ccat: Cisco Config Analysis Tool
CCAT Cisco Config Analysis Tool This tool is designed to analyze the configuration files of the Cisco devices. The list of checks is based on the Cisco Guide to Harden Cisco IOS Devices. List...
Penetration Testing Blog
reconerator: C# Targeted Attack Reconnissance Tools
reconerator This is a custom .NET assembly which will perform a number of situational awareness activities. There are a number of current feature sets: BASIC – Obtains information from the disk and registry. This...
Ropper v1.11.10 releases: find gadgets to build rop chains for different architectures
Ropper You can use ropper to display information about binary files in different file formats and you can search for gadgets to build rop chains for different architectures (x86/X86_64, ARM/ARM64, MIPS/MIPS64, PowerPC). For disassembly,...
gasmask v1.4.1 releases: Information gathering tool – OSINT
gasmask All in one Information gathering tool – OSINT Written by: maldevel (twitter) Information Gathering ask bing crt dns dogpile github google googleplus instagram linkedin netcraft pgp reddit reverse dns twitter vhosts virustotal whois yahoo yandex...
WinObjEx64 v1.6.0 releases: Windows Object Explorer 64-bit
WinObjEx64 is an advanced utility that lets you explore the Windows Object Manager namespace. For certain object types, you can double-click on it or use the “Properties…” toolbar button to get more information, such...
graudit: Grep rough audit – source code auditing tool
GRAUDIT Graudit is a simple script and signature sets that allow you to find potential security flaws in source code using the GNU utility grep. It’s comparable to other static analysis applications like RATS,...
gitleaks v1.21.0 releases: Searches full repo history for secrets and keys
gitleaks – Check git repos for secrets and keys Changelog v1.21.0 Features added support for cloning repositories using github api (env var GITHUB_TOKEN) auditing PRs now allow whitelisting files v1.0.0 Performance Prior to v1.0.0...
XSRFProbe v2.0-beta.0 releases: CSRF Scanner Equipped with Powerful Crawling Engine & Intelligent Token Generator
XSRF Probe XSRF Probe is an advanced Cross Site Request Forgery Audit Toolkit equipped with Powerful Crawling and Intelligent Token Generation Capabilities. Some Features: Has a powerful crawler which features continuous crawling and scanning....
nginx ultimate bad bot blocker v3.2018.11.1244 releases
Welcome to the Ultimate Nginx Bad Bot, User-Agent, Spam Referrer Blocker, Adware, Malware and Ransomware Blocker, Click-Jacking Blocker, Click-Redirect Blocker and Bad IP Blocker with Anti-DDOS System, Nginx Rate Limiting and WordPress Theme Detector...
ME Analyzer v1.73.0 r146 releases: Intel Engine Firmware Analysis Tool
ME Analyzer is a tool which parses Intel Engine firmware images from the Converged Security Management Engine, Converged Security Trusted Execution Engine, Converged Security Server Platform Services, Management Engine, Trusted Execution Engine & Server...
RogueAP-Detector: Rogue Access Point Detector
RogueAP Detector rogueAP Detector is an open source tool to detect Wi-Fi Rogue Access Points, covering the most commonly known attacks. This tool is a modular framework composed of Scanners, Detectors and Actuators, which are...
snyk v1.108.3 releases: find & fix known vulnerabilities in open-source dependencies
snyk Snyk helps you find, fix and monitor known vulnerabilities in Node.js npm, Ruby and Java dependencies, both on an ad hoc basis and as part of your CI (Build) system. Features Find known vulnerabilities...
CMSScan: Scan WordPress, Drupal, Joomla, vBulletin websites for Security issues
CMSScan Scan WordPress, Drupal, Joomla, vBulletin websites for Security issues. CMSScan provides a centralized Security Dashboard for CMS Security scans. It is powered by wpscan, droopescan, vbscan and joomscan. It supports both on-demand and...
spacecrab: open source AWS toolset
SPACECRAB Bootstraps an AWS account with everything you need to generate, manage, and distribute and alert on AWS honeytokens. Made with breakfast roti by the Atlassian security team. AWS access keys are always a...
