Amoco Amoco is a Python package dedicated to the (static) analysis of binaries. It features: a generic framework for decoding instructions developed to reduce the time needed to implement support for new architectures. For...
The post Amoco: tool for analysing binaries appeared first on Penetration Testing Tools.
CODASM CODASM allows you to encode arbitrary data into pseudo-ASM instructions and compile them into the .text section of binaries. Payloads (esp. shellcode) come with pretty high entropy and look out of place in...
The post codasm: Payload encoding utility to effectively lower payload entropy appeared first on Penetration Testing Tools.
Fsociety Hacking Tools Pack – A Penetration Testing Framework A Penetration Testing Framework, you will have the very script that a hacker needs Fsociety Contains All Tools Used In Mr. Robot Series Menu ...
The post fsociety: Modular Penetration Testing Framework appeared first on Penetration Testing Tools.
mitmproxy mitmproxy is an interactive, SSL-capable intercepting proxy with a console interface. mitmdump is the command-line version of mitmproxy. Think tcpdump for HTTP. mitmweb is a web-based interface for mitmproxy. pathoc and pathod are...
The post mitmproxy: An interactive TLS-capable intercepting HTTP proxy appeared first on Penetration Testing Tools.
SessionExec SessionExec allows you to execute specified commands in other Sessions on Windows Systems, either targeting a specific session ID or All sessions, with the option to suppress command output. The tool is inspired...
The post SessionExec: Execute commands in other Sessions appeared first on Penetration Testing Tools.
HackBrowserData HackBrowserData is a command-line tool for decrypting and exporting browser data (passwords, history, cookies, bookmarks, credit cards, download history, localStorage and extensions) from the browser. It supports the most popular browsers on the market...
The post HackBrowserData: Decrypt passwords/cookies/history/bookmarks from the browser appeared first on Penetration Testing Tools.
Arkime Arkime is an open-source, large-scale, full packet capturing, indexing, and a database system. Arkime augments your current security infrastructure to store and index network traffic in standard PCAP format, providing fast, indexed access....
The post Arkime: open source, large scale, full packet capturing, indexing, and database system appeared first on Penetration Testing Tools.
EDR Telemetry Blocker Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination IP addresses are parsed based on the server name in the TLS Client Hello...
The post EDR Telemetry Blocker via Person-in-the-Middle Network Filtering Attacks appeared first on Penetration Testing Tools.
kube-bench kube-bench is a Go application that checks whether Kubernetes is deployed securely by running the checks documented in the CIS Kubernetes Benchmark. Tests are configured with YAML files, making this tool easy to update...
The post kube-bench: Checks Kubernetes security best practices as defined in the CIS Kubernetes Benchmark appeared first on Penetration Testing Tools.
SUDO_KILLER SUDO_KILLER is a tool that can be used for privilege escalation on the Linux environment by abusing SUDO in several ways. The tool helps to identify misconfiguration within sudo rules, vulnerability within the...
The post SUDO_KILLER: identify and exploit sudo rules’ misconfigurations and vulnerabilities within sudo appeared first on Penetration Testing Tools.
Mobile Verification Toolkit Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of Android and iOS devices. It...
The post Mobile Verification Toolkit: forensic tool to look for signs of infection in smartphone devices appeared first on Penetration Testing Tools.
ESP32 Marauder The ESP32 Marauder is a suite of WiFi/Bluetooth offensive and defensive tools created for the ESP32 and was originally inspired by Spacehuhn’s esp8266_deauther project. The tool itself serves as a portable device used to test...
The post ESP32 Marauder: suite of WiFi/Bluetooth offensive and defensive tools for the ESP32 appeared first on Penetration Testing Tools.
PatrOwl PatrOwl is a scalable, free and open-source solution for orchestrating Security Operations. PatrowlEngines is the engine framework and the supported list of engines performing the operations (scans, searches, API calls, …) in due time. The...
The post PatrowlEngines: Open Source, Free and Scalable Security Operations Orchestration Platform appeared first on Penetration Testing Tools.
vuls For a system administrator, having to perform security vulnerability analysis and software updates on a daily basis can be a burden. To avoid downtime in a production environment, it is common for a...
The post vuls: Vulnerability scanner for Linux/FreeBSD appeared first on Penetration Testing Tools.
Faraday – Open Source Vulnerability Manager Faraday introduces a new concept – IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distribution, indexation, and analysis of the data generated during a security...
The post Faraday: Open Source Vulnerability Manager appeared first on Penetration Testing Tools.
Dependency Check Dependency Check is a Software Composition Analysis (SCA) tool that attempts to detect publicly disclosed vulnerabilities contained within a project’s dependencies. It does this by determining if there is a Common Platform...
The post Dependency Check: detects publicly disclosed vulnerabilities in application dependencies appeared first on Penetration Testing Tools.
Falco Falco is a cloud-native security tool. It provides near real-time threat detection for cloud, container, and Kubernetes workloads by leveraging runtime insights. Falco can monitor events defined via customizable rules from various sources, including the...
The post Falco: A cloud-native security tool appeared first on Penetration Testing Tools.
Cppcheck Cppcheck is a static analysis tool for C/C++ code. It provides a unique code analysis to detect bugs and focuses on detecting undefined behavior and dangerous coding constructs. The goal is to detect only real errors...
The post Cppcheck: A static analysis tool for C/C++ code appeared first on Penetration Testing Tools.
MISP – Malware Information Sharing Platform and Threat Sharing MISP, Malware Information Sharing Platform, and Threat Sharing is an open-source software solution for collecting, storing, distributing, and sharing cybersecurity indicators and threats about cybersecurity...
The post MISP: Malware Information Sharing Platform & Threat Sharing appeared first on Penetration Testing Tools.
OperatorsKit This repository contains a collection of Beacon Object Files (BOFs) that integrate with Cobalt Strike. Kit content The following tools are currently in the OperatorsKit: Name Description AddExclusion Add a new exclusion to...
The post OperatorsKit: Collection of Beacon Object Files (BOF) for Cobalt Strike appeared first on Penetration Testing Tools.
