Browsing tag
BadKarma is a GUI based network reconnaissance tool that can gather useful network information at any stage of the penetration testing process. The tool is loaded with some top level reconnaissance and active scanning modules, such as nmap, masscan, shodan, searchsploit, metasploit, dnsrecon, dnsenum, and Whois information resource. The user can select any of these […]
Wapiti is an open source tool that scans web applications for multiple vulnerabilities including data base injections, file disclosures, cross site scripting, command execution attacks, XXE injection, and CRLF injection. The database injection includes SQL, XPath, PHP, ASP, and JSP injections. Command execution attacks include eval(), system(), and passtru() vulnerabilities. Besides identifying the aforesaid vulnerabilities, […]
A2SV is an open source tool used for scanning SSL vulnerabilities in web applications. A2SV performs vulnerability scanning for CCS injection, Heartbleed, Logjam, Freak Attack, Anonymous Cipher, SSL v3 POODLE, SSL v2 Drown, and Crime (SPDY). CCS is the OpenSSL vulnerability that acts as Man in the Middle (MITM) to intercept network traffic and eavesdrop […]
Yuki Chan is an open source tool that automates some of the information gathering and web application penetration testing process. The tool can automate a number of penetration testing tasks, such as information gathering about the target web application, open source intelligence, and vulnerabilities assessment, CMS information, and system enumeration, SSL security auditing, and fuzzing. […]
Pythem is a python framework used for performing various security tests on networks and web applications. These include scanning, web crawling, web application bruteforcing, ARP spoofing, DNS spoofing, DHCP spoofing, redirect webserver attack, network sniffing, and denial of service attacks. Moreover, Pythem is also loaded with other utilities, such as exploits, reverse engineering, pforensics (.pcap […]
Spiderfoot is an open source tool used for reconnaissance purpose. The tool is capable of gathering useful information about the target host through active and passive scanning options. There are different scanning options and modules available in the tool to set the scope of scanning the target hosts. Spiderfoot Installation Spiderfoot can be cloned from […]
Wifiphisher is an open source framework that can be utilised for red team engagements for wireless networks through Man in the Middle attacks. The tool is capable of using the modern wifi association techniques, such as Known Beacons, KARMA, and Evil Twin. With the ‘Known Beacons’ technique, Wifiphisher broadcasts ESSIDs that are known to the […]
Dirhunt is a python tool that can quickly search directories on target domains to find interesting directories and file locations. The URL’s can further be analyzed through offensive security tools. Dirhunt has multiple scanning features. Web developers may create an empty index files to hide certain files/data. Dirhunt can detect those blank index files. It […]
Bloodhound is an open source application used for analyzing security of active directory domains. The tool is inspired by graph theory and active directory object permissions. The tool performs data ingestion from Active Directory domains and highlights the potential for escalation of rights in Active Directory domains, thus uncovering hidden or complex attack paths that […]
Uniscan is an open source tool capable of scanning web applications for critical vulnerabilities, such as sql injection, blind sql injection, cross site scripting, remote file inclusion, web shell vulnerabilities, hidden backdoors, amongst others. Besides vulnerability assessment, Uniscan can also do a Bing and Google search for finding domains on shared IP addresses. Uniscan Installation […]
DNSRecon is a python script used for DNS information gathering. DNS information about a target is an essential requirement for every penetration tester. DNS information helps in mapping the network infrastructure of the target host. DNSRecon is a DNS reconnaissance tool that can perform a variety of enumerations, such as standard record enumeration, Zone transfer, […]
Habu is an open source penetration testing toolkit that can perform various penetration testing tasks related to networks. These include ARP poisoning, ARP sniffing, SNMP cracking, fake FTP server creation, DHCP starvation, DHCP discover, Certificates (SSL/TLS) cloning, Denial of service attacks, TCP port scanning, TCP Flag analysis, social engineering, virtual hosts identification, and web technologies […]
Morpheus is an open source framework that can launch multiple attacks on the network using applications, such as ettercap, msgsnarf, tcpkill, and urlsnarf. The tool’s main objective is to manipulate the tcp/udp data using these backend applications. Some major tasks that can be performed using the Morepheus framework include https credentials stealing, web browsers traffic […]
XSStrike is an open source tool that detects Cross Site Scripting vulnerabilities and exploits them. The tool is equipped with a powerful fuzzing engine that increases the accuracy of the tool. The promising features of the tool include the following. XSStrike is equipped with a powerfull fuzzy engine for accurate results. The tool possesses context […]
Leviathan is an open source toolkit that can be used for auditing networks and web applications. The types of audits that can be performed with Leviathan include discovery of services running on machines, identifying SQL injections in web applications, analyzing the possibility of bruteforce attacks on discovered machines, and testing the security of pre-discovered machines […]
CMSeek is a python tool that is used to detect Content Management System (CMS) within a target website, it can extract useful information like CMS version, installed themes, plugins, usernames, CMS files, and looks for possible vulnerabilities for the identified CMS version. CMSeek can detect more than 130 CMS’s. The CMS detection is performed through HTTP […]
Evilgrade is a modular framework that takes over target machines by injecting fake updates in poorly updated systems using a MITM attack strategy. Evilgrade has a WebServer and DSNServer modules to work as part of the MITM attack framework. Evilgrade requires the manipulation of the victim’s DNS traffic to operate. This can be achieved by […]
CrackMapExec(CME) is a post exploitation tool that can be used for tasks like cracking administrative rights and mapping active directory networks. Active directory is a windows OS utility that provides services like protocols to access other directories in the network, security services through SSL and Kerberos authentication, organizational data storage in a centralized location, and […]
Zeus scanner is an open source tool used for reconnaissance and vulnerability assessments of web applications. The tool is equipped with a powerful parsing engine to extract cached web pages from multiple search engines. During parsing, the robots.txt and sitemap.xml files information of target host is saved in a file on the local system. The […]
Vega is a GUID based open source tool used for testing the security of web applications. The tool can be used to test for disclosure of sensitive information, such as SQL injection, blind SQL injection, reflected cross Site scripting, stored cross site scripting, shell injections, and file inclusion vulnerabilities. A complete list of scanning modules […]
Droopescan is a python based scanner that is used to scan the web applications that utilise Drupal, SilverStripe, and WordPress. The types of information that can be analyzed with Droopescan are those of plugins, themes, versions, and urls like admin panels. This information is useful in identifying known vulnerabilities associated with specific themes and plugins. […]