SOLDIERX.COM Nobody Can Stop Information Insemination

Kolkata is a web application fingerprinting engine written in Perl that combines cryptography with IDS evasion. Kolkata uses session splicing for IDS evasion and configurable checksums of static files in order to determine the version of a web application.

Dependencies
LibWhisker2 - This comes bundled in the tarball, with nikto, and a variety of other tools on this site.
YAML::XS - Install with cpan in bash (cpan -i YAML::XS)

Usage
kolkata.pl -d domain.tld [-v -p [remote_path_to_web_application]]

kolkata requires a directory called sigs in its directory
The sigs directory must contain properly formatted yml files with checksums.

This script works by crafting packets being sent to a DNS server that allows for recursion, the attacker can make a normal query that is 64 bytes in size, return a response that is tens of times larger than the original request.
More information can be seen at:
blog.cloudflare.com/the-ddos-that-almost-broke-the-internet

#
# DNS Amplification DOS Attack Script - Proof of Concept
#
# Co-Authored Johnathin Ferretti and Pat Litke
#
# Pat Litke | geudrik
# Jonathin Ferretti | LISTERINe
#
# January 2012
#
#
#
# Dependencies
# python-scapy
# python-dnspython
#
#

Voice over IP penetration testing tookit providing SIP and NGN Services Testing Modules for Metasploit Framework

Viproy Voip Pen-Test Kit is developed to improve the quality of SIP Penetration Tests. It provides authentication feature that helps to create simple tests. It includes 10 different modules with authentication support: options tester, brute forcer, enumerator, invite tester, trust analyzer, proxy and registration tester. All attacks could perform before and after authentication to fuzz SIP services and value added services.

tortunnel is a partial Onion Proxy implementation designed for building single-hop circuits through Tor exit nodes.

A small Linux app that, when run, makes your machine appear to be anywhere you specify on the internet.

ProxyTunnel is a program that connects stdin and stdout to a server somewhere on the network, through a standard HTTPS proxy. We mostly use it to tunnel SSH sessions through HTTP(S) proxies, allowing us to do many things that wouldn't be possible without ProxyTunnel.

Tcpreplay is a suite of BSD GPLv3 licensed tools written by Aaron Turner for UNIX (and Win32 under Cygwin) operating systems which gives you the ability to use previously captured traffic in libpcap format to test a variety of network devices. It allows you to classify traffic as client or server, rewrite Layer 2, 3 and 4 headers and finally replay the traffic back onto the network and through other devices such as switches, routers, firewalls, NIDS and IPS's. Tcpreplay supports both single and dual NIC modes for testing both sniffing and inline devices.

Tcpreplay is used by numerous firewall, IDS, IPS and other networking vendors, enterprises, universities, labs and open source projects.

Swaks is a featureful, flexible, scriptable, transaction-oriented SMTP test tool written and maintained by John Jetmore. Features include:

SMTP extensions including TLS, authentication, and pipelining
Protocols including SMTP, ESMTP, and LMTP
Transports including unix-domain sockets, internet-domain sockets (IPv4 and IPv6), and pipes to spawned processes
Completely scriptable configuration, with option specification via environment variables, configuration files, and command line

Tinyproxy is a light-weight HTTP/HTTPS proxy daemon for POSIX operating systems. Designed from the ground up to be fast and yet small, it is an ideal solution for use cases such as embedded deployments where a full featured HTTP proxy is required, but the system resources for a larger proxy are unavailable. Tinyproxy is free software, and is distributed using the GNU GPL license

Tunnels TCP over UDP packets. Runs in user space on Linux, Solaris, Cygwin (with IPv6 extension), and native Win32.