Pyton GnuPGInterface is meant to be a filehandle-concentrating Python interface to GnuPG, the GNU Privacy Guard. It has an API similar to the Perl module GnuPG::Interface.
Anomos is an anonymous, encrypted multi-P2P file sharing protocol, originally based on BitTorrent. See our homepage for more details.
A port scanner, password cracker, DDOS tool, Web spider, for hacking.
DDOS Tool: To take down small websites with HTTP FLOOD. Port scanner: To know the open ports of a site. FTP Password Cracker: To hack file system of websites.. Banner Grabber: To get the service or software running on a port. (After knowing the software running google for its vulnerabilities.) Web Spider: For gathering web application hacking information. Email scraper: To get all emails related to a webpage IMDB Rating: Easy way to access the movie database. Both .exe(compressed as zip) and .py versions are available in files. The video above is unofficial and not in English. If some one wants to support the development please make a youtube video for Dark fantasy - hack tool. Post link in review or email me at email@example.com. I will add facebook hacking(phishing method) to the tool if you guys help me.
UFONet - DDoS Botnet via Web Abuse
UFONet - is a free software tool designed to test DDoS attacks against a target using 'Open Redirect' vectors on third party web applications like botnet. See this links for more info: - CWE-601:Open Redirect: http://cwe.mitre.org/data/definitions/601.html - OWASP:URL Redirector Abuse: https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities_-_URL_Redirector_Abuse2 UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using; GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc. FAQ: http://ufonet.03c8.net/FAQ.html UFONet-v0.9(.zip) (md5:7540f45eb8e2d3881f8d17e9a638987a)
w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more. This project has been migrated to github! See details in our project site: http://w3af.org/
WAPI, or WOMBAT API, is a SOAP-based API built in the context of the WOMBAT FP7 project (http://www.wombat-project.eu) to facilitate the remote access and exploration of security-related datasets.
Python module for the libpcap packet capture library, based on the original python libpcap module by Aaron Rhodes.
Powerfuzzer is a highly automated web fuzzer based on many other Open Source fuzzers available (incl. cfuzzer, fuzzled, fuzzer.pl, jbrofuzz, webscarab, wapiti, Socket Fuzzer). It can detect XSS, Injections (SQL, LDAP, commands, code, XPATH) and other
Vinetto is a tool intended for forensics examinations. It is a console program to extract thumbnail images and their metadata from those thumbs.db files generated under Microsoft Windows. Vinetto works under Linux, Cygwin(win32) and Mac OS X.
The sandbox libraries (libsandbox & pysandbox) are an open-source suite of software components for C/C++ and Python developers to create automated profiling tools and watchdog programs. The API's are designed for executing and instrumenting simple (single process) tasks, featuring policy-based behavioral auditing, resource quota, and statistics collecting. The sandbox libraries were originally designed and utilized as the core security module of a full-fledged online judge system for ACM/ICPC training. They have since then evolved into a general-purpose tool for binary program testing, profiling, and security restriction. The sandbox libraries are currently maintained by the OpenJudge Alliance (http://openjudge.net/) as a standalone, open-source project to facilitate various assignment grading solutions for IT/CS education. See project page at https://github.com/openjudge/sandbox for details.
Taof is a GUI cross-platform Python generic network protocol fuzzer. It has been designed for minimizing set-up time during fuzzing sessions and it is especially useful for fast testing of proprietary or undocumented protocols.
Tyrant SQL is a Havij based cross-platform. It's Sqlmap's gui version.
It's a poweful Sql Injection Tool. It's a GUI version of SqlMap, saving time and getting better results. Was designed basing on Havij.
Etherwall is a free and open source network security tool that prevents Man in The Middle (MITM) through ARP Spoofing/Poisoning attacks. It Also prevent it from various attacks such as Sniffing, Hijacking, Netcut, DHCP Spoofing, DNS Spoofing, WEB Spoofing, and others. Note: For personal computer use only (client security) if you like this program, please give us your vote at http://sourceforge.net/projects/etherwall/reviews/
Basic AES files encryption tool
Simple drag & drop file encryption tool. based on python and uses PyCrypto to encrypt the inputted files with AES encryption. Then sqlite database file is generated with a unique key to store the encrypted files and folders in binary blobs for later decryption.
CryptoPy is a pure python implmentation of cryptographic algorithms and applications. The algorithms are developed for readability more than speed. The collection now includes IEEE 802.11i specific algorithms that generated the test vectors for 802.11i.
VoIPER is a VoIP security testing toolkit incorporating several VoIP fuzzers and auxilliary tools to assist the auditor. It can currently generate over 200,000 SIP tests and H.323/IAX modules are in development. It's also a damn cool project name ;)
Ked password manager helps to manage large amounts of passwords and related information and simplifies tasks of searching and entering password data. Kedpm can read data from existing password managers. Written as extensible framework in python
Open Source SCADA Security Evaluation Tool
Modbus traffic generator is a tool written in Python, and uses Scapy libraries to evaluate the effectiveness of SCADA security solutions. The tool generates Modbus/TCP packets, where the characteristics of these packets are extracted from Snort NIDS Modbus rules. The generated packets trigger related alerts in Snort NIDS. It is useful to anybody interested in evaluating and testing their SCADA security solution or other people solutions. Requirements: * Python 2.x or higher * Scapy * Snort NIDS (within the network)
CryptKit is a small, fast cryptographic toolkit for python. It implements Rijndael(AES), SHA 256, Elliptic Curve PKI, Diffie-Hellman key exchange and Nyberg-Ruppel signature/verification. Comprehensive enough to provide a secure socket alternative to SSL
A web crawler oriented to information security.
Last update on tue mar 26 16:25 UTC 2012 The Web Crawler Security is a python based tool to automatically crawl a web site. It is a web crawler oriented to help in penetration testing tasks. The main task of this tool is to search and list all the links (pages and files) in a web site. The crawler has been completely rewritten in v1.0 bringing a lot of improvements: improved the data visualization, interactive option to download files, increased speed in crawling, exports list of found files into a separated file (useful to crawl a site once, then download files and analyse them with FOCA), generate an output log in Common Log Format (CLF), manage basic authentication and more! Many of the old features has been reimplemented and the most interesting one is the capability of the crawler to search for directory indexing.
NetStress is a DDoS and network stress testing tool.
Syn Flood Attacks SYNFlood with static source port SYNFlood with random source port SYNFlood with static source ip address SYNFlood with random source address SynFlood with fragmented packets ACK Flood Attacks ACK Flood with static source port ACK Flood with random source port ACK Flood with static source ip address ACK Flood with random source address ACK Flood with fragmented packets FIN Flood Attacks FIN Flood with static source port FIN Flood with random source port FIN Flood with static source ip address FIN Flood with random source address FIN Flood with fragmented packets UDP Flood Attacs Static source port udp flood UDP flood with random source port UDP Flood with static source ip address UDP Flood with random source address UDP Flood with fragmented packets ICMP Flood ICMP Flood with all options random(source ip, icmp type, code) HTTP Flood ... More info: http://sf.net/p/netstressng/wiki/Home/
Darkjumper.py Developed by : mywisdom & gunslinger_ This tool will try to find every website that host at the same server at your target Then check for every vulnerability of each website that host at the same server
An editor to edit and check protocols specified in SPI-calculus using ProVerif.
sapyto is the first public SAP Penetration Testing Framework, enabling security consultants and system administrators to assess the security of SAP deployments in an organization.
XSSer: Cross Site Scripting Framework
Cross Site "Scripter" is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications. XSSer v1.7-1.tar.gz -> md5: ad6c62a16b72c1ef8d9538c9da4dd5f7