Sort by new | name

Armory

Yersinia

Yersinia is a network tool designed to take advantage of some weakeness in different network protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems. Currently, there are some network protocols implemented, but others are coming (tell us which one is your preferred). ...

Exploitation Packet Crafting Spoofing


Samurai Web Testing Framework

The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection ...

Exploitation Vulnerability Scanning Web Applications


Metasploit Framework

The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language ...

Exploitation Vulnerability Scanning


ettercap

Ettercap is a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis.

Exploitation Packet Analysis Packet Crafting


dsniff

dsniff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.). arpspoof, dnsspoof, and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g, due to layer-2 switching). ...

Exploitation Packet Analysis Packet Crafting


AirSnort

AirSnort is a wireless LAN (WLAN) tool which recovers encryption keys. AirSnort operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered. 802.11b, using the Wired Equivalent Protocol (WEP), is crippled with numerous security flaws. Most damning of these is the weakness described in " ...

Exploitation Password Cracking Wireless


Hackvertor

Hackvertor is an online conversion tool which can serve as many tools to aide browser hacking, XSS testing, SQL injection, fuzzing, hashing, and lots more. Thanks to Gareth Heyes for suggesting this tool!

Encryption Exploitation Web Applications


EIGRP-tools

EIGRP-tools is a custom EIGRP packet generator and sniffer combined. It was developed to test the security and overall operation quality of the EIGRP routing protocol. Using this tool requires you to have the requisite background knowledge of EIGRP, packets structure/types, alongside a good working background of the Layer 3 ...

Exploitation Packet Analysis Packet Crafting


Bluebugger

bluebugger is an implementation of the bluebug technique which was discovered by Martin Herfurt.

Exploitation Wireless


SIPcrack

SIPcrack is a toolsuite for sniffing and bruteforcing the digest authenticiation password that is sent by SIP clients registering at a SIP server. SIPcrack contains 2 programs: sipdump to capture the digest authentication and sipcrack to bruteforce the hash using a wordlist or standard input.

Exploitation Voice Over IP


VoIP Hopper

VoIP Hopper is a GPLv3 licensed security tool, written in C, that rapidly runs a VLAN Hop into the Voice VLAN on specific Ethernet switches. VoIP Hopper does this by mimicking the behavior of an IP Phone, in both Cisco and Avaya IP Phone environments. VoIP Hopper is a VLAN ...

Exploitation Packet Analysis Packet Crafting Voice Over IP


BackTrack

BackTrack is the most Top rated linux live distribution focused on penetration testing. With no installation whatsoever, the analysis platform is started directly from the CD-Rom and is fully accessible within minutes. It's evolved from the merge of the two wide spread distributions - Whax and Auditor Security Collection. By ...

Enumeration Exploitation Password Cracking Vulnerability Scanning