Web Security Dojo is a preconfigured, stand-alone training environment for Web Application Security. Virtualbox and VMware versions for download. See "View all files" for VMware version.
Interfaz gráfica para el crackeo de redes WPS con Reaver.
WPSCrackGUI es una interfaz gráfica para el crackeo de redes wireless con WPS.
Easily convert batch files to executables
BatToExe is a no frills Windows Forms application written in C# that converts batch (*.bat) files to executables (*.exe). The main functionality centers around runtime compilation in C#.
A Pen Test Drop Box distro for the Raspberry Pi
PwnPi is a Linux-based penetration testing dropbox distribution for the Raspberry Pi. It currently has 200+ network security tools pre-installed to aid the penetration tester. It is built a stripped down version of the Debian Wheezy image from the Raspberry Pi foundation's website and uses Openbox as the window manager. PwnPi can be easily setup to send reverse connections from inside a target network by editing a simple configuration file.
Very fast network stress tool
the fatest network packet injector *WARNING*: Don't use versions prior to 5.7.0. There is a major bug (some IPv4 were being reversed), recently discovered, fixed in this release.
This project is an implementation of the TCG TPM 2.0 specification. It is based on the TPM specification Parts 3 and 4 source code donated by Microsoft, with additional files to complete the implementation. See the wiki for additional support - additions to the documentation. See the companion IBM TSS at https://sourceforge.net/projects/ibmtpm20tss/
c-icap is an implementation of an ICAP server. It can be used with HTTP proxies that support the ICAP protocol such as the Squid 3.x HTTP proxy server to implement content adaptation/filtering services.
IBM's TPM 2.0 TSS
This is a user space TSS for TPM 2.0. It implements the functionality equivalent to (but not API compatible with) the TCG TSS working group's ESAPI, SAPI, and TCTI API's (and perhaps more) but with a hopefully simpler interface. It comes with over 110 "TPM tools" samples that can be used for scripted apps, rapid prototyping, education, and debugging. It also comes with a web based TPM interface, suitable for a demo to an audience that is unfamiliar with TCG technology. It is also useful for basic TPM management. See the below link for operating system, platform, and hardware support. See the companion IBM TPM 2.0 at https://sourceforge.net/projects/ibmswtpm2/ and attestation at projects/ibmtpm2acs I welcome (1) bug reports, (2) documentation requests, (3) suggestions for ECC tests, and (4) requests for features for which you have an immediate need. See the wiki for additional support - additions to the documentation.
WPSPin es una aplicación para Android que posee una gran base de datos con pines de WPS que podemos utilizar para atacar routers mediante a Reaver-WPS.
Web Security Gateway (URL filtering, waf, firewall, antivirus...)
CacheGuard is an Enterprise Grade Web Security Gateway providing firewall, web antivirus, caching, web compression, URL filtering, forward/reverse proxy, web load balancing, WAF, antivirus, bandwidth shaping and more. The High Availability function is the the heart of CacheGuard using RAID, link bounding, VRRP, cache sharing. An SNMP agent is integrated into the appliance and the appliance can send traps if something goes wrong. CacheGuard is available as an OS appliance to install on a hardware or virtual machine of your choice. You can implement it transparently in any existing architecture as your main central point where all the Web traffic passes through. CacheGuard is based on a hardened Linux system built from scratch (with LFS) and integrates netfilter and iproute2, squid, squidGuard, apache, modSecurity, clamAV and multiple other open source products interfaced together as a whole to allow an easy and straightforward configuration using the CLI or the Web GUI.
Windows tool to read SIM card information and content
SIMCardManager is Windows tool that can read a SIM card information (ICCID, IMSI, Pin states) and SIM card content : phone book (ADN), Fixed dialing (FDN) and SMS messages. It also enables you to authenticate with PIN when activated and export SIM card content to text files. You need to have a PC/SC compatible smart card reader or dongle with SIM slot. You can find other useful tools on my website http://www.idrix.fr
V2.0-Unhides Folder/Files,removes malicious scripts from USB Drive
V2.0 (30th Dec 2014). It is a USB Malware Cleaner. This is a small tool that removes malicious scripts created by virus or malware, unhides folder and files, deletes all shortcut from selected drive. Also disables autorun completely and provides option to enable registry, folder options and task manager. Visit the project website for more information.
GUI for masscan (Windows)
GUI for the fastest port scanner - masscan. https://github.com/robertdavidgraham/masscan
A port scanner, password cracker, DDOS tool, Web spider, for hacking.
DDOS Tool: To take down small websites with HTTP FLOOD. Port scanner: To know the open ports of a site. FTP Password Cracker: To hack file system of websites.. Banner Grabber: To get the service or software running on a port. (After knowing the software running google for its vulnerabilities.) Web Spider: For gathering web application hacking information. Email scraper: To get all emails related to a webpage IMDB Rating: Easy way to access the movie database. Both .exe(compressed as zip) and .py versions are available in files. The video above is unofficial and not in English. If some one wants to support the development please make a youtube video for Dark fantasy - hack tool. Post link in review or email me at firstname.lastname@example.org. I will add facebook hacking(phishing method) to the tool if you guys help me.
OSAF-TK your one stop shop for Android malware analysis and forensics.
Welcome to OSAF! The OSAF-Toolkit was developed, as a senior design project, by a group of IT students from the University of Cincinnati, wanting to pioneer and pave the way for standardization of Android malware analysis. The OSAF-Toolkit is built from Ubuntu 11.10 and pre-compiled with all of the tools needed to rip apart applications for code review and malware analysis. Our primary goal with the toolkit is to be able to make application analysis as easy as possible. We also wanted to create a community where security professionals, analysts, developers and newcommers can learn, discuss and share methodologies with one another. Follow us on Twitter @OSAF_Community Follow us on Facebook http://www.facebook.com/OpenSourceAndroidForensics
The Powerful Protection for PC Against Viruses from Removable Drives
Shiela USB Shield is a powerful first line defense against virus from infected removable drives. * It locks autorun.inf and associate executable files in multiple instance * Delete/Freeze the shortcut file or clone file, and restores the original automatically. * It is free and open source. System Requirements 1) Windows 2000 or later 2) 256Mb RAM or higher 3) 1GHz Processor or faster 4) .NET Framework 2.0 or later must be installed
MitM pentesting opensource toolkit
Operative Systems Suported are: Linux-ubuntu, kali-linux, backtack-linux (un-continued), freeBSD, Mac osx (un-continued) Netool its a toolkit written using 'bash, python, ruby' that allows you to automate frameworks like Nmap, Driftnet, Sslstrip, Metasploit and Ettercap MitM attacks. this toolkit makes it easy tasks such as SNIFFING tcp/udp traffic, Man-In-The-Middle attacks, SSL-sniff, DNS-spoofing, D0S attacks in wan/lan networks, TCP/UDP packet manipulation using etter-filters, and gives you the ability to capture pictures of target webbrowser surfing (driftnet), also uses macchanger to decoy scans changing the mac address. Rootsector module allows you to automate some attacks over DNS_SPOOF + MitM (phishing - social engineering) using metasploit, apache2 and ettercap frameworks. Like the generation of payloads, shellcode, backdoors delivered using dns_spoof and MitM method to redirect a target to your phishing webpage. recent as introducted the scanner inurlbr (by cleiton)
Linset Is Not a Social Enginering Tool
Linset is a social engineering tool based on MITM to check the security (or ignorance) of the clients in our wireless network.
IDA Pro plug-in to fix/extract/view RTTI information
An IDA Pro Windows object RTTI vftable finder, fixer, and lister plug-in. Places structure defs, names, labels, and comments to make more sense of class and structure vftables ("Virtual Function Table"). Lists found RTTI structures and C++ classes in a window for browsing. Mentioned in Chris Eagle's: "The IDA Pro book": https://www.nostarch.com/idapro2.htm See: http://en.wikipedia.org/wiki/RTTI * May 2017: Improved data segment scanning * Requires IDA Pro 6.9 or greater. To build you'll need MSVC 2015 and https://sourceforge.net/projects/ida-support-library/
Xplico is a Network Forensic Analysis Tool (NFAT)
Xplico is a Network Forensic Analysis Tool (NFAT). The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP, MGCP, MEGACO, RTP), IRC, WhatsApp... Xplico is able to classify more than 140 (application) protocols. Xplico cam be used as sniffer-decoder if used in "live mode" or in conjunction with netsniff-ng. Xplico is used also in CapAnalysis: http://www.capanalysis.net
======================== Extra! Extra! Read all about it! The next generation of YFi Hotspot Manager is now available. It is called RADIUSdesk and packed with goodies. https://sourceforge.net/projects/radiusdesk/ =========================== Modern Ajax web front-end for FreeRADIUS 2.x. Supports: vouchers, permanent users, billing post paid and pre-paid. Multi language support. Stats. Works with CoovaChilli and Mikrotik. Runs on Ubuntu and CentOS. Thorough documentation. Can be downloaded as a virtual appliance in order to be up and running within minutes. Can be used as a standard RADIUS server.
Daemonlogger is a packet logger and soft tap developed by Martin Roes
Daemonlogger is a packet logger and soft tap developed by Martin Roesch. The libpcap-based program has two runtime modes: 1. It sniffs packets and spools them straight to the disk and can daemonize itself for background packet logging. By default the file rolls over when 2 GB of data is logged. 2. It sniffs packets and rewrites them to a second interface, essentially acting as a soft tap. It can also do this in daemon mode. These two runtime modes are mutually exclusive, if the program is placed in tap mode (using the -I switch) then logging to disk is disabled. Make SURE you read the included COPYING file so that you understand how this file is licensed by Sourcefire, even though it's under the GPL v2 there are some clarifications that we have made regarding the licensing of this program. Daemonlogger is a registered trademark of Sourcefire, Inc.
PCAP from another point of view
CapAnalysis is a web visual tool for information security specialists, system administrators and everyone who needs to analyze large amounts of captured network traffic. Analyze TCP and UDP streams Support multible datasets Perform deep packet inspection Support filtering capability
Providing secured access to visitors / contractors in the organization
LAKSHA Visitor Management System - is a reliable and effective system that enables an organization to manage and track visitors and improve security of the premise throughout its facilities This software can be used for • Visitor Management • Contractor Management • Appointment Management • Student Identity card • Gate Pass Key features are as fallows 1) Biometric and Barcode support 2) Complete Information gathering of the visitor and contractor. 3) Sms & Email Facility 4) Reports on multiple filter criteria (e.g date, area of visit, in between hours) 5) Generating new passes from existing data. 6) Printing Multiple passes or Visitor Badges at the same time 7) Advanced booking for the appointment. If any queries please revert us to email@example.com
OpenSource Enterprise nac
openNAC is an opensource Network Access Control for corporate LAN / WAN environments. It enables authentication, authorization and audit policy-based all access to network. It supports diferent network vendors like Cisco, Alcatel, 3Com or Extreme Networks, and different clients like PCs with Windows or Linux, Mac,devices like smartphones and tablets. Based on open source components and self-development It is based on industry standards such as FreeRadius, 802.1x, AD, ldap, ...It is very extensible, new features can be incorporated because it is architectured in plugins. Easily integrated with existing systems Last but not least, It provides value added services such as configuration management, network, backup configurations, Network Discovery and Network Monitoring