Banner 1

Nuevas versiones de buenas herramientas.

SET 3.6

svn co set/

Bro v2.1 BETA

Network Analysis Framework

Virus Factory 1.0.0 [By LittleSpy]

Batch Virus Generator
FUD Drive-By Generator
Icon Changer & File Pumper

TnX Little Spy


Xplico v0.7.0

   The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is an open source Network Forensic Analysis Tool (NFAT).
    Xplico is released under the GNU General Public License and with some scripts under Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported (CC BY-NC-SA 3.0) License

slowhttptest 1.1

Slow HTTP DoS attacks rely on the fact that the HTTP protocol, by design, requires requests to be completely received by the server before they are processed. If an HTTP request is not complete, or if the transfer rate is very low, the server keeps its resources busy waiting for the rest of the data. If the server keeps too many resources busy, this creates a denial of service. This tool is sending partial HTTP requests, trying to get denial of service from target HTTP server. 

This tool actively tests if it's possible to acquire enough resources on HTTP server by slowing down requests to get denial of service at application layer.

the Interceptor

   The Interceptor is a wireless wired network tap. Basically, a network tap is a way to listen in to network traffic as it flows past. I haven't done extensive research but all the ones I found when looking passed the copy of the traffic onto a specified wired interface which was then plugged into a machine to allow a user to monitor the traffic. The problem with this is that you have to be able to route the data from that wired port to your monitoring machine either through a direct cable or through an existing network. The direct cable method means your monitor has to be near by the location you want to tap, the network routing means you have to somehow encapsulate the data to get it across the network without it being affected on route. 

   The Interceptor does away with the wired monitor port and instead spits out the traffic over wireless meaning the listener can be anywhere they can make a wireless connection to the device. As the data is encrypted (actually, double encrypted, see how it works) the person placing the tap doesn't have to worry about unauthorized users seeing the traffic.

Read More & Download 

Arachni 0.4

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. The application trains itself by learning from the HTTP responses it receives during the audit process, and is able to perform meta-analysis to assess the trustworthiness of results and identify false-positives. 


Matriux "Ec-Centric" v2.49 beta c0c0n

   The Matriux is a fully featured security distribution consisting of a bunch of powerful, open source and free tools that can be used for various purposes including, but not limited to, penetration testing, ethical hacking, system and network administration, cyber forensics investigations, security testing, vulnerability analysis, and much more. It is a distribution designed for security enthusiasts and professionals, although it can be used normally as your default desktop system.


    WAppEx is an integrated platform for performing penetration testing and exploiting of web applications on Windows or Linux. It can automatically check for all type of security vulnerabilities in the given target and then let you to run various payloads to exploit and take advantages of the vulnerability. WAppEx is a multi platform application and it is executable in Linux and Windows.WAppEx‘s database which includes hundreds of exploits provides an automated, comprehensive and reliable exploit for penetration testers and security professionals worldwide.

Uniscan v5.2

Uniscan is a open source vulnerability scanner for Web applications. 


BeEF v0.4.3.7

The Browser Exploitation Framework

BBQSQL v1.0.0

Blind SQL Injection 


   Web Shell Detector – is a php script that helps you find and identify php/cgi(perl)/asp/aspx shells. Web Shell Detector has a “web shells” signature database that helps to identify “web shell” up to 99%. By using the latest javascript and css technologies, web shell detector has a light weight and friendly interface.

No hay comentarios:

Powered by Bad Robot
Helped by Blackubay