A tool to prod the oracle tnslsnr process on port 1521/tcp.
Uniscan
Uniscan is a simple Remote File Include, Local File Include and Remote Command Execution vulnerability scanner.
unix-privesc-check
Unix-privesc-checker is a script that runs on Unix systems (tested on Solaris 9, HPUX 11, Various Linuxes, FreeBSD 6.2). It tries to find misconfigurations that could allow local unprivileged users to escalate privileges to other users or to access local apps (e.g. databases).
VoIPHopper
VoIP Hopper is a GPLv3 licensed security tool, written in C, that rapidly runs a VLAN Hop into the Voice VLAN on specific ethernet switches. VoIP Hopper does this by mimicking the behavior of an IP Phone, in Cisco, Avaya, Nortel, and Alcatel-Lucent environments.
w3af
w3af is a Web Application Attack and Audit Framework which aims to identify and exploit all web application vulnerabilities. This package provides a graphical user interface (GUI) for the framework.
WebSploit
WebSploit Is an open source project for web application assessments.
Wfuzz
Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts, etc), bruteforce GET and POST parameters for checking different kind of injections (SQL, XSS, LDAP,etc), bruteforce Forms parameters (User/Password), Fuzzing,etc.
WPScan
WPScan Package Description WPScan is a black box WordPress vulnerability scanner that can be used to scan remote WordPress installations to find security issues. Source: http://wpscan.org/ WPScan Homepage | Kali wpscan Repo Author: The WPScan Team License: Other Tools included in the wpscan package wpscan – WordPress vulnerability scanner root@kali:~# wpscan --help _______________________________________________________________ …
XSSer
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications. It contains several options to try to bypass certain filters, and various special techniques of code injection.
Yersinia
Yersinia is a framework for performing layer 2 attacks. It is designed to take advantage of some weakeness in different network protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems.