ToolWar | Information Security (InfoSec) Tools: Frameworks

WebReaver (Advanced Web Security Scanner) :: Framework

<p style="text-align: center;"><img alt="WebReaver (Advanced Web Security Scanner)" border="0" data-original-height="1180" data-original-width="2048" height="230" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3ne2Pm852WocBoS6pz22kpKIauMIwx-ZeFPTcJO-aGtAj8oSokpLjpSwuepPZHfMMuzME0wJa_nx8KJc62uNIUMKOuGHy9Pdf_-zlKrlYFmpW3gVbABfveI7jWvWSWUKFOEyyiUGrtMQ/w400-h230-rw/01.png" title="WebReaver (Advanced Web Security Scanner)" width="400" />  </p><p>WebReaver is an elegant, easy to use and fully-automated, web 
application security security testing tool for Mac, Windows and Linux, 
suitable for novice as well as advanced users.</p>
<p>WebReaver allows you easily test any web application for a large 
variety of web vulnerabilities from the sever kinds such as SQL 
Injection, Local and Remote File Includes, Command Injection, Cross-site
 Scripting and Expression Injection to the less severe ones such as 
variety of session and headers problems, information leakage and many 
more.</p><p><b>Tutorial</b>:</p><p> </p><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="" class="BLOG_video_class" height="266" src="https://www.youtube.com/embed/4w5QbNTED8I" width="320" youtube-src-id="4w5QbNTED8I"></iframe></div><br /><br /><p></p><p><b>Download :</b></p><p><a href="https://s3-eu-west-1.amazonaws.com/data-desktop.secapps.com/webreaver/WebReaver+Setup+0.1.0.exe" rel="nofollow" target="_blank">Windows</a><b> |</b> <a href="https://s3-eu-west-1.amazonaws.com/data-desktop.secapps.com/webreaver/WebReaver-0.1.0.dmg" rel="nofollow" target="_blank">macOS</a><b> | </b><a href="https://s3-eu-west-1.amazonaws.com/data-desktop.secapps.com/webreaver/WebReaver-0.1.0-x86_64.AppImage" rel="nofollow" target="_blank">Linux</a><b><br /></b></p><p><a href="https://webreaver.com/" rel="nofollow" target="_blank"><b>Official Website</b> <br /></a></p>

WebReaver (Advanced Web Security Scanner) :: Framework

WebReaver is an elegant, easy to use and fully-automated, web application security security testing tool for Mac, Windows and Linux, sui...

Katana (Penetration Testing) :: Framework

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhw1qTlDYqNtKvMj9NxyH9Z1j3SfWPp0LHjUlIvAoh3fymYv3sUWHQ5obhS3z3ZjfPDr8j-FcvHs27sgD2ea_KOxRs-iXdsa31FWYMOA5E8hajACfsjq2Q23aDoRo334OJnAsTMUjM7Cfo_/s1600/Katana+Framework.png" imageanchor="1"><img alt="Download Katana Framework For Penetration Testing" border="0" height="130" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhw1qTlDYqNtKvMj9NxyH9Z1j3SfWPp0LHjUlIvAoh3fymYv3sUWHQ5obhS3z3ZjfPDr8j-FcvHs27sgD2ea_KOxRs-iXdsa31FWYMOA5E8hajACfsjq2Q23aDoRo334OJnAsTMUjM7Cfo_/s400-rw/Katana+Framework.png" title="Katana Framework" width="400" /></a></div>
<div style="text-align: justify;">
<b>Katana</b> is a framework written in <b>python</b> for making penetration testing,  based on a simple and comprehensive structure for anyone to use, modify  and share, the goal is to unify tools serve for professional when making  a penetration test or simply as a routine tool, The current version is  not completely stable, is recommended update ever that you use it.</div>
<h3>
<b>Installation::</b></h3>
Installation of Katana framework: is necesary install all dependencies for a good performance. <br />
<blockquote class="tr_bq">
<pre><i>git clone https://github.com/PowerScript/KatanaFramework.git
cd KatanaFramework
sudo sh dependencies
sudo python install
</i></pre>
<div style="text-align: justify;">
<br /></div>
</blockquote>
<b>How to Use:: </b><a href="https://github.com/PowerScript/KatanaFramework/wiki/How-to-use" rel="nofollow" target="_blank">Click Here</a> <br />
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>Video Tutorial: </b></div>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="" class="YOUTUBE-iframe-video" data-thumbnail-src="https://i.ytimg.com/vi/B0QsDwYTrnI/0.jpg" frameborder="0" height="330px" src="https://www.youtube.com/embed/B0QsDwYTrnI?feature=player_embedded" width="100%"></iframe></div>
<div style="text-align: justify;">
<h3>
<b>Download:</b></h3>
<b>Linux:  </b><a href="https://github.com/PowerScript/KatanaFramework" rel="nofollow" target="_blank">Katana Framework</a><br />
<br />
<b>Submitted By: </b>RedToor</div>

Katana (Penetration Testing) :: Framework

Katana is a framework written in python for making penetration testing, based on a simple and comprehensive structure for anyone to us...

Mobile Security Framework (MobSF) : Framework

<div class="separator" style="clear: both; text-align: center;">
<img alt="Mobile Security Framework : ToolWar" border="0" height="232" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg92QuRFrhtVqI-D5Nzc-bu8_p0vvCirYl6qqK45JFNtlLSChwXklrMauZ_BLYvAZfq7H7ml0YTzaijl0GfbktnY_-sHW34h8B1tteqowCXjg_ELksZixDcb5Ff1B0JPxCVUTK9mYO9iNhL/s400-rw/MobSF.png" title="Mobile Security Framework : ToolWar" width="400" /></div>
<div style="text-align: justify;">
<b>Mobile Security Framework (MobSF)</b> is an intelligent, all-in-one open 
source mobile application (Android/iOS) automated pen-testing framework 
capable of performing static and dynamic analysis. It can be used for 
effective and fast security analysis of Android and iOS Applications and
 supports both binaries (APK & IPA) and zipped source code.<b> MobSF</b> 
can also perform Web API Security testing with it's API Fuzzer that can 
do Information Gathering, analyze Security Headers, identify Mobile API 
specific vulnerabilities like XXE, SSRF, Path Traversal, IDOR, and other
 logical issues related to Session and API Rate Limiting.</div>
<div style="text-align: justify;">
<br /></div>
<h3>
Tutorial: </h3>
<ul>
<li><a href="https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/wiki/1.-Documentation">https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/wiki/1.-Documentation</a></li>
</ul>
<h3>
Video Tutorial: </h3>
<h3>
Download: <strong> </strong></h3>
<strong>Windows</strong>: Extract the <a href="https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/archive/master.zip" target="_blank">MobSF</a> compressed file to C:\MobSF<strong> </strong><br />
<strong>Mac</strong>: Extract <a href="https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/archive/master.zip" target="_blank">MobSF</a> compressed file to /Users/[username]/MobSF<strong> </strong><br />
<strong>Linux</strong>: Extract <a href="https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/archive/master.zip" target="_blank">MobSF</a> compressed file to /home/[username]/MobSF<br />
<br />
<div style="text-align: justify;">
<br /></div>

Mobile Security Framework (MobSF) : Framework

Mobile Security Framework (MobSF) is an intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing fram...

Distributed Network Attack (DNA) :: Framework

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<img alt="Distributed Network Attack (DNA)" border="0" height="356" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgN1ZMHUWsjTC9Dt1gSGHwIb7uX_fVP2wEVefcDrl4xAEhFWtrS40MMQJeHNbsyJpHPAyBuMo5re53V-mtj7tDVo_foJL2k5V5G6MGzC34betwn72UCVNwMKUzShO9IwPYFmaiSd_gp0vu3/s1600-rw/Distributed+Network+Attack+(DNA).jpg" title="Distributed Network Attack (DNA)" width="640" /></div>
<b>Distributed Network Attack (DNA)</b> is a new approach to <i>recovering password protected files</i>. 
     In the past, recoveries have been limited to the processing 
     power of one machine. <b>Distributed Network Attack (DNA)</b> uses the power of machines across 
     the <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> or across the world to decrypt <a href="http://www.toolwar.com/search/label/Password" target="_blank">passwords</a>. The DNA 
     Server is installed in a central location where machines running 
     the <b>Distributed Network Attack (DNA)</b> Client can access it over the network. DNA Manager coordinates 
     the attack, assigning small portions of the key search to machines 
     distributed throughout the network. The DNA Client will run 
     in the background, only taking unused processor time. <b>Distributed Network Attack (DNA)</b> is used in many different environments to provide specific,  <b>password <a href="http://www.toolwar.com/search/label/Cracking" target="_blank">cracking</a></b> related functions. <b><i>For example</i></b>, law enforcement and  corporate <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a> professionals can use <b>PRTK and DNA</b> in <i>computer  <a href="http://www.toolwar.com/search/label/Forensics" target="_blank">forensic</a> investigations</i> to access password-protected files. IT  administrators can use <b>DNA</b> to recover system passwords, while individual  users can use PRTK and DNA to recover lost passwords to personal files.  These two products provide access to passwords for a large number of  popular software applications. <b>DNA</b> uses multiple machines across the  network or across the world to conduct key space and dictionary <a href="http://www.toolwar.com/search/label/Attack" target="_blank">attacks</a>.  In many cases, this makes use of time those computers would normally be  idle, saving the cost of additional hardware. Many organizations find  that the cost of additional hardware is justified for a secure,  dedicated password recovery lab. </div>
<div style="text-align: justify;">
<br />
<div class="ui-tabs-panel ui-widget-content ui-corner-bottom" id="dna-features">
<div class="featurewrapper">
<div class="FeatureRow">
<b>Distributed Network Attack® (DNA®) Features ::</b><br />
<ul class="square">
<li>Leverage graphic processing units on Microsoft Windows machines with CUDA-enabled GPUs.</li>
<li>Easy to read Statistics and Graphs</li>
<li>Add user dictionaries</li>
<li>Optimization for password attacks for specific <a href="http://www.toolwar.com/search/label/Language" target="_blank">languages</a></li>
<li>Customize user dictionaries</li>
<li>Stealth client installation functionality</li>
<li>Automatic Client update when updating the DNA Server</li>
<li>Control which clients work on certain jobs</li>
</ul>
</div>
</div>
</div>
<b>DNA® Worker Minimum Requirements :: </b><br />
<ul class="square">
<li>Operating System:</li>
</ul>
<ul class="square"><ul class="square">
<li><a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a>® XP/2000</li>
<li>Macintosh OSX 10.3.9/10.4.x</li>
<li><a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a> Red Hat/Fedora Core 4</li>
<li>Solaris</li>
</ul>
</ul>
<ul class="square">
<li>Processor:</li>
</ul>
<ul class="square"><ul class="square">
<li>Intel Pentium® III/P4/AMD Athlon™</li>
<li>Power PC G4/G5</li>
<li>Sparc</li>
</ul>
</ul>
<ul class="square">
<li>RAM: 1 Gb</li>
<li>Hard Disk Space: 40 Gb</li>
</ul>
</div>
<h3>
Tutorials ::</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/EJxrRbrf12I?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/ghaOJoJ08cw?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3 style="text-align: justify;">
Download ::</h3>
<div style="text-align: justify;">
<b>Windows :: </b><a href="http://marketing.accessdata.com/acton/attachment/4390/u-001a/0/-/-/-/-/" target="_blank">Distributed Network Attack (DNA) version 7.0.0 (.iso)</a></div>
<div style="text-align: justify;">
<b>Official Website ::</b> <a href="http://www.accessdata.com/">http://www.accessdata.com/</a>
</div>

Distributed Network Attack (DNA) :: Framework

Distributed Network Attack (DNA) is a new approach to recovering password protected files . In the past, recoveries have been limi...

Capstone (Disassembly Framework) :: Framework

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<img alt="capstone disassembler" border="0" height="320" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWQQc6jFFxBdew0SfkMRlTH0TSgVUzxWMCN6bSY2mxV-tcDnKFolrpjaOf0Dka2oqp6Dqs2WxUlRC3bh3ktMzdkyxqvc8ahRHCzUCVN4KF4Oz0IbzNy4CjtjcOnIZ_MH9cDNFmxMXRprqN/s320-rw/Capstone+Disassembler.png" title="capstone disassembler" width="320" /></div>
<b>Capstone </b>is a lightweight multi-platform, multi-architecture <a href="http://www.toolwar.com/search/label/Assembler/Disassembler" target="_blank">disassembly</a> <a href="http://www.toolwar.com/search/label/Framework" target="_blank">framework</a>. Our target is to make <b>Capstone</b> the ultimate disassembly engine for binary analysis and <a href="http://www.toolwar.com/search/label/Reverse" target="_blank">reversing</a> in the <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a> community.<br />
<h3>
Features</h3>
</div>
<ul style="text-align: justify;">
<li>Support hardware architectures: ARM, ARM64 (aka ARMv8), Mips & X86.</li>
<li>Clean/simple/lightweight/intuitive architecture-neutral API. </li>
<li>Provide details on disassembled instruction (called “decomposer” by others).</li>
<li>Provide some semantics of the disassembled instruction, such as list of implicit registers read & written.</li>
<li>Implemented in pure C language, with bindings for Python, Ruby, OCaml, C#, Java and GO available.</li>
<li>Native support for Windows & *nix (including MacOSX, Linux, *BSD platforms).</li>
<li>Thread-safe by design.</li>
<li>Distributed under the open source BSD license</li>
</ul>
<h3>
 </h3>
<h3>
Tutorials ::</h3>
<b>Text Tutorials :: </b><a href="http://www.capstone-engine.org/documentation.html" target="_blank">Click Here </a><br />
<h3>
Download ::</h3>
<b>Windows ::</b> <a href="http://www.capstone-engine.org/download/1.0/capstone-1.0-win32.zip" target="_blank">Capstone v1 (Win32)</a><br />
<b>Linux :: <a href="http://www.blogger.com/goog_1808671360">C</a></b><a href="http://www.capstone-engine.org/download/1.0/capstone-1.0_i386.deb" target="_blank">apstone-1.0_i386.deb</a><br />
<b>Official Website :: </b><a href="http://www.capstone-engine.org/">http://www.capstone-engine.org/</a><br />
<div class="separator" style="clear: both; text-align: left;">
<a href="http://www.capstone-engine.org/download/1.0/capstone-1.0-win32.zip" target="_blank"></a></div>

Capstone (Disassembly Framework) :: Framework

Capstone is a lightweight multi-platform, multi-architecture disassembly framework . Our target is to make Capstone the ultimate disass...

The Sleuth Kit (TSK - Forensics) :: Framework

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
 <img alt="the sleuth kit logo" border="0" height="166" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPBlwuWRltXOU2hEze6gjFS1OxwMM7HIYQuU4ElDgNsV8TmyWm9VYKauKsZbzStobxPbL4KSrUSqGxKXIYhNU4IluquGMQPe90Q6zRuGBMq_N92DQ2PK4G6lfCg8iLWGVDyVT8B8THFPHd/s1600-rw/the+sleuth+kit+logo.gif" title="the sleuth kit logo" width="200" /></div>
<b>The Sleuth Kit</b> is a C++ library and collection of open source file 
system <a href="http://www.toolwar.com/search/label/Forensics" target="_blank"><b>forensics tools</b></a> that allow you to, among other things, view 
allocated and deleted data from NTFS, FAT, FFS, EXT2, Ext3, HFS+, and 
ISO9660 images. <br />
<b>The Sleuth Kit® (TSK)</b> is a library and collection of command line <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a> that allow you to investigate disk images. The core functionality  of <b>TSK</b> allows you to <a href="http://www.toolwar.com/search/label/Analysis" target="_blank">analyze</a> volume and file system data. The plug-in  <a href="http://www.toolwar.com/search/label/Frameworks" target="_blank">framework</a> allows you to incorporate additional modules to analyze file  contents and build automated systems. The library can be incorporated into larger digital forensics tools and the <a href="http://www.toolwar.com/search/label/CLI" target="_blank">command  line</a> tools can be directly used to find evidence. </div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
There are three different packages for each <b>The Sleuth Kit® (TSK) </b>release.</div>
<ul style="text-align: justify;">
<li><b>sleuthkit-X.X.X.tar.gz</b>: This is the source code release of  TSK core and framework that you must compile on your computer. This is  most commonly used on non-<a href="http://www.toolwar.com/search/label/Windows" target="_blank">windows</a> systems.</li>
<li><b>sleuthkit-X.X.X-win32.zip</b>: This is the compiled windows release of TSK core. This has executables and libraries that allow you to run this on windows.</li>
<li><b>sleuthkit-X.X.X-framework-win32.zip</b>: This is the compiled  windows release of the framework. It has the tsk_analyzeimg program that  allows you to run the framework on a disk image.</li>
</ul>
<div style="text-align: justify;">
<br /></div>
<h3>
Tutorials ::</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/YybBQycLL9w?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/3ieolkMJxJk?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3>
Download ::</h3>
<b>Windows (x86) :: </b><a class="name" href="http://sourceforge.net/projects/sleuthkit/files/sleuthkit/4.1.2/sleuthkit-4.1.2-win32.zip/download" title="Click to download sleuthkit-4.1.2-win32.zip">Sleuthkit-4.1.2-win32.zip</a> | <a class="name" href="http://sourceforge.net/projects/sleuthkit/files/sleuthkit/4.1.2/sleuthkit-4.1.2-framework-win32.zip/download" title="Click to download sleuthkit-4.1.2-framework-win32.zip">Sleuthkit-4.1.2-framework-win32.zip</a>
<b> </b><br />
<b>Linux :: </b><a class="name" href="http://sourceforge.net/projects/sleuthkit/files/sleuthkit/4.1.2/sleuthkit-4.1.2.tar.gz/download" title="Click to download sleuthkit-4.1.2.tar.gz">Sleuthkit-4.1.2.tar.gz</a> <br />
<b>Official Website :: </b> <a href="http://www.sleuthkit.org/sleuthkit/">http://www.sleuthkit.org/sleuthkit/</a>

The Sleuth Kit (TSK - Forensics) :: Framework

The Sleuth Kit is a C++ library and collection of open source file system forensics tools that allow you to, among other things, vie...

Crypto Implementations Analysis Toolkit :: Framework

<div class="separator" style="clear: both; text-align: center;">
<img alt="Crypto Implementation Analysis Toolkit (CIAT)" border="0" height="240" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAZPIwVYWPyohkcKc1fGGaHZAcyEw0BoiIWqylgFCnmnY1VjNEgNvH1QOaOPUW0oKzjIUDWaaT-w2W0NnTovjr_7z_6iDQDsIk1zJ32bIxlmbcNT-H9milmKcnN3YE4dztJDAY7SjbM_Ll/s1600-rw/Crypto+Implementation+Analysis+Toolkit+(CIAT).png" title="Crypto Implementation Analysis Toolkit (CIAT)" width="400" /></div>
<div style="text-align: justify;">
The <b>Cryptographic Implementations Analysis Toolkit (CIAT)</b> is 
compendium of command line and graphical tools whose aim is to help in 
the detection and analysis of encrypted byte sequences within files 
(executable and non-executable). </div>
<br />
<h3>
Download :: </h3>
<b>Linux & Windows :: </b><a href="http://sourceforge.net/projects/ciat/files/latest/download" target="_blank">Crypto Implementation Analysis Toolkit (CIAT) (.zip)</a><b> </b><br />
<b>Official Website :: </b><a href="http://ciat.sourceforge.net/">http://ciat.sourceforge.net/</a>

Crypto Implementations Analysis Toolkit :: Framework

The Cryptographic Implementations Analysis Toolkit (CIAT) is compendium of command line and graphical tools whose aim is to help in th...

KillerBee (Exploiting ZigBee and IEEE 802.15.4 Networks) :: Framework

<div class="separator" style="clear: both; text-align: center;">
<img alt="KillerBee Image" border="0" height="329" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7xn4xzkvBYoqeDLAxh3GYVmNcCIj8wfF43o7uU-YZX4qDFqdlP91terOVNJqb8Zo0hS94LsqWhLGHvoJXzHFJkVYwmnD8YzrW6f-H_ndMaXeF-7iquPRYHz01XL2GKY3V2yXWvycWpApy/s1600-rw/KillerBee+Image.jpg" title="KillerBee Image" width="640" /></div>
<div style="text-align: justify;">
</div>
<div style="text-align: justify;">
<b>KillerBee</b> is a Python based <a href="http://www.toolwar.com/search/label/Frameworks" target="_blank">framework</a> and tool set for <b>exploring and 
exploiting the security of ZigBee and IEEE 802.15.4 networks.</b>  Using 
<b>KillerBee</b> tools and a compatible IEEE 802.15.4 radio interface, you can 
eavesdrop on ZigBee networks, replay traffic, attack cryptosystems and 
much more.  Using the <b>KillerBee framework</b>, you can build your own <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a>,
 implement ZigBee fuzzing, emulate and attack end-devices, routers and 
coordinators and much more. </div>
<h3 style="text-align: justify;">
Tutorials ::</h3>
<div style="text-align: justify;">
<b>Install on Linux :: </b><a href="https://code.google.com/p/killerbee/wiki/InstallLinuxBackTrack" target="_blank">Click Here</a></div>
<div style="text-align: justify;">
<b>Install on Mac :: </b><a href="https://code.google.com/p/killerbee/wiki/InstallOSX" target="_blank">Click Here</a></div>
<b>Wiki :: </b><a href="https://code.google.com/p/killerbee/w/list" target="_blank">Click Here</a><br />
<h3 style="text-align: justify;">
Download ::</h3>
<div style="text-align: justify;">
<b>Linux | Mac :: </b><a href="https://killerbee.googlecode.com/files/killerbee_1_0.tar" target="_blank">KillerBee v1.0</a> (.tar.gz)</div>
<div style="text-align: justify;">
<b>Source Website :: </b><a href="https://code.google.com/p/killerbee/">https://code.google.com/p/killerbee/</a></div>

KillerBee (Exploiting ZigBee and IEEE 802.15.4 Networks) :: Framework

KillerBee is a Python based framework and tool set for exploring and exploiting the security of ZigBee and IEEE 802.15.4 networks. ...

Sandcat Browser (Web Penetration Testing) :: Framework

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTNeBldokTCCp2sKPEkIFaDYKilr89PbQIxdeIWaz7JEOT9ziJ36DF-zxINRCMAbUy_Rc-T4mqfPDm3Xl4N6chlKsO3pt3ex66r0qn8tqjYWzD6SbtSiTx3GHA8JDP2E633tsV5RAGFdVa/s1600/sandcat+browser+screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="sandcat browser screenshot" border="0" height="310" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTNeBldokTCCp2sKPEkIFaDYKilr89PbQIxdeIWaz7JEOT9ziJ36DF-zxINRCMAbUy_Rc-T4mqfPDm3Xl4N6chlKsO3pt3ex66r0qn8tqjYWzD6SbtSiTx3GHA8JDP2E633tsV5RAGFdVa/s400-rw/sandcat+browser+screenshot.png" title="sandcat browser screenshot" width="400" /></a></div>
<div style="text-align: justify;">
</div>
<div style="text-align: justify;">
<b>Sandcat Browser</b> is the fastest web browser combined with the fastest scripting language packed with features for pen-testers<b>. Sandcat Browser</b> is a freeware portable pen-test oriented multi-tabbed  web browser with extensions support developed by the Syhunt team. The <b> Sandcat Browser</b> is built on top of Chromium, the same engine that powers the Google Chrome browser, and uses the Lua programming language to provide extensions and scripting support. </div>
<div class="vspace" style="text-align: justify;">
Some of its unique features include: </div>
<ul style="text-align: justify;">
<li><b>Live HTTP Headers</b> — built-in live headers with a dedicated cache per tab and support for preview extensions </li>
<li><b>Sandcat Console</b> — an extensible command line console; Allows you to easily run custom commands and scripts in a loaded page </li>
<li><b>Resources</b> tab  — allows you to view the page resources, such as JavaScript files and other web files. </li>
<li><b>Page Menu</b> extensions — allows you to view details about a page and more. </li>
<li><b>Pen-Tester Tools</b> — Sandcat comes with a  multitude of pen-test oriented extensions. This includes a Fuzzer, a  Script Runner, HTTP & XHR Editors, Request Loader, Request Replay  capabilities and more. </li>
</ul>
<div class="vspace" style="text-align: justify;">
Features inherited from Chromium include: </div>
<ul style="text-align: justify;">
<li><b>Multi-Process Architecture</b> — each tab is its own process </li>
<li><b>Developer Tools</b> — in addition to the Chromium Developer Tools, Sandcat comes with a Source Code Editor and its own JavaScript and Lua consoles. </li>
</ul>
<h3 style="text-align: justify;">
<b> </b></h3>
<h3 style="text-align: justify;">
<b>Tutorials ::</b></h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/xdeXF4F4T_Q?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div style="text-align: justify;">
<br /></div>
<h3 style="text-align: justify;">
<b>Download ::</b></h3>
<div style="text-align: justify;">
<b>Windows :: </b><a href="http://www.syhunt.com/pub/downloads/sandcat-browser-4.4.exe" target="_blank">Sandcat v4.4</a><b> </b></div>
<div style="text-align: justify;">
<b>Official Website :: </b><a href="http://www.syhunt.com/?n=Sandcat.Browser">http://www.syhunt.com/?n=Sandcat.Browser</a><b>
</b></div>
<h3 style="text-align: justify;">
</h3>
<div style="text-align: justify;">
</div>

Sandcat Browser (Web Penetration Testing) :: Framework

Sandcat Browser is the fastest web browser combined with the fastest scripting language packed with features for pen-testers . Sandcat...

Volatility (Advanced Memory Forensics Framework) :: Framework

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<img alt="Volatility Framework (Advance Memory Framework)" border="0" height="244" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjwYsvSKFWGazVkY8HTm3e9MOP8FLgDHrNIEhfik5auQuUNypN7S2Vl_ZHpcAkdSMaAcULytu3T0GEW5lT53Towrr6YEo48gjALbDFYqIdwWgbH_SwnzwssHoTNoZWyDysqNDN1W5rFYL0S/s320-rw/volatility+logo.png" title="Volatility Framework (Advance Memory Framework)" width="320" /></div>
<b>Volatility Framework</b> is a <i>Advanced Memory Forensics Framework. </i>The <b>Volatility Framework</b>  is a completely open collection of <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a>, implemented in <a href="http://www.toolwar.com/search/label/Python" target="_blank">Python</a> under  the GNU General Public License, for the extraction of digital artifacts  from volatile <a href="http://www.toolwar.com/search/label/Memory" target="_blank">memory</a> (RAM) samples. The extraction techniques are  performed completely independent of the system being investigated but  offer unprecedented visibilty into the runtime state of the system.  The <a href="http://www.toolwar.com/search/label/Frameworks" target="_blank"> framework</a> is intended to introduce people to the techniques and  complexities associated with extracting digital artifacts from volatile <a href="http://www.toolwar.com/search/label/Memory" target="_blank"> memory</a> samples and provide a platform for further work into this  exciting area of research.   <br />
The <b>Volatility Framework</b>  demonstrates our commitment to and belief in the importance of open  source digital investigation <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a> . Volatile Systems is committed to  the belief that the technical procedures used to extract digital  evidence should be open to peer analysis and review.  We also believe  this is in the best interest of the digital investigation community, as  it helps increase the communal knowledge about systems we are forced to  investigate.   Similarly, we do not believe the availability of these  tools should be restricted and therefore encourage people to modify,  extend, and make derivative works, as permitted by the GPL.   </div>
<h3 style="text-align: left;">
<span style="font-size: small;">Capabilities :-</span></h3>
<div style="text-align: justify;">
The <b>Volatility Framework</b> currently provides the following extraction capabilities for memory samples   </div>
<ul style="list-style-type: disc; text-align: justify;">
<li>Image information (date, time, CPU count)</li>
<li>Running processes</li>
<li>Process SIDs and environment variables</li>
<li>Open network sockets</li>
<li>Open network connections</li>
<li>DLLs loaded for each process</li>
<li>Open handles to all kernel/executive objects (files, keys, mutexes)</li>
<li>OS kernel modules</li>
<li>Dump any process, DLL, or module to disk</li>
<li>Mapping physical offsets to virtual addresses</li>
<li>Virtual Address Descriptor information</li>
<li>Addressable memory for each process</li>
<li>Memory maps for each process</li>
<li>Extract executable samples</li>
<li>Scanning examples: processes, threads, sockets, connections, modules</li>
<li>Command histories (cmd.exe) and console input/output buffers</li>
<li>Imported and exported API functions</li>
<li>PE version information</li>
<li>System call tables (IDT, GDT, SSDT)</li>
<li>API hooks in user- and kernel-mode (inline, IAT, EAT, NT syscall, winsock)</li>
<li>Explore cached registry hives</li>
<li>Dump LM/NTLM hashes and LSA secrets</li>
<li>User assist and shimcache exploration</li>
<li>Scan for byte patterns, regular expressions, or strings in memory</li>
<li>Analyze kernel timers and callback functions</li>
<li>Report on windows services</li>
</ul>
<h3>
Tutorial ::</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/zhQP07YKLL0?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3>
</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/zXh-1mK5FyU?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3>
</h3>
<h3>
Download ::</h3>
<b>Windows :: </b><a href="https://volatility.googlecode.com/files/volatility-2.3.1.standalone.exe" target="_blank">Volatility 2.3.1 Standalone </a><b>
</b>
<b> </b><br />
<b>Linux :: </b><a href="https://volatility.googlecode.com/files/volatility-2.3.1.tar.gz" target="_blank">Volatility 2.3.1.tar.gz</a><b>
</b>
<b> </b><br />
<b>Mac :: </b><a href="https://volatility.googlecode.com/files/MacProfilesAll.zip" target="_blank">Volatility Framework </a><br />
<b></b><b>Source :: </b><a href="https://code.google.com/p/volatility/">https://code.google.com/p/volatility/</a><b>
</b>

Volatility (Advanced Memory Forensics Framework) :: Framework

Volatility Framework is a Advanced Memory Forensics Framework. The Volatility Framework is a completely open collection of tools , imp...

OCFA (Open Computer Forensics Architecture) :: Framework

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<img alt="OCFA Tools" border="0" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiFBvdLhCyjycLRfN5dNkY5dJ8DhTpyO1-LAAjtlqcZoz2odPBUVyhs1KU3f-t8QDFAa_LJxuuVAVJRfE1niARh9DzFRqu_wZnESr3NRQFqR6wF8YVJceurWGKd0469rTy_vUIhApL46dEN/s1600-rw/Computer-Forensics.jpg" title="OCFA TOols" /></div>
</div>
<div style="text-align: justify;">
The <b>Open Computer Forensics Architecture (OCFA)</b> is a modular computer <a href="http://www.toolwar.com/search/label/Forensics" target="_blank">forensics</a> framework built by the Dutch National Police Agency [KLPD/Dutch]. The main goal is to automate the digital forensic process to speed up the <a href="http://www.toolwar.com/search/label/Investigation" target="_blank">investigation</a> and give tactical investigators direct access to the seized data through an easy to use search and browse interface.<br />
<br />
The architecture forms an environment where existing <a href="http://www.toolwar.com/search/label/Forensics" target="_blank">forensic tools</a> and libraries can be easily plugged into the architecture and can thus be made part of the recursive extraction of data and metadata from digital evidence. The <b>Open Computer Forensics Architecture</b> aims to be highly modular, robust, fault tolerant, recursive and scalable in order to be usable in large investigations that spawn numerous terabytes of evidence data and covers hundreds of evidence items.<br />
<br />
Modules in <b>OCFA</b> for reasons of fault tolerance are processes. The basic OcfaLib API makes it possible and relatively easy to build an <b>OCFA</b> module out of any data processing library or tool. OCFA comes with numerous such modules that are mostly wrappers around libraries like libmagic or tools such as those found in the <a href="http://www.toolwar.com/2014/01/the-sleuth-kit-tsk-forensics-framework.html" target="_blank">Sleuthkit</a>.<br />
<br />
The 2.2 version of OCFA (released April 2009) makes the previously internal OCFA treegraph API available for OCFA module development. The OCFA treegraph API allows more advanced dissectors that produce data and meta-data for a treegraph representation of an input file. The OCFA treegraph API also allows dissectors that are programed to be CarvFs aware to use zero storage <a href="http://www.toolwar.com/search/label/Carving" target="_blank">carving</a>.<br />
<br />
Communication between modules within OCFA is governed by a two layered communication infrastructure as provided by <b>OCFA</b>. At the lowest layer is a messaging system with at is center the OCFA Anycast Relay. The Anycast Relay provides the facilities of module crash resistance, distributed processing load balancing and flow control. At a higher level of communication, the OCFA XML Router provides for the routing of individual pieces of evidence through the most appropriate tool chain for its particular type of content.<br />
<br />
Although <b>OCFA</b> contains a rudimentary user interface, most of its power is in the backend architecture. The last and final module in the tool chain of any evidence will be the OCFA Data Store Module. This module processes the evidence XML (that contains all of the evidence data its meta data) and stores relevant parts into a postgesql database. Extending the apache based user interface with interfaces for your own case bound queries is something that should proof very useful in most investigations. </div>
<h3 style="text-align: justify;">
Tutorials ::</h3>
<div style="text-align: justify;">
<b>Wiki :: </b> <a href="http://ocfa.wiki.sourceforge.net/" target="_blank">Click Here</a></div>
<div style="text-align: justify;">
<b>Installation ::</b> <a href="http://ocfa.sourceforge.net/files/InstallingOcfaOnUbuntu.pdf" target="_blank">Click Here</a></div>
<div style="text-align: justify;">
<b>Practical Usages :: </b><a href="http://ocfa.sourceforge.net/files/PracticalUseOCFA.pdf" target="_blank">Click Here</a></div>
<h3 style="text-align: justify;">
Download ::</h3>
<div style="text-align: justify;">
<b>Linux :: </b><a href="http://sourceforge.net/projects/ocfa/files/latest/download" target="_blank">OCFA</a> (.tar.bz2)<br />
<b>Official Website ::</b> <a href="http://ocfa.sourceforge.net/">http://ocfa.sourceforge.net/</a></div>

OCFA (Open Computer Forensics Architecture) :: Framework

The Open Computer Forensics Architecture (OCFA) is a modular computer forensics framework built by the Dutch National Police Agency [...

DFF (Digital Forensics Framework) :: Framework

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgIl1DdbsO0WfC9qJDGu02Asu8jmU-fMvvGqJMnoXYIsycbH4eFW775XwZteITm_g2b8WSSdGZMbd7O8O3wZHb-6a1jsPqXb98HsFnIMVxzOlcFkVtQFC1j5SodKKFdqH5k_nWuugslcbtP/s1600/DFF+LOgo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="DFF Logo" border="0" height="166" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgIl1DdbsO0WfC9qJDGu02Asu8jmU-fMvvGqJMnoXYIsycbH4eFW775XwZteITm_g2b8WSSdGZMbd7O8O3wZHb-6a1jsPqXb98HsFnIMVxzOlcFkVtQFC1j5SodKKFdqH5k_nWuugslcbtP/s1600-rw/DFF+LOgo.png" title="DFF Logo" width="400" /></a></div>
<div style="text-align: justify;">
<b>DFF (Digital Forensics Framework)</b> is a free and Open Source <b>computer  forensics software</b> built on top of a dedicated Application Programming  Interface (API). It can be used both by professional and non-expert people in order to quickly  and easily collect, preserve and reveal digital evidences without  compromising systems and data.</div>
<h3 style="text-align: justify;">
Features :: </h3>
<ul style="text-align: justify;">
<li>Preserve digital chain of custody - Software write blocker, cryptographic <a href="http://www.toolwar.com/search/label/Hash" target="_blank">hash</a> calculation</li>
<li>Access to local and remote devices - Disk drives, removable devices, remote file systems</li>
<li>Read standard <a href="http://www.toolwar.com/search/label/Forensics" target="_blank">digital forensics</a> file formats - Raw, Encase EWF, AFF 3 file formats</li>
<li><a href="http://www.toolwar.com/search/label/Virtual" target="_blank">Virtual machine</a> disk reconstruction - VmWare (VMDK) compatible</li>
<li><a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a> and <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux OS</a> forensics - <a href="http://www.toolwar.com/search/label/Registry" target="_blank">Registry</a>, Mailboxes, NTFS, EXTFS 2/3/4, FAT 12/16/32 file systems</li>
<li>Quickly triage and search for (meta-)data - Regular expressions, dictionaries, content search, tags, time-line</li>
<li><a href="http://www.toolwar.com/search/label/Recovery" target="_blank">Recover</a> hidden and deleted artifacts - Deleted files / folders, unallocated spaces, carving</li>
<li>Volatile <a href="http://www.toolwar.com/search/label/Memory" target="_blank">memory forensics</a> - Processes, local files, binary extraction, network connections</li>
</ul>
<div style="text-align: justify;">
<b>Digital Forensics Framework (DFF)</b> is an open source computer forensics software. It advertises the ability to be used by both professionals and non-experts to collect, preserve, and reveal digital evidence without compromising systems and data. </div>
<div style="text-align: justify;">
<b>Digital Forensics Framework</b> offers two user interfaces, a graphical one developed in PyQt and providing classical tree view but also more advanced features such as recursive view, tagging, live search or bookmarking. Its command line interface enables to perform <a href="http://www.toolwar.com/search/label/Investigation" target="_blank">digital investigation</a> remotely and comes with usual functionnalities available in common shell such as completion, tasks management, globing or keyboard shortcuts. DFF can also run batch scripts at startup to automate repetitive tasks. Advanced users and developers can also use DFF directly from a <a href="http://www.toolwar.com/search/label/Python" target="_blank">Python</a> interpreter to script their investigation.</div>
<h3 style="text-align: justify;">
Tutorials ::</h3>
<div style="text-align: justify;">
<b>DFF Blog :: </b><a href="http://www.digital-forensic.org/blog/" target="_blank">Click Here</a><b><br />
</b></div>
<b>DFF Wiki :: </b><a href="http://wiki.digital-forensic.org/" target="_blank">Click Here</a><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/02uZv72KS88?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3 style="text-align: justify;">
Download ::</h3>
<div style="text-align: justify;">
<b>Linux | Windows :: </b><a href="http://www.digital-forensic.org/en/downloads/dff/" target="_blank">DFF v1.3.0</a> (Free Edition)</div>
<div style="text-align: justify;">
<b>Official Website ::</b> <a href="http://wiki.digital-forensic.org/index.php/Main_Page">http://wiki.digital-forensic.org/index.php/Main_Page</a></div>

DFF (Digital Forensics Framework) :: Framework

DFF (Digital Forensics Framework) is a free and Open Source computer forensics software built on top of a dedicated Application Progra...

FS-NyarL (Pentesting and Forensics) :: Framework

<div class="separator" style="clear: both; text-align: center;">
<img alt="FS-NyarL Logo" border="0" height="400" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyvqhfIV1vfEKDsDPoTq-IY5y6kdJuGAIfRzvtSPL90-6xtK2hDdppU1kPwgvztn_cudPZFcOqOalRYynOeDEflS5wufjqugLOyzJNrbZhqLjb34aHNnZuPJhRLZ_SInYW0BFppZeFQqDm/s1600-rw/FS-NyarL+Logo.jpg" title="FS-NyarL Logo" width="248" /></div>
<div style="text-align: justify;">
<b>NyarL</b> it's Nyarlathotep, a mitological chaotic deity of the writer HP. Lovecraft's cosmogony.  It's represent Crawling Chaos and <b>FS-NyarL</b> it's The <b>Crawling Chaos of Cyber Security</b>. A <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> takeover & <a href="http://www.toolwar.com/search/label/Forensics" target="_blank">forensic analysis tool</a> - useful to advanced  PenTest tasks & for fun and profit - but use it at your own risk! </div>
<ul style="text-align: justify;">
<li>Interactive Console</li>
<li>Real Time Passwords Found</li>
<li>Real Time Hosts Enumeration</li>
<li>Tuned Injections & Client Side Attacks</li>
<li>ARP Poisoning & SSL Hijacking</li>
<li>Automated HTTP Report Generator</li>
</ul>
<div style="text-align: justify;">
<b>ATTACKS IMPLEMENTED:</b> </div>
<ul style="text-align: justify;">
<li>MITM (Arp Poisoning)</li>
<li>Sniffing (With & Without Arp Poisoning)</li>
<li>SSL Hijacking (Full SSL/TLS Control)</li>
<li>HTTP Session Hijaking (Take & Use Session Cookies)</li>
<li>Client Browser Takeover (with Filter Injection in data stream)</li>
<li>Browser AutoPwn (with Filter Injection in data steam)</li>
<li>Evil Java Applet (with Filter Injection in data stream)</li>
<li>DNS Spoofing</li>
<li>Port Scanning</li>
</ul>
<table class="notableborder" style="margin-left: 0px; margin-right: 0px; text-align: left;"><tbody>
<tr><td colspan="2"><b>POST ATTACKS DATA OBTAINED:</b><br />
<ul>
<li>Passwords extracted from data stream</li>
<li>Pcap file with whole data stream for deep analysis</li>
<li>Session flows extracted from data stream (Xplico & Chaosreader)</li>
<li>Files extracted from data stream</li>
<li>Hosts enumeration (IP,MAC,OS)</li>
<li>URLs extracted from data stream</li>
<li>Cookies extracted from data stream</li>
<li>Images extracted from data stream</li>
<li>List of HTTP files downloaded extracted from URLs</li>
</ul>
</td> </tr>
<tr><td><b>DEPENDENCIES (aka USED TOOLS):</b><br />
<ul>
<li>Chaosreader (already in bin folder)</li>
<li><a href="http://www.toolwar.com/2013/11/xplico-tools.html" target="_blank">Xplico</a></li>
<li><a href="http://www.toolwar.com/2013/09/ettercap-076-tools.html" target="_blank">Ettercap</a></li>
<li>Arpspoof</li>
<li>Arp-scan</li>
<li>Mitmproxy</li>
<li><a href="http://www.toolwar.com/2014/02/nmap-and-zenmap-network-discovery-and.html" target="_blank">Nmap</a></li>
<li><a href="http://www.toolwar.com/2013/09/tcpdump-is-network-sniffer-we-all-used.html" target="_blank">Tcpdump</a></li>
<li><a href="http://www.toolwar.com/2013/09/beef-browser-exploitation-framework.html" target="_blank">Beef</a></li>
</ul>
</td> <td><ul>
<li><a href="http://www.toolwar.com/2013/10/social-engineering-toolkit-set-tools.html" target="_blank">SET</a></li>
<li><a href="http://www.toolwar.com/2013/09/metasploit-framework.html" target="_blank">Metasploit</a></li>
<li><a href="http://www.toolwar.com/2013/09/dsniff-tools.html" target="_blank">Dsniff</a></li>
<li><a href="http://www.toolwar.com/2013/10/technitium-mac-address-changer-v6-tools.html" target="_blank">Macchanger</a></li>
<li>Hamster</li>
<li>Ferret</li>
<li><a href="http://www.toolwar.com/2013/10/p0f-tools.html" target="_blank">P0f</a></li>
<li><a href="http://www.toolwar.com/2013/11/foremost-tools.html" target="_blank">Foremost</a></li>
<li>SSLStrip</li>
<li><a href="http://www.toolwar.com/2014/02/sslsplit-mitm-attack-against-ssltls.html" target="_blank">SSLSplit</a></li>
</ul>
</td></tr>
</tbody></table>
<br />
<table class="notableborder" style="margin-left: 0px; margin-right: 0px; text-align: left;"><tbody>
<tr><td><h3>
Tutorials ::</h3>
<b>Screenshots ::  </b><a href="http://www.fulgursecurity.com/en/content/fs-nyarl" target="_blank">Click Here</a> <br />
<h3>
Download ::</h3>
<b>Linux ::</b> <a href="http://www.fulgursecurity.com/tools/fs-nyarl/FS-NyarL_v1.0-kali.tar.gz" target="_blank">FS-NyarL v1.0</a> (.tar.gz)<br />
<b>Official Website :: </b><a href="http://www.fulgursecurity.com/en/content/fs-nyarl">http://www.fulgursecurity.com/en/content/fs-nyarl</a></td></tr>
</tbody></table>

FS-NyarL (Pentesting and Forensics) :: Framework

NyarL it's Nyarlathotep, a mitological chaotic deity of the writer HP. Lovecraft's cosmogony. It's represent Crawling Chaos...

FARADAY (Integrated Penetration Testing IDE) :: Framework

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<img alt="FARADAY Logo" border="0" height="91" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj03zjrenjfh3-P90KLn_GSw8ONyaQLqXdR6otoyPAiIMj1ETcLzdJpofOdDKILtTGY6U_4FS4zlEyLZEVF0IEjyTWLMkZrm9wa3U-YS1L8K8A1NQO_j0muNmj9wiuSaqph9OyYKddiOc-f/s1600-rw/Faraday-Logo.png" title="FARADAY Logo" width="400" /></div>
<b>Faraday</b> introduces a new concept (IPE) <b>Integrated Penetration-Test  Environment</b> a multiuser <b>Penetration test IDE</b>. Designed for distribution,  indexation and analysis of the generated data during the process of a <a href="http://www.toolwar.com/search/label/Security" target="_blank"> security audit</a>.</div>
<div style="text-align: justify;">
The main purpose of <b>Faraday</b> is to re-use the available tools in the community to take advantage of them in a multiuser way.</div>
<div style="text-align: justify;">
Design for simplicity, users should feel no difference between their  own terminal application and the one included in <b>Faraday</b>. Developed with  a specialized set of functionalities that help users improve their own  work. Do you remember yourself programming without an IDE? Well, <b>Faraday</b>  does the same an IDE does for you when programming, but from the  perspective of a <a href="http://www.toolwar.com/search/label/Penetration" target="_blank">penetration test</a>.</div>
<div style="text-align: justify;">
<br />
<b>Requirement ::  </b></div>
<div style="text-align: justify;">
<a href="http://www.toolwar.com/search/label/Linux" target="_blank">Modern Linux</a> (Tested Debian / Ubuntu  * / <a href="http://www.toolwar.com/2013/09/kali-linux-toolwar.html" target="_blank">Kali</a> / <a href="http://www.toolwar.com/2013/09/backtrack-5-r3-distribution.html" target="_blank">Backtrack</a>)</div>
<ul style="text-align: justify;">
<li>Python 2.6.x and 2.7.x</li>
<li>Qt3</li>
<li>CouchDB >= 1.2.0<br />
</li>
<li>The following python libs:  <ul>
<li>mockito </li>
<li>couchdbkit </li>
<li>whoosh </li>
<li>argparse </li>
<li>psycopg2</li>
<li>IPy</li>
<li>requests</li>
</ul>
<h3>
</h3>
</li>
</ul>
<h3 style="text-align: justify;">
Tutorials :: </h3>
<div style="text-align: justify;">
<b>Installation :: </b> </div>
<div style="text-align: justify;">
Preferably, you can download faraday by cloning the Git repository:</div>
<div style="text-align: justify;">
<pre><code>$ git clone https://github.com/infobyte/faraday.git faraday-dev
$ cd faraday-dev
$ ./install
</code></pre>
</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>Usage :: </b></div>
<div style="text-align: justify;">
To get started, simply execute faraday and use the new console to start working in the pentest: </div>
<div style="text-align: justify;">
<pre><code>$ ./faraday</code></pre>
<pre><code> </code></pre>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/EBz0g6ya7Mg?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
</div>
<h3 style="text-align: justify;">
Download :: </h3>
<div style="text-align: justify;">
<b>Linux :: </b><a href="https://github.com/infobyte/faraday/archive/master.zip" target="_blank">Faraday</a> (tarball) <b>
</b></div>
<div style="text-align: justify;">
<b>Source Website :: </b><a href="https://github.com/infobyte/faraday">https://github.com/infobyte/faraday</a></div>
<div style="text-align: justify;">
<b>Official Website :: </b><a href="http://www.faradaysec.com/">http://www.faradaysec.com/</a></div>

FARADAY (Integrated Penetration Testing IDE) :: Framework

Faraday introduces a new concept (IPE) Integrated Penetration-Test Environment a multiuser Penetration test IDE . Designed for distrib...

SIPVicious (Auditing SIP Based VoIP System) :: Tools

<div style="text-align: justify;"><div class="separator" style="clear: both; text-align: center;"><img alt="SIP VoIP " border="0" height="324" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgs5pKQQ6VdyR7URrQT6nS1VVL0igxhRv5L4g9jfkKRkBLjfBegI6eKZANJ63AqMiWYIf8m2YEb8azNj4j9bwx-gCWo_jYM66n1k2GggJOHg0mLwLS0hJ7h7UWskxn3gWk6PAqEtxcvgABJ/s1600-rw/SIP+VoIP.png" title="SIP VoIP " width="640" /></div><b>SVMAP</b> is a part of a suite of tools called <b>SIPVicious</b> and it’s my  favorite <a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanner</a> of choice It can be used to scan identify and fingerprint a single IP or a range  of IP addresses. <b>Svmap</b> allows specifying the request method which is being used for  scanning, the default method is OPTIONS, it offers debug and verbosity  options and even allows scanning the SRV records for SIP on the  destination domain. You can use the <b>./svmap –h</b> in order to view all the available arguments </div><div style="text-align: justify;"><b>SIPVicious suite</b> is a set of <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a> that can be used to audit SIP based <a href="http://www.toolwar.com/search/label/VOIP" target="_blank">VoIP systems</a>.  It currently consists of four tools: </div><ul style="text-align: justify;"><li>svmap - this is a sip scanner. Lists SIP devices found on an IP range </li>
<li>svwar - identifies active extensions on a PBX </li>
<li>svcrack - an online password cracker for SIP PBX </li>
<li>svreport - manages sessions and exports reports to various formats </li>
<li>svcrash - attempts to stop unauthorized svwar and svcrack scans </li>
</ul><div style="text-align: justify;">It was tested on the following systems: </div><ul style="text-align: justify;"><li><a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux </a></li>
<li><a href="http://www.toolwar.com/search/label/Mac" target="_blank">Mac OS X </a></li>
<li><a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows </a></li>
<li><a href="http://www.toolwar.com/search/label/FreeBSD" target="_blank">FreeBSD 6.2 </a></li>
<li>Jailbroken iPhone with python installed </li>
</ul><div style="text-align: justify;">If you use it on systems that are not mentioned here please let me know goes it goes. </div><h3 style="text-align: justify;">Tutorials ::</h3><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/Zp_gzjV8l4c?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div><div style="text-align: justify;"></div><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/3a7xJeNQfOk?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div><h3 style="text-align: justify;"> </h3><h3 style="text-align: justify;">Download ::</h3><div style="text-align: justify;"><b>Linux | Windows | Mac | FreeBSD :: </b><a href="http://sipvicious.googlecode.com/files/sipvicious-0.2.8.zip" target="_blank">SIPVicious v0.2.8</a> (.zip) | <a href="http://sipvicious.googlecode.com/files/sipvicious-0.2.8.tar.gz" target="_blank">SIPVicious v0.2.8</a> (.tar.gz)<b>
</b></div><div style="text-align: justify;"><b>Official Website :: </b> <a href="http://code.google.com/p/sipvicious/">http://code.google.com/p/sipvicious/</a></div>

SIPVicious (Auditing SIP Based VoIP System) :: Tools

SVMAP is a part of a suite of tools called SIPVicious and it’s my favorite scanner of choice It can be used to scan identify and fingerp...

Vyatta (Vitrual Router, Firewall and VPN) :: Framework

<div class="block-content content" style="text-align: justify;">
<div style="text-align: justify;">
<br />
<article class="article article-type-page clearfix" id="article-6745" role="article">                 <div class="article-content">
<div class="field field-name-body field-type-text-with-summary field-label-hidden">
<div class="field-items">
<div class="field-item even">
<div class="separator" style="clear: both; text-align: center;">
<img alt="Vyatta Logo" border="0" height="320" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjZ08VeGbo_xXjPTm80en0xpKtHVEsztocx4UkyNj8XcEOklwOsoLpOrOJ9RIi5nqp4y9IlAQ4uUUssHWFzDRGtuowfzaD9ujUFVSNWPnhTLhA8CJf3JethTM45UNfDaSOy-aplzk6SivT/s1600-rw/vyatta+logo.png" title="Vyatta Logo" width="320" /></div>
The  free community <b>Vyatta Core software(VC)</b> is an award-winning open source <a href="http://www.toolwar.com/search/label/Network" target="_blank"> network</a> operating system providing advanced IPv4 and IPv6 routing,  stateful <a href="http://www.toolwar.com/search/label/Firewalls" target="_blank">firewalling</a>, IPSec and SSL OpenVPN, and more. When you add  <b>Vyatta</b> to a standard x86 hardware system, you can create an enterprise  grade network appliance that easily scales from DSL to 10Gbps. <b>Vyatta</b> is  also optimized to run in VMware, Citrix XenServer, Xen, KVM, and Hyper  V, providing networking and <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a> services to <a href="http://www.toolwar.com/search/label/Virutal" target="_blank">virtual machines</a> and  cloud computing environments. <b>Vyatta</b> has been downloaded over 1,000,000  times, has a community of hundreds of thousands of registered users and  counts dozens of fortune 500 businesses among its commercial customers.<br />
On this site, you'll find all the downloads, <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a>, documentation,  and community resources to help you get up and running with your own  <b>Vyatta-based</b> system. Ask questions in the Forums. Propose new features  and vote on existing proposals. Participate and have fun. We have been  working together with our community for over five years to continue to  enhance the world's leading software-based network OS.<br />
A commercial version of the <b>Vyatta network OS</b> (Vyatta Subscription  Edition) is also available with enterprise-ready management and security  product extensions and complete engineering support including proactive  notifications of security alerts and software releases as well as  priority access to patches & bug fixes.<br />
<b>Vyatta's </b>open, software-based approach to networking has created a  complete network OS that can connect and secure physical <a href="http://www.toolwar.com/search/label/Network" target="_blank">networks</a> as  well as virtual and cloud computing infrastructures. <b>Vyatta</b> software and  appliances offer users a flexible, affordable alternative to  proprietary, hardware-based routers, firewalls, and VPN devices.<br />
Vyatta can help you: <br />
<ul>
<li>Affordably scale large BGP implementations </li>
<li>Keep your network safe with a stateful-inspection firewall </li>
<li>Securely connect remote offices with <a href="http://www.toolwar.com/search/label/VPN" target="_blank">VPN </a></li>
<li>Scale from DSL to 10-Gbps with a single software package</li>
<li>Avoid costly proprietary networking upgrades </li>
<li>Run virtualized networking environments in Xen, KVM and VMware </li>
<li>Add networking and security to blade servers in your data center </li>
<li>Offer cloud based managed security services </li>
<li>Add network redundancy regardless of vendor equipment </li>
<li>Build your own best-of-breed Branch office solution </li>
</ul>
<br />
The <b>Vyatta Core</b> is an integration of a number of components from a  variety of different sources, much the same way as a standard Linux  distribution. Many of the components are licensed under the GNU GPL.  Others carry a BSD license. Still others carry less-popular licenses.  All components of the <b>Vyatta Core</b> carry licenses defined as open source.<br />
License files are included with every package installed in the system  and can be viewed in the /usr/share/doc/package/copyright file.<br />
<br />
<h3>
Tutorials ::</h3>
<b>Use Tips and Tricks :: </b><a href="http://www.vyatta.org/documentation/tips-tricks" target="_blank">Click Here</a><b><br />
</b><br />
<b>Documentations :: </b><a href="http://www.vyatta.org/documentation/translated-docs" target="_blank">Click Here</a><br />
<b>Vyatta Forum :: </b><a href="http://www.vyatta.org/forum" target="_blank">Click Here</a> <br />
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div style="text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/5JJOE5zeVbM?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<h3>
Download ::</h3>
<b>Live CD :: </b><a href="http://packages.vyatta.com/vyatta/iso/VC6.6/vyatta-livecd_VC6.6R1_i386.iso" target="_blank">Vyatta Live CD v6.6</a> (.iso)<b></b><br />
<b>Visualization ISO :: </b><a href="http://packages.vyatta.com/vyatta/iso/VC6.6/vyatta-livecd_VC6.6R1_i386.iso" target="_blank">Vyatta Visualization v6.6</a> (.iso)<b> </b>
<b> </b><br />
<b>Official Website ::<a href="https://www.blogger.com/goog_2084089245"> </a></b><a href="http://www.vyatta.org/">http://www.vyatta.org/</a>
</div>
</div>
</div>
</div>
</article></div>
</div>

Vyatta (Vitrual Router, Firewall and VPN) :: Framework

The free community Vyatta Core software(VC) is an award-winning open source network operating system providing...

QualysGuard (Cloud Security) :: Framework

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghdzpjPZX2FLqOdTxqOBOsBcHPK-BGXs4z6FvMDEBWtOdSSQDhFqcOvSs8HLf2_C0gGeR9JzfehTMjygryKrJFU1Andf_8LVNhhNiAMihWAnzULkz0Qj63VCASwzVjkCQVNBGQnopmccia/s1600/qualys-logo.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Qualys logo" border="0" height="306" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghdzpjPZX2FLqOdTxqOBOsBcHPK-BGXs4z6FvMDEBWtOdSSQDhFqcOvSs8HLf2_C0gGeR9JzfehTMjygryKrJFU1Andf_8LVNhhNiAMihWAnzULkz0Qj63VCASwzVjkCQVNBGQnopmccia/s1600-rw/qualys-logo.jpeg" title="Qualys logo" width="320" /></a></div>
<div style="text-align: justify;">
<b>QualysGuard</b> is a popular <b>SaaS (software as a service) vulnerability  management</b> offering.  It's web-based UI offers <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> discovery and  mapping, asset prioritization, <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank">vulnerability</a> assessment reporting and  remediation tracking according to business risk.  Internal scans are  handled by Qualys appliances which communicate back to the <a href="http://www.toolwar.com/search/label/Cloud" target="_blank">cloud-based</a>  system.</div>
<h3 style="text-align: justify;">
Tutorials ::</h3>
<h3 style="text-align: justify;">
</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/XfeyNLb7ZDc?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/5Cbq5wudtZE?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3 style="text-align: justify;">
Download ::</h3>
<div style="text-align: justify;">
<b>Trial Linux | Mac | Windows :: </b><a href="http://www.qualys.com/forms/trials/qualysguard/" target="_blank">QualysGuard</a><b>
</b></div>
<div style="text-align: justify;">
<b>Official Website :: </b><a href="http://www.qualys.com/" target="_blank">http://www.qualys.com/ </a></div>

QualysGuard (Cloud Security) :: Framework

QualysGuard is a popular SaaS (software as a service) vulnerability management offering. It's web-based UI offers network discov...

GoLismero (The Web Knife) :: Framework

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJYxDNAmrpLOxGHjpb6huddkmpfTYX3pDCUkzAP5ZvTN4YHVhKeSoNVz0mP3edsRRLaggj3y4jcannl6jCd928BDdVuz0XMqsJrc4uaybV2Vo1azKfWDoSHkN3sWgH2iEF7wp3DJ79MdTj/s1600/Golismero+WIndows+Screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Golismero " border="0" height="380" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJYxDNAmrpLOxGHjpb6huddkmpfTYX3pDCUkzAP5ZvTN4YHVhKeSoNVz0mP3edsRRLaggj3y4jcannl6jCd928BDdVuz0XMqsJrc4uaybV2Vo1azKfWDoSHkN3sWgH2iEF7wp3DJ79MdTj/s1600-rw/Golismero+WIndows+Screenshot.png" title="Golismero " width="640" /></a></div>
<div style="text-align: justify;">
<b>GoLismero</b> is an open source framework for <a href="http://www.toolwar.com/search/label/Security" target="_blank"><b>security testing</b></a>. It's 
currently geared towards <a href="http://www.toolwar.com/search/label/Web" target="_blank">web</a> security, but it can easily be expanded to 
other kinds of scans.</div>
<div style="text-align: justify;">
The most interesting features of the <a href="http://www.toolwar.com/search/label/Frameworks" target="_blank">framework</a> are:</div>
<ul style="text-align: justify;">
<li>Real platform independence. Tested on <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a>, <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a>, *BSD and <a href="http://www.toolwar.com/search/label/Mac" target="_blank">OS X</a>.</li>
<li>No native library dependencies. All of the framework has been written in pure Python.</li>
<li>Good performance when compared with other frameworks written in Python and other scripting languages.</li>
<li>Very easy to use.</li>
<li>Plugin development is extremely simple.</li>
<li>The framework also collects and unifies the results of well known tools: <a href="http://www.toolwar.com/2013/09/sqlmap-tools.html" target="_blank">sqlmap</a>, xsser, <a href="http://www.toolwar.com/2013/09/openvas-is-advanced-open-source.html" target="_blank">openvas</a>, <a href="http://www.toolwar.com/2013/10/dnsrecon-tools.html" target="_blank">dnsrecon</a>, <a href="http://www.toolwar.com/2013/09/theharvester-tools.html" target="_blank">theharvester</a>...</li>
<li>Integration with standards: CWE, CVE and OWASP.</li>
<li>Designed for cluster deployment in mind (not available yet).</li>
</ul>
<h3>
Tutorials ::</h3>
<b>Installation :: </b> <br />
Strictly speaking, GoLismero doesn't require installation - only its 
dependencies do. So if you want to use it on a system where you don't 
have root privileges, you can ask the system administrator to install 
them for you, and just run the "git checkout" command on your home 
folder.<br />
<b>Briefly Tutorial of Installation :: </b> <a href="https://github.com/golismero/golismero">Click Here</a><br />
<b>Basic Usages ::</b> <a href="https://github.com/golismero/golismero" target="_blank">Click Here</a><br />
<h3>
Download ::</h3>
<b>Linux | Mac | Windows :: </b><a href="https://github.com/golismero/golismero/archive/master.zip" target="_blank">GoLismero Archive</a> (.zip)<b> </b><br />
<b>Official Website :: </b><a href="https://github.com/golismero/golismero" target="_blank">https://github.com/golismero/golismero</a>

GoLismero (The Web Knife) :: Framework

GoLismero is an open source framework for security testing . It's currently geared towards web security, but it can easily be expa...

SAINT 8 (Security Auditing Suite) :: Framework

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<img alt="SAINT LOGO" border="0" height="107" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgA7ITNbIsTcKUwW4ShEmmGIi_tc3r93_yUAm8uaCmmHsBBhYfr3EemJ8Cqkmicl1Fhpd9D3UxPy_DS7kuqAJEVvVADbttEn7PYmcWl3xA3gQEQWKeMojScYzNb7yO1L08sAs_4K6kEYXHm/s1600-rw/SAINT.jpg" title="SAINT LOGO" width="200" /></div>
<b>SAINT 8</b> is a <b>fully-integrated security tool suite</b> that combines <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank">vulnerability scanning</a>, with <a href="http://www.toolwar.com/search/label/Penetration" target="_blank">penetration testing</a>, social engineering 
tools and configuration assessments. Use the combined power of these 
tools to identify vulnerabilities on <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> devices, operating systems,
 desktop applications, <a href="http://www.toolwar.com/search/label/Web" target="_blank">Web applications</a>, databases, and more; run 
packaged penetration tests through pre-configured policies, run 
vulnerability-specific exploits for target-directed investigation; 
execute social engineering through packaged exploit Tools; and execute 
platform-specific configuration auditing, using NIST’s SCAP standards 
and protocols.  <b>SAINT 8 </b>then provides a robust set of <a href="http://www.toolwar.com/search/label/Analysis" target="_blank">analysis</a> and 
reporting features to perform ad hoc analytics, view strategic level 
results across 1 or many assessments, and then build reports from 
pre-defined templates, compliance reports or build your own custom 
reports from over 150 customizable settings. <b>SAINT's</b> current repository 
includes over 4,200 <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank">vulnerability</a> checks and 900+ exploits - which span 
over 48,000 Common Vulnerability Exposures (CVEs), plus numerous 
vulnerabilities that do not currently have a CVE assigned. Vulnerability
 checks and exploit development is a daily activity, that includes 
delivery of new checks twice a week, through an automated plug-in. This 
agentless scanning solution can be delivered via a cloud-based version <b>
(WebSAINT Pro 8)</b>, deployed standalone, shared as a server-based 
solution, or as a multi-<a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanner</a> architecture for large enterprise or 
load balanced scanning.</div>
<br />
<h3>
Tutorials ::</h3>
<b>Video Tutorial :: </b><a href="http://www.youtube.com/watch?v=ibW6gLNYrf8" target="_blank">Click Here </a><br />
<b>Exploit Tools List :: </b><a href="http://www.saintcorporation.com/solutions/exploitTools.html" target="_blank">Click Here</a><b></b><br />
<br />
<h3>
Download :: </h3>
<b>Windows :: </b><a href="https://www.saintcorporation.com/resources/requestEvaluation.html" target="_blank">Request a Evaluation Copy</a><b> </b><br />
<b>Official Website :: </b><a href="https://www.saintcorporation.com/products/SAINT8.html">https://www.saintcorporation.com/products/SAINT8.html</a><br />
<b>Submitted By :: </b>SAINT Corporation <br />
<div style="text-align: justify;">
<br /></div>

SAINT 8 (Security Auditing Suite) :: Framework

SAINT 8 is a fully-integrated security tool suite that combines vulnerability scanning , with penetration testing , social engineering ...

Pytbull (IDS/IPS Testing) :: Framework

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
 <img alt="pytbull ids mode" border="0" height="291" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBUJPMHKujz46n6sRck2NZDM075hEsNEerHmckZ-25awz2AFXTsWET-KZg7ngqkBZi0hpKmBHgm9_EwaLliZYrhmFPjNhRYcjqM3beHBHH4szekg9xDZKMPb1parSaCEd4KfgunPEj-e4f/s1600-rw/pytbull-ids-mode.png" title="pytbull ids mode" width="400" /></div>
<b>Pytbull</b> is an <b>Intrusion Detection/Prevention System (IDS/IPS) testing framework</b> for <i><a href="http://www.toolwar.com/2013/09/snort-tools_7.html" target="_blank">Snort</a> and Suricata.</i> We all know the greatness of these two projects. Even though it concentrates on Snort and Suricata, it can possibly be used to test the <a href="http://www.toolwar.com/search/label/Detect" target="_blank">detection</a> and blocking capabilities of other <b><a href="http://www.toolwar.com/search/label/IDS" target="_blank">IDS</a>/<a href="http://www.toolwar.com/search/label/IPS" target="_blank">IPS</a></b> also. You can also use it to compare IDS/IPS, or compare their configuration modifications or to simply check/validate configurations. The <a href="http://www.toolwar.com/search/label/Frameworks" target="_blank">framework</a> is well equipped with about 300 tests grouped in 8 testing modules, such as:You've just set up your Intrusion Detection/Prevention System  (IDS/IPS) and feel "Now I'm secure". But how can you be so sure? And how  much do you trust your IDS/IPS?</div>
<div style="text-align: justify;">
The only way to ensure your <b>IDS/IPS</b> detects and blocks unwanted  traffic is to test it with specific payloads and <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a>, but this job can  take hours or even days...</div>
<div style="text-align: justify;">
Why all this pain? Here is where pytbull comes in!</div>
<div style="text-align: justify;">
<b>Pytbull</b> is a <a href="http://www.toolwar.com/search/label/Python" target="_blank">python</a> based flexible IDS/IPS <a href="http://www.toolwar.com/search/label/Testing" target="_blank">testing</a> framework  shipped with more than 300 tests, grouped in 9 modules, covering a large  scope of attacks (clientSideAttacks, testRules, badTraffic,  fragmentedPackets, multipleFailedLogins, evasionTechniques, shellCodes,  denialOfService, pcapReplay)</div>
<div style="text-align: justify;">
<br /></div>
<h3 style="text-align: justify;">
Tutorials ::</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/_zS1f-F9niw?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div style="text-align: justify;">
<br /></div>
<h3 style="text-align: justify;">
Download ::</h3>
<div style="text-align: justify;">
<b>Linux ::</b> <a href="https://downloads.sourceforge.net/project/pytbull/pytbull-2.0.tar.bz2" target="_blank">Pytbull v2.0</a> (.tar.bz2)</div>
<div style="text-align: justify;">
<b>Official Website :: </b>http://pytbull.sourceforge.net/ </div>

Pytbull (IDS/IPS Testing) :: Framework

Pytbull is an Intrusion Detection/Prevention System (IDS/IPS) testing framework for Snort and Suricata. We all know the greatness o...

Subscribe to: Comments ( Atom )