Displaying 1 to 10 from 10 results

OpenVAS - Vulnerability Scanner and Manager

  •    C

OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. It is designed to search for networked devices and computers, discover accessible ports and services, and to test for vulnerabilities on any such ports; plugins allow for further expansion.

thc-hydra - hydra

  •    C

Number one of the biggest security holes are passwords, as every password security study shows. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system. There are already several login hacker tools available, however none does either support more than one protocol to attack or support parallized connects.

scapy - Scapy: the Python-based interactive packet manipulation program & library

  •    Python

Scapy is a powerful Python-based interactive packet manipulation program and library. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, store or read them using pcap files, match requests and replies, and much more. It is designed to allow fast packet prototyping by using default values that work.




Tcpcrypt - Encrypting the Internet

  •    C

Tcpcrypt is a protocol that attempts to encrypt (almost) all of your network traffic. Unlike other security mechanisms, Tcpcrypt works out of the box: it requires no configuration, no changes to applications, and your network connections will continue to work even if the remote end does not support Tcpcrypt, in which case connections will gracefully fall back to standard clear-text TCP.

PyLoris - Vulnerability test for DOS attack

  •    Python

PyLoris is a scriptable tool for testing a server's vulnerability to connection exhaustion denial of service (DoS) attacks. PyLoris can utilize SOCKS proxies and SSL connections, and can target protocols such as HTTP, FTP, SMTP, IMAP, and Telnet.

respounder - Respounder detects presence of responder in the network.

  •    Go

Respounder sends LLMNR name resolution requests for made-up hostnames that do not exist. In a normal non-adversarial network we do not expect such names to resolve. However, a responder, if present in the network, will resolve such queries and therefore will be forced to reveal itself. Respounder is available for 32/64 bit linux, OS X and Windows systems. Latest versions can be downloaded from the Release tab above.

watchdog - Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

  •    Python

Watchog is an integration of open source security tools aimed to provide a holistic security view for a given domain/IP. The way Watchdog is built, it can be used by product security teams, red teams and also by bug bounty hunters to get a 360° view of any Internet property it scans. Given a list of domains/IP's it has the capability to perform a network scan, feed the output to open source web app scanners like Google's skip-fish and wapiti, perform tech stack analysis and determine if the stack has any known CVE’s. WatchDog has the ability to scan all endpoints and perform technology version analysis on the services it detects and map this information with it’s rich CVE database maintained and updated locally.


netpwn - Tool made to automate tasks of pentesting.

  •    Python

Modules reverse_shell - Creates a reverse shell with python to connect to a specific machine of your choice. send_file - Allows you to send a file to target server. php_backdoor - Generates a simple backdoor in php upload to web server ?cmd= to execute commands. hash_check - Paste a hash to see what type of hash it is. base64_converter - Paste base64 to decode or ascii to encode it knows which you want. address_info - Gives you your ipv4, ipv6, and public Ip address based upon a interface. hex_converter - Paste some ascii to encode or hex to decode it knows which you want. page_contents - Get the raw HTML of a given web page. password_checker - Check the strength of a given password. fake_identity - Creates a fake name with SSN, address, credit card number, etc. web_spider - Crawls a given URL for links. ssl_cert - Gets the cert information of a given web site and its public key. bash - Execute bash commands without exiting out of netpwn. whois - Performs whois on a given URL. crypto - Encrypts or decrypts a file with AES. no_endian - Removes endianness on DWORDS. rot13_converter - Encodes/decodes rot13. url_converter - Url encoded and decodes string. html_converter - Html enconded and decodes string. Resources cheat_sheet - Pentest monkey reverse shell cheat sheet opcodes - Prints out all x86 OpCodes. useful_links - Links to blogs, youtube channels, and other resources that offer good information about various topics that gives you the opportunity to learn more about the infosec field.

zBang - zBang is a risk assessment tool that detects potential privileged account threats

  •    CSharp

zBang is a special risk assessment tool that detects potential privileged account threats in the scanned network. Organizations and red teamers can utilize zBang to identify potential attack vectors and improve the security posture of the network. The results can be analyzed with the graphic interface or by reviewing the raw output files.





We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.