Joomscan – OWASP Joomla Vulnerability Scanner Project
OWASP JoomScan is an opensource project in perl programming language to detect Joomla CMS vulnerabilities and analysis them. If you want to do a penetration test on a Joomla CMS, OWASP JoomScan is Your best shot ever! This Project is being faster than ever and updated with the latest Joomla vulnerabilities. Installation git clone https://github.com/rezasp/joomscan.git cd joomscan perl joomscan.p Also Read CuckooDroid – Automated Android...
WSSAT – Web Service Security Assessment Tool
WSSAT is an open source web service security scanning tool which provides a dynamic environment to add, update or delete vulnerabilities by just editing its configuration files. This tool accepts WSDL address list as input file and for each service, it performs both static and dynamic tests against the security vulnerabilities. It also makes information disclosure controls. With this...
XSS-Payload-List : Cross Site Scripting ( XSS ) Vulnerability Payload List
XSS-Payload-List or Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed...
Log-killer : Clear All Your Logs In Linux & Windows Servers
Log-killer clear all your logs in linux and windows servers. Just download the tool and run it on the server. If your server OS is Windows then download the batch file and run it as administrator. But if your server Linux and then you should run the php script. Also Read Unicorn – Downgrade Attack & Inject Shellcode Straight into Memory Log-killer...
CuckooDroid – Automated Android Malware Analysis with Cuckoo Sandbox
CuckooDroid is an extension of Cuckoo Sandbox the Open Source software for automating analysis of suspicious files, CuckooDroid brigs to cuckoo the capabilities of execution and analysis of android application. Contributed By Check Point Software Technologies LTD. Also Read Rootless Jailbreakd – Jailbreakd Offering Some More Functionality To The Jailbreak CuckooDroid Installation - Easy integration script: git config --global user.email "you@example.com" git config --global...
Aircrack-NG : Complete Suite Tools To Assess WiFi Network Security
Aircrack-ng is a complete suite of tools to assess WiFi network security. It focuses on different areas of WiFi security: Monitoring: Packet capture and export of data to text files for further processing by third party tools. Attacking: Replay attacks, DE-authentication, fake access points and others via packet injection. Testing: Checking WiFi cards and driver capabilities (capture and injection). ...
PureBlood – A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter
PureBlood is a tool for penetration testing framework created for Hackers / Pentester / Bug Hunter. Thanks to Cr4sHCoD3 for developing the tool. Also Read Dejavu – Open Source Deception Framework Web Pentest Banner Grab Whois Traceroute DNS Record Reverse DNS Lookup Zone Transfer Lookup Port Scan Admin Panel Scan Subdomain Scan CMS Identify Reverse IP Lookup Subnet Lookup Extract Page...
Cloudmapper – Tool Helps To Analyze Your AWS Environments
CloudMapper helps you analyze your Amazon Web Services (AWS) environments. The original purpose was to generate network diagrams and display them in your browser. It now contains more functionality. Click here for the demo. Also Read Frisky – Tools To Assist Binary App Reversing & Augmentation Installation Requirements: pip and virtualenv You will also need jq and the library pyjq, which require some...
CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities
CVE-Search is a tool to import CVE (Common Vulnerabilities and Exposures) and CPE (Common Platform Enumeration) into a MongoDB to facilitate search and processing of CVEs. The main objective of the software is to avoid doing direct and public lookups into the public CVE databases. Local lookups are usually faster and you can limit your sensitive queries via the Internet. CVE-Search...
Armory – Tool To Take Lot Of External & Discovery Data
Armory is a tool meant to take in a lot of external and discovery data from a lot of tools, add it to a database and correlate all of related information. It isn't meant to replace any specific tool. It is meant to take the output from various tools, and use it to feed other tools. Additionally, it is meant...
