This is a simple little port scanning script written in python.
b8fc2783fbb4849e4ceac338b595bcb3Lightaidra is an IRC commanded tool that allows for scanning and exploiting routers. It also performs flooding.
a5192e2428d901e1f57b9b5d16671073This is an automatic SQL Injection tool called FatCat. It has features that help you to extract the database information, table information, and column information from a web application.
4f817b144c8f53343c8aa637f785cfa7Dark D0rk3r is a python script that performs dork searching and searches for local file inclusion and SQL injection errors.
889d6c7b94e9b4b4eca15f9e04ce9a86P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Version 3 is a complete rewrite of the original codebase, incorporating a significant number of improvements to network-level fingerprinting, and introducing the ability to reason about application-level payloads (e.g., HTTP).
aea524324828790b24a90be3bb7a0d93Dark D0rk3r is a python script that performs dork searching and searches for local file inclusion and SQL injection errors.
805a42d36e42f5901d0a6497306713a7PostTest is a jar file that will send POST requests to servers in order to test for the hash collision vulnerability discussed at the Chaos Communication Congress in Berlin.
7e94c05959065b9e3ee16b155ee0fe4bDark D0rk3r is a python script that performs dork searching and searches for local file inclusion and SQL injection errors.
1135026518d9d2e547c7fc2030142efcDark D0rk3r is a python script that performs dork searching and searches for local file inclusion and SQL injection errors.
59c92aeebbb4e725bb20482451ef06f3Dark D0rk3r is a python script that performs dork searching and searches for SQL injection errors.
4ec2f206ba19629bd6d4dfd5372246bcP0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Version 3 is a complete rewrite of the original codebase, incorporating a significant number of improvements to network-level fingerprinting, and introducing the ability to reason about application-level payloads (e.g., HTTP).
8a7ea1821b4599bdd1749b6112865c41This is a very fast TCP port scanner for Linux that can scan multiple hosts and ports at once.
b5d0e5e019e3d6a9d81a48d0489ad883This is a simple ICMP ping sweeping tool that takes in a range of IP addresses.
543666de6d9557dbd4451e5bf90b0ea9The Exploit Next Generation® SQL Fingerprint tool uses well-known techniques based on several public tools capable of identifying the Microsoft SQL Server version (such as: SQLping and SQLver), but, instead of showing only the "raw version" (i.e., Microsoft SQL Version 10.00.2746), the Exploit Next Generation® SQL Fingerprint shows the mapped Microsoft SQL Server version (i.e., Microsoft SQL 2008 SP1 (CU5)).
6757930a2010359d3e06309e60bd4db4P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Version 3 is a complete rewrite of the original codebase, incorporating a significant number of improvements to network-level fingerprinting, and introducing the ability to reason about application-level payloads (e.g., HTTP).
c2b4417fce9bb70bee49a1225dbc10f1fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
b2ee477140d9e92466c9c6f267442625Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
cb74fbf73b3dc42f838eaedd3ce9f738Google Hack DB Tool is a database tool with almost 8,000 entries. It allows administrators the ability to check their site for vulnerabilities based on data stored in Google.
3173786cb18765d7a36f45424ff75f3fNiX API is a powerful anti-proxy, anti-fraud, and IP reputation lookup API. It uses the NiX database at cli.nixapi.com to determine IP country/region/city, data center details, satellite provider details, open proxy details, and Tor network association.
f852994148e05ceb18e033e8046ad748fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
10a40c15a11c67ea63d158b9631fa08bThis Python script is a tool that can be used to check windows workstations and servers if they have accessible shared resources.
ee7c72d7ace7f4a32d4e693950bb36eaCSRFSCanner is a tool designed to identify the forms potentially vulnerable to CSRF/XSRF on a website. This detection is made on forms that are only accessible by logged-in users (cookies are needed to find these forms). The methodology used to identify these forms is the 4-pass reverse diff analysis. Then, in order to determine if a form may be vulnerable, the tool analyzes hidden and password fields to find an anti-CSRF token.
4d7379f8b72c66d21b2d10ed8ed273f8XssScanner is a tool designed to help penetration testers find cross site scripting vulnerabilities. It analyzes a webpage to determine which are the payloads that could be used according to the position of the parameter. Then, for each selected payload, XssScanner sends a request using the payload and checks the returned page to find the payload. The major feature of XssScanner is its ability to detect many encodings that do not change the behavior of the payload (eg: double quote encoded into ").
81a8c81d88805ecc5d92819b6a859f6eXSSer is an open source penetration testing tool that automates the process of detecting and exploiting XSS injections against different applications. It contains several options to try to bypass certain filters, and various special techniques of code injection.
615140e4f1e583ef2d645171be63a1ccVega is a GUI-based, multi-platform, free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web applications. Vega also includes an intercepting proxy for interactive web application debugging. Vega attack modules are written in Javascript, users can easily modify them or write their own. This is the Windows 64-bit version.
443659b64e2e92bf63a5835f46a29672
© 2011 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed