Linux
Total: 54 Posts
theHarvester - Tool For Gathering Target Information (E-mail accounts, subdomain names, open ports and etc.)theHarvester is an open source program that you can use to gather e-mail accounts, subdomain names, virtual hosts, open ports/ banners, and employee names from different public sources (Search engines, PGP key servers, SHODAN database and etc.). This tool is i…
Hashcat - An Advanced Password Cracking ToolHashcat is an advanced password cracking program that supports five unique modes of attack: Straight, Combination, Brute-force, Hybrid dictionary + mask, and Hybrid mask + dictionary. It currently supports CPUs, GPUs, and other hardware accelerators on Linux, Wi…
DNSChef - An Advanced DNS ProxyDNSChef is a highly configurable DNS Proxy. You can use this program to do many things including but not limited to analyzing application network traffic, and faking requests for a domain name to point to a local machine for termination or interception instead of a…
PenTBox - An Open Source Security Suite 2018PenTBox is an open source security suite that houses many security and stability testing oriented tools for networks and systems. It is written in Ruby and oriented to GNU/Linux systems, but compatible with Windows, MacOS, and every other system where Ruby …
WhatWeb - An Advanced Website Fingerprinter Hacking ToolWhatWeb is an advanced website fingerprinter that can identify content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, embedded devices, version numbers, email addresses, account IDs, web framework…
XSSF - Cross-Site Scripting FrameworkXSSF is an amazing tool that is designed to make the XSS vulnerability exploitation an easy task. It provides a powerful documented API, which facilitates the development of modules and attacks. Its integration into the Metasploit Framework allows …
User's Guide to Hacking | Newbie'sUser's guide Well, howdi folks... I guess you are all wondering who's this guy (me) that's trying to show you a bit of everything... ? Well, I ain't telling you anything of that... Copyright, and other stuff like this (below). Copyright and stuff... _________________…
Pentoo - Gentoo-Based Linux Distribution For Penetration TestersPentoo is an open-source security-focused Gentoo-based Linux distribution for penetration testers. This security distribution uses Xfce as its default desktop environment and features a beautiful, Matrix-like boot screen that has been designed to allow you to start…
Snort - OpenSource Network Intrusion Detection ToolSnort is an open source, lightweight network intrusion detection program for Windows and Linux platforms. It has the ability to perform real-time traffic analysis and packet logging on Internet Protocol (IP) networks.It can detect various kinds of attacks and probes, in…
ARPwner - ARP & DNS Poisoning Attack ToolARPwner is a python tool that allows you to perform ARP poisoning and DNS poisoning attacks. It has a clean and simple GUI and a plugin system to do filtering of the information gathered, and also has an implementation of SSLstrip. It was released by Nicolas Trippa…
ADHD - An Ubuntu Based Security DistributionADHD (Active Defense Harbinger Distribution) is an Ubuntu LTS based security distribution that is equipped with a lot of preconfigured tools for active defense. The purpose of this distribution is to aid defenders by giving them tools to "strike back" at the bad guys.AD…
Web-Sorrow - Tool For Detecting Misconfigurations and Collecting Server InformationWeb-Sorrow is a Pearl based scanner that allows you to find server misconfigurations and collect server information. Since this tool is written in Pearl, this will work on almost any system where Perl works. It is 100% safe to run this program against web servers …
Automater - Tool For Analyzing URLs/Domains, IP Addresses, and Md5 HashesAutomater is a URL/Domain, IP Address, and Md5 Hash open-source intelligence (OSINT) tool aimed at making the analysis process easier for intrusion Analysts. Given a target (URL, IP, or HASH) or a file full of targets, Automater will return relevant results from so…
SI6 Networks' IPv6 Toolkit - A Security Assessment & Troubleshooting Tool For IPv6 ProtocolsSI6 Networks' IPv6 toolkit is a set of IPv6 security assessment and troubleshooting tools developed by Security Researcher "Fernando Gont" for SI6 Networks. It can be leveraged to perform security assessments of IPv6 networks, assess the resiliency of IPv6 devices by pe…
BlindElephant - Web Application FingerprinterBlindElephant is an open-source generic web application fingerprinter that produces results by comparing a small set of static files at known locations against precomputed hashes for versions of those files in all available releases. The technique is fast, low-bandwidth…
NetworkMiner - Network Forensic Analysis ToolNetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows that you can use as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc without putting any traffic on the network. You can also use…
Shoryuken - An SQL Injection ToolShoryuken ("rising dragon punch" in Japanese) is an SQLi tool written in Bash that allows you to hack into poorly configurated web applications with backend DBMS in the same machine.The takeover is pretty straightforward with a single request issued to open a "custom sh…
Volatility - An Open Source Memory Forensics FrameworkThe Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of t…
Katana - A Portable Multi-Boot Security DistributionKatana is a portable multi-boot security distribution for security professionals and ethical hackers. It is a collection of penetration testing distributions and rescue CDs, including BackTrack, Ultimate Boot CD, Ultimate Boot CD, Ophcrack Live, Trinity Rescue…
Netcat - The TCP/IP Swiss Army KnifeNetcat is a simple and versatile Unix utility which reads and writes data across network connections, using TCP or UDP protocol. It is designed to be a reliable "back-end" tool that can be used directly or easily driven by other programs and scr…
Knockpy - A Subdomain ScannerKnockpy is a Python script written by security researcher Gianni 'guelfoweb' Amato, that can enumerate subdomains on a target domain through a wordlist. In other words, it is a subdomain scanner that allows you to use your own wordlist.It is designed to scan for DNS zon…
Samhain - Host Based Intrusion Detection SystemSamhain is an open source host-based intrusion detection system (HIDS) that provides file integrity checking and log file monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes.It is designed to…
HoneyDrive - A Honeypot Linux DistributionHoneyDrive is a Xubuntu-based open-source and premier honeypot bundle Linux operating system. It is a pre-configured honeypot system in a virtual hard disk drive (VMDK format) with Xubuntu Desktop 12.04.4 LTS edition installed.It contains over 10 pre-inst…
AnonTwi - Tool To Have More Privacy On Social MediaAnonTwi is a powerful tool that can provide different layers of encryption, privacy methods, and proxy features to OAuth2 applications (such as GNUSocial, Twitter). It is a great tool to have more privacy on social networking sites.Features:AES + HMAC-SHA1 enc…
SQLSentinel - A Cross-Platform SQLi Vulnerability ScannerSQLSentinel is an open source tool that you can use to find SQL Injection vulnerabilities in a website. It also has an SQL error finder (help you to identify the vulnerabilities) and a web crawler. This tool is very easy to use, all you need to do is, enter a site URL i…
Wifislax - A Slackware-Based Penetration Testing DistributionWifislax is a Slackware-based penetration testing distribution that provides out-of-the-box support for a wide range of wireless and wired network cards. It is distributed as a single Live CD ISO image that can run on both 64-bit and 32-bit CPUs. It integrates…
DNSwalk - A DNS Database DebuggerDNSwalk is a DNS database debugging tool. It performs zone transfers of specified domains and checks the database in numerous ways for internal consistency, as well as accuracy.Note: DNSwalk requires Perl and the Net::DNS Perl package. Perl is assumed to be in /usr/loca…
jSQL Injection - A Cross-Platform SQL Injection TooljSQL Injection is an open source and cross-platform tool that you can use to perform SQL injection attacks. That is, this tool can be used to retrieve database information from a vulnerable web server!It is a simple and lightweight program, and you don't need to install…
ISME - A Framework For Testing IP PhonesISME (IP Phone Scanning Made Easy) is a framework that you can use to test IP phones from several editors. It can gather information from IP phone infrastructures, test their web servers for default login/password combinations, add GUI for external fuzzers to provide a …
Hydra - A Powerful Network Password Cracking ToolHydra is a very powerful parallelized network logon cracker that supports the following protocols.AsteriskAFPCisco AAACisco authCisco enableCVSFirebirdFTPHTTP-FORM-GETHTTP-FORM-POSTHTTP-GETHTTP-HEADHTTP-POSTHTTP-PROXYHTTPS-FORM-GETHTTPS-FORM-POSTHTTPS-GET, HTTPS-HEADHTT…
VMInjector - Tool For Bypassing Windows/Ubuntu/MacOSX Login Authentication ScreenVMInjector is an amazing tool that can bypass OS login authentication screens of major operating systems (Windows, Ubuntu, and Mac OSX) running on VMware Workstation/Player, by using direct memory manipulation. It supports both x86 and x64 bit architectures.How It …
PwnSTAR - A Bash Script For Creating a "Malicious" Software-Enabled Access PointPwnSTAR is a bash script that can create and launch a fake Access Point (or you can call it "a malicious access point"). It offers a wide variety of attack options, including sniffing, phishing, spoofing and etc.Note: It is designed for Kali Linux, but it…
PwnPi - A Pen-testing Drop Box Distribution For Raspberry PiPwnPi is a Linux-based penetration testing drop box distribution for the Raspberry Pi. It currently has 200+ security tools pre-installed to aid the penetration tester. It is built a stripped down version of the Debian Wheezy image from the Raspberry Pi foundat…
SSLsplit - Tool For Man-In-The-Middle Attacks Against SSL/TLS Encrypted Network ConnectionsSSLsplit is a penetration testing tool that is capable of performing man-in-the-middle attacks against SSL/TLS encrypted network connections.SSLsplit is designed to transparently terminate connections that are redirected to it using a network address translation en…
GNUnet - A Secure Peer-to-Peer Networking FrameworkGNUnet is an open-source peer-to-peer framework with the focus on providing security and privacy.GNUnet started with an idea for anonymous censorship-resistant file-sharing but has grown to incorporate other applications as well as many generic building blocks for secur…
Subterfuge - An Automated Man-in-the-Middle Attack (MITM) FrameworkSubterfuge is a powerful framework that is capable of making the art of the man-in-the-middle attacks as simple as point and shoot. What sets Subterfuge apart from other attack tools is that it is easy to use and more effective."Subterfuge demonstrates vulnerabilities i…
Cookie Cadger - Free Tool For Identifying Information Leakage and Hijacking SessionsCookie Cadger is an auditing tool that can identify information leakage from applications that utilize insecure HTTP GET requests on Wi-Fi or wired Ethernet connections. Yes, use can use this to hijack unencrypted sessions! This graphical utility harnesses the powe…
Spooftooph - Automated Tool For Spoofing or Cloning Bluetooth DevicesSpooftooph is an amazing tool designed to automate spoofing or cloning Bluetooth information (Name, Class, and Address). Spoofing the Bluetooth information is useful for many purposes such as hiding a Bluetooth device in a plain site, accessing protected informatio…
BeEF - Tool For Browser ExploitationBeEF (The Browser Exploitation Framework) is a penetration testing tool that is capable of exploiting browser vulnerabilities. Unlike other security frameworks, BeEF focuses on leveraging browser vulnerabilities to assess the security posture of a target.BeEF hooks…
Joomscan - Tool For Detecting & Analyzing Joomla CMS VulnerabilitiesJoomscan (Joomla Vulnerability Scanner) is an open source tool written in Perl programming language that can detect and analyze Joomla CMS vulnerabilities.Usage: joomscan.pl -u <string> -x proxy:port -u <string> &nb…
BackBox - Penetration Testing and Ethical Hacking Linux DistributionBackBox is an Ubuntu based penetration testing operating system that is equipped with a complete set of tools required for ethical hacking and security testing. It is fast, easy to use and provides a minimal yet complete desktop environment.Some of the tools are listed …
DEFT - Computer Forensic Live SystemDEFT (Digital Evidence & Forensic Toolkit) is a Linux distribution which is made up of a GNU / Linux and DART (Digital Advanced Response Toolkit), suite dedicated to digital forensics and intelligence activities.The first version of Linux DEFT was introduced in 2005…
Snuck - Tool For Automatic XSS Filter BypassSnuck is an open source tool written in Java whose goal is to significantly test a given XSS filter by specializing the injections on the basis of the reflection context.The approach, it adopts, is based on the inspection of the injection reflection context and relies o…
TCHead - TrueCrypt Password Cracking ToolI know TrueCrypt is outdated, and no one is using it anymore. But if you find someone who is still using TrueCrypt, then the TCHead may come in handy. So let's talk about it...TCHead is a simple tool that decrypts and verifies TrueCrypt headers. It also has the abi…
Social-Engineer Toolkit - A Must Have Tool For Penetration TestersSocial-Engineer Toolkit is an opensource Python-driven tool aimed at penetration testing around Social-Engineering. SET is the standard for social-engineering penetration tests and supported heavily within the security community.The attacks built into the toolkit a…
WebSploit Framework - Tool For Vulnerability Assessment & ExploitationWebSploit Framework is an open source command line utility that can scan and attack target services. It's features are listed below.Autopwn - Used From Metasploit For Scan and Exploit Target ServiceWMAP - Scan,Crawler Target Used From Metasploit wmap pluginFormat infect…
Wfuzz - Web Application Password Cracking ToolWfuzz is a web application password cracker that has a lot of features such as post data brute-forcing, header brute-forcing, colored output, URL encoding, cookie fuzzing, multi-threading, multiple proxy support, SOCK support, authentication support, baseline …
OpenStego - A Free Tool For Data Hiding and Digital WatermarkingOpenStego is basically a steganography application that allows you to hide a file inside another file. It also provides password protection for the hidden file and a digital watermarking feature; watermarking files with an invisible signature (which is in the beta stage…
Aircrack-ng - WiFi Network Security Suite (Monitoring, Attacking, Testing, and Cracking)Aircrack-ng is an amazing set of tools that can monitor, attack, test, and crack WiFi networks. Yes, it can crack WiFi passwords, supports WEP and WPA PSK (WPA 1 and 2)!If you are going to use Aircrcak-ng on a windows machine, then Good Luck with that.... Because Window…
Angry IP Scanner - A Fast Network Scanning ToolAngry IP Scanner is a cross-platform lightweight program that can scan IP addresses and their ports. It can determine the IP status, hostname, MAC address, NetBIOS information, MAC vendor, HTTP sender, and the TTL (Time-to-live). You can also extend the progra…
BruteXSS - Cross-Site Scripting BruteForcerBruteXSS is a fast Cross-Site Scripting Brutforcer that can bruteforce parameters. This tool allows you to inject multiple payloads from a wordlist to the specified parameters and test the site for XSS vulnerabilities. According to the developer, "BruteXS…
Zed Attack Proxy - Web Application Penetration Testing ToolZed Attack Proxy (ZAP) is an easy-to-use web application penetration testing tool that is designed for people with a wide range of security experiences. It is ideal for developers and functional testers who are new to penetration testing, and it is also a…
The Sleuth Kit - Digital Forensic ToolThe Sleuth Kit is a digital forensics library and a collection of command line tools that allows you to analyze disk images and recover files from them. This tool also allows you to add additional modules to analyze file contents and build automated systems.The too…
A Beginners Guide To Using IPTables ABSTRACTReaders, there are numerous reasons ... It is well known that the Internet is an unmanaged an decentralized network, running under a set of protocols, which are not designed to ensure the integrity and confidentiality of information and access controls…
Linux
![Linux]()
Reviewed by AC10 Tech
on
Friday, October 30, 2020
Rating:
No comments: