Clik here to view.
passivedns – A tool to collect DNS records passively to aid Network Security...
PassiveDNS is A tool to collect DNS records passively to aid Incident handling, Network Security Monitoring (NSM) and general digital forensics. PassiveDNS sniffs traffic from an interface or reads a...
View ArticleClik here to view.
giant_backdoor – windows backdoor diagnostic tool.
giant_backdoor is a tool to Detect and uninstall a sticky keys or utility manager backdoor, which allows unauthorized access to a system level command prompt at the login screen. Checks if setch.exe or...
View ArticleClik here to view.
malgazer – A malware analysis library.
Malgazer is python2 script for calculates the entropy of a file and malware analysis library. Dependencies: + Python 2.7.x + Python Module: +-+ python_magic==0.4.13...
View ArticleClik here to view.
DBShield – Database firewall.
DBShield a Protects your data by inspecting incoming queries from your application server and rejecting abnormal ones. Databases Support: + DB2 + MariaDB + MySQL + Oracle + Postgres DBShield How it...
View ArticleClik here to view.
FakeNet-NG – Next Generation Dynamic Network Analysis Tool.
FakeNet-NG is a next generation dynamic network analysis tool for malware analysts and penetration testers. It is open source and designed for the latest versions of Windows. FakeNet-NG is based on the...
View ArticleClik here to view.
Fireaway v0.2 – a tool for auditing, bypassing, and exfiltrating data against...
Changelog fireaway v0.2: + fa_assembler.py added: FireAway servers to reassemble + Added Exfiltration Client 1 Exfiltrate a file sequentially 2 Exfiltrate a file in random chunks + port listen mode...
View ArticleClik here to view.
wafw00f – Web Application Firewall Detection Tool.
WAFW00F identifies and fingerprints Web Application Firewall (WAF) products. How does it work? To do its magic, WAFW00F does the following: – Sends a normal HTTP request and analyses the response; this...
View ArticleClik here to view.
graudit : grep rough audit – static analysis tool.
Latest Version Changelog graudit v2.1 2017 Apr 05: + Fixed broken test cases + Added multi argument support to -x + Added banner + Added banner supression switch + Replaced ./configure; make...
View ArticleClik here to view.
tcpreplay is a suite of tools to edit and replay captured network traffic.
Tcpreplay is a suite of free Open Source utilities for editing and replaying previously captured network traffic. Originally designed to replay malicious traffic patterns to Intrusion...
View ArticleClik here to view.
PacketMachine – A high-performance and simplified network traffic decoding.
PacketMachine is A high-performance and simplified network traffic decoding library in C++. Features: + Event callback model for network traffic decoding. + Easy access to parameter of a decoding...
View ArticleClik here to view.
Multiscanner – Analyse files against multiple engines.
Introduction: MultiScanner is a file analysis framework that assists the user in evaluating a set of files by automatically running a suite of tools for the user and aggregating the output. Tools can...
View ArticleClik here to view.
slackwall – A lazy,minimal firewall tester.
slackwall is a python script for firewall testing. Todo: + Use hping to decipher fw rules + bind tcpdump to ip addresses in ipfile, if more than one, rather than just to eth0 [can be done using src,...
View ArticleClik here to view.
Custom-Firewall ~ Created a firewall to filter packets based on custom rules.
Backround: Considering configuration {HOST1,FIREWALL,HOST2} •HOST1:We have made a raw socket and used this to forward all the traffic generated to firewall.The traffic types can be TCP,UDP or ICMP.I...
View ArticleClik here to view.
DAMM – Differential Analysis of Malware in Memory.
DAMM is An open source memory analysis tool built on top of Volatility. It is meant as a proving ground for interesting new techniques to be made available to the community. These techniques are an...
View ArticleClik here to view.
unhidens – Small DNS Recon utility, allows you to obtain some useful info...
unhidens is python script for Small DNS Recon utility, allows you to obtain some useful info about NS-servers placed behind relays, firewalls, etc. Dependencies: + Python 2.7.x + Requires ‘dig’...
View ArticleClik here to view.
GhostInTheNet – Ultimate Network Stealther that makes Linux a Ghost In The...
GhostInTheNet a bash script for Ultimate Network Stealther that makes Linux a Ghost In The Net and protects from MITM Properties: – Network Invisibility – Network Anonymity – Protects from MITM –...
View ArticleClik here to view.
PyPortRedirector – TCP/IP to redirect all data from one address to another by...
PyPortRedirector is A simple Linux TCP client-server proxy able to redirect all data from one address to another by preserving source IP address written in Python. About The client can listen on one or...
View ArticleClik here to view.
wed-scanner ~ Web Exploits Detector.
Introduction: The Web Exploit Detector is a Node.js application (and NPM module) used to detect possible infections, malicious code and suspicious files in web hosting environments. This application is...
View ArticleClik here to view.
TuxCut is A utility that protect linux computers against arpspoof attacks.
TuxCut is A utility that protect linux computers against arpspoof attacks. Features: + Hide your machine (ip/MAC) from arp scanner utilities. + list all the live host in your LAN. +cut the connection...
View ArticleClik here to view.
A python script for sweeping a network to find windows systems compromised...
About: + A set of python2 scripts for sweeping a list of IPs for the presence of both SMB and RDP versions of the DOUBLEPULSAR implant that was released by the Shadow Brokers. Supports both single IP...
View Article