Category: NEW TOOLS

CrawlerEKFiddleFiddlerMacNEW TOOLSPcapVirusTotalVPNWeb

EKFiddle – A Framework Based On The Fiddler Web Debugger To Study Exploit Kits, Malvertising And Malicious Traffic In General

A framework based on the Fiddler web debugger to study Exploit Kits, malvertising and malicious traffic in general.InstallationDownload and install the latest version of Fiddler instructions for Linux and Mac here: C# scripting (Windows only)Launch Fiddler, and go to Tools -> OptionsIn the Scripting tab, change the default (JScript.NET) to C#.Change default text editor (optional)In the same Tools -> Options menu, click on the Tools tab.Windows: notepad.exe or notepad++.exeLinux: geditMac: /Applications/ or /Applications/TextWrangler.appClose FiddlerDownload or clone CustomRules.cs into the appropriate folder based on your…

Ant TaskDependencyCheckGradle PluginJenkins PluginMaven PluginNEW TOOLSOWASP DependencyCheckSecurity AuditSoftware Composition AnalysisVulnerability Detection

DependencyCheck v3.3.1 – A Software Composition Analysis Utility That Detects Publicly Disclosed Vulnerabilities In Application Dependencies

Dependency-Check is a Software Composition Analysis (SCA) tool that attempts to detect publicly disclosed vulnerabilities contained within a project's dependencies. It does this by determining if there is a Common Platform Enumeration (CPE) identifier for a given dependency. If found, it will generate a report linking to the associated CVE entries.Documentation and links to production binary releases can be found on the github pages. Additionally, more information about the architecture and ways to extend dependency-check can be found on the wiki.Current ReleasesJenkins PluginFor instructions…

CMS BruteforceCMS DetectionCMS FrameworkCMSeeKDrupal BruteforceExploitation FrameworkJoomla BruteforceMacNEW TOOLSWeb ScannerWordpress BruteforceWordpress Scanner

CMSeeK v1.0.7 – CMS Detection And Exploitation Suite (Scan WordPress, Joomla, Drupal And 50 Other CMSs)

What is a CMS?A content management system (CMS) manages the creation and modification of digital content. It typically supports multiple users in a collaborative environment. Some noteable examples are: WordPress, Joomla, Drupal etc.Release History- Version 1.0.7 [07-08-2018]- Version 1.0.6 [23-07-2018]- Version 1.0.5 [19-07-2018]- Version 1.0.4 [17-07-2018]- Version 1.0.3 [06-07-2018]- Version 1.0.2 [06-07-2018]- Version 1.0.1 [19-06-2018]- Version 1.0.0 [15-06-2018]Changelog FileFunctions Of CMSeek:Basic CMS Detection of over 30 CMSDrupal version detectionAdvanced Wordpress ScansDetects VersionUser EnumerationPlugins EnumerationTheme EnumerationDetects Users (3 Detection Methods)Looks for Version Vulnerabilities and much…

Dictionary AttackExploitation FrameworkKaliNEW TOOLSpenetration testingPython3Router Exploitation FrameworkRoutersploit Framework

RouterSploit v3.3.0 – Exploitation Framework For Embedded Devices

The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices.It consists of various modules that aids penetration testing operations:exploits - modules that take advantage of identified vulnerabilitiescreds - modules designed to test credentials against network servicesscanners - modules that check if a target is vulnerable to any exploitpayloads - modules that are responsible for generating payloads for various architectures and injection pointsgeneric - modules that perform generic attacksInstallationRequirementsRequired:futurerequestsparamikopysnmppycryptoOptional:bluepy - bluetooth low energyInstallation on Kali Linuxapt-get install python3-pipgit clone routersploitpython3 -m pip…

Brute-forceGNUHashHash CrackerMacNEW TOOLSPassword CrackerPassword CrackingPassword Recovery

Hashcat v4.2.1 – World’s Fastest and Most Advanced Password Recovery Utility

hashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable distributed password cracking. Installation Download the latest release and unpack it in the desired location. Please remember to use 7z x when unpacking the archive from the command line to ensure full file paths remain intact.GPU Driver requirements:AMD GPUs on Windows…

Command LineCSV FileMacNEW TOOLSSeleniumSocial MapperSocial Media

Social Mapper – A Social Media Enumeration & Correlation Tool

A Social Media Mapping Tool that correlates profiles via facial recognition by Jacob Wilkin(Greenwolf)Social Mapper is a Open Source Intelligence Tool that uses facial recognition to correlate social media profiles across different sites on a large scale. It takes an automated approach to searching popular social media sites for targets names and pictures to accurately detect and group a person’s presence, outputting the results into report that a human operator can quickly review.Social Mapper has a variety of uses in the security industry, for…

HardeningMacNEW TOOLSSystem Auditing ToolSystem AuditorSystem HardeningSystem/Network ManagerVulnerability Scanner

Lynis 2.6.7 – Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration.Lynis is an open source security auditing tool. Used by system administrators, security professionals, and auditors, to evaluate the security defenses of their Linux and UNIX-based systems. It runs on the host itself, so it performs more extensive security scans than vulnerability scanners.Supported…

BashBlind BashNEW TOOLS

Blind Bash – Obfuscate And Protect Your Bash Code

You can use this tool to obfuscate your bash code. The obfuscation is the best way to hide important things in your code.This tool will give you blind & strong code , but everyone have knowledge in bash script can deobfuscate this code. So this obfuscation not %100 secure , don't let important things in your bash code just use this obfuscation for joking.For What ?The goal of this project is to make code hard to read by people with limited knowledge in BashFor…

DorkMeDorksKaliKali LinuxNEW TOOLSSQLsql injectionTool

DorkMe – Tool Designed With The Purpose Of Making Easier The Searching Of Vulnerabilities With Google Dorks

DorkMe is a tool designed with the purpose of making easier the searching of vulnerabilities with Google Dorks, such as SQL Injection vulnerabilities.DorkMe is a tool designed with the purpose of making easier the searching of vulnerabilities with Google Dorks, such as SQL Injection vulnerabilities.Dependencies pip install -r requirements.txtIt is highly recommended to add more dorks for an effective search, keep reading to see howUsagepython --helpExamples:python --url --dorks vulns -v (recommended for test)python --url --dorks Deprecated,Info -v (multiple dorks)python…