Category: Static Analysis


Black Window 10 v2 (codename: Polemos)

Black Window Enterprise 10 Codename : Polemos Black Window 10 Enterprise is the first windows based penetration testing distribution with Linux integrated ! The system comes activated with a digital license for Windows enterprise! It supports windows apps and Linux apps, GUI and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of Cerberus Linux! It has managed to implement Cerberus os within windows. Offers the stability of a windows system and…


Cerberus Linux v3

  Cerberus Linux v3  Cerberus is a penetration testing distribution focusing on automation and anonymity , it aims to have the best tools available on the hacking scene tools like Fuzzbunch, Dandespritz, Cobalt strike, Armitage, Metasploit framework and Metasploit community version set up and ready for use!! It includes custom scripts, custom themes, custom icons!Cerberus distribution is based on Debian testing, it has the capability to use 3 repositories to install packages from kali repo,Debian repo, and cyber sec repo! Cerberus is an Angry…

Windows Hacking

Black Window 10 Enterprise

Black Window 10 Enterprise is the first windows based penetration testing distribution with linux integraded ! The system comes activated with a digital license for windows enterprise ! It supports windows apps and linux apps, gui and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of cerberus linux! It has managed to implement cerberus os within windows.Offers the stability of a windows system and it offers the hacking part with a…

Android SecurityARMBinary AnalysisDynamic AnalysisiOSiOS SecurityMalware AnalysisMobile SecurityMobile Security FrameworkMobSFNEW TOOLSStatic AnalysisWindows Mobile Security

MobSF (Mobile Security Framework) v1.0 – Mobile (Android/iOS) Automated Pen-Testing Framework

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static, dynamic and malware analysis. It can be used for effective and fast security analysis of Android, iOS and Windows mobile applications and support both binaries (APK, IPA & APPX ) and zipped source code. MobSF can do dynamic application testing at runtime for Android apps and has Web API fuzzing capabilities powered by CapFuzz, a Web API specific security scanner. MobSF is designed to make your CI/CD…

Analyse Browser ExtensionsBrowser ExtensionJavaScriptNetoNEW TOOLSPython PackagePython3Static Analysis

Neto – A Tool To Analyse Browser Extensions

Project Neto is a Python 3 package conceived to analyse and unravel hidden features of browser plugins and extensions for well-known browsers such as Firefox and Chrome. It automates the process of unzipping the packaged files to extract these features from relevant resources in a extension like manifest.json, localization folders or Javascript and HTML source files.InstallationTo install the package, the user can choose pip3.pip3 install -e . --userOptionally, it can also be installed with administrator privileges using sudo:sudo pip3 install -e .A successfull installation…

API ScannerDynamic TestingEaSTInformation DisclosureNEW TOOLSSecurity AssessmentSecurity Assessment ToolSQLsql injectionSQLiStatic AnalysisWSSATXXE Injection

WSSAT v2.0 – Web Service Security Assessment Tool

WSSAT is an open source web service security scanning tool which provides a dynamic environment to add, update or delete vulnerabilities by just editing its configuration files. This tool accepts WSDL address list as input file and for each service, it performs both static and dynamic tests against the security vulnerabilities. It also makes information disclosure controls. With this tool, all web services could be analysed at once and the overall security assessment could be seen by the organization.Objectives of WSSAT are to allow…

EXPLOIT-COLLECTORHacking ToolsHomeStatic Analysis

StaCoAn – Mobile App Static Analysis Tool

StaCoAn is a cross-platform tool which aids developers, bug bounty hunters and ethical hackers performing mobile app static analysis on the code of the application for both native Android and iOS applications. This tool will look for interesting lines in the code which can contain: Hardcoded credentials API keys URL’s of API’s Decryption keys Major coding mistakes This tool was created with a big focus on usability and graphical guidance in the user interface. Read the rest of StaCoAn – Mobile App Static Analysis…

MacMalScanMalware AnalysisMalware Static AnlysisNEW TOOLSPEPE FilePython Malware AnalysisStatic AnalysisTLSYara

MalScan – A Simple PE File Heuristics Scanners

MalScan is a simple PE File Heuristics Scanners written in python that you can use to quickly analyze a PE file and find out whether anything suspicious exists. It is a simple tool so doesn't offers much fancy features. You are free to extend it or do whatever you want with it.Things SupportedInformation About file such as MD5, SHA1, TimestampPEiD Signature CheckCustom Yara Rules IntegrationSection, Imports, Exports, Resources and TLS Callbacks OverviewProvides some custom heuristics :-)InstallingYou need to have Python 2.7 installed on your…