w3af – Web Application Attack and Audit Framework

w3af - Web Application Attack and Audit Framework w3af is an open source web application security scanner which helps developers and penetration testers identify and exploit vulnerabilities in their web applications.The scanner is able to identify 200+ vulnerabilities, including Cross-Site Scripting, SQL injection and OS commanding.Identify and exploit a SQL injectionOne of the most difficult

Needl – Take Back Your Privacy. Lose Yourself In The Haystack.

Needl - Take Back Your Privacy. Lose Yourself In The Haystack. Take back your privacy. Lose yourself in the haystack.Your ISP is most likely tracking your browsing habits and selling them to marketing agencies (albeit anonymised). Or worse, making your browsing history available to law enforcement at the hint of a Subpoena. Needl will

V3n0M-Scanner – Popular Pentesting scanner for SQLi/XSS/LFI/RFI and other Vulns

V3n0M-Scanner - Popular Pentesting scanner for SQLi/XSS/LFI/RFI and other Vulns V3n0M is a free and open source scanner. Evolved from baltazar's scanner, it has adapted several new features that improve fuctionality and usability. It is mostly experimental software.This program is for finding and executing various vulnerabilities. It scavenges the web using dorks and organizes the

InSpy – A Linkedin Enumeration Tool

InSpy - A Linkedin Enumeration Tool InSpy is a python based LinkedIn enumeration tool. Inspy has two functionalities: TechSpy and EmpSpy.TechSpy - Crawls LinkedIn job listings for technlogoies used by the provided company. InSpy attempts to identify technologies by matching job descriptions to keywords from a new line delimited file. EmpSpy - Crawls LinkedIn

Sublist3r v1.0 – Fast subdomains enumeration tool for penetration testers

Sublist3r v1.0 - Fast subdomains enumeration tool for penetration testers Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Sublist3r enumerates subdomains using many search engines such as Google, Yahoo, Bing, Baidu, and Ask.

Syhunt ScanTools 6.0 – Console Web Vulnerability Scan Tools

Syhunt ScanTools 6.0 - Console Web Vulnerability Scan Tools Syhunt ScanTools 6.0 adds advanced fingerprinting capabilities, enhanced spidering, injection and code scan capabilities, and a large number of improved checks.Adds the display of Hybrid, Dynamic and Code detailed scan statistics to the command-line tools.New fingerprinting capabilities - Because of the so many vulnerability checks and

Shodanwave – Exploring and Obtaining Information from Netwave IP Camera

Shodanwave - Exploring and Obtaining Information from Netwave IP Camera Shodanwave is a tool for exploring and obtaining information from cameras specifically Netwave IP Camera. The tool uses a search engine called shodan that makes it easy to search for cameras online.What does the tool to? Look, a list!SearchBrute forceSSID and WPAPSK Password DisclosureE-mail, FTP,

0d1n v2.5 – Web Security Tool to Make Fuzzing at HTTP/S

0d1n v2.5 - Web Security Tool to Make Fuzzing at HTTP/S Web security tool to make fuzzing at HTTP inputs, made in C with libCurl. 0d1n is a tool for automating customized attacks against web applications.You can do:Brute force passwords in auth formsDirectory disclosure ( use PATH list to brute, and find HTTP status code )Test