ToolWar | Information Security (InfoSec) Tools

Time 2021-11-04 10:06:15

Web Name: ToolWar | Information Security (InfoSec) Tools

WebSite: http://www.toolwar.com

ID:221472

Keywords:

Information,ToolWar,Security,Tools,InfoSec,

Description:

keywords:
description:
MenuArchiveAboutContactAuthorsSubmit Tooltwitterfacebookgooglelinkedinpinterest

Latest PostPatrowlHears (Vulnerability Intelligence Center) :: Tools<p style="text-align: center;"></p><p style="text-align: justify;"><span style="font-size: medium;"><span style="font-family: arial;"><span>PatrowlHears provides a unified source of vulnerability, exploit and threat Intelligence feeds. Users accesses a comprehensive and continuously updated vulnerability database scored and enriched with exploit and threat news information. These metadata are collected from public OSINT and private feeds. As today, its one of the most extended database.</span></span></span></p><code></code><p style="text-align: justify;"><span style="font-size: medium;">Tutorial: Click Here</span></p><p style="text-align: justify;"><span style="font-size: medium;"></span></p><span style="font-size: medium;"></span><p></p><p style="text-align: justify;"><span style="font-size: medium;">Download: </span></p><p style="text-align: justify;"><span style="font-size: medium;">Linux: </span></p><pre><code>git clone https://github.com/Patrowl/PatrowlHearscd PatrowlHears./install.sh</code></pre><pre><code><span style="font-size: small;"><code><span style="font-family: arial;">For Detailed Installation Guide: Click Here</span></code></span></code></pre><p style="text-align: justify;"><span style="font-size: medium;">Submitted By: makyotox</span><br /></p>PatrowlHears (Vulnerability Intelligence Center) :: Tools

PatrowlHears provides a unified source of vulnerability, exploit and threat Intelligence feeds. Users accesses a comprehensive and conti...

Read more Posted byKapil SoniNocommentsLabels:Analysis,CLI,Detect,Exploitation,Free,Information Gathering,Linux,Open Source,OSINT,Paid,VulnerabilityatThursday, February 11, 2021WebReaver (Advanced Web Security Scanner) :: Framework<p style="text-align: center;"> </p><p>WebReaver is an elegant, easy to use and fully-automated, web application security security testing tool for Mac, Windows and Linux, suitable for novice as well as advanced users.</p><p>WebReaver allows you easily test any web application for a large variety of web vulnerabilities from the sever kinds such as SQL Injection, Local and Remote File Includes, Command Injection, Cross-site Scripting and Expression Injection to the less severe ones such as variety of session and headers problems, information leakage and many more.</p><p>Tutorial:</p><p></p><br /><br /><p></p><p>Download :</p><p>Windows | macOS | Linux<br /></p><p>Official Website <br /></p>WebReaver (Advanced Web Security Scanner) :: Framework

WebReaver is an elegant, easy to use and fully-automated, web application security security testing tool for Mac, Windows and Linux, sui...

Read more Posted byAnjali SoniNocommentsLabels:Analysis,Frameworks,Linux,Mac,Paid,Penetration,Scanner,Security,Vulnerability,Web,WindowsatFriday, January 29, 2021Creepy (A Geolocation OSINT Tool) :: Tools<p style="text-align: center;"></p><p style="text-align: justify;">Creepy is an open-source Geolocation intelligence tool. It collects information about Geolocation by using various social networking platforms and image hosting services that are already published somewhere else. Creepy presents the reports on the map, using a search filter based on the exact location and date. These reports are available in CSV or KML format to export for additional analysis.</p>Quick Start InstructionsDownload creepy ( source code or the installers provided here for your platform )Configure the plugins. Edit - Plugins Configuration - Select plugin and run the wizards, following the instructionsCreate a new project : Creepy - New Project - Person Based Project . Search for the target selecting the available plugins.Right click on the project - Analyze Current ProjectWait :)The locations will be drawn on the map, once the analysis is complete.Filter locations, export locations, view them on the map.Installation: Installation GuideDownload Here:Creepy v1.4.1 Windows x64Creepy v1.4.1 Windows x32Creepy v1.4.1 OSX<br />Creepy (A Geolocation OSINT Tool) :: Tools

Creepy is an open-source Geolocation intelligence tool. It collects information about Geolocation by using various social networking ...

Read more Posted byKapil SoniNocommentsLabels:Free,geo,GUI,Information Gathering,Open Source,OSINT,Tools,WindowsatFriday, January 29, 2021SubBrute (Subdomain Bruteforcer) :: Tools<p style="text-align: center;"></p><p style="text-align: justify;">SubBrute is a community driven project with the goal of creating the fastest, and most accurate subdomain enumeration tool. Some of the magic behind SubBrute is that it uses open resolvers as a kind of proxy to circumvent DNS rate-limiting. This design also provides a layer of anonymity, as SubBrute does not send traffic directly to the target's name servers.</p><p><span style="font-size: medium;">I<span>nstallation Use:</span></span></p><p>No install required for Windows, just cd into the 'windows' folder:</p>subbrute.exe google.com<p>Easy to install:You just need and python2.7 or python3. This tool should work under any operating system: bsd, osx, windows, linux...</p><p>(On a side note giving a makefile root always bothers me, it would be a great way to install a backdoor...)</p><p>Under Ubuntu/Debian all you need is:</p>sudo apt-get install python-dnspython<p>On other operating systems you may have to install dnspython manually:</p><p>Easy to use:</p>./subbrute.py google.com<p>Tests multiple domains:</p>./subbrute.py google.com gmail.com blogger.com<p>or a newline delimited list of domains:</p>./subbrute.py -t list.txt<p>Also keep in mind that subdomains can have subdomains (example: _xmpp-server._tcp.gmail.com):</p><p>./subbrute.py gmail.com gmail.out</p><p>./subbrute.py -t gmail.out</p><p style="text-align: justify;"><span style="font-size: small;">Download: Subbrute v1.2.1<br /></span></p>SubBrute (Subdomain Bruteforcer) :: Tools

SubBrute is a community driven project with the goal of creating the fastest, and most accurate subdomain enumeration tool. Some of th...

Read more Posted byAnjali SoniNocommentsLabels:Bruteforce,CLI,Enumeration,Free,Information Gathering,Linux,Network,Open Source,Penetration,Subdomain,Tools,Web,WindowsatThursday, January 28, 2021WebSlayer (Brute Forcing Web Applications) :: ToolsWebSlayer is a tool designed for brute forcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts,files, etc), brute force GET and POST parameters, bruteforce Forms parameters (User/Password), Fuzzing, etc. The tools has a payload generator and an easy and powerful results analyzer. You can perform attacks like: Predictable resource locator, recursion supported (Discovery) Login forms brute force Session brute force Parameter brute force Parameter fuzzing and injection (XSS, SQL) Basic and Ntml authentication brute forcing<br />Download Here ::WebSlayer Beta<br /><br />Official Website :: http://www.edge-security.com/webslayer.php WebSlayer (Brute Forcing Web Applications) :: Tools

WebSlayer is a tool designed for brute forcing Web Applications, it can be used for finding resources not linked (directories, servl...

Read more Posted byKapil SoniNocommentsLabels:Bruteforce,Cracking,Enumeration,Free,Fuzzing,GUI,Password,Penetration,Python,Web,WindowsatMonday, August 05, 2019OWASP Amass - Subdomain Enumeration/Scanner : Tool<br />The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and perform external asset discovery using open source information gathering and active reconnaissance techniques.<br /> Information Gathering Techniques Used:<br /><br />1] DNS: Basic enumeration, Brute forcing (upon request), Reverse DNS sweeping, Subdomain name alterations/permutations, Zone transfers (upon request)<br />2] Scraping: Ask, Baidu, Bing, CommonCrawl, DNSDumpster, DNSTable, Dogpile, Exalead, FindSubdomains, Google, HackerOne, IPv4Info, Netcraft, PTRArchive, Riddler, SiteDossier, ViewDNS, Yahoo<br />3] Certificates: Active pulls (upon request), Censys, CertDB, CertSpotter, Crtsh, Entrust<br />4] APIs: AlienVault, BinaryEdge, BufferOver, CIRCL, DNSDB, HackerTarget, Mnemonic, NetworksDB, PassiveTotal, RADb, Robtex, SecurityTrails, ShadowServer, Shodan, Sublist3rAPI, TeamCymru, ThreatCrowd, Twitter, Umbrella, URLScan, VirusTotal<br />5] Web Archives: ArchiveIt, ArchiveToday, Arquivo, LoCArchive, OpenUKArchive, UKGovArchive, Wayback<br />Video Tutorial:Documentation:1] Installation Guide2] User's Manual/How to UseDownload:Amass is available for various platforms like Linux, Windows, MacOS etc.1] Download Link2] Precompiled Binary (Windows, MacOS, Linux)<br />Official Page: OWASP AmassOWASP Amass - Subdomain Enumeration/Scanner : Tool

The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and p...

Read more Posted byKapil SoniNocommentsLabels:Bruteforce,Enumeration,Fuzzing,Information Gathering,Linux,Mac,recon,Subdomain,Tools,Top 100,Vulnerability,Web,WindowsatMonday, July 01, 2019FireEye Commando VM : DistributionCommandoVM - a fully customized, Windows-based security distribution for penetration testing and red teaming. Penetration testers commonly use their own variants of Windows machines when assessing Active Directory environments. Commando VM was designed specifically to be the go-to platform for performing these internal penetration tests. The benefits of using a Windows machine include native support for Windows and Active Directory, using your VM as a staging area for C2 frameworks, browsing shares more easily (and interactively), and using tools such as PowerViewand BloodHound without having to worry about placing output files on client assets.Commando VM uses Boxstarter, Chocolatey, and MyGetpackages to install all of the software, and delivers many tools and utilities to support penetration testing. This list includes more than 140 tools, including:NmapWiresharkCovenantPythonGoRemote Server Administration ToolsSysinternalsMimikatzBurp-Suitex64dbgHashcatWith such versatility, Commando VM aims to be the de facto Windows machine for every penetration tester and red teamer. For the blue teamers reading this, dont worry, weve got full blue team support as well! The versatile tool sets included in Commando VM provide blue teams with the tools necessary to audit their networks and improve their detection capabilities. With a library of offensive tools, it makes it easy for blue teams to keep up with offensive tooling and attack trends.<br />RequirementsWindows 7 Service Pack 1 or Windows 1060 GB Hard Drive2 GB RAMInstallation Instruction:Create and configure a new Windows Virtual MachineEnsure VM is updated completely. You may have to check for updates, reboot, and check again until no more remainTake a snapshot of your machine!Download and copy <code>install.ps1</code> on your newly configured machine.Open PowerShell as an AdministratorEnable script execution by running the following command:<code>Set-ExecutionPolicy Unrestricted</code>Finally, execute the installer script as follows:<code>.\install.ps1</code>You can also pass your password as an argument: <code>.\install.ps1 -password password</code>Detailed Installation Instruction: Click Here Download: Commando VMOfficial Website: FireEye<br /><br />FireEye Commando VM : Distribution

CommandoVM - a fully customized, Windows-based security distribution for penetration testing and red teaming. Penetration testers comm...

Read more Posted byKapil Soni1commentsLabels:Analysis,Assembler/Disassembler,Attack,Auditor,Bruteforce,Distribution,Fuzzing,GUI,Standalone,Testing,Top 100,Vulnerability,Web,WindowsatSunday, March 31, 2019Sublist3r - Subdomain Enumeration / Scanner : ToolsSublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Sublist3r enumerates subdomains using many search engines such as Google, Yahoo, Bing, Baidu, and Ask. Sublist3r also enumerates subdomains using Netcraft, Virustotal, ThreatCrowd, DNSdumpster, and ReverseDNS.<br /><span style="font-size: large;">Installation:</span><blockquote class="tr_bq"><pre><code>git clone https://github.com/aboul3la/Sublist3r.git</code></pre></blockquote><span style="font-size: small;">Dependencies:</span><br /><blockquote class="tr_bq"><pre><code>sudo pip install -r requirements.txt</code></pre></blockquote><span style="font-size: small;">How To Use:</span> <br /><blockquote class="tr_bq"><span style="font-size: large;"></span><code>python sublist3r.py -v -d example.com</code></blockquote>where -V : Verbose, -d : Domain<br /><br />Download:: Linux Windows : Sublis3r (Official Page) Sublist3r - Subdomain Enumeration / Scanner : Tools

Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collec...

Read more Posted byKapil SoniNocommentsLabels:Analysis,Bruteforce,CLI,DNS,Dump,Enumeration,Free,Fuzzing,GUI,Hacking Tools,Information Gathering,Investigation,Open Source,Python,Scanner,Subdomain,WebatSaturday, February 23, 2019Raptor (Web Application Firewall) :: ToolsRaptor is an Open Source Tool, your focus is study of attacks and find intelligent ways to block attacks. Raptor is made in pure C, dont use regex or other common ways to block attacks, use deterministic finite automaton, yes is diferent and fast like a raptor dinosaur, Raptor follow principle KISS (Keep It Simple), you can use Raptor to simulate attacks and learning new ways to bypasses.<br />WAF stands for Web Application Firewall. It is widely used nowadays to detect and defend SQL Injections and XSS... You can block XSS, SQL injection attacks and path traversal with Raptor You can use blacklist of IPs to block some users at config/blacklist ip.txt You can use IPv6 and IPv4 at communications At the future DoS protector, request limit, rule interpreter and Malware detector at uploads. At the future SSL/TLS...Installation:<br />to run:<br />$ git clone https://github.com/CoolerVoid/raptor_waf<br />$ cd raptor_waf; make; bin/raptor<br /><br />Usage:<br />Up some HTTPd server at port 80<br />$ bin/Raptor -h localhost -p 80 -r 8883 -w 4 -o loglog.txt<br /> <br />Documentation: Click Here <br />Download:Linux: Raptor <br />Raptor (Web Application Firewall) :: Tools

Raptor is an Open Source Tool, your focus is study of attacks and find intelligent ways to block attacks. Raptor is made in pure C, don...

Read more Posted byKapil Soni1commentsLabels:CLI,Firewalls,Free,Open Source,Security,Testing,Tools,Vulnerability,WebatMonday, August 22, 2016Katana (Penetration Testing) :: FrameworkKatana is a framework written in python for making penetration testing, based on a simple and comprehensive structure for anyone to use, modify and share, the goal is to unify tools serve for professional when making a penetration test or simply as a routine tool, The current version is not completely stable, is recommended update ever that you use it.Installation::Installation of Katana framework: is necesary install all dependencies for a good performance. <br /><blockquote class="tr_bq"><pre><i>git clone https://github.com/PowerScript/KatanaFramework.gitcd KatanaFrameworksudo sh dependenciessudo python install</i></pre><br /></blockquote>How to Use:: Click Here <br /><br />Video Tutorial:<br />Download:Linux: Katana Framework<br /><br />Submitted By: RedToorKatana (Penetration Testing) :: Framework

Katana is a framework written in python for making penetration testing, based on a simple and comprehensive structure for anyone to us...

Read more Posted byKapil Soni1commentsLabels:Analysis,Android,CLI,Forensics,Frameworks,Free,Hacking Tools,Open Source,Penetration,PythonatMonday, August 22, 2016Echo Mirage 3.1 :: ToolsEcho Mirage is a generic network proxy. It uses DLL injection and function hooking techniques to redirect network related function calls so that data transmitted and received by local applications can be observed and modified.<br /><br />Windows encryption and OpenSSL functions are also hooked so that plain text of data being sent and received over an encrypted session is also available.<br /><br />Traffic can be intercepted in real-time, or manipulated with regular expressions and action scripts.<br />Note: Echo Mirage is no longer available from author. Here is the archived copy of it. <br />License: Freeware Download:: Echo Mirage 3.1 (.exe)<br />Echo Mirage 3.1 :: Tools

Echo Mirage is a generic network proxy. It uses DLL injection and function hooking techniques to redirect network related function call...

Read more Posted byKapil SoniNocommentsLabels:Analysis,Assembler/Disassembler,Auditor,Debugger,Detect,Encryption,Forensics,Free,GUI,Hacking Tools,Investigation,Monitoring,Network,Penetration,System,Testing,Tools,WindowsatThursday, April 21, 2016Mobile Security Framework (MobSF) : FrameworkMobile Security Framework (MobSF) is an intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static and dynamic analysis. It can be used for effective and fast security analysis of Android and iOS Applications and supports both binaries (APK IPA) and zipped source code. MobSF can also perform Web API Security testing with it's API Fuzzer that can do Information Gathering, analyze Security Headers, identify Mobile API specific vulnerabilities like XXE, SSRF, Path Traversal, IDOR, and other logical issues related to Session and API Rate Limiting.<br />Tutorial: https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/wiki/1.-DocumentationVideo Tutorial:Download: Windows: Extract the MobSF compressed file to C:\MobSF<br />Mac: Extract MobSF compressed file to /Users/[username]/MobSF<br />Linux: Extract MobSF compressed file to /home/[username]/MobSF<br /><br /><br />Mobile Security Framework (MobSF) : Framework

Mobile Security Framework (MobSF) is an intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing fram...

Read more Posted byKapil SoniNocommentsLabels:Analysis,Attack,Detect,Frameworks,Free,GUI,Information Gathering,Phone,Scanner,Security,Testing,Tools,Top 100,Unix,Vulnerability,WindowsatMonday, March 21, 2016File Checksum Integrity Verifier (FCIV) :: ToolsThe File Checksum Integrity Verifier (FCIV) is a command-prompt utility that computes and verifies cryptographic hash values of files. FCIV can compute MD5 or SHA-1 cryptographic hash values. These values can be displayed on the screen or saved in an XML file database for later use and verification.FCIV (File Checksum Integrity Verifier) is a small tool or utility from Microsoft that allow us to compute (MD5 and SHA1) and verify Integrity of files. If you are a malware analyst or a researcher or a user who want secure things then you can done a fabulous things with this small utility.FeaturesThe FCIV utility has the following features: Supports MD5 or SHA1 hash algorithms (The default is MD5.) Can output hash values to the console or store the hash value and file name in an XML fileCan recursively generate hash values for all files in a directory and in all subdirectories (for example, <span class="text-base">fciv.exe c:\ -r</span>)Supplies an exception list to specify files or directories to hashCan store hash values for a file with or without the full path of the fileExample usageTo display the MD5 hash of a file, type the following command at a command prompt: <span class="sbody-userinput">fciv.exe <var class="sbody-var">filename</var></span><span class="text-base">Note </span><var class="sbody-var"> filename</var> is the name of the file.To compute a hash of a file, type a command line that is similar to any one of the following command lines: <span class="sbody-userinput">fciv.exe c:\mydir\<var class="sbody-var"><var class="sbody-var">myfile.dll</var></var></span><br /><br /><span class="sbody-userinput">fciv.exe c:\ -r -exc exceptions.txt -sha1 -xml dbsha.xml</span><br /><br /><span class="sbody-userinput">fciv.exe c:\<var class="sbody-var">mydir</var> -type *.exe</span><br /><br /><span class="sbody-userinput">fciv.exe c:\<var class="sbody-var">mydir</var> -wp -both -xml db.xml</span>To list the hashes that are stored in a database, type a command line that is similar to the following command line: <span class="sbody-userinput">fciv.exe -list -sha1 -xml db.xml</span>To verify a hash in a file, type a command line that is similar to any one of the following command lines: <span class="sbody-userinput">fciv.exe -v -sha1 -xml db.xml</span><br /><br /><span class="sbody-userinput">fciv.exe -v -bp c:\<var class="sbody-var">mydir</var> -sha1 -xml db.xml</span>Video Tutorial::<br /><br /><br />Download ::Windows: Microsoft FCIV File Checksum Integrity Verifier (FCIV) :: Tools

The File Checksum Integrity Verifier (FCIV) is a command-prompt utility that computes and verifies cryptographic hash values of files. FCI...

Read more Posted byKapil SoniNocommentsLabels:Analysis,CLI,Hash,Malware,Monitoring,System,Testing,Tools,WindowsatFriday, October 23, 2015 SpiderFoot (Open Source Footprinting) :: ToolsSpiderFoot is a free, open-source footprinting tool, enabling you to perform various scans against a given domain name in order to <i>obtain information</i> such as <i>sub-domains, e-mail addresses, owned netblocks, web server versions</i> and so on. The main objective of SpiderFoot is to automate the footprinting process to the greatest extent possible, freeing up a penetration testers time to focus their efforts on the security testing itself. <br /><br />Features ::SpiderFoot's simple web-based interface enables you to kick off a scan immediately after install - just give your scan a name, the domain name of your target and select which modules to enable. You will quickly obtain information such as: URLs handling passwords, network ranges (netblocks), web servers, open ports, information about SSL certificates, and much more.All SpiderFoot scan results are stored within an internal SQLite database, meaning that during a running scan and after a scan has completed, you can easily browse results, export to CSV and soon also be able to search scan results.SpiderFoot is designed from the ground-up to be modular. This means you can easily add your own modules that consume data from other modules to perform whatever task you desire. As a simple example, you could create a module that automatically attempts to brute-force usernames and passwords any time a password-handling webpage is identified by the spidering module.Tutorials ::Installing :: Click Here <br />Release Notes :: Click Here <br /><br />Download ::Windows :: SpiderFoot v2.1.0x86 (.zip)<br />Linux/Solaris/BSD :: SpiderFoot v2.10 (.tar.gz)<br />Official Website :: http://www.spiderfoot.net/SpiderFoot (Open Source Footprinting) :: Tools

SpiderFoot is a free, open-source footprinting tool , enabling you to perform various scans against a given domain name in order to obta...

Read more Posted byKapil SoniNocommentsLabels:Bruteforce,CLI,Free,GUI,Hacking Tools,Information Gathering,Linux,Penetration,Tools,Web,WindowsatMonday, April 13, 2015Suricata (IDS/IPS Engine) :: ToolsThe Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field.<br /><br />OISF is part of and funded by the Department of Homeland Security's Directorate for Science and Technology HOST program (Homeland Open Security Technology), by the the Navy's Space and Naval Warfare Systems Command (SPAWAR), as well as through the very generous support of the members of the OISF Consortium. More information about the Consortium is available, as well as a list of our current Consortium Members.<br /><br />The Suricata Engine and the HTP Library are available to use under the GPLv2.<br /><br />The HTP Library is an HTTP normalizer and parser written by Ivan Ristic of Mod Security fame for the OISF. This integrates and provides very advanced processing of HTTP streams for Suricata. The HTP library is required by the engine, but may also be used independently in a range of applications and tools.Tutorial ::<br />Download ::Unix, Linux Mac :: Suricata v1.4.7 (.tar.gz)Windows :: Suricata v1.4.7.1 (.msi)Official Website :: http://www.openinfosecfoundation.org/index.php/download-suricataSuricata (IDS/IPS Engine) :: Tools

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just re...

Read more Posted byKapil SoniNocommentsLabels:CLI,Detect,Free,IDS,IPS,Linux,Mac,Monitoring,Network,Security,Tools,Top 100,WindowsatMonday, April 06, 2015EtherApe (Graphical Network Monitor) :: ToolsEtherApe is a graphical network monitor for Unix modeled after <i>etherman</i>. Featuring link layer, IP and TCP modes, it displays network activity graphically. Hosts and links change in size with traffic. Color coded protocols display.<br />It supports Ethernet, FDDI, Token Ring, ISDN, PPP, SLIP and WLAN devices, plus several encapsulation formats. It can filter traffic to be shown, and can read packets from a file as well as live from the network. Node statistics can be exported.As of version 0.9.13, EtherApe as these features, in no particular order: <br /><span style="background-color: white;">Network traffic is displayed graphically. The more"talkative" a node is, the bigger its representation. </span><span style="background-color: white;">Node and link color shows the most used protocol. </span><span style="background-color: white;">User may select what level of the protocol stack toconcentrate on. </span><span style="background-color: white;">You may either look at traffic within your network,end to end IP, or even port to port TCP. </span><span style="background-color: white;">Data can be captured "off the wire" from a livenetwork connection, or read from a tcpdump capture file. </span><span style="background-color: white;">Live data can be read from ethernet, FDDI, PPP, SLIP and WLAN interfaces, plus several other incapsulated formats (e.g. Linux cooked, PPI).</span><span style="background-color: white;">The following frame and packet types are currentlysupported: ETH_II, 802.2, 803.3, IP, IPv6, ARP, X25L3, REVARP, ATALK,AARP, IPX, VINES, TRAIN, LOOP, VLAN, ICMP, IGMP, GGP, IPIP, TCP, EGP,PUP, UDP, IDP, TP, ROUTING, RSVP, GRE, ESP, AH, EON,VINES, EIGRP, OSPF, ENCAP, PIM, IPCOMP, VRRP; and most TCP and UDPservices, like TELNET, FTP, HTTP, POP3, NNTP, NETBIOS, IRC, DOMAIN,SNMP, etc. </span><span style="background-color: white;">Data display can be refined using a network filter using pcap syntax.</span><span style="background-color: white;">Display averaging and node persistence times arefully configurable. </span><span style="background-color: white;">Name resolution is done using standard libcfunctions, thus supporting DNS, hosts file, etc. </span><span style="background-color: white;">Clicking on a node/link opens adetaildialog showingprotocol breakdown and other trafficstatistics. </span><span style="background-color: white;">Protocol summary dialog shows global trafficstatistics by protocol.</span><span style="background-color: white;">Node summary dialog shows trafficstatistics by node.</span><span style="background-color: white;">Node statistics export to XML file.</span><span style="background-color: white;">A single node can be centered on the display.</span><span style="background-color: white;">Scrollkeeper/rarian-compatible manual integrated with yelp.</span>Tutorial ::<br />Download ::Linux :: Etherape v0.9.11 (.tar.gz)Official Website :: http://etherape.sourceforge.net/EtherApe (Graphical Network Monitor) :: Tools

EtherApe is a graphical network monitor for Unix modeled after etherman . Featuring link layer, IP and TCP modes, it displays network ...

Read more Posted byKapil Soni1commentsLabels:Free,GUI,Hacking Tools,Linux,Monitoring,Network,Protocol,Top 100,UnixatFriday, April 03, 2015XSSYA v2.0 (Cross Site Scripting Vulnerability Confirmation) :: Tools<br />XSSYA (Cross Site Scripting Scanner Vulnerability Confirmation) written in python scripting language confirm the XSS Vulnerability in two method first work by execute the payload encoded to bypass Web Application Firewall which is the first method request and response if it respond 200 it turn to Method 2 which search that payload decoded in web page HTML code if it confirmed get the last step which is execute document.cookie to get the cookie.<br />Key Features:Support HTTPSAfter Confirmation (execute payload to get cookies)Can be run in (Windows - Linux)Identify 3 types of WAF (Mod_Security - WebKnight - F5 BIG IP)XSSYA Continue Library of Encoded Payloads To Bypass WAF (Web Application Firewall)Support Saving The Web HTML Code Before Executingthe Payload Viewing the Web HTML Code into the Screen or TerminalWhat's New: (XSSYA v 2.0 has more payloads; library contains 41 payloads to enhance detection level XSS scanner is now removed from XSSYA to reduce false positive. URLs to be tested used to not allow any character at the end of the URL except (/ - = -?) but now this limitation has been removed.<br /><br />Custom Payload 1 You have the ability to Choose your Custom Payload Ex: and you can encode your custom payload with different types of encodings like (B64 HEX URL_Encode - HEX with Semi Columns). (HTML Entities à Single Double Quote only - brackets And or Encode all payload with HTML Entities) This feature will support also XSS vulnerability confirmation method which is you choose you custom payload and custom Encoding execute if response 200 check for same payload decoded in HTM code page.<br />HTML5 Payloads XSYSA V2.0 contains a library of 44 HTLM5 payloads XSSYA have a Library for the most vulnerable application with XSS Cross site scripting and this library counting (Apache WordPress PHPmy Admin) If you choose application it give the CVE Number version of Apache which is affected and the link for CVE for more details so it will be easy to search for certain version that is affected with XSS.<br />XSSYA has the feature to convert the IP address of the attacker to (Hex, Dword, Octal) to bypass any security mechanism or IPS that will be exist on the target Domain. XSSYA check is the target is Vulnerable to XST (Cross Site Trace) which it sends custom Trace Request and check if the target domain is Vulnerable the request will be like this: <br />TRACE / HTTP/1.0 <br />Host: demo.testfire.net <br />Header1: script alert(document.cookie);<br />Tutorials:User Guide: Click Here<br />Download:Python: XSSYA v2.0 XSSYA v2.0 (Cross Site Scripting Vulnerability Confirmation) :: Tools

XSSYA (Cross Site Scripting Scanner Vulnerability Confirmation) written in python scripting language confirm the XSS Vulnerabili...

Read more Posted byKapil SoniNocommentsLabels:CLI,Free,Linux,Penetration,Python,Security,Testing,Tools,Vulnerability,Web,Windows,XSSatSunday, March 29, 2015Distributed Network Attack (DNA) :: FrameworkDistributed Network Attack (DNA) is a new approach to <i>recovering password protected files</i>. In the past, recoveries have been limited to the processing power of one machine. Distributed Network Attack (DNA) uses the power of machines across the network or across the world to decrypt passwords. The DNA Server is installed in a central location where machines running the Distributed Network Attack (DNA) Client can access it over the network. DNA Manager coordinates the attack, assigning small portions of the key search to machines distributed throughout the network. The DNA Client will run in the background, only taking unused processor time. Distributed Network Attack (DNA) is used in many different environments to provide specific, password cracking related functions. <i>For example</i>, law enforcement and corporate security professionals can use PRTK and DNA in <i>computer forensic investigations</i> to access password-protected files. IT administrators can use DNA to recover system passwords, while individual users can use PRTK and DNA to recover lost passwords to personal files. These two products provide access to passwords for a large number of popular software applications. DNA uses multiple machines across the network or across the world to conduct key space and dictionary attacks. In many cases, this makes use of time those computers would normally be idle, saving the cost of additional hardware. Many organizations find that the cost of additional hardware is justified for a secure, dedicated password recovery lab. <br />Distributed Network Attack (DNA) Features ::<br />Leverage graphic processing units on Microsoft Windows machines with CUDA-enabled GPUs.Easy to read Statistics and GraphsAdd user dictionariesOptimization for password attacks for specific languagesCustomize user dictionariesStealth client installation functionalityAutomatic Client update when updating the DNA ServerControl which clients work on certain jobsDNA Worker Minimum Requirements :: <br />Operating System:Windows XP/2000Macintosh OSX 10.3.9/10.4.xLinux Red Hat/Fedora Core 4SolarisProcessor:Intel Pentium III/P4/AMD AthlonPower PC G4/G5SparcRAM: 1 GbHard Disk Space: 40 GbTutorials ::<br />Download ::Windows ::Distributed Network Attack (DNA) version 7.0.0 (.iso)Official Website :: http://www.accessdata.com/Distributed Network Attack (DNA) :: Framework

Distributed Network Attack (DNA) is a new approach to recovering password protected files . In the past, recoveries have been limi...

Read more Posted byKapil SoniNocommentsLabels:Attack,Cracking,Frameworks,Free,GUI,Network,Password,Recovery,System,WindowsatTuesday, March 24, 2015FoxAnalysis :: ToolsFoxAnalysis Plus is a software tool for <i>extracting, viewing and analysing internet history</i> from the Mozilla Firefox web browser. The main features are described below: <span class="heading">Extract History</span> ::<br /><span class="description2">Extract history regarding bookmarks, cookies, downloads, favicons, form entries, logins, saved sessions and website visits.</span> <span class="heading"></span><br /><span class="heading">Case Files</span> ::<br /><span class="description2">Each Firefox profile analysed can be saved to a Case file for further analysis at a later date.</span> <span class="heading"></span><br /><span class="heading">Supports Firefox versions 3 to 24</span> ::<br /><span class="description2">Extract history generated from Firefox versions 3 to 24 (new versions are added regularly).</span><br /><span class="description2"><span class="heading">Cache ::</span> <br /><span class="description">The built-in image viewer can be used to view images from the cache. Images, web pages and other files from the cache can also be extracted.</span></span><br /><span class="description2"><span class="description"><span class="heading">Saved Sessions ::</span> <br />Analyse current and last session data such as open windows and tabs, cookies and text typed into forms. Session data not displayed within a table can be analysed using the tree viewer.</span></span><br /><span class="description2"><span class="description"><span class="heading">Web History Timeline ::</span> <br />Website visits can be viewed in a navigable timeline structure for easily viewing the time and order that websites were visited.</span></span><br /><span class="description2"><span class="description"><span class="heading">Web Page Reconstruction ::</span> <br />Web pages stored in the cache can be reconstructed using other resource files from the cache. This allows the web page to be viewed in the state it was originally accessed. A report is also provided summarising how the web page was reconstructed.</span></span><br /><span class="description2"><span class="description"><span class="heading">Filtering ::</span> <br />Analyse the extracted data with filtering by keyword, date range, download status, website visit or selection. Lists of keyword filters can also be saved and loaded.</span></span><br /><span class="description2"><span class="description"><span class="heading">Reporting ::</span> <br />Generate reports in HTML, CSV and XML format.</span></span><br /><span class="description2"><span class="description"><span class="heading">Time Zone and DST Settings ::</span> <br />Convert UTC timestamps to any time zone and apply custom daylight saving settings. </span></span><br /><span class="description2"><span class="description">Tutorials ::</span></span><span class="description2"><span class="description"></span></span><span class="description2"><span class="description">Download ::</span></span><span class="description2"><span class="description"></span></span><span class="description2"><span class="description">Windows :: FoxAnalysis Trial</span></span><span class="description2"><span class="description">Official Website :: http://forensic-software.co.uk/</span></span><span class="description2"> </span>FoxAnalysis :: Tools

FoxAnalysis Plus is a software tool for extracting, viewing and analysing internet history from the Mozilla Firefox web browser...

Read more Posted byKapil SoniNocommentsLabels:Analysis,Browser,Dump,Forensics,GUI,Paid,Trial,WindowsatSunday, March 22, 2015Juli (MITM) :: Tools<br />A simple automated perl script for MiTM ( man-in-the-middle ) attacks. <br />Requirements:Linux ( I tested it on Ubuntu 14.04 LTS )Perlsslstrip https://github.com/moxie0/sslstriparpsoof ( from dsniff can be found here http://www.monkey.org/~dugsong/dsniff/ )Usage:Script must be runned as a root user<br />sudo juli.pl interface targetipDownload:<br />Linux: Juli.plJuli (MITM) :: Tools

A simple automated perl script for MiTM ( man-in-the-middle ) attacks. Requirements: Linux ( I tested it on Ubuntu 14.04 LTS ) Per...

Read more Posted byKapil SoniNocommentsLabels:CLI,Free,Linux,MITM,Network,Security,Testing,ToolsatSaturday, March 07, 2015Orbot (Tor for Android Devices) :: ToolsOrbot is a free proxy app that empowers other apps to use the <i> internet more securely</i>. Orbot uses Tor to encrypt your Internet traffic and then hides it by bouncing through a series of computers around the world. Tor is free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security known as traffic analysis.Orbot is the only app that creates a truly private internet connection. As the New York Times writes, when a communication arrives from Tor, you can never know where or whom its from. Tor won the 2012 Electronic Frontier Foundation (EFF) Pioneer Award.<br />ACCEPT NO SUBSTITUTES: Orbot is the safest way to use the Internet on Android. Period. Orbot bounces your encrypted traffic several times through computers around the world, instead of connecting you directly like VPNs and proxies. This process takes a little longer, but the strongest privacy and identity protection available is worth the wait.Tutorials ::Download ::Android Play Store :: Orbot Direct Download :: Orbot.apkOfficial Website :: https://guardianproject.info/apps/orbot/ Orbot (Tor for Android Devices) :: Tools

Orbot is a free proxy app that empowers other apps to use the internet more securely . Orbot uses Tor to encrypt your Internet traff...

Read more Posted byKapil SoniNocommentsLabels:Android,Encryption,Free,Network,Phone,Proxy,Security,Tools,Tor,VPNatThursday, March 05, 2015Capstone (Disassembly Framework) :: FrameworkCapstone is a lightweight multi-platform, multi-architecture disassembly framework. Our target is to make Capstone the ultimate disassembly engine for binary analysis and reversing in the security community.<br />FeaturesSupport hardware architectures: ARM, ARM64 (aka ARMv8), Mips X86.Clean/simple/lightweight/intuitive architecture-neutral API.Provide details on disassembled instruction (called decomposer by others).Provide some semantics of the disassembled instruction, such as list of implicit registers read written.Implemented in pure C language, with bindings for Python, Ruby, OCaml, C#, Java and GO available.Native support for Windows *nix (including MacOSX, Linux, *BSD platforms).Thread-safe by design.Distributed under the open source BSD licenseTutorials ::Text Tutorials :: Click Here <br />Download ::Windows :: Capstone v1 (Win32)<br />Linux :: Capstone-1.0_i386.deb<br />Official Website :: http://www.capstone-engine.org/<br />Capstone (Disassembly Framework) :: Framework

Capstone is a lightweight multi-platform, multi-architecture disassembly framework . Our target is to make Capstone the ultimate disass...

Read more Posted byKapil SoniNocommentsLabels:Assembler/Disassembler,CLI,Frameworks,Free,Hacking Tools,Linux,Reverse,WindowsatSunday, March 01, 2015Mandiant Redline (Memory and File Analysis) :: ToolsRedline, Mandiants premier free tool, provides<i> host investigative</i> capabilities to users to find signs of <i>malicious activity through memory and file analysis</i>, and the development of a threat assessment profile. With Redline, users can:Thoroughly audit and collect all running processes and drivers from memory, file system metadata, registry data, event logs, network information, services, tasks, and web history.Analyze and view imported audit data, including narrowing and filtering results around a given timeframe using Redlines Timeline functionality with the TimeWrinkle and TimeCrunch features.Streamline memory analysis with a proven workflow for analyzing malware based on relative priority.Identify processes more likely worth investigating based on the Redline Malware Risk Index (MRI) score.Perform Indicator of Compromise (IOC) analysis. Supplied with a set of IOCs, the Redline Portable Agent is automatically configured to gather the data required to perform the IOC analysis and an IOC hit result review. <br />In addition, Redline can be used in conjunction with Mandiant for Intelligent Response(MIR) and Mandiant for Security Operations:Investigators can open audits gathered in Mandiant for Intelligent Response (MIR) directly in Redline to quickly identify a malicious process and create an IOC based on the analysis. MIR can use this IOC to quickly sweep a network to identify all other systems running the same or similar malware.Mandiant for Security Operations users can open triage collections directly in Redline in order to perform in-depth analysis allowing the user to establish a timeline and the scope of an incident.Mandiant Redline 1.11 includes various changes to improve your user experience, and adds support for Windows 8 and 2012. A redesigned find panel remains open and offers users the ability to search and filter on a specific column. You can also filter lists by multiple tags at the same time and choose whether to include only items that do or do not have a comment. Finally, the Redline Collector now provides beta support for gathering Windows 2012 and Windows 8 data..<br /><br /><br />Supported Operating Systems: Windows XP, Windows Vista, Windows 7, Windows 8 (32-bit and 64-bit)<br /><br />Tutorials ::User Guide :: Mandiant Redline 1.11 (PDF)<br />Redline Blog :: Mandiant Redline Blog<br /><br />Download ::Windows :: Mandiant Redline v1.11<br /><br />Official Website :: https://www.mandiant.com/resources/download/redlineMandiant Redline (Memory and File Analysis) :: Tools

Redline, Mandiants premier free tool, provides host investigative capabilities to users to find signs of malicious activity throug...

Read more Posted byKapil SoniNocommentsLabels:Analysis,CLI,Free,Hacking Tools,Malware,Memory,Penetration,Registry,Tools,WindowsatMonday, February 09, 2015Microsoft's Network Monitor (Capturing and Protocol Analysis of Network Traffic) :: ToolsMicrosoft's Network Monitor is a tools that allow capturing and protocol analysis of network traffic. Network Monitor 3 is a protocol analyzer. It enables you to capture, to view, and to analyze network data. You can use it to help troubleshoot problems with applications on the network. This article contains download and support information, installation notes, and general usage information about Network Monitor 3. Network Monitor 3.4 is the latest version.Network Monitor 3 is a complete overhaul of the earlier Network Monitor 2.<var>x</var> version. Some key features of Network Monitor 3 include the following:Script-based parser model with frequent updates Concurrent live capture sessionsSupport for Windows 7Support for 32-bit platforms and for 64-bit platforms Support for network conversations and process tracking API to access capture and parsing engine Wireless Monitor Mode CapturingSupported Operating System ::Windows 7, Windows 8, Windows Server 2003 Service Pack 2, Windows Server 2003 Service Pack 2 x64 Edition, Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 R2 for Itanium-based Systems, Windows Server 2012, Windows Vista 64-bit Editions Service Pack 1, Windows Vista Service Pack 1, Windows XP 64-bit, Windows XP Service Pack 3 Hardware ::1 GHz or greater CPU1 GB or greater memory60 MB free hard disk space plus extra room for capture filesTutorials ::Installation Instruction :: The Network Monitor core engine has been decoupled from the parser set. To install the full Network Monitor 3.4 product:Run the setup.exe for the platform you are installing.You will be prompted first to install the core engine. Follow the installationdirections. Make sure you close existing instances of netmon.exe, nmcap.exeand any running NMAPI applications.Next you will be prompted to install the parser package. Follow theinstallation directions:To uninstall the full Network Monitor 3.4 product ::Go to Add/Remove Programs in Control PanelUninstall both Microsoft Network Monitor 3.4 and Microsoft Network Monitor: Network MonitorParsers 3.4Network Monitor Blog :: Click Here<br />Network Monitor Blog :: Click Here<br /><br />Video Tutorial :: Click Here<br />Download ::Windows :: Network Monitor 3.4 (x86 x64)Official Website :: http://www.microsoft.com/en-us/download/details.aspx?id=4865<br />Microsoft's Network Monitor (Capturing and Protocol Analysis of Network Traffic) :: Tools

Microsofts Network Monitor is a tools that allow capturing and protocol analysis of network traffic . Network Monitor 3 is a proto...

Read more Posted byKapil SoniNocommentsLabels:Analysis,Free,GUI,Information Gathering,Monitoring,Network,Protocol,Sniffer,Tools,WiFi,WindowsatThursday, January 29, 2015Older PostsHomeSubscribe to:Posts(Atom)DistributionsPaid ToolsFree ToolsMalware Analysis and ForensicsVote For Your FavoriteSearch ToolsEducational
Tools Submission
FrameworksMost Popular ToolsMost Popular ToolsCloud Cracker (Online WPA/WPA2 and Hash Cracker) :: ToolsCloud Cracker is an online password cracking service for penetration testers and network auditors who need to check the secu...SIPVicious (Auditing SIP Based VoIP System) :: ToolsSVMAP is a part of a suite of tools called SIPVicious and its my favorite scanner of choice It can be used to scan identify and fingerp...FARADAY (Integrated Penetration Testing IDE) :: FrameworkFaraday introduces a new concept (IPE) Integrated Penetration-Test Environment a multiuser Penetration test IDE . Designed for distrib...DumpIt (Memory Dumper) :: ToolsDumpIt is a fusion of two trusted tools , win32dd and win64dd, combined into one one executable. DumpIt is designed to be provided to...USB Write Blocker :: ToolsUSB Write blocker is an application that will use the windows registry to write block USB devices . It is a useful tool for those who...iScan Online :: ToolsiScan Online is the vulnerability scanning solutions for Computing and Mobility. iScan Online delivers its vulnerability scanning ...Top

TAGS:Information ToolWar Security Tools InfoSec 

<<< Thank you for your visit >>>

Hot Websites