Displaying 1 to 8 from 8 results

vulscan - Advanced vulnerability scanning with Nmap NSE

  •    Lua

Vulscan is a module which enhances nmap to a vulnerability scanner. The nmap option -sV enables version detection per service which is used to determine potential flaws according to the identified product. The data is looked up in an offline version of VulDB. Just execute vulscan like you would by refering to one of the pre-delivered databases. Feel free to share your own database and vulnerability connection with me, to add it to the official repository.

sandmap - Sandmap is a tool supporting network and system reconnaissance using the massive Nmap engine

  •    Shell

Sandmap is a tool supporting network and system reconnaissance using the massive Nmap engine. It provides a user-friendly interface, automates and speeds up scanning and allows you to easily use many advanced scanning techniques. Before using the Sandmap read the Command Line introduction.




htrace

  •    Shell

In my daily work, I missed a tool with which I could test the configuration of domains in a simple way. The ability to use curl or openssl is very important, but I did not have the tools to automate this process. Until now, I used the tools available on the web, but each of them had some shortcomings. htrace.sh is a shell script that allows you to validate your domain configuration and catch any errors (e.g. redirect loops). It also displays basic information about the ssl configuration (if available), response headers, checks for mixed content and performs security scans using Nmap scripts and great external tools such as Ssllabs or Mozilla Observatory.

sharesniffer - Network share sniffer and auto-mounter for crawling remote file systems

  •    Python

sharesniffer is a network analysis tool for finding open and closed file shares on your local network. It includes auto-network discovery and auto-mounting of any open cifs and nfs shares.

httprecon-nse - Advanced web server fingerprinting for Nmap

  •    Lua

The httprecon project is doing some research in the field of web server fingerprinting, also known as http fingerprinting. The goal is the highly accurate identification of given httpd implementations. This is very important within professional vulnerability analysis. Besides the discussion of different approaches and the documentation of gathered results also an implementation for automated analysis is provided. This software shall improve the easyness and efficiency of this kind of enumeration. Traditional approaches as like banner-grabbing, status code enumeration and header ordering analysis are used. However, many other analysis techniques were introduced to increase the possibilities of accurate web server fingerprinting. Some of them were already discussed in the book Die Kunst des Penetration Testing (Chapter 9.3, HTTP-Fingerprinting, pp. 530-550).

hassh-utils - hassh-utils: Nmap NSE Script and Docker image for HASSH (https://github

  •    Lua

ssh-hassh nse script reports hasshServer (i.e. SSH Server Fingerprint) and hasshServerAlgorithms for the target SSH server.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.