DirBuster: Brute Force Web Directories

"DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers. Often is the case now of what looks like a web server in a state of default installation is actually not, and has...

Read More

W3AF

"W3AF is a Web Application Attack and Audit Framework. The project goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. This project is currently hosted at SourceForge." read more...Website:...

Read More

OSWA™

"The OSWA™-Assistant is a self-contained, no Operating System required, freely downloadable, standalone toolkit which is solely focused on wireless auditing. As a result, in addition to the usual WiFi (802.11) auditing tools, it also covers...

Read More

Ettercap: Man In The Middle (MITM)

"Ettercap is a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols (even...

Read More

RainbowCrack

"RainbowCrack is a general purpose implementation of Philippe Oechslin's faster time-memory trade-off technique. In short, the RainbowCrack tool is a hash cracker. A traditional brute force cracker try all possible plaintexts one by one in...

Read More

Ophcrack

" Ophcrack is an open source (GPL license) program that cracks Windows LM hashes using rainbow tables. The program includes the ability to import the hashes from a variety of formats, including dumping directly from the SAM files of Windows....

Read More

Airpwn: A Wireless Packet Injector

"Airpwn is a framework for 802.11 (wireless) packet injection. Airpwn listens to incoming wireless packets, and if the data matches a pattern specified in the config files, custom content is injected "spoofed" from the wireless access point....

Read More

PHoss: A Password Sniffer

"PHoss is a sniffer. A normal sniffer software is designed to find problems in data communication on the network. PHoss is designed to know some protocols which use (or may use) clear text passwords. Many protocols are designed to use secure...

Read More

DMitry: Deepmagic Information Gathering Tool

"DMitry (Deepmagic Information Gathering Tool) is a UNIX/(GNU)Linux Command Line Application coded in C. DMitry has the ability to gather as much information as possible about a host. Base functionality is able to gather possible subdomains,...

Read More

snmpcheck

"snmpcheck is a free open source utility to get information via SNMP protocols. It works fine against Windows, Linux, Cisco, HP-UX, SunOS systems and any devices with SNMP protocol support. It could be useful for penetration testing or systems...

Read More

fragroute

"fragroute intercepts, modifies, and rewrites egress traffic destined for a specified host, implementing most of the attacks described in the Secure Networks "Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection" paper of January 1998. It features a simple ruleset language to delay, duplicate, drop, fragment, overlap, print,...

Read More

Nemesis: A Packet Injection Utility

"Nemesis is a command-line network packet injection utility for UNIX-like and Windows systems. You might think of it as an EZ-bake packet oven or a manually controlled IP stack. With Nemesis, it is possible to generate and transmit packets...

Read More

Aircrack-ng: The Next Generation of Aircrack

"Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new...

Read More

OpenVAS

"OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner with associated tools like a graphical user front-end. The core is a server component with a set of network vulnerability tests (NVTs) to detect security...

Read More

ngrep: network grep

"ngrep strives to provide most of GNU grep's common features, applying them to the network layer. ngrep is a pcap-aware tool that will allow you to specify extended regular or hexadecimal expressions to match against data payloads of packets....

Read More

XPROBE: Active OS fingerprinting tool

"Remote OS identification using ICMP packets Xprobe allows you to determine what operating system is running on a remote host. It sends several packets to a host and analyses the returned ICMP packets. The tool automates a logic of OS fingerprinting...

Read More

OpenXPKI

" The OpenXPKI Project aims at creating an enterprise-grade PKI/Trustcenter software supporting well established infrastructure components like RDBMS and Hardware Security Modules. Flexibility and modularity are the project's key design...

Read More

JOSPKI Suite

"Suite of services and tools for handling PKI requirements. The initial list of programs contains: 1) a viewer/encoding converter for X.509 certificates, 2) a viewer/editor/generator for PKCS#7 and 3) a viewer/editor/generator for various keystores...

Read More

Odyssi: Certificate Authority Server

"The Odyssi CA Server is an enterprise-class certificate authority server, allowing an organization to build and deploy a full-fledged PKI. When completed, it will support most major existing PKI standards, while providing complete...

Read More

III ASN.1 Tool

"The III ASN.1 Tool includes two parts : an ASN.1 compiler "asnparser" which compiles the Abstract Syntax to c++ files, and a runtime library which is used to link with the c++ files generated by asnparser. Based on the works of Open H.323 projects, it is developed for the needs of H.450 series protocol. Hence, it supports the information object class...

Read More