ToolWar | Information Security (InfoSec) Tools: Scanner

WebReaver (Advanced Web Security Scanner) :: Framework

<p style="text-align: center;"><img alt="WebReaver (Advanced Web Security Scanner)" border="0" data-original-height="1180" data-original-width="2048" height="230" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3ne2Pm852WocBoS6pz22kpKIauMIwx-ZeFPTcJO-aGtAj8oSokpLjpSwuepPZHfMMuzME0wJa_nx8KJc62uNIUMKOuGHy9Pdf_-zlKrlYFmpW3gVbABfveI7jWvWSWUKFOEyyiUGrtMQ/w400-h230-rw/01.png" title="WebReaver (Advanced Web Security Scanner)" width="400" />  </p><p>WebReaver is an elegant, easy to use and fully-automated, web 
application security security testing tool for Mac, Windows and Linux, 
suitable for novice as well as advanced users.</p>
<p>WebReaver allows you easily test any web application for a large 
variety of web vulnerabilities from the sever kinds such as SQL 
Injection, Local and Remote File Includes, Command Injection, Cross-site
 Scripting and Expression Injection to the less severe ones such as 
variety of session and headers problems, information leakage and many 
more.</p><p><b>Tutorial</b>:</p><p> </p><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="" class="BLOG_video_class" height="266" src="https://www.youtube.com/embed/4w5QbNTED8I" width="320" youtube-src-id="4w5QbNTED8I"></iframe></div><br /><br /><p></p><p><b>Download :</b></p><p><a href="https://s3-eu-west-1.amazonaws.com/data-desktop.secapps.com/webreaver/WebReaver+Setup+0.1.0.exe" rel="nofollow" target="_blank">Windows</a><b> |</b> <a href="https://s3-eu-west-1.amazonaws.com/data-desktop.secapps.com/webreaver/WebReaver-0.1.0.dmg" rel="nofollow" target="_blank">macOS</a><b> | </b><a href="https://s3-eu-west-1.amazonaws.com/data-desktop.secapps.com/webreaver/WebReaver-0.1.0-x86_64.AppImage" rel="nofollow" target="_blank">Linux</a><b><br /></b></p><p><a href="https://webreaver.com/" rel="nofollow" target="_blank"><b>Official Website</b> <br /></a></p>

WebReaver (Advanced Web Security Scanner) :: Framework

WebReaver is an elegant, easy to use and fully-automated, web application security security testing tool for Mac, Windows and Linux, sui...

Sublist3r - Subdomain Enumeration / Scanner : Tools

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiX9xrud6fayQX7f2OmbYU-qjmsBfi35Y0IOMLeMSt1J-XnREvEI3TP99ySPRbENncML8CtP-8Nj8ppzVMR1nkfJWP_4ACocVhp1ZkHhCTFlQlNxlDPkC0htQNyVAN8KELdRTWwRfydGVt3/s1600/Sublist3r.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Sublist3r - Subdomain Enumeration" border="0" data-original-height="413" data-original-width="867" height="190" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiX9xrud6fayQX7f2OmbYU-qjmsBfi35Y0IOMLeMSt1J-XnREvEI3TP99ySPRbENncML8CtP-8Nj8ppzVMR1nkfJWP_4ACocVhp1ZkHhCTFlQlNxlDPkC0htQNyVAN8KELdRTWwRfydGVt3/s400-rw/Sublist3r.JPG" title="Sublist3r - Subdomain Scanner" width="400" /></a></div>
<div style="text-align: justify;">
Sublist3r is a python tool designed to enumerate subdomains of websites 
using OSINT. It helps penetration testers and bug hunters collect and 
gather subdomains for the domain they are targeting. Sublist3r 
enumerates subdomains using many search engines such as Google, Yahoo, 
Bing, Baidu, and Ask. Sublist3r also enumerates subdomains using 
Netcraft, Virustotal, ThreatCrowd, DNSdumpster, and ReverseDNS.</div>
<div style="text-align: justify;">
<br /></div>
<h2 style="text-align: justify;">
<span style="font-size: large;">Installation:</span></h2>
<blockquote class="tr_bq">
<pre><code>git clone https://github.com/aboul3la/Sublist3r.git</code></pre>
</blockquote>
<b><span style="font-size: small;">Dependencies:</span></b><br />
<blockquote class="tr_bq">
<pre><code>sudo pip install -r requirements.txt</code></pre>
</blockquote>
<b><span style="font-size: small;">How To Use:</span></b> <br />
<blockquote class="tr_bq">
<span style="font-size: large;"> </span><code>python sublist3r.py -v -d example.com</code></blockquote>
where -V : Verbose, -d : Domain<br />
<br />
<h3>
<b>Download:: </b> </h3>
Linux & Windows : <a href="https://github.com/aboul3la/Sublist3r" rel="nofollow" target="_blank">Sublis3r (Official Page)</a>

Sublist3r - Subdomain Enumeration / Scanner : Tools

Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collec...

Mobile Security Framework (MobSF) : Framework

<div class="separator" style="clear: both; text-align: center;">
<img alt="Mobile Security Framework : ToolWar" border="0" height="232" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg92QuRFrhtVqI-D5Nzc-bu8_p0vvCirYl6qqK45JFNtlLSChwXklrMauZ_BLYvAZfq7H7ml0YTzaijl0GfbktnY_-sHW34h8B1tteqowCXjg_ELksZixDcb5Ff1B0JPxCVUTK9mYO9iNhL/s400-rw/MobSF.png" title="Mobile Security Framework : ToolWar" width="400" /></div>
<div style="text-align: justify;">
<b>Mobile Security Framework (MobSF)</b> is an intelligent, all-in-one open 
source mobile application (Android/iOS) automated pen-testing framework 
capable of performing static and dynamic analysis. It can be used for 
effective and fast security analysis of Android and iOS Applications and
 supports both binaries (APK & IPA) and zipped source code.<b> MobSF</b> 
can also perform Web API Security testing with it's API Fuzzer that can 
do Information Gathering, analyze Security Headers, identify Mobile API 
specific vulnerabilities like XXE, SSRF, Path Traversal, IDOR, and other
 logical issues related to Session and API Rate Limiting.</div>
<div style="text-align: justify;">
<br /></div>
<h3>
Tutorial: </h3>
<ul>
<li><a href="https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/wiki/1.-Documentation">https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/wiki/1.-Documentation</a></li>
</ul>
<h3>
Video Tutorial: </h3>
<h3>
Download: <strong> </strong></h3>
<strong>Windows</strong>: Extract the <a href="https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/archive/master.zip" target="_blank">MobSF</a> compressed file to C:\MobSF<strong> </strong><br />
<strong>Mac</strong>: Extract <a href="https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/archive/master.zip" target="_blank">MobSF</a> compressed file to /Users/[username]/MobSF<strong> </strong><br />
<strong>Linux</strong>: Extract <a href="https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/archive/master.zip" target="_blank">MobSF</a> compressed file to /home/[username]/MobSF<br />
<br />
<div style="text-align: justify;">
<br /></div>

Mobile Security Framework (MobSF) : Framework

Mobile Security Framework (MobSF) is an intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing fram...

Sandcat Browser (Web Penetration Testing) :: Framework

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTNeBldokTCCp2sKPEkIFaDYKilr89PbQIxdeIWaz7JEOT9ziJ36DF-zxINRCMAbUy_Rc-T4mqfPDm3Xl4N6chlKsO3pt3ex66r0qn8tqjYWzD6SbtSiTx3GHA8JDP2E633tsV5RAGFdVa/s1600/sandcat+browser+screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="sandcat browser screenshot" border="0" height="310" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTNeBldokTCCp2sKPEkIFaDYKilr89PbQIxdeIWaz7JEOT9ziJ36DF-zxINRCMAbUy_Rc-T4mqfPDm3Xl4N6chlKsO3pt3ex66r0qn8tqjYWzD6SbtSiTx3GHA8JDP2E633tsV5RAGFdVa/s400-rw/sandcat+browser+screenshot.png" title="sandcat browser screenshot" width="400" /></a></div>
<div style="text-align: justify;">
</div>
<div style="text-align: justify;">
<b>Sandcat Browser</b> is the fastest web browser combined with the fastest scripting language packed with features for pen-testers<b>. Sandcat Browser</b> is a freeware portable pen-test oriented multi-tabbed  web browser with extensions support developed by the Syhunt team. The <b> Sandcat Browser</b> is built on top of Chromium, the same engine that powers the Google Chrome browser, and uses the Lua programming language to provide extensions and scripting support. </div>
<div class="vspace" style="text-align: justify;">
Some of its unique features include: </div>
<ul style="text-align: justify;">
<li><b>Live HTTP Headers</b> — built-in live headers with a dedicated cache per tab and support for preview extensions </li>
<li><b>Sandcat Console</b> — an extensible command line console; Allows you to easily run custom commands and scripts in a loaded page </li>
<li><b>Resources</b> tab  — allows you to view the page resources, such as JavaScript files and other web files. </li>
<li><b>Page Menu</b> extensions — allows you to view details about a page and more. </li>
<li><b>Pen-Tester Tools</b> — Sandcat comes with a  multitude of pen-test oriented extensions. This includes a Fuzzer, a  Script Runner, HTTP & XHR Editors, Request Loader, Request Replay  capabilities and more. </li>
</ul>
<div class="vspace" style="text-align: justify;">
Features inherited from Chromium include: </div>
<ul style="text-align: justify;">
<li><b>Multi-Process Architecture</b> — each tab is its own process </li>
<li><b>Developer Tools</b> — in addition to the Chromium Developer Tools, Sandcat comes with a Source Code Editor and its own JavaScript and Lua consoles. </li>
</ul>
<h3 style="text-align: justify;">
<b> </b></h3>
<h3 style="text-align: justify;">
<b>Tutorials ::</b></h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/xdeXF4F4T_Q?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<div style="text-align: justify;">
<br /></div>
<h3 style="text-align: justify;">
<b>Download ::</b></h3>
<div style="text-align: justify;">
<b>Windows :: </b><a href="http://www.syhunt.com/pub/downloads/sandcat-browser-4.4.exe" target="_blank">Sandcat v4.4</a><b> </b></div>
<div style="text-align: justify;">
<b>Official Website :: </b><a href="http://www.syhunt.com/?n=Sandcat.Browser">http://www.syhunt.com/?n=Sandcat.Browser</a><b>
</b></div>
<h3 style="text-align: justify;">
</h3>
<div style="text-align: justify;">
</div>

Sandcat Browser (Web Penetration Testing) :: Framework

Sandcat Browser is the fastest web browser combined with the fastest scripting language packed with features for pen-testers . Sandcat...

Volatility (Advanced Memory Forensics Framework) :: Framework

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<img alt="Volatility Framework (Advance Memory Framework)" border="0" height="244" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjwYsvSKFWGazVkY8HTm3e9MOP8FLgDHrNIEhfik5auQuUNypN7S2Vl_ZHpcAkdSMaAcULytu3T0GEW5lT53Towrr6YEo48gjALbDFYqIdwWgbH_SwnzwssHoTNoZWyDysqNDN1W5rFYL0S/s320-rw/volatility+logo.png" title="Volatility Framework (Advance Memory Framework)" width="320" /></div>
<b>Volatility Framework</b> is a <i>Advanced Memory Forensics Framework. </i>The <b>Volatility Framework</b>  is a completely open collection of <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a>, implemented in <a href="http://www.toolwar.com/search/label/Python" target="_blank">Python</a> under  the GNU General Public License, for the extraction of digital artifacts  from volatile <a href="http://www.toolwar.com/search/label/Memory" target="_blank">memory</a> (RAM) samples. The extraction techniques are  performed completely independent of the system being investigated but  offer unprecedented visibilty into the runtime state of the system.  The <a href="http://www.toolwar.com/search/label/Frameworks" target="_blank"> framework</a> is intended to introduce people to the techniques and  complexities associated with extracting digital artifacts from volatile <a href="http://www.toolwar.com/search/label/Memory" target="_blank"> memory</a> samples and provide a platform for further work into this  exciting area of research.   <br />
The <b>Volatility Framework</b>  demonstrates our commitment to and belief in the importance of open  source digital investigation <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a> . Volatile Systems is committed to  the belief that the technical procedures used to extract digital  evidence should be open to peer analysis and review.  We also believe  this is in the best interest of the digital investigation community, as  it helps increase the communal knowledge about systems we are forced to  investigate.   Similarly, we do not believe the availability of these  tools should be restricted and therefore encourage people to modify,  extend, and make derivative works, as permitted by the GPL.   </div>
<h3 style="text-align: left;">
<span style="font-size: small;">Capabilities :-</span></h3>
<div style="text-align: justify;">
The <b>Volatility Framework</b> currently provides the following extraction capabilities for memory samples   </div>
<ul style="list-style-type: disc; text-align: justify;">
<li>Image information (date, time, CPU count)</li>
<li>Running processes</li>
<li>Process SIDs and environment variables</li>
<li>Open network sockets</li>
<li>Open network connections</li>
<li>DLLs loaded for each process</li>
<li>Open handles to all kernel/executive objects (files, keys, mutexes)</li>
<li>OS kernel modules</li>
<li>Dump any process, DLL, or module to disk</li>
<li>Mapping physical offsets to virtual addresses</li>
<li>Virtual Address Descriptor information</li>
<li>Addressable memory for each process</li>
<li>Memory maps for each process</li>
<li>Extract executable samples</li>
<li>Scanning examples: processes, threads, sockets, connections, modules</li>
<li>Command histories (cmd.exe) and console input/output buffers</li>
<li>Imported and exported API functions</li>
<li>PE version information</li>
<li>System call tables (IDT, GDT, SSDT)</li>
<li>API hooks in user- and kernel-mode (inline, IAT, EAT, NT syscall, winsock)</li>
<li>Explore cached registry hives</li>
<li>Dump LM/NTLM hashes and LSA secrets</li>
<li>User assist and shimcache exploration</li>
<li>Scan for byte patterns, regular expressions, or strings in memory</li>
<li>Analyze kernel timers and callback functions</li>
<li>Report on windows services</li>
</ul>
<h3>
Tutorial ::</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/zhQP07YKLL0?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3>
</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/zXh-1mK5FyU?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3>
</h3>
<h3>
Download ::</h3>
<b>Windows :: </b><a href="https://volatility.googlecode.com/files/volatility-2.3.1.standalone.exe" target="_blank">Volatility 2.3.1 Standalone </a><b>
</b>
<b> </b><br />
<b>Linux :: </b><a href="https://volatility.googlecode.com/files/volatility-2.3.1.tar.gz" target="_blank">Volatility 2.3.1.tar.gz</a><b>
</b>
<b> </b><br />
<b>Mac :: </b><a href="https://volatility.googlecode.com/files/MacProfilesAll.zip" target="_blank">Volatility Framework </a><br />
<b></b><b>Source :: </b><a href="https://code.google.com/p/volatility/">https://code.google.com/p/volatility/</a><b>
</b>

Volatility (Advanced Memory Forensics Framework) :: Framework

Volatility Framework is a Advanced Memory Forensics Framework. The Volatility Framework is a completely open collection of tools , imp...

Fern WiFi Cracker (Wireless Security Auditing) :: Tools

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg_r9FW3TnXSaixk_XdPQeulTjkmnrUgCEaSMttahhSYB74fXxI7yrdv1fpiOwsdke6A8UYl_jOglpFZZF0snnVewT3z3Er5LlcI-Roo6j-vtoGbv6kPZMrd9BUb6gl3IdqLt_Iqp2tDCCF/s1600/fern+wifi+cracker+toolwar.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg_r9FW3TnXSaixk_XdPQeulTjkmnrUgCEaSMttahhSYB74fXxI7yrdv1fpiOwsdke6A8UYl_jOglpFZZF0snnVewT3z3Er5LlcI-Roo6j-vtoGbv6kPZMrd9BUb6gl3IdqLt_Iqp2tDCCF/s1600-rw/fern+wifi+cracker+toolwar.png" /></a></div>
<div style="text-align: justify;">
<b>Fern Wifi Cracker</b> is a <b><i>Wireless security auditing</i></b> and attack software program written using the <a href="http://www.toolwar.com/search/label/Python" target="_blank">Python</a> Programming Language and the Python Qt GUI library,  the program is able to crack and recover WEP/WPA/WPS keys and also run  other <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> based <a href="http://www.toolwar.com/search/label/Attack" target="_blank">attacks</a> on wireless or ethernet based networks.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>Features :-</b></div>
<div style="text-align: justify;">
<ul>
<li>WEP <a href="http://www.toolwar.com/search/label/Cracking" target="_blank">Cracking</a> with Fragmentation,Chop-Chop, Caffe-Latte, Hirte, ARP Request Replay or WPS attack </li>
<li>WPA/WPA2 Cracking with Dictionary or WPS based attacks</li>
<li>Automatic saving of key in database on successful crack</li>
<li>Automatic Access Point Attack System</li>
<li>Session Hijacking (Passive and Ethernet Modes)</li>
<li>Access Point MAC Address Geo Location Tracking</li>
<li>Internal <a href="http://www.toolwar.com/search/label/MITM" target="_blank">MITM</a> Engine</li>
<li>Bruteforce Attacks (HTTP,HTTPS,TELNET,FTP)</li>
<li>Update Support</li>
</ul>
<h3>
<b>Tutorials ::  </b></h3>
<b>Session Hijacking Demonstration ::</b><br />
<b> </b> <br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/Bi-8JRNpMqo?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<br />
<b>Bruteforcing Routers with Fern-Wifi-Cracker ::</b>  <br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/_ztQQWMoVX4?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<br />
<b>Cracking WEP Security with Fern-Wifi-Cracker ::</b>  <br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/vpiOPEZD6qw?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<br />
<h3>
<b>Download :: </b></h3>
<b>Download Here :: </b><a href="http://code.google.com/p/fern-wifi-cracker/downloads/list" target="_blank">Fern WiFi Cracker</a> <b> </b><br />
<b>Source Website ::</b> <a href="http://code.google.com/p/fern-wifi-cracker/">http://code.google.com/p/fern-wifi-cracker/</a></div>
</div>

Fern WiFi Cracker (Wireless Security Auditing) :: Tools

Fern Wifi Cracker is a Wireless security auditing and attack software program written using the Python Programming Language and the P...

KisMAC (Sniffer/Scanner for Mac OS X) :: Tools

<div class="separator" style="clear: both; text-align: center;">
<img alt="KisMAC Logo" border="0" height="277" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhT0hq_xqF0S3TgubdqI2kXMyQJdIa4Xw5tz6EqhN_X9lUnO1W1Dy4wjcwJ9tMbIWnyC8-GYuHFmw13erY5ILu7_KOBlGEksaYGYIK-_qu-pDLXXY2SdMuEAG8TXkP4qSN0eOa4tJo6OGPl/s1600-rw/kisMAC+logo.png" title="KisMAC Logo" width="320" /></div>
<div style="text-align: justify;">
<b>KisMAC</b> is a popular <b>wireless stumbler for Mac OS X</b> offers many of the features of its namesake <a class="local" href="http://www.toolwar.com/2013/09/kismet-tools.html" target="_blank">Kismet</a>,  though the codebase is entirely different. Unlike console-based Kismet,  <b>KisMAC</b> offers a pretty <a href="http://www.toolwar.com/search/label/GUI" target="_blank">GUI</a> and was around before Kismet was ported to  OS X. It also offers mapping, Pcap-format import and logging, and even  some decryption and deauthentication attacks.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>KisMAC</b> is an open-source and free <a href="http://www.toolwar.com/search/label/Sniffer" target="_blank">sniffer</a>/<a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanner</a> application for <a href="http://www.toolwar.com/search/label/Mac" target="_blank">Mac OS X</a>. It has an advantage over MacStumbler / iStumbler / <a href="http://www.toolwar.com/2013/09/netstumbler-tools.html" target="_blank">NetStumbler</a> in  that it uses monitor mode and passive scanning.  </div>
<div style="text-align: justify;">
KisMAC supports many third party <a href="http://www.toolwar.com/search/label/USB" target="_blank">USB</a> devices:  Intersil Prism2, Ralink  rt2570, rt73, and Realtek rtl8187 chipsets. All of the internal AirPort  hardware is supported for scanning. </div>
<div style="text-align: justify;">
The rest of this wiki assumes you are prepared for advanced topics and know what you are doing with your system. </div>
<h3 id="Features" style="text-align: justify;">
Features ::</h3>
<ul style="text-align: justify;">
<li>Reveals hidden / cloaked / closed SSIDs </li>
<li>Shows logged in clients (with MAC Addresses, IP addresses and signal strengths) </li>
<li>Mapping and GPS support </li>
<li>Can draw area maps of network coverage </li>
<li>PCAP import and export </li>
<li>Support for 802.11b/g </li>
<li>Different attacks against encrypted networks </li>
<li>Deauthentication attacks </li>
<li>AppleScript-able </li>
<li>Kismet drone support (capture from a Kismet drone) </li>
</ul>
<h3 id="Supportedhardwarechipsets" style="text-align: justify;">
Supported Hardware Chipsets :: </h3>
<ul style="text-align: justify;">
<li>Apple AirPort and AirPort Extreme (dependent upon Apple's drivers) </li>
<li>Intersil Prism 2, 2.5, 3  USB devices </li>
<li>Ralink rt2570 and rt73 USB devices </li>
<li>Realtek RTL8187L USB (such as the Alfa AWUS036H, which does not work on Mac OS 10.6.7 or later) </li>
</ul>
<h3 id="Cryptosupport" style="text-align: justify;">
Crypto Support :: </h3>
<ul style="text-align: justify;">
<li>Bruteforce attacks against LEAP, WPA and WEP </li>
<li>Weak scheduling attack against WEP </li>
<li>Newsham 21-bit attack against WEP </li>
</ul>
<h3 style="text-align: justify;">
Tutorials :: </h3>
<div style="text-align: justify;">
<b>Wiki ::</b> <a href="http://trac.kismac-ng.org/" target="_blank">Click Here</a></div>
<div style="text-align: justify;">
<b>Forum ::</b> <a href="http://forum.kismac-ng.org/" target="_blank">Click Here </a></div>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/lBGN5OGCPgI?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3 style="text-align: justify;">
Download :: </h3>
<div style="text-align: justify;">
<b>Mac :: </b><a href="http://update.kismacmirror.com/binaries/KisMAC-0.3.3.dmg" target="_blank">KisMAC v0.3.3</a> (.dmg)<b>
</b></div>
<div style="text-align: justify;">
<b>Official Website ::  </b><a href="http://kismac-ng.org/">http://kismac-ng.org/</a></div>

KisMAC (Sniffer/Scanner for Mac OS X) :: Tools

KisMAC is a popular wireless stumbler for Mac OS X offers many of the features of its namesake Kismet , though the codebase is entirel...

SIPVicious (Auditing SIP Based VoIP System) :: Tools

<div style="text-align: justify;"><div class="separator" style="clear: both; text-align: center;"><img alt="SIP VoIP " border="0" height="324" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgs5pKQQ6VdyR7URrQT6nS1VVL0igxhRv5L4g9jfkKRkBLjfBegI6eKZANJ63AqMiWYIf8m2YEb8azNj4j9bwx-gCWo_jYM66n1k2GggJOHg0mLwLS0hJ7h7UWskxn3gWk6PAqEtxcvgABJ/s1600-rw/SIP+VoIP.png" title="SIP VoIP " width="640" /></div><b>SVMAP</b> is a part of a suite of tools called <b>SIPVicious</b> and it’s my  favorite <a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanner</a> of choice It can be used to scan identify and fingerprint a single IP or a range  of IP addresses. <b>Svmap</b> allows specifying the request method which is being used for  scanning, the default method is OPTIONS, it offers debug and verbosity  options and even allows scanning the SRV records for SIP on the  destination domain. You can use the <b>./svmap –h</b> in order to view all the available arguments </div><div style="text-align: justify;"><b>SIPVicious suite</b> is a set of <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a> that can be used to audit SIP based <a href="http://www.toolwar.com/search/label/VOIP" target="_blank">VoIP systems</a>.  It currently consists of four tools: </div><ul style="text-align: justify;"><li>svmap - this is a sip scanner. Lists SIP devices found on an IP range </li>
<li>svwar - identifies active extensions on a PBX </li>
<li>svcrack - an online password cracker for SIP PBX </li>
<li>svreport - manages sessions and exports reports to various formats </li>
<li>svcrash - attempts to stop unauthorized svwar and svcrack scans </li>
</ul><div style="text-align: justify;">It was tested on the following systems: </div><ul style="text-align: justify;"><li><a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux </a></li>
<li><a href="http://www.toolwar.com/search/label/Mac" target="_blank">Mac OS X </a></li>
<li><a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows </a></li>
<li><a href="http://www.toolwar.com/search/label/FreeBSD" target="_blank">FreeBSD 6.2 </a></li>
<li>Jailbroken iPhone with python installed </li>
</ul><div style="text-align: justify;">If you use it on systems that are not mentioned here please let me know goes it goes. </div><h3 style="text-align: justify;">Tutorials ::</h3><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/Zp_gzjV8l4c?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div><div style="text-align: justify;"></div><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/3a7xJeNQfOk?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div><h3 style="text-align: justify;"> </h3><h3 style="text-align: justify;">Download ::</h3><div style="text-align: justify;"><b>Linux | Windows | Mac | FreeBSD :: </b><a href="http://sipvicious.googlecode.com/files/sipvicious-0.2.8.zip" target="_blank">SIPVicious v0.2.8</a> (.zip) | <a href="http://sipvicious.googlecode.com/files/sipvicious-0.2.8.tar.gz" target="_blank">SIPVicious v0.2.8</a> (.tar.gz)<b>
</b></div><div style="text-align: justify;"><b>Official Website :: </b> <a href="http://code.google.com/p/sipvicious/">http://code.google.com/p/sipvicious/</a></div>

SIPVicious (Auditing SIP Based VoIP System) :: Tools

SVMAP is a part of a suite of tools called SIPVicious and it’s my favorite scanner of choice It can be used to scan identify and fingerp...

NBTScan (Scans for Open NETBIOS Name Servers) :: Tools

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjdxS-BqEkVq8gRluzMKok1FYN4f43CO1Nnia5lF4ZTvXelpQ-Z0lC0lJaBxzhpiwFLZgrk16y7re7wk-pbt1ZcUl405HynotcqrIyBXTQdkdqkzndKFNmdELfpOXIW8jXlCv-B8F8Geaxp/s1600/nbtscan+screenshot.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="nbtscan screenshot windows" border="0" height="333" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjdxS-BqEkVq8gRluzMKok1FYN4f43CO1Nnia5lF4ZTvXelpQ-Z0lC0lJaBxzhpiwFLZgrk16y7re7wk-pbt1ZcUl405HynotcqrIyBXTQdkdqkzndKFNmdELfpOXIW8jXlCv-B8F8Geaxp/s1600-rw/nbtscan+screenshot.gif" title="nbtscan screenshot windows" width="400" /></a></div>
<div style="text-align: justify;">
<b>nbtscan</b> is a <a href="http://www.toolwar.com/search/label/CLI" target="_blank">command-line tool</a> that scans for open <b>NETBIOS nameservers</b> on a local or remote TCP/IP <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a>, and this is a first step in finding of open shares. It is based on the functionality of the standard <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows tool</a> nbtstat, but it operates on a range of addresses instead of just one. I wrote this <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tool</a> because the existing tools either didn't do what I wanted or ran only on the Windows platforms: mine runs on just about everything.</div>
<div style="text-align: justify;">
<b>Windows</b> - The Win32 version of the tool, which works well on Windows 9x,
NT and 2000, is available below as nbtscan.exe.
It's written in portable C and is less than 40 kbytes, requires no
special libraries or DLLs, and is run in an MS-DOS command window. I
promise that the tools have no viruses, backdoors, or any other kind of
overt bad behavior.  I don't promise that there are no bugs.
</div>
<div style="text-align: justify;">
<b>LINUX</b> - the code works fine on <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a>, and a version built on Red
Hat Linux 6.2 is available as well. I have reports that this binary works on
Red Hat Linux 6.0 - 8.0, Debian "woody", and Mandrake 8.1 (we don't think
we've found a Red Hat, CentOS, or Fedora system that it didn't run on).
</div>
<div style="text-align: justify;">
<br /></div>
<h3 style="text-align: justify;">
Tutorials ::</h3>
<pre class="codeblock">C:\> <b>nbtstat -A 192.168.1.99</b>
       NetBIOS Remote Machine Name Table

Name               Type         Status
---------------------------------------------
XPDEV          <00>  UNIQUE      Registered
UNIXWIX        <00>  GROUP       Registered
XPDEV          <03>  UNIQUE      Registered
XPDEV          <20>  UNIQUE      Registered
UNIXWIX        <1E>  GROUP       Registered

MAC Address = 00-50-04-6D-50-37</pre>
<pre class="codeblock"> </pre>
<pre class="codeblock">C:\> <b>nbtscan 192.168.1.0/24</b>
192.168.1.3     MTNDEW\WINDEV               SHARING DC
192.168.1.5     MTNDEW\TESTING
192.168.1.9     MTNDEW\WIZ                  SHARING U=STEVE
192.168.1.99    MTNDEW\XPDEV                SHARING </pre>
<h3 style="text-align: justify;">
</h3>
<h3 style="text-align: justify;">
Download ::</h3>
<div style="text-align: justify;">
<b>Windows | Linux :: </b><a href="http://www.unixwiz.net/tools/nbtscan-1.0.35.exe" target="_blank">NBTScan</a> (.exe)<b> | </b><a href="http://www.unixwiz.net/tools/nbtscan-source-1.0.35.tgz" target="_blank">NBTScan</a> (.tgz)</div>
<div style="text-align: justify;">
<b>Official Website :: </b><a href="http://www.unixwiz.net/tools/nbtscan.html">http://www.unixwiz.net/tools/nbtscan.html</a></div>

NBTScan (Scans for Open NETBIOS Name Servers) :: Tools

nbtscan is a command-line tool that scans for open NETBIOS nameservers on a local or remote TCP/IP network , and this is a first step ...

Skipfish (Web Application Security Scanner) :: Tools

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWet3cqxS_RaHFSPFgDcVyLfRIrD075ildwUJOYxN7KDyiHkwz5nOjJPSSvtMoZzRLq_g1vGKdWJsR2avZ_xoeGfBYB4C_YjX_Ulr5xlGhii4h2OWhJ_f2_3UkGgBCQ6pOtci-zTNqau4-/s1600/skipfish+screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Skipfish Screenshot" border="0" height="329" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWet3cqxS_RaHFSPFgDcVyLfRIrD075ildwUJOYxN7KDyiHkwz5nOjJPSSvtMoZzRLq_g1vGKdWJsR2avZ_xoeGfBYB4C_YjX_Ulr5xlGhii4h2OWhJ_f2_3UkGgBCQ6pOtci-zTNqau4-/s1600-rw/skipfish+screenshot.png" title="Skipfish Screenshot" width="640" /></a></div>
<div style="text-align: justify;">
<b><i>Skipfish</i></b> is an active <b>web application security reconnaissance tool</b>. It prepares an interactive sitemap  for the targeted site by carrying out a recursive crawl and  dictionary-based probes. The resulting map is then annotated with the  output from a number of active (but hopefully non-disruptive) <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a>  checks. The final report generated by the tool is meant to serve as a  foundation for professional <a href="http://www.toolwar.com/search/label/Web" target="_blank">web application</a> security assessments. </div>
<div style="text-align: justify;">
Key features: </div>
<ul style="text-align: justify;">
<li><b>High speed</b>:  pure C code, highly optimized HTTP handling, minimal CPU footprint -  easily achieving 2000 requests per second with responsive targets. </li>
</ul>
<ul style="text-align: justify;">
<li><b>Ease of use</b>:  heuristics to support a variety of quirky web <a href="http://www.toolwar.com/search/label/Frameworks" target="_blank">frameworks</a> and  mixed-technology sites, with automatic learning capabilities, on-the-fly  wordlist creation, and form autocompletion. </li>
</ul>
<ul style="text-align: justify;">
<li><b>Cutting-edge security logic</b>:  high quality, low false positive, differential security checks, capable  of spotting a range of subtle flaws, including blind injection vectors.  </li>
</ul>
<div style="text-align: justify;">
The tool is believed to support <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a>, FreeBSD, <a href="http://www.toolwar.com/search/label/Mac" target="_blank">MacOS X</a>, and <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a> (Cygwin) environments. </div>
<h3 style="text-align: justify;">
Tutorials ::</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/kqx8rp7Cnwc?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3 style="text-align: justify;">
 </h3>
<h3 style="text-align: justify;">
Download ::</h3>
<div style="text-align: justify;">
<b>Windows | Mac | Linux ::</b> <a href="http://skipfish.googlecode.com/files/skipfish-2.10b.tgz" target="_blank">Skipfish v2.10b</a> (.tgz)</div>
<div style="text-align: justify;">
<b>Official Website :: </b><a href="http://code.google.com/p/skipfish/">http://code.google.com/p/skipfish/</a></div>

Skipfish (Web Application Security Scanner) :: Tools

Skipfish is an active web application security reconnaissance tool . It prepares an interactive sitemap for the targeted site by carryi...

Cisco Torch (Scanning, Fingerprinting and Exploitation) :: Tools

<div style="text-align: justify;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrDBORXGRkO4-BVNT3r3mNPK_ogJ94i5y-vnarwHNshmXWd2qBKmXLLFyAlwuJM32ULoRNrOznorFUhaZ4b3jXomvwheUARBWfq9WYFeRUL_t0fvlOOf1yW2UUaYIEdzhS7mtfN0guCsfD/s1600/cisco-torch.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Cisco Torch" border="0" height="294" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrDBORXGRkO4-BVNT3r3mNPK_ogJ94i5y-vnarwHNshmXWd2qBKmXLLFyAlwuJM32ULoRNrOznorFUhaZ4b3jXomvwheUARBWfq9WYFeRUL_t0fvlOOf1yW2UUaYIEdzhS7mtfN0guCsfD/s1600-rw/cisco-torch.PNG" title="Cisco Torch" width="640" /></a></div>
<div style="text-align: justify;">
<b>Cisco Torch</b> is a <b>mass scanning, fingerprinting, and exploitation tool</b> was 
written while working on the next edition of the "Hacking Exposed Cisco 
Networks", since the <a href="http://www.toolwar.com/search/label/Tools">tools</a> availalbe on the market could not meet our 
needs. 
<br />The main feature that makes<b> Cisco-torch</b> different from similar tools
 is the extensive use of forking to launch multiple scanning processes 
on the background for maximum <a href="http://www.toolwar.com/search/label/Scanner">scanning</a> efficiency. Also, it uses several
 methods of application layer fingerprinting simultaneously, if needed. 
We wanted something fast to discover remote Cisco hosts running Telnet, 
SSH, Web, NTP and SNMP services and launch dictionary attacks against 
the services discovered. </div>
<br /><h3 style="text-align: justify;">
Download ::</h3>
<div style="text-align: justify;">
<b>Windows | Mac | Linux :: </b><a href="http://www.arhont.com/en/wp-content/uploads/2010/01/cisco-torch-0.4b.tar.gz" target="_blank">Cisco-Torch v0.4b</a> (.tar.bz2)<b> | Language ::</b> Perl<b><br /></b></div>
<div style="text-align: justify;">
<b>Official Website :: </b> <a href="http://www.arhont.com/en/category/resources/tools-utilities/">http://www.arhont.com/en/category/resources/tools-utilities/</a></div>

Cisco Torch (Scanning, Fingerprinting and Exploitation) :: Tools

Cisco Torch is a mass scanning, fingerprinting, and exploitation tool was written while working on the next edition of the "Hac...

Nmap and Zenmap (Network Discovery and Security Auditing) :: Tools

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<img alt="nmap scanner logo" border="0" height="210" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPn1QPXq_tY_zK1uLIjY-6fyXimOMxgo3rq52s-03wGFIiM3FEUXb1R_uZpS2QvMEucVny6EK7w0eYYGJ5JKDgUtasnKL7WqkAIA5QMKqB05XXAv_va-hOLNd2wlIHxv1cUDpxCVa4kxbF/s1600-rw/nmap.jpg" title="nmap scanner logo" width="400" /></div>
</div>
<div style="text-align: justify;">
<b>Nmap ("Network Mapper")</b> is a free and open source (license) utility for <b>network discovery and security auditing.</b> Many systems and network administrators also find it useful for tasks such as <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> inventory, managing service upgrade schedules, and <a href="http://www.toolwar.com/search/label/Monitoring" target="_blank">monitoring</a> host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of <a href="http://www.toolwar.com/search/label/Packet" target="_blank">packet</a> filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a>, <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a>, and <a href="http://www.toolwar.com/search/label/Mac" target="_blank">Mac OS X</a>. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced <a href="http://www.toolwar.com/search/label/GUI" target="_blank">GUI</a> and results viewer <b>(Zenmap)</b>, a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response <a href="http://www.toolwar.com/search/label/Analysis" target="_blank">analysis tool</a> (Nping).<br />
<br />
<b>Nmap</b> was named “<a href="http://www.toolwar.com/search/label/Security" target="_blank">Security</a> Product of the Year” by Linux Journal, Info World, LinuxQuestions.Org, and Codetalker Digest. It was even featured in twelve movies, including The Matrix Reloaded, Die Hard 4, Girl With the Dragon Tattoo, and The Bourne Ultimatum.<br />
<br />
<b>Nmap is::</b></div>
<ul style="text-align: justify;">
<li>    Flexible: Supports dozens of advanced techniques for mapping out networks filled with IP filters, <a href="http://www.toolwar.com/search/label/IDS" target="_blank">firewalls</a>, routers, and other obstacles. This includes many port scanning mechanisms (both TCP & UDP), <b>OS detection</b>, version detection, ping sweeps, and more. See the documentation page.</li>
<li>    Powerful: Nmap has been used to scan huge networks of literally hundreds of thousands of machines.</li>
<li>    Portable: Most operating systems are supported, including Linux, Microsoft Windows, FreeBSD, OpenBSD, Solaris, IRIX, Mac OS X, HP-UX, NetBSD, Sun OS, Amiga, and more.</li>
<li>    Easy: While Nmap offers a rich set of advanced features for power users, you can start out as simply as "nmap -v -A targethost". Both traditional command line and graphical (GUI) versions are available to suit your preference. Binaries are available for those who do not wish to compile Nmap from source.</li>
<li>    Free: The primary goals of the Nmap Project is to help make the Internet a little more secure and to provide administrators/auditors/hackers with an advanced tool for exploring their networks. Nmap is available for free download, and also comes with full source code that you may modify and redistribute under the terms of the license.</li>
<li>    Well Documented: Significant effort has been put into comprehensive and up-to-date man pages, whitepapers, tutorials, and even a whole book! Find them in multiple languages here.</li>
<li>    Supported: While Nmap comes with no warranty, it is well supported by a vibrant community of developers and users. Most of this interaction occurs on the Nmap mailing lists. Most bug reports and questions should be sent to the nmap-dev list, but only after you read the guidelines. We recommend that all users subscribe to the low-traffic nmap-hackers announcement list. You can also find Nmap on Facebook and Twitter. For real-time chat, join the #nmap channel on Freenode or EFNet.</li>
<li>    Acclaimed: <b>Nmap</b> has won numerous awards, including "Information Security Product of the Year" by Linux Journal, Info World and Codetalker Digest. It has been featured in hundreds of magazine articles, several movies, dozens of books, and one comic book series. Visit the press page for further details.</li>
<li>    Popular: Thousands of people download <b>Nmap</b> every day, and it is included with many operating systems (Redhat Linux, Debian Linux, Gentoo, FreeBSD, OpenBSD, etc). It is among the top ten (out of 30,000) programs at the Freshmeat.Net repository. This is important because it lends Nmap its vibrant development and user support communities. </li>
</ul>
<h3>
Tutorials ::</h3>
<b>Tutorial (Max OS X) :: </b><a href="http://nmap.org/book/inst-macosx.html#inst-macosx-source">Click Here</a><br />
<b>Tutorial (Windows) :: </b><a href="http://nmap.org/book/inst-windows.html#inst-win-source">Click Here</a> <b><br />
</b><br />
<b>Tutorial (Linux) ::</b> <a href="http://nmap.org/book/inst-source.html">Click Here</a><br />
<b>Installation :: </b><a href="http://nmap.org/book/install.html" target="_blank">Click Here</a>   <br />
<b>Tutorials From Basics :: </b><a href="http://nmap.org/bennieston-tutorial/">Click Here </a><br />
<b>Video Tutorial :: </b><br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/RJxF7puQFXI?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<b> </b>
<br />
<h3>
Download ::</h3>
<h3>
</h3>
<b>Download ZenMap (GUI of Nmap) :: </b><a href="http://nmap.org/zenmap/">Click Here</a><b> </b><br />
<b>Windows :: </b><a href="http://nmap.org/dist/nmap-6.40-setup.exe">Nmap-Latest</a> (.exe)
<b> </b><br />
<b>Linux :: </b><a href="http://nmap.org/dist/nmap-6.40.tar.bz2">Nmap Latest</a> (.tar.bz2)<b> </b><br />
<b>Mac :: </b><a href="http://nmap.org/dist/nmap-6.40-2.dmg">Nmap Latest</a> (.dmg)<b> </b>
<b>  </b><br />
<b>Official Website ::</b> <a href="http://nmap.org/">http://nmap.org/</a>
<br />
<div style="text-align: justify;">
</div>

Nmap and Zenmap (Network Discovery and Security Auditing) :: Tools

Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many syste...

SAINT 8 (Security Auditing Suite) :: Framework

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<img alt="SAINT LOGO" border="0" height="107" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgA7ITNbIsTcKUwW4ShEmmGIi_tc3r93_yUAm8uaCmmHsBBhYfr3EemJ8Cqkmicl1Fhpd9D3UxPy_DS7kuqAJEVvVADbttEn7PYmcWl3xA3gQEQWKeMojScYzNb7yO1L08sAs_4K6kEYXHm/s1600-rw/SAINT.jpg" title="SAINT LOGO" width="200" /></div>
<b>SAINT 8</b> is a <b>fully-integrated security tool suite</b> that combines <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank">vulnerability scanning</a>, with <a href="http://www.toolwar.com/search/label/Penetration" target="_blank">penetration testing</a>, social engineering 
tools and configuration assessments. Use the combined power of these 
tools to identify vulnerabilities on <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> devices, operating systems,
 desktop applications, <a href="http://www.toolwar.com/search/label/Web" target="_blank">Web applications</a>, databases, and more; run 
packaged penetration tests through pre-configured policies, run 
vulnerability-specific exploits for target-directed investigation; 
execute social engineering through packaged exploit Tools; and execute 
platform-specific configuration auditing, using NIST’s SCAP standards 
and protocols.  <b>SAINT 8 </b>then provides a robust set of <a href="http://www.toolwar.com/search/label/Analysis" target="_blank">analysis</a> and 
reporting features to perform ad hoc analytics, view strategic level 
results across 1 or many assessments, and then build reports from 
pre-defined templates, compliance reports or build your own custom 
reports from over 150 customizable settings. <b>SAINT's</b> current repository 
includes over 4,200 <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank">vulnerability</a> checks and 900+ exploits - which span 
over 48,000 Common Vulnerability Exposures (CVEs), plus numerous 
vulnerabilities that do not currently have a CVE assigned. Vulnerability
 checks and exploit development is a daily activity, that includes 
delivery of new checks twice a week, through an automated plug-in. This 
agentless scanning solution can be delivered via a cloud-based version <b>
(WebSAINT Pro 8)</b>, deployed standalone, shared as a server-based 
solution, or as a multi-<a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanner</a> architecture for large enterprise or 
load balanced scanning.</div>
<br />
<h3>
Tutorials ::</h3>
<b>Video Tutorial :: </b><a href="http://www.youtube.com/watch?v=ibW6gLNYrf8" target="_blank">Click Here </a><br />
<b>Exploit Tools List :: </b><a href="http://www.saintcorporation.com/solutions/exploitTools.html" target="_blank">Click Here</a><b></b><br />
<br />
<h3>
Download :: </h3>
<b>Windows :: </b><a href="https://www.saintcorporation.com/resources/requestEvaluation.html" target="_blank">Request a Evaluation Copy</a><b> </b><br />
<b>Official Website :: </b><a href="https://www.saintcorporation.com/products/SAINT8.html">https://www.saintcorporation.com/products/SAINT8.html</a><br />
<b>Submitted By :: </b>SAINT Corporation <br />
<div style="text-align: justify;">
<br /></div>

SAINT 8 (Security Auditing Suite) :: Framework

SAINT 8 is a fully-integrated security tool suite that combines vulnerability scanning , with penetration testing , social engineering ...

BlindElephant (Web Application Fingerprinting) :: Tools

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipt-PGEQbszCnUumUvyuXZt9TWyLVMKHh4zJ6Nms53hyphenhyphenEdN-vLqt0RuDiSAnxFXphRcokFnxoZolzQ5zf4XZL-iQlMn-HMKs3twBbf5TdM_E1hO169ojrWt8AAj2r1IrStX8rDokXXSae8/s1600/BlindElephant+logo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="287" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipt-PGEQbszCnUumUvyuXZt9TWyLVMKHh4zJ6Nms53hyphenhyphenEdN-vLqt0RuDiSAnxFXphRcokFnxoZolzQ5zf4XZL-iQlMn-HMKs3twBbf5TdM_E1hO169ojrWt8AAj2r1IrStX8rDokXXSae8/s1600-rw/BlindElephant+logo.png" width="320" /></a></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
The <b>BlindElephant</b> is a <b>Web Application Fingerprinter</b> attempts to discover the 
version of a (known) <a href="http://www.toolwar.com/search/label/Web" target="_blank">web application</a> by comparing static files at known 
locations against precomputed <a href="http://www.toolwar.com/search/label/Hash" target="_blank">hashes</a> for versions of those files in all 
all available releases. The technique is fast, low-bandwidth, 
non-invasive, generic, and highly automatize. </div>
<h3 style="text-align: justify;">
Tutorials ::</h3>
<div style="text-align: justify;">
<b>Discussion and Forum :: </b><a href="http://www.qualys.com/blindelephant" target="_blank">Click Here</a></div>
<div style="text-align: justify;">
<b>Installation ::</b></div>
<div style="text-align: justify;">
Installation is only required if you plan to use BlindElephant as a 
library. Make sure that your <a href="http://www.toolwar.com/search/label/Python" target="_blank">python</a> installation has distutils, and then
 do: </div>
<div style="text-align: justify;">
<span style="font-size: large;"><span style="font-family: "Courier New",Courier,monospace;"><code>cd blindelephant/src</code><code>sudo python setup.py install</code></span></span></div>
<br />
<b>Example Usage (Command Line) :: </b><br />

setup.py will have placed BlindElephant.py in your /usr/local/bin dir. 
<br />
<pre style="border-left: 5px solid #ddd; padding: 10px;"><span style="font-family: "Courier New",Courier,monospace;">$ BlindElephant.py 
Usage: BlindElephant.py [options] url appName

Options:
  -h, --help            show this help message and exit
  -p PLUGINNAME, --pluginName=PLUGINNAME
                        Fingerprint version of plugin (should apply to web app
                        given in appname)
  -s, --skip            Skip fingerprinting webpp, just fingerprint plugin
  -n NUMPROBES, --numProbes=NUMPROBES
                        Number of files to fetch (more may increase accuracy).
                        Default: 15
  -w, --winnow          If more than one version are returned, use winnowing
                        to attempt to narrow it down (up to numProbes
                        additional requests).
  -l, --list            List supported webapps and plugins

Use "guess" as app or plugin name to attempt to attempt to
discover which supported apps/plugins are installed.

$ python BlindElephant.py http://laws.qualys.com movabletype
Loaded /usr/local/lib/python2.6/dist-packages/blindelephant/dbs/movabletype.pkl with 96 versions, 2229 differentiating paths, and 209 version groups.
Starting BlindElephant fingerprint for version of movabletype at http://laws.qualys.com

Fingerprinting resulted in:
4.22-en
4.22-en-COM
4.23-en
4.23-en-COM

Best Guess: 4.23-en-COM</span>
</pre>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<span style="font-size: large;"><span style="font-family: "Courier New",Courier,monospace;"><code><span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><span style="font-size: small;"><b>More Help :: </b><a href="http://sourceforge.net/p/blindelephant/code/HEAD/tree/trunk/" target="_blank">Click Here</a></span></span> </code></span></span></div>
<h3 style="text-align: justify;">
Download ::</h3>
<div style="text-align: left;">
<b>Linux Command  :: </b><code>svn co https://blindelephant.svn.sourceforge.net/svnroot/blindelephant/trunk blindelephant</code></div>
<div style="text-align: justify;">
<b>Official Website ::</b> <a href="http://blindelephant.sourceforge.net/">http://blindelephant.sourceforge.net/</a></div>

BlindElephant (Web Application Fingerprinting) :: Tools

The BlindElephant is a Web Application Fingerprinter attempts to discover the version of a (known) web application by comparing sta...

IronWASP (Web Application Advaced Security Testing Platform) :: Tools

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiIe0rfi3alWm5nNnOkzOsCwxWkvTGEZszoQ6V6CqzE9CWjbo_A4crurTQ2UKyOjm5HLNA9FL0P67Vjg2Rvnfuaj9HaEy5iky1SX9TfSfsJi_qC8Zn3KcLEp5JD_gC0J3Wo6HKzEwuAMrm/s1600/IronWASP+Screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="IronWASP Screenshot" border="0" height="222" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiIe0rfi3alWm5nNnOkzOsCwxWkvTGEZszoQ6V6CqzE9CWjbo_A4crurTQ2UKyOjm5HLNA9FL0P67Vjg2Rvnfuaj9HaEy5iky1SX9TfSfsJi_qC8Zn3KcLEp5JD_gC0J3Wo6HKzEwuAMrm/s1600-rw/IronWASP+Screenshot.png" title="IronWASP Screenshot" width="640" /></a></div>
<b>IronWASP (Iron Web application Advanced Security testing Platform)</b> is an  open source <a href="http://www.toolwar.com/search/label/System" target="_blank">system</a> for <a href="http://www.toolwar.com/search/label/Web" target="_blank">web</a> application <a href="http://www.toolwar.com/search/label/Vulenrability" target="_blank">vulnerability</a> testing. It is  designed to be customizable to the extent where users can create their  own custom <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a> <a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanners</a> using it.         Though an advanced user with <a href="http://www.toolwar.com/search/label/Python" target="_blank">Python</a>/Ruby scripting expertise  would be able to make full use of the platform, a lot of the tool's  features are simple enough to be used by absolute beginners. </div>
<div style="text-align: justify;">
<b>IronWASP</b> has a plugin system that supports Python and Ruby. The version  of Python and Ruby used in <b>IronWASP</b> is IronPython and IronRuby which is  syntactically similar to CPython and CRuby. However some of the standard  libraries might not be available, instead plugin authors can make use  of the powerful IronWASP API.                   </div>
<h3 style="text-align: justify;">
Tutorials ::</h3>
<div style="text-align: justify;">
<b>IronWASP Blog : : </b><a href="http://blog.ironwasp.org/" target="_blank">Click Here </a></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/yUoPRnEf22I?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3 style="text-align: justify;">
 </h3>
<h3 style="text-align: justify;">
Download ::</h3>
<div style="text-align: justify;">
<b>Windows :: </b><a href="https://ironwasp.org/ironwasp.zip" target="_blank">IronWASP v0.9.7.5</a><b> </b>(.zip)</div>
<div style="text-align: justify;">
<b>Linux :: </b></div>
<div style="text-align: justify;">
<b><span style="font-family: "Courier New",Courier,monospace;">wget http://blog.anantshri.info/content/uploads/2013/01/ironwasp_installer.sh.txt -O ~/ironwasp_installer.sh && sh ~/ironwasp_installer.sh </span></b></div>
<div style="text-align: justify;">
<b>Mac :: </b>IronWASP runs on Mac with <a href="http://www.codeweavers.com/products/">CrossOver</a>.</div>
<div style="text-align: justify;">
<b>Official Website :: </b><a href="http://ironwasp.org/">http://ironwasp.org/</a></div>

IronWASP (Web Application Advaced Security Testing Platform) :: Tools

IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testin...

Rootkit Hunter (Rootkit Scanner) :: Tools

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<b><img alt="rootkit hunter logo" border="0" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmAKcX4SzdyaNdf4DapqpG3d1wMIQl85Bf0MAAPmJDtEku0X-3BPe_s9_ozZkwyHMyJrfIXdORod7eI9TGZejFbegPFldu185F6m872hTfpFEgo8CPqIQPMyFm9ltA2FzzD6V9PhSLSoVP/s1600-rw/Rkhunter.jpg" title="rootkit hunter logo" /></b></div>
<b>Rootkit Hunter</b> is <a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanning tool</a> to ensure you for about 99.9%* you're clean of nasty <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a>. This tool <i>scans for <a href="http://www.toolwar.com/search/label/Rootkit" target="_blank">rootkits</a>, backdoors and local exploits</i> by running tests like:<br />
<br />
    - MD5 <a href="http://www.toolwar.com/search/label/Hash" target="_blank">hash</a> compare<br />
    - Look for default files used by rootkits<br />
    - Wrong file permissions for binaries<br />
    - Look for suspected strings in LKM and KLD modules<br />
    - Look for hidden files<br />
    - Optional scan within plaintext and binary files<br />
<br />
<b>Rootkit Hunter</b> is released as GPL licensed project and free for everyone to use.* No, not really 99.9%.. It's just another security layer<br />
<br />
<b>System requirements:</b><br />
    - Compatible operating system (see 'Supported operating systems')<br />
    - Bourne Again Shell (BASH)<br />
<br />
<b>Supported operating systems ::</b><br />
- Most <a href="http://www.toolwar.com/search/label/Distribution" target="_blank">Linux distributions</a><br />
- Most *BSD distributions</div>
<div style="text-align: justify;">
<h3>
Tutorial ::</h3>
<b>Scanning Techniques :: </b><a href="http://www.rootkit.nl/articles/rootkit_scanning_techniques.html" target="_blank">Click Here</a><br />
<b>Documentations :: </b><a href="http://www.rootkit.nl/files/rootkit_documentation.html" target="_blank">Click Here</a><br />
<b>Video Tutorial ::</b>  <br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/5ngeBpeRros?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
</div>
<div style="text-align: justify;">
<h3>
Download ::</h3>
</div>
<div style="text-align: justify;">
<b>Linux :: </b><a href="http://sourceforge.net/projects/rkhunter/files/latest/download" target="_blank">RootKit Hunter v1.4.0</a> (.tar.gz)<b>
</b></div>
<div style="text-align: justify;">
<b>Official Website ::</b> <a href="http://www.rootkit.nl/projects/rootkit_hunter.html">http://www.rootkit.nl/projects/rootkit_hunter.html</a></div>

Rootkit Hunter (Rootkit Scanner) :: Tools

Rootkit Hunter is scanning tool to ensure you for about 99.9%* you're clean of nasty tools . This tool scans for rootkits , backdoo...

iScan Online :: Tools

<div class="separator" style="clear: both; text-align: center;">
<img alt="iscan logo online " border="0" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeslw6s4bc1vdJpAy_EBblVvuVFaHURRWxOkNzjUnX9V89kGe-adrQQhV7XBSPrnczstoi85guEuodmRteZGABDY-ALPPiGYapmKUWj2XLLvFzmZ0CHTSFwsYTyffYtCtRHMwmzMDQPNqj/s1600-rw/iscan+online+logo.png" title="iscan logo online " /></div>
<div style="text-align: justify;">
<b>iScan Online</b> is the <i>vulnerability scanning solutions for  Computing and Mobility.</i> <b>iScan Online</b> delivers its <i><a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank">vulnerability</a> <a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanning</a></i>   through a <b>browser plugin, native mobile app</b> or alternatively as a  downloadable <a href="http://www.toolwar.com/search/label/CLI" target="_blank">CLI</a> executable.<br />
<br />
For BYOD environments, HTML and  Javascript snippets are provided to scan any laptop or <a href="http://www.toolwar.com/search/label/Phone" target="_blank">mobile device</a>  connecting to a network and/or <a href="http://www.toolwar.com/search/label/Web" target="_blank">web </a>application.<br />
<br />
Data is submitted  to the cloud console where HTML, CSV and <a href="http://www.toolwar.com/search/label/PDF" target="_blank">PDF</a> reports are available.  JSON data is readily available with the RESTful API.<br />
<br />
Supported  platforms covered for vulnerability and data discovery scanning are:   <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a>, <a href="http://www.toolwar.com/search/label/Mac" target="_blank">Mac OS X</a>, <a href="http://www.toolwar.com/search/label/Android" target="_blank">Android</a> and Apple iOS. Desktops, Servers, Smartphones  and Tablets supported.</div>
<div style="text-align: justify;">
</div>
<div style="text-align: justify;">
<h3>
Tutorials ::</h3>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/SIIbrXW8ZMg?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3>
Download ::</h3>
</div>
<div style="text-align: justify;">
<b>Android (Play Store) ::</b> <a href="https://play.google.com/store/apps/details?id=com.iscanonline.iscanandroid" target="_blank">https://play.google.com/store/apps/details?id=com.iscanonline.iscanandroid </a></div>
<div style="text-align: justify;">
<b>Official Website & Online Plugins ::</b> <a href="https://www.iscanonline.com/" target="_blank">https://www.iscanonline.com/</a></div>
<div style="text-align: justify;">
<b>Submitted By ::</b> iScan Online </div>

iScan Online :: Tools

iScan Online is the vulnerability scanning solutions for Computing and Mobility. iScan Online delivers its vulnerability scanning ...

Beast-Check (SSL/TLS BEAST Vulnerability Check) :: Tools

<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPX99p7OpWXx86CRPoDgco35kA8zXAjBG_l0dAQqBWT0feEqj9A1w1aPOcGpyS0DbdryxrvPzF4dTTNWY5ygzT9bP3hy9j04M3iACwFr6i2ykH2cC2G1p5-gauXZ_gz_9gWFAsUToI4Bik/s1600/beast-check+vulnerability+scanner.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="beast-check vulnerability scanner" border="0" height="200" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPX99p7OpWXx86CRPoDgco35kA8zXAjBG_l0dAQqBWT0feEqj9A1w1aPOcGpyS0DbdryxrvPzF4dTTNWY5ygzT9bP3hy9j04M3iACwFr6i2ykH2cC2G1p5-gauXZ_gz_9gWFAsUToI4Bik/s640-rw/beast-check+vulnerability+scanner.jpg" title="beast-check vulnerability scanner" width="640" /></a></div>
<div style="text-align: justify;">
<b>Beast-Chec</b>k is a small <i>perl script</i> that <i>checks a target server</i> whether it is <i><b>prone to  BEAST <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank">vulnerability</a></b></i> via target preferred cipher. It assumes no  workaround (i.e. EMPTY FRAGMENT) applied in target server. Some sources  said this workaround was disabled by default for compatibility reasons.  This may be the reason why RC4 ciphersuite was widely chosen as highest  preferred ciphersuite for the primary workaround. </div>
<h3 style="text-align: justify;">
Tutorial ::</h3>
<div style="text-align: justify;">
<span style="font-size: large;">Uses ::  </span></div>
<pre class="prettyprint"><span class="pln">$ </span><span class="pun">./</span><span class="pln">beast</span><span class="pun">.</span><span class="pln">pl
</span><span class="pun">===============================================</span><span class="pln">

port </span><span class="pun">=</span><span class="pln"> </span><span class="lit">443</span><span class="pln"> </span><span class="kwd">by</span><span class="pln"> </span><span class="kwd">default</span><span class="pln"> </span><span class="pun">{</span><span class="pln">optional</span><span class="pun">}</span></pre>
<pre class="prettyprint"><span class="pun"> </span></pre>
<div class="prettyprint">
<span style="font-family: inherit;"><span style="font-size: small;"><span class="pun"><b>Example :: Scanning Google</b></span></span></span></div>
<pre class="prettyprint"><span class="pun"><b><span class="pln"> </span></b></span></pre>
<pre class="prettyprint"><span style="background-color: white;"><span class="pun"><span class="pln">$ </span><span class="pun">./</span><span class="pln">beast</span><span class="pun">.</span><span class="pln">pl www</span><span class="pun">.</span><span class="pln">google</span><span class="pun">.</span><span class="pln">com
</span><span class="pun">===============================================</span><span class="pln">

SSL</span><span class="pun">/</span><span class="pln">TLS BEAST </span><span class="typ">Vulnerability</span><span class="pln"> </span><span class="typ">Check</span><span class="pln">
 </span><span class="kwd">by</span><span class="pln"> YGN </span><span class="typ">Ethical</span><span class="pln"> </span><span class="typ">Hacker</span><span class="pln"> </span><span class="typ">Group</span><span class="pun">,</span><span class="pln"> http</span><span class="pun">:</span><span class="com">//yehg.net/</span><span class="pln">
</span><span class="pun">===============================================</span><span class="pln">
</span><span class="typ">Target</span><span class="pun">:</span><span class="pln"> www</span><span class="pun">.</span><span class="pln">google</span><span class="pun">.</span><span class="pln">com</span><span class="pun">:</span><span class="lit">443</span><span class="pln">
</span><span class="com">## The target is NOT vulnerable to BEAST attack. ##</span><span class="pln">
</span><span class="typ">Protocol</span><span class="pun">:</span><span class="pln"> TLS v1</span><span class="typ">Server</span><span class="pln"> </span><span class="typ">Preferred</span><span class="pln"> </span><span class="typ">Cipher</span><span class="pun">:</span><span class="pln"> ECDHE</span><span class="pun">-</span><span class="pln">RSA</span><span class="pun">-</span><span class="pln">RC4</span><span class="pun">-</span><span class="pln">SHA</span><span class="typ">Vulnerable</span><span class="pun">:</span><span class="pln"> NO</span>  </span></span></pre>
<pre class="prettyprint"><span style="background-color: white;"><span class="pun"> </span></span></pre>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/4uCn1bjEC7s?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<pre class="prettyprint"><span style="background-color: white;"><span class="pun"> </span></span></pre>
<h3 style="text-align: justify;">
Download :: </h3>
<div style="text-align: justify;">
<b><span style="font-size: small;">Linux & Windows :: </span></b><a href="http://beast-check.googlecode.com/files/beast.pl" target="_blank">Beast-Check </a>(Perl Script)</div>
<div style="text-align: justify;">
<b>Official Website :: </b><a href="http://yehg.net/">http://yehg.net/</a></div>

Beast-Check (SSL/TLS BEAST Vulnerability Check) :: Tools

Beast-Chec k is a small perl script that checks a target server whether it is prone to BEAST vulnerability via target preferred ciphe...

Flunym0us (Wordpress Vulnerability Scanner) :: Tools

<div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgRufBOKc1OhlATweF2T2DA6RzQ1RaW4teULU82vacYOyWYROE7IcTk2iaaqm8nd8OaWbZQKEKAcmX1x6UG1k6hOByiwXeU2uE2jDdkKAfuxwxAxBHilBRXcwC9kgA0aZyHPjIMuJhyphenhyphenDCN5/s1600/wordpress+vulnerability+scanner.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Wordpress Vulnerability Scanner" border="0" height="200" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgRufBOKc1OhlATweF2T2DA6RzQ1RaW4teULU82vacYOyWYROE7IcTk2iaaqm8nd8OaWbZQKEKAcmX1x6UG1k6hOByiwXeU2uE2jDdkKAfuxwxAxBHilBRXcwC9kgA0aZyHPjIMuJhyphenhyphenDCN5/s400-rw/wordpress+vulnerability+scanner.jpg" title="Wordpress Vulnerability Scanner" width="400" /></a></div>
<br />
<b>Flunym0us</b> is a <i><b>Vulnerability <a href="http://www.toolwar.com/search/label/Scanner" target="_blank">Scanner</a> for Wordpress and Moodle</b></i> designed by Flu Project Team. <b>Flunym0us</b>  has been developed in <a href="http://www.toolwar.com/search/label/Python" target="_blank">Python</a>.<b> Flunym0us</b> performs dictionary attacks  against <a href="http://www.toolwar.com/search/label/Web" target="_blank">Web</a> sites. By default, <b>Flunym0us</b> includes a dictionary for  <b>Wordpress </b>and other for Moodle. </div>
<h3>
Tutorials :: </h3>
<b>Flunym0us requires python. Arguments allowed: </b><br />
<blockquote>
<span style="font-family: "Courier New",Courier,monospace;">-h, --help: Show this help message and exit  </span></blockquote>
<blockquote>
<span style="font-family: "Courier New",Courier,monospace;">-wp, --wordpress: Scan WordPress site  </span></blockquote>
<blockquote>
<span style="font-family: "Courier New",Courier,monospace;">-mo, --moodle: Scan Moodle site  </span></blockquote>
<blockquote>
<span style="font-family: "Courier New",Courier,monospace;">-H HOST, --host HOST: Website to be scanned  </span></blockquote>
<blockquote>
<span style="font-family: "Courier New",Courier,monospace;">-w WORDLIST, --wordlist WORDLIST: Path to the wordlist to use  </span></blockquote>
<blockquote>
<span style="font-family: "Courier New",Courier,monospace;">-t TIMEOUT, --timeout TIMEOUT: Connection timeout  </span></blockquote>
<blockquote>
<span style="font-family: "Courier New",Courier,monospace;">-r RETRIES, --retries RETRIES: Connection retries  </span></blockquote>
<blockquote>
<span style="font-family: "Courier New",Courier,monospace;">-p PROCESS, --process PROCESS: Number of process to use  </span></blockquote>
<blockquote>
<span style="font-family: "Courier New",Courier,monospace;">-T THREADS, --threads THREADS: Number of threads (per process) to use  </span></blockquote>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/qDeHQYbFuxM?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div>
<h3 style="text-align: justify;">
<span style="font-family: inherit;">Download ::</span> </h3>
<div style="text-align: justify;">
<b>Linux :: </b><a href="https://flunym0us.googlecode.com/files/flunym0us2.0.tar.gz" target="_blank">Flunym0us.tar.gz</a></div>
<div style="text-align: justify;">
<b>Official Website :: </b>http://www.flu-project.com/</div>

Flunym0us (Wordpress Vulnerability Scanner) :: Tools

Flunym0us is a Vulnerability Scanner for Wordpress and Moodle designed by Flu Project Team. Flunym0us has been developed in Python ...

Malware Classifier (Malware Analysis) :: Tools

<div class="separator" style="clear: both; text-align: center;">
<img alt="adobe malware classifier " border="0" height="266" loading="lazy" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJFSWBvBrB6iEW5mUe0RLgLd4aTklWqEcrJku4K5HoKfHloY6DDXgTMVL4g8funQXw0_Yaxw2LuVUfUe3WqD_yvQoVBSUtp-dpw3XWg7kkmWbJlum9If5NsE1Kifvf0LFPi1Gryz7sq1ot/s400-rw/adobe+malware+classifier.png" title="adobe malware classifier " width="400" /></div>
<div style="text-align: justify;">
<b>Adobe Malware Classifier</b> is a command-line tool that lets antivirus 
analysts, IT administrators, and security researchers quickly and easily
 determine if a <b><i>binary file contains malware</i></b>, so they can develop <b>
<a href="http://www.toolwar.com/search/label/Malware" target="_blank">malware</a> detection</b> signatures faster, reducing the time in which users' 
systems are vulnerable.
Malware Classifier uses machine learning algorithms to classify Win32 
binaries – EXEs and DLLs – into three classes: 0 for “clean,” 1 for 
“malicious,” or “UNKNOWN.”<br /><br />
The tool was developed using models resultant from running the J48, J48 
Graft, PART, and Ridor machine-learning algorithms on a dataset of 
approximately 100,000 malicious programs and 16,000 clean programs. <br />
The tool extracts seven key features from an unknown binary, feeds them 
to one of the four classifiers or all of them, and presents its 
classification of the unknown binary.</div>
<div style="text-align: justify;">
<h3>
Download :: </h3>
<b>Python :: </b><a href="http://sourceforge.net/projects/malclassifier.adobe/files/AdobeMalwareClassifier.py/download" target="_blank">AdobeMalwareClassifier.py</a><br />
<b>Source :: </b><a href="http://sourceforge.net/projects/malclassifier.adobe/?source=navbar">http://sourceforge.net/projects/malclassifier.adobe/?source=navbar</a></div>

Malware Classifier (Malware Analysis) :: Tools

Adobe Malware Classifier is a command-line tool that lets antivirus analysts, IT administrators, and security researchers quickly and e...

Subscribe to: Comments ( Atom )