11 projects tagged "penetration testing"

Download No website Updated 22 Feb 2013 HexInject

Screenshot
Pop 39.19
Vit 36.84

HexInject is a hexadecimal and raw packet injector and sniffer. It can be easily combined with other tools to provide a powerful command line framework for raw network access. It will automatically set the correct checksum (IP, TCP, UDP, ICMP).

Download Website Updated 03 Oct 2010 Peludo

Screenshot
Pop 32.16
Vit 1.00

Peludo is a system that provides a toolchain and a runtime to create and launch self-contained, platform independent, injectable, network transportable, non-static applications that can be dynamically extended on-demand. From a security assessment perspective, it could be seen as a tool to create advanced payloads: entire libraries and multithreading programs can be deployed over the network without touching the target file system.

Download No website Updated 27 Jan 2011 Metasploit Express

Screenshot
Pop 34.50
Vit 36.37

Metasploit Express is security software for security professionals in enterprises and government agencies who need to carry out penetration tests against their systems quickly and easily. It adds a graphical user interface to the Metasploit Framework, the de-facto leader in pentesting tools, and automates many of the tasks that otherwise require custom scripting, such as smart brute forcing, evidence collection, and reporting.

Download Website Updated 26 Sep 2011 Armitage

Screenshot
Pop 164.07
Vit 4.72

Armitage is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework. Armitage aims to make Metasploit usable for security practitioners who understand hacking but don't use Metasploit every day. If you want to learn Metasploit and grow into the advanced features, Armitage can help you.

No download No website Updated 27 Jan 2011 NeXpose Community Edition

Screenshot
Pop 20.20
Vit 34.91

The NeXpose Community Edition is a free, single-user vulnerability management solution specifically designed for very small organizations or individual use. It is powered by the same scan engine as the award-winning NeXpose Enterprise and offers many of the same features.

No download Website Updated 08 Feb 2012 creepy

Screenshot
Pop 88.39
Vit 3.78

creepy is an application that allows you to gather geolocation related information about users from social networking platforms and image hosting services. The information is presented in a map inside the application where all the retrieved data is shown, accompanied with relevant information (i.e. what was posted from that specific location) to provide context to the presentation.

Download Website Updated 19 Sep 2011 Inguma

Screenshot
Pop 73.86
Vit 1.84

Inguma is a penetration testing and vulnerability research toolkit. The framework includes modules that discover hosts, gather information, fuzz targets, brute force user names and passwords and attempt exploits. While the current exploitation capabilities are limited, the program provides numerous tools for information gathering and target auditing.

Download Website Updated 01 Jul 2011 NetSecL ToolSet

Screenshot
Pop 40.10
Vit 1.00

NetSecL ToolSet is a sub-project of NetSecL Linux containing all penetration tools as in the live CD of NetSecL Linux. The goal of this sub-project is to have a minimal Linux distribution in VM with a shh webshell (ajaxterm), no GrSecurity or hardening as in the live CD. After starting the appliance you can use it remotely via ssh or via Web browser.

Download Website Updated 23 Dec 2012 Username-Anarchy

Screenshot
Pop 16.88
Vit 22.87

Username-Anarchy is a commandline tool for the generation of usernames based on the users' real names. This is useful for user account/password brute force guessing and username enumeration when usernames are based on the users’ names. By attempting a few weak passwords across a large set of user accounts, user account lockout thresholds can be avoided. Common aliases (or self-chosen usernames) from forums are also included. Features include a plugin architecture, format string-style username formats, and substitutions. When only a first initial and lastname is known (LinkedIn lists users like this), it will attempt all possible first names, common first and last names from various countries (from Familypedia and PublicProfiler), and an exhaustive list of first and lastnames from Facebook. This also includes usernames scraped from forums, ordered by popularity.

No download No website Updated 15 Aug 2013 Bletchley

Screenshot
Pop 63.95
Vit 1.00

Bletchley is a real-world cryptanalysis framework. It was created to assist with the detection, analysis, and exploitation of cryptographic flaws and aims to help automate the tedious aspects of this analysis while leaving the security expert in control of the process. It features automated token encoding detection (36 encoding variants), passive ciphertext block length and repetition analysis, a script generator for efficient automation of HTTP requests, and a flexible, multithreaded padding oracle attack library with CBC-R support.

Screenshot

Project Spotlight

Talend Open Studio for MDM

A tool to get users started with master data.

Screenshot

Project Spotlight

DBeauty

A relational data browser.