Windows

Microsoft Windows

Beamgun

Beamgun is an open-source Windows application that mitigates against rogue USB devices. Beamgun runs in the background of your Windows PC and listens for USB device insertions. When a USB keyboard device is plugged in, Beamgun blocks all keystrokes until it is reset. If a USB Lan adapter is plugged in, it is disabled. It also has an option to disable USB Mass Storage devices.

Beamgun was designed specifically with Rubber Duckies, LAN Turtles, and PoisonTaps in mind.

Evil foca

Evil Foca is a tool for security pen testers and auditors whose purpose it is to test security in IPv4 and IPv6 data networks.
The tool is capable of carrying out various attacks such as:

MITM over IPv4 networks with ARP Spoofing and DHCP ACK Injection.
MITM on IPv6 networks with Neighbor Advertisement Spoofing, SLAAC attack, fake DHCPv6.
DoS (Denial of Service) on IPv4 networks with ARP Spoofing.
DoS (Denial of Service) on IPv6 networks with SLAAC DoS.
DNS Hijacking.
The software automatically scans the networks and identifies all devices and their respective network interfaces, specifying their IPv4 and IPv6 addresses as well as the physical addresses through a convenient and intuitive interface.

FOCA

FOCA (Fingerprinting Organizations with Collected Archives) is a tool used mainly to find metadata and hidden information in the documents its scans. These documents may be on web pages, and can be downloaded and analyzed with FOCA.

It is capable of analyzing a wide variety of documents, with the most common being Microsoft Office, Open Office, or PDF files, although it also analyzes Adobe InDesign or SVG files, for instance.

These documents are searched for using three possible search engines: Google, Bing, and Exalead. The sum of the results from the three engines amounts to a lot of documents. It is also possible to add local files to extract the EXIF information from graphic files, and a complete analysis of the information discovered through the URL is conducted even before downloading the file.

With all data extracted from all files, FOCA matches information in an attempt to identify which documents have been created by the same team and what servers and clients may be inferred from them.

Spiderfoot

SpiderFoot
SpiderFoot is an open source intelligence automation tool. Its goal is to automate the process of gathering intelligence about a given target.

Purpose
There are three main areas where SpiderFoot can be useful:

If you are a pen-tester, SpiderFoot will automate the reconnaissance stage of the test, giving you a rich set of data to help you pin-point areas of focus for the test.

Understand what your network/organization is openly exposing to the outside world. Such information in the wrong hands could be a significant risk.

SpiderFoot can also be used to gather threat intelligence about suspected malicious IPs you might be seeing in your logs or have obtained via threat intelligence data feeds.

Dumproc 0.2

A quick tool for dumping memory from a process or writing data into it.

webpwdchk

Nice tool for checking all the URLs in an input text file and scanning them sequentially. Its primary purpose is to verify if the username and password for a website are valid but can also check if pages exist or not.

Lame Patcher 0.4.4b

file patcher available with both GUI (on Windows) and command-line mode plus various features. It uses some text files with the lpatch extension for the list of operations to perform on the target file to patch.These text files are trivial to create and edit and allow to specify comments, the default name of the file to patch, an introduction to display before apply the patch, MD5 hash verification, the modification of a byte at a specific offset, the substitution of a sequence of bytes or a string, wildcards and more.Exists also an older version of "patch files" used for substituting bytes at fixed offsets and are identified by the lpatch.dat name.On Windows the tool can also be used to patch a running process and launching+patching it.
this patcher and its patch files are the only that I use for my patches.

ICMPInfo 0.2

A tool that uses ICMP type 13 (timestamp RFC792) and 17 (netmask RFC950) for retrieving the current time and the net-mask of a remote host.

Signsrch 0.2.3

Tool for searching signatures inside files, extremely useful in reversing engineering for figuring or having an initial idea of what encryption/compression algorithm is used for a proprietary protocol or file.It can recognize tons of compression, multimedia and encryption algorithms and many other things like known strings and anti-debugging code, which can be also manually added since it's all based on a text signature file read at run time and easy to modify.Supports multi threading, scanning of folders using wildcards, scanning of processes, conversion of the executables offsets in memory offsets, loading of custom signature files and their automatic checking for avoiding errors, automatic finding of the instructions that reference the found signatures (like "Find references" of Ollydbg) and the launching of an executable placing an INT3 byte at the desired memory offset.

hosts file/list DNS checker 0.1

tool which checks if the host names listed in a file or contained in a hosts file can be resolved or not. Supports multi-threading, logging, delay between each query and allows to choose the type of primary query (A record by default) and a backup one in case the first fails (for example A and then NS)

Syndicate content