SALT – SLUB ALlocator Tracer for the Linux Kernel
Welcome to salt, a tool to reverse and learn kernel heap memory management. It can be useful to develop an exploit, to debug your own kernel code, and, more importantly, to play with the kernel heap allocations and learn its inner workings. This tool helps tracing allocations and the current state of the SLUB allocator in modern linux kernels. It is written...
Reko : A General Purpose Decompiler
Reko (Swedish: "decent, obliging") is a C# project containing a decompiler for machine code binaries. This project is freely available under the GNU General Public License. The project consists of front ends, core decompiler engine, and back ends to help it achieve its goals. A command-line, a Windows GUI, and a ASP.NET front end exist at the time of writing....
PHP : Security Check List 2019
PHP : Hypertext Preprocessor is a web-based, server-side, multi-use, general-purpose, scripting and programming language that can be embedded in HTML. The PHP development, which was first created by Rasmus Lerdorf in 1995, is now being run by the PHP community. The PHP programming language is still used by a large developer. It is the most known...
Beef : The Browser Exploitation Framework Project
BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF...
SecLists : Security Tester’s Companion For Security Assessments
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. The goal is to enable a security tester to pull this repository onto a new testing...
WAF ByPass : Firewall Bypass Script Based On DNS History Records
Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters. This script will try to find: the direct IP address of a server behind a firewall like Cloudflare, Incapsula, SUCURI ...an old server which still running the same...
Pompem : Tool For Exploits & Vulnerability in Database
Pompem is an open source tool, designed to automate the search for Exploits and Vulnerability in the most important databases. Developed in Python, has a system of advanced search, that help the work of pentesters and ethical hackers. In the current version, it performs searches in PacketStorm security, CXSecurity, ZeroDay, Vulners, National Vulnerability Database, WPScan Vulnerability...
Trommel : Sift Through Embedded Device Files to Identify Potential Vulnerable Indicators
TROMMEL sifts through embedded device files to identify potential vulnerable indicators. It identifies the following indicators related to: Secure Shell (SSH) key filesSecure Socket Layer (SSL) key filesInternet Protocol (IP) addressesUniform Resource Locator (URL)email addressesshell scriptsweb server binariesconfiguration filesdatabase filesspecific binaries files (i.e. Dropbear, BusyBox, etc.)shared object library filesweb application scripting variables, andAndroid application package (APK) file permissions. It has also integrated vFeed which...
DCOMrade : Powershell script for enumerating vulnerable DCOM Applications
DCOMrade is a Powershell script that is able to enumerate the possible vulnerable DCOM applications that might allow for lateral movement, code execution, data exfiltration, etc. The script is build to work with Powershell 2.0 but will work with all versions above as well. The script currently supports the following Windows operating systems (both x86 and x64): Microsoft Windows 7Microsoft...
Top 10 Best Web Hacking Tools
Here is the best web hacking tools that helps you in pen-testing and protecting the websites. Burp Suite: Burp Suite is a graphical tool used for testing Web application security. It helps you identify vulnerabilities and verify attack vectors that are affecting web applications. While browsing the target application, a penetration tester can configure its internet browser to route traffic through the...
.png "SpiderSuite : Advance Web Spider/Crawler")
