September 16, 2019

Home / Tools / Update history

September 16, 2019: new and updated tools

Name Version Description Category Website
airopy 5.b83f11d Get (wireless) clients and access points. wireless sniffer
arjun 66.a4d095c HTTP parameter discovery suite. webapp scanner
assetfinder 14.2f365f1 Find domains and subdomains potentially related to a given domain. scanner recon
atscan 2366.b7d3938 Server, Site and Dork Scanner. scanner webapp fuzzer exploitation automation
autorecon 51.d705884 A multi-threaded network reconnaissance tool which performs automated enumeration of services. automation recon scanner
autosploit 279.8ee8ea1 Automate the exploitation of remote hosts. exploitation automation
awsbucketdump 76.f8a6301 A tool to quickly enumerate AWS S3 buckets to look for loot. automation scanner
backhack 38.7aedc23 Tool to perform Android app analysis by backing up and extracting apps, allowing you to analyze and modify file system contents for apps. mobile
bfuzz 59.e82cbf4 Input based fuzzer tool for browsers. fuzzer
bluto 1:137.ecfb0d2 Recon, Subdomain Bruting, Zone Transfers. scanner recon
brute-force 51.7b271bb Brute-Force attack tool for Gmail Hotmail Twitter Facebook Netflix. cracker social webapp
cardpwn 31.cd51f7e OSINT Tool to find Breached Credit Cards Information. social recon
cewl 68.cb242f1 A custom word list generator automation cracker
chameleonmini 296.64eef24 Official repository of ChameleonMini, a freely programmable, portable tool for NFC security analysis that can emulate and clone contactless cards, read RFID tags and sniff/log RF data. social hardware nfc
chankro 21.7b6e844 Tool that generates a PHP capable of run a custom binary (like a meterpreter) or a bash script (p.e. reverse shell) bypassing disable_functions & open_basedir). webapp exploitation
cloudfail 61.0f4ed48 Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network. recon
cloudmare 40.1cc4773 A simple tool to find origin servers of websites protected by CloudFlare with a misconfiguration DNS. recon scanner
cloudsploit 377.37d8861 AWS security scanning checks. scanner automation
cmseek 315.ddd0e3f CMS (Content Management Systems) Detection and Exploitation suite. webapp fingerprint exploitation
commix 1381.f7b747d9 Automated All-in-One OS Command Injection and Exploitation Tool. webapp automation exploitation
corstest 7.d8ddce2 A simple CORS misconfigurations checker. scanner webapp
deathstar 51.86f9cda Automate getting Domain Admin using Empire. automation exploitation
decodify 50.76a0801 Tool that can detect and decode encoded strings, recursively. crypto misc
didier-stevens-suite 191.6d2d334 Didier Stevens Suite. (blackarch
dradis-ce 2220.ada6af60 An open source framework to enable effective information sharing. recon misc
dwarf 974.02a5802 Full featured multi arch/os debugger built on top of PyQt5 and frida. binary debugger disassembler exploitation mobile reversing
edb 2915.f1b6efe8 A QT4-based binary mode debugger with the goal of having usability on par with OllyDbg. debugger reversing
empire 2:1509.08cbd27 A PowerShell and Python post-exploitation agent. automation
eternal-scanner 90.510be17 An internet scanner for exploit CVE-2017-0144 (Eternal Blue). scanner exploitation
evilclippy 44.a875ffa A cross-platform assistant for creating malicious MS Office documents. exploitation windows
exploitdb 20190915 Offensive Security’s Exploit Database Archive exploitation
eyewitness 778.0512121 Designed to take screenshots of websites, provide some server header info, and identify default credentials if possible. webapp recon misc
filegps 68.b3b733f A tool that help you to guess how your shell was renamed after the server-side script of the file uploader saved it. webapp misc
finalrecon 18.16c0fbc OSINT Tool for All-In-One Web Reconnaissance. recon
fingerprinter 417.31daf76 CMS/LMS/Library etc Versions Fingerprinter. fingerprint webapp
ghostdelivery 26.e308b12 Python script to generate obfuscated .vbs script that delivers payload (payload dropper) with persistence and windows antivirus disabling functions. exploitation windows
gittools 48.d1182f3 A repository with 3 tools for pwn'ing websites with .git repositories available'. webapp scanner
gopherus 28.6133db8 Tool generates gopher link for exploiting SSRF and gaining RCE in various servers. webapp exploitation
hiddeneye 705.440ae30 Modern phishing tool with advanced functionality. social
honeypy 598.19849b4 A low interaction Honeypot. honeypot defensensive
hosthunter 90.c842375 A recon tool for discovering hostnames using OSINT techniques. recon
identywaf 188.ee79882 Blind WAF identification tool. webapp fingerprint
intensio-obfuscator 206.62f6c88 Obfuscate a python code 2 and 3. misc
interlace 256.8574e87 Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support. networking
ipv4bypass 19.de6d2b7 Using IPv6 to Bypass Security. networking
ivre 0.9.13.dev168 Network recon framework. recon networking
ivre-docs 0.9.13.dev168 Network recon framework (documentation) recon networking
ivre-web 0.9.13.dev168 Network recon framework (web application) recon networking
jshell 7.ee3c92d Get a JavaScript shell with XSS. webapp
jwt-cracker 19.1347d60 JWT brute force cracker written in C. cracker
kadimus 113.b036a7f LFI Scan & Exploit Tool. webapp exploitation scanner
konan 12.88ed173 Advanced Web Application Dir Scanner. webapp scanner
lazagne 637.93ef81a An open source application used to retrieve lots of passwords stored on a local computer. forensic social
leo 20270.11fa7311b Literate programmer's editor, outliner, and project manager. misc
linenum 61.d8a080a Scripted Local Linux Enumeration & Privilege Escalation Checks scanner recon
linkfinder 150.406a554 Discovers endpoint and their parameters in JavaScript files. webapp recon 139.95a05cc Linux privilege escalation auditing tool. recon
littlebrother 78.13ab4b4 OSINT tool to get informations on French, Belgian and Swizerland people. recon social
loki-scanner 1054.03e15f0 Simple IOC and Incident Response Scanner. forensic scanner
maltrail 13222.cc0d587aa Malicious traffic detection system. defensive networking sniffer
mara-framework 176.ac4ac88 A Mobile Application Reverse engineering and Analysis Framework. mobile reversing disassembler
massexpconsole 207.0d2762f A collection of tools and exploits with a cli ui for mass exploitation. automation exploitation
matroschka 56.29cdfb6 Python steganography tool to hide images or text in images. stego
mitm-relay 24.41192e1 Hackish way to intercept and modify non-HTTP protocols through Burp & others. proxy sniffer
mobsf 1:1152.cfa4c16b An intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static, dynamic analysis and web API testing. mobile
mrsip 47.21ae0e2 SIP-Based Audit and Attack Tool. voip
nipe 231.5e6d77c A script to make Tor Network your default gateway. defensive networking
o-saft 3513.5bde98f A tool to show informations about SSL certificate and tests the SSL connection according given list of ciphers and various SSL configurations. scanner recon
okadminfinder 71.8c1869c Tool to find admin panels / admin login pages. webapp scanner
omen 19.10aa99e Ordered Markov ENumerator - Password Guesser. cracker crypto
onionshare 2633.957d3e9 Securely and anonymously share a file of any size. misc defensive
opendoor 393.c5e271f OWASP Directory Access scanner. webapp scanner
operative 1:107.6a08245 Framework based on fingerprint action, this tool is used for get information on a website or a enterprise target with multiple modules (Viadeo search,Linkedin search, Reverse email whois, Reverse ip whois, SQL file forensics ...). fingerprint
packetq 216.e13ebf3 A tool that provides a basic SQL-frontend to PCAP-files. networking misc
payloadsallthethings 446.e6f94af A list of useful payloads and bypass for Web Application Security and Pentest/CTF. misc
pcredz 48.346ed4d A tool that extracts credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, and more from a pcap file or from a live interface. scanner
photon 322.6795cc5 Incredibly fast crawler which extracts urls, emails, files, website accounts and much more. webapp recon
pivotsuite 18.6519486 A portable, platform independent and powerful network pivoting toolkit. networking backdoor
plumber 18.3f1be68 A python implementation of a grep friendly ftrace wrapper. misc
pocsuite 430.877d1b1 An open-sourced remote vulnerability testing framework developed by the Knownsec Security Team. exploitation
procdump 16.0ce6154 Generate coredumps based off performance triggers. binary misc
pwnedornot 132.9eeb8b3 Tool to find passwords for compromised email addresses. recon social
pyexfil 75.d3c822d A couple of beta stage tools for data exfiltration. networking
python-ivre 0.9.13.dev168 Network recon framework (library) recon networking
python2-ivre 0.9.13.dev168 Network recon framework (library) recon networking
qrljacker 201.a8efcb1 QRLJacker is a highly customizable exploitation framework to demonstrate "QRLJacking Attack Vector". social
recaf Modern Java bytecode editor. decompiler reversing
reconnoitre 422.8f1c4ef A security tool for multithreaded information gathering and service enumeration. recon
recsech 115.1acd608 Tool for doing Footprinting and Reconnaissance on the target web. recon scanner webapp fingerprinting
recuperabit 43.44ff609 A tool for forensic file system reconstruction. forensic
red-hawk 28.ad27b00 All in one tool for Information Gathering, Vulnerability Scanning and Crawling. recon scanner webapp
responder-multirelay 336.9cfa3cd A LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2 (multirelay version), scanner fuzzer spoof networking
retdec 1359.0481b0fb Retargetable machine-code decompiler based on LLVM. decompiler reversing
rfidiot 97.3cfe4e9 An open source python library for exploring RFID devices. wireless
rsactftool 181.ee33238 RSA tool for ctf - retreive private key from weak public key and/or uncipher data. crypto cracker
scanqli 26.40a028d SQLi scanner to detect SQL vulns. webapp scanner
scoutsuite 4161.7116810c Multi-Cloud Security Auditing Tool. scanner
sickle 60.4f5c7ab A shellcode development tool, created to speed up the various steps needed to create functioning shellcode. exploitation
silenttrinity 170.4766ba3 An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR. backdoor
sitadel 119.0f67870 Web Application Security Scanner. webapp scanner
sn1per 1:353.6e34fe1 Automated Pentest Recon Scanner. recon automation scanner cracker
social-mapper 122.6d9e8d5 A social media enumeration and correlation tool. social recon
socialfish 227.725c07a Ultimate phishing tool with Ngrok integrated. social
sooty 121.5ba7f55 The SOC Analysts all-in-one CLI tool to automate and speed up workflow. defensive recon social
spf 85.344ac2f A python tool designed to allow for quick recon and deployment of simple social engineering phishing exercises. social
spyse 47.cd11ba9 Python API wrapper and command-line client for the tools hosted on recon
ssma 208.c56853a Simple Static Malware Analyzer. malware
thefatrat 645.2444b15 TheFatRat a massive exploiting tool: easy tool to generate backdoor and easy tool to post exploitation attack. automation exploitation
theharvester 996.b167292 Python tool for gathering e-mail accounts and subdomain names from different public sources (search engines, pgp key servers). recon
tls-prober 275.d0d45e4 A tool to fingerprint SSL/TLS servers. fingerprint crypto
torcrawl 56.0b51037 Crawl and extract (regular or onion) webpages through TOR network. webapp scanner
triton 2738.bd738d01 A Dynamic Binary Analysis (DBA) framework. binary reversing
tunna 40.47877a3 a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments. networking tunnel proxy windows
usbrip 249.ee63be4 USB device artifacts tracker. forensic
veil 5:268.4372d43 A tool designed to generate metasploit payloads that bypass common anti-virus solutions. automation exploitation
vhostscan 331.0a7137d A virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages. scanner
viproy-voipkit 1:81.427f26e VoIP Pen-Test Kit for Metasploit Framework exploitation fuzzer scanner
volatility-extra 89.e0a6dec Volatility plugins developed and maintained by the community. forensic
vulmap 75.cb228e6 Vulmap Online Local Vulnerability Scanners Project scanner fingerprint recon
w13scan 261.025b196 Passive Security Scanner. webapp scanner fuzzer
weevely 834.67481c7 Weaponized web shell. backdoor webapp
whatbreach 39.bf7f213 OSINT tool to find breached emails and databases. social recon
whatwaf 312.267be30 Detect and bypass web application firewalls and protection systems. webapp scanner
wifibroot 72.24b0f9d A WiFi Pentest Cracking tool for WPA/WPA2 (Handshake, PMKID, Cracking, EAPOL, Deauthentication). wireless cracker
wifiphisher 1:740.c3c9279 Fast automated phishing attacks against WPA networks. wireless social
wxhexeditor 676.fc7528e A free hex editor / disk editor for Linux, Windows and MacOSX. binary misc
xattacker 89.fb2f38f Website Vulnerability Scanner & Auto Exploiter. webapp scanner blackarck-exploitation
xspear 1:89.e423092 Powerfull XSS Scanning and Parameter analysis tool&gem. webapp fuzzer
xsspy 58.b941d10 Web Application XSS Scanner. webapp scanner
xsstrike 440.470f138 An advanced XSS detection and exploitation suite. webapp scanner
xwaf 154.31c5944 Automatic WAF bypass tool. webapp scanner
zeus 109.3197fd9 AWS Auditing & Hardening Tool. defensive scanner
zeus-scanner 414.21b8756 Advanced dork searching utility. recon

Next >>>>>>>>>>>>>>>>>>>