https

EyeWitness

October 6, 2017

http, https, infogathering, recon, reporting, webapps

EyeWitness is designed to take screenshots of websites, RDP services, and open VNC servers, provide some server header info, and identify default credentials if possible.

RouterSploit

May 2, 2017

Exploitation Tools

exploitation, http, https, passwords

routersploit Package Description The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of various modules that aids penetration testing operations: exploits – modules that take advantage of identified vulnerabilities creds – modules designed to test credentials against network services scanners – modules that check if a target is vulnerable to…

SPARTA

March 28, 2017

Information Gathering

dns, enumeration, gui, http, https, infogathering, mysql, passwords, portscanning, recon, smb, snmp

sparta Package Description SPARTA is a python GUI application that simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. It allows the tester to save time by having point-and-click access to their toolkit and by displaying all tool output in a convenient way. If less time is spent…

Gobuster

February 6, 2017

Web Applications

enumeration, http, https, infogathering, webapps

Gobuster is a web content scanner that looks for existing (and/or hidden) web objects. It basically works by launching a dictionary based attack against a web server and analyzing the response.

DIRB

February 18, 2014

Web Applications

enumeration, http, https, infogathering, webapps

DIRB is a Web Content Scanner. It looks for existing (and/or hidden) Web Objects. It basically works by launching a dictionary based attack against a web server and analizing the response.

DirBuster

February 18, 2014

Web Applications

enumeration, gui, http, https, infogathering, webapps

DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers.

fimap

February 18, 2014

Web Applications

exploitation, http, https, vulnanalysis, webapps

fimap is a little python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. fimap should be something like sqlmap just for LFI/RFI bugs instead of sql injection.

Grabber

February 18, 2014

Web Applications

http, https, vulnanalysis, webapps

Grabber is a web application scanner. Basically it detects some kind of vulnerabilities in your website. Grabber is simple, not fast but portable and really adaptable.

joomscan

February 18, 2014

Web Applications

http, https, vulnanalysis, webapps

Joomla! is probably the most widely-used CMS out there due to its flexibility, user-friendlinesss, extensibility to name a few. So, watching its vulnerabilities and adding such vulnerabilities as KB to Joomla scanner takes ongoing activity.

jSQL Injection

February 18, 2014

Vulnerability Analysis, Web Applications

gui, http, https, vulnanalysis, webapps

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL is free, open source and cross-platform (Windows, Linux, Mac OS X, Solaris).

EyeWitness

RouterSploit

SPARTA

Gobuster

DIRB

DirBuster

fimap

Grabber

joomscan

jSQL Injection

Tools Categories

Recent Additions

https

Tools Categories

Recent Additions

Tag Cloud