RSS 18 projects tagged "hacking"

Download No website Updated 10 Apr 2014 OWASP Zed Attack Proxy

Screenshot
Pop 384.12
Vit 45.36

OWASP Zed Attack Proxy (ZAP) is an easy-to-use integrated penetration testing tool for finding vulnerabilities in Web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen tester's toolbox. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.

No download No website Updated 02 Apr 2013 RubyDNS

Screenshot
Pop 21.68
Vit 1.96

RubyDNS is a high-performance DNS server that can be easily integrated into other projects or used as a stand-alone daemon (via RExec). By default, it uses rule-based pattern matching. Results can be hard-coded, computed, fetched from a remote DNS server, or fetched from a local cache, depending on requirements. In addition, RubyDNS includes a high-performance asynchronous DNS resolver built on top of EventMachine. This module can be used by itself in client applications without using the full RubyDNS server stack.

Download No website Updated 22 Feb 2013 HexInject

Screenshot
Pop 40.06
Vit 36.31

HexInject is a hexadecimal and raw packet injector and sniffer. It can be easily combined with other tools to provide a powerful command line framework for raw network access. It will automatically set the correct checksum (IP, TCP, UDP, ICMP).

No download No website Updated 12 Jan 2013 ARP Neighbor Cache Fingerprinter

Screenshot
Pop 15.07
Vit 21.52

ARP Neighbor Cache Fingerprinter is a tool that provides a mechanism for remote operating system detection by extrapolating characteristics of the target system's underlying neighbor cache and general ARP behavior. Given the non-existence of any standard specification for how the neighbor cache should behave, several differences in network stack implementations can be used for unique identification. The main disadvantage of this tool versus traditional fingerprinting is that because it's based on a Layer 2 protocol instead of a Layer 3 protocol, the target machine that is being tested must reside on the same Ethernet broadcast domain (usually the same physical network).

Download Website Updated 23 Dec 2012 Username-Anarchy

Screenshot
Pop 16.43
Vit 22.00

Username-Anarchy is a commandline tool for the generation of usernames based on the users' real names. This is useful for user account/password brute force guessing and username enumeration when usernames are based on the users’ names. By attempting a few weak passwords across a large set of user accounts, user account lockout thresholds can be avoided. Common aliases (or self-chosen usernames) from forums are also included. Features include a plugin architecture, format string-style username formats, and substitutions. When only a first initial and lastname is known (LinkedIn lists users like this), it will attempt all possible first names, common first and last names from various countries (from Familypedia and PublicProfiler), and an exhaustive list of first and lastnames from Facebook. This also includes usernames scraped from forums, ordered by popularity.

Download Website Updated 28 Jun 2012 sqlmap

Screenshot
Pop 219.18
Vit 4.93

sqlmap is a penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a detection engine, many niche features, and a broad range of switches including database fingerprinting, data fetching from the database, and accessing the underlying file system and executing commands on the operating system via out-of-band connections.

Download No website Updated 05 Mar 2012 StopHack

Screenshot
Pop 40.99
Vit 27.93

StopHack is a simple to use and easy to install intrusion prevention system. It is fully adaptable and easily customized to your environment. It is built on top of proven bandwidth arbitration technology so the traffic passing through it won't be slowed down. Every packet is analyzed with regular expression-based behavior anomaly detection, and hackers are blocked immediately. It prevents reflected cross-site scripting, SQL injection, directory traversal, reflected URL redirects, login brute forcing, remote shell execution, and more.

Download Website Updated 08 Oct 2011 Ani-Shell

Screenshot
Pop 38.21
Vit 1.00

Ani-Shell is a simple PHP shell with some unique features like Mass Mailer, a simple Web server Fuzzer, DDoser, Back Connect, Bind Shell, etc. It has been written with some coding standards in mind for better editing and customization.

Download Website Updated 26 Sep 2011 Armitage

Screenshot
Pop 166.93
Vit 4.74

Armitage is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework. Armitage aims to make Metasploit usable for security practitioners who understand hacking but don't use Metasploit every day. If you want to learn Metasploit and grow into the advanced features, Armitage can help you.

Download Website Updated 05 Apr 2011 WhatWeb

Screenshot
Pop 111.09
Vit 3.07

WhatWeb identifies Websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognizes Web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, Web servers, and embedded devices. WhatWeb has over 900 plugins, each to recognize something different. It also identifies version numbers, email addresses, account IDs, Web framework modules, SQL errors, and more. It can be stealthy and fast, or thorough but slow. It supports an aggression level to control the trade off between speed and reliability.

Screenshot

Project Spotlight

g7ctrl

A daemon for the GM7 GPS Tracker.

Screenshot

Project Spotlight

Mozilla Firefox

A Mozilla-based browser.