Knows More KnowsMore is a swiss army knife tool for pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS and DCSync). Main features Import NTLM Hashes from .ntds output txt file (generated by CrackMapExec or...
The post knowsmore: A swiss army knife tool for pentesting Microsoft Active Directory appeared first on Penetration Testing Tools.
Malwoverview Malwoverview.py is a first response tool for threat hunting, which performs an initial and quick triage of malware samples, URLs, IP addresses, domains, malware families, IOCs and hashes. Additionally, Malwoverview is able to...
The post malwoverview: perform an initial and quick triage on a directory containing malware samples appeared first on Penetration Testing Tools.
ronin Ronin is a free and Open Source Ruby toolkit for security research and development. Ronin contains many different CLI commands and Ruby libraries for a variety of security tasks, such as encoding/decoding data, filter IPs/hosts/URLs, querying ASNs, querying DNS, HTTP, scanning...
The post ronin: Ruby platform for vulnerability research and exploit development appeared first on Penetration Testing Tools.
USP Establishes persistence on a Linux system by creating a udev rule that triggers the execution of a specified payload (binary or script) Feature This Go program establishes persistence on a Linux system by...
The post USP: Establishes persistence on a Linux system appeared first on Penetration Testing Tools.
Lil Pwny Lil Pwny is a Python application to perform an offline audit of NTLM hashes of users’ passwords, recovered from Active Directory, against known compromised passwords from Have I Been Pwned. The usernames...
The post Lil Pwny: auditing Active Directory passwords using Python appeared first on Penetration Testing Tools.
The lunar script generates a scored audit report of a Unix host’s security. It is based on the CIS and other frameworks. Where possible there are references to the CIS and other benchmarks in...
The post lunar: UNIX security auditing tool appeared first on Penetration Testing Tools.
About Ghost Framework Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device...
The post Ghost Framework: An Android post-exploitation framework appeared first on Penetration Testing Tools.
Tcpreplay Tcpreplay is a suite of GPLv3 licensed utilities for UNIX (and Win32 under Cygwin) operating systems for editing and replaying network traffic which was previously captured by tools like tcpdump and Ethereal/Wireshark. It allows you to classify traffic as...
The post tcpreplay: Pcap editing and replay tools for *NIX and Windows appeared first on Penetration Testing Tools.
Continuous Secure Delivery – Out of the Box secureCodeBox is a docker based, modularized toolchain for continuous security scans of your software project. Its goal is to orchestrate and easily automate a bunch of...
The post secureCodeBox: automate a bunch of security testing tools out of the box appeared first on Penetration Testing Tools.
Darkus Darkus is a Onion websites searcher it uses deep/dark web searching engines to search a specific word and give you back the link results. Current Search Engines: Name Link Ahmia(Clear Web site) https://ahmia.fi...
The post Darkus: A Onion websites searcher appeared first on Penetration Testing Tools.
The Auditor app uses hardware-based security features to validate the identity of a device, along with the authenticity and integrity of the operating system. It ensures the device is running a verified operating system with a...
The post Auditor: Hardware-based attestation/intrusion detection app for Android devices appeared first on Penetration Testing Tools.
UAC (Unix-like Artifacts Collector) UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD,...
The post Unix-like Artifacts Collector: Live Response collection tool for Incident Reponse appeared first on Penetration Testing Tools.
NamedPipeMaster NamedPipeMaster is a versatile tool for analyzing and monitoring in named pipes. It includes Ring3NamedPipeConsumer for direct server interaction, Ring3NamedPipeMonitor for DLL-based API hooking and data collection, and Ring0NamedPipeFilter for comprehensive system-wide monitoring....
The post NamedPipeMaster: A tool used to analyze and monitor in named pipes appeared first on Penetration Testing Tools.
CHIPSEC CHIPSEC is a framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI), and platform components. It includes a security test suite, tools for accessing various low-level interfaces, and forensic...
The post chipsec: Platform Security Assessment Framework appeared first on Penetration Testing Tools.
python-oletools oletools is a package of python tools to analyze Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format, or Compound Document File Format), such as Microsoft Office documents or Outlook messages, mainly for...
The post oletools: analyze MS OLE2 files & MS Office documents, for malware analysis, forensics & debugging appeared first on Penetration Testing Tools.
IRIS – Incident Response Investigation System IRIS is a web collaborative platform for incident response analysts allowing them to share investigations at a technical level. It’s a web application, so it can be either...
The post iris-web: Incident Response collaborative platform appeared first on Penetration Testing Tools.
OXO Scan Orchestration Engine OXO is a security scanning framework built for modularity, scalability, and simplicity. OXO Engine combines specialized tools to work cohesively to find vulnerabilities and perform actions like recon, enumeration, fingerprinting,...
The post OXO: A security scanning framework built for modularity, scalability and simplicity appeared first on Penetration Testing Tools.
nullinux nullinux is an internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB null sessions. Unlike many of the enumeration tools...
The post nullinux: SMB null session identification and enumeration tool appeared first on Penetration Testing Tools.
SEMA – ToolChain using Symbolic Execution for Malware Analysis SEMA is based on angr, a symbolic execution engine used to extract API calls. Especially, we extend ANGR with strategies to create representative signatures based...
The post SEMA: ToolChain using Symbolic Execution for Malware Analysis appeared first on Penetration Testing Tools.
DNS Diagnostics and Performance Measurement Tools Ever been wondering if your ISP is hijacking your DNS traffic? Ever observed any misbehavior with your DNS responses? Ever been redirected to wrong address and suspected something is...
The post dnsdiag: DNS Diagnostics and Performance Measurement Tools appeared first on Penetration Testing Tools.
