Security Training Share
Dr. Memory: the memory debugger Dr. Memory is a memory monitoring tool capable of identifying memory-related programming errors such as accesses of uninitialized memory, accesses to unaddressable memory (including outside of allocated heap units...
SSH MITM This penetration testing tool allows an auditor to intercept SSH connections. A patch applied to the OpenSSH v7.5p1 source code causes it to act as a proxy between the victim and a...
Ropper You can use ropper to display information about binary files in different file formats and you can search for gadgets to build rop chains for different architectures (x86/X86_64, ARM/ARM64, MIPS/MIPS64, PowerPC). For disassembly,...
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail can be anything...
Tachyon is a Fast Multi-Threaded Web Discovery Tool. The main goal of it is to help webadmins find leftover files in their site installation, permission problems and web server configuration errors. It is not...
WPScan is a black box WordPress vulnerability scanner. Changelog v3.7.1 Fixed crash when a theme or plugin detected had dots in their slug Updated enumeration help message which displayed that p/t would enumerate plugins/themes...
Whatsapp Parser Toolset Whapa is a toolset to analyze the WhatsApp app for android. All tools are written in Python 2.X. It is divided into three tools: Whapa (Whatsapp Parser) Whamerge (Whatsapp Merger) Whagodri (WhatsApp Google...
The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer. Each software stores its passwords using different techniques (plaintext, APIs, custom algorithms, databases, etc.). This tool has been developed...
MISP – Malware Information Sharing Platform and Threat Sharing MISP, Malware Information Sharing Platform, and Threat Sharing is an open source software solution for collecting, storing, distributing and sharing cybersecurity indicators and threat about...
kalitorify kalitorify is a shell script for Kali Linux which use iptables settings to create a transparent proxy through Tor Network, the program also allows you to perform various checks like checking the Tor Exit Node (i.e. your...
Dupe Key Injector Dupe Key Injector is a Burp Suite extension implementing Dupe Key Confusion, a new XML signature bypass technique presented at BSides/BlackHat/DEFCON 2019 “SSO Wars: The Token Menace” presentation. Dupe Key Confusion...
The OWASP Zed Attack Proxy (ZAP) is easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security...
VyAPI – The Modern Cloud-Based Vulnerable Hybrid Android App VyAPI is a vulnerable hybrid Android app that’s vulnerable by design. We call it VyAPI because it’s flaws are pervasive and it communicates not just...
Mitaka Mitaka is an OSINT friendly IOC (Indicator of Compromise) search tool. It works as a Chrome extension and it makes possible to search / scan IOC via the context menu. Features Supported IOC...
