing Tool, with 32 templates +1 customizable.
3f04
blackhash 0.2 Creates a filter from system hashes
A low bandwidth ICMP attack that is capable of doing denial of service to
blacknurse 9.d2a2b23
well known firewalls.
bleah 53.6a2fd3a A BLE scanner for "smart" devices hacking.
bless 0.6.3 Gtk# Hex Editor.
bletchley 0.0.1 A collection of practical application cryptanalysis tools.
blind-sql-
54.5bbc183 A blind SQL injection module that uses bitshfting to calculate characters.
bitshifting
A web application fingerprinter. Attempts to discover the version of a
blindelephant 7
(known) web application by comparing static files at known locations
blindsql 1.0 Set of bash scripts for blind SQL injection attacks.
blindy 12.59de8f2 Simple script to automate brutforcing blind sql injection vulnerabilities.
blisqy 20.e9995fc Exploit Time-based blind-SQL injection in HTTP-Headers
 (MySQL/MariaDB).
bloodhound 1534.69786fa Six Degrees of Domain Admin
bloodhound- v1.0.1.r104.g7
Bloodhound python data collector
python 60e6ee
bloodyad 158.b0cee6b An Active Directory Privilege Escalation Framework.
blue-hydra 710.1c2372d A Bluetooth device discovery service built on top of the bluez library.
bluebox-ng 1:1.1.0 A GPL VoIP/UC vulnerability scanner.
An implementation of the bluebug technique which was discovered by
bluebugger 0.1
Martin Herfurt.
bluediving 0.9 A Bluetooth penetration testing suite.
A tool that can generate an essentially unlimited number of phantom
bluefog 0.0.4
Bluetooth devices.
A Bluetooth scanner and sniffer written to do a single task, log devices
bluelog 1.1.2
that are in discoverable mode.
bluepot 0.2 A Bluetooth Honeypot written in Java, it runs on Linux
blueprint 0.1_3 A perl tool to identify Bluetooth devices.
A simple Bash script which uses Link Quality to locate Bluetooth device
blueranger 1.0
radios.
bluescan 1.0.6 A Bluetooth Device Scanner.
bluesnarfer 0.1 A bluetooth attacking tool
bluffy 47.180ed5b Convert shellcode into different formats.
Bluetooth device and service discovery tool that can be used for security
bluphish 9.a7200bd
assessment and penetration testing.
bluto 1:142.25cad7a Recon, Subdomain Bruting, Zone Transfers.
Tool for copying largely sparse files using information from a block map
bmap-tools 3.6
file.
bmc-tools 25.c66a657 RDP Bitmap Cache parser.
bob-the-butcher 0.7.1 A distributed password cracker package.
bof-detector 19.e08367d A simple detector of BOF vulnerabilities by source-code-level check.
bokken 1:1.8 GUI for radare2 and pyew.
bonesi 12.733c9e9 The DDoS Botnet Simulator.
v0.4.1.r42.gb2
boofuzz
3f270
 A Suite of Tools written in Python for wireless auditing and security
boopsuite 170.16c902f
testing.
1:v2.4.5.r9.g5f bopscrk (Before Outset PaSsword CRacKing) is a tool to generate smart
bopscrk
db5bb and powerful wordlists for targeted attacks.
botb 69.6d33aae A container analysis and exploitation tool for pentesters and engineers.
bowcaster 230.17d69c1 A framework intended to aid those developing exploits.
box-js 509.bdca8ea A tool for studying JavaScript malware.
v1.3.0.r3.g055 Download BloudHound query lists, deduplicate entries and merge them in
bqm
f66f one file.
braa 0.82 A mass snmp scanner
braces 0.4 A Bluetooth Tracking Utility.
1:v5.4.1.r0.g0b A static analysis security vulnerability scanner for Ruby on Rails
brakeman
c31d9fd applications
Scrape employee names from search engine LinkedIn profiles. Convert
bridgekeeper 57.55c390c
employee names to a specified username format.
A powerful network analysis framework that is much different from the
bro 2.6.4
typical IDS you may know.
Handy auxiliary programs related to the use of the Bro Network Security
bro-aux 451.a98acb8
Monitor (https://www.bro.org/).
An interactive reference tool to help security professionals utilize useful
brosec 278.c51164f
payloads and commands.
Retrieves the browse list ; the output list contains computer names, and the
browselist 1.4
roles they play in the network.
browser-fuzzer 3 Browser Fuzzer 3
brut3k1t 104.793821f Brute-force attack that supports multiple protocols and services.
brute-force 52.78d1d8e Brute-Force attack tool for Gmail, Hotmail, Twitter, Facebook, Netflix.
A tool designed for auditing the cryptography container security in
brute12 1
PKCS12 format.
bruteforce-luks 46.a18694a Try to find the password of a LUKS encrypted volume.
bruteforce- Try to find the password of a file that was encrypted with the 'openssl'
55.23e3a72
salted-openssl command.
bruteforce- Try to find the password of an encrypted Peercoin (or Bitcoin,Litecoin,
39.f6d8cc5
wallet etc...) wallet file.
 Penetration testing tool that automates testing accounts to the site's login
brutemap 65.da4b303
page.
Brute-Forcing from Nmap output - Automatically attempts default creds
brutespray 203.f282627
on found services.
A simple sshd password bruteforcer using a wordlist, it's very fast for
brutessh 0.6
internal networks. It's multithreads.
brutex 112.23f511c Automatically brute force all services running on a target.
brutexss 54.ba753df Cross-Site Scripting Bruteforcer.
One of the fastest, most flexible remote password crackers you can get
brutus 2
your hands on.
bsdiff and bspatch are tools for building and applying patches to binary
bsdiff 4.3
files.
bsqlbf 2.7 Blind SQL Injection Brute Forcer.
bsqlinjector 13.027184f Blind SQL injection exploitation tool written in ruby.
bss 0.8 Bluetooth stack smasher / fuzzer
bt_audit 0.1.1 Bluetooth audit
The world's first Bluetooth Pass phrase (PIN) bruteforce tool. Bruteforces
btcrack 1.1
the Passkey and the Link key from captured Pairing exchanges.
btlejack 87.d0dd2df Bluetooth Low Energy Swiss-army knife.
btproxy-mitm 71.cd1c906 Man in the Middle analysis tool for Bluetooth.
btscanner 2.1 Bluetooth device scanner.
bulk-extractor 1562.1c67a75 Bulk Email and URL extraction tool.
1.1.12.g04185
bully A wifi-protected-setup (WPS) brute force attack tool.
d7
A closed loop, high-performance, general purpose protocol-blind fuzzer
bunny 0.93
for C programs.
burpsuite 1:2023.2.3 An integrated platform for attacking web applications (free edition).
buster 92.131437e Find emails of a person and return info associated with them.
buttinsky 138.1a2a1b2 Provide an open source framework for automated botnet monitoring.
bvi 1.4.1 A display-oriented editor for binary files operate like "vi" editor.
Automates password cracking tasks using optimized dictionaries and
byepass 213.8cbfd9b
mangling rules.
bypass-firewall- 33.c55b7ce Firewall bypass script based on DNS history records.
dns-history
bytecode-
1:2.9.22 A Java 8/Android APK Reverse Engineering Suite.
viewer
c5scan 30.be8845c Vulnerability scanner and information gatherer for the Concrete5 CMS.
A tool that demonstrates how to recover cache entry information:
cachedump 1.1
username and hashed password (called MSCASH).
cadaver 0.24 Command-line WebDAV client for Unix
cafebabe 0.1.2 Java bytecode editor & decompiler.
cameradar 195.1b91e54 Hacks its way into RTSP videosurveillance cameras.
A camera exploitation tool that allows to disclosure network camera admin
camover 73.abcded1
password.
A tool which will analyze the CAM table of Cisco switches to look for
camscan 1.0057215
anamolies.
can-utils 946.cfe4196 Linux-CAN / SocketCAN user space applications.
canalyzat0r 41.6bc251e Security analysis toolkit for proprietary car protocols.
canari 3.3.10 A transform framework for maltego
cangibrina 123.6de0165 Dashboard Finder.
cansina 2:59.67c6301 A python-based Web Content Discovery Tool.
Framework for black-box CAN network analysis
cantoolz 1:425.82d330b
https://asintsov.blogspot.de/.
capfuzz 34.97ac312 Capture, fuzz and intercept web traffic.
capstone 4.0.2 A lightweight multi-platform, multi-architecture disassembly framework
captipper 74.3fb2836 Malicious HTTP traffic explorer tool.
cardpwn 32.166abf9 OSINT Tool to find Breached Credit Cards Information.
Intends to sensibilise manufacturers of carkits and other Bluetooth
carwhisperer 0.2 appliances without display and keyboard for the possible security threat
evolving from the use of standard passkeys.
The little brother to Maltego without transforms, but combines graph and
casefile 1.0.1 link analysis to examine links between manually added data to mind map
your information
catana 31.9ea1f0d Filter your wordlist according to the specified password policy.
catnthecanary 7.e9184fe An application to query the canary.pw data set for leaked data.
catphish 44.768d213 For phishing and corporate espionage.
 Retrieves from the CommonCrawl data set unique subdomains for a given
ccrawldns 6.92525b6
domain name.
cdpsnarf 0.1.6 Cisco discovery protocol sniffer.
A tool to perform security testing against the HDMI CEC (Consumer
cecster 5.15544cb
Electronics Control) and HEC (HDMI Ethernet Channel) protocols.
centry 72.6de2868 Cold boot & DMA protection
v1.3.0.r17.gcf8
cero Scrape domain names from SSL certificates of arbitrary hosts.
26d0
certgraph 172.465bddc Crawl the graph of certificate Alternate Names.
4.4.0.r2.g74dc
certipy Active Directory Certificate Services enumeration and abuse.
d97
cewl 146.1c741bb A custom word list generator
cflow 1.7 A C program flow analyzer.
cfr 0.152 Another Java decompiler.
v2.5.0.r1.gf8ef A powerful ‘first-response’ capability to quickly identify threats within
chainsaw
669 Windows event logs.
chameleon 27.a2f0cf1 A tool for evading Proxy categorisation.
Official repository of ChameleonMini, a freely programmable, portable
chameleonmini 606.791720c tool for NFC security analysis that can emulate and clone contactless
cards, read RFID tags and sniff/log RF data.
changeme 266.89f59d4 A default credential scanner.
Tool that generates a PHP capable of run a custom binary (like a
chankro 21.7b6e844 meterpreter) or a bash script (p.e. reverse shell) bypassing
disable_functions & open_basedir).
chaos-client 245.24dc2bf Go client to communicate with Chaos dataset API.
chaosmap 1.3 An information gathering tool and dns / whois / web server scanner
A freeware tool to trace tcp, udp etc. sessions and fetch application data
chaosreader 0.94
from snoop or tcpdump logs.
chapcrack 17.ae2827f A tool for parsing and decrypting MS-CHAPv2 network handshakes.
cheat-sh 6 The only cheat sheet you need.
check-weak-dh-
0.1 Debian OpenSSL weak client Diffie-Hellman Exchange checker.
ssh
checkiban 0.2 Checks the validity of an International Bank Account Number (IBAN).
checkpwd 1.23 Oracle Password Checker (Cracker).
Tool designed to test which standard Linux OS and PaX security features
checksec 2.6.0
are being used
Complete penetration testing suite (port scanning, brute force attacks,
cheetah-suite 21.2364713
services discovery, common vulnerabilities searching, reporting etc.)
Python-based interactive assembler/disassembler CLI, powered
chiasm-shell 33.e20ed9f
byKeystone/Capstone.
4:1743.505170 Framework for analyzing the security of PC platforms including hardware,
chipsec
ae system firmware (BIOS/UEFI), and platform components.
chiron 48.524abe1 An all-in-one IPv6 Penetration Testing Framework.
chisel 230.ce307e5 A fast TCP tunnel over HTTP.
chkrootkit 0.57 Checks for rootkits on a system
Offline NT Password Editor - reset passwords in a Windows NT SAM
chntpw 140201
user database file
chopshop 444.8bdd393 Protocol Analysis/Decoder Framework.
choronzon 4.d702c31 An evolutionary knowledge-based fuzzer.
Allows two peers behind two separate NATs with no port forwarding and
chownat 0.08b
no DMZ setup on their routers to directly communicate with each other
Chrome web browser decoder tool that demonstrates recovering
chrome-decode 0.1
passwords.
chromefreak 24.12745b1 A Cross-Platform Forensic Framework for Google Chrome
chromensics 1.0 A Google chrome forensics tool.
chw00t 39.1fd1016 Unices chroot breaking tool.
cidr2range 1.0 Script for listing the IP addresses contained in a CIDR netblock
cintruder 14.f8a3f12 An automatic pentesting tool to bypass captchas.
A very simple way to find out which SSL ciphersuites are supported by a
cipherscan 419.c67f3ee
target.
ciphertest 22.e33eb4a A better SSL cipher checker using gnutls.
A CLI tool for encoding, decoding, encryption, decryption, and hashing
ciphr 127.5da7137
streams of data.
cirt-fuzzer 1.0 A simple TCP/UDP protocol fuzzer.
cisco-auditing- Perl script which scans cisco routers for common vulnerabilities. Checks
1
tool for default passwords, easily guessable community names, and the IOS
 history bug. Includes support for plugins and scanning multiple hosts.
cisco-global- A perl script that targets multiple vulnerabilities in the Cisco Internetwork
1.3
exploiter Operating System (IOS) and Catalyst products.
cisco-ocs 0.2 Cisco Router Default Password Scanner.
cisco-router- copy-router-config and merge-router-config to copy and merge Cisco
1.1
config Routers Configuration
Multithreaded Cisco HTTP vulnerability scanner. Tested on Linux,
cisco-scanner 0.2
OpenBSD and Solaris.
cisco-snmp- Automated Cisco SNMP Enumeration, Brute Force, Configuration
10.ad06f57
enumeration Download and Password Cracking.
IP address spoofing tool in order to bypass an ACL protecting an SNMP
cisco-snmp-slap 5.daf0589
service on Cisco IOS devices.
cisco-torch 0.4b Cisco Torch mass scanning, fingerprinting, and exploitation tool.
cisco5crack 2.c4b228c Crypt and decrypt the cisco enable 5 passwords.
cisco7crack 2.f1c21dd Crypt and decrypt the cisco enable 7 passwords.
Сканирует сети классов A, B и C в поисках роутеров cisco с
ciscos 1.3
открытым портом telnet и неизменённым заводским паролем от cisco.
citadel 95.3b1adbc A library of OSINT tools.
cjexploiter 6.72b08d8 Drag and Drop ClickJacking exploit development assistance tool.
1638.d726e15
clair Vulnerability Static Analysis for Containers.
7
clairvoyance 2.0.6 Obtain GraphQL API Schema even if the introspection is not enabled.
clamscanlogpar This is a utility to parse a Clam Anti Virus log file, in order to sort them
1
ser into a malware archive for easier maintanence of your malware collection.
clash 1.15.1 A rule-based tunnel in Go.
climber 30.5530a78 Check UNIX/Linux systems for privilege escalation.
Data Exfiltration In Plain Sight; Evade DLP/MLS Devices; Social
cloakify 117.f45c3b3
Engineering of Analysts; Evade AV Detection.
cloud-buster 194.b55e4a1 A tool that checks Cloudflare enabled sites for origin IP leaks.
Utilize misconfigured DNS and old database records to find hidden IP's
cloudfail 79.7982c7d
behind the CloudFlare network.
cloudflare-enum 10.412387f Cloudflare DNS Enumeration Tool for Pentesters.
cloudget 64.cba10b1 Python script to bypass cloudflare from command line. Built upon
 cfscrape module.
cloudlist 342.29bacea A tool for listing Assets from multiple Cloud Providers.
A simple tool to find origin servers of websites protected by CloudFlare
cloudmare 102.032a1ab
with a misconfiguration DNS.
cloudsploit 3790.3d5f72d4 AWS security scanning checks.
cloudunflare 14.b91a8a7 Reconnaissance Real IP address for Cloudflare Bypass.
Automates the fingerprinting, reconnaissance, and exploitation phases of
clusterd 143.d190b2c
an application server attack.
cminer 25.d766f7e A tool for enumerating the code caves in PE files.
cmospwd 5.1 Decrypts password stored in CMOS used to access BIOS setup.
Designed to reveal the specific modules, plugins, components and themes
cms-explorer 15.23b58cd
that various cms driven websites are running
Joomla, Mambo, PHP-Nuke, and XOOPS CMS SQL injection
cms-few 0.1
vulnerability scanning tool written in Python.
cmseek 362.5992739 CMS (Content Management Systems) Detection and Exploitation suite.
cmsfuzz 5.6be5a98 Fuzzer for wordpress, cold fusion, drupal, joomla, and phpnuke.
A python open source Content Management System scanner that
cmsmap 1:8.59dd0e2 automates the process of detecting security flaws of the most popular
CMSs.
CMS scanner to identify and find vulnerabilities for Wordpress, Drupal,
cmsscan 43.f060b4b
Joomla, vBulletin.
0.13.8.26.g127
cmsscanner CMS Scanner Framework.
75a6
cnamulator 5.4667c68 A phone CNAM lookup utility using the OpenCNAM API.
cntlm 4.b35d55c An NTLM, NTLM2SR, and NTLMv2 authenticating HTTP proxy.
codeql 1:2.8.1 The CLI tool for GitHub CodeQL
A tool to determine the crypto/encoding algorithm used according to traces
codetective 45.52b91f1
of its representation.
Coerce a Windows server to authenticate on an arbitrary machine through
coercer 1.6
9 methods.
comission 203.67b890e WhiteBox CMS analysis.
commentor 19.d81a660 Extract all comments from the specified URL resource.
commix 1965.ae94360c Automated All-in-One OS Command Injection and Exploitation Tool.
 Leverages publicly available datasets from Google BigQuery to generate
commonspeak 36.f0aad23
wordlists.
A collection of tools for pentester: LetDown is a powerful tcp flooder
ReverseRaider is a domain scanner that use wordlist scanning or reverse
complemento 0.7.6
resolution scanning Httsquash is an http server scanner, banner grabber
and data retriever
Company Passwords Profiler helps making a bruteforce wordlist for a
compp 1.0.5
targeted company.
This is a tool to span /8-sized networks quickly sending snmpset requests
configpush 0.8.5
with default or otherwise specified community string to Cisco devices.
ICS honeypot with the goal to collect intelligence about the motives and
conpot 0.6.0 methods of adversaries targeting industrial control systems
url="http://conpot.org"
conscan 1.2 A blackbox vulnerability scanner for the Concre5 CMS.
Easily create word's permutation and combination to generate complex
cook 238.8f8b958
wordlists and passwords.
cookie-cadger 1.08 An auditing tool for Wi-Fi or wired Ethernet connections.
corkscrew 2.0 A tool for tunneling SSH through HTTP proxies
corscanner 99.593043f Fast CORS misconfiguration vulnerabilities scanner.
corstest 10.beffd0b A simple CORS misconfigurations checker.
corsy 69.2985ae2 CORS Misconfiguration Scanner.
cottontail 93.b7f5222 Capture all RabbitMQ messages being sent through a broker.
cowpatty 4.8 Wireless WPA/WPA2 PSK handshake cracking utility
cpfinder 0.1 This is a simple script that looks for administrative web interfaces.
1:2022.0.7.r11.
cpp2il A tool to reverse unity's IL2PP toolchain
gdc9dcd9
cppcheck 2.10.3 A tool for static C/C++ code analysis
A portable and powerful, yet simple, unit testing framework for handling
cpptest 2.0.0
automated tests in C++.
Search for public leaks for email addresses + check creds against 16
cr3dov3r 46.99a1660
websites.
Automatic remote/local file inclusion vulnerability analysis and exploit
crabstick 47.bb7827f
tool.
cracken v1.0.1.r0.g7a3 A ast password wordlist generator, Smartlist creation and password
 25ff hybrid-mask analysis tool written in pure safe Rust.
crackhor 2.ae7d83f A Password cracking utility.
crackle 111.d83b4b6 Crack and decrypt BLE encryption
2:v5.4.0.r30.gd A swiss army knife for pentesting Windows/Active Directory
crackmapexec
2ea13f environments.
crackq 48.89b7318 Hashcrack.org GPU-accelerated password cracker.
1.0.r51.ge96af
crackql GraphQL password brute-force and fuzzing utility
25
crackserver 33.e5763ab An XMLRPC server for password cracking.
Web recon tool (find temporary files, parse robots.txt, search folders,
crawlic 51.739fe2b
google dorks and search domains hosted on same server).
creak 40.52b0d74 Poison, reset, spoof, redirect MITM script.
create_ap 265.462c09f A shell script to create a NATed/Bridged Software Access Point
A python tool to extract various credentials and secrets from Windows
creddump 3.ed95e1a
registry hives.
The Credential mapper - Tool that was created to bring awareness to the
credmap 116.d862247
dangers of credential reuse.
Harvest FTP/POP/IMAP/HTTP/IRC credentials along with interesting
creds 1:17.1ec8297
data from each of the protocols.
Phishing framework written with the Python micro-framework Flask and
credsniper 21.f52461b
Jinja2 templating which supports capturing 2FA tokens.
A geolocation information gatherer. Offers geolocation information
creepy 1:137.9f60449
gathering through social networking platforms.
An interactive crib dragging tool for cryptanalysis on ciphertext generated
cribdrag 5.2d27dbf
with reused or predictable stream cipher keys.
crlf-injector 9.bd6db06 A python script for testing CRLF injecting issues.
crlfuzz 62.7a442bb A fast tool to scan CRLF vulnerability written in Go.
LinkedIn enumeration tool to extract valid employee names from an
crosslinked 1:19.786ad1c
organization through search engine scraping.
crosstool-ng 1.25.0 Versatile (cross-)toolchain generator.
A brute forcing tool that can be used during penetration tests. It is
crowbar 111.4b563dc developed to support protocols that are not currently supported by thc-
hydra and other popular brute forcing tools.
 A modular framework designed to automate the penetration testing of
crozono 1:5.6a51669
wireless networks from drones and such unconventional devices.
A wordlist generator for all combinations/permutations of a given
crunch 3.6
character set.
crypthook 18.690dcae TCP/UDP symmetric encryption tunnel wrapper.
cryptonark 0.5.7 SSL security checker.
The OWASP CSRFTester Project attempts to give developers the ability
csrftester 1.0
to test their applications for CSRF flaws.
An OSINT tool that discovers sub-domains by searching Certificate
ct-exposer 24.71252ac
Transparency logs
v2.3.0.r22.ga5 A CLI tool & library to enhance and speed up script/exploit writing for
ctf-party
be46a CTF players.
ctunnel 0.7 Tunnel and/or proxy TCP or UDP connections via a cryptographic tunnel.
ctypes-sh 153.6982e6c Allows you to call routines in shared libraries from within bash.
cuckoo 2.0.7 A malware analysis system.
cupp 77.56547fd Common User Password Profiler
A Qt and WebKit based command-line utility that captures WebKit's
cutycapt 3:10
rendering of a web page.
cve-api 170.8e9c247 Unofficial api for cve.mitre.org.
v4.2.1.r31.g1f
cve-search A tool to perform local searches for known vulnerabilities.
0b50a
The goal of cvechecker is to report about possible vulnerabilities on your
cvechecker 4.0 system, by scanning the installed software and matching the results with
the CVE database.
cybercrowl 111.f7cac52 A Python Web path scanner tool.
cyberscan 75.ca85794 A Network Pentesting Tool
A stealth backdooring tool, that inject backdoor's shellcode into an
cymothoa 1
existing process.
d-tect 13.9555c25 Pentesting the Modern Web.
dagon 244.f065d7b Advanced Hash Manipulation.
dalfox 1251.a953704 Parameter Analysis and XSS Scanning tool.
damm 32.60e7ec7 Differential Analysis of Malware in Memory.
Damn v1.9 Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application
Vulnerable Web that is damn vulnerable. Its main goals are to be an aid for security
App (DVWA) professionals to test their skills and tools in a legal environment, help web
developers better understand the processes of securing web applications
and aid teachers/students to teach/learn web application security in a class
room environment.
daredevil 42.81cb57f A tool to perform (higher-order) correlation power analysis attacks (CPA).
dark-dork-
1.0 Dark-Dork Searcher.
searcher
Store and execute an encrypted windows binary from inside memory,
darkarmour 4.f10228a
without a single bit touching disk.
A tool written in python that leverages bing for mining data on systems
darkbing 0.1
that may be susceptible to SQL injection.
Python script that performs dork searching and searches for local file
darkd0rk3r 1.0
inclusion and SQL injection errors.
darkdump 43.40abd92 Search The Deep Web Straight From Your Terminal.
This tool will try to find every website that host at the same server at your
darkjumper 5.8
target.
darkmysqli 1.6 Multi-Purpose MySQL Injection Tool
darkscrape 68.2ca0e37 OSINT Tool For Scraping Dark Websites.
A penetration testing framework for Linux, MacOS, and Windows
darkspiritz 1:6.4d23e94
systems.
darkstat 3.0.721 Network statistics gatherer (packet sniffer)
dartspylru 7.5ef01b1 Simple dictionary with LRU behaviour.
A proxy which allows you to intercept TLS traffic in native x86
datajackproxy 42.f75f3a3
applications across platform.
A tool to perform various OSINT techniques, aggregate all the raw data,
datasploit 1:367.a270d50 visualize it on a dashboard, and facilitate alerting and monitoring on the
data.
A tool for using Abuse of Functionality and XML External Entities
davoset 1.3.7
vulnerabilities on some websites to attack other websites.
davscan 30.701f967 Fingerprints servers, finds exploits, scans WebDAV.
Tests WebDAV enabled servers by uploading test executable files, and
davtest 3.a282c58 then (optionally) uploading files which allow for command execution or
other actions directly on the target
 1:v2.0.0.rc4.r0
dawnscanner A static analysis security scanner for ruby written web applications.
.gd6150be
A Netcat-clone, designed to be portable and offer strong encryption. It
dbd 61.8cf5350
runs on Unix-like operating systems and on Microsoft Win32.
A Java tool that allows you to perform online audits of password quality
dbpwaudit 0.8
for several database engines.
This is a simple utility for enumerating D-Bus endpoints, an nmap for D-
dbusmap 16.6bb2831
Bus.
A patched version of dd that includes a number of features useful for
dc3dd 7.2.646
computer forensics.
0.0.1.r7.g7b85 Spot all domain controllers in a Microsoft Active Directory environment.
dcdetector
9c5 Find computer name, FQDN, and IP address(es) of all DCs.
dcfldd 1.7.1 DCFL (DoD Computer Forensics Lab) dd replacement with hashing
Simple, but smart, multi-threaded web crawler for randomly gathering
dcrawl 7.3273c35
huge lists of unique domain names.
v0.15.1.r0.ga2
ddosify High-performance load testing tool, written in Golang.
4fcf9
A data recovery tool. It copies data from one file or block device (hard
ddrescue 1.27 disc, cdrom, etc) to another, trying to rescue the good parts first in case of
read errors.
de4dot 3.1.41592 .NET deobfuscator and unpacker.
deathstar 59.f10fdbf Automate getting Domain Admin using Empire.
debinject 43.d884309 Inject malicious code into *.debs.
deblaze 1:1.0608dc3 A remote method enumeration tool for flex servers
decodify 50.76a0801 Tool that can detect and decode encoded strings, recursively.
deen 601.fd9aebe Generic data encoding/decoding application built with PyQt5.
deepce 108.934a991 Docker Enumeration, Escalation of Privileges and Container Escapes.
delldrac 0.1a DellDRAC and Dell Chassis Discovery and Brute Forcer.
delorean 16.0291151 NTP Main-in-the-Middle tool.
demiguise 11.58d5681 HTA encryption tool for RedTeams.
Calculates density for files of any file-system-path to finally output an
densityscout 45
accordingly descending ordered list.
depant 0.3a Check network for services with default passwords.
 A merciless sentinel which will seek sensitive files containing critical info
depdep 2.0
leaking through your network.
dependency- A tool that attempts to detect publicly disclosed vulnerabilities contained
6.5.3
check within a project's dependencies.
depix 38.f7d1850 A tool for recovering passwords from pixelized screenshots.
der-ascii 84.031bca8 A reversible DER and BER pretty-printer.
det 31.417cbce (extensible) Data Exfiltration Toolkit.
detect-it-easy 1:3.02 A program for determining types of files.
v1.4.0.r10.g44
detect-secrets An enterprise friendly way of detecting and preventing secrets in code.
095a0
detect-sniffer 151.63f0d7f Tool that detects sniffers in the network.
detectem 276.bc5f073 Detect software and its version on websites.
An open-source, cross-platform, multi-purpose security auditing tool
devaudit 803.ca0a68e
targeted at developers and teams.
device-pharmer 40.b06a460 Opens 1K+ IPs or Shodan search results and attempts to login.
dex2jar 2.1 A tool for converting Android's .dex format to Java's .class format
dexpatcher 1.7.0 Modify Android DEX/APK files at source-level using Java.
A Forensics Framework coming with command line and graphical
dff 183.d40d46b
interfaces.
dff-scanner 1.1 Tool for finding path of predictable resource locations.
dfir-ntfs 1.1.13 An NTFS parser for digital forensics & incident response.
Framework for orchestrating forensic collection, processing and data
dftimewolf 585.c4241a78
export .
dga-detection 78.0a3186e DGA Domain Detection using Bigram Frequency Analysis.
dharma 98.6b1e511 Generation-based, context-free grammar fuzzer.
dhcdrop 0.5 Remove illegal dhcp servers with IP-pool underflow.
dhcpf 3.a770b20 Passive DHCP fingerprinting implementation.
Enhanced DHCPv4 and DHCPv6 exhaustion and fuzzing script written in
dhcpig 2:92.9fd8df5
python using scapy network library.
dhcpoptinj 123.58a12c6 DHCP option injector.
didier-stevens-
361.a03e58e Didier Stevens Suite.
suite
dinouml 0.9.5 A network simulation tool, based on UML (User Mode Linux) that can
 simulate big Linux networks on a single PC
dirb 2.22 A web content scanner, brute forceing for hidden files.
dirble 1:1.4.2 Fast directory scanning and scraping tool.
An application designed to brute force directories and files names on
dirbuster 1.0_RC1
web/application servers
dirbuster-ng 9.0c34920 C CLI implementation of the Java dirbuster tool.
directorytravers Detect directory traversal vulnerabilities in HTTP servers and web
1.0.1.0
alscan applications.
dirhunt 298.57bfd58 Find web directories without bruteforce.
This is a python script that scans webservers looking for administrative
dirscanner 0.1
directories, php shells, and more.
OSINT Scanning tool which discovers and maps directories found in
dirscraper 16.e752450
javascript files hosted on a website.
dirsearch 2288.0a18692 HTTP(S) directory/file brute forcer.
Dirstalk is a multi threaded application designed to brute force paths on
dirstalk 1.3.3 web servers. The tool contains functionalities similar to the ones offered
by dirbuster and dirb.
disitool 0.4 Tool to work with Windows executables digital signatures.
A tool to exploit the hash length extension attack in various hashing
dislocker 564.3a8f757
algorithms. With FUSE capabilities built in.
This code dissects the internal data structures in ELF files. It supports x86
dissector 1
and x86_64 archs and runs under Linux.
distorm 3.5.2.b Powerful disassembler library for x86/AMD64
dive 0.10.0 A tool for exploring each layer in a docker image.
dizzy 2.0 A Python based fuzzing framework with many features.
dkmc 56.3c238f0 Dont kill my cat - Malicious payload evasion tool.
dmde 3.8.0.790 Disk Editor and Data Recovery Software.
Convert a (compressed) Apple Disk Images. A CLI tool to uncompress
dmg2img 1.6.7 Apple's compressed DMG files to the HFS+ IMG format A CLI tool to
uncompress Apple's compressed DMG files to the HFS+ IMG format
Deepmagic Information Gathering Tool. Gathers information about hosts.
dmitry 1.3a It is able to gather possible subdomains, email addresses, and uptime
information and run tcp port scans, whois lookups, and more.
dnmap 0.6 The distributed nmap framework
dns-parallel-
68.422db61 PoC for an adaptive parallelised DNS prober.
prober
dns-reverse-
36.937d3d2 A reverse DNS proxy written in Go.
proxy
dns-spoof 13.81ba29f Yet another DNS spoof utility.
A simple python script that brute forces DNS and subsequently geolocates
dns2geoip 0.1
the found subdomains.
dns2tcp 0.5.2 A tool for relaying TCP connections over DNS.
dnsa 0.6 DNSA is a dns security swiss army knife
dnsbf 0.3 Search for available domain names in an IP range.
Multi-theaded DNS bruteforcing, average speed 80 lookups/second with
dnsbrute 2.b1dc84a
40 threads.
dnscan 208.2e23323 A python wordlist-based DNS subdomain scanner.
dnschef 17.a395411 A highly configurable DNS proxy for pentesters.
dnscobra 1.0 DNS subdomain bruteforcing tool with Tor support through torsocks
dnsdiag 292.1f94ad7 DNS Diagnostics and Performance Measurement Tools.
dnsdrdos 0.1 Proof of concept code for distributed DNS reflection DoS.
Script that enumerates DNS information from a domain, attempts zone
dnsenum 1.2.4.2 transfers, performs a brute force dictionary style attack, and then performs
reverse look-ups on the results.
dnsfilexfer 24.126edcd File transfer via DNS.
Nasty creature constantly searching for DNS servers. It uses standard dns
dnsgoblin 1:0.1
queries and waits for the replies.
dnsgrep 14.3f4fa7c A utility for quickly searching presorted DNS names.
dnsmap 0.30 Passive DNS network mapper
A handy DNS service written in Go to aid in the detection of several types
dnsobserver 5.f331482
of blind vulnerabilities.
dnspredict 0.0.2 DNS prediction.
Allows you to perform multiple dns queries of your choice with a list of
dnsprobe 56.7120008
user supplied resolvers.
dnspy 6.1.8 .NET debugger and assembly editor.
dnsrecon 2:1.1.4 Python script for enumeration of hosts, subdomains and emails from a
 given domain using google.
dnssearch 20.e4ea439 A subdomain enumeration tool.
A very fast multithreaded bruteforcer of subdomains that leverages a
dnsspider 1.3
wordlist and/or character permutation.
dnsteal 28.1b09d21 DNS Exfiltration tool for stealthily sending files over DNS requests..
Determines where a given DNS server gets its information from, and
dnstracer 1.10
follows the chain of DNS servers
Domain name permutation engine for detecting typo squatting, phishing
dnstwist 574.dbe2b56
and corporate espionage.
Maintains a list of IPv4 DNS servers by verifying them against baseline
dnsvalidator 82.146c9b0
servers, and ensuring accurate responses.
dnswalk 2.0.2 A DNS debugger.
Fast and multi-purpose DNS toolkit allow to run multiple DNS queries of
dnsx 474.1ed65d8
your choice with a list of user-supplied resolvers.
Uility to embed XXE and XSS payloads in docx,odt,pptx,etc
docem 20.b0ddd87
(OXML_XEE on steroids).
dockerscan 59.590a844 Docker security analysis & hacking tools.
domain-
0.8.1 Finds all the security information for a given domain name.
analyzer
domain-stats 165.1cf05bf A web API to deliver domain information from whois and alexa.
domained 80.d9d079c Multi Tool Subdomain Enumeration.
Checks expired domains for categorization/reputation and Archive.org
domainhunter 51.38cb7ef
history to determine good candidates for phishing and C2 domain names.
domato 123.8083920 DOM fuzzer.
domi-owned 41.583d0a5 A tool used for compromising IBM/Lotus Domino servers.
A tool to link a domain with registered organisation names and emails, to
domlink 37.1cabd5d
other domains.
0.7.r12.g9b6f5
dontgo403 Tool to bypass 40X response codes..
90
Generates x86, x64 or AMD64+x86 P.I. shellcode loading .NET
donut 501.61af8cc
Assemblies from memory.
doona 145.7a4796c A fork of the Bruteforce Exploit Detector Tool (BED).
doork 6.90c7260 Passive Vulnerability Auditor.
doozer 9.5cfc8f8 A Password cracking utility.
dorkbot 186.8d9df3c Command-line tool to scan Google search results for vulnerabilities.
Tool designed with the purpose of making easier the searching of
dorkme 57.0a7017a
vulnerabilities with Google Dorks, such as SQL Injection vulnerabilities.
Selenium powered Python script to automate searching for vulnerable web
dorknet 58.419d6a2
apps.
1.0.r13.gdd87d Golang tool to automate google dork scan against the entire internet or
dorkscout
af specific targets.
dotdotpwn 3.0.2 The Transversal Directory Fuzzer
dotpeek 2021.3.3 Free .NET Decompiler and Assembly Browser.
dpeparser 1:beta002 Default password enumeration project
dpscan 0.1 Drupal Vulnerabilty Scanner.
dr-checker 140.ea63c0f A Soundy Vulnerability Detection Tool for Linux Kernel Drivers.
dr0p1t- A framework that creates a dropper that bypass most AVs, some
44.db9bc2d
framework sandboxes and have some tricks.
dracnmap 69.09d3945 Tool to exploit the network and gathering information with nmap help.
dradis 3.0.0.rc1 An open source framework to enable effective information sharing.
5575.ed72071
dradis-ce An open source framework to enable effective information sharing.
c
dragon- A sniffing, non binding, reverse down/exec, portknocking service Based
7.c7416b7
backdoor on cd00r.c.
1:v1.3.0.r13.ge Listens to network traffic and picks out images from TCP streams it
driftnet
492335 observes.
drinkme 19.acf1a14 A shellcode testing harness.
dripcap 0.6.15 Caffeinated Packet Analyzer.
v1.r1.gc9bb0c A fast, asynchronous DNS scanner; it can be used for enumerating
dripper
9 subdomains and enumerating boxes via reverse DNS.
A plugin-based scanner that aids security researchers in identifying issues
droopescan 1.45.1
with several CMSs, mainly Drupal & Silverstripe.
A security testing framework for Android - Precompiled binary from
drozer 2.4.4
official repository.
drupal-module-
11.525543c Enumerate on drupal modules.
enum
drupalscan 0.5.2 Simple non-intrusive Drupal scanner.
drupwn 1:59.8186732 Drupal enumeration & exploitation tool.
dscanner 0.14.0 Swiss-army knife for D source code.
dsd 91.7ee04e5 Digital Speech Decoder
A fully functional File inclusion vulnerability scanner (supporting GET
dsfs 36.8e9f8e9
and POST parameters) written in under 100 lines of code.
dshell 142.695c891 A network forensic analysis framework.
A fully functional JavaScript library vulnerability scanner written in under
dsjs 32.26287d0
100 lines of code.
dsniff 2.4b1 Collection of tools for network auditing and penetration testing
A fully functional SQL injection vulnerability scanner (supporting GET
dsss 123.84ddd33
and POST parameters) written in under 100 lines of code.
dsstore-crawler 6.524117b A parser + crawler for .DS_Store files exposed publically.
A fully functional Cross-site scripting vulnerability scanner (supporting
dsxs 130.3e628b6
GET and POST parameters) written in under 100 lines of code.
Python script/security tool to test Dynamic Trunking Protocol
dtp-spoof 5.3ae05fc
configuration on a switch.
dublin-
338.600c6ea NAT-aware multipath tracerouting tool.
traceroute
ducktoolkit 37.42da733 Encoding Tools for Rubber Ducky.
dudley 16.ea14ca6 Block-based vulnerability fuzzing framework.
dumb0 19.1493e74 A simple tool to dump users in popular forums and CMS.
dump1090 386.bff92c4 A simple Mode S decoder for RTLSDR devices.
dumpacl 1:0.1 Dumps NTs ACLs and audit settings.
dumpsmbshare 21.9fd4d5b A script to dump files and folders remotely from a Windows SMB share.
Dumps account names and information even though RestrictAnonymous
dumpusers 1.0
has been set to 1.
dumpzilla 03152013 A forensic tool for firefox.
Remove duplicates from massive wordlist, without sorting it (for
duplicut 2.2
dictionnary-based password cracking).
dutas 10.37fa3ab Analysis PE file or Shellcode.
dvcs-ripper 54.2c1bbc6 Rip web accessible (distributed) version control systems: SVN/GIT/...
dwarf 1082.cdf85f4 Full featured multi arch/os debugger built on top of PyQt5 and frida.
 DynamoRIO is a runtime code manipulation system that supports code
dynamorio 9.0.19046
transformations on any part of a program, while it executes.
eapeak 130.9550d1c Analysis Suite For EAP Enabled Wireless Networks.
Targeted evil twin attacks against WPA2-Enterprise networks. Indirect
eaphammer 273.e8d1ff8
wireless pivots using hostile portal attacks.
An implementation of an offline dictionary attack against the EAP-MD5
eapmd5pass 3.3d5551f
protocol
easy-creds 45.bf9f00c A bash script that leverages ettercap and other tools to obtain credentials.
easyda 7.0867f9b Easy Windows Domain Access Script.
A flexible fuzzer, not only for web, has a CSV output for efficient output
easyfuzzer 3.6
analysis (platform independant).
This is a small python tool that scans websites to look for PHP shells,
eazy 0.1
backups, admin panels, and more.
ecfs 305.1758063 Extended core file snapshot format.
3247.4c82466 A QT4-based binary mode debugger with the goal of having usability on
edb
4 par with OllyDbg.
eggshell 157.eaeeea7 iOS/macOS/Linux Remote Administration Tool.
This is a custom EIGRP packet generator and sniffer developed to test the
eigrp-tools 0.1 security and overall operation quality of this brilliant Cisco routing
protocol.
Examine the contents of Outlook Express DBX email repository files
eindeutig 20050628_1
(forensic purposes)
A malloc(3) debugger that uses virtual memory hardware to detect illegal
electric-fence 2.2.5
memory accesses.
elettra 1.0 Encryption utility by Julia Identity
elettra-gui 1.0 Gui for the elettra crypto application.
Horizontal domain discovery tool you can use to discover other domains
elevate 27.1272d51
owned by a given company.
elfkickers 3.2 Collection of ELF utilities (includes sstrip)
elfparser 7.39d21ca Cross Platform ELF analysis.
elfutils 0.189 Utilities to handle ELF object files and DWARF debugging information.
A tool to decode obfuscated shellcodes using the unicorn-engine for the
elidecode 48.38fa5ba
emulation and the capstone-engine to print the asm code.
elite-proxy-
51.1ced3be Finds public elite anonymity proxies and concurrently tests them.
finder
email2phonenu A OSINT tool to obtain a target's phone number just by having his email
29.9df9dbe
mber address.
emldump 0.0.11 Analyze MIME files.
v1.23.0.r1.g36
emp3r0r Linux post-exploitation framework made by linux user.
21842
2:3086.ce3fde
empire A PowerShell and Python post-exploitation agent.
ca
enabler 1 Attempts to find the enable password on a cisco system via brute force.
This is an encoding tool for 32-bit x86 shellcode that assists a researcher
encodeshellcode 0.1b when dealing with character filter or byte restrictions in a buffer overflow
vulnerability or some kind of IDS/IPS/AV blocking your code.
ent 1.0 Pseudorandom number sequence test.
Message Queue & Broker Injection tool that implements attacks to Redis,
enteletaor 66.e8e4daa
RabbitMQ and ZeroMQ.
entropy 702.13aac50 A set of tools to exploit Netwave and GoAhead IP Webcams.
Tool that enumerates shared folders across the network and under a
enum-shares 7.97cba5a
custom user account.
enum4linux 0.9.1 A tool for enumerating information from Windows and Samba systems.
enum4linux-ng 400.5729ab8 A next generation version of enum4linux.
enumerate-iam 14.4529114 Enumerate the permissions associated with an AWS credential set.
enumerid 30.5311fd8 Enumerate RIDs using pure Python.
enumiax 1.0 An IAX enumerator.
enyelkm 1.2 Rootkit for Linux x86 kernels v2.6.
eos 14.0127319 Enemies Of Symfony - Debug mode Symfony looter.
Tool which aims to lure attackers using various types of web vulnerability
epicwebhoneyp
2.0a scanners by tricking them into believing that they have found a
ot
vulnerability on a host.
erase-
1.0 An IAX flooder.
registrations
Windows tool which allows you to completely remove sensitive data from
eraser 6.2.0.2992 your hard drive by overwriting it several times with carefully selected
patterns.
 1291.4769c17
eresi The ERESI Reverse Engineering Software Interface.
5
Tool to exploit epmd related services such ass rabbitmp, ejabberd and
erl-matter 51.a8bb204
couchdb by bruteforcing the cookie and gaining RCE afterwards.
A Network Packet and Traffic Interceptor For Linux. Sniff All Data Sent
espionage 1:45.1926d8a
Through a Network.
eternal-scanner 91.4ba62ff An internet scanner for exploit CVE-2017-0144 (Eternal Blue).
etherape 0.9.20 A graphical network monitor for various OSI layers and protocols
etherchange 1.1 Can change the Ethernet address of the network adapters in Windows.
Floods a switched network with Ethernet frames with random hardware
etherflood 1.1
addresses.
Ettercap is a comprehensive suite for man in the middle attacks. It features
sniffing of live connections, content filtering on the fly and many other
ettercap 0.8.3.1
interesting tricks. It supports active and passive dissection of many
protocols and includes many features for network and host analysis.
Spoof SSDP replies to phish for NetNTLM challenge/response on a
evil-ssdp 94.ee76fb0
network.
1:v3.4.r0.g381
evil-winrm The ultimate WinRM shell for hacking/pentesting.
b126
evilclippy 62.fa610c6 A cross-platform assistant for creating malicious MS Office documents.
Man-in-the-middle attack framework used for phishing credentials and
evilginx 2.4.0
session cookies of any web service.
Standalone man-in-the-middle attack framework used for phishing login
evilginx2 59.5a477f7 credentials along with session cookies, allowing for the bypass of 2-factor
authentication.
Modular framework that takes advantage of poor upgrade implementations
evilgrade 2.0.9
by injecting fake updates
evilize 0.2 Tool to create MD5 colliding binaries.
Tool that monitors, analyzes and limits the bandwidth of devices on the
evillimiter 36.46d2033
local network without administrative access.
evilmaid 1.01 TrueCrypt loader backdoor to sniff volume password
evilpdf 5.43696a8 Embedding executable files in PDF Documents.
evine 42.46051de Interactive CLI Web Crawler.
evtkit 8.af06db3 Fix acquired .evt - Windows Event Log files (Forensics).
 5000.1331435
exabgp The BGP swiss army knife of networking.
6
exe2image 1.1 A simple utility to convert EXE files to JPEG images and vice versa.
exescan 1.ad993e3 A tool to detect anomalies in PE (Portable Executable) files.
Find geolocation on all image urls and directories also integrates with
exiflooter 33.a92e697
OpenStreetMap.
exitmap 369.172e763 A fast and modular scanner for Tor exit relays.
exiv2 0.27.2 Exif, Iptc and XMP metadata manipulation library and tools
Looks for all export and import names that contain a specified string in all
expimp-lookup 4.79a96c7
Portable Executable in a directory tree.
The Exploit Database (EDB) - an ultimate archive of exploits and
exploit-db 1.6
vulnerable software - A collection of hacks
exploitdb 20221122 Offensive Security's Exploit Database Archive
exploitpack 139.e565c47 Exploit Pack - Project.
expose 1110.30264af A Dynamic Symbolic Execution (DSE) engine for JavaScript
Irregular methods on regular expressions. Exrex is a command line tool
and python module that generates all - or random - matching strings to a
exrex 146.239e4da
given regular expression and more. It's pure python, without external
dependencies.
extended-ssrf- Smart ssrf scanner using different methods like parameter brute forcing in
28.680f815
search post and get.
extracthosts 17.8fdff9e Extracts hosts (IP/Hostnames) from files.
extractusnjrnl 7.362d4290 Tool to extract the $UsnJrnl from an NTFS volume.
Utility for recovering deleted files from ext2, ext3 or ext4 partitions by
extundelete 0.2.4
parsing the journal
eyeballer 140.5b15ce7 Convolutional neural network for analyzing pentest screenshots.
eyepwn 1.0 Exploit for Eye-Fi Helper directory traversal vulnerability
Designed to take screenshots of websites, provide some server header info,
eyewitness 1018.18a80a4
and identify default credentials if possible.
f-scrack 19.9a00357 A single file bruteforcer supports multi-protocol.
facebash 17.95c3c25 Facebook Brute Forcer in shellscript using TOR.
facebookosint 21.656a04a OSINT tool to replace facebook graph search.
facebot 23.57f6025 A facebook profile and reconnaissance system.
facebrok 33.0f6fe8d Social Engineering Tool Oriented to facebook.
This script tries to guess passwords for a given facebook account using a
facebrute 7.ece355b
list of passwords (dictionary).
factordb-pycli 1.3.0 CLI for factordb and Python API Client.
Black Alchemy's Fake AP generates thousands of counterfeit 802.11b
fakeap 0.3.2 access points. Hide in plain sight amongst Fake AP's cacophony of beacon
frames.
A regular-expression based python MITM DNS server with correct DNS
fakedns 118.39609da
request passthrough and "Not Found" responses.
fakemail 1.0 Fake mail server that captures e-mails as files for acceptance testing.
fakenet-ng 300.68da2d7 Next Generation Dynamic Network Analysis Tool.
A family of tools designed to simulate Windows hosts (NetBIOS) on a
fakenetbios 7.b83701e
LAN.
fang 22.4f94552 A multi service threaded MD5 cracker.
A new concept (IPE) Integrated Penetration-Test Environment a multiuser
9269.4625bd3
faraday Penetration test IDE. Designed for distribution, indexation and analyze of
69
the generated data during the process of a security audit.
11910.f56dfca
faradaysec Collaborative Penetration Test and Vulnerability Management Platform.
36
v1.1.4.r62.g78 High performance DoS/DDoS load analyzer built on top of multiple
fastnetmon
0aff3 packet capture engines.
fav-up 54.089aa11 IP lookup by favicon using Shodan.
favfreak 26.a1ecf3b Weaponizing favicon.ico for BugBounties , OSINT and what not.
fbht 1:70.d75ae93 A Facebook Hacking Tool
fbi 28.0f94e99 An accurate facebook account information gathering.
fbid 16.1b35eb9 Show info about the author by facebook photo url.
fcrackzip 1.0 Zip file password cracker
A File Inclusion & Directory Traversal fuzzing, enumeration &
fdsploit 26.4522f53
exploitation tool.
featherduster 191.9229158 An automated, modular cryptanalysis tool.
fern-wifi-
295.76c64b3 WEP, WPA wifi cracker for wireless penetration testing
cracker
fernflower 485.e19aab6 An analytical decompiler for Java.
fernmelder 6.c6d4ebe Asynchronous mass DNS scanner.
2.7.1.r11.g53e
feroxbuster A fast, simple, recursive content discovery tool written in Rust.
3420
ffdec 11.0.0 Open source Flash SWF decompiler and editor.
A hacking harness that you can use during the post-exploitation phase of a
ffm 60.ad691d4
red-teaming engagement.
1:v2.0.0.r1.gb2
ffuf Fast web fuzzer written in Go.
c1f94
ffuf-scripts 1.2192bf7 Scripts and snippets for ffuf payloads.
fgscanner 11.893372c An advanced, opensource URL scanner.
This is a framework for HTTP related attacks. It is written in Perl with a
fhttp 1.3 GTK interface, has a proxy for debugging and manipulation, proxy
chaining, evasion rules, and more.
fi6s 172.8d5ddba IPv6 network scanner designed to be fast.
A DNS reconnaissance tool for locating non-contiguous IP space. A DNS
fierce 134.99eca52
scanner.
FakeIKEd, or fiked for short, is a fake IKE daemon supporting just enough
of the standards and Cisco extensions to attack commonly found insecure
Cisco VPN PSK+XAUTH based IPsec authentication setups in what could
fiked 0.0.5
be described as a semi MitM attack. Fiked can impersonate a VPN
gateway’s IKE responder in order to capture XAUTH login credentials; it
doesn’t currently do the client part of full MitM.
filebuster 95.f2b04c7 An extremely fast and flexible web fuzzer.
filefuzz 1.0 A binary file fuzzer for Windows with several options.
A tool that help you to guess how your shell was renamed after the server-
filegps 90.03cbc75
side script of the file uploader saved it.
fileintel 33.a0bff38 A modular Python application to pull intelligence about malicious files.
filibuster 167.c54ac80 A Egress filter mapping application with additional functionality.
A little tool for local and remote file inclusion auditing and exploitation.
fimap is a little python tool which can find, prepare, audit, exploit and
fimap 2:1.00
even google automaticly for local and remote file inclusion bugs in
webapps.
finalrecon 123.2f64052 OSINT Tool for All-In-One Web Reconnaissance.
find-dns 0.1 A tool that scans networks looking for DNS servers.
find3 604.5964026 High-precision indoor positioning framework.
findmyhash 1.1.2 Crack different types of hashes using free online services
findmyiphone 19.aef3ac8 Locates all devices associated with an iCloud account
findomain 9.0.0 A tool that use Certificate Transparency logs to find subdomains.
findsploit 87.3e61d8d Find exploits in local and online databases instantly.
fingerprinter 480.105ab04 CMS/LMS/Library etc Versions Fingerprinter.
A penetration testing tool that allows you to punch reverse TCP tunnels
firecat 6.b5205c8
out of a compromised network.
1.0.0.r40.gb4e Extract passwords from Mozilla Firefox, Waterfox, Thunderbird,
firefox-decrypt
cc96 SeaMonkey profiles.
firefox-security-
16.31dacf0 A tool that transforms Firefox browsers into a penetration testing suite.
toolkit
firewalk 5.0 An active reconnaissance network security tool
A simple bash script for searching the extracted or mounted firmware file
firmwalker 101.23ff299
system.
firmware-mod-
149.8403a17 Modify firmware images without recompiling.
kit
A Collection of different ways to execute code outside of the expected
firstexecution 6.a275793
entry points.
A traffic analyzer to evade Empire communication from Anomaly-Based
firstorder 8.107eb6a
IDS.
A passive L7 flow fingerprinter that examines TCP/UDP/ICMP packet
fl0p 0.1 sequences, can peek into cryptographic tunnels, can tell human beings and
robots apart, and performs a couple of other infosec-related tricks.
flamerobin 2370.c75f8618 A tool to handle Firebird database management.
flare 0.6 Flare processes an SWF and extracts all scripts from it.
Obfuscated String Solver - Automatically extract obfuscated strings from
flare-floss 860.7138b61
malware.
flashlight 109.90d1dc5 Automated Information Gathering Tool for Penetration Testers.
flashscanner 11.6815b02 Flash XSS Scanner.
flashsploit 23.c465a6d Exploitation Framework for ATtiny85 Based HID Attacks.
flask-session- v1.2.1.1.r11.g8
Decode and encode Flask session cookie.
cookie- 21b80c
manager2
flask-session-
v1.2.1.1.r11.g8
cookie- Decode and encode Flask session cookie.
21b80c
manager3
flasm 1.62 Disassembler tool for SWF bytecode
flawfinder 2.0.19 Searches through source code for potential security flaws.
flowinspect 97.34759ed A network traffic inspection tool.
flunym0us 2.0 A Vulnerability Scanner for Wordpress and Moodle.
3:1568.081254
fluxion A security auditing and social-engineering research tool.
b
flyr 76.4926ecc Block-based software vulnerability fuzzing framework.
Tool to make cache poisoning by trying X-Forwarded-Host and X-
fockcache 10.3e7efa9
Forwarded-Scheme headers on web pages.
forager 115.7439b0a Multithreaded threat Intelligence gathering utilizing.
A console program to recover files based on their headers, footers, and
foremost 1.5.7
internal data structures
foresight 57.6f48984 A tool for predicting the output of random number generators.
Simple and fast forking port scanner written in perl. Can only scan one
forkingportscan host at a time, the forking is done on the specified port range. Or on the
1
ner default range of 1-65535. Has the ability to scan UDP or TCP, defaults to
tcp.
formatstringexp
29.8d64a56 Helper script for working with format string bugs.
loiter
0.7.r7.gd54faa A high performance FortiGate SSL-VPN vulnerability scanning and
fortiscan
0 exploitation tool.
fpdns 2:108.2a898bf Program that remotely determines DNS server versions.
fping 5.1 A utility to ping multiple hosts at once
fport 2.0 Identify unknown open ports and their associated applications.
This is a utility to parse a F-Prot Anti Virus log file, in order to sort them
fprotlogparser 1
into a malware archive for easier maintanence of your collection.
fraud-bridge 10.775c563 ICMP and DNS tunneling via IPv4 and IPv6.
fred 0.1.1 Cross-platform M$ registry hive editor.
freeipmi 1.6.10 Sensor monitoring, system event monitoring, power control, and serial-
 over-LAN (SOL).
freeradius 3.2.2 The premier open source RADIUS server
freewifi 30.1cb752b How to get free wifi.
frida 12.6.8 An interactive disassembler based on LLVM and Qt.
frida-extract 13.abb3f14 Frida.re based RunPE (and MapViewOfSection) extraction tool.
frida-ios-dump 53.56e99b2 Pull decrypted ipa from jailbreak device.
frida-ipa-dump 1:117.b9dcb91 Yet another frida based iOS dumpdecrypted.
Wrapper tool to identify the remote device and push device specific frida-
frida-push 1.0.8
server binary
fridump 23.3e64ee0 A universal memory dumper using Frida.
frisbeelite 1.2 A GUI-based USB device fuzzer.
fs-exploit 3.28bb9bb Format string exploit generation.
A network takeover & forensic analysis tool - useful to advanced PenTest
fs-nyarl 1.0
tasks & for fun and profit.
1.8.1.r18.g38e
fscan A Security Auditing Tool.
48ba
A tool to monitor file operations on GNU/Linux systems by using the
Inotify mechanism. Its primary purpose is to help detecting file race
fsnoop 3.4
condition vulnerabilities and since version 3, to exploit them with loadable
DSO modules (also called "payload modules" or "paymods").
fssb 73.51d2ac2 A low-level filesystem sandbox for Linux using syscall intercepts.
Automates file system mirroring through remote file disclosure
fstealer 0.1
vulnerabilities on Linux machines.
A tool designed for testing firewall filtering policies and Intrusion
ftester 1.0
Detection System (IDS) capabilities.
The master of all master fuzzing scripts specifically targeted towards FTP
ftp-fuzz 1:1337
server sofware.
Multithreaded ftp scanner/brute forcer. Tested on Linux, OpenBSD and
ftp-scanner 0.2.5
Solaris.
FTP investigation tool - Scans ftp server for the following: reveal entire
ftp-spider 1.0 directory tree structures, detect anonymous access, detect directories with
write permissions, find user specified data within repository.
Scans remote FTP servers to identify what software and what versions
ftpmap 52.cbeabbe
they are running.
ftpscout 12.cf1dff1 Scans ftps for anonymous access.
fuddly 569.fd2c4d0 Fuzzing and Data Manipulation Framework (for GNU/Linux).
fusil 1.5 A Python library used to write fuzzing programs.
Tool that automates the process of detecting and exploiting file upload
fuxploider 140.ec8742b
forms flaws.
fuzzap 17.057002b A python script for obfuscating wireless networks.
A little fuzzer for TCP and IP options. It sends a bunch of more or less
fuzzball2 0.7
bogus packets to the host of your choice.
fuzzbunch 32.2b76c22 NSA Exploit framework
Attack and Discovery Pattern Dictionary for Application Fault Injection
fuzzdb 475.5656ab2
Testing
A simple tool designed to help out with crash analysis during fuzz testing.
fuzzdiff 1.0 It selectively 'un-fuzzes' portions of a fuzzed file that is known to cause a
crash, re-launches the targeted application, and sees if it still crashes.
A Network Protocol Fuzzer made by NCCGroup based on Sulley and
fuzzowski 41.e39f665
BooFuzz.
An XML driven fuzz testing framework that emphasizes easy extensibility
fuzztalk 1.0.0.0
and reusability.
g72x++ Decoder for the g72x++ codec.
A byte code analyzer for finding deserialization gadget chains in Java
gadgetinspector 6.ac7832d
applications.
.NET serialized gadgets that can trigger .NET assembly from
gadgettojscript 20.005cb8b
JS/VBS/VBA based scripts.
galleta 20040505_1 Examine the contents of the IE's cookie files for forensic purposes
gasmask 172.2527371 All in one Information gathering tool - OSINT.
gatecrasher 2.3ad5225 Network auditing and analysis tool developed in Python.
Fetch known URLs from AlienVault's Open Threat Exchange, the
gau 127.e75ad3d
Wayback Machine, and Common Crawl.
gcat 29.39b266c A fully featured backdoor that uses Gmail as a C&C server.
A script to enumerate Google Storage buckets, determine what access you
gcpbucketbrute 16.5fe33df
have to them, and determine if they can be privilege escalated.
gcrypt 1:30.7c2fd05 Simple file encryption tool written in C++.
gdb 13.1 The GNU Debugger
gdb-common 13.1 The GNU Debugger
Browser-based gdb frontend using Flask and JavaScript to visually debug
gdbgui 1:431.9138473
C, C++, Go, or Rust.
Multi-Architecture GDB Enhanced Features for Exploiters & Reverse-
gef 2308.2830670
Engineers.
gene 78.faf8cc0 Signature Engine for Windows Event Logs.
genisys 53.d53bb0c Powerful Telegram Members Scraping and Adding Toolkit.
genlist 1:0.1 Generates lists of IP addresses.
This little tools is designed to get geolocalization information of a host, it
geoedge 0.2
get the information from two sources (maxmind and geoiptool).
geoip 1.6.12 Non-DNS IP-to-country resolver C library & utils
geoipgen 0.4 GeoIPgen is a country to IP addresses generator.
gerix-wifi-
1.1c3cd73 A graphical user interface for aircrack-ng and pyrit.
cracker
gethsploit 3.144778b Finding Ethereum nodes which are vulnerable to RPC-attacks.
Getsids tries to enumerate Oracle Sids by sending the services command
getsids 0.0.1
to the Oracle TNS listener. Like doing 'lsnrctl service'.
getsploit 37.bcab2ee Command line utility for searching and downloading exploits.
gf 39.dcd4c36 A wrapper around grep, to help you grep for things.
The application was created to allow anyone to easily download profile
gg-images 35.b2dd863
pictures from GG.
A Google scraper which performs automated searches and returns results
gggooglescan 0.4
of search queries in the form of URLs or hostnames.
gh-dork 3.799f86f Github dorking tool.
1.1.9.r3.gbb22 An advanced cross-platform tool that automates the process of detecting
ghauri
483 and exploiting SQL injection security flaws.
ghettotooth 1.0 Ghettodriving for bluetooth
A software reverse engineering (SRE) suite of tools developed by NSA's
ghidra 10.2.3
Research Directorate in support of the Cybersecurity mission.
ghost-phisher 1.62 GUI suite for phishing and penetration attacks
ghost-py 2.0.0 Webkit based webclient (relies on PyQT).
Python script to generate obfuscated .vbs script that delivers payload
ghostdelivery 32.a23ed5a
(payload dropper) with persistence and windows antivirus disabling
 functions.
gibberish- v0.1.1.r2.gecac
Train a model and detect gibberish strings with it.
detector 969
v0.40.r2.g0fa6 Automatically spawn a reverse shell fully interactive for Linux or
girsh
870 Windows victim.
giskismet 20110805 A program to visually represent the Kismet data in a flexible manner.
Dump the contents of a remote git repository without directory listing
git-dump 7.4c9a2a9
enabled.
1:1.0.6.r0.g32d
git-dumper A tool to dump a git repository from a website.
47a2
Pinpoints exposed API keys on GitHub. A batch-catching, pattern-
git-hound 148.c8daed6
matching, patch-attacking secret snatcher.
git-wild-hunt 16.6495672 A tool to hunt for credentials in github wild AKA git*hunt.
Python program to scrape secrets from GitHub through usage of a large
gitdorker 113.8199375
repository of dorks.
A pentesting tool that dumps the source code from .git even when the
gitdump 1.682fa37
directory traversal is disabled.
gitem 104.d40a1c9 A Github organization reconnaissance tool.
Monitor GitHub to search and find sensitive data in real time for different
gitgraber 67.72e5850
online services.
githack 16.a3d70b1 A `.git` folder disclosure exploit.
v1.6.2.r0.gc8d
githound Find secret information in git repositories.
aed6
Collection of github dorks and helper tool to automate the process of
github-dorks 79.bc65a29
checking dorks.
A script that clones Github repositories of users and organizations
githubcloner 35.2bcb9c2
automatically.
gitleaks 907.8a31f4a Audit Git repos for secrets and keys.
An information gathering tool to collect git commit emails in version
gitmails 71.8aa8411
control host services.
gitminer 54.16ada58 Tool for advanced mining for content on Github.
OSINT tool to get information from a Github and Gitlab profile and find
gitrecon 30.6467e78
user's email addresses leaked on commits.
gitrob 7.7be4c53 Scan Github For Sensitive Files.
 A repository with 3 tools for pwn'ing websites with .git repositories
gittools 70.7cac63a
available'.
gloom 1:93.cd6e927 Linux Penetration Testing Framework.
glue 380.8703380 A framework for running a series of tools.
A tool that Reads any gMSA password blobs the user can access and
gmsadumper 16.cbc13e0
parses the values.
gnuradio 3.10.6.0 General purpose DSP and SDR toolkit. With drivers for usrp and fcd.
A library which provides a secure layer over a reliable transport layer
gnutls2 2.12.23
(Version 2)
gobd 82.3bbd17c A Golang covert backdoor.
gobuster 2:358.c3fed5e Directory/file & DNS busting tool written in Go.
gocabrito 4.33ac59a Super organized and flexible script for sending phishing campaigns.
goddi 1.2 Dumps Active Directory domain information.
A HTTP DoS test tool. Attack Vector exploited: HTTP Keep Alive +
goldeneye 28.792862f
NoCache.
golismero 73.7d605b9 Opensource web security testing framework.
v1.1.0.r95.g23 User enumeration and password bruteforce on Azure, ADFS, OWA,
gomapenum
ecc54 O365, Teams and gather emails on Linkedin.
A python script designed to allow you to leverage the power of google
goodork 2.2
dorking straight from the comfort of your command line.
goofile 1.5 Command line filetype search
goog-mail 1.0 Enumerate domain emails from google.
google_streetvie
1.2.9 A command line tool and module for Google Street View Image API.
w
Google mass exploit robot - Make a google search, and parse the results
google-explorer 140.0b21b57
for a especific exploit you define.
googlesub 14.a7a3cc7 A python script to find domains by using google dorks.
Automatically Launch Google Hacking Queries Against A Target
goohak 31.815a31e
Domain.
Perform google searches without being blocked by the CAPTCHA or
goop 12.39b34eb
hitting any rate limits. Note: It no longer works.
A tool that automates queries against Google search appliances, but with a
gooscan 1.0.9
twist.
 Tool generates gopher link for exploiting SSRF and gaining RCE in
gopherus 33.90a2fd5
various servers.
gophish 810.d2efb18 Open-Source Phishing Framework.
gosint 196.9c86ed2 OSINT framework in Go.
gospider 106.721e78c Fast web spider written in Go.
gostringsr2 1.1.2 Extract strings from a Go binary using radare2.
gowitness 270.9e88f8c A golang, web screenshot utility using Chrome Headless.
gplist 1.0 Lists information about the applied Group Policies.
gpocrack 3.cf63c86 Active Directory Group Policy Preferences cpassword cracker/decrypter.
gpredict 1629.0f3beb6 A real-time satellite tracking and orbit prediction application.
gps-sdr-sim 203.dc403c8 Software-Defined GPS Signal Simulator.
gqrx 2.16 Interactive SDR receiver waterfall for many devices.
Gnuradio tools for receiving Mode S transponder signals, including ADS-
gr-air-modes 396.0b6c383
B.
gr-gsm 1151.2efaa49 Gnuradio blocks and tools for receiving GSM transmissions
gr-paint 42.24765f9 An OFDM Spectrum Painter for GNU Radio.
grabbb 0.0.7 Clean, functional, and fast banner scanner.
A web application scanner. Basically it detects some kind of
grabber 0.1
vulnerabilities in your website.
grabing 11.9c1aa6c Counts all the hostnames for an IP adress
grabitall 1.1 Performs traffic redirection by sending spoofed ARP replies.
graffiti 24.4af61b4 A tool to generate obfuscated one liners to aid in penetration testing.
A random test generator / fuzzer that creates test cases according to an
grammarinator 153.7dace54
input ANTLR v4 grammar.
GraphQL endpoints finder using subdomain enumeration, scripts analysis
graphinder 1.11.6
and bruteforce.
1.12.r5.g6deb3
graphql-cop GraphQL vulnerability scanner.
22
graphql-path- Tool that lists the different ways of reaching a given type in a GraphQL
16.1a44883
enum schema.
Scripting engine to interact with a graphql endpoint for pentesting
graphqlmap 63.59305d7
purposes.
graphw00f 1.1.8.r8.g2321 GraphQL endpoint detection and engine fingerprinting.
 1eb
graudit 606.44111c8 Grep rough source code auditing tool.
greenbone-
security- 9.0.1 Greenbone Security Assistant (gsa) - OpenVAS web frontend
assistant
grepforrfi 0.1 Simple script for parsing web logs for RFIs and Webshells v1.2
A collection of scripts built for reading Windows NT/2K/XP/2K eventlog
grokevt 0.5.0
files.
grr 17.791ed5a High-throughput fuzzer and emulator of DECREE binaries.
grype 1:0.33.1 A vulnerability scanner for container images and filesystems.
Gives you the Discretionary Access Control List of any Windows NT
gsd 1.1
service you specify as a command line option.
Global Socket. Moving data from here to there. Securely, Fast and trough
gsocket 1.4.40
NAT/Firewalls.
gspoof 3.2 A simple GTK/command line TCP/IP packet generator.
Google Talk decoder tool that demonstrates recovering passwords from
gtalk-decode 0.1
accounts.
gtfo 17.873d862 Search gtfobins and lolbas files from your terminal.
gtfoblookup 66.6b8f4a5 Offline command line lookup utility for GTFOBins and LOLBAS.
A small python script that scans for GTP (GPRS tunneling protocol)
gtp-scan 0.7
speaking hosts.
guymager 0.8.13 A forensic imager for media acquisition.
Greenbone Vulnerability Manager - The database backend for the
gvmd 8.0.1
Greenbone Vulnerability Management (GVM) framework
A simple program that checks if a host in an ethernet network is a gateway
gwcheck 0.1
to Internet.
A command line tool that analyzes the obfuscated Javascript produced by
gwtenum 1:7.f27a5aa Google Web Toolkit (GWT) applications in order to enumerate all
services and method calls.
h2buster 79.6c4dd1c A threaded, recursive, web directory brute-force scanner over HTTP/2.
h2csmuggler 7.7ea573a HTTP Request Smuggling over HTTP/2 Cleartext (h2c).
h2spec 2.6.0 A conformance testing tool for HTTP/2 implementation.
h2t 36.9183a30 Scans a website and suggests security headers to apply.
h8mail 344.ee31c8f Email OSINT and password breach hunting.
habu 359.8326936 Python Network Hacking Toolkit.
A shell for with Pythonect-like syntax, including wrappers for commonly
hackersh 0.2.0
used security tools.
hackredis 3.fbae1bc A simple tool to scan and exploit redis servers.
Driver for HackRF, allowing general purpose software defined radio
hackrf 2023.01.1
(SDR).
v1.5.0.r13.gf9e
haiti A CLI tool to identify the hash type of a given hash.
20c7
A collection of tool that allows capturing TCP/IP packets and filtering
haka 0.2.2
them based on Lua policy files.
hakku 384.bbb434d Simple framework that has been made for penetration testing tools.
Simple, fast web crawler designed for easy, quick discovery of endpoints
hakrawler 234.14e240b
and assets within a web application.
hakrevdns 41.8b638e4 Small, fast tool for performing reverse DNS lookups en masse.
Halberd discovers HTTP load balancers. It is useful for web application
halberd 0.2.4
security auditing and for load balancer configuration testing.
A repository crawler that runs checksums for static files found within a
halcyon 0.1
given git repository.
halcyon-ide 2.0.2 First IDE for Nmap Script (NSE) Development.
hamster 2.0.0 Tool for HTTP session sidejacking.
An small application designed to analyze your system searching for global
handle 1:0.1 objects related to running proccess and display information for every
found object, like tokens, semaphores, ports, files,..
harness 19.ed2a6aa Interactive remote PowerShell Payload.
harpoon 380.0bd1f34 CLI tool for open source and threat intelligence.
hasere 1.0 Discover the vhosts using google and bing.
A python script which scraps online hash crackers to find cleartext of a
hash-buster 49.0d6ebb4
hash.
hash-extender 157.1f29520 A hash length extension attack tool.
Software to identify the different types of hashes used to encrypt data and
hash-identifier 6.0e08a97
especially passwords.
hashcat 1:6.2.6 Multithreaded advanced password recovery utility
hashcat-utils 1.9 Utilites for Hashcat
Hashcatch deauthenticates clients connected to all nearby WiFi networks
and tries to capture the handshakes. It can be used in any linux device
hashcatch 52.8145660
including Raspberry Pi and Nethunter devices so that you can capture
handshakes while walking your dog.
Search for leaked passwords while maintaining a high level of privacy
hashcheck 2.72b0c6e
using the k-anonymity method.
hashdb 1089.1da1b9f A block hash toolkit.
hashdeep 4.4 Advanced checksum hashing tool.
A tool that allows you to quickly hash plaintext strings, or compare hashed
hasher 48.40173c5
values with a plaintext locally.
A tool to search files for matching password hash types and other
hashfind 8.e9a9a14
interesting data.
hashid 1:397.7e8473a Software to identify the different types of hashes used to encrypt data.
A tool to exploit the hash length extension attack in various hashing
hashpump 49.314268e
algorithms.
hashtag 0.41 A python script written to parse and identify password hashes.
hatcloud 33.3012ad6 Bypass CloudFlare with Ruby.
hate-crack 187.b1d7e39 A tool for automating cracking methodologies through Hashcat.
A Python framework for finding C structures from process memory - heap
haystack 1823.c178b5a
analysis - Memory structures forensics.
hbad 1.0 This tool allows you to test clients on the heartbleed bug.
hcraft 1.0.0 HTTP Vuln Request Crafter
hcxdumptool 6.2.7 Small tool to capture packets from wlan devices
Set of tools to generate plainmasterkeys (rainbowtables) and hashes for
hcxkeys 6.2.1
hashcat and John the Ripper
Small set of tools to capture and convert packets from wlan devices for the
hcxtools 6.2.7
use with hashcat.
hdcp-genkey 18.e8d342d Generate HDCP source and sink keys from the leaked master key.
HDMI DDC (I2C) inspection tool. It is designed to demonstrate just how
hdmi-sniff 5.f7fbc0e
easy it is to recover HDCP crypto keys from HDMI devices.
2.2.8.2.r20.g06
heaptrace Helps visualize heap operations for pwn and debugging.
f43fc
 Script that listens on TCP port 443 and responds with completely bogus
heartbleed-
0.1 SSL heartbeat responses, unless it detects the start of a byte pattern similar
honeypot
to that used in Jared Stafford's
Scans for systems vulnerable to the heartbleed bug, and then download
heartleech 116.3ab1d60
them.
hellraiser 279.bea43e2 Vulnerability Scanner.
hemingway 8.9c70a13 A simple and easy to use spear phishing helper.
hercules-
222.2607a3a A special payload generator that can bypass all antivirus software.
payload
HTTP toolkit for security research. It aims to become an open source
hetty 134.f60202e alternative to commercial software like Burp Suite Pro, with powerful
features tailored to the needs of the infosec and bug bounty community.
hex2bin 2.5 Converts Motorola and Intel hex files to binary.
A very versatile packet injector and sniffer that provides a command-line
hexinject 1.6
framework for raw network access.
A database application designed for administering and auditing multiple
database servers simultaneously from a centralized location. It is capable
hexorbase 2:6 of performing SQL queries and bruteforce attacks against common
database servers (MySQL, SQLite, Microsoft SQL Server, Oracle,
PostgreSQL).
hexyl 0.12.0 A command-line hex viewer.
This tool can perform man-in-the-middle and switch flooding attacks. It
hharp 1beta has 4 major functions, 3 of which attempt to man-in-the-middle one or
more computers on a network with a passive method or flood type method.
hidattack 0.1 HID Attack (attacking HID host implementations)
hiddeneye 1228.7a3deaf Modern phishing tool with advanced functionality.
hiddeneye- RC1.r226.g7a3
Modern Phishing Tool With Advanced Functionality.
legacy deaf
A simple scanner for Hikvision devices with basic vulnerability scanning
hikpwn 8.5a7d69c
capabilities written in Python 3.8.
hlextend 17.be21920 Pure Python hash length extension module.
A general-use fuzzer that can be configured to use known-good input and
hodor 1.01be107
delimiters in order to fuzz specific locations.
holehe 421.2158f87 A tool for Efficiently finding registered accounts from emails.
 Scans all running processes. Recognizes and dumps a variety of
hollows-hunter 0.3.5 potentially malicious implants (replaced/injected PEs, shellcodes, hooks,
in-memory patches).
homepwn 31.0803981 Swiss Army Knife for Pentesting of IoT Devices.
Network credential injection to detect responder and other network
honeycreds 26.eaeb401
poisoners.
honeyd 337.a0f3d64 A small daemon that creates virtual hosts on a network.
honeypy 599.feccab5 A low interaction Honeypot.
honggfuzz 4055.3a8f2ae4 A general-purpose fuzzer with simple, command-line interface.
A high-interaction Honey Pot solution designed to log all SSH
honssh 204.821ce87
communications between a client and server.
A hook tool which can be potentially helpful in reversing applications and
hookanalyser 3.4 analyzing malware. It can hook to an API in a process and search for a
pattern in memory or dump the buffer.
hookshot 199.3258c3e Integrated web scraper and email account data breach comparison tool.
hoover 4.9bda860 Wireless Probe Requests Sniffer.
hoper 15.8d5dbd9 Trace URL's jumps across the rel links to obtain the last URL.
Reverse engineering tool that lets you disassemble, decompile and debug
hopper 5.8.6
your applications.
A python script which tests http methods for configuration issues leaking
hoppy 1.8.1
information or just to see if they are enabled.
Ruby script tries to extract all IP/Host patterns in page response of a given
host-extract 1:8.0134ad7
URL and JavaScript/CSS files of that URL.
IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
hostapd-wpe 2.9.1
- Wireless Pwnage Edition.
hostbox-ssh 0.1.1 A ssh password/account scanner.
hosthunter 158.553f1c7 A recon tool for discovering hostnames using OSINT techniques.
hotpatch 90.fd2baf1 Hot patches executables on Linux using .so file injection.
Hotspotter passively monitors the network for probe request frames to
hotspotter 0.4 identify the preferred networks of Windows XP clients, and will compare
it to a supplied list of common hotspot network names.
howmanypeople
123.b05e06a Count the number of people around you by monitoring wifi signals.
arearound
hpfeeds 411.539e738 Honeynet Project generic authenticated datafeed protocol.
hping 3.0.0 A command-line oriented TCP/IP packet assembler/analyzer.
hqlmap 38.bb6ab46 A tool to exploit HQL Injections.
hsecscan 66.7b8fa71 A security scanner for HTTP response headers.
A web application analysis tool for detecting communications between
htcap 1:155.a59c592
javascript and the server.
A Python script that exploits a weakness in the way that .htaccess files can
htexploit 0.77
be configured to protect a web directory with an authentication process
htpwdscan 23.e995d6f A python HTTP weak pass scanner.
htrosbif 134.9dc3f86 Active HTTP server fingerprinting and recon tool.
htshells 2:89.3216523 Self contained web shells and other attacks via .htaccess files.
http-enum 0.4 A tool to enumerate the enabled HTTP methods supported on a webserver.
http-fuzz 1:0.1 A simple http fuzzer.
http-put 1.0 Simple http put perl script.
This is a python script that uses the Max-Forwards header in HTTP and
http-traceroute 0.5
SIP to perform a traceroute-like scanning functionality.
Http2Smugl - Tool to detect and exploit HTTP request smuggling in cases
http2smugl 36.78abc09
it can be achieved via HTTP/2 -больше HTTP/1.1 conversion.
A slow HTTP denial-of-service tool that works similarly to other attacks,
httpbog 1.0.0.0 but rather than leveraging request headers or POST data Bog consumes
sockets by slowly reading responses.
A set of shell tools that let you manipulate, send, receive, and analyze
HTTP messages. These tools can be used to test, discover, and assert the
httpforge 11.02.01
security of Web servers, apps, and sites. An accompanying Python library
is available for extensions.
A python tool which scans for HTTP servers and finds given strings in
httpgrep 2.3
URIs.
httping 2.9 A ping-like tool for http-requests
httppwnly 47.528a664 "Repeater" style XSS post-exploitation tool for mass browser control.
httprecon 7.3 Tool for web server fingerprinting, also known as http fingerprinting.
httprint 301 A web server fingerprinting tool.
httprint-win32 301 A web server fingerprinting tool (Windows binaries).
httprobe 22.5555984 Take a list of domains and probe for working HTTP and HTTPS servers
httpry 0.1.8 A specialized packet sniffer designed for displaying and logging HTTP
 traffic.
httpscreenshot 69.0ef8f8f A tool for grabbing screenshots and HTML of large numbers of websites.
Tool to sniff HTTP responses from TCP/IP based networks and save
httpsniff 0.4
contained files locally for later review.
httpsscanner 1.2 A tool to test the strength of a SSL web server.
httptunnel 3.3 Creates a bidirectional virtual data connection tunnelled in HTTP requests
A fast and multi-purpose HTTP toolkit allow to run multiple probers using
httpx 1272.344c54a
retryablehttp library.
httrack 3.49.2 An easy-to-use offline browser utility
Simple application that listens for WIFI-frames and records the mac-
hubbit-sniffer 74.460ecf8
address of the sender and posts them to a REST-api.
A webserver DoS tool (Http Unbearable Load King) ported to Go with
hulk 27.ed2b11c
some additional features.
hungry-
391.1aea7f3 Intercepts data, does something with it, stores it.
interceptor
hurl 20.afca9c5 Hexadecimal & URL (en/de)coder.
hwk 0.4 Collection of packet crafting and wireless network flooding tools
hxd 2.5.0.0 Freeware Hex Editor and Disk Editor.
hyde 11.ec09462 Just another tool in C to do DDoS (with spoofing).
hydra 9.4 Very fast network logon cracker which support many different services
hyenae 0.36_1 flexible platform independent packet generator
hyperfox 121.1a8c26f A security tool for proxying and recording HTTP and HTTPs traffic.
hyperion-
2.3.1 A runtime encrypter for 32-bit portable executables.
crypter
i2pd 2.47.0 A full-featured C++ implementation of the I2P router
iaito 5.8.4 Qt and C++ GUI for radare2 reverse engineering framework
iaxflood 3:0.1 IAX flooder.
A Python based scanner for detecting live IAX/2 hosts and then
iaxscan 0.02
enumerating (by bruteforce) users on those hosts.
An AppleID password bruteforce tool. It uses Find My Iphone service
ibrute 12.3a6a11e
API, where bruteforce protection was not implemented.
icloudbrutter 15.1f64f19 Tool for AppleID Bruteforce.
icmpquery 1.0 Send and receive ICMP queries for address mask and current time.
icmpsh 12.82caf34 Simple reverse ICMP shell.
icmptx 17.52df90f IP over ICMP tunnel.
Search for information related to a domain: Emails - IP addresses -
id-entify 34.dd064a5 Domains - Information on WEB technology - Type of Firewall - NS and
MX records.
Freeware version of the world's smartest and most feature-full
ida-free 8.2
disassembler.
idb 2.10.3 A tool to simplify some common tasks for iOS pentesting and research.
identywaf 206.aa670df Blind WAF identification tool.
A collection of tools that allows to test network intrusion detection
idswakeup 1.0
systems.
ifchk 1.1.2 A network interface promiscuous mode detection tool.
ifuzz 1.0 A binary file fuzzer with several options.
A tool for bruteforcing encoded strings within a boundary defined by a
iheartxor 0.01 regular expression. It will bruteforce the key value range of 0x1 through
0x255.
iis-shortname-
5.4ad4937 An IIS shortname Scanner.
scanner
HTTP authentication cracker. It's a tool that launchs an online dictionary
iisbruteforcer 15 attack to test for weak or simple passwords against protected areas on an
IIS Web server.
A tool that uses IKE protocol to discover, fingerprint and test IPSec VPN
ike-scan 1.9.5
servers
An IKE/IPSec crack tool designed to perform Pre-Shared-Key analysis of
ikecrack 1.00
RFC compliant aggressive mode authentication
A command line IPSEC VPN brute forcing tool for Linux that allows
ikeforce 30.575af15
group name/ID enumeration and XAUTH brute forcing capabilities.
ikeprobe 2:0.1 Determine vulnerabilities in the PSK implementation of the VPN server.
Tool crafting IKE initiator packets and allowing many options to be
ikeprober 1.12 manually set. Useful to find overflows, error conditions and identifiyng
vendors
ilo4-toolbox 43.6a494fe Toolbox for HPE iLO4 analysis.
ilty 1.0 An interception phone system for VoIP network.
imagegrep 8.1f14af2 Grep word in pdf or image based on OCR.
imagejs 56.a442f94 Small tool to package javascript into a valid image file.
Command line utility and Python package to ease the (un)mounting of
imagemounter 413.383b30b
forensic disk images.
1.28.0.r79.gbe A Hex Editor for Reverse Engineers, Programmers and people that value
imhex
c655a8 their eye sight when working at 3 AM.
Impacket is a collection of Python classes for working with network
impacket 0.9.24
protocols.
impulse 77.6939ea2 Modern Denial-of-service ToolKit.
A FireWire physical memory manipulation and hacking tool exploiting
inception 453.e2aed33
IEEE 1394 SBP-2 DMA.
indx2csv 17.129a411e An advanced parser for INDX records.
indxcarver 5.dee36608 Carve INDX records from a chunk of data.
indxparse 176.4e1e293 A Tool suite for inspecting NTFS artifacts.
A software suite for simulating common internet services in a lab
inetsim 1.3.2 environment, e.g. for analyzing the network behaviour of unknown
malware samples.
infection- v1.13.0.r9113.
Automated security testing tool for networks.
monkey g1d713513f
A python script that checks output from netstat against RBLs from
infip 0.1
Spamhaus.
Tool for gathering e-mail accounts information from different public
infoga 3:33.79a1c03
sources (search engines, pgp key servers).
A free penetration testing and vulnerability discovery toolkit entirely
written in python. Framework includes modules to discover hosts, gather
inguma 0.1.1
information about, fuzz targets, brute force usernames and passwords,
exploits, and a disassembler.
Simple python tool that goes through a list of URLs trying CRLF and open
injectus 12.3c01fa0
redirect payloads.
innounp 0.50 Inno Setup Unpacker.
inquisitor 1:28.12a9ec1 OSINT Gathering Tool for Companies and Organizations.
insanity 117.cf51ff3 Generate Payloads and Control Remote Machines .
instagramosint 20.94213fd An Instagram Open Source Intelligence Tool.
instashell 56.49b6b4f Multi-threaded Instagram Brute Forcer without password limit.
intelmq 3.1.0.rc1.r17.g A tool for collecting and processing security feeds using a message
 122e3a386 queuing protocol.
intelplot 12.4dd9fc0 OSINT Tool to Mark Points on Offline Map.
intensio-
280.f66a22b Obfuscate a python code 2 and 3.
obfuscator
v1.1.1.r0.g142
interactsh-client Open-Source Solution for Out of band Data Extraction.
31ab
A next generation sniffer including a lot of features: capturing
intercepter-ng 1.0 passwords/hashes, sniffing chat messages, performing man-in-the-middle
attacks, etc.
Easily turn single threaded command line applications into a fast, multi-
interlace 348.7823e42
threaded application with CIDR and glob support.
A proof-of-concept tool for identification of cryptographic keys in binary
interrogate 5.eb5f071 material (regardless of target operating system), first and foremost for
memory dump analysis and forensic usage.
intersect 2.5 Post-exploitation framework
intrace 1.5 Traceroute-like application piggybacking on existing TCP connections
An ids evasion tool, used to anonymously inundate intrusion detection
inundator 0.5
logs with false positives in order to obfuscate a real attack.
inurlbr 34.dbf9773 Advanced search in the search engines - Inurl scanner, dorker, exploiter.
inviteflood 2.0 Flood a device with INVITE requests
invoke-
19.3ff8bac PowerShell Remote Download Cradle Generator & Obfuscator.
cradlecrafter
invoke-
7.6260f5b Cmd.exe Command Obfuscation Generator & Detection Test Harness.
dosfuscation
invoke-
45.f20e7f8 PowerShell Obfuscator.
obfuscation
This is a tool that lists processes in your Windows system and the ports
inzider 1.2
each one listen on.
iodine 0.7.0 Tunnel IPv4 data through a DNS server
iOS forensic tool
iosforensic 1.0
https://www.owasp.org/index.php/Projects/OWASP_iOSForensic
ip-https-tools 7.170691f Tools for the IP over HTTPS (IP-HTTPS) Tunneling Protocol.
ip-tracer 91.8e2e3dd Track and retrieve any ip address information.
ip2clue 0.0.95 A small memory/CPU footprint daemon to lookup country (and other info)
 based on IP (v4 and v6).
ipaudit 1.1 Monitors network activity on a network.
ipba2 1:95.c03bd85 IOS Backup Analyzer
ipcountry 1.2
Can decapsulate traffic encapsulated within GRE, IPIP, 6in4, ESP (ipsec)
ipdecap 96.45d2a7d
protocols, and can also remove IEEE 802.1Q (virtual lan) header.
iphoneanalyzer 2.1.0 Allows you to forensically examine or recover date from in iOS device.
ipmipwn 6.74a08a8 IPMI cipher 0 attack tool.
ipmitool 1.8.19 Command-line interface to IPMI-enabled devices
ipobfuscator 27.f005262 A simple tool to convert the IP to a DWORD IP.
ipscan 3.9.1 Angry IP scanner is a very fast IP address and port scanner.
1.2.r12.g91b16 This Python script can be used to bypass IP source restrictions using
ipsourcebypass
ad HTTP headers.
This tool extract domains from IP address based in the information saved
iptodomain 18.f1afcd7
in virustotal.
iptv 138.ae6457b Search and brute force illegal iptv server.
iputils 20221126 Network monitoring tools, including ping
ipv4bypass 21.99bb285 Using IPv6 to Bypass Security.
Golang IPv6 address enumeration. ipv666 is a set of tools that enables the
discovery of IPv6 addresses both in the global IPv6 address space and in
ipv666 182.ad45ae8
more narrow IPv6 network ranges. These tools are designed to work out of
the box with minimal knowledge of their workings.
ipv6toolkit 819.367bbe6 SI6 Networks' IPv6 Toolkit
ipython-genutils 0.2.0 Vestigial utilities from IPython.
ircsnapshot 94.cb02a85 Tool to gather information from IRC servers.
irpas 0.10 Internetwork Routing Protocol Attack Suite.
Industrial Exploitation Framework is an exploitation framework based on
isf 68.5228865
Python.
Interactive sip toolkit for packet manipulations, sniffing, man in the
isip 2.fad1f10
middle attacks, fuzzing, simulating of dos attacks.
Scans a VOIP environment, adapts to enterprise VOIP, and exploits the
isme 0.12
possibilities of being connected directly to an IP Phone VLAN.
isr-form 1.0 Simple html parsing tool that extracts all form related information and
 generates reports of the data. Allows for quick analyzing of data.
issniff 294.79c6c2a Internet Session Sniffer.
ivre 0.9.20.dev64 Network recon framework.
ivre-docs 0.9.20.dev64 Network recon framework (documentation)
ivre-web 0.9.20.dev64 Network recon framework (web application)
Standard for creating SSL client fingerprints in an easy to produce and
ja3 117.cb29184
shareable way.
jaadas 0.1 Joint Advanced Defect assEsment for android applications.
Collect all information in your domain, show you graphs on how domain
jackdaw 410.5b8c35c
objects interact with each-other and how to exploit these interactions
jad 1.5.8e Java decompiler
Command line and GUI tools to produce Java source code from Android
jadx 1.4.7
Dex and APK files
jaeles 220.f2032a5 The Swiss Army knife for automated Web Application Testing.
Penetration testing tool that would take as input a list of domain names,
scan them, determine if wordpress or joomla platform was used and finally
jaidam 18.15e0fec
check them automatically, for web vulnerabilities using two well-known
open source tools, WPScan and Joomscan.
jast 17.361ecde Just Another Screenshot Tool.
A tool that lets you intercept methods, alter data and otherwise hack Java
javasnoop 1.1
applications running on your computer
jboss-autopwn 1.3bc2d29 A JBoss script for obtaining remote shell access.
Web application protocol fuzzer that emerged from the needs of
jbrofuzz 2.5
penetration testing.
jbrute 1:0.99 Open Source Security tool to audit hashed passwords.
A utility to create dictionary files that will crack the default passwords of
jcrack 0.3.6
select wireless gateways
jd-cli 1.2.0 Command line Java Decompiler.
A standalone graphical utility that displays Java source codes of .class
jd-gui 1.6.6
files.
A library that interprets Java serialized objects. It also comes with a
jdeserialize 31.20635ba command-line tool that can generate compilable class declarations, extract
block data, and print textual representations of instance values.
jeangrey 40.01aef30 A tool to perform differential fault analysis attacks (DFA).
3.7.0.2019092
jeb-android Android decompiler.
72058
3.7.0.2019092
jeb-arm Arm decompiler.
72058
1:3.7.0.201909
jeb-intel Intel decompiler.
272058
1:3.7.0.201909
jeb-mips Mips decompiler.
272058
3.7.0.2019092
jeb-webasm WebAssembly decompiler.
72058
A low(zero) cost threat intelligence & response tool against phishing
jeopardize 5.34f1d07
domains.
jexboss 86.338b531 Jboss verify and Exploitation Tool.
jhead 3.06.0.1 EXIF JPEG info parser and thumbnail remover
jira-scan 7.447d0ec A simple remote scanner for Atlassian Jira
jndi-injection- A tool which generates JNDI links can start several servers to exploit
10.2dc4018
exploit JNDI Injection vulnerability, like Jackson, Fastjson, etc.
jNetMap helps you to keep an eye on your network. You can draw a
graphical representation of your network, and jNetMap will periodically
check if the devices are still up or a service is still running. You can also
jnetmap 0.5.5
set up E-mail notifications or let jNetMap execute a script when a device
goes down or comes up again. Additionally, you may attach notes to a
device, initiate an RDP/VNC/SSH connection to a device and much more.
john 1.9.0.jumbo1 John the Ripper password cracker
johnny 20120424 GUI for John the Ripper.
jok3r 447.0761996 Network and Web Pentest Framework.
This php script fingerprints a given Joomla system and then uses Packet
jomplug 0.1
Storm's archive to check for bugs related to the installed components.
Redirects internet traffic trough a mix of proxy servers to hide the origin
jondo 00.20.001
of the requests.
jooforce 11.43c21ad A Joomla password brute force tester.
Joomla scanner scans for known vulnerable remote file inclusion paths and
joomlascan 1.2
files.
joomlavs 254.eea7500 A black box, Ruby powered, Joomla vulnerability scanner.
Detects file inclusion, sql injection, command execution vulnerabilities of
joomscan 1:82.7931539
a target Joomla! web site.
Tool to analyzse JPEG images Reads binary files and parses the JPEG
jpegdump 0.0.7
markers inside them.
jpexs-
15.1.0 JPEXS Free Flash Decompiler.
decompiler
jsearch 44.87cf9c1 Simple script that grep infos from javascript files.
jsfuck 228.1f02651 Write any JavaScript with 6 Characters: []()!+.
jshell 7.ee3c92d Get a JavaScript shell with XSS.
A ready to use JSONP endpoints/payloads to help bypass content security
jsonbee 26.e106db2
policy (CSP).
A python 2.7 script using Tornado and JSBeautifier to parse relative URLs
jsparser 31.ccd3ab6
from JavaScript files. Useful for easily discovering AJAX requests.
A lightweight application used to find database information from a distant
jsql 0.81
server.
jsql-injection 0.85 A Java application for automatic SQL database injection.
jstillery 65.512e9af Advanced JavaScript Deobfuscation via Partial Evaluation.
juicy-potato 53.744d321 A sugared version of RottenPotatoNG, with a bit of juice.
junkie 1365.70a83d6 A modular packet sniffer and analyzer.
justdecompile 22018 The decompilation engine of JustDecompile.
Python tool created to identify Joomla version, scan for vulnerabilities and
juumla 94.1661231
search for config files.
jwscan 7.874b3a5 Scanner for Jar to EXE wrapper like Launch4j, Exe4j, JSmooth, Jar2Exe.
jwt-cracker 23.8130879 JWT brute force cracker written in C.
v1.1.2.r8.g06f
jwt-hack A tool for hacking / security testing to JWT.
b757
jwt-key-
10.d3b8ad4 Recovers the public key used to sign JWT tokens.
recovery
jwt-tool 69.6c7d430 Toolkit for validating, forging and cracking JWTs (JSON Web Tokens).
Script performs offline brute-force attacks against JSON Web Token
jwtcat 77.f80f3d9
(JWT)
jynx2 2.0 An expansion of the original Jynx LD_PRELOAD rootkit
k55 86.b3c4aa9 Linux x86_64 Process Injection Utility.
Tools for penetration testers that can enumerate which users logged on
kacak 1.0
windows system.
kadimus 183.ac5f438 LFI Scan & Exploit Tool.
Kali Linux is a Debian-based Linux distribution aimed at advanced
Penetration Testing and Security Auditing. Kali contains several hundred
Kali Linux 2023.1 tools which are geared towards various information security tasks, such as
Penetration Testing, Security research, Computer Forensics and Reverse
Engineering.
kalibrate-rtl 69.340003e Fork of http://thre.at/kalibrate/ for use with rtl-sdr devices.
kamerka 40.be17620 Build interactive map of cameras from Shodan.
A framework that seeks to unite general auditing tools, which are general
katana 1.0.0.1
pentesting tools (Network,Web,Desktop and others).
katana- A framework that seekss to unite general auditing tools, which are general
1.0.0.1
framework pentesting tools (Network,Web,Desktop and others).
v0.0.3.r7.gdb6
katana-pd Crawling and spidering framework.
29bb
Utility that sniffs HTTP Basic Authentication information and prints the
katsnoop 0.1
base64 decoded form.
Pwnage with Human Interface Devices using Teensy++2.0 and Teensy 3.0
kautilya 52.1c9d5b0
devices.
kcptun 20230214 A Secure Tunnel Based On KCP with N:M Multiplexing
keimpx 3:300.37190f4 Tool to verify the usefulness of credentials across a network over SMB.
2.2.0_2021121
kekeo A little toolbox to play with Microsoft Kerberos in C.
4
kerbcrack 1.3d3 Kerberos sniffer and cracker for Windows.
1:0.2.0.r7.g025
kerberoast Kerberoast attack -pure python-.
fe39
kerbrute 90.9cfb81e A tool to perform Kerberos pre-auth bruteforcing.
kernelpop 238.b3467d3 Kernel privilege escalation enumeration and exploitation framework.
Recon tool detecting changes of websites based on content-length
keye 29.d44a578
differences.
0.0.1.r0.g7d62 Convert OpenSSH known_hosts file hashed with HashKnownHosts to
kh2hc
c18 hashes crackable by Hashcat.
 A small tool designed to recover hashed known_hosts fields back to their
khc 0.2
plain-text equivalents.
kickthemout 212.861aea2 Kick devices off your network by performing an ARP Spoof attack.
killcast 30.ee81cfa Manipulate Chromecast Devices in your Network.
killerbee 398.748740d Framework and tools for exploiting ZigBee and IEEE 802.15.4 networks.
kimi 28.e7cafda Script to generate malicious debian packages (debain trojans).
A medium interaction SSH honeypot designed to log brute force attacks
kippo 285.0d03635
and most importantly, the entire shell interaction by the attacker.
802.11 layer2 wireless network detector, sniffer, and intrusion detection
kismet 2022_08_R1
system
Various scripts to convert kismet logs to kml file to be used in Google
kismet-earth 1:0.1
Earth.
A set of utilities that convert from Kismet logs to Google Earth .kml
kismet2earth 1.0
format
kismon 1.0.3 GUI client for kismet (wireless scanner/sniffer/monitor).
kiterunner 19.7d5824c Contextual Content Discovery Tool.
kitty 321.f19e811 Fuzzing framework written in python.
kitty-framework 352.cb07609 Fuzzing framework written in python.
klar 2.4.0 Integration of Clair and Docker Registry.
A symbolic virtual machine built on top of the LLVM compiler
klee 2.1
infrastructure.
klogger 1.0 A keystroke logger for the NT-series of Windows.
knock 2:78.3e7d95d Subdomain scanner.
KNXnet/IP scanning and auditing tool for KNX home automation
knxmap 252.6f40dd1
installations.
A Windows post-exploitation rootkit similar to other penetration testing
koadic 1:637.ac46c44
tools such as Meterpreter and Powershell Empire.
A web application fingerprinting engine written in Perl that combines
kolkata 3.0
cryptography with IDS evasion.
konan 23.7b5ac80 Advanced Web Application Dir Scanner.
A project to encrypt A5/1 GSM signaling using a Time/Memory Tradeoff
kraken 32.368a837
Attack.
krbrelayx 43.8269af0 Kerberos unconstrained delegation abuse toolkit.
kube-hunter 699.ff9f2c5 Hunt for security weaknesses in Kubernetes clusters.
kubesploit 86.2de2f12 Cross-platform post-exploitation HTTP/2 Command & Control server.
kubestriker 39.e1776ea A Blazing fast Security Auditing tool for Kubernetes.
kubolt 28.0027239 Utility for scanning public kubernetes clusters.
Python script to inject existing Android applications with a Meterpreter
kwetza 26.0e50272
payload.
l0l 322.1319ea7 The Exploit Development Kit.
laf 12.7a456b3 Login Area Finder: scans host/s for login panels.
lanmap2 1:127.1197999 Passive network mapping tool.
lans 1:148.9f8ef2d A Multithreaded asynchronous packet parsing/injecting arp spoofer.
latd 1.31 A LAT terminal daemon for Linux and BSD.
A collection of injectable files, designed to be used in a pentest when SQL
laudanum 1.0 injection flaws are found and are in multiple languages for different
environments.
An open source application used to retrieve lots of passwords stored on a
lazagne 845.8c9f962
local computer.
Tool written as a bash script to facilitate some aspects of an Android
lazydroid 25.0f559ec
Assessment
lbd 20130719 Load Balancing detector
Proof of concept scripts for advanced web application fingerprinting,
lbmap 147.2d15ace
presented at OWASP AppSecAsia 2012.
ld-shatner 4.5c215c4 ld-linux code injector.
ldap-brute 21.acc06e3 A semi fast tool to bruteforce values of LDAP injections over HTTP.
ldapdomaindum
0.9.4 Active Directory information dumper via LDAP.
p
ldapenum 1:0.1 Enumerate domain controllers using LDAP.
ldapscripts 2.0.8 Simple shell scripts to handle POSIX entries in an LDAP directory.
ldeep 199.a2c0edf In-depth ldap enumeration utility.
ldsview 47.d8bfcaa Offline search tool for LDAP directory dumps in LDIF format.
leaklooker 5.0d2b9fc Find open databases with Shodan.
leena 2.5119f56 Symbolic execution engine for JavaScript
legion 59.3c08884 Automatic Enumeration Tool based in Open Source tools.
leo 30696.f739f40 Literate programmer's editor, outliner, and project manager.
 65
A python tool that will allow remote execution of commands on a Jenkins
leroy-jenkins 3.bdc3965
server and its nodes.
lethalhta 2.5602402 Lateral Movement technique using DCOM and HTA.
letmefuckit-
3.f3be22b Scanner and Exploit Magento.
scanner
A mass audit toolkit which has wide range service discovery, brute force,
leviathan 35.a1a1d8c
SQL injection detection and running custom exploit capabilities.
levye 1:84.5406303 A brute force tool which is support sshkey, vnckey, rdp, openvpn.
lfi-autopwn 3.0 A Perl script to try to gain code execution on a remote server via LFI
This perl script leverages /proc/self/environ to attempt getting code
lfi-exploiter 1.1
execution out of a local file inclusion vulnerability.
A simple tool to help in the fuzzing for, finding, and exploiting of local
lfi-fuzzploit 1.1
file inclusion vulnerabilities in Linux-based PHP applications.
A simple script to infect images with PHP Backdoors for local file
lfi-image-helper 0.8
inclusion attacks.
This is a simple perl script that enumerates local file inclusion attempts
lfi-scanner 4.0
when given a specific target.
This tool helps you exploit LFI (Local File Inclusion) vulnerabilities. Post
lfi-sploiter 1.0 discovery, simply pass the affected URL and vulnerable parameter to this
tool. You can also use this tool to scan a URL for LFI vulnerabilities.
lfifreak 21.0c6adef A unique automated LFi Exploiter with Bind/Reverse Shells.
This script is used to take the highest beneficts of the local file include
lfimap 155.436ea01
vulnerability in a webserver.
lfisuite 85.470e01f Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner.
Recover event log entries from an image by heurisitically looking for
lfle 24.f28592c
record structures.
lft 1:3.91 A layer four traceroute implementing numerous other features.
lhf 40.51568ee A modular recon tool for pentesting.
libbde 318.8805b43 A library to access the BitLocker Drive Encryption (BDE) format.
libc-database 45.69815cd Database of libc offsets to simplify exploitation.
libdisasm 0.23 A disassembler library.
libfvde 191.df72aae Library and tools to access FileVault Drive Encryption (FVDE) encrypted
 volumes.
1:4248.2d10ff Collection of common code used in various sub-projects inside the
libosmocore
20 Osmocom family of projects.
libparistracerout A library written in C dedicated to active network measurements with
378.6fb8f48
e examples, such as paris-ping and paris-traceroute.
libpst 0.6.76 Outlook .pst file converter
High-level, multiplatform C++ network packet sniffing and crafting
libtins 1292.fa87e1b
library.
lief 0.12.1 Library to Instrument Executable Formats.
liffy 1:33.89dd4f8 A Local File Inclusion Exploitation tool.
lightbulb 88.9e8d6f3 Python framework for auditing web applications firewalls.
v0.4.1.r0.gabb
ligolo-ng An advanced, yet simple, tunneling tool that uses a TUN interface.
7e8a
Remotely dump RAM of a Linux client and create a volatility profile for
limeaide 305.ce3c9b7
later analysis on your local host.
limelighter 17.d119dc7 A tool for generating fake code signing certificates or signing real ones.
linenum 75.c47f9b2 Scripted Local Linux Enumeration & Privilege Escalation Checks
linikatz 46.113bab7 Tool to attack Active Directory on UNIX.
linkedin2userna
1:124.8196968 OSINT Tool: Generate username lists for companies on LinkedIn.
me
linkfinder 162.095bb62 Discovers endpoint and their parameters in JavaScript files.
linset 9.8746b1f Evil Twin Attack Bash script - An automated WPA/WPA2 hacker.
linux-exploit-
32.9db2f5a A Perl script that tries to suggest exploits based OS version number.
suggester
linux-exploit-
167.b6a730b Linux privilege escalation auditing tool.
suggester.sh
linux-inject 100.268d4e4 Tool for injecting a shared object into a Linux process.
linux-smart-
272.d69e353 Linux enumeration tool for pentesting and CTFs with verbosity levels.
enumeration
LionSec Linux is a Linux Penetration Testing Operating system based on
Ubuntu . It is a stable OS for security professional. It was built in order to
LionSec Linux 5.0 perform Computer Forensics , Penetration Tests , Wireless Analysis . With
the "Anonymous Mode" , you can browse the internet or send packets
anonymously . There are lots of inbuilt tools like netool ,websploit ,
 burpsuite , web analysis tools , social engineering tools and other
pentesting tools.
lisa.py 61.2d1f81a An Exploit Dev Swiss Army Knife.
list-urls 0.1 Extracts links from webpage
Penetration testing tool, search in a collection of thousands of private SSL
littleblackbox 0.1.3
keys extracted from various embedded devices.
OSINT tool to get informations on French, Belgian and Swizerland
littlebrother 112.338cf82
people.
lldb 15.0.7 Next generation, high-performance debugger
loadlibrary 104.c40033b Porting Windows Dynamic Link Libraries to Linux.
local-php- v2.0.6.r2.gef59 A command line tool that checks your PHP application packages with
security-checker 356 known security vulnerabilities.
locasploit 117.fa48151 Local enumeration and exploitation framework.
Lodowep is a tool for analyzing password strength of accounts on a Lotus
lodowep 1.2.1
Domino webserver system.
log-file-parser 60.c7a0ae7e Parser for $LogFile on NTFS.
log4j-bypass 33.f5c92f9 Log4j web app tester that includes WAF bypasses.
A fully automated, accurate, and extensive scanner for finding log4j RCE
log4j-scan 88.07f7e32
CVE-2021-44228.
logkeys 97.98aac72 Simple keylogger supporting also USB keyboards.
A fully automated, reliable, super-fast, mass scanning and validation
logmepwn 22.a8882bd
toolkit for the Log4J RCE CVE-2021-44228 vulnerability.
loic 2.9.9.99 An open source network stress tool for Windows.
loki-scanner 1189.2f0f824 Simple IOC and Incident Response Scanner.
lolbas 192.d148d27 Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts).
loot 51.656fb85 Sensitive information extraction tool.
lorcon 2:2020.06.06 Generic library for injecting 802.11 frames
lorg 98.aa4f1a3 Apache Logfile Security Analyzer.
bbb.r0.g91c26 Find the parameters that can be used to find SSRF or Out-of-band resource
lorsrf
ec load.
a relatively compact Perl script designed to scan remote hosts for default
lotophagi 0.1
(or common) Lotus NSF and BOX databases.
lsrtunnel 0.2 Spoofs connections using source routed packets.
 LTE SDR cell scanner optimized to work with very low performance RF
lte-cell-scanner 57.5fa3df8
front ends (8bit A/D, 20dB noise figure).
ltrace 0.7.3 Tracks runtime library calls in dynamically linked programs
A tool to convert unencrypted block devices to encrypted LUKS devices
luksipc 0.01
in-place.
lulzbuster 1.3.2 A very fast and smart web-dir/file enumeration tool written in C.
lunar 722.a9c64db A UNIX security auditing tool based on several security frameworks.
luyten 0.5.4 An Open Source Java Decompiler Gui for Procyon.
lynis 3.0.8 Security and system auditing tool to harden Unix/Linux systems
lyricpass 44.b1c8a6a Tool to generate wordlists based on lyrics.
Generates Malicious Macro and Execute Powershell or Shellcode via
m3-gen 7.7c656cc MSBuild Application Whitelisting Bypass. This tool intended for
adversary simulation and red teaming purpose.
A digital investigation tool that collects data from allocated files in a
mac-robber 1.02
mounted file system.
macchanger 1.7.0 A small utility to change your NIC's MAC address
A tool for collecting intelligence from public sites/feeds about various
machinae 195.360bb07
security-related pieces of data.
maclookup 1:0.4 Lookup MAC addresses in the IEEE MA-L/OUI public listing.
magescan 1.12.9 Scan a Magento site for information.
magicrescue 1.1.9 Find and recover deleted files on block devices
A penetration tester productivity tool designed to allow easy and
magictree 1.3 straightforward data consolidation, querying, external command execution
and report generation
maigret 866.9f2f4d5 Collect a dossier on a person by username from a huge number of sites.
mail-crawl 0.1 Tool to harvest emails from website.
mailsend-go 108.cb4c77b A multi-platform command line tool to send mail via SMTP protocol.
make-pdf 0.1.7 This tool will embed javascript inside a PDF document.
A packet generator that supports forging ARP, IP, TCP, UDP, ICMP and
maketh 0.2.0
the ethernet header as well.
Analyze a system's network communication using graphical
malcom 708.02e55b9
representations of network traffic.
malheur 0.5.4 A tool for the automatic analyze of malware behavior.
malice 0.3.28 VirusTotal Wanna Be - Now with 100% more Hipster.
An open source penetration testing tool written in python, that serves
maligno 2.5 Metasploit payloads. It generates shellcode with msfvenom and transmits
it over HTTP or HTTPS.
mallory 134.47094fb HTTP/HTTPS proxy over SSH.
Hosting exploit/backdoor detection daemon. It's written in python, and
uses inotify (pyinotify) to monitor file system activity. It checks files
malmon 0.3
smaller then some size, compares their md5sum and hex signatures against
DBs with known exploits/backdoor.
malscan 5.773505a A Simple PE File Heuristics Scanner.
An open source intelligence and forensics application, enabling to easily
maltego 4.3.1 gather information about DNS, domains, IP addresses, websites, persons,
etc.
89611.b14c17
maltrail Malicious traffic detection system.
6866
Originated as a fork of mwcrawler. It retrieves malware directly from the
maltrieve 342.b9e7560
sources as listed at a number of sites.
Python script that detects malicious files via checking md5 hashes from an
malware-check-
1.2 offline set or via the virustotal site. It has http proxy support and an update
tool
feature.
malwareanalyse
3.3 A freeware tool to perform static and dynamic analysis on malware.
r
Submits a file's SHA1 sum to VirusTotal to determine whether it is a
malwaredetect 0.1
known piece of malware
malwasm 0.2 Offline debugger for malware's reverse engineering.
A Python tool focused in discovering programming faults in network
malybuzz 1.0
software.
A toolkit for rogue access point (evilAP) attacks first presented at Defcon
mana 68.56bcfcd
22.
mando.me 9.8b34f1a Web Command Injection Tool.
Spider entire networks for juicy files sitting on SMB shares. Search
manspider 56.e10bb6a
filenames or file content - regex supported!
0.3.7.r71.g7f6
manticore Symbolic execution tool.
29c94
 A coverage-guided parallel fuzzer for open-source and blackbox binaries
manul 197.f525df9
on Windows, Linux and MacOS.
v1.1.1.r0.g72a Utility program to perform multiple operations for a given subnet/CIDR
mapcidr
8d97 ranges.
mara-
176.ac4ac88 A Mobile Application Reverse engineering and Analysis Framework.
framework
This python-based tool is a disassembler for the Atmel MARC4 (a 4 bit
marc4dasm 6.f11860f
Harvard micro).
marshalsec 10.2dc4018 Java Unmarshaller Security - Turning your data into code execution.
Tool to scan Web application and networks and easily and complete the
maryam 2:819.99ae85a
information gathering process.
A High-Performance word generator with a per-position configurable
maskprocessor 0.73
charset.
massbleed 20.44b7e85 Automated Pentest Recon Scanner.
TCP port scanner, spews SYN packets asynchronously, scanning entire
masscan 1.3.2
Internet in under 5 minutes
masscan-
26.a170abc Masscan integrated with Shodan API.
automation
massdns 290.164fd41 A high-performance DNS stub resolver in C.
1:v2.3.5.r1.g53
massexpconsole A collection of tools and exploits with a cli ui for mass exploitation.
0c880
Metadata Anonymisation Toolkit composed of a GUI application, a CLI
mat 0.6.1
application and a library.
A metadata removal tool, supporting a wide range of commonly used file
mat2 0.13.3
formats.
A reverse HTTP shell to execute commands on remote machines behind
matahari 0.1.30
firewalls.
matroschka 58.2f026a4 Python steganography tool to hide images or text in images.
A free fast traffic generator written in C which allows you to send nearly
mausezahn 0.40
every possible and impossible packet.
mbenum 1.5.0 Queries the master browser for whatever information it has registered.
A small, non-interactive utility that scans mail folders for messages
mboxgrep 0.7.9 matching regular expressions. It does matching against basic and extended
POSIX regular expressions, and reads and writes a variety of mailbox
 formats.
Utilities for viewing data and exporting schema from Microsoft Access
mdbtools 738.823b32f
Database files.
mdcrack 1.2 MD4/MD5/NTLM1 hash cracker
mdk3 v6 WLAN penetration tool
Proof-of-Concept tool to exploit common IEEE 802.11 protocol
mdk4 4.2
weaknesses.
mdns-recon 11.69b864e An mDNS recon tool written in Python.
mdns-scan 0.5 Scan mDNS/DNS-SD published services on the local network.
meanalyzer 1.273.0 Intel Engine Firmware Analysis Tool.
medusa 2.2 Speedy, massively parallel and modular login brute-forcer for network
meg 87.9daab00 Fetch many paths for many hosts - without killing the hosts.
An ELF fuzzer that mutates the existing data in an ELF sample given to
create orcs (malformed ELFs), however, it does not change values
melkor 1.0
randomly (dumb fuzzing), instead, it fuzzes certain metadata with semi-
valid values through the use of fuzzing rules (knowledge base).
memdump 1.01 Dumps system memory to stdout, skipping over holes in memory maps.
memfetch 0.05b Dumps any userspace process memory without affecting its execution.
memimager 1.0 Performs a memory dump using NtSystemDebugControl.
Mentalist is a graphical tool for custom wordlist generation. It utilizes
mentalist 6.953a07b common human paradigms for constructing passwords and can output the
full wordlist as well as rules compatible with Hashcat and John the Ripper.
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control
merlin-server 1.3.0
server and agent written in golang.
metabigor 59.f012781 Intelligence Tool but without API key.
MetaCoretex is an entirely JAVA vulnerability scanning framework for
metacoretex 0.8.0
databases.
v1.2.r0.g2caed Search for documents in a domain through Search Engines (Google, Bing
metafinder
73 and Baidu). The objective is to extract metadata.
metaforge 115.7b32693 Auto Scanning to SSL Vulnerability.
An information gathering tool designed for extracting metadata of public
metagoofil 78.d1e00fe
documents.
metame 14.8d583a0 A simple metamorphic code engine for arbitrary executables.
 Advanced open-source platform for developing, testing, and using exploit
metasploit 6.3.15
code
metasploit-
12.09320cc db_autopwn plugin of metasploit.
autopwn
A way to take shellcode, inject it into memory then tunnel whatever port
meterssh 18.9a5ed19 you want to over SSH to mask any type of communications as a normal
SSH connection.
Tool for scanning the HTTP methods supported by a webserver. It works
metoscan 05
by testing a URL and checking the responses for the different requests.
mfcuk 0.3.8 MIFARE Classic Universal toolKit
0.10.7+38+gba
mfoc Mifare Classic Offline Cracker
072f1
mfsniffer 0.1 A python script for capturing unencrypted TSO login credentials.
mft2csv 40.164eb224 Extract $MFT record info and log it to a csv file.
mftcarver 9.7bfcc0a2 Carve $MFT records from a chunk of data (for instance a memory dump).
mftrcrd 16.35c3ac2f Command line $MFT record decoder.
Resolve file index number to name or vice versa on NTFS. A simple tool
mftref2name 6.7df9eebb that just converts MFT reference number to file name and path, or the
other way around.
An open-source SNMP MIB parser (or SMI parser) written in Java. It can
mibble 2.10.1
be used to read SNMP MIB files as well as simple ASN.1 files.
Fast and easy create backdoor office exploitation using module metasploit
microsploit 9.441e132
packet, Microsoft Office, Open Office, Macro attack, Buffer Overflow.
middler 1.0 A Man in the Middle tool to demonstrate protocol middling attacks.
mikrotik-npk 11.d54e97c Python tools for manipulating Mikrotik NPK format.
Dotmil subdomain discovery tool that scrapes domains from official DoD
mildew 11.df49c23
website directories and certificate transparency logs.
2.2.0_2021081
mimikatz A little tool to play with Windows security.
0
mimipenguin 152.880a427 A tool to dump the login password from the current linux user.
A network reconnaissance tool designed to facilitate large address
mingsweeper 1.00
space,high speed node discovery and identification.
A command-line program which decodes (or generates) audio modem
minimodem 353.bb2f34c
tones at any specified baud rate, using various framing protocols.
 A multi-platform application used to audit web sites in order to discover
minimysqlator 0.5
and exploit SQL injection vulnerabilities.
A Python-based Universal Plug-N-Play client application designed to
miranda-upnp 1.3
discover, query and interact with UPNP devices
miredo 1.2.6 Teredo client and server.
missidentify 1.0 A program to find Win32 applications.
missionplanner 1.3.76 A GroundControl Station for Ardupilot.
A simple yet effective python3 script to perform DNS spoofing via ARP
mitm 8.bd2b351
poisoning.
Hackish way to intercept and modify non-HTTP protocols through Burp &
mitm-relay 40.1b74741
others.
mitm6 33.8e75884 Pwning IPv4 via IPv6.
mitmap 89.b590f9a A python program to create a fake AP and sniff data.
Shell Script for launching a Fake AP with karma functionality and
mitmap-old 1:0.1
launches ettercap for packet capture and traffic manipulation.
A man-in-the-middle and phishing attack tool that steals the victim's
mitmer 22.b01c7fe
credentials of some web services like Facebook.
mitmf 467.0458300 A Framework for Man-In-The-Middle attacks written in Python.
mitmproxy 9.0.1 SSL-capable man-in-the-middle HTTP proxy
mkbrutus 27.ddd5f8e Password bruteforcer for MikroTik devices or boxes running RouterOS.
mkyara 3.8147f91 Tool to generate YARA rules based on binary code.
An open-source forensic framework written in Python/GTK that manages
mobiusft 1.12 cases and case items, providing an abstract interface for developing
extensions.
An intelligent, all-in-one open source mobile application (Android/iOS)
1:1833.b43b56
mobsf automated pen-testing framework capable of performing static, dynamic
1a
analysis and web API testing.
v.1.1.0.r47.gfb
modlishka A powerful and flexible HTTP reverse proxy.
7f111
modscan 0.1 A new tool designed to map a SCADA MODBUS TCP based network.
An open source large scale IPv4 full PCAP capturing, indexing and
moloch 0.11.3
database system.
mongoaudit 222.70b83e8 A powerful MongoDB auditing and pentesting tool .
 A local network host discovery tool. In passive mode, it will listen for
ARP request and reply packets. In active mode, it will send ARP requests
monocle 1.0
to the specific IP range. The results are a list of IP and MAC addresses
present on the local network.
A fast HTTP enumerator that allows you to execute a large number of
monsoon 261.f4f9852
HTTP requests.
v1.0.0.r18.g68 Cover your tracks during Linux Exploitation by leaving zero traces on
moonwalk
d5be1 system logs and filesystem timestamps.
mooscan 1:10.82963b0 A scanner for Moodle LMS.
morpheus 165.5d81c9e Automated Ettercap TCP/IP Hijacking Tool.
A password cracking tool written in perl to perform a dictionary-based
morxbook 1.0
attack on a specific Facebook user through HTTPS.
A customizable HTTP dictionary-based password cracking tool written in
morxbrute 1.01
Perl
morxbtcrack 1.0 Single Bitcoin private key cracking tool released.
morxcoinpwn 1.0 Mass Bitcoin private keys brute forcing/Take over tool released.
A cracking tool written in Perl to perform a dictionary-based attack on
morxcrack 1.2
various hashing algorithm and CMS salted-passwords.
morxkeyfmt 1.0 Read a private key from stdin and output formatted data values.
morxtraversal 1.0 Path Traversal checking tool.
morxtunel 1.0 Network Tunneling using TUN/TAP interfaces over TCP tool.
morxtunnel 1.0 Network Tunneling using TUN/TAP interfaces over TCP tool.
mosca 130.a7e725d Static analysis tool to find bugs like a grep unix command.
mosquito 39.fe54831 XSS exploitation tool - access victims through HTTP proxy.
mots 5.34017ca Man on the Side Attack - experimental packet injection and detection.
motsa-dns-
2.6ac6980 ManOnTheSideAttack-DNS Spoofing.
spoofing
mousejack 5.58b69c1 Wireless mouse/keyboard attack with replay/transmit poc.
A tool aimed at analyzing and capturing data that is hidden between
mp3nema 0.4
frames in an MP3 file or stream, otherwise noted as "out of band" data.
A tool for manipulation of raw packets that allows a large number of
mptcp 1.9.0
options.
mptcp-abuse 6.b0eeb27 A collection of tools and resources to explore MPTCP on your network.
 Initially released at Black Hat USA 2014.
A one-stop-shop for IoT Broker penetration-testing and security
mqtt-pwn 43.40368e5
assessment operations.
mrkaplan 1:1.1.1 Help red teamers to stay hidden by clearing evidence of execution.
mrsip 110.bdd98ad SIP-Based Audit and Attack Tool.
mrtparse 521.23e569c A module to read and analyze the MRT format data.
ms-sys 2.7.0 A tool to write Win9x-.. master boot records (mbr) under linux - RTM!
msf-mpc 35.8007ef2 Msfvenom payload creator.
msfdb 16.09c603b Manage the metasploit framework database.
msfenum 36.6c6b77e A Metasploit auto auxiliary script.
msmailprobe 1.c01c8bf Office 365 and Exchange Enumeration tool.
mssqlscan 0.8.4 A small multi-threaded tool that scans for Microsoft SQL Servers.
msvpwn 1:65.328921b Bypass Windows' authentication via binary patching.
Combines the functionality of traceroute and ping into one tool (CLI
mtr 0.95
version)
mtscan 153.185d099 Mikrotik RouterOS wireless scanner.
mubeng 160.05461a5 An incredibly fast proxy checker & IP rotator with ease.
Automatic SQL injection utility using a lsit of URI addresses to test
multiinjector 0.4
parameter manipulation.
multimac 1.0.3 Multiple MACs on an adapter
multimon-ng 1.2.0 An sdr decoder, supports pocsag, ufsk, clipfsk, afsk, hapn, fsk, dtmf, zvei.
multiscanner 1559.86e0145 Modular file scanning/analysis framework.
multitun 1:1.319a134 Tunnel arbitrary traffic through an innocuous WebSocket.
munin-
237.3b5558e Online hash checker for Virustotal and other services
hashchecker
Almost-transparent reverse proxy to automate phishing and post-phishing
muraena 178.cec3b66
activities.
This project aims to be a wordlist mutator with hormones, which means
that some mutations will be applied to the result of the ones that have been
mutator 51.164132d
already done, resulting in something like: corporation ->
C0rp0r4t10n_2012
mwebfp 16.a800b98 Mass Web Fingerprinter.
mxtract 90.0b34376 Memory Extractor & Analyzer.
mybff 94.6547c51 A Brute Force Framework.
This cli is for pentesters, CTF players, or dev. You can modify your jwt,
myjwt 195.73c4d58
sign, inject, etc.
mylg 659.faba867 Network Diagnostic Tool.
mysql2sqlite 1:14.e5b2c31 Converts a mysqldump file into a Sqlite 3 compatible file.
n1qlmap 2.5365444 An N1QL exploitation tool.
naabu 781.7e27650 A fast port scanner written in go with focus on reliability and simplicity.
nacker 23.b67bb39 A tool to circumvent 802.1x Network Access Control on a wired LAN.
naft 0.0.9 Network Appliance Forensic Toolkit.
v1.2.r7.g8b787
narthex Modular personalized dictionary generator.
46
nasnum 5.df5df19 Script to enumerate network attached storages.
Decodes and displays all NetBIOS name packets it receives on UDP port
nbname 1.0
137 and more!
nbnspoof 1.0 NBNSpoof - NetBIOS Name Service Spoofer
A utility for Windows that can be used to enumerate NetBIOS information
nbtenum 3.3
from one host or a range of hosts.
Some tools for NetBIOS and DNS investigation, attacks, and
nbtool 1:2.bf90c76
communication.
NBTscan is a program for scanning IP networks for NetBIOS name
nbtscan 1.7.2
information.
ncpfs 2.2.6 Allows you to mount volumes of NetWare servers under Linux.
ncrack 0.7 A high-speed network authentication cracking tool
necromant 4.53930c2 Python Script that search unused Virtual Hosts in Web Servers.
needle 579.891b660 The iOS Security Testing Framework.
neglected 1:8.68d02b3 Facebook CDN Photo Resolver.
neighbor-cache-
83.f1e596f An ARP based Operating System version scanner.
fingerprinter
nemesis 329.b1d398c command-line network packet crafting and injection utility
1:v5.0.1.r7.g6b
neo-regeorg Improved version of reGeorg, HTTP tunneling pivot tool
d94c6
net-creds 87.07a25e1 Sniffs sensitive data from interface or pcap.
netactview 0.6.4 A graphical network connections viewer similar in functionality to netstat
netattack 2:24.230b856 Python script to scan and attack wireless networks.
netbios-share- This tool could be used to check windows workstations and servers if they
1.0
scanner have accessible shared resources.
netbus 1.6 NetBus remote adminsitration tool
netcommander 1.3 An easy-to-use arp spoofing tool.
netcon 0.1 A network connection establishment and management script.
An active/passive address reconnaissance tool, mainly developed for those
netdiscover 218.ff28964 wireless networks without dhcp server, when you are wardriving. It can be
also used on hub/switched networks.
netkit-bsd-
0.17 BSD-finger ported to Linux.
finger
netkit-rusers 0.17 Logged in users; Displays who is logged in to machines on local network.
netkit-rwho 0.17 Remote who client and server (with Debian patches).
netmap 0.1.3 Can be used to make a graphical representation of the surounding network.
netmask 2.4.4 Helps determine network masks
A collection of network scan/recon tools that are relatively small
netreconn 1.78
compared to their larger cousins.
netripper 84.c763bd0 Smart traffic sniffing for penetration testers.
Tcp/Udp/Tor port scanner with: synpacket, connect TCP/UDP and socks5
netscan 1.0
(tor connection).
netscan2 1:58.a1db723 Active / passive network scanner.
Small and handful utility design to alter the contents of packets forwarded
netsed 1.3
thru network in real time.
netsniff-ng 0.6.8 A high performance Linux network sniffer for packet inspection.
netstumbler 0.4.0 Well-known wireless AP scanner and sniffer.
0.0.3.6.r128.gd
nettacker Automated Penetration Testing Framework.
2ae55a3
network-app-
19.df75391 Network Application Stress Testing Yammer.
stress-tester
networkmap 58.f5faf17 Post-exploitation network mapper.
A Network Forensic Analysis Tool for advanced Network Traffic
networkminer 2.7.3
Analysis, sniffer and packet analyzer.
netz v0.1.0.r8.g375 Discover internet-wide misconfigurations while drinking coffee.
 4e56
An open source tool for reverse engineering, traffic generation and fuzzing
netzob 1.0.2
of communication protocols.
nexfil 43.4d93c57 OSINT tool for finding profiles by username.
nextnet 3.c8dc7a6 Pivot point discovery tool.
Provides a simple 'lsnfc' command that list tags which are in your NFC
nfcutils 0.3.2
device field
nfdump 1.6.23 A set of tools to collect and process netflow data.
A tool for extracting files from the network in real-time or post-capture
nfex 2.5
from an offline tcpdump pcap savefile.
A Python library for automating the falsification of NFS credentials when
nfspy 1.0
mounting an NFS share.
nfsshell 19980519 Userland NFS command tool.
A grep-like utility that allows you to search for network packets on an
ngrep 1.47
interface.
A tunneling, reverse proxy for developing and understanding networked,
ngrok 3.2.2
HTTP services.
A tool to receive notifications from kernel through netlink socket, and
nield 38.0c0848d generate logs related to interfaces, neighbor cache(ARP,NDP), IP
address(IPv4,IPv6), routing, FIB rules, traffic control.
A web server scanner which performs comprehensive tests against web
nikto 2.1.6
servers for multiple items
Tool for Network Scan, Man in the Middle, Protocol Reverse Engineering
nili 39.285220a
and Fuzzing.
nimbostratus 54.c7c206f Tools for fingerprintinging and exploiting Amazon cloud infrastructures.
nipe 302.9e628df A script to make Tor Network your default gateway.
nipper 0.11.7 Network Infrastructure Parser
nirsoft 1.23.30 Unique collection of small and useful freeware utilities.
nishang 0.7.6 Using PowerShell for Penetration Testing.
A static application testing (SAST) tool that can find insecure code
njsscan 0.3.1
patterns in your node.js applications.
nkiller2 2.0 A TCP exhaustion/stressing tool.
nmap 7.93 Utility for network discovery and security auditing
nmap-parse-
23.6405abf Converts/manipulates/extracts data from a nmap scan output.
output
Tool to scan the shares of a SMB/NetBIOS network, using the
nmbscan 1.2.6
NMB/SMB/NetBIOS protocols.
nohidy 67.22c1283 The system admins best friend, multi platform auditing tool.
nomorexor 2.84489f9 Tool to help guess a files 256 byte XOR key by using frequency analysis
noriben 171.2855a5e Portable, Simple, Malware Analysis Sandbox.
Python tool to automate exploit MongoDB server IP on Internet and
nosqlattack 98.a5b0329 disclose the database data by MongoDB default configuration weaknesses
and injection attacks.
nosqli 37.6fce3eb NoSQL scanner and injector.
nosqli-user- Script to enumerate usernames and passwords from vulnerable web
18.1b3713a
pass-enum applications running MongoDB.
nosqlmap 296.9502b8c Automated Mongo database and NoSQL web application exploitation tool
notspikefile 1:0.1 A Linux based file format fuzzing tool
novahot 23.69857bb A webshell framework for penetration testers.
nray 59.30517fd Distributed port scanner.
A netgear switch discovery tool. It contains some extra features like
nsdtool 0.1
bruteoforce and setting a new password.
nsearch 353.bd8205b Minimal script to help find script into the nse database.
A tool to enumerate the resource records of a DNS zone using its
nsec3map 20.1263537
DNSSEC NSEC or NSEC3 chain.
nsec3walker 20101223 Enumerates domain names using DNSSEC
A website scanner that monitors websites in realtime in order to detect
nsia 1.0.6 defacements, compliance violations, exploits, sensitive information
disclosure and other issues.
nsntrace 81.4d02e74 Perform network trace of a single process by using network namespaces.
A Network Security Tool for packet manipulation that allows a large
nsoq 1.9.5
number of options.
This application dumps LM and NTLM hashes from active accounts
ntds-decode 0.1
stored in an Active Directory database.
ntdsxtract 34.7fa1c8c Active Directory forensic framework.
ntfs-file- 6.f2b23d72 Extract files off NTFS.
extractor
ntfs-log-tracker 1:1.6 This tool can parse $LogFile, $UsnJrnl of NTFS.
ntlm-challenger 8.bd61ef6 Parse NTLM over HTTP challenge messages.
A simple python tool based on Impacket that tests servers for various
ntlm-scanner 6.4b29329
known NTLM vulnerabilities.
ntlm-theft 20.81589ea A tool for generating multiple types of NTLMv2 hash theft files.
A tool to enumerate information from NTLM authentication enabled web
ntlmrecon 75.da150d6
endpoints.
An active fingerprinting utility specifically designed to identify the OS the
ntp-fingerprint 0.1
NTP server is running on.
Script to pull addresses from a NTP server using the monlist command.
ntp-ip-enum 0.1
Can also output Maltego resultset.
ntpdos 1:4.3fe389b Create a DDOS attack using NTP servers.
1:v2.9.1.r0.g5b Nuclei is a fast tool for configurable targeted scanning based on templates
nuclei
22ca84 offering massive extensibility and ease of use.
Tool that can be used to enumerate OS information, domain information,
nullinux 123.a647159
shares, directories, and users through SMB null sessions.
nullscan 1.0.1 A modular framework designed to chain and automate security tests.
nxcrypt 32.6ae06b5 NXcrypt - python backdoor framework.
nzyme 1.2.2 WiFi defense system.
A tool to show informations about SSL certificate and tests the SSL
o-saft 5211.eff0a006
connection according given list of ciphers and various SSL configurations.
Username enumeration and password enuming tool aimed at Microsoft
o365enum 17.2d4f99c
O365.
o365spray 146.a794c97 Auto Scanning to SSL Vulnerability.
A toolkit that could be used to audit security within Oracle database
oat 1.3.1
servers.
obevilion 409.29fbe9d Another archive cracker created in python | cracking [zip/7z/rar].
obexstress 0.1 Script for testing remote OBEX service for some potential vulnerabilities.
obfs4proxy 0.0.13 A pluggable transport proxy written in Go.
obfsproxy 0.2.13 A pluggable transport proxy written in Python
objdump2shellc
28.c2d6120 A tool I have found incredibly useful whenever creating custom shellcode.
ode
objection 1.11.0 Instrumented Mobile Pentest Framework.
oclhashcat 1:2.01 Worlds fastest WPA cracker with dictionary mutation engine.
Compact mass scanner for Cisco routers with default telnet/enable
ocs 0.2
passwords.
Internal pentest framework running in your browser via WebAssembly,
octopwnweb 14.e0f83ee
powerd by Pyodide
office-dde- Collection of scripts and templates to generate Office documents
34.53291f9
payloads embedded with the DDE, macro-less command execution technique.
An OpenFlow sniffer to help network troubleshooting in production
ofp-sniffer 230.4b79b6c
networks.
ohrwurm 1.7a1182a A small and simple RTP fuzzer.
okadminfinder 80.b367ec7 Tool to find admin panels / admin login pages.
Analyze OLE files (Compound File Binary Format). These files contain
oledump 0.0.69
streams of data. This tool allows you to analyze these streams.
oletools 1:0.54.1 Tools to analyze Microsoft OLE2 files.
ollydbg 201g A 32-bit assembler-level analysing debugger
omen 19.10aa99e Ordered Markov ENumerator - Password Guesser.
omnibus 129.88dbf5d OSINT tool for intelligence collection, research and artifact management.
Hash files, strings, input streams and network resources in various
omnihash 70.870e9ae
common algorithms simultaneously.
one-lin3r 63.9fdfa5f Gives you one-liners that aids in penetration testing and more.
An SNMP scanner that sends multiple SNMP requests to multiple IP
onesixtyone 0.7
addresses
v1.0.0.r2.gd4a Use unicornscan to quickly scan all open ports, and then pass the open
onetwopunch
b4e8 ports to nmap for detailed scans.
onioff 84.34dc309 An onion url inspector for inspecting deep web links.
v1.0.13.r1.g1a
oniongrok Onion addresses for anything.
01be8
onionscan 130.da42865 Scan Onion Services for Security Issues.
onionsearch 43.ab4095c Script that scrapes urls on different ".onion" search engines.
onionshare 2.6 Securely and anonymously share a file of any size.
open-iscsi 2.1.8 iSCSI userland tools
opendoor 422.d1ed311 OWASP Directory Access scanner.
openpuff 4.01 Yet not another steganography SW.
v0.0.1.r7.g218 Generates a risk score based on the results of a Nuclei scan using
openrisk
de01 OpenAI's GPT-3 model.
1.3.7.r48.ga6d
openscap Open Source Security Compliance Solution.
6753f1
A tool implemented in Java for generic steganography, with support for
openstego 0.8.4
password-based encryption of the data.
A security tool implementing "attacks" to be able to the resistance of
opensvp 65.df54ed8
firewall to protocol level attack.
openvas 6.0.1 The OpenVAS scanning Daemon
openvas-cli 1.4.5 The OpenVAS Command-Line Interface
openvas-
9.0.2 The OpenVAS libraries
libraries
openvas-
7.0.3 A layer between the OpenVAS Scanner and various client applications
manager
openvas-
22.4.0 The OpenVAS scanning Daemon
scanner
Framework based on fingerprint action, this tool is used for get
information on a website or a enterprise target with multiple modules
operative 1:148.163acdf
(Viadeo search,Linkedin search, Reverse email whois, Reverse ip whois,
SQL file forensics ...).
ophcrack 3.8.0 Windows password cracker based on rainbow tables
This tool can crack passwords which are encrypted using Oracle's latest
orakelcrackert 1.00
SHA1 based password protection algorithm.
Aims at providing a scripting tool to generate and analyze malicious PDF
origami 2.1.0
files.
orjail 200.ae38ba2 A more secure way to force programs to exclusively use tor network.
oscanner 1.0.6 An Oracle assessment framework developed in Java.
osert 80.f6cef2d Markdown Templates for Offensive Security exam reports.
Prevents remote active/passive OS fingerprinting by tools like nmap or
osfooler-ng 2.c0b20d6
p0f.
Instagram OSINT Tool gets a range of information from an Instagram
osi.ig 101.4debaa2
account.
osint-spy 25.03dcf48 Performs OSINT scan on email/domain/ip_address/organization.
osinterator 3.8447f58 Open Source Toolkit for Open Source Intelligence Gathering.
1.3.r5.g50d44f OSINT tool offering an interactive shell to perform analysis on Instagram
osintgram
d account of any users by its nickname.
A project focused on providing API and tools to perform more accurate
osrframework 840.e02a6e9
online researches.
A small tool that implements part of the functionality of the Microsoft tool
osslsigncode 333.b967175
signtool.exe.
An open-source, cross-platform packet/traffic generator and analyzer with
ostinato 0.9 a friendly GUI. It aims to be "Wireshark in Reverse" and thus become
complementary to Wireshark.
A simple Python script to exploit the OpenSSH User Enumeration Timing
osueta 82.2ee8068
Attack.
A python-based toolbox intended to allow useful exploitation of XML
otori 0.3
external entity ("XXE") vulnerabilities.
outguess 0.2 A universal steganographic tool.
outlook-
1.61d7177 Microsoft Outlook WebAPP Brute.
webapp-brute
owabf 1.3 Outlook Web Access bruteforcer tool.
OWASP Broken Web Applications Project is a collection of vulnerable
web applications that is distributed on a Virtual Machine. The Broken
OWASP
Web Applications (BWA) Project produces a Virtual Machine running a
Broken Web
1.2 variety of applications with known vulnerabilities for those interested in:
Applications
learning about web application security; testing manual assessment
Project
techniques; testing automated tools; testing source code analysis tools;
observing web attacks; testing WAFs and similar code technologies.
OWASP Mutillidae II is a free, open source, deliberately vulnerable web-
application providing a target for web-security enthusiast. Mutillidae can
be installed on Linux and Windows using LAMP, WAMP, and XAMMP.
It is pre-installed on SamuraiWTF and OWASP BWA. The existing
OWASP version can be updated on these platforms. With dozens of vulns and hints
2.6.67
Mutillidae II to help the user; this is an easy-to-use web hacking environment designed
for labs, security enthusiast, classrooms, CTF, and vulnerability
assessment tool targets. Mutillidae has been used in graduate security
courses, corporate web sec training courses, and as an "assess the assessor"
target for vulnerability assessment software.
owasp-bywaf 26.e730d1b A web application penetration testing framework (WAPTF).
owasp-zsc 315.5bb9fed Shellcode/Obfuscate Code Generator.
owtf 2187.af993ecb The Offensive (Web) Testing Framework.
p0f 3.09b Purely passive TCP/IP traffic fingerprinting tool
pacaur 4.7.10 An AUR helper that minimizes user interaction.
pack 0.0.4 Password Analysis and Cracking Kit
tool for creating identical machine images for multiple platforms from a
packer 1.8.7
single source configuration
tool for creating identical machine images for multiple platforms from a
packer-io 1.2.4
single source configuration
Script which uses a PEiD database to identify which packer (if any) is
packerid 1.4
being used by a binary.
A real time packet processor. Reads the packet from an input module,
packet-o-matic 351 match the packet using rules and connection tracking information and then
send it to a target module.
packeth 2.1 A Linux GUI packet generator tool for ethernet.
packetq 280.740a99e A tool that provides a basic SQL-frontend to PCAP-files.
An open source utility to allow sending and receiving TCP and UDP
packetsender 877.d548e7e
packets.
A network auditing tool. Its value is derived from its ability to customize,
packit 1.0
inject, monitor, and manipulate IP traffic.
The AWS exploitation framework, designed for testing the security of
pacu 1166.76d4474
Amazon Web Services environments.
Packet Acumen - Analyse encrypted network traffic and more (side-
pacumen 1.92a0884
channel attacks).
padbuster 11.50e4a3e Automated script for performing Padding Oracle attacks.
A demonstration tool that employs several techniques to detect sandboxes
pafish 193.b497899
and analysis environments in the same way as malware families do.
Google dork script to collect potentially vulnerable web pages and
pagodo 127.3fa6cfb
applications on the Internet.
paketto 1.10 Advanced TCP/IP Toolkit.
panhunt 63.ec87e88 Searches for credit card numbers (PANs) in directories.
panoptic 185.df35a6c A tool that automates the process of search and retrieval of content for
 common log and config files through LFI vulnerability.
pappy-proxy 77.e1bb049 An intercepting proxy for web application testing.
parameth 56.8da6f27 This tool can be used to brute discover GET and POST parameters.
parampampam 45.9171018 This tool for brute discover GET and POST parameters.
paranoic 1.7 A simple vulnerability scanner written in Perl.
Java-based HTTP/HTTPS proxy for assessing web app vulnerabilities.
paros 3.2.13 Supports editing/viewing HTTP messages on-the-fly, spiders, client
certificates, proxy-chaining, intelligent scanning for XSS and SQLi, etc.
Security GNU/Linux distribution designed with cloud pentesting and IoT
Parrot Security security in mind. It includes a full portable laboratory for security and
4.6
OS digital forensics experts, but it also includes all you need to develop your
own softwares or protect your privacy with anonymity and crypto tools.
parse-evtx 3.a4b02b9 A tool to parse the Windows XML Event Log (EVTX) format.
parsero 81.e5b585a A robots.txt audit tool.
Examines the contents of Internet Explorer's cache files for forensic
pasco 20040505_1
purposes
v1.4.0.r24.gd6 CLI & library to search for default credentials among thousands of
pass-station
b481c Products / Vendors.
passcracking 20131214 A little python script for sending hashes to passcracking.com and milw0rm
Tool to extract RSA and DSA private keys from any process linked with
passe-partout 0.1 OpenSSL. The target memory is scanned to lookup specific OpenSSL
patterns.
passhunt 5.332f374 Search drives for documents containing passwords.
A network sniffer that logs all DNS server replies for use in a passive DNS
passivedns 292.c411c46
setup.
pastejacker 12.ed9f153 Hacking systems with the automation of PasteJacking attacks.
Scrape Pastebin API to collect daily pastes, setup a wordlist and be alerted
pastemonitor 8.b3551f1
by email when you have a match..
pasv-agrsv 57.6bb54f7 Passive recon / OSINT automation script.
patator 1:214.b97f8b2 A multi-purpose bruteforcer.
patchkit 37.95dc699 Powerful binary patching from Python.
Checks for PATH substitution vulnerabilities and logs the commands
pathzuzu 64.4f4533c
executed by the vulnerable executables.
 Web Payload list editor to use techniques to try bypass web application
payloadmask 17.58e0525
firewall.
payloadsalltheth A list of useful payloads and bypass for Web Application Security and
1715.579207a
ings Pentest/CTF.
pblind 1.0 Little utility to help exploiting blind sql injection vulnerabilities.
Faster and more efficient stateless SYN scanner and banner grabber due to
pbscan 10.566c3d7
userland TCP/IP stack usage.
pcapfex 60.c51055a Packet CAPture Forensic Evidence eXtractor.
pcapfix 1.1.7 Tries to repair your broken pcap and pcapng files.
A tool for dumping SIP sessions (+RTP traffic, if available) to disk in a
pcapsipdump 0.2 fashion similar to 'tcpdump -w' (format is exactly the same), but one file
per sip session (even if there is thousands of concurrect SIP sessions).
pcapteller 1.1 A tool designed for traffic manipulation and replay.
A Network Forensics Tool - To visualize a Packet Capture offline as a
pcapxray 274.1721645 Network Diagram including device identification, highlight important
communication and file extraction.
Tool, which uses PCIe hardware devices to read and write from the target
pcileech 4.15
system memory.
pcode2code 6.65ae983 VBA p-code decompiler.
A tool that extracts credit card numbers, NTLM(DCE-RPC, HTTP, SQL,
LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP,
pcredz 81.4565195
POP, SMTP, FTP, IMAP, and more from a pcap file or from a live
interface.
pdblaster 4.fc8abb3 Extract PDB file paths from large sample sets of executable files.
Parses a PDF document to identify the fundamental elements used in the
pdf-parser 0.7.6
analyzed file.
pdfbook-
1:2 Utility for facebook memory forensics.
analyzer
pdfcrack 0.20 Password recovery tool for PDF-files.
pdfgrab 15.1327508 Tool for searching pdfs withthin google and extracting pdf metadata.
pdfid 0.2.8 Scan a file to look for certain PDF keywords.
pdfresurrect 0.12 A tool aimed at analyzing PDF documents.
pdfwalker 1:7.64c17f0 Frontend to explore the internals of a PDF document with Origami
pdgmail 1.0 A password dictionary attack tool that targets windows authentication via
 the SMB protocol.
pe-bear 0.5.5.7 A freeware reversing tool for PE files.
Scans a given process. Recognizes and dumps a variety of potentially
pe-sieve 0.3.5 malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory
patches).
A SmartFuzzer that is capable of performing both generation and mutation
peach 3.0.202
based fuzzing.
peach-fuzz 55.404e8ee Simple vulnerability scanning framework.
20230425.bd7
peass 331ea.r7.g296 Privilege Escalation Awesome Scripts SUITE (with colors).
3e47
peda 1.2 Python Exploit Development Assistance for GDB
A Python tool to explore PDF files in order to find out if the file can be
peepdf 0.4.2
harmful or not
peepingtom 1:56.bc6f4d8 A tool to take screenshots of websites. Much like eyewitness.
peframe 135.70683b6 Tool to perform static analysis on (portable executable) malware.
Cracks SSL PEM files that hold encrypted private keys. Brute forces or
pemcrack 12.66e02b8
dictionary cracks.
pemcracker 9.a741c93 Tool to crack encrypted PEM files.
penbox 81.3b77c69 A Penetration Testing Framework - The Tool With All The Tools.
pencode 32.47e5784 Complex payload encoder.
A security suite that packs security and stability testing oriented tools for
pentbox 1.8
networks and systems.
pentestly 1798.93d1b39 Python and Powershell internal penetration testing framework.
pentmenu 218.2e45233 A bash script for recon and DOS attacks.
pepe 13.b81889b Collect information about email addresses from Pastebin.
An open source script to perform malware static analysis on Portable
pepper 18.9dfcade
Executable.
periscope 3.2 A PE file inspection tool.
perl-image-
12.60 Reader and rewriter of EXIF informations that supports raw files
exiftool
petools 1.9.762 Portable executable (PE) manipulation toolkit.
pev 0.81 Command line based tool for PE32/PE32+ file analysis.
 A forensics tool that can extract all files from an executable file created by
pextractor 0.18b
a joiner or similar.
pfff 0.29 Tools and APIs for code analysis, visualization and transformation
Python tool and library to help analyze files during malware triage and
pftriage 79.d7ad183
analysis.
pgdbf 113.4e84775 Convert XBase / FoxPro databases to PostgreSQL
phantap 64.815c312 An 'invisible' network tap aimed at red teams.
phantom-
103.2cd0673 Antivirus evasion tool written in python.
evasion
A python open source phishing email tool that automates the process of
phemail 28.302b24d
sending phishing emails as part of a social engineering test.
An SSL Enabled Basic Auth Credential Harvester with a Word Document
phishery 14.5743953
Template URL Injector.
phishingkithunt
20.ac9bd1e Find phishing kits which use your brand/organization's files and image.
er
v2.10.3.r1.gf6a
phoneinfoga Information gathering & OSINT framework for phone numbers.
458d
phonesploit 51.0193f9e Adb exploiting tools.
phonia 593.8ae14ff Advanced toolkits to scan phone numbers using only free resources.
Sniffer designed to find HTTP, FTP, LDAP, Telnet, IMAP4, VNC and
phoss 0.1.13
POP3 logins.
Incredibly fast crawler which extracts urls, emails, files, website accounts
photon 326.d4af460
and much more.
php-findsock-
2.b8a984f A Findsock Shell implementation in PHP + C.
shell
php-malware- 0.3.4.r81.g1b8
Detect potentially malicious PHP files.
finder 5a73
php-mt-seed 4.0 PHP mt_rand() seed cracker
php-rfi-payload-
30.bd42caa Decode and analyze RFI payloads developed in PHP.
decoder
php-
An whitebox fuzz testing tool capable of detected several classes of
vulnerability- 1.4.0.20
vulnerabilities in PHP web applications.
hunter
phpggc 508.bb22d2a A library of PHP unserialize() payloads along with a tool to generate them,
 from command line or programmatically.
phpsploit 1011.7b262f6 Stealth post-exploitation framework.
9076.01ce76a2
phpstan PHP Static Analysis Tool - discover bugs in your code without running it.
0
A PHP denial of service / stress test for Web Servers running PHP-FPM or
phpstress 5.f987a7e
PHP-CGI.
phrasendrescher 1:1.2.2c A modular and multi processing pass phrase cracking tool
pidense 29.ef26704 Monitor illegal wireless network activities. (Fake Access Points)
pin 3.11.r97998 A dynamic binary instrumentation tool.
pingcastle 2.10.1.1 Active Directory scanning tool.
This tool can be useful for solving some reversing challenges in CTFs
pintool 24.d538a79
events.
pintool2 5.1c1af91 Improved version of pintool.
pip3line 2:92.5e27195 The Swiss army knife of byte manipulation.
3.3.2.r16.g3b9
pipal A password analyser.
950d
pipeline 19.f4935c9 Designed to aid in targeted brute force password cracking attacks.
pirana 0.3.1 Exploitation framework that tests the security of a email content filter.
pivotsuite 19.9078d1e A portable, platform independent and powerful network pivoting toolkit.
pixd 7.873db72 Colourful visualization tool for binary files.
pixiewps 1.4.2 An offline WPS bruteforce utility.
Set of tools for creating/injecting payload into images (hiding backdoors).
pixload 79.85077e1 The following image types are currently supported: BMP, GIF, JPG, PNG,
WebP.
pkcrack 1.2.2 A PkZip encryption cracker.
pkinittools 8.0f7f9a5 Tools for Kerberos PKINIT and relaying to AD CS.
pkt2flow 69.868a2e8 A simple utility to classify packets into flows.
An interactive disassembler for x86/ARM/MIPS. It can generates indented
plasma 922.ec7df9b
pseudo-code with colored syntax.
An interactive disassembler for x86/ARM/MIPS. It can generates indented
plasma-disasm 922.ec7df9b
pseudo-code with colored syntax.
This is a tool written in Python that will scan for PLC devices over
plcscan 0.1
s7comm or modbus protocols.
plecost 104.4895e34 Wordpress finger printer Tool.
plown 13.ccf998c A security scanner for Plone CMS.
plumber 18.3f1be68 A python implementation of a grep friendly ftrace wrapper.
plumber.py 18.3f1be68 A python implementation of a grep friendly ftrace wrapper.
plutil 1.6 Converts .plist files between binary and UTF-8 (editable) text formats.
4281.db67590 Small set of multi-purpose passive network monitoring tools [NetFlow
pmacct
d IPFIX sFlow libpcap BGP BMP IGP Streaming Telemetry].
Passively discover, scan, and fingerprint link-local peers by the
pmap 1.10
background noise they generate (i.e. their broadcast and multicast traffic).
pmapper 82.91d2e60 A tool for quickly evaluating IAM permissions in AWS.
Automated exploitation of invalid memory writes (being them the
consequences of an overflow in a writable section, of a missing format
pmcma 1.00
string, integer overflow, variable misuse, or any other type of memory
corruption).
A tool that lets you dump the memory contents of a process to a file
pmdump 1.2
without stopping the process.
Verifies the integrity of PNG, JNG and MNG files by checking the CRCs
pngcheck 3.0.3
and decompressing the image data.
A parallel network scanner that can be used to survey TCP network
pnscan 1.14.1
services.
An open-sourced remote vulnerability testing framework developed by the
pocsuite 430.877d1b1
Knownsec Security Team.
poison 1.5.41 A fast, asynchronous syn and udp scanner.
A python script that generates polymorphic webshells. Use it to encode
poly 52.4e6f189
your favourite shell and make it practically undetectable.
polyswarm 2.9.2 An interface to the public and private PolySwarm APIs.
polyswarm-api 0.5.3 An interface to the public and private PolySwarm APIs.
pompem 141.3ebe768 A python exploit tool finder.
poracle 68.dcc00b0 A tool for demonstrating padding oracle attacks.
Automate a number of techniques commonly performed on internal
portia 39.2e6e608 network penetration tests after a low privileged account has been
compromised.
An experimental unix driver IOCTL security tool that is useful for fuzzing
portmanteau 1.0
and discovering device driver attack surface.
 This program's primary goal is to enhance OS security through a set of
portspoof 128.8b5596a
new techniques.
Clean, nice and easy tool for basic/advanced privilege escalation
postenum 116.9cd9d7e
techniques.
A jar file that will send POST requests to servers in order to test for the
posttester 0.1 hash collision vulnerability discussed at the Chaos Communication
Congress in Berlin.
Deliver powershell payloads via DNS TXT via CloudFlare using
powercloud 21.0928303
PowerShell.
Powerfuzzer is a highly automated web fuzzer based on many other Open
Source fuzzers available (incl. cfuzzer, fuzzled, fuzzer.pl, jbrofuzz,
powerfuzzer 1_beta
webscarab, wapiti, Socket Fuzzer). It can detect XSS, Injections (SQL,
LDAP, commands, code, XPATH) and others.
PowerLessShell rely on MSBuild.exe to remotely execute PowerShell
powerlessshell 113.7159552 scripts and commands without spawning powershell.exe. You can also
execute raw shellcode using the same approach.
powermft 5.76574543 Powerful commandline $MFT record editor.
PowerShell Runspace Portable Post Exploitation Tool aimed at making
powerops 32.13fe55b
Penetration Testing with PowerShell "easier".
powershdll 72.62cfa17 Run PowerShell with rundll32. Bypass software restrictions.
powersploit 591.d943001 A PowerShell Post-Exploitation Framework.
powerstager 14.0149dc9 A payload stager using PowerShell.
pown 332.0e32edf Security testing and exploitation toolkit built on top of Node.js and NPM.
A Professional PE file Explorer for reversers, malware researchers and
ppee 1.12
those who want to statically inspect PE files in more details.
A fast tool to scan client-side prototype pollution vulnerability written in
ppfuzz 31.80982ec
Rust.
v1.2.0.r15.g94 A scanner/exploitation tool written in GO, which leverages client-side
ppmap
26af6 Prototype Pollution to XSS by exploiting known gadgets.
ppscan 0.3 Yet another port scanner with HTTP and FTP tunneling support.
python script setting up a transparent proxy to forward all TCP and DNS
pr0cks 1:20.bcfcf2d traffic through a SOCKS / SOCKS5 or HTTP(CONNECT) proxy using
iptables -j REDIRECT target.
prads 1132.e631f4f Is a "Passive Real-time Asset Detection System".
 An automated data/information harvesting tool designed to gather critical
praeda 48.1dc2220
information from various embedded devices.
preeny 110.aaef77f Some helpful preload libraries for pwning stuff.
Printer Exploitation Toolkit - The tool that made dumpster diving
pret 106.8ae5210
obsolete.
princeprocessor 1:132.bffda8c Standalone password candidate generator using the PRINCE algorithm.
procdump 63.5f23548 Generate coredumps based off performance triggers.
Provides a command line interface and a C library to manipulate the
proctal 482.67bf7e8
address space of a running program on Linux.
A suite of Java metaprogramming tools focused on code generation and
procyon 0.6
analysis.
profuzz 9.aa6dded Simple PROFINET fuzzer based on Scapy.
prometheus 176.a316d66 A Firewall analyzer written in ruby
prometheus-
176.a316d66 A Firewall analyzer written in ruby
firewall
Checks if your network adapter(s) is running in promiscuous mode, which
promiscdetect 1.0
may be a sign that you have a sniffer running on your computer.
A fast class scanner that scans for a specified open port with banner
propecia 2
grabbing
protos-sip 2 SIP test suite.
Python script that helps you investigate Protonmail accounts and
protosint 26.1ee6ee4
ProtonVPN IP addresses.
2505.848122b
prowler Tool for AWS security assessment, auditing and hardening.
0
proxenet 712.67fc6b5 THE REAL hacker friendly proxy for web application pentests.
Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture,
proxify 250.afcc2fa
manipulation, and replay on the go.
A powerful general purpose RFID tool, the size of a deck of cards,
2413.6116334
proxmark designed to snoop, listen and emulate everything from Low Frequency
4
(125kHz) to High Frequency (13.56MHz) tags.
proxmark3 4.16191 A general purpose RFID tool for Proxmark3 hardware.
proxybroker 152.d21aae8 Proxy [Finder | Checker | Server]. HTTP(S) & SOCKS.
proxybroker2 373.d7dfd10 Proxy [Finder | Checker | Server]. HTTP(S) & SOCKS.
 A hook preloader that allows to redirect TCP traffic of existing
proxychains-ng 4.16 dynamically linked programs through one or more SOCKS or HTTP
proxies
This is a simple proxy tool that checks for the HTTP CONNECT method
proxycheck 0.1
and grabs verbose output from a webserver.
Small multithreaded Perl script written to enumerate latency, port
proxyp 2013
numbers, server names, & geolocations of proxy IP addresses.
A security penetration testing tool to scan for hosts and ports through a
proxyscan 0.3
Web proxy server.
a program that connects stdin and stdout to a server somewhere on the
proxytunnel 1.10.20210604
network, through a standard HTTPS proxy
ps1encode 41.68d7778 A tool to generate and encode a PowerShell based Metasploit payloads.
pscan 1.3 A limited problem scanner for C source files
A lightweight fake SSH server designed to collect authentication data sent
pshitt 23.dae7931
by intruders.
pspy 159.2312eed Monitor linux processes without root permissions.
pstoreview 1.0 Lists the contents of the Protected Storage.
The Penetration Testers Framework is a way for modular support for up-
ptf 1491.f87dfa8
to-date tools.
Modified version of the passing-the-hash tool collection made to work
pth-toolkit 7.3641cdc
straight out of the box.
A tool for reliably tunneling TCP connections over ICMP echo request
ptunnel 0.72
and reply packets
pulledpork 397.5ccf5c5 Snort rule management
pulsar 55.3c61178 Protocol Learning and Stateful Fuzzing.
A post-exploitation tool meant to help network pivoting from a
punk 9.c2bc420
compromised unix box.
Hunt domain names using DNSDumpster, WHOIS, Reverse WHOIS,
punter 45.97b7bed
Shodan, Crimeflare.
2988.4b78dc5 Opensource, cross-platform (Windows, Linux, OSX, Android) remote
pupy
8 administration and post-exploitation tool mainly written in python.
A Penetration Testing Framework created for Hackers / Pentester / Bug
pureblood 37.2c5ce07
Hunter.
pwcrack 352.e824657 Password hash automatic cracking framework.
 A password hashing tool that use the crypt function to generate the hash of
pwd-hash 2.0
a string given on standard input.
A target specific wordlist generating tool for social engineers and security
pwdlogy 14.8b92bcf
researchers.
pwdlyser 136.483b9bc Python-based CLI Password Analyser (Reporting Tool).
Extracts the binary SAM and SYSTEM file from the filesystem and then
pwdump 7.1
the hashes.
v0.1.1.r1.g169
pwfuzz-rs Rust-based password mutator for brute force attacks.
cd32
A tool that allows any number of clients behind NATs to communicate
with a server behind a separate NAT with *no* port forwarding and *no*
pwnat 14.d3c2b05
DMZ setup on any routers in order to directly communicate with each
other.
Bind and reverse shell handler with FW/IDS/IPS evasion, self-inject and
pwncat 0.1.2
port-scanning.
v0.5.4.r11.g37
pwncat-caleb A post-exploitation platform.
f04d4
pwndbg 2023.03.19 Makes debugging with GDB suck less.
Massive IPv4 scanner, find and analyze internet-connected devices in
pwndora 248.d3f676a
minutes, create your own IoT search engine at home.
Self-deployable file hosting service for red teamers, allowing to easily
pwndrop 18.385ba70
upload and share payloads over HTTP and WebDAV.
pwned 2003.f6ca8d5 A command-line tool for querying the 'Have I been pwned?' service.
pwned-search 40.04c1439 Pwned Password API lookup.
pwnedornot 147.5053c7f Tool to find passwords for compromised email addresses.
pwnedpassword 2.0.0.r0.g7177
Generate and verify pwnedpasswords check digits.
s 02e
An improved slowloris DOS tool which keeps attacking until the server
pwnloris 10.5b79eff
starts getting exhausted.
pwntools 4.8.0 CTF framework and exploit development library.
v0.3.28.r0.g9b
pyaxmlparser A simple parser to parse Android XML file.
a2165
pybozocrack 87.ceb0cd9 A silly & effective MD5 cracker in Python.
pydictor 98.e48ee88 A useful hacker dictionary builder for a brute-force attack.
pyersinia 49.73f4056 Network attack tool like yersinia but written in Python.
pyew 109.8eb3e49 A python tool to analyse malware.
pyexfil 81.2ef1b8c A couple of beta stage tools for data exfiltration.
pyfiscan 2948.bfed6c3 Free web-application vulnerability and version scanner.
Obfuscate powershell scripts by replacing Function names, Variables and
pyfuscation 17.6d8d53f
Parameters.
A program that converts (packages) Python programs into stand-alone
pyinstaller 2:3.6
executables, under Windows, Linux, Mac OS X, Solaris and AIX.
pyjfuzz 157.f777067 Python JSON Fuzzer.
pykek 12.651b9ba Kerberos Exploitation Kit.
pymeta 13.fa74e64 Auto Scanning to SSL Vulnerability.
Minimal DNS server written in Python; it always replies with a 127.0.0.1
pyminifakedns 0.1
A-record.
pyrasite 2.0 Code injection and introspection of running Python processes.
RDP man-in-the-middle (mitm) and library for Python with the ability to
pyrdp 1973.da7982a
watch connections live or after the fact.
pyrit 0.5.0 The famous WPA precomputed cracker
A python multithreaded script to make use of Qualys ssllabs api to test
pyssltest 9.d7703f0
SSL flaws.
pytacle alpha2 Automates the task of sniffing GSM frames
A python based flexible IDS/IPS testing framework shipped with more
pytbull 19.3d82a54
than 300 tests.
pythem 454.e4fcb8a Python penetration testing framework.
python-api-
76.fa952c6 Unofficial Python API for http://dnsdumpster.com/.
dnsdumpster
Async WebDriver implementation for asyncio and asyncio-compatible
python-arsenic 21.8
frameworks.
python-capstone 4.0.2 A lightweight multi-platform, multi-architecture disassembly framework
Crontab module for reading and writing crontab files and accessing the
python-crontab 2.5.1
system cron automatically and simply using a direct API.
python-
1.6 Python client for the whois.cymru.com service
cymruwhois
python-frida 15.2.2 Dynamic instrumentation toolkit for developers, reverse-engineers, and
 security researchers.
python-frida-
11.0.0 Frida CLI tools.
tools
python-google-
1.2.9 A command line tool and module for Google Street View Image API.
streetview
python-ivre 0.9.20.dev64 Network recon framework (library)
python-
1.14.7 JavaScript unobfuscator and beautifier
jsbeautifier
python-
2.7.3 Simple keystroke logger.
keylogger
python- Library and tools to access the Extensible Storage Engine (ESE) Database
20181229
libesedb-python File (EDB) format.
python-
1:0.0.21 Python library to parse and read Microsoft minidump file format.
minidump
python-
1:0.2.1 Kerberos manipulation library in pure Python.
minikerberos
python-mmbot 78.f5f5478 Powerful malicious file triage tool for cyber responders.
python-oletools 1:0.60.1 Tools to analyze Microsoft OLE2 files.
python-
1.2.6 A VBA p-code disassembler.
pcodedmp
python-python-
30.022e16d Python client for the whois.cymru.com service
cymruwhois
1396.041d696
python-rekall Memory Forensic Framework.
4
python-search-
0.6.8 Scrapes search engine pages for query titles, descriptions and links.
engine-parser
python-shodan 1.28.0 Python library for Shodan (https://developer.shodan.io).
python-ssh- SSH mitm server for security audits supporting public key authentication,
3.0.2
mitm session hijacking and file manipulation.
python-
1.9.0 Finds and tracks wifi devices through raw 802.11 monitoring.
trackerjacker
python-
3.9.0 A Python cross-version decompiler.
uncompyle6
python-utidylib 0.2 Python bindings for Tidy HTML parser/cleaner.
python-winsspi 0.0.9 Windows SSPI library in pure Python.
python-
1:1.5.0 Web Inventory tool, takes screenshots of webpages using Pyppeteer.
witnessme
Tool aimed at helping malware researchers to identify and classify
python-yara 3.8.1
malware samples
python-yara-
279.32b6a74 The Python interface for YARA.
rednaga
python2-api-
76.fa952c6 Unofficial Python API for http://dnsdumpster.com/.
dnsdumpster
python2-
4.0.1 A lightweight multi-platform, multi-architecture disassembly framework
capstone
python2-
1.6 Python client for the whois.cymru.com service
cymruwhois
python2-
7.5ef01b1 Simple dictionary with LRU behaviour.
darts.util.lru
Irregular methods on regular expressions. Exrex is a command line tool
python2-exrex 146.239e4da and python module that generates all - or random - matching strings to a
given regular expression and more.
Dynamic instrumentation toolkit for developers, reverse-engineers, and
python2-frida 15.2.2
security researchers.
python2-frida-
11.0.0 Frida CLI tools.
tools
python2-
google_streetvie 1.2.9 A command line tool and module for Google Street View Image API.
w
python2-
google- 1.2.9 A command line tool and module for Google Street View Image API.
streetview
python2-
411.539e738 Honeynet Project generic authenticated datafeed protocol.
hpfeeds
python2-ivre 0.9.16.dev26 Network recon framework (library)
python2-
1.13.4 JavaScript unobfuscator and beautifier
jsbeautifier
python2- 0.9.4 Active Directory information dumper via LDAP.
ldapdomaindum
p
Library and tools to access the Extensible Storage Engine (ESE) Database
python2- File (EDB) format. The ESE database format is used in may different
20181229
libesedb applications like Windows Search, Windows Mail, Exchange, Active
Directory, etc.
python2- Library and tools to access the Extensible Storage Engine (ESE) Database
20181229
libesedb-python File (EDB) format.
python2-
19.749e6da Python library to parse and read Microsoft minidump file format.
minidump
python2-
17.e7e8d0a Kerberos manipulation library in pure Python.
minikerberos
python2-
1:0.60.1 Tools to analyze Microsoft OLE2 files.
oletools
python2-
1.2.6 A VBA p-code disassembler.
pcodedmp
A Python tool to explore PDF files in order to find out if the file can be
python2-peepdf 0.4.2
harmful or not.
1396.041d696
python2-rekall Memory Forensic Framework.
4
python2- ROPgadget supports ELF, PE and Mach-O format on x86, x64, ARM,
5.9
ropgadget ARM64, PowerPC, SPARC and MIPS architectures.
Python library and command-line utility for Shodan
python2-shodan 1.28.0
(https://developer.shodan.io).
python2-
1.2.12 Identify technologies used on websites.
webtech
python2-
0.0.9 Windows SSPI library in pure Python.
winsspi
Tool aimed at helping malware researchers to identify and classify
python2-yara 4.0.5
malware samples
Tool to look for several security related Android application
qark 301.ba1b265
vulnerabilities.
qrgen 37.82a015b Simple script for generating Malformed QRCodes.
qrljacker 218.1b0a4e2 QRLJacker is a highly customizable exploitation framework to
 demonstrate "QRLJacking Attack Vector".
Accept URLs on stdin, replace all query string values with a user-supplied
qsreplace 3.0b053d2 value, only output each combination of query string parameters once per
host and path.
quark-engine 21.6.2 Android Malware (Analysis | Scoring) System
A python script for simple information gathering. It attempts to find
quickrecon 0.3.2 subdomain names, perform zone transfers and gathers emails from Google
and Bing.
Command line tool for scanning streams within office documents plus xor
quicksand-lite 32.42af152
db attack.
quickscope 383.d46c407 Statically analyze windows, linux, osx, executables and also APK files.
r2cutter 1:1.12.0 Qt and C++ GUI for radare2 reverse engineering framework
r2ghidra 5.8.4 Deep ghidra decompiler integration for radare2 and r2cutter
1:v0.1.0.r53.gf A CLI tool and library allowing to simply decode all kind of BigIP
rabid
f1475d cookies.
A high performance offensive security tool for reconnaissance and
raccoon 187.9cf6c11
vulnerability scanning.
radamsa 0.6 General purpose mutation based fuzzer
radare2 5.8.6 Open-source tools to disasm, debug, analyze and manipulate binary files
radare2-cutter 1:1.12.0 Qt and C++ GUI for radare2 reverse engineering framework.
radare2-
720.d034b27 Keystone assembler plugins for radare2.
keystone
radare2-unicorn 743.4235786 Unicorn Emulator Plugin for radare2.
A forensic tool which grabs as much information as possible from a
radiography 2
Windows system.
Password cracker based on the faster time-memory trade-off. With
rainbowcrack 1.8
MySQL and Cisco PIX Algorithm patches.
A tool to support security professionals to access and interact with remote
ranger-scanner 149.3aae5dd
Microsoft Windows based systems.
rapidscan 218.cb5ea0e The Multi-Tool Web Vulnerability Scanner.
This program uses bruteforce algorithm to find correct password (rar, 7z,
rarcrack 0.2
zip).
A small program which lists the information for all of the entries in any
rasenum 1.0
phonebook file (.pbk).
rathole 0.4.7 A reverse proxy for NAT traversal
ratproxy 1.58 A passive web application security assessment tool
A rough auditing tool for security in source code files. It is a tool for
scanning C, C++, Perl, PHP, Python and Ruby source code and flagging
common security related programming errors such as buffer overflows and
rats 6.4ba54ce TOCTOU (Time Of Check, Time Of Use) race conditions. As its name
implies, the tool performs only a rough analysis of source code. It will not
find every error and will also find things that are not errors. Manual
inspection of your code is still necessary, but greatly aided with this tool.
raven 1:33.8646a58 A Linkedin information gathering tool used to gather information.
rawr 74.544dd75 Rapid Assessment of Web Resources. A web enumerator.
1.2.0.r7.gf7a08
rawsec-cli Rawsec Inventory search CLI to find security tools and resources.
c6
rbasefind 41.a661118 A firmware base address search tool.
v0.7.2.r0.ga6d A miscellaneous collection of command-line tools related to pen-testing
rbkb
35c0 and reversing.
rbndr 9.a189ffd Simple DNS Rebinding Service.
A tool to perform rainbow table attacks on password hashes. It is intended
rcracki-mt 0.7.0 for indexed/perfected rainbow tables, mainly generated by the distributed
project www.freerainbowtables.com
rcrdcarver 5.54507d21 Carve RCRD records ($LogFile) from a chunk of data..
rdesktop-brute 1.5.0 It connects to windows terminal servers - Bruteforce patch included.
rdp-cipher- Enumerate the encryption protocols supported by the server and the cipher
0.1
checker strengths supported using native RDP encryption.
rdp-sec-check 11.d0cc143 Script to enumerate security settings of an RDP Service.
rdpassspray 25.6aaeb60 Python3 tool to perform password spraying using RDP.
1.2.r0.g967520 A python script to extract information from a Microsoft Remote Desktop
rdwarecon
0 Web Access (RDWA) application.
reaver 1.6.6 Brute force attack against Wifi Protected Setup
rebind 0.3.4 DNS Rebinding Tool
2.21.8.2224.c8
recaf Modern Java bytecode editor.
a3cf8b
recentfilecache-
2.5e22518 Python parser for the RecentFileCache.bcf on Windows.
parser
 Randomly changes Win32/64 PE Files for 'safer' uploading to malware
recomposer 2.90f85ed
and sandbox sites.
1:1021.9e907d
recon-ng A full-featured Web Reconnaissance framework written in Python.
f
A security tool for multithreaded information gathering and service
reconnoitre 441.f62afba
enumeration.
reconscan 61.afbcfc0 Network reconnaissance and vulnerability assessment tools.
recoverjpeg 2.6.3 Recover jpegs from damaged devices.
recsech 123.1fc298a Tool for doing Footprinting and Reconnaissance on the target web.
recstudio 4.1 Cross platform interactive decompiler
recuperabit 69.8e77cde A tool for forensic file system reconstruction.
All in one tool for Information Gathering, Vulnerability Scanning and
red-hawk 36.fa54e23
Crawling.
Interactive, multiarchitecture disassembler written in C++ using Qt5 as UI
redasm 1667.5ab6be9
Framework.
Finds non-discoverable Bluetooth devices by brute-forcing the last six
redfang 2.5
bytes of the devices' Bluetooth addresses and calling read_remote_name().
A tool to poison a targeted issuer of SIP INVITE requests with 301 (i.e.
redirectpoison 1.1
Moved Permanently) redirection responses.
redpoint 123.23ef36b Digital Bond's ICS Enumeration Tools.
v0.8.0.alpha4.r
redress A tool for analyzing stripped Go binaries.
6.g28a8814
redsocks 211.19b822e Transparent redirector of any TCP connection to proxy.
reelphish 5.dc1be33 A Real-Time Two-Factor Phishing Tool.
The successor to reDuh, pwn a bastion webserver and create SOCKS
regeorg 30.1ca54c2
proxies through the DMZ. Pivot and pwn.
regipy 2.2.2 Library for parsing offline registry hives.
reglookup 1.0.1 Command line utility for reading and querying Windows NT registries
regreport 1.6 Windows registry forensic analysis tool.
Framework for reading and extracting useful forensics data from Windows
regrippy 2.0.0
registry hives.
regview 1.3 Open raw Windows NT 5 Registry files (Windows 2000 or higher).
rekall 1409.55d1925f Memory Forensic Framework.
relay-scanner 1.7 An SMTP relay scanner.
remot3d 38.a707ef7 An Simple Exploit for PHP Language.
Forensic tool to replay web-based attacks (and also general HTTP traffic)
replayproxy 1.1
that were captured in a pcap file.
resourcehacker 5.1.8 Resource compiler and decompiler for WindowsВ® applications.
A LLMNR and NBT-NS poisoner, with built-in
4:v3.1.3.0.r25. HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting
responder
g07c963f NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic
HTTP authentication.
A LLMNR and NBT-NS poisoner, with built-in
responder-
1:360.24e7b7c HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting
multirelay
NTLMv1/NTLMv2/LMv2 (multirelay version),
First stateful REST API fuzzing tool for automatically testing cloud
4:latest.main.r
restler-fuzzer services through their REST APIs and finding security and reliability bugs
3.g9507f4b
in these services.
retdec 2118.407f290c Retargetable machine-code decompiler based on LLVM.
3.2.3.r10.g2fa6 Scanner detecting the use of JavaScript libraries with known
retire
f21 vulnerabilities.
ReverseIP is a ruby-based reverse IP-lookup tool, which finds all domains
reverseip 13.42cc9c3 hosted on a web server and returns the HTTP status code of those
domains.
revipd 5.2aaacfb A simple reverse IP domain scanner.
A reverse shell with terminal support, data tunneling, and advanced
revsh 215.174e309
pivoting capabilities.
Shellphish's automated exploitation engine, originally created for the
rex 684.1907878
Cyber Grand Challenge.
Router EXploitation Toolkit - small toolkit for easy creation and usage of
rext 63.5f0f626
various python scripts that work with embedded devices.
rfcat 170508 RF ChipCon-based Attack Toolset.
A back-end GPL tool to directly inter-operate with any RFID ISO-Reader
rfdump 1.6
to make the contents stored on RFID tags accessible
rfidiot 107.88f2ef9 An open source python library for exploring RFID devices.
rfidtool 0.01 A opensource tool to read / write rfid tags
rhodiola 4.8bc08a0 Personalized wordlist generator with NLP, by analyzing tweets (A.K.A
 crunch2049).
richsploit 3.6b15e0f Exploitation toolkit for RichFaces.
ridenum 75.9e3b89b A null session RID cycle attack for brute forcing domain controllers.
Enumerate usernames on a domain where you have no creds by using
ridrelay 34.f2fa99c
SMB Relay with low priv.
A rewrite of rifiuti, a great tool from Foundstone folks for analyzing
rifiuti2 1:0.7.0
Windows Recycle Bin INFO2 file.
rinetd 0.62 internet redirection server
A script which maps domains related to an given ip address or
ripdc 0.3
domainname.
Real Intelligence Threat Analytics (RITA) is a framework for detecting
rita 827.974db68
command and control communication through network traffic analysis.
riwifshell 38.40075d5 Web backdoor - infector - explorer.
rkhunter 1.4.6 Checks machines for the presence of rootkits and other unwanted tools.
rlogin-scanner 0.2 Multithreaded rlogin scanner. Tested on Linux, OpenBSD and Solaris.
Enumerate Java RMI functions and exploit RMI parameter unmarshalling
rmiscout 1.4
vulnerabilities.
rogue-mysql-
2.78ebbfc A rogue MySQL server written in Python.
server
Hostapd fork including Wi-Fi attacks and providing Python bindings with
roguehostapd 78.381b373
ctypes.
A router exploitation tool that allows to disclosure network router admin
rombuster 204.b0b12d1
password.
rootbrute 1:0.1 Local root account bruteforcer.
ropeadope 1.1 A linux log cleaner.
ropeme 4.9b3a8fd ROPME is a set of python scripts to generate ROP gadgets and payload.
Lets you search your gadgets on your binaries (ELF format) to facilitate
ropgadget 7.1
your ROP exploitation.
Search gadgets in binaries to facilitate ROP exploitation for several file
ropgadget2 5.4
formats and architectures
Show information about binary files and find gadgets to build rop chains
ropper 1.13.8
for different architectures
roputils 195.ae7ed20 A Return-oriented Programming toolkit.
 Router Scan is able to find and identify a variety of devices from large
number of known routers and that the most important thing is to get from
them useful information, in particular the characteristics of the wireless
network: a method of protecting the access point (encryption), access point
name (SSID) and access point key (passphrase). Also it receives
information about the WAN connection (useful when scanning a local
Router Scan v2.60 Beta
network) and show the model of router. Getting information occurs in two
possible ways: 1. The program will try to guess a pair of
username/password to the router from a list of standard passwords, thereby
get access. 2. Or the vulnerabilities (bugs) will be used against the router
model, allowing to get the necessary information and/or bypass the
authorization process.
Tool used to find vulnerable routers and devices on the Internet and
routerhunter 21.4da257c
perform tests.
routersploit 3.4.0 The Router Exploitation Framework.
A full-cpp written tool that aims to find ROP sequences in PE/Elf/Mach-O
rp 138.3a54a7c
x86/x64 binaries.
A collection of tools that can be useful for doing attacks on routing
rpak 1.0
protocols.
rpcsniffer 7.9fab095 Sniffs WINDOWS RPC messages in a given RPC server process.
Contains three separate tools for obtaining information from a system that
rpctools 1.0
is running RPC services
rpdscan 2.a71b0f3 Remmina Password Decoder and scanner.
rpivot 5.4963487 Socks4 reverse proxy for penetration testing.
rr 6345.91cfc7c1 A Record and Replay Framework.
A reverse (connecting) remote shell. Instead of listening for incoming
rrs 100:1.70 connections it will connect out to a listener (rrs in listen mode). With tty
support and more.
RSA tool for ctf - retreive private key from weak public key and/or
rsactftool 946.079ba2e
uncipher data.
rsakeyfind 1.0 A tool to find RSA key in RAM.
rsatool 29.b5f56da Tool that can be used to calculate RSA and RSA-CRT parameters.
Python tool which allows to carry out some attacks on RSA, and offer a
rshack 64.cf197e3
few tools to manipulate RSA keys.
rsmangler 1.4 rsmangler takes a wordlist and mangle it
A Python based reverse shell equipped with functionalities that assist in a
rspet 263.de4356e
post exploitation scenario.
A database of common, interesting or useful commands, in one handy
rtfm 93.02f6432
referable form.
rtlamr 197.03369d1 An rtl-sdr receiver for smart meters operating in the 900MHz ISM band.
rtlizer 35.5614163 Simple spectrum analyzer.
A cross platform Python frequency scanning GUI for the OsmoSDR rtl-sdr
rtlsdr-scanner 1013.3c032de
library.
rtp-flood 1.0 RTP flooder
rtpbreak 1:1.3a Detects, reconstructs and analyzes any RTP session
64bit Mac OS-X kernel rootkit that uses no hardcoded address to hook the
rubilyn 0.0.1 BSD subsystem in all OS-X Lion & below. It uses a combination of
syscall hooking and DKOM to hide activity on a host.
ruler 301.1e5ee2d A tool to abuse Exchange services.
rulesfinder 38.38313f3 Machine-learn password mangling rules.
rupture 1383.131c61a A framework for BREACH and other compression-based crypto attacks.
rustbuster 302.4a243d4 DirBuster for Rust.
v3.0.0.r4.g245
rustcat A Modern Port Listener & Reverse Shell.
c791
rusthound 55.6d7b945 Active Directory data collector for BloodHound.
v1.8.1.r1.g11c
rustpad Multi-threaded Padding Oracle attacks against any service.
e343
rustscan 2.1.1 Faster Nmap Scanning with Rust.
rvi-capture 14.a2e129b Capture packets sent or received by iOS devices.
The Remote Web Workplace Attack tool will perform a dictionary attack
against a live Microsoft Windows Small Business Server's 'Remote Web
rww-attack 0.9.2
Workplace' portal. It currently supports both SBS 2003 and SBS 2008 and
includes features to avoid account lock out.
rz-cutter 2.2.0 Qt and C++ GUI for rizin reverse engineering framework
rz-ghidra 0.5.0 Deep ghidra decompiler integration for rizin and rz-cutter
s3-fuzzer 4.0a2a6f0 A concurrent, command-line AWS S3 Fuzzer.
s3scanner 419.6a67603 Scan for open S3 buckets and dump.
safecopy 1.7 A disk data recovery tool to extract data from damaged media.
sagan 2.0.2 A snort-like log analysis engine.
sakis3g 0.2.0e An all-in-one script for connecting with 3G.
saleae-logic 2.3.47 Debug happy.
Allows you to search an entire network or a number of hosts for SMB
sambascan 0.5.0
shares. It will also list the contents of all public shares that it finds.
samdump2 3.0.0 Dump password hashes from a Windows NT/2k/XP installation
samesame 68.a9bcd7b Command line tool to generate crafty homograph strings.
Send copies of (UDP) datagrams to multiple receivers, with optional
samplicator 175.ceeb1d2
sampling and spoofing.
samydeluxe 1:2.2ed1bac Automatic samdump creation script.
sandcastle 73.10af7c7 A Python script for AWS S3 bucket enumeration.
Nmap on steroids! Simple CLI with the ability to run pure Nmap engine,
sandmap 579.a7c4860
31 modules with 459 scan profiles.
sandsifter 2.8375e61 The x86 processor fuzzer.
sandy 6.531ab16 An open-source Samsung phone encryption assessment framework
ELF anti-forensics exec, for injecting full dynamic executables into
saruman 2.4be8db5
process image (With thread injection).
A simple crossplatform IDE for NASM, MASM, GAS and FASM
sasm 3.2.0
assembly languages.
sawef 32.e5ce862 Send Attack Web Forms.
sb0x 19.04f40fe A simple and Lightweight framework for Penetration testing.
Netcat-clone, portable, offers strong encryption - features AES-128-CBC
sbd 1.36 + HMAC-SHA1 encryption, program execution (-e), choosing source port,
continuous reconnection with delay + more
sc-make 12.7e39718 Tool for automating shellcode creation.
scalpel 1:1.1687261 A frugal, high performance file carver
A tool that actively probes the Internet in order to analyze topology and
scamper 20230323
performance.
scanless 89.725110c Utility for using websites that can perform port scans on your behalf.
Memory scanner designed to isolate the address of an arbitrary variable in
scanmem 0.17
an executing process
scannerl 15.e52c46b The modular distributed fingerprinting engine.
scanqli 26.40a028d SQLi scanner to detect SQL vulns.
scansploit 9.a0890af Exploit using barcodes, QRcodes, earn13, datamatrix.
scanssh 2.1 Fast SSH server and open proxy scanner.
scap-security-
0.1.60 Security compliance content in SCAP, Bash, Ansible, and other formats.
guide
scap-workbench 1.2.1 SCAP Scanner And Tailoring Graphical User Interface.
scapy 2.5.0 A powerful interactive packet manipulation program written in Python
scapy3k 0.23 Powerful interactive packet manipulation program written in Python 3
scavenger 103.75907e8 Crawler (Bot) searching for credential leaks on different paste sites.
schnappi-dhcp 0.1 Can test network with no DHCP.
scout2 1182.5d86d46 Security auditing tool for AWS environments.
1:5.12.0.r0.g6b
scoutsuite Multi-Cloud Security Auditing Tool.
8debb1c
scrape-dns 58.3df392f Searches for interesting cached DNS entries.
scrapy 2.8.0 A fast high-level scraping and web crawling framework.
Easily retargetable and hackable interactive disassembler with
scratchabit 571.e52ba4b
IDAPython-compatible plugin API.
scrounge-ntfs 0.9 Data recovery program for NTFS file systems
scrying 234.caa233c Collect RDP, web, and VNC screenshots smartly.
sctpscan 34.4d44706 A network scanner for discovery and security.
The Simplistic Information Gathering Engine | Find Advanced
scylla 76.34cb51c
Information on a Username, Website, Phone Number, etc
sdn-toolkit 1.21 Discover, Identify, and Manipulate SDN-Based Networks
sdnpwn 67.c4809da An SDN penetration testing toolkit.
sea 103.9aca1c8 A tool to help to create exploits of binary programs.
search1337 1:11.bf03ec9 Online, lightweight exploit scanner and downloader.
1:1828.2ae6cf
searchsploit The official Exploit Database search tool.
2b7
Next generation information digging application geared toward the needs
of security professionals. It uses information stored in search engine
seat 0.3
databases, cache repositories, and other public resources to scan web sites
for potential vulnerabilities.
second-order v3.2.r0.g24256 Second-order subdomain takeover scanner.
 9b
A python script to find sensitive data (apikeys, accesstoken, jwt,..) in
secretfinder 1:14.a0283cb
javascript files.
secscan 1.5 Web Apps Scanner and Much more utilities.
secure-delete 1:1.b63d814 Secure file, disk, swap, memory erasure utilities.
secure2csv 10.119eefb0 Decode security descriptors in $Secure on NTFS.
v2.0.r40.gbe79 A Python based scanner to find potential SSRF parameters in a web
see-surf
a31 application.
seeker 1:304.b21f28c Accurately Locate People using Social Engineering.
Increase the success rate of phishing attacks by sending emails to company
sees 67.cd741aa
users as if they are coming from the very same company's domain.
semgrep 1.17.1 Lightweight static analysis for many languages.
A rudimentary remote desktop tool for the X11 protocol exploiting
sensepost-xrdp 16.46d6c19
unauthenticated x11 sessions.
sergio-proxy 20.8a91bb4 A multi-threaded transparent HTTP proxy for manipulating web traffic
serialbrute 3.111c217 Java serialization brute force attack tool.
serializationdu
31.69ea9ba A tool to dump Java serialization streams in a more human readable form.
mper
A script that monitors and extracts requested URLs and clients connected
server-status-
12.841d55d to the service by exploiting publicly accessible Apache server-status
pwn
instances.
Sniffer that intents to sniff HTTP packets and attempts to reconstruct
sessionlist 6.3efc3b2 interesting authentication data from websites that do not employ proper
secure cookie auth.
Social-engineer toolkit. Aimed at penetration testing around Social-
set 1:8.0.3
Engineering.
Perform a MitM attack and extract clear text credentials from RDP
seth 103.8b6e36c
connections.
Allows you to set file ownership to any account, as long as you have the
setowner 1.1
"Restore files and directories" user right.
sfuzz 198.3bf135b A simple fuzzer.
sgn 26.2dfae64 Shikata ga nai encoder ported into go with several improvements.
sh00t 209.46c734d A Testing Environment for Manual Security Testers.
sha1collisiondet
105.b4a7b0b Library and command line tool to detect SHA-1 collision in a file
ection
A modular C2 framework designed to successfully operate on mature
shad0w 387.d35b9dc
environments.
Browse the Shadow Copies created by the Windows Vista / 7 / 8 / 10
shadowexplorer 0.9
Volume Shadow Copy Service.
shard 1.5 A command line tool to detect shared passwords.
shareenum 48.db728dd Tool to enumerate shares from Windows hosts.
sharesniffer 58.a0c5ed6 Network share sniffer and auto-mounter for crawling remote file systems.
shed 2.0.0 .NET runtime inspector.
shellcheck 0.9.0 Shell script analysis tool
shellcode- Compiles C/C++ style code into a small, position-independent and NULL-
24.e8edc8e
compiler free shellcode for Windows & Linux.
shellcode-
96.07ae857 Tool to create and test shellcodes from custom assembly sources.
factory
A collection of shellcode, loaders, sources, and generators provided with
shellcodecs 0.1 documentation designed to ease the exploitation and shellcode
programming process.
shellen 66.c0c5f83 Interactive shellcoding environment to easily craft shellcodes.
Simple command-line tool aimed to help pentesters quickly generate one-
shellerator 32.0ed6571
liner reverse/bind shells in multiple languages.
Implements a web server that can export arbitrary command line tools to a
shellinabox 428.98e6eeb
web based terminal emulator.
An offensive approach to the anatomy of improperly written OS command
shelling 227.0a6c135
injection sanitisers.
Because sometimes you just need shellcode and opcodes quickly. This
shellme 5.d5206f0
essentially just wraps some nasm/objdump calls into a neat script.
shellnoob 35.72cf498 A toolkit that eases the writing and debugging of shellcode
shellpop 148.a145349 Generate easy and sophisticated reverse or bind shell commands.
shellsploit-
273.a16d22f New Generation Exploit Development Kit.
framework
A dynamic shellcode injection tool, and the first truly dynamic PE infector
shellter 7.2
ever created.
shellz 161.0ed068f A script for generating common revshells fast and easy.
sherlock 2097.b7cd7ab Find usernames across social networks.
Universal script packer-- transforms any type of script into a protected
sherlocked 1.f190c2b
ELF executable, encrypted with anti-debugging.
Find committed secrets and sensitive files across GitHub, Gists, GitLab
shhgit 66.53e656c
and BitBucket or your local repositories in real time.
shitflood 14.e74fc42 A Socks5 clone flooder for the Internet Relay Chat (IRC) protocol.
shocker 64.d3f7603 A tool to find and exploit servers vulnerable to Shellshock.
shodan 1.13.0 Python library for Shodan (https://developer.shodan.io).
shodanhat 13.e5e7e68 Search for hosts info with shodan.
shootback 83.cab462c A reverse TCP tunnel let you access target behind NAT or firewall.
shortfuzzy 0.1 A web fuzzing script written in perl.
2.0.r19.g6e8d4
shosubgo Small tool to Grab subdomains using Shodan API.
8c
shreder 87.814adb4 A powerful multi-threaded SSH protocol password bruteforce tool.
A wrapper around massdns written in go that allows you to enumerate
shuffledns 227.a2ae07f
valid subdomains.
A shellcode development tool, created to speed up the various steps
sickle 73.e14c0bb
needed to create functioning shellcode.
Guesses sids/instances against an Oracle database according to a
sidguesser 1.0.5
predefined dictionary file.
siege 4.1.6 An http regression testing and benchmarking utility
sigma 0.20 Generic Signature Format for SIEM Systems
sign 10.2dc4018 Automatically signs an apk with the Android test certificate.
sigploit 786.0e52072 Telecom Signaling Exploitation Framework - SS7, GTP, Diameter & SIP.
A tool that search in your HD to find wich publishers has been signed
sigspotter 1.0
binaries in your PC.
sigthief 25.ffb501b Stealing Signatures and Making One Invalid Signature at a Time.
silenteye 21.a53a7ff A cross-platform application design for an easy use of steganography.
An asynchronous, collaborative post-exploitation agent powered by
silenttrinity 292.cd9416d
Python and .NET's DLR.
A collection of traffic analysis tools developed by the CERT NetSA to
silk 3.19.2
facilitate security analysis of large networks.
simple-ducky 20.f15079e A payload generator.
 A simple python script that leverages scapy for discovering live hosts on a
simple-lan-scan 1.0
network.
simpleemailspo
54.7075f0c A simple Python CLI to spoof emails.
ofer
simplify 1.3.0 Generic Android Deobfuscator.
1:1.4.10.r7.6a4 Email recon made fast and easy, with a framework to build on
simplyemail
2d37 http://CyberSyndicates.com.
simtrace2 1071.773d314 Host utilities to communicate with SIMtrace2 USB Devices.
sinfp 1.24 A full operating system stack fingerprinting suite.
A small command line tool for developers and administrators of Session
siparmyknife 11232011
Initiation Protocol (SIP) applications.
sipbrute 11.5be2fdd A utility to perform dictionary attacks against the VoIP SIP Register hash.
sipcrack 0.2 A SIP protocol login cracker.
sipffer 1:29.efc3ff1 SIP protocol command line sniffer.
sipi 13.58f0dcc Simple IP Information Tools for Reputation Data Analysis.
sipp 1331.f44d0cf A free Open Source test tool / traffic generator for the SIP protocol.
sippts 492.72c87f3 Set of tools to audit SIP based VoIP Systems.
A small command line tool for developers and administrators of Session
sipsak 1:0.9.8.1
Initiation Protocol (SIP) applications.
sipscan 1:0.1 A sip scanner.
sipshock 7.6ab5591 A scanner for SIP proxies vulnerable to Shellshock.
sipvicious 462.fd3e7c7 Tools for auditing SIP devices
sireprat 34.b8ef60b Remote Command Execution as SYSTEM on Windows IoT Core.
sitadel 121.0a0e475 Web Application Security Scanner.
sitediff 3.1383935 Fingerprint a web app using local files as the fingerprint sources.
sjet 103.dd2a4e6 Siberas JMX exploitation toolkit.
skipfish 2.10b A fully automated, active web application security reconnaissance tool
skiptracer 1:123.ca40957 OSINT python2 webscraping framework. Skipping the needs of API keys.
A PoC to bruteforce the Cryptsetup implementation of Linux Unified Key
skul 27.7bd83f1
Setup (LUKS).
skydive 0.28.0 An open source real-time network topology and protocols analyzer.
Takes over Parrot drones, deauthenticating their true owner and taking
skyjack 16.24e3878
over control, turning them into zombie drones under your own control.
 This is a tool that demonstrates dumping MD5 password hashes from the
skype-dump 0.1
configuration file in Skype.
skypefreak 33.9347a65 A Cross Platform Forensic Framework for Skype.
Slack Enumeration and Extraction Tool - extract sensitive information
slackpirate 142.9788be6
from a Slack Workspace.
sleuthkit 4.11.1 File system and media management forensic analysis tools
Python3 Burp History parsing tool to discover potential SQL injection
sleuthql 9.29fc878
points. To be used in tandem with SQLmap.
1:3367.0ec487
slither Solidity static analysis framework written in Python 3.
460
sloth-fuzzer 39.9f7f59a A smart file fuzzer.
A highly configurable tool that simulates application layer denial of
slowhttptest 1.9.0
service attacks.
A tool which is written in perl to test http-server vulnerabilites for
slowloris 0.7 connection exhaustion denial of service (DoS) attacks so you can enhance
the security of your webserver.
slowloris-py 30.eb7f632 Low bandwidth DoS tool.
slurp 90.6a4eaaf S3 bucket enumerator
slurp-scanner 90.6a4eaaf Evaluate the security of S3 buckets.
smali 2.5.2 An assembler/disassembler for Android's dex format
smali-cfgs 6.4450418 Smali Control Flow Graph's.
smalisca 58.1aa7a16 Static Code Analysis for Smali files.
smap 24.3ed1ac7 Shellcode mapper - Handy tool for shellcode analysis.
smartphone-
pentest- 104.fc45347 Repository for the Smartphone Pentest Framework (SPF).
framework
smbbf 0.9.1 SMB password bruteforcer.
3 tools that work together to simplify reconaissance of Windows File
smbcrunch 12.313400e
Shares.
smbexec 2:59.a54fc14 A rapid psexec style attack with samba tools.
smbmap 147.a771476 A handy SMB enumeration tool.
smbrelay 3 SMB / HTTP to SMB replay attack toolkit.
smbspider 10.7db9323 A lightweight python utility for searching SMB/CIFS/Samba file shares.
smbsr 49.a44ced7 Lookup for interesting stuff in SMB shares.
smikims-
25.244d9ee Performs an ARP spoofing attack using the Linux kernel's raw sockets.
arpspoof
A modular framework with every kind of diagnostic and offensive feature
smod 53.7eb8423
you could need in order to pentest modbus protocol.
smplshllctrlr 9.2baf390 PHP Command Injection exploitation tool.
smtp-fuzz 1.0 Simple smtp fuzzer.
smtp-test 5.d8d8598 Automated testing of SMTP servers for penetration testing.
Username guessing tool primarily for use against the default Solaris SMTP
smtp-user-enum 1.2
service. Can use either EXPN, VRFY or RCPT TO.
smtp-vrfy 1.0 An SMTP Protocol Hacker.
smtpmap 0.8.234_BETA Tool to identify the running smtp software on a given host.
smtpscan 0.5 An SMTP scanner
smtptester 13.634e1ee Small python3 tool to check common vulnerabilities in SMTP servers.
A very simple tool used for sending simple email and do some basic email
smtptx 1.0
testing from a pentester perspective.
smuggler 23.2be871e Python tool used to test for HTTP Desync/Request Smuggling attacks.
smuggler-py 1.0 Python tool used to test for HTTP Desync/Request Smuggling attacks.
A modular tool written in bourne shell and designed to chain and automate
sn00p 0.8
security tools and tests.
sn1per 1:563.9deac2b Automated Pentest Recon Scanner.
snallygaster 225.4c5a9b5 Tool to scan for secret files on HTTP servers.
snapception 8.c156f9e Intercept and decrypt all snapchats received over your network.
Super Next generation Advanced Reactive honEypot. SNARE is a web
snare 183.0919a80 application honeypot sensor attracting all sort of maliciousness from the
Internet.
snarf-mitm 41.bada142 SMB Man in the Middle Attack Engine / relay suite.
sniff-probe-req 379.8a02dbd Wi-Fi Probe Requests Sniffer.
sniffer 4.688854e Packet Trace Parser for TCP, SMTP Emails, and HTTP Cookies.
sniffglue 0.15.0 Secure multithreaded packet sniffer
Injects packets in the transmission flow that are able to seriously disturb
sniffjoke 772.434bfb1
passive analysis like sniffing, interception and low level information theft.
sniffles 469.118e93f A Packet Capture Generator for IDS and Regular Expression Evaluation.
snitch 1.2 Turn back the asterisks in password fields to plaintext passwords.
SNMP brute force, enumeration, CISCO config downloader and password
snmp-brute 19.830bb0a
cracking script.
SNMP fuzzer uses Protos test cases with an entirely new engine written in
snmp-fuzzer 0.1.1
Perl.
snmpattack 1.8 SNMP scanner and attacking tool.
snmpcheck 1.9 A free open source utility to get information via SNMP protocols.
snmpenum 1.7 snmp enumerator
snmpscan 0.1 A free, multi-processes SNMP scanner.
snoopbrute 17.589fbe6 Multithreaded DNS recursive host brute-force tool.
A distributed, sensor, data collection, interception, analysis, and
snoopy-ng 128.eac73f5
visualization framework.
snort 2.9.20 A lightweight network intrusion detection system.
snow 20130616 Steganography program for concealing messages in text files.
snowman 0.1.3 A native code to C/C++ decompiler, see the examples of generated code.
A Windows based SNMP detection utility that can quickly and accurately
snscan 1.05
identify SNMP enabled devices on a network.
0.4.3.2022010
snscrape A social networking service scraper in Python.
6
snuck 6.76196b6 Automatic XSS filter bypass.
CLI and build-time tool to find and fix known vulnerabilities in open-
snyk 1.878.0
source dependencies.
soapui 5.7.0 The Swiss-Army Knife for SOAP Testing.
socat 1.7.4.4 Multipurpose relay
social-analyzer 0.42 Analyzing & finding a person's profile across social media websites.
social-mapper 190.92be8da A social media enumeration and correlation tool.
social-vuln- Gathers public information on companies to highlight social engineering
11.91794c6
scanner risk.
socialfish 242.3167ab8 Ultimate phishing tool with Ngrok integrated.
v2.0.0.r2.gc78 OSINT tool that allows to get the emails, from a target, published in social
socialpwned
45c3 networks.
socialscan 123.9f68539 Check email address and username availability on online platforms.
socketfuzz 26.089add2 Simple socket fuzzer.
 A tool to let you view information about open connections. It is similar to
sockstat 0.4.1 the tool of the same name that is included in FreeBSD, trying to faithfully
reproduce as much functionality as is possible.
sonar-scanner 4.8.0.2856 Generic CLI tool to launch project analysis on SonarQube servers.
soot 3.4.0 A Java Bytecode Analysis and Transformation Framework.
The SOC Analysts all-in-one CLI tool to automate and speed up
sooty 326.e1e86e5
workflow.
A general-purpose Internet utility package, with some extra features to
spade 114
help in tracing the source of spam and other forms of Internet harassment.
spaf 11.671a976 Static Php Analysis and Fuzzer.
spaghetti 4:9.df39a11 Web Application Security Scanner.
Python GUI application which simplifies network infrastructure
sparta 21.b0a4514 penetration testing by aiding the penetration tester in the scanning and
enumeration phase.
TCHunt-ng attempts to reveal encrypted files stored on a filesystem. The
program is successful in finding TrueCrypt, VeraCrypt, CipherShed
spartan 23.babdd7d containers, EncFS encrypted files, PGP/GPG encrypted messages,
OpenSSH and PEM private keys, password databases, and files made up
of random data.
An open source tool written in python to audit web applications using
sparty 0.1
sharepoint and frontpage architecture.
Spectrum-Tools is a set of utilities for using the Wi-Spy USB spectrum
spectools 2010_04_R1
analyzer hardware. Stable version.
An active WPA/2 Bruteforcer, original created to prove weak standard key
speedpwn 8.3dd2793
generation in different ISP labeled routers without a client is connected.
A python tool designed to allow for quick recon and deployment of simple
spf 85.344ac2f
social engineering phishing exercises.
A program to map out SPF and DKIM records for a large number of
spfmap 8.a42d15a
domains.
spiderfoot 4.0 The Open Source Footprinting Tool.
spiderpig-
0.1 A javascript pdf fuzzer
pdffuzzer
spiga 2:623.8bc1ddc Configurable web resource scanner.
spike 2.9 IMMUNITYsec's fuzzer creation kit in C
spike-fuzzer 2.9 IMMUNITYsec's fuzzer creation kit in C.
spike-proxy 148 A Proxy for detecting vulnerabilities in web applications
A utility for creating symmetrically encrypted and authenticated pipes
spiped 1.6.2
between socket addresses.
spipscan 1:69.4ad3235 SPIP (CMS) scanner for penetration testing purpose written in Python.
3.1.2.git20180 A tool for statically checking C programs for security vulnerabilities and
splint
129 coding mistakes
Fetch, install and search exploit archives from exploit sites like exploit-db
sploitctl 1:3.0.3
and packetstorm.
sploitego 153.d9568dc Maltego Penetration Testing Transforms.
spoofcheck 16.8cce591 Simple script that checks a domain for email protections.
Designed to automate spoofing or cloning Bluetooth device Name, Class,
spooftooph 0.5.2 and Address. Cloning this information effectively allows Bluetooth device
to hide in plain sight
Loader, dropper generator with multiple features for bypassing client-side
spookflare 24.19491b5
and network-side countermeasures.
16957.73d952
spotbugs A tool for static analysis to look for bugs in Java code.
249
Makes spraying Microsoft accounts (Office 365 / Azure AD) easy through
spray365 42.58fd193
its customizable two-step password spraying approach.
Low and slow password spraying tool, designed to spray on an interval
spraycharles 198.041a598
over a long period of time.
sprayhound 0.0.3 Password spraying tool and Bloodhound integration.
Scripts to make password spraying attacks against Lync/S4B & OWA a lot
sprayingtoolkit 60.82e2ec8
quicker, less painful and more efficient.
Credentials gathering tool automating remote procdump and parse of lsass
spraykatz 62.1fb3aa7
process.
A Linux packet crafting tool. Supports IPv4, IPv6 including extension
sps 4.3
headers, and tunneling IPv6 over IPv4.
Python API wrapper and command-line client for the tools hosted on
spyse 47.cd11ba9
spyse.com.
sqid 0.3 A SQL injection digger.
sqlbrute 1.0 Brute forces data out of databases using blind SQL injection.
sqldict 2.1 A dictionary attack tool for SQL Server.
sqlivulscan 249.cc8e657 This will give you the SQLi Vulnerable Website Just by Adding the Dork.
sqlmap 1.7 Automatic SQL injection and database takeover tool
A tool targeted to exploit SQL Injection vulnerabilities on a web
sqlninja 0.2.999
application that uses Microsoft SQL Server as its back-end.
This tool should be used to audit the strength of Microsoft SQL Server
sqlpat 1.0.1
passwords offline.
SQL Server scanning tool that also checks for weak passwords using
sqlping 4
wordlists.
sqlpowerinjecto Application created in .Net 1.1 that helps the penetration tester to find and
1.2
r exploit SQL injections on a web page.
sqlsus 0.7.2 An open source MySQL injection and takeover tool, written in perl
ssdeep 2.14.1 A program for computing context triggered piecewise hashes
ssdp-scanner 1.0 SSDP amplification scanner written in Python. Makes use of Scapy.
SSH server auditing (banner, key exchange, encryption, mac,
ssh-audit 2.5.0
compression, compatbility, etc).
ssh-honeypot 109.6307259 Fake sshd that logs ip addresses, usernames, and passwords.
ssh-mitm 140.70998ba SSH man-in-the-middle tool.
ssh-privkey-
0.4 A SSH private key cracker.
crack
ssh-user-enum 7.ae453c1 SSH User Enumeration Script in Python Using The Timing Attack.
sshatter 1.2 Password bruteforcer for SSH.
sshfuzz 1.0 A SSH Fuzzing utility written in Perl that uses Net::SSH2.
A fast SSH mass-scanner, login cracker and banner grabber tool using the
sshprank 1.4.2
python-masscan module.
A horizontal SSH scanner that scans large swaths of IPv4 space for a
sshscan 1:1.0
single SSH user and pass.
sshtrix 0.0.3 A very fast multithreaded SSH login cracker.
sshtunnel 0.4.0 Pure python SSH tunnels.
sshuttle 1.1.1 Transparent proxy server that forwards all TCP packets over ssh
ssl-hostname-
1 CN (Common Name) grabber on X.509 Certificates over HTTPS.
resolver
ssl-phuck3r 2.0 All in one script for Man-In-The-Middle attacks.
sslcat 1.0 SSLCat is a simple Unix utility that reads and writes data across an SSL
 enable network connection.
sslcaudit 524.f218b9b Utility to perform security audits of SSL/TLS clients.
ssldump 1.7 an SSLv3/TLS network protocol analyzer
sslh 1.22.c SSL/SSH/OpenVPN/XMPP/tinc port multiplexer
ssllabs-scan 250.7a9f44e Command-line client for the SSL Labs APIs
sslmap 0.2.0 A lightweight TLS/SSL cipher suite scanner.
sslnuke 5.c5faeaa Transparent proxy that decrypts SSL traffic and prints out IRC messages.
A fast tools to scan SSL services, such as HTTPS to determine the ciphers
sslscan 2.0.16
that are supported
sslscan2 649.bc46606 Tests SSL/TLS enabled services to discover supported cipher suites.
A tool to MITM all SSL connections on a LAN and dynamically generate
sslsniff 0.8
certs for the domains that are being accessed on the fly
sslstrip 0.9 Python tool to hijack HTTPS connections during a MITM attack.
Python tool for analyzing the configuration of SSL servers and for
sslyze 5.0.6
identifying misconfigurations.
ssma 215.2a2b6bd Simple Static Malware Analyzer.
Facilitates tunneling HTTP communications through servers vulnerable to
ssrf-proxy 293.e79da7a
Server-Side Request Forgery.
ssrf-sheriff 2.f95d691 A simple SSRF-testing sheriff written in Go.
ssrfmap 101.cd7536e Automatic SSRF fuzzer and exploitation tool.
stackflow 2.2af525d Universal stack-based buffer overfow exploitation tool.
Crossplatform tool which aids developers, bugbounty hunters and ethical
stacoan 0.90
hackers performing static code analysis on mobile applications.
0.4.15.r0.gd6f
stacs Static Token And Credential Scanner.
71cf
This plugin extends Metasploit for some missing features and modules
staekka 9.57787ca allowing interaction with other/custom exploits/ways of getting shell
access.
stardox 41.95b0a97 Github stargazers information gathering tool.
A mitm proxy that will transparently proxy and dump both plaintext and
starttls-mitm 7.b257756
TLS traffic.
statsprocessor 5:0.11 A high-performance word-generator based on per-position Markov-attack.
stegcracker 2.1.0 Steganography brute-force utility to uncover hidden data inside files.
stegdetect 19.ac1df7a An automated tool for detecting steganographic content in images.
steghide 0.5.1 Embeds a message in a file by replacing some of the least significant bits
stegolego 8.85354f6 Simple program for using stegonography to hide data within BMP images.
stegosip 11.5cda6d6 TCP tunnel over RTP/SIP.
stegoveritas 1.9 Automatic image steganography analysis tool.
stegseek 104.ff677b9 Lightning fast steghide cracker.
stegsolve 1.3 Steganography Solver.
A packet capture solution which aims to quickly spool all packets to disk,
stenographer 486.355604b
then provide simple, fast access to subsets of those packets.
stepic 0.4 A python image steganography tool.
1.0.0.r7.gc7bb
stews A Security Tool for Enumerating WebSockets.
a5a
sticky-keys-
15.c816fc9 Script to test an RDP host for sticky keys and utilman backdoor.
hunter
XCCDF formatted SRGs and STIGs files viewer for SCAP validation
stig-viewer 2.8
tools.
An advanced utility to test the quality of WWW session identifiers and
stompy 0.0.4
other tokens that are meant to be unpredictable.
stoq 769.8bfc78b An open source framework for enterprise level automated analysis.
This simple tool is useful to test a PABX with "allow guest" parameter set
storm-ring 0.1
to "yes" (in this scenario an anonymous caller could place a call).
v2.1.r1.g366d6
stowaway A Multi-hop proxy tool for security researchers and pentesters.
a5
strace 6.2 A diagnostic, debugging and instructional userspace tracer
streamfinder 1.2 Searches for Alternate Data Streams (ADS).
striker 85.87c184d An offensive information and vulnerability scanner.
Machine learning tool that automatically ranks strings based on their
stringsifter 29.3cb284a
relevance for malware analysis.
striptls 55.5ec712c Proxy PoC implementation of STARTTLS stripping attacks.
strutscan 4.8712c12 Apache Struts2 vulnerability scanner written in Perl.
A program that allows you to encrypt arbitrary TCP connections inside
stunnel 5.69
SSL
sub7 2.2 A remote administration tool. No further comments ;-)
subbrute 1.2.1 A DNS meta-query spider that enumerates DNS records and subdomains
subdomainer 1.2 A tool designed for obtaining subdomain names from public sources.
Modular subdomain discovery tool that can discover massive amounts of
subfinder 1257.bf74523
valid subdomains for any target.
subjack 182.49c51e5 Subdomain Takeover tool written in Go.
subjs 45.76ce9ec Fetches javascript file from a list of URLS or subdomains.
A security and reconnaissance tool which leverages certificate
sublert 67.56d2a12 transparency to automatically monitor new subdomains deployed by
specific organizations and issued TLS/SSL certificate.
sublist3r 138.729d649 A Fast subdomains enumeration tool for penetration testers.
subover 71.3d258e2 A Powerful Subdomain Takeover Tool.
subscraper 2:12.b736b01 Tool that performs subdomain enumeration through various techniques.
subterfuge 2:64.69dda99 Automated Man-in-the-Middle Attack Framework
A multi-threaded Linux/UNIX tool for brute-force cracking local user
sucrack 1.2.3
accounts via su
Python script which utilizes python's built-in modules to enumerate SUID
suid3num 60.2241c9c
binaries.
sulley 4:1.0.bff0dd1 A pure-python fully automated and unattended fuzzing framework.
superscan 4.1 Powerful TCP port scanner, pinger, resolver.
An Open Source Next Generation Intrusion Detection and Prevention
suricata 6.0.10
Engine.
suricata-verify 958.494b9d59 Suricata Verification Tests - Testing Suricata Output.
A simple script to extract all web resources by means of .SVN folder
svn-extractor 43.1de6adb
exposed over network.
Swiss Army Knife SMTP; Command line SMTP testing, including TLS
swaks 20201014.0
and AUTH
An OSINT tool for discovering associated sites through Google Analytics
swamp 59.3c8be65
Tracking IDs.
A tool used to automate Linux swap analysis during post-exploitation or
swap-digger 51.4d18ce0
forensics.
swarm 1:41.1713c1e A distributed penetration testing tool.
First tool for testing security in Flash movies. A runtime analyzer for SWF
swfintruder 0.9.1
external movies. It helps to find flaws in Flash.
swftools 0.9.2 A collection of SWF manipulation and creation utilities
syborg 36.5cd010b Recursive DNS Subdomain Enumerator with dead-end avoidance system.
A CLI tool and go library for generating a Software Bill of Materials
syft 814.5e5312c
(SBOM) from container images and filesystems.
1:0.0.4.r3.g1cf
sylkie IPv6 address spoofing with the Neighbor Discovery Protocol.
170f
A plugin for Hex-Ray's IDA Pro and radare2 to export the symbols
syms2elf 12.329c2ce
recognized to the ELF symbol table.
synflood 0.1 A very simply script to illustrate DoS SYN Flooding attack.
A custom eth->ip->tcp packet generator (spoofer) for testing firewalls and
synner 1.1
dos attacks.
synscan 5.02 fast asynchronous half-open TCP portscanner
syringe 12.79a703e A General Purpose DLL & Code Injection Utility.
sysdig 0.31.5 Open source system-level exploration and troubleshooting tool
sysinternals-
1:5.9 Sysinternals tools suite.
suite
t50 5.8.7 Experimental Multi-protocol Packet Injector Tool.
tabi 13.068a406 BGP Hijack Detection.
tachyon-scanner 461.6a0900e Fast Multi-Threaded Web Discovery Tool.
tactical-
90.0df0bd2 Modern tactical exploitation toolkit.
exploitation
It aims at preserving your privacy and anonymity, and helps you to: use
the Internet anonymously and circumvent censorship; all connections to
Tails 5.4 the Internet are forced to go through the Tor network; leave no trace on the
computer you are using unless you ask it explicitly; use state-of-the-art
cryptographic tools to encrypt your files, emails and instant messaging.
taipan 1:2.9.498.18 Web application security scanner.
takeover 98.a058647 Sub-Domain TakeOver Vulnerability Scanner.
v3.1.r0.gbee8a A password guessing tool that targets the Kerberos and LDAP services
talon
a4 within the Windows Active Directory environment.
taof 0.3.2 Taof is a GUI cross-platform Python generic network protocol fuzzer.
Transient Bluetooth Environment Auditor includes an ncurses-based
tbear 1.5 Bluetooth scanner (a bit similar to kismet), a Bluetooth DoS tool, and a
Bluetooth hidden device locator.
 A set of tools that deal with acquiring physical memory dumps via
tcgetkey 0.1 FireWire and then scan the memory dump to locate TrueCrypt keys and
finally decrypt the encrypted TrueCrypt container using the keys.
tchunt-ng 208.b8cf7fc Reveal encrypted files stored on a filesystem.
tckfc 23.911e92e TrueCrypt key file cracker.
tcpcontrol-
2:0.1 2^6 TCP control bit fuzzer (no ECN or CWR).
fuzzer
A TCP stream replay tool to support real testing of Internet server
tcpcopy 1244.9a5406a
applications.
tcpdstat 4.be5bd28 Get protocol statistics from tcpdump pcap files.
tcpdump 4.99.4 A tool for network monitoring and data acquisition
Extracts files from captured TCP sessions. Support live streams and pcap
tcpextract 1.1
files.
Captures data transmitted as part of TCP connections then stores the data
tcpflow 1.6.1
conveniently
tcpick 0.2.1 TCP stream sniffer and connection tracker
tcpjunk 2.9.03 A general tcp protocols testing and hacking utility.
tcpreplay 4.4.3 Gives the ability to replay previously captured traffic in a libpcap format
tcptrace 6.6.7 A TCP dump file analysis tool
tcptraceroute 1.5beta7 A traceroute implementation using TCP packets.
A utility written in Python that lets you monitor forwarded TCP
tcpwatch 1.3.1
connections or HTTP proxy connections.
tcpxtract 1.0.1 A tool for extracting files from network traffic.
v1.0.r1.g0c8b6
teamsuserenum User enumeration with Microsoft Teams API
c2
teardown 1.0 Command line tool to send a BYE request to tear down a call.
tekdefense-
88.42548cf IP URL and MD5 OSINT Analysis
automater
tell-me-your- 1:v2.4.1.r0.g8d
Find secrets on any machine from over 120 Different Signatures.
secrets 59fe3
tempomail 25.3ca0fcf Tool to create a temporary email address in 1 Second and receive emails.
termineter 203.9311d6d Smart meter testing framework
terminus-font- 4.47.0 Monospaced bitmap font designed for long work with computers (TTF
ttf version, mainly for Java applications).
testdisk 7.1 Checks and undeletes partitions + PhotoRec, signature based recovery tool
testssl 1:2.9.5 Testing TLS/SSL encryption.
testssl.sh 3.0.8 Testing TLS/SSL encryption
v0.63.1.r380.g
tfsec Security scanner for your Terraform code.
fbca9334c
tftp-bruteforce 0.1 TFTP-bruteforcer is a fast TFTP filename bruteforcer written in perl.
tftp-fuzz 1:1337 Master TFTP fuzzing script as part of the ftools series of fuzzers.
This tool accepts connection on tftp and reloads requested content from an
upstream tftp server. Meanwhile modifications to the content can be done
tftp-proxy 0.1
by pluggable modules. So this one's nice if your mitm with some
embedded devices.
tgcd 1.1.1 TCP/IP Gender Changer Daemon utility.
Complete tool set to attack the inherent protocol weaknesses of IPv6 and
thc-ipv6 3.8
ICMP6
Finds crypto keys, encrypted data and compressed data in files by
thc-keyfinder 1.0
analyzing the entropy of parts of the file.
A brute force program that works against pptp vpn endpoints (tcp port
thc-pptp-bruter 0.1.4
1723).
This tool finds undocumented and secret commands implemented in a
thc-smartbrute 1.0
smartcard.
A tool to verify the performance of SSL. To be used in your authorized
thc-ssl-dos 1.4 and legitimate area ONLY. You need to accept this to make use of it, no
use for bad intentions, you have been warned!
thcrut 1.2.5 Network discovery and OS Fingerprinting tool.
Comprehensive collection of Google Dorks & OSINT techniques to find
thedorkbox 7.43852d3
Confidential Data.
TheFatRat a massive exploiting tool: easy tool to generate backdoor and
thefatrat 813.b0586d0
easy tool to post exploitation attack.
thefuzz 160.b4c2c80 CLI fuzzing tool.
Python tool for gathering e-mail accounts and subdomain names from
theharvester 3231.caf21cb
different public sources (search engines, pgp key servers).
themole 0.3 Automatic SQL injection exploitation tool.
thezoo 156.d4404c8 A project created to make the possibility of malware analysis open and
 available to the public.
threatspec 0.5.0 Project to integrate threat modelling into development process.
thumbcachevie
1.0.3.7 Extract Windows thumbcache database files.
wer
tidos- v2.0.beta2.r22.
Offensive Web Application Penetration Testing Framework.
framework g4098187
A security scanner, that checks computer for known problems. Can also
tiger 3.2.3
use tripwire, aide and chkrootkit.
An easy and simple tool implemented in Python for ip reconnaissance,
tilt 90.2bc2ef2
with reverse ip lookup.
This program generates a *.wav file to "send" an own time signal to
timegen 0.4
DCF77 compatible devices.
timeverter 83.24b715e Bruteforce time-based tokens and to convert several time domains.
tinc 1.0.36 VPN (Virtual Private Network) daemon
tinfoleak 3.6469eb3 Get detailed information about a Twitter user activity.
tinfoleak2 41.c45c33e Get detailed information about a Twitter user activity.
tinyproxy 1.11.1 A light-weight HTTP proxy daemon for POSIX operating systems.
1:6653.742394
tls-attacker A Java-based framework for analyzing TLS libraries.
f9b
tls-
257.4b6e878 Tool and scripts to perform TLS Fingerprinting.
fingerprinting
v2.1.0.r54.g13 CLI & library for mapping TLS cipher algorithm names: IANA,
tls-map
b6ecf OpenSSL, GnUTLS, NSS.
tls-prober 286.72b1029 A tool to fingerprint SSL/TLS servers.
A command line tool to enumerate TLS cipher-suites supported by a
tlsenum 78.787c88b
server.
tlsfuzzer 1427.d0d14c2 SSL and TLS protocol test suite and fuzzer.
A collection of shell scripts that help handling X.509 certificate and TLS
tlshelpers 21.6e422be
issues.
1:v0.6.2.r22.g0
tlspretense SSL/TLS client testing framework
a5faf4
A Linux shell script whose purpose is to evaluate the security of a target
tlssled 1.3
SSL/TLS (HTTPS) web server implementation.
 v1.0.6.r3.g55e
tlsx TLS grabber focused on TLS based data collection.
e7ec
tnscmd 1.3 a lame tool to prod the oracle tnslsnr process (1521/tcp)
OSINT Tool - Search the group and group members' snippets, issues, and
token-hunter 343.3358a33
issue discussions for sensitive data that may be included in these assets.
token-reverser 10.cbb4528 Word list generator to crack security tokens.
tomcatwardeplo
98.4535e64 Apache Tomcat auto WAR deployment & pwning penetration testing tool.
yer
An IPv6 security analysis toolkit, with the particularity that their attacks
topera 19.3e230fd
can't be detected by Snort.
tor 0.4.7.13 Anonymizing overlay network.
Tor Autocircuit was developed to give users a finer control over Tor
circuit creation. The tool exposes the functionality of TorCtl library which
tor-autocircuit 0.2
allows its users to control circuit length, speed, geolocation, and other
parameters.
tor-browser 12.0.4 Tor Browser Bundle: anonymous browsing using Firefox and Tor.
tor-browser-en 11.5.6 Tor Browser Bundle: Anonymous browsing using firefox and tor
A tool that allow you to make TOR your default gateway and send all
tor-router 4.001a510 internet connections under TOR (as transparent proxy) for increase
privacy/anonymity without extra unnecessary code.
torcrawl 81.3241834 Crawl and extract (regular or onion) webpages through TOR network.
torctl 1:0.5.7 Script to redirect all traffic through tor network.
torpy 60.ebf000c Pure python Tor client implementation.
torshammer 1.0 A slow POST Denial of Service testing tool written in Python.
torsocks 2.4.0 Wrapper to safely torify applications
TPCAT is based upon pcapdiff by the EFF. TPCAT will analyze two
packet captures (taken on each side of the firewall as an example) and
tpcat latest
report any packets that were seen on the source capture but did not make it
to the dest.
Automatic Server-Side Template Injection Detection and Exploitation
tplmap 719.616b0e5
Tool.
traceroute 2.1.2 Tracks the route taken by packets over an IP network
People tracker on the Internet: OSINT analysis and research tool by Jose
trape 132.6baae24
Pino.
traxss 81.48dee2e Automated XSS Vulnerability Scanner.
treasure 1:2.b3249be Hunt for sensitive information through githubs code search.
A modular password sprayer with threading, clever proxying, loot
trevorspray 111.70aca7b
modules, and more!
trid 2.24 An utility designed to identify file types from their binary signatures.
trinity 5188.ca07c86b A Linux System call fuzzer.
1:4080.c344d7
triton A Dynamic Binary Analysis (DBA) framework.
82
A Simple and Comprehensive Vulnerability Scanner for Containers,
trivy 0.41.0
Suitable for CI.
An advanced and invisible userland backdoor based on TCP/IP for UNIX
trixd00r 0.0.1
systems.
trizen 1.52 Trizen AUR Package Manager: A lightweight wrapper for AUR.
truecrypt 1:7.1a Free open-source cross-platform disk encryption software
Static analysis tool for Android/iOS apps focusing on security issues
truegaze 117.c3f26bc
outside the source code.
truehunter 14.0a2895d Detect TrueCrypt containers using a fast and memory efficient approach.
Searches through git repositories for high entropy strings, digging deep
trufflehog 213.e9ac138
into commit history.
trusttrees 102.a9b7399 A Tool for DNS Delegation Trust Graphing.
An open-source UNIX backdoor that compiles on all variants, has full pty
tsh 0.6
support, and uses strong crypto for communication.
tsh-sctp 2.850a2da An open-source UNIX backdoor.
Highly flexible and scriptable password dictionary generator based on
ttpassgen 133.a06d99d
Python.
a set of tools which will wrap and tunnel any TCP communication over
tunna 41.cba006d HTTP. It can be used to bypass network restrictions in fully firewalled
environments.
Tunnels HTTP over a permissive/open TURN server; supports HTTP and
turner 29.f57ebb9
SOCKS5 proxy.
tuxcut 1:3.77cd151 Netcut-like program for Linux written in PyQt.
tweets-analyzer 55.8d6bd3c Tweets metadata scraper & activity analyzer.
tweetshell 21.47a415c Multi-thread Twitter BruteForcer in Shell Script.
 An advanced Twitter scraping & OSINT tool written in Python that
1:845.e7c8a0c
twint doesn't use Twitter's API, allowing you to scrape a user's followers,
7
following, Tweets and more while evading most API limitations.
twofi 2.0 Twitter Words of Interest.
typo-
1:14.295f103 Enumerate Typo3 version and extensions.
enumerator
v1.1.2.r3.g330
typo3scan Enumerate Typo3 version and extensions.
d71b
tyton 1:80.56494f3 Kernel-Mode Rootkit Hunter.
A tool designed to automate injecting executables to Sandisk smart usb
u3-pwn 2.0
devices with default U3 software install.
uacme 271.dbbcc71 Defeating Windows User Account Control.
uatester 1.06 User Agent String Tester
CLI tool for the generation of downloader oneliners for UNIX-like or
uberfile 14.4414c2a
Windows systems.
A 2.4 GHz wireless development board suitable for Bluetooth
ubertooth 2020.12.R1
experimentation. Open source hardware and software. Tools only.
ubiquiti-probing 5.c28f4c1 A Ubiquiti device discovery tool.
Tool, which automates some of the tasks you might need on a (wireless)
ubitack 0.3
penetration test or while you are on the go.
udis86 1.7.2 A minimalistic disassembler library
Python script that uses advanced Google search techniques to obtain
udork 102.1a0aab0 sensitive information in files or directories, find IoT devices, detect
versions of web applications.
Network assessment tool for various UDP Services covering both IPv4
udp-hunter 4.b95cce5
and IPv6 protocols.
A Tunnel which Turns UDP Traffic into Encrypted UDP/FakeTCP/ICMP
udp2raw 20230206.0
Traffic by using Raw Socket
An Encrpyted, Anti-Replay, Multiplexed Udp Tunnel, tunnels udp traffic
udp2raw-tunnel 20200818.0
through fake-tcp or icmp by using raw socket.
This program hides UDP traffic as TCP traffic in order to bypass certain
udpastcp 29.683b5e3
firewalls.
udptunnel 2:19 Tunnels TCP over UDP packets.
udsim 33.b379464 A graphical simulator that can emulate different modules in a vehicle and
 respond to UDS request.
uefi-firmware- Parse BIOS/Intel ME/UEFI firmware related structures: Volumes,
181.dfb15b0
parser FileSystems, Files, etc
Allows you to test the security of wireless networks by detecting their
ufo-wardriving 4
passwords based on the router model.
A tool designed to launch DDoS attacks against a target, using 'Open
ufonet 83.e5d4014
Redirect' vectors on third party web applications, like botnet.
uhoh365 26.110277a Script to enumerate Office 365 users without performing login attempts
ultimate-
facebook- 236.5661bdc A bot which scrapes almost everything about a Facebook user's profile.
scraper
umap 25.3ad8121 The USB host security assessment tool.
umit 1.0 A powerful nmap frontend.
uncaptcha2 7.473f33d Defeating the latest version of ReCaptcha with 91% accuracy.
v1.0.2.r2.g4b9
uncover Discover exposed hosts on the internet using multiple search engines.
29e0
unfurl 16.99ad735 Pull out bits of URLs provided on stdin.
A forensic tool to find processes hidden by rootkits, LKMs or by other
unhide 20220611
techniques.
unibrute 1.b3fb4b7 Multithreaded SQL union bruteforcer.
unicorn- A simple tool for using a PowerShell downgrade attack and inject
202.80a37eb
powershell shellcode straight into memory.
unicornscan 0.4.7 A new information gathering and correlation engine.
unifuzzer 5.3385a3b A fuzzing tool for closed-source binaries based on Unicorn and LibFuzzer.
The universal fuzzing tool for browsers, web services, files, programs and
uniofuzz 2:1337
network services/ports
A simple Remote File Include, Local File Include and Remote Command
uniscan 6.3
Execution vulnerability scanner.
unix-privesc- Tries to find misconfigurations that could allow local unprivilged users to
1.4
check escalate privileges to other users or to access local apps (e.g. databases).
unsecure 1.2 Bruteforces network login masks.
unstrip 13.05e00c2 ELF Unstrip Tool.
untwister 119.a42b8f8 Seed recovery tool for PRNGs.
upnp-pentest-
1.1 UPnP Pentest Toolkit for Windows.
toolkit
upnpscan 0.4 Scans the LAN or a given address range for UPnP capable devices.
A script that automates detection of security flaws on websites' file upload
uppwn 9.f69dec4
systems'.
uptux 33.85ccfd0 Linux privilege escalation checks (systemd, dbus, socket fun, etc).
upx 4.0.2 Ultimate executable compressor.
urh 2.9.4 Universal Radio Hacker: investigate wireless protocols like a boss.
Generate and test domain typos and variations to detect and perform typo
urlcrazy 0.5
squatting, URL hijacking, phishing, and corporate espionage.
A python tool to extract URL addresses from different HOT sources
urldigger 02c
and/or detect SPAM and malicious code
urlextractor 19.739864d Information gathering & website reconnaissance.
urlview 0.9 A curses URL parser for text files.
A Linux or OSX tool that uses psutil to monitor devices while your
computer is locked. In the case it detects someone plugging in or
usb-canary 31.bb23552
unplugging devices it can be configured to send you an SMS or alert you
via Slack or Pushover.
usbrip 291.5093c84 USB device artifacts tracker.
username-
54.d5e653f Tools for generating usernames when penetration testing.
anarchy
usernamer 20.12983f8 Pentest Tool to generate usernames/logins based on supplied names.
userrecon 10.3b56891 Find usernames across over 75 social networks.
userrecon-py 1:15.eebd422 Recognition usernames in 187 social networks.
usnjrnl2csv 29.1ecbddc Parser for $UsnJrnl on NTFS.
usnparser 4.1.5 A Python script to parse the NTFS USN journal.
uw-loveimap 0.1 Multi threaded imap bounce scanner.
uw-offish 0.1 Clear-text protocol simulator.
uw-udpscan 0.1 Multi threaded udp scanner.
uw-zone 0.1 Multi threaded, randomized IP zoner.
v3n0m 532.1e2c9dd A tool to automate mass SQLi d0rk scans and Metasploit Vulns.
vais 17.5c35c3a SWF Vulnerability & Information Scanner.
valabind 1.8.0 Tool to parse vala or vapi files to transform them into swig interface files,
 C++, NodeJS-ffi or GIR
valgrind 3.20.0 A tool to help find memory-management problems in programs
valhalla 87.c010a48 Valhalla API Client.
A vulnerability scanner which checks the security of WordPress
vane 1899.48f9ab5
installations using a black box approach.
A comprehensive web penetration testing tool written in Perl that
vanguard 0.1
identifies vulnerabilities in web applications.
Secure, store and tightly control access to tokens, passwords, certificates,
vault 297.593e046 encryption keys for protecting secrets and other sensitive data using a UI,
CLI, or HTTP API.
vault-scanner 299.0303cf4 Swiss army knife for hackers.
Generate call graphs from VBA code, for easier analysis of malicious
vba2graph 29.fcf96ef
documents.
vbrute 1.11dda8b Virtual hosts brute forcer.
vbscan 1:39.2b1ce48 A black box vBulletin vulnerability scanner written in perl.
v1.1.0.r50.g2a
vbsmin VBScript minifier.
a5c92
A plugin-based tool to scan public version control systems for sensitive
vcsmap 47.3889964
information.
vega 1.0 An open source platform to test the security of web applications.
A tool designed to generate metasploit payloads that bypass common anti-
veil 5:297.d8acd4c
virus solutions.
veles 1:637.e65de5a New open source tool for binary data analysis.
venom 135.2b84e68 A Multi-hop Proxy for Penetration Testers.
veracrypt 1.25.9 Disk encryption with strong security based on TrueCrypt
1.19.1.r1.gf82
verinice Tool for managing information security.
b192a6
Open Source Cross Linked and Aggregated Local Vulnerability Database
vfeed 3:81.fad17ae
main repository.
A virtual host scanner that can be used with pivot tools, detect catch-all
vhostscan 338.4a3a1ee
scenarios, aliases and dynamic default pages.
videosnarf 0.63 A new security assessment tool for pcap analysis
vinetto 0.07beta A forensics tool to examine Thumbs.db files
viper 2091.cd532ca A Binary analysis framework.
vipermonkey 1160.511ecd5 A VBA parser and emulation engine to analyze malicious macros.
viproy-voipkit 1:82.52b27db VoIP Pen-Test Kit for Metasploit Framework
Command-line utility to automatically lookup on VirusTotal all files
virustotal 4.9aea023
recursively contained in a directory.
visql 49.3082e30 Scan SQL vulnerability on target site and sites of on server.
A Python library and command line tools to provide interactive log
visualize-logs 118.d2e370e
visualization.
A Python based static analysis and reverse engineering framework, Vdb is
2:1705.d3b3d8
vivisect a Python based research/reversing focused debugger and programatic
69
debugging API by invisigoth of kenshoto
vlan-hopping 21.a37ba4e Easy 802.1Q VLAN Hopping
vlany 255.9ef014a Linux LD_PRELOAD rootkit (x86 and x86_64 architectures).
vmap 0.3 A Vulnerability-Exploit desktop finder.
vnak 1:1.cf0fda7 Aim is to be the one tool a user needs to attack multiple VoIP protocols.
vnc-bypauth 0.0.1 Multi-threaded bypass authentication scanner for VNC servers <= 4.1.1.
vncrack 1.21 What it looks like: crack VNC.
A VoIP security testing toolkit incorporating several VoIP fuzzers and
voiper 0.07
auxilliary tools to assist the auditor.
A security validation tool that tests to see if a PC can mimic the behavior
voiphopper 2.04
of an IP Phone. It rapidly automates a VLAN Hop into the Voice VLAN.
A utility which detects all Voice Over IP calls on a pipeline, and for those
voipong 2.0 which are G711 encoded, dumps actual conversation to seperate wave
files.
volafox 143.5b42987 Mac OS X Memory Analysis Toolkit.
volatility 2.6.1 Advanced memory forensics framework
volatility-extra 92.d9fc072 Volatility plugins developed and maintained by the community.
volatility3 2.4.1 Advanced memory forensics framework
voltron 627.d9fef0b UI for GDB, LLDB and Vivisect's VDB.
vpnpivot 22.37bbde0 Explore the network using this tool.
vsaudit 21.2cbc47b VOIP Security Audit Framework.
vscan 10.da4e47e HTTPS / Vulnerability scanner.
vstt 0.5.3 VSTT is a multi-protocol tunneling tool. It accepts input by TCP stream
 sockets and FIFOs, and can send data via TCP, POP3, and ICMP
tunneling.
vsvbp 6.241a7ab Black box tool for Vulnerability detection in web applications.
vt-cli 0.13.0 VirusTotal Command Line Interface.
vulmap 95.a167c47 Vulmap Online Local Vulnerability Scanners Project
vulnerabilities-
1.426e70f A tool to scan for web vulnerabilities.
spider
vulnx 321.bcf451d Cms and vulnerabilites detector & An intelligent bot auto shell injector.
vuls 1106.e3c27e1 Vulnerability scanner for Linux/FreeBSD, agentless, written in Go.
vulscan 2.0 A module which enhances nmap to a vulnerability scanner
w13scan 430.432b835 Passive Security Scanner.
w3af 1.6.49 Web Application Attack and Audit Framework.
Identify and fingerprint Web Application Firewall (WAF) products
waffit 202.d28dc3d
protecting a website.
wafninja 25.379cd98 A tool which contains two functions to attack Web Application Firewalls.
An easy to use Web Application Finger Printing tool written in ruby using
wafp 0.01_26c3
sqlite3 databases for storing the fingerprints.
Analysing parameters with all payloads' bypass methods, aiming at
wafpass 48.c3ea1b9
benchmarking security solutions like WAF.
Identify and fingerprint Web Application Firewall (WAF) products
wafw00f 840.28ec94a
protecting a website.
waidps 16.ff8d270 Wireless Auditing, Intrusion Detection & Prevention System.
A lightweight and multithreaded directory and subdomain bruteforcer
waldo 29.ee4f960
implemented in Python.
A vulnerability scanner for web applications. It currently search
3.1.6.r1.g90a8
wapiti vulnerabilities like XSS, SQL and XPath injections, file inclusions,
6e8
command execution, LDAP injections, CRLF injections...
wascan 1:37.6926338 Web Application Scanner.
wavemon 0.9.4 Ncurses-based monitoring application for wireless network devices
waybackpack 91.58b3d0f Download the entire Wayback Machine archive for a given URL.
waybackurls 11.89da10c Fetch all the URLs that the Wayback Machine knows about for a domain.
wcc 83.8254480 The Witchcraft Compiler Collection.
wce 1.41beta A security tool to list logon sessions and add, change, list and delete
 associated credentials (ex.: LM/NT hashes, plaintext passwords and
Kerberos tickets).
1.1.0.r0.ga9ae Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for
wcvs
886 web cache poisoning.
A free open-source self-contained training environment for Web
Application Security penetration testing. Tools + Targets = Dojo. Various
web application security testing tools and vulnerable web applications
were added to a clean install of Ubuntu v12.04LTS, which is patched with
Web Security the appropriate updates and VM additions for easy use. The Web Security
3.4.1
Dojo Dojo is for learning and practicing web app security testing techniques. It
is ideal for self-teaching and skill assessment, as well as training classes
and conferences since it does not need a network connection. The Dojo
contains everything needed to get started - tools, targets, and
documentation.
A plugin based scanner for attacking and data mining web sites written in
web-soul 2
Perl.
web2ldap 1.7.6 Full-featured LDAP client running as web application.
webacoo 0.2.3 Web Backdoor Cookie Script-Kit.
Port of Wappalyzer (uncovers technologies used on websites) in go to
webanalyze 108.6a48cd0
automate scanning.
webborer 173.b323cf4 A directory-enumeration tool written in Go.
Tool to enumerate http responses using dynamically generated queries and
webenum 21.24b43b4
more. Useful for penetration tests against web servers.
webexploitation
155.85bcf0e A cross platform web exploitation toolkit.
tool
webfixy 25.5d477b0 On-the-fly decryption proxy for MikroTik RouterOS WebFig sessions.
webhandler 348.1bd971e A handler for PHP system functions & also an alternative 'netcat' handler.
Tool for scanning web applications and networks and easily completing
webhunter 12.918b606
the process of collecting knowledge.
webkiller 42.d680598 Tool Information Gathering Write By Python.
webpwn3r 38.3d75e76 A python based Web Applications Security Scanner.
webrute 3.3 Web server directory brute forcer.
20120422.001 Framework for analysing applications that communicate using the HTTP
webscarab
828 and HTTPS protocols
websearch 4.cb7ef8e Search vhost names given a host range. Powered by Bing..
webshag 1.10 A multi-threaded, multi-platform web server audit tool.
webshells 46.e8e1a37 Web Backdoors.
webslayer 5 A tool designed for brute forcing Web Applications.
websockify 925.a134655 WebSocket to TCP proxy/bridge.
webspa 0.8 A web knocking tool, sending a single HTTP/S to run O/S commands.
An Open Source Project For, Social Engineering Works, Scan, Crawler &
websploit 4.0.4
Analysis Web, Automatic Exploiter, Support Network Attacks
webtech 1.3.1 Identify technologies used on websites.
webxploiter 56.c03fe6b An OWASP Top 10 Security scanner.
weebdns 14.c01c04f DNS Enumeration with Asynchronicity.
weeman 91.53c2efa HTTP Server for phishing in python.
weevely 883.0bae932 Weaponized web shell.
weirdaal 331.c14e36d AWS Attack Library.
wepbuster 1.0_beta_0.7 script for automating aircrack-ng
wesng 283.13851e9 Windows Exploit Suggester - Next Generation.
wfuzz 1155.1b695ee Utility to bruteforce web applications to find their not linked resources.
whapa 361.248b6e8 WhatsApp Parser Tool.
whatbreach 42.dad6b9f OSINT tool to find breached emails and databases.
whatportis 54.59a1718 A command to search port names and numbers.
whatsmyname 2034.7e6ac66 Tool to perform user and username enumeration on various websites.
whatwaf 392.b14e866 Detect and bypass web application firewalls and protection systems.
whatweb 4910.efee4d80 Next generation web scanner that identifies what websites are running.
Tool to detect if a given website is protected by a Content Delivery
whichcdn 22.5fc6ddd
Network.
2.1.5.r38.g1ef4
whispers Identify hardcoded secrets and dangerous behaviours.
41f
whitewidow 605.4f27bfe SQL Vulnerability Scanner.
An automated wireless penetration testing tool written in python, its
wi-feye 1.1 designed to simplify common attacks that can be performed on wifi
networks so that they can be executed quickly and easily.
Script to automate searching and auditing Wi-Fi networks with weak
wifi-autopwner 36.faa4d01
security.
wifi-honey 1.0 A management tool for wifi honeypots.
wifi-monitor 30.0657e48 Prints the IPs on your local network that're sending the most packets.
2:v1.0.9R2.r0.
wifi-pumpkin Framework for Rogue Wi-Fi Access Point Attack.
g47d79c3
A WiFi Pentest Cracking tool for WPA/WPA2 (Handshake, PMKID,
wifibroot 84.d0cd2cc
Cracking, EAPOL, Deauthentication).
wifichannelmon A utility for Windows that captures wifi traffic on the channel you choose,
1.70
itor using Microsoft Network Monitor capture driver.
wificurse 0.3.9 WiFi jamming tool.
wifijammer 96.9add021 A python script to continuosly jam all wifi clients within range.
wifiphisher 1:798.bc4a077 Fast automated phishing attacks against WPA networks.
wifiscanmap 135.9adcd08 Another wifi mapping tool.
wifitap 2b16088 WiFi injection tool through tun/tap device.
A tool to attack multiple WEP and WPA encrypted networks at the same
wifite 2:2.6.8
time.
wig 574.d5ddd91 WebApp Information Gatherer.
wikigen 8.348aa99 A script to generate wordlists out of wikipedia pages.
wildpwn 11.4623714 Unix wildcard attacks.
Script to enumerate users, groups and computers from a Windows domain
windapsearch 28.7724ec4
through LDAP queries.
windivert 2.2.0 A user-mode packet capture-and-divert package for Windows.
windows-
20.7d272da A colleciton of pentesting Windows binaries.
binaries
windows- This tool compares a targets patch levels against the Microsoft
exploit- 41.776bd91 vulnerability database in order to detect potential missing patches on the
suggester target.
windows-
88.bc1fa58 Parse Windows Prefetch files.
prefetch-parser
windows- Standalone Executable to Check for Simple Privilege Escalation Vectors
181.9f304fd
privesc-check on Windows Systems.
windowsspyblo
4.38.0 Block spying and tracking on Windows.
cker
winexe 1.00 Remotely execute commands on Windows NT/2000/XP/2003 systems.
 Uses null sessions to remotely try to retrieve lists of and information about
user accounts, workstation/interdomain/server trust accounts, shares (also
winfo 2.0
hidden), sessions, logged in users, and password/lockout policy, from
Windows NT/2000/XP.
winhex 20.4 Hex Editor and Disk Editor.
winpwn 402.1c71a13 Automation for internal Windows Penetrationtest / AD-Security.
winregfs 153.7567c83 Windows Registry FUSE filesystem.
winrelay 2.0 A TCP/UDP forwarder/redirector that works with both IPv4 and IPv6.
Ability to detect suspicious activity such as (WEP/WPA/WPS) attack by
wireless-ids 24.b132071
sniffing the air for wireless packets.
a free network protocol analyzer for Unix/Linux and Windows - CLI
wireshark-cli 4.0.5
version
a free network protocol analyzer for Unix/Linux and Windows - GTK
wireshark-gtk 2.6.6
frontend
wireshark-qt 4.0.5 Network traffic and protocol analyzer/sniffer - Qt GUI
A powerful and platform independent software to recover the default WPA
wirouter-keyrec 1.1.2 passphrases of the supported router models (Telecom Italia Alice AGPF,
Fastweb Pirelli, Fastweb Tesley, Eircom Netopia, Pirelli TeleTu/Tele 2).
A perl script that consists of a port scanner, LFI scanner, MD5 bruteforcer,
witchxtool 1.1
dork SQL injection scanner, fresh proxy scanner, and a dork LFI scanner.
wlan2eth 1.3 Re-writes 802.11 captures into standard Ethernet frames.
wmat 3:0.1 Automatic tool for testing webmail accounts.
wmd 30.32e249a Python framework for IT security tools.
wmi-forensics 11.0ab08dc Scripts used to find evidence in WMI repositories.
A shell script written with the purpose to automate and chain scans via
wnmap 0.1 nmap. You can run nmap with a custom mode written by user and create
directories for every mode with the xml/nmap files inside.
A suite of tools for the Wake on LAN feature of network attached
wol-e 2.0
computers.
wolpertinger 2.58ef8e2 A distributed portscanner.
wondershaper 48.98792b5 Limit the bandwidth of one or more network adapters.
Python script that performs brute forcing against WordPress installs using
wordbrutepress 30.5165648
a wordlist.
wordlistctl 0.9.3 Fetch, install and search wordlist archives from websites and torrent peers.
wordlister 56.7457c21 A simple wordlist generator and mangler written in python.
wordpot 44.e96889b A Wordpress Honeypot.
wordpress-
A Ruby framework for developing and using modules which aid in the
exploit- 907.e55ded4
penetration testing of WordPress powered websites and systems.
framework
wordpresscan 76.f810c1c WPScan rewritten in Python + some WPSeku ideas.
wpa-bruteforcer 4.d5f8586 Attacking WPA/WPA encrypted access point without client.
wpa2- A POC to show it is possible to capture enough of a handshake with a user
halfhandshake- 29.3f42124 from a fake AP to crack a WPA2 network without knowing the passphrase
crack of the actual AP.
wpbf 7.11b6ac1 Multithreaded WordPress brute forcer.
Tool for amplified bruteforce attacks on wordpress based website via
wpbrute-rpc 3.e7d8145
xmlrcp API.
wpbullet 34.6185112 A static code analysis for WordPress (and PHP).
wpforce 88.b72ec64 Wordpress Attack Suite.
Chrome extension designed for WordPress Vulnerability Scanning and
wpintel 6.741c0c9
information gathering.
wpscan 1:3.8.22 Black box WordPress vulnerability scanner
wpseku 2:39.862fb2c Simple Wordpress Security Scanner.
wpsik 8.8d3856b WPS scan and pwn tool.
A simple ping sweeper, that is, it pings a range of IP addresses and lists
wpsweep 1.0
the ones that reply.
wreckuests 75.69b6c27 Yet another one hard-hitting tool to run DDoS atacks with HTTP-flood.
ws-attacker 1.7 A modular framework for web services penetration testing.
wscript 201.0410be2 Emulator/tracer of the Windows Script Host functionality.
wsfuzzer 1.9.5 A Python tool written to automate SOAP pentesting of web services.
Application for capturing, modifying and sending custom WebSocket data
wssip 75.56d0d2c
from client to server and vice versa.
wsuspect-proxy 24.89f9375 A tool for MITM'ing insecure WSUS connections.
wups 1.4 An UDP port scanner for Windows.
wuzz 229.66176b6 Interactive cli tool for HTTP inspection.
wxhexeditor 722.c22ce20 A free hex editor / disk editor for Linux, Windows and MacOSX.
wyd 0.2 Gets keywords from personal files. IT security/forensic tool.
 Contains a many of attack types in RSA such as Hasted, Common
x-rsa 165.ec75d15
Modulus, Chinese Remainder Theorem.
A general network vulnerabilities scanner for scanning network
x-scan 3.3 vulnerabilities for specific IP address scope or stand-alone computer by
multi-threading method, plug-ins are supportable.
x64dbg 2023.03.04 An open-source x64/x32 debugger for windows.
1:v4.1.0.r2.g6e
x8 Hidden parameters discovery suite.
e4532
xattacker 122.72f9f8e Website Vulnerability Scanner & Auto Exploiter.
A command line tool to automate the exploitation of blind XPath injection
xcat 266.faaf8fe
vulnerabilities.
Man-In-The-Middle and phishing attack tool that steals the victim's
xcavator 5.bd9e2d8
credentials of some web services like Facebook.
xcname 11.9c475a1 A tool for enumerating expired domains in CNAME records.
xerosploit 38.e2c3c7b Efficient and advanced man in the middle framework.
xfltreat 270.17d4ec8 Tunnelling framework.
xmlrpc-
35.6023237 An XMLRPC brute forcer targeting Wordpress written in Python 3.
bruteforcer
Script that implements a XOR bruteforcing of a given file, although a
xorbruteforcer 0.1
specific key can be used too.
Program to search for a given string in an XOR, ROL or ROT encoded
xorsearch 1.11.4
binary file.
xortool 0.99 A tool to analyze multi-byte xor cipher.
xpire-
crossdomain- 1.0cb8d3b Scans crossdomain.xml policies for expired domain names.
scanner
xpl-search 42.d4dbc97 Search exploits in multiple exploit databases!.
xplico 1:1.2.2 Internet Traffic Decoder. Network Forensic Analysis Tool (NFAT).
xprobe2 0.3 An active OS fingerprinting tool.
xray 91.ca50a32 A tool for recon, mapping and OSINT gathering from public networks.
Tool to generate ROP gadgets for ARM, AARCH64, x86, MIPS, PPC,
xrop 83.4af7452
RISCV, SH4 and SPARC.
xspear 1:144.57bb7b4 Powerfull XSS Scanning and Parameter analysis tool&gem.
xspy 1.0c A utility for monitoring keypresses on remote X servers
xsrfprobe 523.ce04111 The Prime Cross Site Request Forgery Audit and Exploitation Toolkit.
xss-freak 17.e361766 An XSS scanner fully written in Python3 from scratch.
xsscon 45.ce91fd6 Simple XSS Scanner tool.
xsscrapy 153.4966255 XSS spider - 66/66 wavsep XSS detected.
xsser 2:1.8 A penetration testing tool for detecting and exploiting XSS vulnerabilites.
xssless 45.8e7ebe1 An automated XSS payload generator written in python.
xsspy 60.b10d336 Web Application XSS Scanner.
xsss 0.40b A brute force cross site scripting scanner.
Command line tool for detection of XSS attacks in URLs. Based on
xssscan 1:17.7f1ea90
ModSecurity rules from OWASP CRS.
xsssniper 79.02b59af An automatic XSS discovery tool
Python script that checks remote web servers for Clickjacking, Cross-
xsstracer 5.f2ed21a
Frame Scripting, Cross-Site Tracing and Host Header Injection.
xsstrike 467.f292787 An advanced XSS detection and exploitation suite.
xssya 1:13.cd62817 A Cross Site Scripting Scanner & Vulnerability Confirmation.
xwaf 162.c6f6bb7 Automatic WAF bypass tool.
Tool for automatic exploitation of XXE vulnerability using direct and
xxeinjector 55.604c39a
different out of band methods.
xxeserv 12.046c559 A mini webserver with FTP support for XXE payloads.
It generates the XML payloads, and automatically starts a server to serve
xxexploiter 103.c1f0f41
the needed DTD's or to do data exfiltration.
xxxpwn 10.27a2d27 A tool Designed for blind optimized XPath 1 injection attacks.
xxxpwn-smart 6.b11b95b A fork of xxxpwn adding further optimizations and tweaks.
yaaf 7.4d6273a Yet Another Admin Finder.
yaf 2.12.2 Yet Another Flowmeter.
Tool aimed at helping malware researchers to identify and classify
yara 4.3.0
malware samples
yasat 848 Yet Another Stupid Audit Tool.
yasca 2.1 Multi-Language Static Analysis Toolset.
A ruby script that scans for vulnerable & exploitable 3rd-party web
yasuo 121.994dcb1
applications on a network.
yate-bts 6.1.0 An open source GSM Base Station software.
yawast 1072.5e9e7a3 The YAWAST Antecedent Web Application Security Toolkit.
yay 12.0.4 Yet another yogurt. Pacman wrapper and AUR helper written in go.
A web crawler that is useful for grabbing all user supplied input related to
ycrawler 0.1
a given website and will save the output. It has proxy and log file support.
A network tool designed to take advantage of some weakness in different
yersinia 0.8.2
network protocols.
A platform meant to organize observables, indicators of compromise,
yeti 2483.753adfbf
TTPs, and knowledge on threats in a single, unified repository.
A MySQL injection penetration tool. It has multiple features, proxy
yinjector 0.1
support, and multiple exploitation methods.
A proof-of-concept tool for generating payloads that exploit unsafe Java
ysoserial 0.0.6
object deserialization.
A new tool set to do NTLM Authentication relaying unlike any other tool
zackattack 5.1f96c14
currently out there.
Integrated penetration testing tool for finding vulnerabilities in web
zaproxy 2.11.1
applications
zarp 0.1.8 A network attack tool centered around the exploitation of local networks.
zdns 249.bfbfae2 Fast CLI DNS Lookup Tool.
14921.2044cf6 Zeek is a powerful network analysis framework that is much different
zeek
61 from the typical IDS you may know.
Handy auxiliary programs related to the use of the Zeek Network Security
zeek-aux 555.444a6fb
Monitor.
zelos 272.506554d A comprehensive binary emulation and instrumentation platform.
Automatic Exploit Generation (AEG) and remote flag capture for
zeratool 46.cb70d53
exploitable CTF problems.
Malware Analysis Tool - research project to dynamically analyze the
zerowine 0.0.2
behavior of malware
zeus 111.97db152 AWS Auditing & Hardening Tool.
zeus-scanner 414.21b8756 Advanced dork searching utility.
zgrab 804.59a517f Grab banners (optionally over TLS).
zgrab2 583.d5532ce Go Application Layer Scanner.
zipdump 0.0.21 ZIP dump utility.
zipexec 19.f8d661f A unique technique to execute binaries from a password protected zip.
zirikatu 7.afe1d9c Fud Payload generator script.
zizzania 124.8f2062f Automated DeAuth attack.
zmap 2.1.1 Fast network scanner designed for Internet-wide network surveys
zssh 1.5c SSH and Telnet client with ZMODEM file transfer capability
v0.2.13.r1.gc8
zsteg Detect stegano-hidden data in PNG and BMP.
d2508
A light weight 802.11 wireless frame generation tool to enable fast and
zulu 0.1
easy debugging and probing of 802.11 networks.
Front end to cryptsetup and tcplay and it allows easy management of
zulucrypt 6.2.0
encrypted block devices.
Demonstrates how default wireless settings are derived on some models of
zykeys 0.1
ZyXEL routers.
zzuf 0.15 Transparent application input fuzzer.