Recon-ng is a full-featured Web Reconnaisance framework written in Python. Complete with independent modules, database interaction, built in convenience functions, interactive help, and command completion, Recon-ng provides a powerful environment in which open source web-based reconnaissance can be conducted quickly and thoroughly.
Recon-ng has a look and feel similar to the Metasploit Framework, reducing the learning curve for leveraging the framework. However, it is quite different. Recon-ng is not intended to compete with existing frameworks, as it is designed exclusively for web-based open source reconnaissance. If you want to exploit, use the Metasploit Framework. If you want to Social Engineer, us the Social Engineer Toolkit. If you want to conduct reconnaissance, use Recon-ng!
An international team of forensics experts, led by SANS Faculty Fellow Rob Lee, created the SANS Investigative Forensic Toolkit (SIFT) Workstation and made it available to the whole community as a public service. The free SIFT toolkit, that can match any modern forensic tool suite, is also featured in SANS' Advanced Computer Forensic Analysis and Incident Response course (FOR 508). It demonstrates that advanced investigations and responding to intrusions can be accomplished using cutting-edge open-source tools that are freely available and frequently updated.
The SIFT Workstation is a VMware appliance, pre-configured with the necessary tools to perform detailed digital forensic examination in a variety of settings. It is compatible with Expert Witness Format (E01), Advanced Forensic Format (AFF), and raw (dd) evidence formats. The brand new version has been completely rebuilt on an Ubuntu base with many new capabilities and tools such as log2timeline that provides a timeline that can be of enormous value to investigators.
Collection of single use scripts written for windows forensics
Ruby-Nessus is a ruby interface for the popular Nessus vulnerability scanner. Ruby-Nessus aims to deliver an easy yet powerful interface for interacting and manipulating Nessus scan results and configurations. Ruby-Nessus currently supports both version 1.0 and 2.0 of the .nessus file format.
Auto_Exploit is a replacement plugin for Metasploit's missing db_autopwn module written by Dark Operator.
JSwat is a graphical Java debugger front-end, written to use the Java Platform Debugger Architecture and based on the NetBeans Platform. JSwat is open-source software and is freely available in both binary and source code form. Its features include sophisticated breakpoints; colorized source code display with code navigator; movable display panels showing threads, call stack, visible variables, and loaded classes; command interface for more advanced features; and Java-like expression evaluation, including method invocation.
A tool for parsing MS-CHAPv2 handshakes, which can then be submitted to CloudCracker for cracking.
knockknock is a simple, secure, and stealthy port knocking implementation that does not use libpcap or bind to a socket interface.
tortunnel is a partial Onion Proxy implementation designed for building single-hop circuits through Tor exit nodes.
An Android application and corresponding PAM module that provide SecureID style two-factor authentication without the use of specialized hardware or the hassle of setting up special authentication services.