Sitadel – Web Application Security Scanner
Sitadel is basically an update for WAScan making it compatible for python >= 3.4 It allows more flexibility for you to write new modules and implement new features : Frontend framework detectionContent Delivery Network detectionDefine Risk Level to allow for scansPlugin systemDocker image available to build and run Also Read : WPintel – Chrome Extension Designed For WordPress Vulnerability Scanning & Information...
DNSpy – .NET Debugger And Assembly Editor
DNSpy is a debugger and .NET assembly editor. You can use it to edit and debug assemblies even if you don't have any source code available. Want to say thanks? Click the star at the top of the page. Or fork dnSpy and send a PR! The following pictures show dnSpy in action. It shows dnSpy editing and debugging a...
Recaf – A Modern Java Bytecode Editor
Recaf is an easy to use modern Java bytecode editor based on Objectweb's ASM. No more hassling with the constant pool or stack-frames required. Check out the docs for more information. Recaf Requirements You can run Recaf with Java 8 or higher (Its reccomended that you use the lastest jdk8 release from jdk.java.net). Using Java 9 and higher requires an additional...
Conpot – ICS/SCADA Honeypot
Conpot is an ICS honeypot with the goal to collect intelligence about the motives and methods of adversaries targeting industrial control systems. Also Read:BruteX – Automatically Brute Force All Services Running On A Target Conpot Installation Ubuntu You need to add multiverse to the source, like; $ sudo vim /etc/apt/sources.list Add the following line: deb http://dk.archive.ubuntu.com/ubuntu precise main multiverse Install dependencies: sudo apt-get install libmysqlclient-dev libsmi2ldbl snmp-mibs-downloader...
Htcap-Web Application Scanner Able To Crawl Single Page Application
Htcap is a web application scanner able to crawl single page application (SPA) in a recursive manner by intercepting ajax calls and DOM changes. Htcap is not just another vulnerability scanner since it's focused on the crawling process and it's aimed to detect and intercept ajax/fetch calls, websockets, jsonp ecc. It uses its own fuzzers plus a set of external...
Burp Suite Extension – Turbo Intruder To Perform Security Testing on Web Applications
Turbo Intruder is a Burp Suite extension which is an integrated platform for performing security testing of web applications. It sends many HTTP requests and then analyzes the output results. It is emphasized as a Burp Intruder because of the phenominal quality of high speed, duration, and complexity. The following features set it apart: Fast - Turbo Intruder uses HTTP...
WPintel – Chrome Extension Designed For WordPress Vulnerability Scanning & Information Gathering
WPintel is a chrome extension designed for WordPress Vulnerability Scanning and information gathering. It allows you to scan self hosted WordPress sites and with this you can detect the following: Also Read:SQLiScanner – Automatic SQL Injection With Charles & SQLmap API • Version• Version vulnerabilities• Plugins• Themes• Usersand much more! Click here to download the extension. DISCLAIMER Usage of this extension without prior mutual...
Remot3d – A Simple Tool Created For Large Pentesters
Remot 3d is a simple tool created for large pentesters as well as just for the pleasure of defacers to exploit a system or server that runs a PHP program language. It's easy to create a backdoor in an instant, the backdoor can be used in a remote process via a Linux terminal on the server that runs the PHP...
Tyton : Kernel-Mode Rootkit Hunter
Tyton Linux Kernel-Mode Rootkit Hunter for 4.4.0-31+. Detected Attacks Hidden Modules Syscall Table Hooking Network Protocol Hooking Netfilter Hooking Zeroed Process Inodes Process Fops Hooking Interrupt Descriptor Table Hooking Also Read:Hatch – Brute Force Tool That Is Used To Brute Force Most Websites Additional Features Notifications: Users (including myself) do not actively monitor their journald logs, so a userland notification daemon has been included...
BruteX – Automatically Brute Force All Services Running On A Target
BruteX is a tool to automatically brute force all services running on a target. As you all know a brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correct one is found It include the services such...
