ToolWar | Information Security (InfoSec) Tools: Top 100

OWASP Amass - Subdomain Enumeration/Scanner : Tool

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMkkEOynUt7XrCQ08ZO7DXwHrtiOnQ6KzkLBUGr1ORjHVElgEpZ9YVI12g5k_1CWCHXdVc6OtERaG_LVt1zaJauILNLAlL8-xYEHP_XzhiMuaTTQvj24MNCzzlTviXcpeJyIidAxA-V08e/s1600/Amass.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="OWASP Amass Subdomain Scanner" border="0" data-original-height="327" data-original-width="647" height="202" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMkkEOynUt7XrCQ08ZO7DXwHrtiOnQ6KzkLBUGr1ORjHVElgEpZ9YVI12g5k_1CWCHXdVc6OtERaG_LVt1zaJauILNLAlL8-xYEHP_XzhiMuaTTQvj24MNCzzlTviXcpeJyIidAxA-V08e/s400/Amass.JPG" title="OWASP Amass Subdomain Scanner" width="400" /></a></div>
<br />
<div style="text-align: justify;">
The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and perform external asset discovery using open source information gathering and active reconnaissance techniques.</div>
<b><br />
</b> <b>Information Gathering Techniques Used:</b><br />
<br />
<div style="text-align: justify;">
1] DNS: Basic enumeration, Brute forcing (upon request), Reverse DNS sweeping, Subdomain name alterations/permutations, Zone transfers (upon request)</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
2] Scraping: Ask, Baidu, Bing, CommonCrawl, DNSDumpster, DNSTable, Dogpile, Exalead, FindSubdomains, Google, HackerOne, IPv4Info, Netcraft, PTRArchive, Riddler, SiteDossier, ViewDNS, Yahoo</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
3] Certificates: Active pulls (upon request), Censys, CertDB, CertSpotter, Crtsh, Entrust</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
4] APIs: AlienVault, BinaryEdge, BufferOver, CIRCL, DNSDB, HackerTarget, Mnemonic, NetworksDB, PassiveTotal, RADb, Robtex, SecurityTrails, ShadowServer, Shodan, Sublist3rAPI, TeamCymru, ThreatCrowd, Twitter, Umbrella, URLScan, VirusTotal</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
5] Web Archives: ArchiveIt, ArchiveToday, Arquivo, LoCArchive, OpenUKArchive, UKGovArchive, Wayback</div>
<div style="text-align: justify;">
<br /></div>
<h3 style="text-align: justify;">
Video Tutorial:</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="" class="YOUTUBE-iframe-video" data-thumbnail-src="https://i.ytimg.com/vi/mEQnVkSG19M/0.jpg" frameborder="0" height="330" src="https://www.youtube.com/embed/mEQnVkSG19M?feature=player_embedded" width="100%"></iframe></div>
<h3 style="text-align: justify;">
 </h3>
<h3 style="text-align: justify;">
Documentation:  </h3>
<div style="text-align: justify;">
1] <a href="https://github.com/OWASP/Amass/blob/master/doc/install.md" target="_blank">Installation Guide </a></div>
<div style="text-align: justify;">
2] <a href="https://github.com/OWASP/Amass/blob/master/doc/user_guide.md" target="_blank">User's Manual/How to Use</a></div>
<h3 style="text-align: justify;">
Download:</h3>
<div style="text-align: justify;">
Amass is available for various platforms like Linux, Windows, MacOS etc.</div>
<div style="text-align: justify;">
1] <a href="https://github.com/OWASP/Amass" target="_blank">Download Link</a></div>
<div style="text-align: justify;">
2] <a href="https://github.com/OWASP/Amass/releases" target="_blank">Precompiled Binary</a> (Windows, MacOS, Linux)</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>Official Page:</b> <a href="https://github.com/OWASP/Amass" target="_blank">OWASP Amass</a></div>

OWASP Amass - Subdomain Enumeration/Scanner : Tool

The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and p...

FireEye Commando VM : Distribution

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUG0wWFAx6CM5Ug02umH4-Gc6HRmvdNUYizRu7qErUQoETWDi6nBqDxyH84E2hVlXWFsDVg3G3wT_7udATupj_wqUIRtOm37Jl6yBFvO6Bed8ykdD92751Aw067mQBmt2fRtP-fsn5CbK7/s1600/CVM+logo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="commando vm fireeye" border="0" data-original-height="750" data-original-width="974" height="246" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUG0wWFAx6CM5Ug02umH4-Gc6HRmvdNUYizRu7qErUQoETWDi6nBqDxyH84E2hVlXWFsDVg3G3wT_7udATupj_wqUIRtOm37Jl6yBFvO6Bed8ykdD92751Aw067mQBmt2fRtP-fsn5CbK7/s320/CVM+logo.png" title="commando vm fireeye" width="320" /></a></div>
<div style="text-align: justify;">
CommandoVM - a fully customized, Windows-based security <a href="http://www.toolwar.com/search/label/Distribution" target="_blank">distribution</a> for penetration testing and red teaming. </div>
<div style="text-align: justify;">
Penetration testers commonly use their own variants of Windows 
machines when assessing Active Directory environments. Commando VM was 
designed specifically to be the go-to platform for performing these 
internal penetration tests. The benefits of using a Windows machine 
include native support for Windows and Active Directory, using your VM 
as a staging area for C2 frameworks, browsing shares more easily (and 
interactively), and using tools such as PowerView and BloodHound without having to worry about placing output files on client assets.</div>
<div style="text-align: justify;">
Commando VM uses Boxstarter, Chocolatey, and MyGet packages
 to install all of the software, and delivers many tools and utilities 
to support penetration testing. This list includes more than 140 tools, 
including:</div>
<ul style="list-style-position: inside; text-align: justify;">
<li><a href="http://www.toolwar.com/2014/02/nmap-and-zenmap-network-discovery-and.html" target="_blank">Nmap</a></li>
<li><a href="http://www.toolwar.com/2013/09/wireshark-tools.html" target="_blank">Wireshark</a></li>
<li>Covenant</li>
<li>Python</li>
<li>Go</li>
<li>Remote Server Administration Tools</li>
<li><a href="http://www.toolwar.com/2013/09/sysinternals.html" target="_blank">Sysinternals</a></li>
<li>Mimikatz</li>
<li><a href="http://www.toolwar.com/2013/09/burp-suite-tools.html" target="_blank">Burp-Suite</a></li>
<li>x64dbg</li>
<li>Hashcat</li>
</ul>
<div style="text-align: justify;">
With such versatility, Commando VM aims to be the de facto <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows </a>machine for every penetration tester and red teamer. For the blue 
teamers reading this, don’t worry, we’ve got full blue team support as 
well! The versatile tool sets included in Commando VM provide blue teams
 with the tools necessary to audit their networks and improve their 
detection capabilities. With a library of offensive tools, it makes it 
easy for blue teams to keep up with offensive tooling and attack trends.</div>
<div style="text-align: justify;">
<br /></div>
<h4>
Requirements</h4>
<ul>
<li>Windows 7 Service Pack 1 or Windows 10</li>
<li>60 GB Hard Drive</li>
<li>2 GB RAM</li>
</ul>
<h3 style="text-align: justify;">
Installation Instruction: </h3>
<ol>
<li>Create and configure a new Windows Virtual Machine</li>
</ol>
<ul>
<li>Ensure VM is updated completely. You may have to check for updates, reboot, and check again until no more remain</li>
<li>Take a snapshot of your machine!</li>
<li>Download and copy <code>install.ps1</code> on your newly configured machine.</li>
<li>Open PowerShell as an Administrator</li>
<li>Enable script execution by running the following command:
<ul>
<li><code>Set-ExecutionPolicy Unrestricted</code></li>
</ul>
</li>
<li>Finally, execute the installer script as follows:
<ul>
<li><code>.\install.ps1</code></li>
<li>You can also pass your password as an argument: <code>.\install.ps1 -password <password></code></li>
</ul>
</li>
</ul>
<div style="text-align: justify;">
<b>Detailed Installation Instruction: </b><a href="https://github.com/fireeye/commando-vm" rel="nofollow" target="_blank">Click Here</a><b> </b></div>
<div style="text-align: justify;">
<b>Download: </b><a href="https://github.com/fireeye/commando-vm" rel="nofollow" target="_blank">Commando VM</a></div>
<div style="text-align: justify;">
<b>Official Website: </b><a href="https://www.fireeye.com/blog/threat-research/2019/03/commando-vm-windows-offensive-distribution.html" rel="nofollow" target="_blank">FireEye</a></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>

FireEye Commando VM : Distribution

CommandoVM - a fully customized, Windows-based security distribution for penetration testing and red teaming. Penetration testers comm...

Mobile Security Framework (MobSF) : Framework

<div class="separator" style="clear: both; text-align: center;">
<img alt="Mobile Security Framework : ToolWar" border="0" height="232" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg92QuRFrhtVqI-D5Nzc-bu8_p0vvCirYl6qqK45JFNtlLSChwXklrMauZ_BLYvAZfq7H7ml0YTzaijl0GfbktnY_-sHW34h8B1tteqowCXjg_ELksZixDcb5Ff1B0JPxCVUTK9mYO9iNhL/s400/MobSF.png" title="Mobile Security Framework : ToolWar" width="400" /></div>
<div style="text-align: justify;">
<b>Mobile Security Framework (MobSF)</b> is an intelligent, all-in-one open 
source mobile application (Android/iOS) automated pen-testing framework 
capable of performing static and dynamic analysis. It can be used for 
effective and fast security analysis of Android and iOS Applications and
 supports both binaries (APK & IPA) and zipped source code.<b> MobSF</b> 
can also perform Web API Security testing with it's API Fuzzer that can 
do Information Gathering, analyze Security Headers, identify Mobile API 
specific vulnerabilities like XXE, SSRF, Path Traversal, IDOR, and other
 logical issues related to Session and API Rate Limiting.</div>
<div style="text-align: justify;">
<br /></div>
<h3>
Tutorial: </h3>
<ul>
<li><a href="https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/wiki/1.-Documentation">https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/wiki/1.-Documentation</a></li>
</ul>
<h3>
Video Tutorial: </h3>
<h3>
Download: <strong> </strong></h3>
<strong>Windows</strong>: Extract the <a href="https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/archive/master.zip" target="_blank">MobSF</a> compressed file to C:\MobSF<strong> </strong><br />
<strong>Mac</strong>: Extract <a href="https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/archive/master.zip" target="_blank">MobSF</a> compressed file to /Users/[username]/MobSF<strong> </strong><br />
<strong>Linux</strong>: Extract <a href="https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/archive/master.zip" target="_blank">MobSF</a> compressed file to /home/[username]/MobSF<br />
<br />
<div style="text-align: justify;">
<br /></div>

Mobile Security Framework (MobSF) : Framework

Mobile Security Framework (MobSF) is an intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing fram...

Suricata (IDS/IPS Engine) :: Tools

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<img alt="suricata logo" border="0" height="265" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBA8R1kVvwx8gIls0T9zJesWG83diVGoQDvpgQ64t30hKH72d_JYtyh6xI7vCSI20ZvkEvN3A3va6GdCt1J0dGvzTFshoa1K338lSeSq1we3BTEUrhBpV9mg7FY32RNfglod3Y94UbDU91/s1600/suricata.png" title="suricata logo" width="320" /></div>
<b>The Suricata Engine</b> is an <b>Open Source Next Generation Intrusion Detection and Prevention Engine.</b> This engine is not intended to just replace or emulate the existing <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a> in the industry, but will bring new ideas and technologies to the field.<br />
<br />
<b>OISF</b> is part of and funded by the Department of Homeland Security's Directorate for Science and Technology HOST program (Homeland Open Security Technology), by the the Navy's Space and Naval Warfare Systems Command (SPAWAR), as well as through the very generous support of the members of the OISF Consortium. More information about the Consortium is available, as well as a list of our current Consortium Members.<br />
<br />
The <b>Suricata </b>Engine and the HTP Library are available to use under the GPLv2.<br />
<br />
The HTP Library is an HTTP normalizer and parser written by Ivan Ristic of Mod <a href="http://www.toolwar.com/search/label/Security" target="_blank">Security</a> fame for the OISF. This integrates and provides very advanced processing of HTTP streams for <b>Suricata</b>. The HTP library is required by the engine, but may also be used independently in a range of applications and tools.</div>
<div style="text-align: justify;">
</div>
<div style="text-align: justify;">
<h3>
Tutorial ::</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/A8e3y2DRiWg?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
</div>
<div style="text-align: justify;">
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/-CDGwRm2ue8?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3>
Download ::</h3>
</div>
<div style="text-align: justify;">
<b>Unix, Linux & Mac :: </b><a href="https://redmine.openinfosecfoundation.org/attachments/download/971/Suricata-1.4.7-1-32bit.msi" target="_blank">Suricata v1.4.7</a> (.tar.gz)<b>
</b></div>
<div style="text-align: justify;">
<b>Windows :: </b><a href="https://redmine.openinfosecfoundation.org/attachments/download/971/Suricata-1.4.7-1-32bit.msi" target="_blank">Suricata v1.4.7.1</a> (.msi)</div>
<div style="text-align: justify;">
<b>Official Website ::</b> <a href="http://www.openinfosecfoundation.org/index.php/download-suricata">http://www.openinfosecfoundation.org/index.php/download-suricata</a></div>

Suricata (IDS/IPS Engine) :: Tools

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just re...

EtherApe (Graphical Network Monitor) :: Tools

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9-e6IMfm4L4BPvg8xBw_1z3S4tjBYqsZ0F40EyiJ_0oUmUbu8GJcn7a0xXie8ubZmErEnq-syvMbFgasiJG8trgldY0-0DMZs6LaVP-hTmlN6qvezeaFjLZzXZnbZt-F_d9hXYuUH-VN-/s1600/etherape_intro2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="etherape screenshot" border="0" height="246" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9-e6IMfm4L4BPvg8xBw_1z3S4tjBYqsZ0F40EyiJ_0oUmUbu8GJcn7a0xXie8ubZmErEnq-syvMbFgasiJG8trgldY0-0DMZs6LaVP-hTmlN6qvezeaFjLZzXZnbZt-F_d9hXYuUH-VN-/s1600/etherape_intro2.png" title="etherape screenshot" width="400" /></a></div>
<b>EtherApe</b> is a <b>graphical network monitor for Unix</b> modeled after <i>etherman</i>. Featuring link layer, IP and TCP modes, it displays <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> activity graphically. Hosts and links change in size with traffic. Color coded <a href="http://www.toolwar.com/search/label/Protocol" target="_blank">protocols</a> display.<br />
It supports Ethernet, FDDI, Token Ring, ISDN, PPP, SLIP and WLAN devices, plus several  encapsulation formats.  It can filter traffic to be shown, and can read <a href="http://www.toolwar.com/search/label/Packet" target="_blank">packets</a> from a file as well as live from the network. Node statistics can be exported.</div>
<div style="text-align: justify;">
<b>As of version 0.9.13, EtherApe as these features, in no particular order:
      </b><br />
<ul>
<li><span style="background-color: white;">Network traffic is displayed graphically. The more
"talkative" a node is, the bigger its representation. </span></li>
<li><span style="background-color: white;">Node and link color shows the most used protocol. </span></li>
<li><span style="background-color: white;">User may select what level of the protocol stack to
concentrate on. </span></li>
<li><span style="background-color: white;">You may either look at traffic within your network,
end to end IP, or even port to port TCP. </span></li>
<li><span style="background-color: white;">Data can be captured "off the wire" from a live
network connection, or read from a tcpdump capture file. </span></li>
<li><span style="background-color: white;">Live data can be read from ethernet, FDDI, PPP, SLIP and WLAN interfaces, 
        plus several other incapsulated formats (e.g. Linux cooked, PPI).</span></li>
<li><span style="background-color: white;">The following frame and packet types are currently
supported: ETH_II, 802.2, 803.3, IP, IPv6, ARP, X25L3, REVARP, ATALK,
AARP, IPX, VINES, TRAIN, LOOP, VLAN, ICMP, IGMP, GGP, IPIP, TCP, EGP,
PUP, UDP, IDP, TP, ROUTING, RSVP, GRE, ESP, AH, EON,
VINES, EIGRP, OSPF, ENCAP, PIM, IPCOMP, VRRP; and most TCP and UDP
services, like TELNET, FTP, HTTP, POP3, NNTP, NETBIOS, IRC, DOMAIN,
SNMP, etc. </span></li>
<li><span style="background-color: white;">Data display can be refined using a network filter using pcap syntax.</span></li>
<li><span style="background-color: white;">Display averaging and node persistence times are
fully configurable. </span></li>
<li><span style="background-color: white;">Name resolution is done using standard libc
functions, thus supporting DNS, hosts file, etc. </span></li>
<li><span style="background-color: white;">Clicking on a node/link opens a detail
dialog showing protocol breakdown and other traffic
statistics. </span></li>
<li><span style="background-color: white;">Protocol summary dialog shows global traffic
statistics by protocol.</span></li>
<li><span style="background-color: white;">Node summary dialog shows traffic
statistics by node.</span></li>
<li><span style="background-color: white;">Node statistics export to XML file.</span></li>
<li><span style="background-color: white;">A single node can be centered on the display.</span></li>
<li><span style="background-color: white;">Scrollkeeper/rarian-compatible manual integrated with yelp.</span></li>
</ul>
</div>
<h3 style="text-align: justify;">
Tutorial ::</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/3S95lWky9CU?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div style="text-align: justify;">
<br /></div>
<h3 style="text-align: justify;">
Download ::</h3>
<div style="text-align: justify;">
<b>Linux :: </b><a href="http://sourceforge.net/projects/etherape/files/latest/download?source=files" target="_blank">Etherape v0.9.11</a> (.tar.gz)</div>
<div style="text-align: justify;">
<b>Official Website ::</b> <a href="http://etherape.sourceforge.net/">http://etherape.sourceforge.net/</a></div>

EtherApe (Graphical Network Monitor) :: Tools

EtherApe is a graphical network monitor for Unix modeled after etherman . Featuring link layer, IP and TCP modes, it displays network ...

The Sleuth Kit (TSK - Forensics) :: Framework

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
 <img alt="the sleuth kit logo" border="0" height="166" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPBlwuWRltXOU2hEze6gjFS1OxwMM7HIYQuU4ElDgNsV8TmyWm9VYKauKsZbzStobxPbL4KSrUSqGxKXIYhNU4IluquGMQPe90Q6zRuGBMq_N92DQ2PK4G6lfCg8iLWGVDyVT8B8THFPHd/s1600/the+sleuth+kit+logo.gif" title="the sleuth kit logo" width="200" /></div>
<b>The Sleuth Kit</b> is a C++ library and collection of open source file 
system <a href="http://www.toolwar.com/search/label/Forensics" target="_blank"><b>forensics tools</b></a> that allow you to, among other things, view 
allocated and deleted data from NTFS, FAT, FFS, EXT2, Ext3, HFS+, and 
ISO9660 images. <br />
<b>The Sleuth Kit® (TSK)</b> is a library and collection of command line <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a> that allow you to investigate disk images. The core functionality  of <b>TSK</b> allows you to <a href="http://www.toolwar.com/search/label/Analysis" target="_blank">analyze</a> volume and file system data. The plug-in  <a href="http://www.toolwar.com/search/label/Frameworks" target="_blank">framework</a> allows you to incorporate additional modules to analyze file  contents and build automated systems. The library can be incorporated into larger digital forensics tools and the <a href="http://www.toolwar.com/search/label/CLI" target="_blank">command  line</a> tools can be directly used to find evidence. </div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
There are three different packages for each <b>The Sleuth Kit® (TSK) </b>release.</div>
<ul style="text-align: justify;">
<li><b>sleuthkit-X.X.X.tar.gz</b>: This is the source code release of  TSK core and framework that you must compile on your computer. This is  most commonly used on non-<a href="http://www.toolwar.com/search/label/Windows" target="_blank">windows</a> systems.</li>
<li><b>sleuthkit-X.X.X-win32.zip</b>: This is the compiled windows release of TSK core. This has executables and libraries that allow you to run this on windows.</li>
<li><b>sleuthkit-X.X.X-framework-win32.zip</b>: This is the compiled  windows release of the framework. It has the tsk_analyzeimg program that  allows you to run the framework on a disk image.</li>
</ul>
<div style="text-align: justify;">
<br /></div>
<h3>
Tutorials ::</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/YybBQycLL9w?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/3ieolkMJxJk?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3>
Download ::</h3>
<b>Windows (x86) :: </b><a class="name" href="http://sourceforge.net/projects/sleuthkit/files/sleuthkit/4.1.2/sleuthkit-4.1.2-win32.zip/download" title="Click to download sleuthkit-4.1.2-win32.zip">Sleuthkit-4.1.2-win32.zip</a> | <a class="name" href="http://sourceforge.net/projects/sleuthkit/files/sleuthkit/4.1.2/sleuthkit-4.1.2-framework-win32.zip/download" title="Click to download sleuthkit-4.1.2-framework-win32.zip">Sleuthkit-4.1.2-framework-win32.zip</a>
<b> </b><br />
<b>Linux :: </b><a class="name" href="http://sourceforge.net/projects/sleuthkit/files/sleuthkit/4.1.2/sleuthkit-4.1.2.tar.gz/download" title="Click to download sleuthkit-4.1.2.tar.gz">Sleuthkit-4.1.2.tar.gz</a> <br />
<b>Official Website :: </b> <a href="http://www.sleuthkit.org/sleuthkit/">http://www.sleuthkit.org/sleuthkit/</a>

The Sleuth Kit (TSK - Forensics) :: Framework

The Sleuth Kit is a C++ library and collection of open source file system forensics tools that allow you to, among other things, vie...

Volatility (Advanced Memory Forensics Framework) :: Framework

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<img alt="Volatility Framework (Advance Memory Framework)" border="0" height="244" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjwYsvSKFWGazVkY8HTm3e9MOP8FLgDHrNIEhfik5auQuUNypN7S2Vl_ZHpcAkdSMaAcULytu3T0GEW5lT53Towrr6YEo48gjALbDFYqIdwWgbH_SwnzwssHoTNoZWyDysqNDN1W5rFYL0S/s320/volatility+logo.png" title="Volatility Framework (Advance Memory Framework)" width="320" /></div>
<b>Volatility Framework</b> is a <i>Advanced Memory Forensics Framework. </i>The <b>Volatility Framework</b>  is a completely open collection of <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a>, implemented in <a href="http://www.toolwar.com/search/label/Python" target="_blank">Python</a> under  the GNU General Public License, for the extraction of digital artifacts  from volatile <a href="http://www.toolwar.com/search/label/Memory" target="_blank">memory</a> (RAM) samples. The extraction techniques are  performed completely independent of the system being investigated but  offer unprecedented visibilty into the runtime state of the system.  The <a href="http://www.toolwar.com/search/label/Frameworks" target="_blank"> framework</a> is intended to introduce people to the techniques and  complexities associated with extracting digital artifacts from volatile <a href="http://www.toolwar.com/search/label/Memory" target="_blank"> memory</a> samples and provide a platform for further work into this  exciting area of research.   <br />
The <b>Volatility Framework</b>  demonstrates our commitment to and belief in the importance of open  source digital investigation <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a> . Volatile Systems is committed to  the belief that the technical procedures used to extract digital  evidence should be open to peer analysis and review.  We also believe  this is in the best interest of the digital investigation community, as  it helps increase the communal knowledge about systems we are forced to  investigate.   Similarly, we do not believe the availability of these  tools should be restricted and therefore encourage people to modify,  extend, and make derivative works, as permitted by the GPL.   </div>
<h3 style="text-align: left;">
<span style="font-size: small;">Capabilities :-</span></h3>
<div style="text-align: justify;">
The <b>Volatility Framework</b> currently provides the following extraction capabilities for memory samples   </div>
<ul style="list-style-type: disc; text-align: justify;">
<li>Image information (date, time, CPU count)</li>
<li>Running processes</li>
<li>Process SIDs and environment variables</li>
<li>Open network sockets</li>
<li>Open network connections</li>
<li>DLLs loaded for each process</li>
<li>Open handles to all kernel/executive objects (files, keys, mutexes)</li>
<li>OS kernel modules</li>
<li>Dump any process, DLL, or module to disk</li>
<li>Mapping physical offsets to virtual addresses</li>
<li>Virtual Address Descriptor information</li>
<li>Addressable memory for each process</li>
<li>Memory maps for each process</li>
<li>Extract executable samples</li>
<li>Scanning examples: processes, threads, sockets, connections, modules</li>
<li>Command histories (cmd.exe) and console input/output buffers</li>
<li>Imported and exported API functions</li>
<li>PE version information</li>
<li>System call tables (IDT, GDT, SSDT)</li>
<li>API hooks in user- and kernel-mode (inline, IAT, EAT, NT syscall, winsock)</li>
<li>Explore cached registry hives</li>
<li>Dump LM/NTLM hashes and LSA secrets</li>
<li>User assist and shimcache exploration</li>
<li>Scan for byte patterns, regular expressions, or strings in memory</li>
<li>Analyze kernel timers and callback functions</li>
<li>Report on windows services</li>
</ul>
<h3>
Tutorial ::</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/zhQP07YKLL0?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3>
</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/zXh-1mK5FyU?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3>
</h3>
<h3>
Download ::</h3>
<b>Windows :: </b><a href="https://volatility.googlecode.com/files/volatility-2.3.1.standalone.exe" target="_blank">Volatility 2.3.1 Standalone </a><b>
</b>
<b> </b><br />
<b>Linux :: </b><a href="https://volatility.googlecode.com/files/volatility-2.3.1.tar.gz" target="_blank">Volatility 2.3.1.tar.gz</a><b>
</b>
<b> </b><br />
<b>Mac :: </b><a href="https://volatility.googlecode.com/files/MacProfilesAll.zip" target="_blank">Volatility Framework </a><br />
<b></b><b>Source :: </b><a href="https://code.google.com/p/volatility/">https://code.google.com/p/volatility/</a><b>
</b>

Volatility (Advanced Memory Forensics Framework) :: Framework

Volatility Framework is a Advanced Memory Forensics Framework. The Volatility Framework is a completely open collection of tools , imp...

DFF (Digital Forensics Framework) :: Framework

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgIl1DdbsO0WfC9qJDGu02Asu8jmU-fMvvGqJMnoXYIsycbH4eFW775XwZteITm_g2b8WSSdGZMbd7O8O3wZHb-6a1jsPqXb98HsFnIMVxzOlcFkVtQFC1j5SodKKFdqH5k_nWuugslcbtP/s1600/DFF+LOgo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="DFF Logo" border="0" height="166" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgIl1DdbsO0WfC9qJDGu02Asu8jmU-fMvvGqJMnoXYIsycbH4eFW775XwZteITm_g2b8WSSdGZMbd7O8O3wZHb-6a1jsPqXb98HsFnIMVxzOlcFkVtQFC1j5SodKKFdqH5k_nWuugslcbtP/s1600/DFF+LOgo.png" title="DFF Logo" width="400" /></a></div>
<div style="text-align: justify;">
<b>DFF (Digital Forensics Framework)</b> is a free and Open Source <b>computer  forensics software</b> built on top of a dedicated Application Programming  Interface (API). It can be used both by professional and non-expert people in order to quickly  and easily collect, preserve and reveal digital evidences without  compromising systems and data.</div>
<h3 style="text-align: justify;">
Features :: </h3>
<ul style="text-align: justify;">
<li>Preserve digital chain of custody - Software write blocker, cryptographic <a href="http://www.toolwar.com/search/label/Hash" target="_blank">hash</a> calculation</li>
<li>Access to local and remote devices - Disk drives, removable devices, remote file systems</li>
<li>Read standard <a href="http://www.toolwar.com/search/label/Forensics" target="_blank">digital forensics</a> file formats - Raw, Encase EWF, AFF 3 file formats</li>
<li><a href="http://www.toolwar.com/search/label/Virtual" target="_blank">Virtual machine</a> disk reconstruction - VmWare (VMDK) compatible</li>
<li><a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a> and <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux OS</a> forensics - <a href="http://www.toolwar.com/search/label/Registry" target="_blank">Registry</a>, Mailboxes, NTFS, EXTFS 2/3/4, FAT 12/16/32 file systems</li>
<li>Quickly triage and search for (meta-)data - Regular expressions, dictionaries, content search, tags, time-line</li>
<li><a href="http://www.toolwar.com/search/label/Recovery" target="_blank">Recover</a> hidden and deleted artifacts - Deleted files / folders, unallocated spaces, carving</li>
<li>Volatile <a href="http://www.toolwar.com/search/label/Memory" target="_blank">memory forensics</a> - Processes, local files, binary extraction, network connections</li>
</ul>
<div style="text-align: justify;">
<b>Digital Forensics Framework (DFF)</b> is an open source computer forensics software. It advertises the ability to be used by both professionals and non-experts to collect, preserve, and reveal digital evidence without compromising systems and data. </div>
<div style="text-align: justify;">
<b>Digital Forensics Framework</b> offers two user interfaces, a graphical one developed in PyQt and providing classical tree view but also more advanced features such as recursive view, tagging, live search or bookmarking. Its command line interface enables to perform <a href="http://www.toolwar.com/search/label/Investigation" target="_blank">digital investigation</a> remotely and comes with usual functionnalities available in common shell such as completion, tasks management, globing or keyboard shortcuts. DFF can also run batch scripts at startup to automate repetitive tasks. Advanced users and developers can also use DFF directly from a <a href="http://www.toolwar.com/search/label/Python" target="_blank">Python</a> interpreter to script their investigation.</div>
<h3 style="text-align: justify;">
Tutorials ::</h3>
<div style="text-align: justify;">
<b>DFF Blog :: </b><a href="http://www.digital-forensic.org/blog/" target="_blank">Click Here</a><b><br />
</b></div>
<b>DFF Wiki :: </b><a href="http://wiki.digital-forensic.org/" target="_blank">Click Here</a><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/02uZv72KS88?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3 style="text-align: justify;">
Download ::</h3>
<div style="text-align: justify;">
<b>Linux | Windows :: </b><a href="http://www.digital-forensic.org/en/downloads/dff/" target="_blank">DFF v1.3.0</a> (Free Edition)</div>
<div style="text-align: justify;">
<b>Official Website ::</b> <a href="http://wiki.digital-forensic.org/index.php/Main_Page">http://wiki.digital-forensic.org/index.php/Main_Page</a></div>

DFF (Digital Forensics Framework) :: Framework

DFF (Digital Forensics Framework) is a free and Open Source computer forensics software built on top of a dedicated Application Progra...

Fern WiFi Cracker (Wireless Security Auditing) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg_r9FW3TnXSaixk_XdPQeulTjkmnrUgCEaSMttahhSYB74fXxI7yrdv1fpiOwsdke6A8UYl_jOglpFZZF0snnVewT3z3Er5LlcI-Roo6j-vtoGbv6kPZMrd9BUb6gl3IdqLt_Iqp2tDCCF/s1600/fern+wifi+cracker+toolwar.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg_r9FW3TnXSaixk_XdPQeulTjkmnrUgCEaSMttahhSYB74fXxI7yrdv1fpiOwsdke6A8UYl_jOglpFZZF0snnVewT3z3Er5LlcI-Roo6j-vtoGbv6kPZMrd9BUb6gl3IdqLt_Iqp2tDCCF/s1600/fern+wifi+cracker+toolwar.png" /></a></div>
<div style="text-align: justify;">
<b>Fern Wifi Cracker</b> is a <b><i>Wireless security auditing</i></b> and attack software program written using the <a href="http://www.toolwar.com/search/label/Python" target="_blank">Python</a> Programming Language and the Python Qt GUI library,  the program is able to crack and recover WEP/WPA/WPS keys and also run  other <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> based <a href="http://www.toolwar.com/search/label/Attack" target="_blank">attacks</a> on wireless or ethernet based networks.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>Features :-</b></div>
<div style="text-align: justify;">
<ul>
<li>WEP <a href="http://www.toolwar.com/search/label/Cracking" target="_blank">Cracking</a> with Fragmentation,Chop-Chop, Caffe-Latte, Hirte, ARP Request Replay or WPS attack </li>
<li>WPA/WPA2 Cracking with Dictionary or WPS based attacks</li>
<li>Automatic saving of key in database on successful crack</li>
<li>Automatic Access Point Attack System</li>
<li>Session Hijacking (Passive and Ethernet Modes)</li>
<li>Access Point MAC Address Geo Location Tracking</li>
<li>Internal <a href="http://www.toolwar.com/search/label/MITM" target="_blank">MITM</a> Engine</li>
<li>Bruteforce Attacks (HTTP,HTTPS,TELNET,FTP)</li>
<li>Update Support</li>
</ul>
<h3>
<b>Tutorials ::  </b></h3>
<b>Session Hijacking Demonstration ::</b><br />
<b> </b> <br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/Bi-8JRNpMqo?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<br />
<b>Bruteforcing Routers with Fern-Wifi-Cracker ::</b>  <br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/_ztQQWMoVX4?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<br />
<b>Cracking WEP Security with Fern-Wifi-Cracker ::</b>  <br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/vpiOPEZD6qw?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<br />
<h3>
<b>Download :: </b></h3>
<b>Download Here :: </b><a href="http://code.google.com/p/fern-wifi-cracker/downloads/list" target="_blank">Fern WiFi Cracker</a> <b> </b><br />
<b>Source Website ::</b> <a href="http://code.google.com/p/fern-wifi-cracker/">http://code.google.com/p/fern-wifi-cracker/</a></div>
</div>

Fern WiFi Cracker (Wireless Security Auditing) :: Tools

Fern Wifi Cracker is a Wireless security auditing and attack software program written using the Python Programming Language and the P...

Bulk Extractor (Computer Forensics) :: Tools

<div class="separator" style="clear: both; text-align: center;">
<img alt="Bulk Extractor" border="0" height="267" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSwFRjzP4nYzs-ILiilqCBkm5oZiif74oCtqJU8AR5h2mTI_uHT4qyVykTzAKntroljTwfaPMVl2vcJLfpgcd6GaTRTidtiwi8dgXrG0Sp6F0pMD2_DCiaA94q7R02Bz4t8-nz_dhg07WE/s1600/computer-forensic-analysis.jpg" title="Bulk Extractor" width="400" /></div>
<div style="text-align: justify;">
<b>Bulk Extractor</b> is a <b>computer forensics tool</b> that scans a disk  image, a file, or a directory of files and extracts useful information  without parsing the file system or file system structures. The results  can be easily inspected, parsed, or processed with automated tools. <b>Bulk Extractor</b>  also created a histograms of features that it finds, as features that  are more common tend to be more important. The program can be used for  law enforcement, defense, intelligence, and <a href="http://www.toolwar.com/search/label/Forensics" target="_blank">cyber-investigation</a>  applications. </div>
<div style="text-align: justify;">
bulk_extractor is distinguished from other forensic tools by its  speed and thoroughness. Because it ignores file system structure, <b>Bulk Extractor</b> can process different parts of the disk in parallel. In  practice, the program splits the disk up into 16MiByte pages and  processes one page on each available core. This means that 24-core  machines process a disk roughly 24 times faster than a 1-core machine. <b>Bulk Extractor</b> is also thorough. That’s because <b>Bulk Extractor</b>  automatically detects, decompresses, and recursively re-processes  compressed data that is compressed with a variety of algorithms. Our  <a href="http://www.toolwar.com/search/label/Testing" target="_blank">testing</a> has shown that there is a significant amount of compressed data  in the unallocated regions of file systems that is missed by most  <a href="http://www.toolwar.com/search/label/Forensics" target="_blank">forensic tools</a> that are commonly in use today. </div>
<div style="text-align: justify;">
Another advantage of ignoring file systems is that <b>Bulk Extractor</b>  can be used to process any digital media. We have used the program to  process hard drives, SSDs, optical media, camera cards, <a href="http://www.toolwar.com/search/label/Phone" target="_blank">cell phones</a>,  network packet dumps, and other kinds of digital information. </div>
<h3 style="text-align: justify;">
Tutorials ::</h3>
<div style="text-align: justify;">
<span style="font-family: inherit;"><span style="font-size: small;"><b>Compiling for MacOS or Linux</b> :: </span></span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;"><span style="font-size: small;">From the downloaded source directory run bootstrap.sh, configure and make: </span></span> </div>
<ul style="text-align: justify;">
<li><span style="font-family: "Courier New",Courier,monospace;">$ cd bulk_extractor </span></li>
<li><span style="font-family: "Courier New",Courier,monospace;">$ sh bootstrap.sh </span></li>
<li><span style="font-family: "Courier New",Courier,monospace;">$ sh configure </span></li>
<li><span style="font-family: "Courier New",Courier,monospace;">$ make </span></li>
<li><span style="font-family: "Courier New",Courier,monospace;">$ sudo make install </span></li>
</ul>
<div style="text-align: justify;">
<b>Compiling for Windows :: </b></div>
<div style="text-align: justify;">
There are three ways to compile for Windows: </div>
<div style="text-align: justify;">
1. Cross-compiling from a Linux or Mac system with mingw. </div>
<div style="text-align: justify;">
2. Compiling natively on Windows using mingw. </div>
<div style="text-align: justify;">
3. Compiling natively on Windows using cygwin (untested)</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>Cross-compiling for Windows using Debian Testing (wheezy) or Ubuntu 12.04 LTS (with mingw) :: </b></div>
<div style="text-align: justify;">
You will need to install mingw-w64 and zlib-dev: </div>
<ul style="text-align: justify;">
<li><span style="font-family: "Courier New",Courier,monospace;">$ sudo apt-get update </span></li>
<li><span style="font-family: "Courier New",Courier,monospace;">$ sudo apt-get upgrade </span></li>
<li><span style="font-family: "Courier New",Courier,monospace;">$ sudo apt-get -y install mingw-w64 </span></li>
</ul>
<div style="text-align: justify;">
Next, download zlib from zlib.net </div>
<ul style="text-align: justify;">
<li><span style="font-family: "Courier New",Courier,monospace;">$ ./configure --host=i686-w64-mingw32 </span></li>
</ul>
<div style="text-align: justify;">
This allows the cross-compiling of the 64-bit and the 32-bit bulk_extractor.exe, although we do not recommend running the 32-bit version. </div>
<div style="text-align: justify;">
Now you are ready to compile: </div>
<ul style="text-align: justify;">
<li><span style="font-family: "Courier New",Courier,monospace;">$ git clone --recursive https://github.com/simsong/bulk_extractor.git </span></li>
<li><span style="font-family: "Courier New",Courier,monospace;">$ cd bulk_extractor </span></li>
<li><span style="font-family: "Courier New",Courier,monospace;">$ sh bootstrap.sh </span></li>
<li><span style="font-family: "Courier New",Courier,monospace;">$ mingw64-configure</span></li>
</ul>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>Installing on a Linux/MacOS/Mingw system :: </b></div>
<ul style="text-align: justify;">
<li><span style="font-family: "Courier New",Courier,monospace;">$ ./configure </span></li>
<li><span style="font-family: "Courier New",Courier,monospace;">$ make </span></li>
<li><span style="font-family: "Courier New",Courier,monospace;">$ sudo make install  </span></li>
</ul>
<div style="text-align: justify;">
<b>Usages :: </b> </div>
<div style="text-align: justify;">
To get started and send an extract of image.raw to OUTPUT, use this command: </div>
<ul style="text-align: justify;">
<li><span style="font-family: "Courier New",Courier,monospace;">$ /usr/local/bin/bulk_extractor -o OUTPUT image.raw </span> </li>
</ul>
<div style="text-align: justify;">
<b>For more & Troubleshooting :: </b><a href="https://github.com/simsong/bulk_extractor" target="_blank">Click Here</a><br />
</div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/wTBHM9DeLq4?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div style="text-align: justify;">
</div>
<h3 style="text-align: justify;">
Download ::</h3>
<div style="text-align: justify;">
<b>Linux | Mac | Windows :: </b><a href="https://github.com/simsong/bulk_extractor/archive/master.zip" target="_blank">Bulk Extractor</a> (tarball)<b> | </b><a href="http://digitalcorpora.org/downloads/bulk_extractor/bulk_extractor-1.4.1-windowsinstaller.exe" target="_blank">Bulk Extractor</a> (.exe)<b> | </b><a href="http://digitalcorpora.org/downloads/bulk_extractor/bulk_extractor-1.4.4.tar.gz" target="_blank">Bulk Extractor</a> (.tar.gz)<b>
</b></div>
<div style="text-align: justify;">
<b>Official Website :: </b><a href="https://github.com/simsong/bulk_extractor">https://github.com/simsong/bulk_extractor</a></div>

Bulk Extractor (Computer Forensics) :: Tools

Bulk Extractor is a computer forensics tool that scans a disk image, a file, or a directory of files and extracts useful information ...

KisMAC (Sniffer/Scanner for Mac OS X) :: Tools

<div class="separator" style="clear: both; text-align: center;">
<img alt="KisMAC Logo" border="0" height="277" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhT0hq_xqF0S3TgubdqI2kXMyQJdIa4Xw5tz6EqhN_X9lUnO1W1Dy4wjcwJ9tMbIWnyC8-GYuHFmw13erY5ILu7_KOBlGEksaYGYIK-_qu-pDLXXY2SdMuEAG8TXkP4qSN0eOa4tJo6OGPl/s1600/kisMAC+logo.png" title="KisMAC Logo" width="320" /></div>
<div style="text-align: justify;">
<b>KisMAC</b> is a popular <b>wireless stumbler for Mac OS X</b> offers many of the features of its namesake <a class="local" href="http://www.toolwar.com/2013/09/kismet-tools.html" target="_blank">Kismet</a>,  though the codebase is entirely different. Unlike console-based Kismet,  <b>KisMAC</b> offers a pretty <a href="http://www.toolwar.com/search/label/GUI" target="_blank">GUI</a> and was around before Kismet was ported to  OS X. It also offers mapping, Pcap-format import and logging, and even  some decryption and deauthentication attacks.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>KisMAC</b> is an open-source and free <a href="http://www.toolwar.com/search/label/Sniffer" target="_blank">sniffer</a>/<a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanner</a> application for <a href="http://www.toolwar.com/search/label/Mac" target="_blank">Mac OS X</a>. It has an advantage over MacStumbler / iStumbler / <a href="http://www.toolwar.com/2013/09/netstumbler-tools.html" target="_blank">NetStumbler</a> in  that it uses monitor mode and passive scanning.  </div>
<div style="text-align: justify;">
KisMAC supports many third party <a href="http://www.toolwar.com/search/label/USB" target="_blank">USB</a> devices:  Intersil Prism2, Ralink  rt2570, rt73, and Realtek rtl8187 chipsets. All of the internal AirPort  hardware is supported for scanning. </div>
<div style="text-align: justify;">
The rest of this wiki assumes you are prepared for advanced topics and know what you are doing with your system. </div>
<h3 id="Features" style="text-align: justify;">
Features ::</h3>
<ul style="text-align: justify;">
<li>Reveals hidden / cloaked / closed SSIDs </li>
<li>Shows logged in clients (with MAC Addresses, IP addresses and signal strengths) </li>
<li>Mapping and GPS support </li>
<li>Can draw area maps of network coverage </li>
<li>PCAP import and export </li>
<li>Support for 802.11b/g </li>
<li>Different attacks against encrypted networks </li>
<li>Deauthentication attacks </li>
<li>AppleScript-able </li>
<li>Kismet drone support (capture from a Kismet drone) </li>
</ul>
<h3 id="Supportedhardwarechipsets" style="text-align: justify;">
Supported Hardware Chipsets :: </h3>
<ul style="text-align: justify;">
<li>Apple AirPort and AirPort Extreme (dependent upon Apple's drivers) </li>
<li>Intersil Prism 2, 2.5, 3  USB devices </li>
<li>Ralink rt2570 and rt73 USB devices </li>
<li>Realtek RTL8187L USB (such as the Alfa AWUS036H, which does not work on Mac OS 10.6.7 or later) </li>
</ul>
<h3 id="Cryptosupport" style="text-align: justify;">
Crypto Support :: </h3>
<ul style="text-align: justify;">
<li>Bruteforce attacks against LEAP, WPA and WEP </li>
<li>Weak scheduling attack against WEP </li>
<li>Newsham 21-bit attack against WEP </li>
</ul>
<h3 style="text-align: justify;">
Tutorials :: </h3>
<div style="text-align: justify;">
<b>Wiki ::</b> <a href="http://trac.kismac-ng.org/" target="_blank">Click Here</a></div>
<div style="text-align: justify;">
<b>Forum ::</b> <a href="http://forum.kismac-ng.org/" target="_blank">Click Here </a></div>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/lBGN5OGCPgI?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3 style="text-align: justify;">
Download :: </h3>
<div style="text-align: justify;">
<b>Mac :: </b><a href="http://update.kismacmirror.com/binaries/KisMAC-0.3.3.dmg" target="_blank">KisMAC v0.3.3</a> (.dmg)<b>
</b></div>
<div style="text-align: justify;">
<b>Official Website ::  </b><a href="http://kismac-ng.org/">http://kismac-ng.org/</a></div>

KisMAC (Sniffer/Scanner for Mac OS X) :: Tools

KisMAC is a popular wireless stumbler for Mac OS X offers many of the features of its namesake Kismet , though the codebase is entirel...

Vyatta (Vitrual Router, Firewall and VPN) :: Framework

<div class="block-content content" style="text-align: justify;">
<div style="text-align: justify;">
<br />
<article class="article article-type-page clearfix" id="article-6745" role="article">                 <div class="article-content">
<div class="field field-name-body field-type-text-with-summary field-label-hidden">
<div class="field-items">
<div class="field-item even">
<div class="separator" style="clear: both; text-align: center;">
<img alt="Vyatta Logo" border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjZ08VeGbo_xXjPTm80en0xpKtHVEsztocx4UkyNj8XcEOklwOsoLpOrOJ9RIi5nqp4y9IlAQ4uUUssHWFzDRGtuowfzaD9ujUFVSNWPnhTLhA8CJf3JethTM45UNfDaSOy-aplzk6SivT/s1600/vyatta+logo.png" title="Vyatta Logo" width="320" /></div>
The  free community <b>Vyatta Core software(VC)</b> is an award-winning open source <a href="http://www.toolwar.com/search/label/Network" target="_blank"> network</a> operating system providing advanced IPv4 and IPv6 routing,  stateful <a href="http://www.toolwar.com/search/label/Firewalls" target="_blank">firewalling</a>, IPSec and SSL OpenVPN, and more. When you add  <b>Vyatta</b> to a standard x86 hardware system, you can create an enterprise  grade network appliance that easily scales from DSL to 10Gbps. <b>Vyatta</b> is  also optimized to run in VMware, Citrix XenServer, Xen, KVM, and Hyper  V, providing networking and <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a> services to <a href="http://www.toolwar.com/search/label/Virutal" target="_blank">virtual machines</a> and  cloud computing environments. <b>Vyatta</b> has been downloaded over 1,000,000  times, has a community of hundreds of thousands of registered users and  counts dozens of fortune 500 businesses among its commercial customers.<br />
On this site, you'll find all the downloads, <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a>, documentation,  and community resources to help you get up and running with your own  <b>Vyatta-based</b> system. Ask questions in the Forums. Propose new features  and vote on existing proposals. Participate and have fun. We have been  working together with our community for over five years to continue to  enhance the world's leading software-based network OS.<br />
A commercial version of the <b>Vyatta network OS</b> (Vyatta Subscription  Edition) is also available with enterprise-ready management and security  product extensions and complete engineering support including proactive  notifications of security alerts and software releases as well as  priority access to patches & bug fixes.<br />
<b>Vyatta's </b>open, software-based approach to networking has created a  complete network OS that can connect and secure physical <a href="http://www.toolwar.com/search/label/Network" target="_blank">networks</a> as  well as virtual and cloud computing infrastructures. <b>Vyatta</b> software and  appliances offer users a flexible, affordable alternative to  proprietary, hardware-based routers, firewalls, and VPN devices.<br />
Vyatta can help you: <br />
<ul>
<li>Affordably scale large BGP implementations </li>
<li>Keep your network safe with a stateful-inspection firewall </li>
<li>Securely connect remote offices with <a href="http://www.toolwar.com/search/label/VPN" target="_blank">VPN </a></li>
<li>Scale from DSL to 10-Gbps with a single software package</li>
<li>Avoid costly proprietary networking upgrades </li>
<li>Run virtualized networking environments in Xen, KVM and VMware </li>
<li>Add networking and security to blade servers in your data center </li>
<li>Offer cloud based managed security services </li>
<li>Add network redundancy regardless of vendor equipment </li>
<li>Build your own best-of-breed Branch office solution </li>
</ul>
<br />
The <b>Vyatta Core</b> is an integration of a number of components from a  variety of different sources, much the same way as a standard Linux  distribution. Many of the components are licensed under the GNU GPL.  Others carry a BSD license. Still others carry less-popular licenses.  All components of the <b>Vyatta Core</b> carry licenses defined as open source.<br />
License files are included with every package installed in the system  and can be viewed in the /usr/share/doc/package/copyright file.<br />
<br />
<h3>
Tutorials ::</h3>
<b>Use Tips and Tricks :: </b><a href="http://www.vyatta.org/documentation/tips-tricks" target="_blank">Click Here</a><b><br />
</b><br />
<b>Documentations :: </b><a href="http://www.vyatta.org/documentation/translated-docs" target="_blank">Click Here</a><br />
<b>Vyatta Forum :: </b><a href="http://www.vyatta.org/forum" target="_blank">Click Here</a> <br />
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div style="text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/5JJOE5zeVbM?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<h3>
Download ::</h3>
<b>Live CD :: </b><a href="http://packages.vyatta.com/vyatta/iso/VC6.6/vyatta-livecd_VC6.6R1_i386.iso" target="_blank">Vyatta Live CD v6.6</a> (.iso)<b></b><br />
<b>Visualization ISO :: </b><a href="http://packages.vyatta.com/vyatta/iso/VC6.6/vyatta-livecd_VC6.6R1_i386.iso" target="_blank">Vyatta Visualization v6.6</a> (.iso)<b> </b>
<b> </b><br />
<b>Official Website ::<a href="https://www.blogger.com/goog_2084089245"> </a></b><a href="http://www.vyatta.org/">http://www.vyatta.org/</a>
</div>
</div>
</div>
</div>
</article></div>
</div>

Vyatta (Vitrual Router, Firewall and VPN) :: Framework

The free community Vyatta Core software(VC) is an award-winning open source network operating system providing...

Nipper Studio (Network Security Audit for Firewall, Switches and Router) :: Tools

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjog3YqJ3FIoxb_rLEWgJPXiIWYhWS7Ihd2IOrLYGhAqOaRm7ioEB6gatr6PgzNw7OJf7ol2pC-Z9-TVfpQewGb_ryDyAt_h2uNqzrlhRtW194rN4xFfH7jYM3ivYb0TPmgsj7rIChoKIYR/s1600/Nipper+Home+Report+2.2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="nipper tutorial" border="0" height="333" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjog3YqJ3FIoxb_rLEWgJPXiIWYhWS7Ihd2IOrLYGhAqOaRm7ioEB6gatr6PgzNw7OJf7ol2pC-Z9-TVfpQewGb_ryDyAt_h2uNqzrlhRtW194rN4xFfH7jYM3ivYb0TPmgsj7rIChoKIYR/s1600/Nipper+Home+Report+2.2.jpg" title="nipper tutorial" width="400" /></a></div>
<div style="text-align: justify;">
<b>Nipper (short for Network Infrastructure Parser, previously known as 
CiscoParse)</b> audits the security of network devices such as switches, 
routers, and firewalls.  It works by parsing and analyzing device 
configuration file which the <b>Nipper</b> user must supply.  This was an open 
source tool until its developer (Titania) released a commercial version 
and tried to hide their old GPL releases. During a <b>network audit Nipper Studio</b> processes the devices’ native configurations and enables you to create a variety of different audit reports. By using traditional methodology for your <a href="http://www.toolwar.com/search/label/Network" target="_blank">network audit</a>, such as manual <a href="http://www.toolwar.com/search/label/Penetration" target="_blank">Penetration Testing</a>, Agent-based software and <a href="http://www.toolwar.com/search/label/Scanner" target="_blank">Network Scanners</a>, you could experience various drawbacks, which does not affect Nipper Studio <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a> audit software:<br />
<ul>
<li>Network scanners send huge numbers of network probes to a device and can impact performance. Only exposed vulnerabilities are identified, potentially missing many issues.</li>
<li>Agent-based audit software requires software to be installed on the devices during the network audit. This is not possible for all devices and can introduce additional security vulnerabilities.</li>
<li>Manual Penetration Tests examine individual <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> devices in detail. However this is slow, expensive and results in point in time audits of only a sample of devices.</li>
<li>Flatten the <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank">vulnerability assessment</a> process and reduce human error by automatically producing an instant, device specific configuration report, readable by non-technical experts.  </li>
<li>Achieve significant cost savings by automating a detailed configuration vulnerability analysis, typically provided by costly external Penetration Testing. </li>
<li>Improve the productivity and scope of the network audit by quickly performing a thorough vulnerability assessment of multiple complex network devices, providing a detailed security audit report, unachievable with vulnerability scanning technologies. </li>
<li>Stay secure as our security audit software requires no additional services on the device or agents to be installed and can audit the network devices without connecting or scanning them</li>
</ul>
<h3>
Tutorials ::</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/wUtAmowwVD8?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3>
 </h3>
<h3>
Download ::</h3>
<b>Windows | Linux | Mac :: </b>
<b> </b><br />
<b>Buy :: </b><a href="https://www.titania.com/shop" target="_blank">Click Here</a><b> </b>
<b> </b><br />
<b>Evaluate Copy :: </b><a href="https://www.titania.com/evaluate" target="_blank">Click Here</a><b>  </b>
<b> </b><br />
<b>Official Website :: </b><a href="https://www.titania.com/nipperstudio" target="_blank">https://www.titania.com/nipperstudio </a></div>

Nipper Studio (Network Security Audit for Firewall, Switches and Router) :: Tools

Nipper (short for Network Infrastructure Parser, previously known as CiscoParse) audits the security of network devices such as switche...

Foremost (File Carving) :: Tools

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdkN2Ugs8yPIpW9bdhSCRtfTQisB-mmEgSeRyCTN_07YHLjIom3zkuOAPeUS8z8s7WHAT-qFoxrqYH6hrVHV9q-40PTsRzLLn9SMc0DbYBMNR944nbfhqU8fPWiPYTWV_PcywGGNhbEMS8/s1600/foremost+screenshot.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="foremost screenshot" border="0" height="275" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdkN2Ugs8yPIpW9bdhSCRtfTQisB-mmEgSeRyCTN_07YHLjIom3zkuOAPeUS8z8s7WHAT-qFoxrqYH6hrVHV9q-40PTsRzLLn9SMc0DbYBMNR944nbfhqU8fPWiPYTWV_PcywGGNhbEMS8/s400/foremost+screenshot.jpg" title="foremost screenshot" width="400" /></a></div>
<br />
<b>Foremost</b> is a <b><i>console program to recover files</i></b> based on their headers, footers, and internal data  structures.  This process is commonly referred to as data carving. <b> Foremost</b> can work on image files,  such as those generated by dd, Safeback, <a href="http://www.toolwar.com/2013/09/encase-forensics-v7-tools.html" target="_blank">Encase</a>, etc, or directly on a drive. The headers and footers can be specified by a configuration file or you can use <a href="http://www.toolwar.com/search/label/CLI" target="_blank">command line</a> switches to specify built-in file types.  These built-in types look at the data structures of a given  file format allowing for a more reliable and faster recovery. </div>
<div style="text-align: justify;">
<br />
<h3>
Tutorial ::</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/9AkY-IefI4Q?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3>
</h3>
</div>
<h3 style="text-align: justify;">
Download :: </h3>
<div style="text-align: justify;">
<b>Linux ::</b> <a href="http://foremost.sourceforge.net/pkg/foremost-1.5.7.tar.gz" target="_blank">Foremost 1.5.7 (.tar.gz)</a><br />
<b>Official Website :: </b><a href="http://foremost.sourceforge.net/" target="_blank">http://foremost.sourceforge.net/ </a></div>

Foremost (File Carving) :: Tools

Foremost is a console program to recover files based on their headers, footers, and internal data structures. This process is common...

QualysGuard (Cloud Security) :: Framework

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghdzpjPZX2FLqOdTxqOBOsBcHPK-BGXs4z6FvMDEBWtOdSSQDhFqcOvSs8HLf2_C0gGeR9JzfehTMjygryKrJFU1Andf_8LVNhhNiAMihWAnzULkz0Qj63VCASwzVjkCQVNBGQnopmccia/s1600/qualys-logo.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Qualys logo" border="0" height="306" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghdzpjPZX2FLqOdTxqOBOsBcHPK-BGXs4z6FvMDEBWtOdSSQDhFqcOvSs8HLf2_C0gGeR9JzfehTMjygryKrJFU1Andf_8LVNhhNiAMihWAnzULkz0Qj63VCASwzVjkCQVNBGQnopmccia/s1600/qualys-logo.jpeg" title="Qualys logo" width="320" /></a></div>
<div style="text-align: justify;">
<b>QualysGuard</b> is a popular <b>SaaS (software as a service) vulnerability  management</b> offering.  It's web-based UI offers <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> discovery and  mapping, asset prioritization, <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank">vulnerability</a> assessment reporting and  remediation tracking according to business risk.  Internal scans are  handled by Qualys appliances which communicate back to the <a href="http://www.toolwar.com/search/label/Cloud" target="_blank">cloud-based</a>  system.</div>
<h3 style="text-align: justify;">
Tutorials ::</h3>
<h3 style="text-align: justify;">
</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/XfeyNLb7ZDc?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/5Cbq5wudtZE?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3 style="text-align: justify;">
Download ::</h3>
<div style="text-align: justify;">
<b>Trial Linux | Mac | Windows :: </b><a href="http://www.qualys.com/forms/trials/qualysguard/" target="_blank">QualysGuard</a><b>
</b></div>
<div style="text-align: justify;">
<b>Official Website :: </b><a href="http://www.qualys.com/" target="_blank">http://www.qualys.com/ </a></div>

QualysGuard (Cloud Security) :: Framework

QualysGuard is a popular SaaS (software as a service) vulnerability management offering. It's web-based UI offers network discov...

Skipfish (Web Application Security Scanner) :: Tools

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWet3cqxS_RaHFSPFgDcVyLfRIrD075ildwUJOYxN7KDyiHkwz5nOjJPSSvtMoZzRLq_g1vGKdWJsR2avZ_xoeGfBYB4C_YjX_Ulr5xlGhii4h2OWhJ_f2_3UkGgBCQ6pOtci-zTNqau4-/s1600/skipfish+screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Skipfish Screenshot" border="0" height="329" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWet3cqxS_RaHFSPFgDcVyLfRIrD075ildwUJOYxN7KDyiHkwz5nOjJPSSvtMoZzRLq_g1vGKdWJsR2avZ_xoeGfBYB4C_YjX_Ulr5xlGhii4h2OWhJ_f2_3UkGgBCQ6pOtci-zTNqau4-/s1600/skipfish+screenshot.png" title="Skipfish Screenshot" width="640" /></a></div>
<div style="text-align: justify;">
<b><i>Skipfish</i></b> is an active <b>web application security reconnaissance tool</b>. It prepares an interactive sitemap  for the targeted site by carrying out a recursive crawl and  dictionary-based probes. The resulting map is then annotated with the  output from a number of active (but hopefully non-disruptive) <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a>  checks. The final report generated by the tool is meant to serve as a  foundation for professional <a href="http://www.toolwar.com/search/label/Web" target="_blank">web application</a> security assessments. </div>
<div style="text-align: justify;">
Key features: </div>
<ul style="text-align: justify;">
<li><b>High speed</b>:  pure C code, highly optimized HTTP handling, minimal CPU footprint -  easily achieving 2000 requests per second with responsive targets. </li>
</ul>
<ul style="text-align: justify;">
<li><b>Ease of use</b>:  heuristics to support a variety of quirky web <a href="http://www.toolwar.com/search/label/Frameworks" target="_blank">frameworks</a> and  mixed-technology sites, with automatic learning capabilities, on-the-fly  wordlist creation, and form autocompletion. </li>
</ul>
<ul style="text-align: justify;">
<li><b>Cutting-edge security logic</b>:  high quality, low false positive, differential security checks, capable  of spotting a range of subtle flaws, including blind injection vectors.  </li>
</ul>
<div style="text-align: justify;">
The tool is believed to support <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a>, FreeBSD, <a href="http://www.toolwar.com/search/label/Mac" target="_blank">MacOS X</a>, and <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a> (Cygwin) environments. </div>
<h3 style="text-align: justify;">
Tutorials ::</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/kqx8rp7Cnwc?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3 style="text-align: justify;">
 </h3>
<h3 style="text-align: justify;">
Download ::</h3>
<div style="text-align: justify;">
<b>Windows | Mac | Linux ::</b> <a href="http://skipfish.googlecode.com/files/skipfish-2.10b.tgz" target="_blank">Skipfish v2.10b</a> (.tgz)</div>
<div style="text-align: justify;">
<b>Official Website :: </b><a href="http://code.google.com/p/skipfish/">http://code.google.com/p/skipfish/</a></div>

Skipfish (Web Application Security Scanner) :: Tools

Skipfish is an active web application security reconnaissance tool . It prepares an interactive sitemap for the targeted site by carryi...

GoLismero (The Web Knife) :: Framework

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJYxDNAmrpLOxGHjpb6huddkmpfTYX3pDCUkzAP5ZvTN4YHVhKeSoNVz0mP3edsRRLaggj3y4jcannl6jCd928BDdVuz0XMqsJrc4uaybV2Vo1azKfWDoSHkN3sWgH2iEF7wp3DJ79MdTj/s1600/Golismero+WIndows+Screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Golismero " border="0" height="380" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJYxDNAmrpLOxGHjpb6huddkmpfTYX3pDCUkzAP5ZvTN4YHVhKeSoNVz0mP3edsRRLaggj3y4jcannl6jCd928BDdVuz0XMqsJrc4uaybV2Vo1azKfWDoSHkN3sWgH2iEF7wp3DJ79MdTj/s1600/Golismero+WIndows+Screenshot.png" title="Golismero " width="640" /></a></div>
<div style="text-align: justify;">
<b>GoLismero</b> is an open source framework for <a href="http://www.toolwar.com/search/label/Security" target="_blank"><b>security testing</b></a>. It's 
currently geared towards <a href="http://www.toolwar.com/search/label/Web" target="_blank">web</a> security, but it can easily be expanded to 
other kinds of scans.</div>
<div style="text-align: justify;">
The most interesting features of the <a href="http://www.toolwar.com/search/label/Frameworks" target="_blank">framework</a> are:</div>
<ul style="text-align: justify;">
<li>Real platform independence. Tested on <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a>, <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a>, *BSD and <a href="http://www.toolwar.com/search/label/Mac" target="_blank">OS X</a>.</li>
<li>No native library dependencies. All of the framework has been written in pure Python.</li>
<li>Good performance when compared with other frameworks written in Python and other scripting languages.</li>
<li>Very easy to use.</li>
<li>Plugin development is extremely simple.</li>
<li>The framework also collects and unifies the results of well known tools: <a href="http://www.toolwar.com/2013/09/sqlmap-tools.html" target="_blank">sqlmap</a>, xsser, <a href="http://www.toolwar.com/2013/09/openvas-is-advanced-open-source.html" target="_blank">openvas</a>, <a href="http://www.toolwar.com/2013/10/dnsrecon-tools.html" target="_blank">dnsrecon</a>, <a href="http://www.toolwar.com/2013/09/theharvester-tools.html" target="_blank">theharvester</a>...</li>
<li>Integration with standards: CWE, CVE and OWASP.</li>
<li>Designed for cluster deployment in mind (not available yet).</li>
</ul>
<h3>
Tutorials ::</h3>
<b>Installation :: </b> <br />
Strictly speaking, GoLismero doesn't require installation - only its 
dependencies do. So if you want to use it on a system where you don't 
have root privileges, you can ask the system administrator to install 
them for you, and just run the "git checkout" command on your home 
folder.<br />
<b>Briefly Tutorial of Installation :: </b> <a href="https://github.com/golismero/golismero">Click Here</a><br />
<b>Basic Usages ::</b> <a href="https://github.com/golismero/golismero" target="_blank">Click Here</a><br />
<h3>
Download ::</h3>
<b>Linux | Mac | Windows :: </b><a href="https://github.com/golismero/golismero/archive/master.zip" target="_blank">GoLismero Archive</a> (.zip)<b> </b><br />
<b>Official Website :: </b><a href="https://github.com/golismero/golismero" target="_blank">https://github.com/golismero/golismero</a>

GoLismero (The Web Knife) :: Framework

GoLismero is an open source framework for security testing . It's currently geared towards web security, but it can easily be expa...

Nmap and Zenmap (Network Discovery and Security Auditing) :: Tools

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<img alt="nmap scanner logo" border="0" height="210" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPn1QPXq_tY_zK1uLIjY-6fyXimOMxgo3rq52s-03wGFIiM3FEUXb1R_uZpS2QvMEucVny6EK7w0eYYGJ5JKDgUtasnKL7WqkAIA5QMKqB05XXAv_va-hOLNd2wlIHxv1cUDpxCVa4kxbF/s1600/nmap.jpg" title="nmap scanner logo" width="400" /></div>
</div>
<div style="text-align: justify;">
<b>Nmap ("Network Mapper")</b> is a free and open source (license) utility for <b>network discovery and security auditing.</b> Many systems and network administrators also find it useful for tasks such as <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> inventory, managing service upgrade schedules, and <a href="http://www.toolwar.com/search/label/Monitoring" target="_blank">monitoring</a> host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of <a href="http://www.toolwar.com/search/label/Packet" target="_blank">packet</a> filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a>, <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a>, and <a href="http://www.toolwar.com/search/label/Mac" target="_blank">Mac OS X</a>. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced <a href="http://www.toolwar.com/search/label/GUI" target="_blank">GUI</a> and results viewer <b>(Zenmap)</b>, a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response <a href="http://www.toolwar.com/search/label/Analysis" target="_blank">analysis tool</a> (Nping).<br />
<br />
<b>Nmap</b> was named “<a href="http://www.toolwar.com/search/label/Security" target="_blank">Security</a> Product of the Year” by Linux Journal, Info World, LinuxQuestions.Org, and Codetalker Digest. It was even featured in twelve movies, including The Matrix Reloaded, Die Hard 4, Girl With the Dragon Tattoo, and The Bourne Ultimatum.<br />
<br />
<b>Nmap is::</b></div>
<ul style="text-align: justify;">
<li>    Flexible: Supports dozens of advanced techniques for mapping out networks filled with IP filters, <a href="http://www.toolwar.com/search/label/IDS" target="_blank">firewalls</a>, routers, and other obstacles. This includes many port scanning mechanisms (both TCP & UDP), <b>OS detection</b>, version detection, ping sweeps, and more. See the documentation page.</li>
<li>    Powerful: Nmap has been used to scan huge networks of literally hundreds of thousands of machines.</li>
<li>    Portable: Most operating systems are supported, including Linux, Microsoft Windows, FreeBSD, OpenBSD, Solaris, IRIX, Mac OS X, HP-UX, NetBSD, Sun OS, Amiga, and more.</li>
<li>    Easy: While Nmap offers a rich set of advanced features for power users, you can start out as simply as "nmap -v -A targethost". Both traditional command line and graphical (GUI) versions are available to suit your preference. Binaries are available for those who do not wish to compile Nmap from source.</li>
<li>    Free: The primary goals of the Nmap Project is to help make the Internet a little more secure and to provide administrators/auditors/hackers with an advanced tool for exploring their networks. Nmap is available for free download, and also comes with full source code that you may modify and redistribute under the terms of the license.</li>
<li>    Well Documented: Significant effort has been put into comprehensive and up-to-date man pages, whitepapers, tutorials, and even a whole book! Find them in multiple languages here.</li>
<li>    Supported: While Nmap comes with no warranty, it is well supported by a vibrant community of developers and users. Most of this interaction occurs on the Nmap mailing lists. Most bug reports and questions should be sent to the nmap-dev list, but only after you read the guidelines. We recommend that all users subscribe to the low-traffic nmap-hackers announcement list. You can also find Nmap on Facebook and Twitter. For real-time chat, join the #nmap channel on Freenode or EFNet.</li>
<li>    Acclaimed: <b>Nmap</b> has won numerous awards, including "Information Security Product of the Year" by Linux Journal, Info World and Codetalker Digest. It has been featured in hundreds of magazine articles, several movies, dozens of books, and one comic book series. Visit the press page for further details.</li>
<li>    Popular: Thousands of people download <b>Nmap</b> every day, and it is included with many operating systems (Redhat Linux, Debian Linux, Gentoo, FreeBSD, OpenBSD, etc). It is among the top ten (out of 30,000) programs at the Freshmeat.Net repository. This is important because it lends Nmap its vibrant development and user support communities. </li>
</ul>
<h3>
Tutorials ::</h3>
<b>Tutorial (Max OS X) :: </b><a href="http://nmap.org/book/inst-macosx.html#inst-macosx-source">Click Here</a><br />
<b>Tutorial (Windows) :: </b><a href="http://nmap.org/book/inst-windows.html#inst-win-source">Click Here</a> <b><br />
</b><br />
<b>Tutorial (Linux) ::</b> <a href="http://nmap.org/book/inst-source.html">Click Here</a><br />
<b>Installation :: </b><a href="http://nmap.org/book/install.html" target="_blank">Click Here</a>   <br />
<b>Tutorials From Basics :: </b><a href="http://nmap.org/bennieston-tutorial/">Click Here </a><br />
<b>Video Tutorial :: </b><br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/RJxF7puQFXI?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<b> </b>
<br />
<h3>
Download ::</h3>
<h3>
</h3>
<b>Download ZenMap (GUI of Nmap) :: </b><a href="http://nmap.org/zenmap/">Click Here</a><b> </b><br />
<b>Windows :: </b><a href="http://nmap.org/dist/nmap-6.40-setup.exe">Nmap-Latest</a> (.exe)
<b> </b><br />
<b>Linux :: </b><a href="http://nmap.org/dist/nmap-6.40.tar.bz2">Nmap Latest</a> (.tar.bz2)<b> </b><br />
<b>Mac :: </b><a href="http://nmap.org/dist/nmap-6.40-2.dmg">Nmap Latest</a> (.dmg)<b> </b>
<b>  </b><br />
<b>Official Website ::</b> <a href="http://nmap.org/">http://nmap.org/</a>
<br />
<div style="text-align: justify;">
</div>

Nmap and Zenmap (Network Discovery and Security Auditing) :: Tools

Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many syste...

Havij (Automated and Advanced SQL Injection) :: Tools

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEioLo4B-qKdYseDgGxhjbYAMCI7gaFHDgHkgIq5nk4dlAJO0srvzZGs1WbL6gv8T7LyU5lWZUKXpKhEsv8E2TzwySAI8vwXixwYRtOdsOAI9e9eZh9iwwT3SM_Wfnp6ipZPZXMJ40J6uwTV/s1600/Havij.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Havij Screenshot" border="0" height="319" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEioLo4B-qKdYseDgGxhjbYAMCI7gaFHDgHkgIq5nk4dlAJO0srvzZGs1WbL6gv8T7LyU5lWZUKXpKhEsv8E2TzwySAI8vwXixwYRtOdsOAI9e9eZh9iwwT3SM_Wfnp6ipZPZXMJ40J6uwTV/s1600/Havij.png" title="Havij Screenshot" width="320" /></a></div>
<b>Havij</b> is an <b>automated SQL Injection tool</b> that helps <a href="http://www.toolwar.com/search/label/Penetration" target="_blank">penetration</a> testers  to find and exploit SQL Injection vulnerabilities on a <a href="http://www.toolwar.com/search/label/Web" target="_blank">web</a> page.   It can take advantage of a vulnerable web application. By using this  software, user can perform back-end database fingerprinting, retrieve  DBMS login names and <a href="http://www.toolwar.com/search/label/Password" target="_blank">password</a> <a href="http://www.toolwar.com/search/label/Hash" target="_blank">hashes</a>, dump tables and columns, fetch  data from the database, execute SQL statements against the server, and  even access the underlying file system and execute operating system  shell commands.<br />
The distinctive power of <b>Havij</b> that differentiates it from similar <a href="http://www.toolwar.com/search/label/Tools" target="_blank"> tools</a> lies in its unique methods of injection. The success rate of  attack on vulnerable targets using <b>Havij</b> is above 95%.   The user friendly <a href="http://www.toolwar.com/search/label/GUI" target="_blank">GUI (Graphical User Interface)</a> of Havij and its  automated configuration and heuristic detections make it easy to use for  everyone even amateurs.</div>
<h3 style="text-align: justify;">
<b>Tutorials :: </b></h3>
<div style="text-align: justify;">
<span style="font-size: small;"><span style="font-family: inherit;"><b>URL Rewrite :: </b><a href="http://www.itsecteam.com/files/havij/URL%20Rewrite/url_rewrite.htm" target="_blank">Click Here</a></span></span></div>
<div style="text-align: justify;">
<span style="font-size: small;"><span style="font-family: inherit;"><b>MSSQL :: </b></span></span><a href="http://www.itsecteam.com/files/havij/MsSQL/mssql.htm" target="_blank"><span style="font-size: small;"><span style="font-family: inherit;">Click Here</span></span></a></div>
<div style="text-align: justify;">
<span style="font-size: small;"><span style="font-family: inherit;"><b>PostGreSQL :: </b></span></span><a href="http://www.itsecteam.com/files/havij/PostgreSQL/postgresql.htm" target="_blank"><span style="font-size: small;"><span style="font-family: inherit;">Click Here</span></span></a></div>
<div style="text-align: justify;">
<span style="font-size: small;"><span style="font-family: inherit;"><b>Pro Features :: </b></span></span><a href="http://www.itsecteam.com/files/havij/Pro%20Features/pro%20features.htm" target="_blank"><span style="font-size: small;"><span style="font-family: inherit;">Click Here</span></span></a></div>
<div style="text-align: justify;">
<span style="font-size: small;"><span style="font-family: inherit;"><b>Oracle :: </b></span></span><a href="http://www.itsecteam.com/files/havij/Oracle/oracle.htm" target="_blank"><span style="font-size: small;"><span style="font-family: inherit;">Click Here</span></span></a></div>
<div style="text-align: justify;">
<span style="font-size: small;"><span style="font-family: inherit;"><b>Multi-Thread Blind Injection :: </b></span></span><a href="http://www.itsecteam.com/files/havij/multi%20thread%20blind%20injection/multi%20thread%20blind%20injection.htm" target="_blank"><span style="font-size: small;"><span style="font-family: inherit;">Click Here</span></span></a></div>
<div style="text-align: justify;">
<b><span style="font-size: small;"><span style="font-family: inherit;">Dump All :: </span></span></b><a href="http://www.itsecteam.com/files/havij/Dump%20All/Dump_All.html" target="_blank"><span style="font-size: small;"><span style="font-family: inherit;"><span style="font-size: small;"><span style="font-family: inherit;">Click Here</span></span></span></span></a><b> </b></div>
<div style="text-align: justify;">
<br />
<b>How to use ::</b></div>
<div class="rtejustify" style="text-align: justify;">
You can use this utility to find and potentially  exploit SQL Injection vulnerabilities in web application. To use this  tool, some knowledge of SQL Injection - even though abasic one - is  essential. Most of what you will have to do, in typical cases, will be  to enter the URL of the suceptible page, selecting the applicable method  clicking 'Analyze'. Almost everything needed to reveal and make use of  the vulnerabilities is done by the utility. For best results, the URL  should be one that returns a normal response (rather than one that  returns a 4xx response).</div>
<div class="rtejustify" style="text-align: justify;">
<br /></div>
<div class="rtejustify" style="text-align: justify;">
<b>Video ::</b> </div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/7ubB9VocgnQ?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div class="rtejustify" style="text-align: justify;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/dEM7YRRSvP8?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3 style="text-align: justify;">
Download ::</h3>
<div style="text-align: justify;">
<b>Windows ::</b>  <a href="http://www.itsecteam.com/files/havij/Havij1.15Free.rar" target="_blank">Havij v1.15</a> (.rar) | <b>Trial</b></div>
<div style="text-align: justify;">
<b>Official Website :: </b><a href="http://itsecteam.com/products/havij-advanced-sql-injection/">http://itsecteam.com/products/havij-advanced-sql-injection/</a><b> </b></div>

Havij (Automated and Advanced SQL Injection) :: Tools

Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web p...

Lynis (Security and System Auditing) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPJSrg2v61K-1SHIewex9MB7DLBAqrgKTy2REJhuc1jyKxL99Tia_vx44VmSeUWWxbHdgZtEVAjWn5GUbxWD9dLfe1o2Suta4Ww_ZgfvwIITFiR8JkMpR5A-ZkTq17LVggAJlfumpTReoW/s1600/lynis-screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="lynis screenshot" border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPJSrg2v61K-1SHIewex9MB7DLBAqrgKTy2REJhuc1jyKxL99Tia_vx44VmSeUWWxbHdgZtEVAjWn5GUbxWD9dLfe1o2Suta4Ww_ZgfvwIITFiR8JkMpR5A-ZkTq17LVggAJlfumpTReoW/s320/lynis-screenshot.png" title="lynis screenshot" width="400" /></a></div>
<div style="text-align: justify;">
<b>Lynis</b> is a <b><i>Security and system auditing tool</i> </b>to harden <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a> systems. <b>Lynis</b> is an <b>auditing tool </b>for Unix/Linux (specialists). It scans the  <a href="http://www.toolwar.com/search/label/System" target="_blank">system</a> and available software and performs many individual <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a>  checks. It determines the hardening state of the machine and <a href="http://www.toolwar.com/search/label/Detect" target="_blank">detects</a>  security issues. Beside security related information it will also scan  for general system information, installed packages and possible  configuration errors. <b>Lynis</b> is a <a href="http://www.toolwar.com/search/label/Security" target="_blank">security tool</a> to audit and harden Unix and Linux based  systems. It scans the system by performing many security control checks,  looks for installed software and determines compliance to standards. Also will it detects security issues and errors in configuration. At the  end of the scan it will provide the warnings and suggestions to help  you improving the security defense of your systems.<br />
<br />
This software aims in assisting automated  auditing, hardening, software patch management, <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank">vulnerability</a> and  <a href="http://www.toolwar.com/search/label/Malware" target="_blank">malware</a> scanning of Unix/Linux based systems. It can be run without  prior installation, so inclusion on read only storage is possible (<a href="http://www.toolwar.com/search/label/USB" target="_blank">USB</a>  stick, cd/dvd).<br />
<br />
<b>Lynis </b>assists auditors in performing Basel II, GLBA, HIPAA, PCI DSS and SOx (Sarbanes-Oxley) compliance audits.<br />
<br />
<b>Intended audience:</b><br />
Security specialists, penetration testers, system auditors, system/network managers.<br />
<br />
<b>Examples of audit tests:</b><br />
- Available authentication methods<br />
- Expired SSL certificates<br />
- Outdated software<br />
- User accounts without password<br />
- Incorrect file permissions<br />
- Configuration errors<br />
- Firewall auditing<br />
<br />
<b>Current state:</b><br />
Stable releases are available, development is active.<br />
<h3>
Tutorials :: </h3>
<b>Documentation :: </b><a href="http://www.rootkit.nl/files/lynis-documentation.html" target="_blank">Click Here</a> </div>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/FgkC4k1kJaE?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div style="text-align: justify;">
</div>
<div style="text-align: justify;">
</div>
<div style="text-align: justify;">
<h3>
<b>Download </b></h3>
<b>Linux ::</b> <a href="http://cisofy.com/files/lynis-1.4.0.tar.gz" target="_blank">Llynis-1.4.0</a> (.tar.gz)</div>
<div style="text-align: justify;">
<b>Official Website :: </b><a href="http://www.rootkit.nl/projects/lynis.html" target="_blank">http://www.rootkit.nl/projects/lynis.html </a></div>
</div>

Lynis (Security and System Auditing) :: Tools

Lynis is a Security and system auditing tool to harden Linux systems. Lynis is an auditing tool for Unix/Linux (specialists). It sca...

Subscribe to: Posts ( Atom )