Search Results for "sector"

Vulnerawa stands for vulnerable web application, though I think it should be renamed Vulnerable website. Unlike other vulnerable web apps, this application strives to be close to reality as possible. To know more about Vulnerawa, go here https://www.hackercoolmagazine.com/vulnerawa-vulnerable-web-app-for-practice/ See how to setup Vulnerawa in Wamp server. https://www.hackercoolmagazine.com/how-to-setup-vulnerawa-in-wamp-server/ To see how to set up a web app pen testing lab with...

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. Note that this project is no longer used for hosting the ZAP downloads. You should download ZAP via https://github.com/zaproxy/zaproxy/wiki/Downloads Please see the homepage for more information about OWASP ZAP

This module provides attack surface reduction enhancements against the HTTP Flood Attacks at the web application level. Massive crawling/scanning tools, HTTP Flood tools can be detected and blocked by this module via htaccess, firewall or iptables, etc. (like mod_evasive) You can use this module by including "iosec.php" to any PHP file which wants to be protected. You can test module here: http://www.iosec.org/test.php (demo) Watch the Proof of Concept video:...

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

HTTPBrute is used to calculate HTTP Digest Access Authentication as per RFC 2617. The tool will be able to perform brute force attacks to retrieve a lost password for a given Authentication response. MD5 is the only hashing algorithm implemented.

RTCP is a network man-in-the-middle service for protecting TCP, enabling fault-tolerant servers to recover their connections when restarting.

Simple UI to test the effectiveness of a heuristic algorithm against the brute force method for path finding among an arbitrary number of arbitrarily placed points on a grid. This is an educational project, don't expect new and better methods.

An attempt to send a full flagged MIME based email using open relay mail servers (authentication not required). Written in Python3. Using smtplib and email liabraries TODO: Bruteforce the SMTP authentication. Support TLS.

Computer chess engine written using Qt4, which works under Knights, Jose, Arena and other chess board GUI games. Uses bitboard game representation and alpha beta brute-force search to analyse chess positions.

TSeep is a local network proxy used to MITM SSL and other standard/non-standard TCP based protocols.

A distributed and dynamically threaded password cracker. Completely cross-platform using Qt 4.3. Utilizes 1 server and N clients to distribute password cracking across N machines, each of which can utilize N CPUs.

Mock in the Middle is a Java Proxy designed for testing network applications. It serves as a mock proxy between a client and a server. By recording and replaying network conversations, the client can later be tested without a live server.

SMTPA is a penetration testing and email compliance tool. Want to know if a renamed, encrypted MS word document with a wrongly set content-type header fools your Content Security infrastructure? Check this out!

DES Cracker is a small perl script that cracks DES encrypted passwords.Currently there is only a brute force implementation where phrases are generated. Later version will have a possibility to use word lists for cracking.

CryptoHelper is a Java program designed to aid in the decryption of classical ciphers, ie pre WWII ciphers. It brings together tools like frequency analysis, friedman tests, enciphering/deciphering for several clasical ciphers, and brute force algorithm

GPP is a General Purpose Proxy Java graphical application intended mainly for packet inspection and modification. It's main idea is to be a little user-friendly portable man-in-the-middle tool for security analysis. Later, some protocols should be added

Enables a user to view & alter all aspects of comunications with a web site via a proxy. Primarily used for security based penetration testing of web sites, it can also be used for debugging during development. Seen as part of a hacker toolkit.

Generic clustering/load-balancing platform (over a LAN or internet) using java based P2P Aorta workers that execute java "tasklets". Various tasklets can be implemented to solve fractals, process images, render webpages, crack RSA "brute force".

Defensive Tools For The Blind (DTFTB) is a collection of Windows and Linux tools that automate: post exploitation, backdoor, and rouge access discovery, for defenders. DTFTB allows a system defender to quickly and precisely locate common backdoor tendencies and system misconfigurations used by an attacker to maintain access. Additionally DTFTB provide automated access-denial tools, that prohibit the introduction of new backdoors to a system. DTFTB is primarily geared towards CTF or...

Open source Penetration Testing Suite for IT professionals and penetration testers. SecTest automates the boring repetitive procedures of penetration testing.