February 17, 2025


Home / Tools / Update history

February 17, 2025: new and updated tools

Name Version Description Category Website
badsecrets v0.8.25.r0.gf2880df A library for detecting known secrets across many web frameworks. webapp
beef 1:4664.d52c37f3 The Browser Exploitation Framework that focuses on the web browser exploitation
bloodhound-python v1.0.1.r167.gc88eea6 Bloodhound python data collector recon windows
burpsuite 1:2025.1.1 An integrated platform for attacking web applications (free edition). fuzzer proxy scanner webapp
can-utils 1205.2b8c7c5 Linux-CAN / SocketCAN user space applications. automobile
checkov 3.2.370.r1.g1e778524c Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages. code-audit
chipsec 5:1.13.9.r6.gf6be0ab Framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI), and platform components. hardware binary forensic scanner fuzzer
clair 2030.e45fbf0e Vulnerability Static Analysis for Containers. scanner
cloudlist 763.fe54f85 A tool for listing Assets from multiple Cloud Providers. recon
cloudsploit 6576.6802dd4e6 AWS security scanning checks. scanner automation
commix 2216.1ae15df0 Automated All-in-One OS Command Injection and Exploitation Tool. webapp automation exploitation
country-ip-blocks 5079.d80ddcc CIDR country-level IP data, straight from the Regional Internet Registries, updated hourly. wordlists misc
cvemap v0.0.7.r303.g8332145 CLI tool designed to provide a structured and easily navigable interface to various vulnerability databases. exploitation
dalfox 1592.2e19e44 Parameter Analysis and XSS Scanning tool. webapp fuzzer
dftimewolf 768.4f2b6d8a Framework for orchestrating forensic collection, processing and data export . forensic
didier-stevens-suite 407.409cd58 Didier Stevens Suite. (blackarch
dnswatch dnswatch.1.r18.g7ee12c9 DNS Traffic Sniffer and Analyzer. sniffer
emp3r0r v2.4.2.r3.ge08222c9 Linux post-exploitation framework made by linux user. automation
fscan 2.0.0.build4.r0.g4aaa05f A Security Auditing Tool. scanner
imhex 1.37.0.r14.g658d4c4d7 A Hex Editor for Reverse Engineers, Programmers and people that value their eye sight when working at 3 AM. misc
intelmq 3.3.1.r65.gadb2d156d A tool for collecting and processing security feeds using a message queuing protocol. misc
ivre 0.9.21.dev48 Network recon framework. recon networking
ivre-docs 0.9.21.dev48 Network recon framework (documentation) recon networking
ivre-web 0.9.21.dev48 Network recon framework (web application) recon networking
jefferson v0.4.6.r0.g9e33796 JFFS2 filesystem extraction tool. forensic reversing
jsql-injection 0.109 A Java application for automatic SQL database injection. webapp exploitation fuzzer
lazagne 880.30aebe9 An open source application used to retrieve lots of passwords stored on a local computer. forensic social
maltrail 117253.66e59bf872 Malicious traffic detection system. defensive networking sniffer
mapcidr v1.1.34.r391.g873f5b8 Utility program to perform multiple operations for a given subnet/CIDR ranges. misc networking
metagoofil 87.b232cb4 An information gathering tool designed for extracting metadata of public documents. recon
netexec v1.3.0.r343.gc2f85db6 A Windows / Active Directory environments pentest tool. scanner exploitation windows
nettacker 0.4.0.r48.g012bf5dd Automated Penetration Testing Framework. automation scanners recon
nuclei 2:v3.3.8.r43.gdabcce865 Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use. webapp scanner
openscap 1.4.1.r16.g5a63d1e83 Open Source Security Compliance Solution. automation defensive scanner
pagodo 154.6490b04 Google dork script to collect potentially vulnerable web pages and applications on the Internet. scanner recon
patator 1:235.5be299a A multi-purpose bruteforcer. cracker
payloadsallthethings 2050.7e64eda A list of useful payloads and bypass for Web Application Security and Pentest/CTF. misc
phpstan 12131.f2bf43c2c PHP Static Analysis Tool - discover bugs in your code without running it. code-audit
pmacct 1:v1.7.6.r1534.g85a0694 Small set of multi-purpose passive network monitoring tools [NetFlow IPFIX sFlow libpcap BGP BMP IGP Streaming Telemetry]. networking sniffer defensive
postenum 125.3188f0a Clean, nice and easy tool for basic/advanced privilege escalation techniques. recon scanner exploitation
prowler 1:5637.bcbc9bf67 Tool for AWS security assessment, auditing and hardening. defensive scanner
pwned 2653.c77df18 A command-line tool for querying the 'Have I been pwned?' service. recon
python-dissect.target 3.20.1.r46.gcd799b4 The Dissect module tying all other Dissect modules together. It provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets). forensic
python-dissect.volume 3.13.r4.ge8fbb39 A Dissect module implementing a parser for different disk volume and partition systems, for example LVM2, GPT and MBR. forensic
python-ivre 0.9.21.dev48 Network recon framework (library) recon networking
qbdi v0.11.0.r51.gf551138 A Dynamic Binary Instrumentation framework based on LLVM. binary
restler-fuzzer 8:419.1f1d59c First stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services. webapp fuzzer
rex 726.617ed4d Shellphish's automated exploitation engine, originally created for the Cyber Grand Challenge. exploitation
roadlib 371.c59c09d Azure AD and O365 exploration framework windows scanner recon
roadoidc 371.c59c09d Azure AD and O365 exploration framework windows scanner recon
roadrecon 371.c59c09d Azure AD and O365 exploration framework windows scanner recon
roadtx 371.c59c09d Azure AD and O365 exploration framework windows scanner recon
rtl-433 24.10+58.r3624.20250213.474feb53 A generic software defined radio data receiver, mainly for the 433.92 MHz, 868 MHz (SRD), 315 MHz, 345 MHz, and 915 MHz ISM bands. radio wireless
sdrpp nightly.r275.gf90e2d5 The bloat-free SDR receiver. radio wireless
soapui 5.8.0 The Swiss-Army Knife for SOAP Testing. proxy fuzzer
spotbugs 17652.6b58d8568 A tool for static analysis to look for bugs in Java code. code-audit
stunner v0.5.8.r59.g3d87a99 Test and exploit STUN, TURN and TURN over TCP servers. networking webapp
subfinder 1:v2.6.7.r60.gf77b5bd Modular subdomain discovery tool that can discover massive amounts of valid subdomains for any target. recon
suricata-verify 1457.8062ab01 Suricata Verification Tests - Testing Suricata Output. misc ids
t50 5.8.7c Experimental Multi-protocol Packet Injector Tool. dos networking
tlsfuzzer 1873.b579043 SSL and TLS protocol test suite and fuzzer. crypto fuzzer
tlshelpers 25.f1263ce A collection of shell scripts that help handling X.509 certificate and TLS issues. crypto
triton 1:4291.e312eafc A Dynamic Binary Analysis (DBA) framework. binary reversing
trufflehog 2:v3.88.9.r2.g52ae3c343 Searches through git repositories for high entropy strings, digging deep into commit history. recon
uacme 285.32647ec Defeating Windows User Account Control. windows
websockify 946.e818947 WebSocket to TCP proxy/bridge. networking
wesng 396.9b29e0b Windows Exploit Suggester - Next Generation. exploitation windows
whatsmyname 2604.d6d9ad5 Tool to perform user and username enumeration on various websites. webapp recon
yeti 3400.85c12943 A platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository. defensive recon
zarn 0.0.9.r31.gfc46bc1 A lightweight static security analysis tool for modern Perl Apps. code-audit
zdns 675.1cde476 Fast CLI DNS Lookup Tool. networking
zeek 1:v7.2.0.dev.r199.g9c41b6d22 Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. networking defensive sniffer
zgrab2 769.86d6d6d Go Application Layer Scanner. fingerprint recon

Next >>>>>>>>>>>>>>>>>>>