Chiron: IPv6 Security Assessment framework
Chiron is an IPv6 Security Assessment Framework, written in Python and employing Scapy. It is comprised of the following modules: • IPv6 Scanner • IPv6 Local Link • IPv4-to-IPv6 Proxy...
Category: Vulnerability Analysis
freevulnsearch: Free and open NSE script to query vulnerabilities
freevulnsearch This NMAP NSE script is part of the Free OCSAF project – https://freecybersecurity.org. In conjunction with the version scan “-sV” in NMAP, the corresponding vulnerabilities are automatically assigned using CVE...
sandmap v1.2.0 release: network and system reconnaissance using the massive Nmap engine
Sandmap is a tool for supporting network and system reconnaissance using the massive Nmap engine. It provides a user-friendly interface, automates and speeds up scanning and allows you to easily use many...
nmap-bootstrap-xsl: A Nmap XSL implementation with Bootstrap
nmap-bootstrap-xsl A Nmap XSL implementation with Bootstrap. Download git clone https://github.com/honze-net/nmap-bootstrap-xsl.git How to use Add the nmap-bootstrap.xsl as stylesheet to your Nmap scan. Example: xx Open the scanme.xml with your Web browser. It...
Pakiti: provides a monitoring mechanism to check the patching status of Linux systems
Pakiti Pakiti provides a monitoring mechanism to check the patching status of Linux systems. It uses the client/server model, with clients running on monitored machines and sending reports to the...
kernelpop: kernel privilege escalation enumeration and exploitation framework
kernelpop kernelpop is a framework for performing automated kernel vulnerability enumeration and exploitation on the following operating systems: Linux Mac It is designed to be python version-agnostic, meaning that it should work...
mail-security-tester: testing framework for mail security and filtering solutions
Mail Security Testing Framework A testing framework for mail security and filtering solutions. IMPORTANT: Don’t do anything evil with this! Tests of cloud or otherwise hosted solutions should always be approved...
Pocsuite v2.0.8 releases: open-sourced remote vulnerability testing framework
Pocsuite is an open-sourced remote vulnerability testing and proof-of-concept development framework developed by the Knownsec Security Team. It comes with a powerful proof-of-concept engine, many niche features for the ultimate penetration...
Swaks: Swiss Army Knife for SMTP
Swaks’ primary design goal is to be a flexible, scriptable, transaction-oriented SMTP test tool. It handles SMTP features and extensions such as TLS, authentication, and pipelining; multiple version of the...
ccat v1.01 releases: Cisco Config Analysis Tool
CCAT Cisco Config Analysis Tool This tool is designed to analyze the configuration files of the Cisco devices. The list of checks is based on the Cisco Guide to Harden...
vuLnDAP: A vulnerable LDAP based web app written in Golang
vuLnDAP vuLnDAP is a deliberately vulnerable web application to demonstrate exploiting business logic flaws in a site based on LDAP. For more information see the project homepage. If you get stuck...
salt-scanner: Linux vulnerability scanner based on Salt Open and Vulners audit API
salt-scanner A Linux vulnerability scanner based on Vulners Audit API and Salt Open, with Slack notifications and JIRA integration. Features Slack notification and report upload JIRA integration OpsGenie integration Install...
MIDA-Multitool: system enumeration, vulnerability identification and privilege escalation
MIDA-Multitool – Bash script purposed for system enumeration, vulnerability identification, and privilege escalation.MIDA Multitool draws functionality from several of my previous scripts namely SysEnum and RootHelper and is in many regards RootHelpers successor. Besides functionality...
otseca: Open source security auditing tool
Open-source security auditing tool to search and dump system configuration. Otseca is an open-source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats....
Red Team Arsenal v1.0: web/network security scanner
Red Team Arsenal is a web/network security scanner which has the capability to scan all company’s online facing assets and provide a holistic security view of any security anomalies. It’s a closely linked...
