Search Results for "penetration testing linux distro" - Page 5
Sort By:
Showing 420 open source projects for "penetration testing linux distro"
View related business solutions-
Don’t settle when it comes to managing your clients’ IT infrastructure. Exceed their expectations with ConnectWise RMM, our MSP RMM software that provides proactive tools and NOC services—regardless of device environment. With the number of new vulnerabilities rising each year, smart patching procedures have never been more important. We automatically test and deploy patches when they are viable and restrict patches that are harmful. Get better protection for clients while you spend less time managing endpoints and more time growing your business. It’s tough to locate, afford, and retain quality talent. In fact, 81% of IT leaders say it’s hard to find the recruits they need. Add ConnectWise RMM, NOC services and get the expertise and problem resolution you need to become the advisor your clients demand—without adding headcount.
-
ConnectWise CPQ, formerly ConnectWise Sell, is a professional quote and proposal automation software for IT solution providers. ConnectWise CPQ offers a wide range of tools that enables IT solution providers to save time, quote more, and win big. Top features include professional quote or proposal templates, product catalog and sourcing, workflow automation, sales reporting, and integrations with best-in-breed solutions like Cisco, Dell, HP, and Salesforce.
-
1
Wfuzz
Web application fuzzer
Wfuzz provides a framework to automate web applications security assessments and could help you to secure your web applications by finding and exploiting web application vulnerabilities. Wfuzz it is based on a simple concept: it replaces any reference to the FUZZ keyword by the value of a given payload. A payload in Wfuzz is a source of data. This simple concept allows any input to be injected in any field of an HTTP request, allowing to perform complex web security attacks in different web... -
2
FireCX
Open source OWASP penetration testing tool written in Python 3
FireCX is an open source OWASP penetration testing tool written in Python 3, that can speed up the the process of finding common PHP vulnerabilities in PHP code, i.e. command injection, local/remote file inclusion and SQL injection. -
3
Zynix-Fusion
zynix-Fusion is a framework for hacking
zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else. -
4
CloudBrute
Awesome cloud enumerator
A tool to find a company (target) infrastructure, files, and apps on the top cloud providers (Amazon, Google, Microsoft, DigitalOcean, Alibaba, Vultr, Linode). The outcome is useful for bug bounty hunters, red teamers, and penetration testers alike. While working on HunterSuite, and as part of the job, we are always thinking of something we can automate to make black-box security testing easier. We discussed this idea of creating a multiple platform cloud brute-force hunter.mainly to find open... -
Our robust pre-built connectors and our no-code, drag-and-drop interface makes it easy and fast to automatically sync vendors, invoices, and invoice payment data between Tipalti and your ERP or accounting software.
-
5
RemoteSploit
Automated exploitation tool for SSH and RDP
Automated exploitation tool for SSH and RDP -
6
phpsploit
Full-featured C2 framework which silently persists on webserver
Full-featured C2 framework which silently persists on webserver via polymorphic PHP oneliner. The obfuscated communication is accomplished using HTTP headers under standard client requests and web server's relative responses, tunneled through a tiny polymorphic backdoor. Detailed help for any option (help command) Cross-platform on both client and server. CLI supports auto-completion & multi-command. Session saving/loading feature & persistent history. Multi-request support for large... -
7
cynuxsecurity
Arch Linux Based Pentesting Distro
Cynux Security is arch based pentesting distribution comes with 200+ most recommended tools by professionals. The current release is testing so it have some bugs. The creds are cynux:cynux To install cynux 0.1 cli installer is available @ https://github.com/cynuxsecurity/cynux-installer To install cynux v2021.0.1 Type `sudo install_cynux` in terminal -
8
SHAD0W
A post exploitation framework designed to operate covertly
It uses a range of methods to evade EDR and AV while allowing the operator to continue using tooling and tradecraft they are familiar with. Its powered by Python 3.8 and C, and uses Donut for payload generation. By using Donut along with the process injection capabilities of SHAD0W, it provides the operator the ability to execute .NET assemblies, DLLs, EXEs, JS, VBS or XSLs fully inside the memory. Dynamically resolved syscalls are heavily used to avoid userland API hooking, anti-DLL... -
9
AzzeraOS
"the locked linux, for public PCs, for everyone"
AzzeraOS is a debian buster gnu/linux distro (64bit) with xfce desktop, made in Italy. It has been made for public PCs (like schools PCs, libraries PCs etc...). If you don't know the user password, you can't apply your GUI customizations. Every time you restart it, it resets itself. You can prevent this by updating your settings (azconf-settings admin panel). Beta usage: - Install it for beta testing; - You will be able to switch to stable version via OTA; - Please update AzzeraOS before... -
Chat with your business data with Looker. More than just a modern business intelligence platform, you can turn to Looker for self-service or governed BI, build your own custom applications with trusted metrics, or even bring Looker modeling to your existing BI environment.
-
10
mongoaudit
A powerful MongoDB auditing and pentesting tool
mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing. It is widely known that there are quite a few holes in MongoDB's default configuration settings. This fact, combined with abundant lazy system administrators and developers, has led to what the press has called the MongoDB apocalypse. mongoaudit not only detects misconfigurations, known vulnerabilities and bugs but also gives you advice on how to fix them... -
11
ADB-Toolkit V2.3
ADB-Toolkit V2 for easy ADB tricks with many perks in all one
Tool for testing your Android device and hacking someone's Android Phone (Don't use it with wrong intentions). ADB-Toolkit is a BASH Script with 28 options and a METASPLOIT Section which has 6 options and is made to do easy penetration testing in Android Devices. You can do pretty much anything with this script and test your Android device is it safe or not. This script is made with the help of ADB (Android Debug Bridge) it’s a tool that is used by developers to debug the Android device... -
12
ANDRAX Hacker's Platform
Advanced Ethical Hacking and Penetration Testing Platform
The most complete and Advanced Penetration Testing and Ethical Hacking Platform dedicated to Advanced Professionals. Developed to bring the power of Offensive Security in the anyone's pocket 100% OPEN SOURCE - ANDRAX is a independent solution for Security professionals who loves Linux -
13
bruteforce-salted-openssl for Windows
OpenSSL tool for security, pentests and forensics investigation
Written by Guillaume LE VAILLANT. -
14
mssqlproxy
Toolkit aimed to perform lateral movement in restricted environments
mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse. The client requires impacket and sysadmin privileges on the SQL server. The first step is to execute code in the SQL Server process context. As extended stored procedures are going to be deprecated in future versions of MSSQL, we pay attention to Microsoft recommendations and thus, use CLR assemblies instead. -
15
Hyenae NG
Advanced Network Packet Generator
Hyenae NG is an advanced cross-platform network packet generator and the successor of Hyenae. It features full network layer spoofing, pattern based address randomization and flood detection breaking mechanisms. *** Please check out the latest source from my GitHub repository and check the Build informations. https://github.com/r-richter/hyenae-ng/ -
16
MimiPenguin
A tool to dump the login password from the current linux user
A tool to dump the login password from the current linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz. Takes advantage of cleartext credentials in memory by dumping the process and extracting lines that have a high probability of containing passwords. Will attempt to calculate each word's probability by checking hashes in memory, and regex searches. 2.0 introduces a clean port that aims to increase the speed of execution and portability -
17
SSH MITM
SSH man-in-the-middle tool
This penetration testing tool allows an auditor to intercept SSH connections. A patch applied to the OpenSSH v7.5p1 source code causes it to act as a proxy between the victim and their intended SSH server; all plaintext passwords and sessions are logged to disk. Of course, the victim's SSH client will complain that the server's key has changed. But because 99.99999% of the time this is caused by a legitimate action (OS re-install, configuration change, etc), many/most users will disregard... -
18
Web Security Dojo
Virtual training environment to learn web app ethical hacking.
Web Security Dojo is a virtual machine that provides the tools, targets, and documentation to learn and practice web application security testing. A preconfigured, stand-alone training environment ideal for classroom and conferences. No Internet required to use. Ideal for those interested in getting hands-on practice for ethical hacking, penetration testing, bug bounties, and capture the flag (CTF). A single OVA file will import into VirtualBox and VMware. There is also an Ansible script... -
19
SudokuSolver
C# Sudoku solver that uses human techniques; no brute-forcing.
-
20
WebSploit Framework
WebSploit is a high level MITM Framework
WebSploit Advanced MITM Framework [+]Autopwn - Used From Metasploit For Scan and Exploit Target Service [+]wmap - Scan,Crawler Target Used From Metasploit wmap plugin [+]format infector - inject reverse & bind payload into file format [+]phpmyadmin Scanner [+]CloudFlare resolver [+]LFI Bypasser [+]Apache Users Scanner [+]Dir Bruter [+]admin finder [+]MLITM Attack - Man Left In The Middle, XSS Phishing Attacks [+]MITM - Man In The Middle Attack [+]Java Applet Attack [+]MFOD... -
21
Offensive Web Testing Framework
Offensive Web Testing Framework (OWTF), is a framework
OWASP OWTF is a project focused on penetration testing efficiency and alignment of security tests to security standards like the OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST so that pentesters will have more time to see the big picture and think out of the box. More efficiently find, verify and combine vulnerabilities. Have time to investigate complex vulnerabilities like business logic/architectural flaws or virtual hosting sessions. Perform more tactical/targeted fuzzing... -
22
blackhat-global
Blackhat-Global-Lite OS Debian Buster based custom distro
We are excited to announce the availability of Blackhat-Global OS Lite. We’ve condensed the full Blackhat-Global experience into a streamlined operating system that’s fast, user-friendly, desktop-oriented operating system based. Which is available immediately for download. Blackhat-Global Lite is a Debian (Buster) customized Linux-based distribution, built for Penetration Testers. The solution we’ve committed to is lightweight that provides users a perfect blend of power condensed... -
23
Modlishka
Powerful and flexible HTTP reverse proxy
Modlishka is a powerful and flexible HTTP reverse proxy. It implements an entirely new and interesting approach of handling browser-based HTTP traffic flow, which allows to transparently proxy of multi-domain destination traffic, both TLS and non-TLS, over a single domain, without the requirement of installing any additional certificate on the client. What exactly does this mean? In short, it simply has a lot of potential, that can be used in many use case scenarios. Modlishka was written as... -
24
Taie-RedTeam-OS
泰阿安全实验室-红队单兵作战系统-Taie-RedTeam-OS
中文简介: 面向中国信息安全白帽子人员的红方渗透作战操作系统,内容工具更适用于中国的环境,避免大而全精简不常用的工具软件,集成国内优秀的开源渗透工具帮助红方人员更好的实施工作! Introducte: For Chinese information security white hat personnel red team infiltration combat operating system, the content and tools are more suitable for the Chinese environment, simplify not commonly used tool software, integration of domestic excellent open source infiltration tools to help red staff better implementation! -
25
PivotSuite
Network Pivoting Toolkit
PivotSuite is a portable, platform-independent and powerful network pivoting toolkit, Which helps Red Teamers / Penetration Testers to use a compromised system to move around inside a network. It is a Standalone Utility, Which can use as a Server or as a Client. If the compromised host is directly accessible (Forward Connection) from Our pentest machine, Then we can run pivotsuite as a server on the compromised machine and access the different subnet hosts from our pentest machine, Which...