Exploitation

Quiet.js

This is a javascript binding for libquiet, a library for sending and receiving data via sound card. It can function either via speaker or cable (e.g., 3.5mm). Quiet comes included with a few transmissions profiles which configure quiet's transmitter and receiver. For speaker transmission, there is a profile which transmits around the 19kHz range, which is essentially imperceptible to people (nearly ultrasonic). For transmission via cable, quiet.js has profiles which offer speeds of at least 40 kbps. There is also a live example you can use at https://quiet.github.io/quiet-js/.

Spiderfoot

SpiderFoot
SpiderFoot is an open source intelligence automation tool. Its goal is to automate the process of gathering intelligence about a given target.

Purpose
There are three main areas where SpiderFoot can be useful:

If you are a pen-tester, SpiderFoot will automate the reconnaissance stage of the test, giving you a rich set of data to help you pin-point areas of focus for the test.

Understand what your network/organization is openly exposing to the outside world. Such information in the wrong hands could be a significant risk.

SpiderFoot can also be used to gather threat intelligence about suspected malicious IPs you might be seeing in your logs or have obtained via threat intelligence data feeds.

Dumproc 0.2

A quick tool for dumping memory from a process or writing data into it.

Samurai Web Testing Framework

The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.

Starting with reconnaissance, we have included tools such as the Fierce domain scanner and Maltego. For mapping, we have included tools such WebScarab and ratproxy. We then chose tools for discovery. These would include w3af and burp. For exploitation, the final stage, we included BeEF, AJAXShell and much more. This CD also includes a pre-configured wiki, set up to be the central information store during your pen-test.

AndroChef Java Decompiler

AndroChef Java Decompiler is Windows XP, Windows 2003, Windows Vista, Windows 7, Windows 8 , 8.1 and Windows 10 decompiler for Java that reconstructs the original source code from the compiled binary CLASS files. AndroChef Java Decompiler is able to decompile the most complex Java 6 applets and binaries, producing accurate source code.

AndroChef successfully decompiles obfuscated Java 6, Java 7 and Java 8 .class and .jar files. Support Java language features like generics, enums and annotations. According to some studies, AndroChef Java Decompiler is able to decompile 98.04% of Java applications generated with traditional Java compilers - a very high recovery rate. It is simple but powerful tool that allows you to decompile Java and Dalvik bytecode (DEX, APK) into readable Java source. Easy to use.

Snowman is a native code to C/C++ decompile

Snowman is a native code to C/C++ decompiler

Standalone Version
Supports ARM, x86, and x86-64 architectures.
Reads ELF, Mach-O, and PE file formats.
Reconstructs functions, their names and arguments, local and global variables, expressions, integer, pointer and structural types, all types of control-flow structures, including switch.
Has a nice graphical user interface with one-click navigation between the assembler code and the reconstructed program.
Has a command-line interface for batch processing.

IDA Plug-in
Enjoys all executable file formats supported by the disassembler.
Benefits from IDA’s signature search, parsers of debug information, and demanglers.
Decompiles a chosen function or the whole program by push of a button.
Allows easy jumping between the disassembler and the decompiled code.
Fully integrates into IDA’s GUI.

Radamsa

Radamsa is a test case generator for robustness testing, a.k.a. a fuzzer. It is typically used to test how well a program can withstand malformed and potentially malicious inputs. It works by reading sample files of valid data and generating interestingly different outputs from them. The main selling points of radamsa are that it has already found a slew of bugs in programs that actually matter, it is easily scriptable and easy to get up and running.

Requirements
Supported operating systems:
GNU/Linux
OpenBSD
FreeBSD
Mac OS X
Windows (using Cygwin)

Software requirements for building from sources:
gcc / clang
make
git

SDL MiniFuzz File Fuzzer

SDL MiniFuzz File Fuzzer is a basic file fuzzing tool designed to ease adoption of fuzz testing by non-security developers who are unfamiliar with file fuzzing tools or have never used them in their current software development processes.

System Requirements
Supported Operating System
Windows 7, Windows Vista, Windows XP
• For Visual Studio integration features: Visual Studio 2008
• For Team Foundation Server integration features: Microsoft Team Foundation Server 2008
• For Visual Studio Team System integration features: Microsoft Visual Studio Team System 2008

wifiphisher

Wifiphisher is a security tool that mounts automated phishing attacks against WiFi networks in order to obtain secret passphrases or other credentials. It is a social engineering attack that unlike other methods it does not include any brute forcing. It is an easy way for obtaining credentials from captive portals and third party login pages or WPA/WPA2 secret passphrases.Wifiphisher works on Kali Linux and is licensed under the GPL license.

Requirements:
Kali Linux.
Two wireless network adapters; one capable of injection.

CrowBar

Crowbar (formally known as Levye) is a brute forcing tool that can be used during penetration tests. It was developed to brute force some protocols in a different manner according to other popular brute forcing tools. As an example, while most brute forcing tools use username and password for SSH brute force, Crowbar uses SSH key(s). This allows for any private keys that have been obtained during penetration tests, to be used to attack other SSH servers.

Currently Crowbar supports:
OpenVPN (-b openvpn)
Remote Desktop Protocol (RDP) with NLA support (-b rdp)
SSH private key authentication (-b sshkey)
VNC key authentication (-b vpn)

Syndicate content