Snort is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Snort can perform protocol analysis and content searching/matching. It can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.
intrusion-detection intrusion-prevention network attack port-scanner packet-captureFluxion is a security auditing and social-engineering research tool. It is a remake of linset by vk496 with (hopefully) less bugs and more functionality. The script attempts to retrieve the WPA/WPA2 key from a target access point by means of a social engineering (phishing) attack. It's compatible with the latest release of Kali (rolling). Fluxion's attacks' setup is mostly manual, but experimental auto-mode handles some of the attacks' setup parameters. Read the FAQ before requesting issues. If you need quick help, fluxion is also avaible on gitter. You can talk with us on Gitter or on Discord.
fluxion handshake linset fakeap evil-twin captive-portal attack aircrack capture social-engineering kaliThis software allows you to easily perform a variety of actions to test 802.11 wireless networks by using an inexpensive ESP8266 WiFi SoC (System On A Chip). The main feature, the deauthentication attack, is used to disconnect devices from their WiFi network. No one seems to care about this huge vulnerability in the official 802.11 WiFi standard, so I took action and enabled everyone who has less than 10 USD to spare to recreate this project. I hope it raises more attention on the issue. In 2009 the WiFi Alliance actually fixed the problem (see 802.11w), but only a few companies implemented it into their devices and software. To effectively prevent a deauthentication attack, both client and access point must support the 802.11w standard with protected managment frames (PMF). While most client devices seem to support it when the access point forces it, basically no WiFi access point has it enabled.
wifi arduino attack esp8266 deauth hack deauther board scanningESP8266 firmware for performing deauthentication attacks, with ease. Wi-PWN is a firmware that performs deauth attacks on cheap Arduino boards. The ESP8266 is a cheap micro controller with built-in Wi-Fi. It contains a powerful 160 MHz processor and it can be programmed using Arduino.
arduino esp8266 board material-design hack attack material-ui wifi probe deauth material-theme beaconDHCPwn is a tool used for testing DHCP IP exhaustion attacks. It can also be used to sniff local DHCP traffic. The DHCP protocol is connectionless and implemented via UDP. These two characteristics allow this attack to be performed. Since there is no actual connection being made between the client and server we can quickly send many spoofed requests.
dhcp protocol udp attack bootp-protocol dhcpwnBasic rate-limiting middleware for Express. Use to limit repeated requests to public APIs and/or endpoints such as password reset. Note: this module does not share state with other processes/servers by default. If you need a more robust solution, I recommend using an addon store or trying out one of the excelent competing options.
express-rate-limit express rate limit ratelimit rate-limit middleware ip auth authorization security brute force bruteforce brute-force attackA brute-force protection middleware for express routes that rate-limits incoming requests, increasing the delay with each request in a fibonacci-like sequence. An in-memory store for persisting request counts. Don't use this in production, instead choose one of the more robust store implementations listed below.
brute force bruteforce attack fibonacci rate limit securityWi-PWN is a firmware that performs deauth attacks on cheap Arduino boards. The ESP8266 is a cheap micro controller with built-in Wi-Fi. It contains a powerful 160 MHz processor and it can be programmed using Arduino. A deauthentication attack is often confused with Wi-Fi jamming, as they both block users from accessing Wi-Fi networks.
wifi arduino attack esp8266 deauth hack probe beacon board material-design material-ui material-themeThis is a library dedicated to adversarial machine learning. Its purpose is to allow rapid crafting and analysis of attacks and defense methods for machine learning models. The Adversarial Robustness Toolbox provides an implementation for many state-of-the-art methods for attacking and defending classifiers.
adversarial-examples machine-learning deep-learning deep-neural-networks defense-methods attackYou think you're one raw dog? fusker.nodester.com Come at me bro. Please see this for a working express example. It's as easy as app.use(fusker.express.check); Detectives/payloads are the same as they would be for the fusker HTTP server. Make sure fusker is the first piece of middleware added.
fusker hack protect csrf lfi xss sqli injection attack blacklist express socket security firewallGenerate unicode evil domains for IDN Homograph Attack and detect them.
idn attack pentest phishing idn-homograph-attackAWS Lambda framework for building functions using Node.js for API Gateway, IoT applications, and other AWS events. Install via npm.
aws-lambda aws-lambda-framework jwt aws lambda framework validation wrapper api gateway sql sql-injection sqli injection attack iot serverlessThis is an example of a Bonjour/Zeroconf Man-in-the-Middle attack. This software showcases the attack of an IPP enabled printer. It will intercept all print jobs sent to the target printer.This attack only works for Bonjour/Zeroconf and IPP enabled printers. Only jobs sent from clients that have the printer configured using Bonjour/Zeroconf will have their jobs intercepted.
ipp print printer intercept man-in-the-middle mitm mim mitma attack dns-sd dnssd bonjour zeroconfMake an https server that is more resistant to client-initiated renegotiations, and other common security mistakes.Not quite an A+ yet, but getting there.
https beast client renegotiation attackThis tool can be use to perform a man in the middle using ARP poisoning on two given hosts.Using osdep, a tunnel creation library which is part of the aircrack project, it can set up an interface (mitm0) in which the replayed packets will be written (to sniff easily).
security arp-poisoning replayed-packets network attack security-tools auditThis package aim to provide secure, well configured and ready to use password hashing algorithms for your application.Currently the most vetted hashing algorithm providing most security is BCrypt. PBKDF2 isn't bad either, but if you can use BCrypt you should.
credential nodejs hash-functions security brute-force timing-attacks rainbow-table credential-plus password passwords hashing verification hash-function hash auth authorization authentication login sign-in salt rainbow brute attack stretching timining-attack pbkdf pbkdf2 bcrypt scrypt argon2Basic ADSR envelope generator for web audio. A demo is running here. The constructor accepts two arguments: an AudioContext and a settings object. All settings are optional, but you will probably want to set at least attackTime, decayTime, sustainLevel, and releaseTime.
web-audio envelope envelope-generator adsr attack decay sustain releaseAttack, decay, sustain, release envelope for automating Web Audio API AudioParams. Returns an ADSR ModulatorNode instance.
adsr envelope attack sustain decay release waapi audioparam modulatorDo not use this module ta attack servers and services you don't own! It is only for testing purposes and not for unauthorized actions.
stress tool ddos attack
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.