
Top Twenty Most Exploited Vulnerabilities in 2021
The number of vulnerabilities in 2021 have dramatically increased so that the technical teams in charge of the patch management find themselves drowning in a myriad of critical and urgent task
The main goal of DPE – Default Password Enumeration is to increase the “password auditing scanners” interoperability potential. Any kind of tool integrating the XML DPE scheme will be able to identify and report default access configurations on specific devices, softwares or operating systems. Taking into account the benefits of ...
Penbang is a collection of tools aimed at the openbox environment. It includes Network Exploits, Vulnerability Assessment/Exploits, Network Analysis, Social Engineering tools, I.G.C, dsniff suite, and irpas. As well as a simple way of launching them. Boosted with the following tools OWASP Mantra ——0.5 update System: —–0.5 update grSecurity Kernel ...
Doona is a fork of the Bruteforce Exploit Detector Tool (BED). BED is a program which is designed to check daemons for potential buffer overflows, format string bugs etc. Doona is Australian for duvet. It adds a significant enough number of features/changes to BED that I renamed it to avoid ...
Sometime forensic investigators need to process digital images as evidence. There are some tools around, otherwise it is difficult to deal with forensic analysis with lot of images involved. Images contain tons of information, Ghiro extracts these information from provided images and display them in a nicely formatted report. Dealing ...
FruityWifi is a wireless network auditing tool based in the wifi Pineapple. The application can be installed in any Debian based system adding the extra packages. Tested in Debian, Kali Linux, Kali Linux ARM (Raspberry Pi), Raspbian (Raspberry Pi). Services Wireless: Start|Stop wireless access point. (hostapd) Supplicant: Connects to the ...
Script for recursive check of DNS zone export (AXFR). install Debian/Ubuntu required packages: $ sudo apt-get install php5-cli $ wget http://netdns2.googlecode.com/files/Net_DNS2-1.3.1.tgz && tar -zxvf Net_DNS2-1.3.1.tgz && cd Net_DNS2-1.3.1/ $ git clone https://code.google.com/p/dns-check/ && mv dns-check/*.php . dns check $ php dc.php gov.ml https://code.google.com/p/dns-check/ (C) 2013 Adam Ziaja <adam@adamziaja.com> http://adamziaja.com 217.64.97.50 ...
This simple script uses open source software (nmap, vFeed and DPE) and performs almost same task as Nessus or AVDS. vFeed – Aggregated Vulnerability Database – http://www.toolswatch.org/vfeed/ DPE – Default Password Enumeration – http://www.toolswatch.org/dpe/ install Debian/Ubuntu required packages: $ sudo apt-get install nmap python2.7 php5-cli php5-sqlite -y $ git clone ...
Firebind Reflector is a portable network path scanning tool that can profile firewall and other network device rules for port blocking, such as perform egresss/exfiltration testing. Reflector has a client side and listener (server-side) like Netcat and Ncat, except Reflector can dynamically be told by the client to listen on ...
This project aims to be a wordlist mutator with hormones, which means that some mutations will be applied to the result of the ones that have been already done, resulting in something like: corporation -> C0rp0r4t10n_2012 This software is usefull when applied to a few words, like company name and/or ...