BlackArch-Tools
安装在ArchLinux之上
添加存储库
从blackarch存储库安装工具
替代安装方法
BlackArch Linux Complete Tools List
简介
BlackArch Linux是针对渗透测试人员和安全研究人员的基于Arch Linux的渗透测试分发版。
BlackArch Linux预装有上千种专用工具以用于渗透测试和计算机取证分析。
BlackArch Linux与现有的Arch安装兼容。您可以单独或成组安装工具。
https://blackarch.org/downloads.html
安装在ArchLinux之上
添加存储库
BlackArch Linux与现有/普通Arch安装兼容。它充当非官方用户存储库。
下载脚本 > 验证 > 设置脚本可执行 > 运行安装脚本
#以root身份运行https://blackarch.org/strap.sh并按照说明操作。
$ curl -O https://blackarch.org/strap.sh
#SHA1总和应匹配:9f770789df3b7803105e5fbc19212889674cd503 strap.sh
$ sha1sum strap.sh
#设置执行位
$ chmod + x strap.sh
#运行strap.sh
$ sudo ./strap.sh
从blackarch存储库安装工具
#要列出所有可用工具,请运行
$ sudo pacman -Sgg | grep blackarch | cut -d' ' -f2 | sort -u
#要安装所有工具,请运行
$ sudo pacman -S blackarch
#要安装一类工具,请运行
$ sudo pacman -S blackarch-<category>
#要查看blackarch类别,请运行
$ sudo pacman -Sg | grep blackarch
替代安装方法
作为替代安装方法的一部分,您可以从源代码构建blackarch包。你可以在github上找到PKGBUILDs 。要构建整个仓库,您可以使用blackman工具。
#首先,你必须安装blackman。如果在您的计算机上设置了BlackArch软件包存储库,
https://github.com/BlackArch/blackarch
#可以安装blackman,如:
$ sudo pacman -S blackman
#下载,编译和安装包:
$ sudo blackman -i <package>
#下载,编译和安装整个类别
$ sudo blackman -g <group>
#下载,编译和安装所有BlackArch工具
$ sudo blackman -a
#列出blackarch类别
$ blackman -l
#列出类别工具
$ blackman -p <category>
可以在此处找到BlackArch Linux存储库的完整工具列表。
BlackArch Linux Complete Tools List
https://blackarch.org/tools.html
Categorynolink | 类别 | Name | Description | 描述 |
didier-stevens-suite | Didier Stevens Suite. | 迪迪埃史蒂文斯套房。 | ||
python-yara-rednaga | The Python interface for YARA. | YARA的Python界面。 | ||
anti-forensic | 反取证 | ropeadope | A linux log cleaner. | 一个linux日志清理器。 |
anti-forensic | 反取证 | secure-delete | Secure file, disk, swap, memory erasure utilities. | 安全文件,磁盘,交换,内存擦除实用程序。 |
anti-forensic | 反取证 | steghide | Embeds a message in a file by replacing some of the least significant bits | 通过替换一些最低有效位来在文件中嵌入消息 |
automation | 自动化 | apt2 | Automated penetration toolkit. | 自动渗透工具包。 |
automation | 自动化 | automato | Should help with automating some of the user-focused enumeration tasks during an internal penetration test. | 应该有助于在内部渗透测试期间自动执行一些以用户为中心的枚举任务。 |
automation | 自动化 | autonessus | This script communicates with the Nessus API in an attempt to help with automating scans. | 此脚本与Nessus API通信,以帮助自动执行扫描。 |
automation | 自动化 | autonse | Massive NSE (Nmap Scripting Engine) AutoSploit and AutoScanner. | 大规模NSE(Nmap脚本引擎)AutoSploit和AutoScanner。 |
automation | 自动化 | autopwn | Specify targets and run sets of tools against them. | 指定目标并针对它们运行工具集。 |
automation | 自动化 | autovpn | Easily connect to a VPN in a country of your choice. | 轻松连接到您选择的国家/地区的VPN。 |
automation | 自动化 | awsbucketdump | A tool to quickly enumerate AWS S3 buckets to look for loot. | 一种快速枚举AWS S3存储桶以查找战利品的工具。 |
automation | 自动化 | bashfuscator | Fully configurable and extendable Bash obfuscation framework. | 完全可配置和可扩展的Bash混淆框架。 |
automation | 自动化 | blueranger | A simple Bash script which uses Link Quality to locate Bluetooth device radios. | 一个简单的Bash脚本,它使用链接质量来定位蓝牙设备无线电。 |
automation | 自动化 | brutespray | Brute-Forcing from Nmap output - Automatically attempts default creds on found services. | 来自Nmap输出的强制执行 - 自动尝试找到的服务上的默认信用。 |
automation | 自动化 | brutex | Automatically brute force all services running on a target. | 自动暴力破坏目标上运行的所有服务。 |
automation | 自动化 | cewl | A custom word list generator. | 自定义单词列表生成器。 |
automation | 自动化 | checksec | Tool designed to test which standard Linux OS and PaX security features are being used | 用于测试正在使用的标准Linux OS和PaX安全功能的工具 |
automation | 自动化 | cisco-snmp-enumeration | Automated Cisco SNMP Enumeration, Brute Force, Configuration Download and Password Cracking. | 自动Cisco SNMP枚举,暴力破解,配置下载和密码破解。 |
automation | 自动化 | clusterd | Automates the fingerprinting, reconnaissance, and exploitation phases of an application server attack. | 自动化应用程序服务器攻击的指纹识别,侦察和利用阶段。 |
automation | 自动化 | crunch | A wordlist generator for all combinations/permutations of a given character set. | 用于给定字符集的所有组合/排列的词列表生成器。 |
automation | 自动化 | deathstar | Automate getting Domain Admin using Empire. | 使用Empire自动获取域管理员。 |
automation | 自动化 | dracnmap | Tool to exploit the network and gathering information with nmap help. | 利用nmap帮助利用网络和收集信息的工具。 |
automation | 自动化 | dumb0 | A simple tool to dump users in popular forums and CMS. | 在流行的论坛和CMS中转储用户的简单工具。 |
automation | 自动化 | easy-creds | A bash script that leverages ettercap and other tools to obtain credentials. | 一个bash脚本,它利用ettercap和其他工具来获取凭据。 |
automation | 自动化 | easyda | Easy Windows Domain Access Script. | 简单的Windows域访问脚本。 |
automation | 自动化 | empire | A PowerShell and Python post-exploitation agent. | PowerShell和Python后期利用代理。 |
automation | 自动化 | findsploit | Find exploits in local and online databases instantly. | 立即在本地和在线数据库中查找漏洞利用。 |
automation | 自动化 | fstealer | Automates file system mirroring through remote file disclosure vulnerabilities on Linux machines. | 通过Linux计算机上的远程文件泄露漏洞自动执行文件系统镜像。 |
automation | 自动化 | glue | A framework for running a series of tools. | 用于运行一系列工具的框架。 |
automation | 自动化 | google-explorer | Google mass exploit robot - Make a google search, and parse the results for a especific exploit you define. | Google大规模攻击机器人 - 进行谷歌搜索,并解析结果以获得您定义的特定攻击。 |
automation | 自动化 | gooscan | A tool that automates queries against Google search appliances, but with a twist. | 一种自动对Google搜索设备进行查询的工具,但有一点扭曲。 |
automation | 自动化 | hackersh | A shell for with Pythonect-like syntax, including wrappers for commonly used security tools. | 一个类似Pythonect语法的shell,包括常用安全工具的包装器。 |
automation | 自动化 | hate-crack | A tool for automating cracking methodologies through Hashcat. | 一种通过Hashcat自动化破解方法的工具。 |
automation | 自动化 | intersect | Post-exploitation framework | 后开发框架 |
automation | 自动化 | koadic | A Windows post-exploitation rootkit similar to other penetration testing tools such as Meterpreter and Powershell Empire. | Windows后开发rootkit,类似于其他渗透测试工具,如Meterpreter和Powershell Empire。 |
automation | 自动化 | ldapscripts | Simple shell scripts to handle POSIX entries in an LDAP directory. | 用于处理LDAP目录中的POSIX条目的简单shell脚本。 |
automation | 自动化 | linikatz | Tool to attack AD on UNIX. | 在UNIX上攻击AD的工具。 |
automation | 自动化 | linset | Evil Twin Attack Bash script - An automated WPA/WPA2 hacker. | Evil Twin Attack Bash脚本 - 一个自动化的WPA / WPA2黑客。 |
automation | 自动化 | maskprocessor | A High-Performance word generator with a per-position configurable charset. | 具有每位置可配置字符集的高性能字生成器。 |
automation | 自动化 | masscan-automation | Masscan integrated with Shodan API. | Masscan与Shodan API集成。 |
automation | 自动化 | massexpconsole | A collection of tools and exploits with a cli ui for mass exploitation. | 一系列工具和漏洞利用大量开发的cli ui。 |
automation | 自动化 | merlin-server | Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang. | Merlin是一个跨平台的后期开发HTTP / 2命令和控制服务器和用golang编写的代理。 |
automation | 自动化 | metasploit-autopwn | db_autopwn plugin of metasploit. | metasploit的db_autopwn插件。 |
automation | 自动化 | mitmap-old | Shell Script for launching a Fake AP with karma functionality and launches ettercap for packet capture and traffic manipulation. | 用于启动具有karma功能的假AP的Shell脚本,并启动ettercap用于数据包捕获和流量操作。 |
automation | 自动化 | morpheus | Automated Ettercap TCP/IP Hijacking Tool. | 自动Ettercap TCP / IP劫持工具。 |
automation | 自动化 | msf-mpc | Msfvenom payload creator. | Msfvenom有效负载创建者。 |
automation | 自动化 | msfenum | A Metasploit auto auxiliary script. | Metasploit自动辅助脚本。 |
automation | 自动化 | mutator | This project aims to be a wordlist mutator with hormones, which means that some mutations will be applied to the result of the ones that have been already done, resulting in something like: corporation -> C0rp0r4t10n_2012 | 这个项目旨在成为一个激素的词表变异器,这意味着一些突变将应用于已经完成的变体的结果,导致类似于:公司 - > C0rp0r4t10n_2012 |
automation | 自动化 | nfspy | A Python library for automating the falsification of NFS credentials when mounting an NFS share. | 一个Python库,用于在挂载NFS共享时自动伪造NFS凭据。 |
automation | 自动化 | nfsshell | Userland NFS command tool. | Userland NFS命令工具。 |
automation | 自动化 | nosqlattack | Python tool to automate exploit MongoDB server IP on Internet anddisclose the database data by MongoDB default configuration weaknesses and injection attacks. | Python工具可自动在Internet上利用MongoDB服务器IP,并通过MongoDB默认配置弱点和注入攻击来分发数据库数据。 |
automation | 自动化 | panoptic | A tool that automates the process of search and retrieval of content for common log and config files through LFI vulnerability. | 一种工具,可通过LFI漏洞自动搜索和检索常见日志和配置文件的内容。 |
automation | 自动化 | pastejacker | Hacking systems with the automation of PasteJacking attacks. | 使用PasteJacking攻击自动化黑客系统。 |
automation | 自动化 | pasv-agrsv | Passive recon / OSINT automation script. | 被动侦察/ OSINT自动化脚本。 |
automation | 自动化 | penbox | A Penetration Testing Framework - The Tool With All The Tools. | 渗透测试框架 - 所有工具的工具。 |
automation | 自动化 | pentmenu | A bash script for recon and DOS attacks. | 用于侦察和DOS攻击的bash脚本。 |
automation | 自动化 | pin | A dynamic binary instrumentation tool. | 动态二进制检测工具。 |
automation | 自动化 | portia | Automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. | 在低特权帐户遭到入侵后,自动执行通常在内部网络渗透测试中执行的许多技术。 |
automation | 自动化 | pupy | Opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python. | Opensource,跨平台(Windows,Linux,OSX,Android)远程管理和后期开发工具,主要用python编写。 |
automation | 自动化 | pureblood | A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter. | 为Hackers / Pentester / Bug Hunter创建的渗透测试框架。 |
automation | 自动化 | regeorg | The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn. | reDuh的继任者,pwn一个堡垒网络服务器并通过DMZ创建SOCKS代理。枢轴和pwn。 |
automation | 自动化 | rsmangler | rsmangler takes a wordlist and mangle it | rsmangler采用了一个单词列表并对其进行了修改 |
automation | 自动化 | sakis3g | An all-in-one script for connecting with 3G. | 用于连接3G的一体化脚本。 |
automation | 自动化 | search1337 | 1337Day Online Exploit Scanner. | 1337Day Online Exploit Scanner。 |
automation | 自动化 | simple-ducky | A payload generator. | 有效载荷发生器。 |
automation | 自动化 | sipvicious | Tools for auditing SIP devices | 用于审核SIP设备的工具 |
automation | 自动化 | sn00p | A modular tool written in bourne shell and designed to chain and automate security tools and tests. | 一种用bourne shell编写的模块化工具,用于链接和自动化安全工具和测试。 |
automation | 自动化 | sn1per | Automated Pentest Recon Scanner. | 自动Pentest Recon扫描仪。 |
automation | 自动化 | sploitctl | Fetch, install and search exploit archives from exploit sites like exploit-db and packetstorm. | 从exploit-db和packetstorm等漏洞利用站点获取,安装和搜索漏洞档案。 |
automation | 自动化 | spookflare | Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures. | 具有多种功能的装载机,滴管发电机,用于绕过客户端和网络侧的对策。 |
automation | 自动化 | statsprocessor | A high-performance word-generator based on per-position Markov-attack. | 基于每个位置马尔可夫攻击的高性能字生成器。 |
automation | 自动化 | thefatrat | TheFatRat a massive exploiting tool: easy tool to generate backdoor and easy tool to post exploitation attack. | TheFatRat是一个庞大的开发工具:生成后门的简易工具和易于发布攻击的工具。 |
automation | 自动化 | tiger | A security scanner, that checks computer for known problems. Can also use tripwire, aide and chkrootkit. | 安全扫描程序,用于检查计算机是否存在已知问题 也可以使用tripwire,aide和chkrootkit。 |
automation | 自动化 | tlssled | A Linux shell script whose purpose is to evaluate the security of a target SSL/TLS (HTTPS) web server implementation. | Linux shell脚本,其目的是评估目标SSL / TLS(HTTPS)Web服务器实现的安全性。 |
automation | 自动化 | torctl | Script to redirect all traffic through tor network including dns queries for anonymizing entire system. | 脚本通过tor网络重定向所有流量,包括用于匿名整个系统的dns查询。 |
automation | 自动化 | unix-privesc-check | Tries to find misconfigurations that could allow local unprivilged users to escalate privileges to other users or to access local apps (e.g. databases). | 试图找到可能允许本地未经授权的用户将权限升级到其他用户或访问本地应用程序(例如数据库)的错误配置。 |
automation | 自动化 | username-anarchy | Tools for generating usernames when penetration testing. | 渗透测试时生成用户名的工具。 |
automation | 自动化 | veil | A tool designed to generate metasploit payloads that bypass common anti-virus solutions. | 一种工具,旨在生成绕过常见防病毒解决方案的metasploit有效负载。 |
automation | 自动化 | vlan-hopping | Easy 802.1Q VLAN Hopping | 轻松实现802.1Q VLAN跳频 |
automation | 自动化 | voiphopper | A security validation tool that tests to see if a PC can mimic the behavior of an IP Phone. It rapidly automates a VLAN Hop into the Voice VLAN. | 一种安全验证工具,用于测试PC是否可以模仿IP电话的行为。它可以快速自动化VLAN跳入语音VLAN。 |
automation | 自动化 | wikigen | A script to generate wordlists out of wikipedia pages. | 用于从*页面生成单词列表的脚本。 |
automation | 自动化 | wnmap | A shell script written with the purpose to automate and chain scans via nmap. You can run nmap with a custom mode written by user and create directories for every mode with the xml/nmap files inside. | 编写一个shell脚本,目的是通过nmap实现自动化和链式扫描。您可以使用用户编写的自定义模式运行nmap,并为每个模式创建目录,其中包含xml / nmap文件。 |
automobile | 汽车 | can-utils | Linux-CAN / SocketCAN user space applications. | Linux-CAN / SocketCAN用户空间应用程序。 |
automobile | 汽车 | canalyzat0r | Security analysis toolkit for proprietary car protocols. | 专有汽车协议的安全分析工具包。 |
automobile | 汽车 | cantoolz | Framework for black-box CAN network analysis. | 黑盒CAN网络分析框架。 |
backdoor | 后门 | aesshell | A backconnect shell for Windows and Unix written in python and uses AES in CBC mode in conjunction with HMAC-SHA256 for secure transport. | 一个用于Windows和Unix的反向连接shell,用python编写,在CBC模式下使用AES和HMAC-SHA256进行安全传输。 |
backdoor | 后门 | azazel | A userland rootkit based off of the original LD_PRELOAD technique from Jynx rootkit. | userland rootkit基于Jynx rootkit的原始LD_PRELOAD技术。 |
backdoor | 后门 | backcookie | Small backdoor using cookie. | 使用cookie的小后门。 |
backdoor | 后门 | backdoor-factory | Patch win32/64 binaries with shellcode. | 使用shellcode修补win32 / 64二进制文件。 |
backdoor | 后门 | backdoorme | A powerful utility capable of backdooring Unix machines with a slew of backdoors. | 一个功能强大的实用程序,能够通过一系列后门来支持Unix机器。 |
backdoor | 后门 | backdoorppt | Transform your payload.exe into one fake word doc (.ppt). | 将您的payload.exe转换为一个假单词doc(.ppt)。 |
backdoor | 后门 | cymothoa | A stealth backdooring tool, that inject backdoor's shellcode into an existing process. | 一种隐形后门工具,可将后门的shellcode注入现有流程。 |
backdoor | 后门 | debinject | Inject malicious code into *.debs. | 将恶意代码注入* .debs。 |
backdoor | 后门 | dr0p1t-framework | A framework that creates a dropper that bypass most AVs, some sandboxes and have some tricks. | 一个框架,它创建一个绕过大多数AV,一些沙箱并有一些技巧的dropper。 |
backdoor | 后门 | dragon-backdoor | A sniffing, non binding, reverse down/exec, portknocking service Based on cd00r.c. | 一个嗅探,非绑定,反向下行/执行,portknocking服务基于cd00r.c。 |
backdoor | 后门 | eggshell | iOS/macOS/Linux Remote Administration Tool. | iOS / macOS / Linux远程管理工具。 |
backdoor | 后门 | enyelkm | Rootkit for Linux x86 kernels v2.6. | 适用于Linux x86内核的Rootkit v2.6。 |
backdoor | 后门 | exe2image | A simple utility to convert EXE files to JPEG images and vice versa. | 将EXE文件转换为JPEG图像的简单实用程序,反之亦然。 |
backdoor | 后门 | gobd | A Golang covert backdoor. | 一个Golang隐蔽的后门。 |
backdoor | 后门 | harness | Interactive remote PowerShell Payload. | 交互式远程PowerShell有效负载。 |
backdoor | 后门 | hotpatch | Hot patches executables on Linux using .so file injection. | Linux上的热补丁可执行文件使用.so文件注入。 |
backdoor | 后门 | icmpsh | Simple reverse ICMP shell. | 简单的反向ICMP外壳。 |
backdoor | 后门 | jynx2 | An expansion of the original Jynx LD_PRELOAD rootkit | 原始Jynx LD_PRELOAD rootkit的扩展 |
backdoor | 后门 | kimi | Script to generate malicious debian packages (debain *s). | 用于生成恶意debian软件包的脚本(debain *s)。 |
backdoor | 后门 | ld-shatner | ld-linux code injector. | ld-linux代码注入器。 |
backdoor | 后门 | meterssh | A way to take shellcode, inject it into memory then tunnel whatever port you want to over SSH to mask any type of communications as a normal SSH connection. | 一种获取shellcode的方法,将其注入内存然后通过SSH隧道传输您想要的任何端口,以将任何类型的通信屏蔽为正常的SSH连接。 |
backdoor | 后门 | microsploit | Fast and easy create backdoor office exploitation using module metasploit packet, Microsoft Office, Open Office, Macro attack, Buffer Overflow. | 使用模块metasploit数据包,Microsoft Office,Open Office,宏攻击,缓冲区溢出,快速轻松地创建后门办公室利用。 |
backdoor | 后门 | ms-sys | A tool to write Win9x-.. master boot records (mbr) under linux - RTM! | 在linux下编写Win9x- ..主启动记录(mbr)的工具 - RTM! |
backdoor | 后门 | nxcrypt | NXcrypt - python backdoor framework. | NXcrypt - python后门框架。 |
backdoor | 后门 | phishery | An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector. | 具有Word文档模板URL注入器的SSL启用的基本身份验证凭据收集器。 |
backdoor | 后门 | pyrasite | Code injection and introspection of running Python processes. | 代码注入和运行Python进程的内省。 |
backdoor | 后门 | revsh | A reverse shell with terminal support, data tunneling, and advanced pivoting capabilities. | 具有终端支持,数据隧道和高级旋转功能的反向外壳。 |
backdoor | 后门 | rrs | A reverse (connecting) remote shell. Instead of listening for incoming connections it will connect out to a listener (rrs in listen mode). With tty support and more. | 反向(连接)远程shell。它不会监听传入的连接,而是连接到监听器(侦听模式下的rrs)。有tty支持和更多。 |
backdoor | 后门 | rubilyn | 64bit Mac OS-X kernel rootkit that uses no hardcoded address to hook the BSD subsystem in all OS-X Lion & below. It uses a combination of syscall hooking and DKOM to hide activity on a host. | 64位Mac OS-X内核rootkit,它不使用硬编码地址来挂接所有OS-X Lion及以下版本的BSD子系统。它使用syscall挂钩和DKOM的组合来隐藏主机上的活动。 |
backdoor | 后门 | shellinabox | Implements a web server that can export arbitrary command line tools to a web based terminal emulator. | 实现可以将任意命令行工具导出到基于Web的终端仿真器的Web服务器。 |
backdoor | 后门 | shootback | A reverse TCP tunnel let you access target behind NAT or firewall. | 通过反向TCP隧道,您可以访问NAT或防火墙后面的目标。 |
backdoor | 后门 | syringe | A General Purpose DLL & Code Injection Utility. | 通用DLL和代码注入实用程序。 |
backdoor | 后门 | trixd00r | An advanced and invisible userland backdoor based on TCP/IP for UNIX systems. | 基于TCP / IP的UNIX系统的高级和不可见用户区后门。 |
backdoor | 后门 | tsh | An open-source UNIX backdoor that compiles on all variants, has full pty support, and uses strong crypto for communication. | 一个开源的UNIX后门程序,可以编译所有变种,具有完整的pty支持,并使用强大的加密进行通信。 |
backdoor | 后门 | tsh-sctp | An open-source UNIX backdoor. | 一个开源的UNIX后门程序。 |
backdoor | 后门 | u3-pwn | A tool designed to automate injecting executables to Sandisk smart usb devices with default U3 software install. | 一种工具,旨在通过默认的U3软件安装自动将可执行文件注入Sandisk smart usb设备。 |
backdoor | 后门 | unicorn-powershell | A simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. | 一个使用PowerShell降级攻击并将shellcode直接注入内存的简单工具。 |
backdoor | 后门 | vlany | Linux LD_PRELOAD rootkit (x86 and x86_64 architectures). | Linux LD_PRELOAD rootkit(x86和x86_64体系结构)。 |
backdoor | 后门 | webacoo | Web Backdoor Cookie Script-Kit. | Web Backdoor Cookie Script-Kit。 |
backdoor | 后门 | webshells | Web Backdoors. | 网络后门。 |
backdoor | 后门 | webspa | A web knocking tool, sending a single HTTP/S to run O/S commands. | Web敲门工具,发送单个HTTP / S以运行O / S命令。 |
binary | 二进制 | amber | Reflective PE packer. | 反光PE包装机。 |
binary | 二进制 | amoco | Yet another tool for analysing binaries. | 另一种分析二进制文件的工具。 |
binary | 二进制 | androguard | Reverse engineering, Malware and goodware analysis of Android applications and more. | Android应用程序的逆向工程,恶意软件和良好软件分析等。 |
binary | 二进制 | angr | The next-generation binary analysis platform from UC Santa Barbaras Seclab. | UC Santa Barbaras Seclab的下一代二进制分析平台。 |
binary | 二进制 | angr-management | This is the GUI for angr. | 这是angr的GUI。 |
binary | 二进制 | angr-py2 | The next-generation binary analysis platform from UC Santa Barbaras Seclab. | UC Santa Barbaras Seclab的下一代二进制分析平台。 |
binary | 二进制 | avet | AntiVirus Evasion Tool | AntiVirus Evasion工具 |
binary | 二进制 | barf | A multiplatform open source Binary Analysis and Reverse engineering Framework. | 多平台开源二进制分析和逆向工程框架。 |
binary | 二进制 | bgrep | Binary grep. | 二进制grep。 |
binary | 二进制 | binaryninja-python | Binary Ninja prototype written in Python. | 用Python编写的二进制忍者原型。 |
binary | 二进制 | bindead | A static analysis tool for binaries | 二进制文件的静态分析工具 |
binary | 二进制 | bindiff | A comparison tool for binary files, that assists vulnerability researchers and engineers to quickly find differences and similarities in disassembled code. | 二进制文件的比较工具,可帮助漏洞研究人员和工程师快速找到反汇编代码中的差异和相似之处。 |
binary | 二进制 | binflow | POSIX function tracing. Much better and faster than ftrace. | POSIX函数跟踪。比ftrace更好更快。 |
binary | 二进制 | binwally | Binary and Directory tree comparison tool using the Fuzzy Hashing concept (ssdeep). | 使用模糊散列概念(ssdeep)的二进制和目录树比较工具。 |
binary | 二进制 | bvi | A display-oriented editor for binary files operate like "vi" editor. | 面向显示的二进制文件编辑器的操作类似于“vi”编辑器。 |
binary | 二进制 | bytecode-viewer | A Java 8/Android APK Reverse Engineering Suite. | Java 8 / Android APK逆向工程套件。 |
binary | 二进制 | cminer | A tool for enumerating the code caves in PE files. | 用于枚举PE文件中的代码洞穴的工具。 |
binary | 二进制 | detect-it-easy | A program for determining types of files. | 用于确定文件类型的程序。 |
binary | 二进制 | dissector | This code dissects the internal data structures in ELF files. It supports x86 and x86_64 archs and runs under Linux. | 此代码剖析ELF文件中的内部数据结构。它支持x86和x86_64 archs并在Linux下运行。 |
binary | 二进制 | dutas | Analysis PE file or Shellcode. | 分析PE文件或Shellcode。 |
binary | 二进制 | dwarf | Full featured multi arch/os debugger built on top of PyQt5 and frida. | 基于PyQt5和frida构建的全功能多arch / os调试器。 |
binary | 二进制 | ecfs | Extended core file snapshot format. | 扩展核心文件快照格式。 |
binary | 二进制 | elfkickers | Collection of ELF utilities (includes sstrip) | ELF实用程序的集合(包括sstrip) |
binary | 二进制 | elfparser | Cross Platform ELF analysis. | 跨平台ELF分析。 |
binary | 二进制 | eresi | The ERESI Reverse Engineering Software Interface. | ERESI逆向工程软件接口。 |
binary | 二进制 | exescan | A tool to detect anomalies in PE (Portable Executable) files. | 用于检测PE(可移植可执行文件)文件中的异常的工具。 |
binary | 二进制 | expimp-lookup | Looks for all export and import names that contain a specified string in all Portable Executable in a directory tree. | 查找目录树中所有可移植可执行文件中包含指定字符串的所有导出和导入名称。 |
binary | 二进制 | expose | A Dynamic Symbolic Execution (DSE) engine for JavaScript | JavaScript的动态符号执行(DSE)引擎 |
binary | 二进制 | haystack | A Python framework for finding C structures from process memory - heap analysis - Memory structures forensics. | 用于从进程内存中查找C结构的Python框架 - 堆分析 - 内存结构取证。 |
binary | 二进制 | hercules-payload | A special payload generator that can bypass all antivirus software. | 一种特殊的有效负载生成器,可以绕过所有防病毒软件。 |
binary | 二进制 | hex2bin | Converts Motorola and Intel hex files to binary. | 将Motorola和Intel hex文件转换为二进制文件。 |
binary | 二进制 | imagejs | Small tool to package javascript into a valid image file. | 将javascript打包成有效图像文件的小工具。 |
binary | 二进制 | jpegdump | Tool to analyzse JPEG images Reads binary files and parses the JPEG markers inside them. | 分析JPEG图像的工具读取二进制文件并解析其中的JPEG标记。 |
binary | 二进制 | leena | Symbolic execution engine for JavaScript | JavaScript的符号执行引擎 |
binary | 二进制 | loadlibrary | Porting Windows Dynamic Link Libraries to Linux. | 将Windows动态链接库移植到Linux。 |
binary | 二进制 | manticore | Symbolic execution tool. | 符号执行工具。 |
binary | 二进制 | metame | A simple metamorphic code engine for arbitrary executables. | 用于任意可执行文件的简单变形代码引擎。 |
binary | 二进制 | objdump2shellcode | A tool I have found incredibly useful whenever creating custom shellcode. | 在创建自定义shellcode时,我发现了一个非常有用的工具。 |
binary | 二进制 | oledump | Analyze OLE files (Compound File Binary Format). These files contain streams of data. This tool allows you to analyze these streams. | 分析OLE文件(复合文件二进制格式)。这些文件包含数据流。此工具允许您分析这些流。 |
binary | 二进制 | oletools | Tools to analyze Microsoft OLE2 files. | 分析Microsoft OLE2文件的工具。 |
binary | 二进制 | packer | tool for creating identical machine images for multiple platforms from a single source configuration | 用于从单个源配置为多个平台创建相同机器映像的工具 |
binary | 二进制 | packerid | Script which uses a PEiD database to identify which packer (if any) is being used by a binary. | 使用PEiD数据库识别二进制文件正在使用哪个打包程序(如果有)的脚本。 |
binary | 二进制 | patchkit | Powerful binary patching from Python. | 从Python强大的二进制修补。 |
binary | 二进制 | pixd | Colourful visualization tool for binary files. | 二进制文件的彩色可视化工具。 |
binary | 二进制 | powerstager | A payload stager using PowerShell. | 使用PowerShell的有效负载stager。 |
binary | 二进制 | procdump | Generate coredumps based off performance triggers. | 根据性能触发器生成coredump。 |
binary | 二进制 | proctal | Provides a command line interface and a C library to manipulate the address space of a running program on Linux. | 提供命令行界面和C库来操作Linux上正在运行的程序的地址空间。 |
binary | 二进制 | python-oletools | Tools to analyze Microsoft OLE2 files. | 分析Microsoft OLE2文件的工具。 |
binary | 二进制 | python2-oletools | Tools to analyze Microsoft OLE2 files. | 分析Microsoft OLE2文件的工具。 |
binary | 二进制 | saruman | ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection). | ELF反取证执行,用于将完整的动态可执行文件注入过程映像(使用线程注入)。 |
binary | 二进制 | soot | A Java Bytecode Analysis and Transformation Framework. | Java字节码分析和转换框架。 |
binary | 二进制 | strace | A diagnostic, debugging and instructional userspace tracer | 诊断,调试和指导用户空间跟踪器 |
binary | 二进制 | swftools | A collection of SWF manipulation and creation utilities. | SWF操作和创建实用程序的集合。 |
binary | 二进制 | triton | A Dynamic Binary Analysis (DBA) framework. | 动态二进制分析(DBA)框架。 |
binary | 二进制 | upx | Ultimate executable compressor. | 终极执行压缩器。 |
binary | 二进制 | valgrind | Tool to help find memory-management problems in programs | 帮助查找程序中的内存管理问题的工具 |
binary | 二进制 | veles | New open source tool for binary data analysis. | 用于二进制数据分析的新型开源工具。 |
binary | 二进制 | wcc | The Witchcraft Compiler Collection. | 巫术编译器集合。 |
binary | 二进制 | wxhexeditor | A free hex editor / disk editor for Linux, Windows and MacOSX. | 适用于Linux,Windows和MacOSX的免费十六进制编辑器/磁盘编辑器。 |
bluetooth | 蓝牙 | bluebugger | An implementation of the bluebug technique which was discovered by Martin Herfurt. | 由Martin Herfurt发现的bluebug技术的实现。 |
bluetooth | 蓝牙 | bluediving | A Bluetooth penetration testing suite. | 蓝牙渗透测试套件。 |
bluetooth | 蓝牙 | bluelog | A Bluetooth scanner and sniffer written to do a single task, log devices that are in discoverable mode. | 写入蓝牙扫描仪和嗅探器以执行单个任务,记录处于可发现模式的设备。 |
bluetooth | 蓝牙 | bluepot | A Bluetooth Honeypot written in Java, it runs on Linux | 用Java编写的蓝牙蜜罐,它运行在Linux上 |
bluetooth | 蓝牙 | blueprint | A perl tool to identify Bluetooth devices. | 用于识别蓝牙设备的perl工具。 |
bluetooth | 蓝牙 | bluescan | A Bluetooth Device Scanner. | 蓝牙设备扫描仪。 |
bluetooth | 蓝牙 | bluesnarfer | A bluetooth attacking tool. | 蓝牙攻击工具。 |
bluetooth | 蓝牙 | bluphish | Bluetooth device and service discovery tool that can be used for security assessment and penetration testing. | 蓝牙设备和服务发现工具,可用于安全评估和渗透测试。 |
bluetooth | 蓝牙 | braces | A Bluetooth Tracking Utility. | 蓝牙跟踪实用程序。 |
bluetooth | 蓝牙 | bss | Bluetooth stack smasher / fuzzer | 蓝牙堆栈smasher / fuzzer |
bluetooth | 蓝牙 | bt_audit | Bluetooth audit | 蓝牙审核 |
bluetooth | 蓝牙 | btcrack | The world's first Bluetooth Pass phrase (PIN) bruteforce tool. Bruteforces the Passkey and the Link key from captured Pairing exchanges. | 世界上第一款蓝牙通行短语(PIN)强力工具。从捕获的配对交换中强制传递密钥和链接密钥。 |
bluetooth | 蓝牙 | btlejack | Bluetooth Low Energy Swiss-army knife. | 蓝牙低能量瑞士军刀。 |
bluetooth | 蓝牙 | btproxy-mitm | Man in the Middle analysis tool for Bluetooth. | 用于蓝牙的中间人分析工具。 |
bluetooth | 蓝牙 | btscanner | Bluetooth device scanner. | 蓝牙设备扫描仪。 |
bluetooth | 蓝牙 | carwhisperer | Intends to sensibilise manufacturers of carkits and other Bluetooth appliances without display and keyboard for the possible security threat evolving from the use of standard passkeys. | 旨在使没有显示器和键盘的carkits和其他蓝牙设备制造商敏感,以防止因使用标准密码而产生的安全威胁。 |
bluetooth | 蓝牙 | ghettotooth | Ghettodriving for bluetooth | Ghettodriving为蓝牙 |
bluetooth | 蓝牙 | hidattack | HID Attack (attacking HID host implementations) | HID攻击(攻击HID主机实现) |
bluetooth | 蓝牙 | obexstress | Script for testing remote OBEX service for some potential vulnerabilities. | 用于测试某些潜在漏洞的远程OBEX服务的脚本。 |
bluetooth | 蓝牙 | redfang | Finds non-discoverable Bluetooth devices by brute-forcing the last six bytes of the devices' Bluetooth addresses and calling read_remote_name(). | 通过强制设备的蓝牙地址的最后六个字节并调用read_remote_name()来查找不可发现的蓝牙设备。 |
bluetooth | 蓝牙 | spooftooph | Designed to automate spoofing or cloning Bluetooth device Name, Class, and Address. Cloning this information effectively allows Bluetooth device to hide in plain sight. | 旨在自动欺骗或克隆蓝牙设备名称,类和地址。有效地克隆此信息允许蓝牙设备隐藏在视线之内。 |
bluetooth | 蓝牙 | tbear | Transient Bluetooth Environment Auditor includes an ncurses-based Bluetooth scanner (a bit similar to kismet), a Bluetooth DoS tool, and a Bluetooth hidden device locator. | 瞬态蓝牙环境审核员包括基于ncurses的蓝牙扫描仪(有点类似于kismet),蓝牙DoS工具和蓝牙隐藏设备定位器。 |
bluetooth | 蓝牙 | ubertooth | A 2.4 GHz wireless development board suitable for Bluetooth experimentation. Open source hardware and software. Tools only. | 适用于蓝牙实验的2.4 GHz无线开发板。开源硬件和软件。仅限工具。 |
code-audit | 代码审计 | bof-detector | A simple detector of BOF vulnerabilities by source-code-level check. | 通过源代码级别检查简单检测BOF漏洞。 |
code-audit | 代码审计 | brakeman | A static analysis security vulnerability scanner for Ruby on Rails applications. | 适用于Ruby on Rails应用程序的静态分析安全漏洞扫描程序。 |
code-audit | 代码审计 | cflow | A C program flow analyzer. | AC程序流量分析仪。 |
code-audit | 代码审计 | cppcheck | A tool for static C/C++ code analysis | 用于静态C / C ++代码分析的工具 |
code-audit | 代码审计 | cpptest | A portable and powerful, yet simple, unit testing framework for handling automated tests in C++. | 一个可移植且功能强大且简单的单元测试框架,用于处理C ++中的自动化测试。 |
code-audit | 代码审计 | dscanner | Swiss-army knife for D source code | 瑞士军刀为D源代码 |
code-audit | 代码审计 | flawfinder | Searches through source code for potential security flaws | 通过源代码搜索潜在的安全漏洞 |
code-audit | 代码审计 | graudit | Grep rough source code auditing tool. | Grep粗略的源代码审计工具。 |
code-audit | 代码审计 | mosca | Static analysis tool to find bugs like a grep unix command. | 静态分析工具可以找到像grep unix命令一样的bug。 |
code-audit | 代码审计 | pfff | Tools and APIs for code analysis, visualization and transformation | 用于代码分析,可视化和转换的工具和API |
code-audit | 代码审计 | pscan | A limited problem scanner for C source files | C源文件的有限问题扫描程序 |
code-audit | 代码审计 | shellcheck | Shell script analysis tool | Shell脚本分析工具 |
code-audit | 代码审计 | snyk | CLI and build-time tool to find and fix known vulnerabilities in open-source dependencies. | CLI和构建时工具,用于查找和修复开源依赖项中的已知漏洞。 |
code-audit | 代码审计 | splint | A tool for statically checking C programs for security vulnerabilities and coding mistakes | 用于静态检查C程序是否存在安全漏洞和编码错误的工具 |
code-audit | 代码审计 | wpbullet | A static code analysis for WordPress (and PHP). | WordPress(和PHP)的静态代码分析。 |
code-audit | 代码审计 | wscript | Emulator/tracer of the Windows Script Host functionality. | Windows脚本宿主功能的模拟器/跟踪器。 |
code-audit | 代码审计 | yasca | Multi-Language Static Analysis Toolset. | 多语言静态分析工具集。 |
cracker | 破解 | acccheck | A password dictionary attack tool that targets windows authentication via the SMB protocol. | 密码字典攻击工具,通过SMB协议进行Windows身份验证。 |
cracker | 破解 | aesfix | A tool to find AES key in RAM. | 在RAM中查找AES密钥的工具。 |
cracker | 破解 | aeskeyfind | A tool to find AES key in RAM. | 在RAM中查找AES密钥的工具。 |
cracker | 破解 | against | A very fast ssh attacking script which includes a multithreaded port scanning module (tcp connect) for discovering possible targets and a multithreaded brute-forcing module which attacks parallel all discovered hosts or given ip addresses from a list. | 一个非常快速的ssh攻击脚本,包括一个用于发现可能目标的多线程端口扫描模块(tcp connect)和一个多线程暴力破坏模块,它可以攻击所有发现的主机并从列表中获取IP地址。 |
cracker | 破解 | asleap | Actively recover LEAP/PPTP passwords. | 主动恢复LEAP / PPTP密码。 |
cracker | 破解 | beleth | A Multi-threaded Dictionary based SSH cracker. | 基于多线程词典的SSH破解程序。 |
cracker | 破解 | bgp-md5crack | RFC2385 password cracker | RFC2385密码破解程序 |
cracker | 破解 | bios_memimage | A tool to dump RAM contents to disk (aka cold boot attack). | 将RAM内容转储到磁盘的工具(又称冷启动攻击)。 |
cracker | 破解 | bkhive | Program for dumping the syskey bootkey from a Windows NT/2K/XP system hive. | 从Windows NT / 2K / XP系统配置单元转储syskey bootkey的程序。 |
cracker | 破解 | blackhash | Creates a filter from system hashes | 从系统哈希创建过滤器 |
cracker | 破解 | bob-the-butcher | A distributed password cracker package. | 分布式密码破解程序包。 |
cracker | 破解 | brut3k1t | Brute-force attack that supports multiple protocols and services. | 支持多种协议和服务的暴力攻击。 |
cracker | 破解 | bruteforce-luks | Try to find the password of a LUKS encrypted volume. | 尝试查找LUKS加密卷的密码。 |
cracker | 破解 | bruteforce-salted-openssl | Try to find the password of a file that was encrypted with the 'openssl' command. | 尝试查找使用“openssl”命令加密的文件的密码。 |
cracker | 破解 | bruteforce-wallet | Try to find the password of an encrypted Peercoin (or Bitcoin,Litecoin, etc...) wallet file. | 尝试找到加密的Peercoin(或比特币,Litecoin等)钱包文件的密码。 |
cracker | 破解 | brutessh | A simple sshd password bruteforcer using a wordlist, it's very fast for internal networks. It's multithreads. | 一个简单的sshd密码bruteforcer使用wordlist,它对内部网络来说非常快。它是多线程的。 |
cracker | 破解 | chapcrack | A tool for parsing and decrypting MS-CHAPv2 network handshakes. | 用于解析和解密MS-CHAPv2网络握手的工具。 |
cracker | 破解 | checkpwd | Oracle Password Checker (Cracker). | Oracle密码检查器(Cracker)。 |
cracker | 破解 | cintruder | An automatic pentesting tool to bypass captchas. | 一种绕过验证码的自动测试工具。 |
cracker | 破解 | cisco-auditing-tool | Perl script which scans cisco routers for common vulnerabilities. Checks for default passwords, easily guessable community names, and the IOS history bug. Includes support for plugins and scanning multiple hosts. | Perl脚本扫描cisco路由器的常见漏洞。检查默认密码,易于猜测的社区名称和IOS历史记录错误。包括对插件的支持和扫描多个主机。 |
cracker | 破解 | cisco-ocs | Cisco Router Default Password Scanner. | Cisco路由器默认密码扫描程序。 |
cracker | 破解 | cisco-scanner | Multithreaded Cisco HTTP vulnerability scanner. Tested on Linux, OpenBSD and Solaris. | 多线程Cisco HTTP漏洞扫描程序。在Linux,OpenBSD和Solaris上测试过。 |
cracker | 破解 | cisco5crack | Crypt and decrypt the cisco enable 5 passwords. | 加密并解密cisco启用5个密码。 |
cracker | 破解 | cisco7crack | Crypt and decrypt the cisco enable 7 passwords. | 加密并解密cisco启用7个密码。 |
cracker | 破解 | cmospwd | Decrypts password stored in CMOS used to access BIOS setup. | 存储在CMOS中的解密密码用于访问BIOS设置。 |
cracker | 破解 | crackhor | A Password cracking utility. | 密码破解实用程序。 |
cracker | 破解 | crackle | Crack and decrypt BLE encryption | 破解和解密BLE加密 |
cracker | 破解 | crackq | Hashcrack.org GPU-accelerated password cracker. | Hashcrack.org GPU加速密码破解程序。 |
cracker | 破解 | crackserver | An XMLRPC server for password cracking. | 用于密码破解的XMLRPC服务器。 |
cracker | 破解 | creddump | A python tool to extract various credentials and secrets from Windows registry hives. | 一个python工具,用于从Windows注册表配置单元中提取各种凭据和机密。 |
cracker | 破解 | crowbar | A brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools. | 可在穿透测试期间使用的强力推进工具。它的开发是为了支持thc-hydra和其他流行的强力工具目前不支持的协议。 |
cracker | 破解 | cryptohazemultiforcer | High performance multihash brute forcer with CUDA support. | 高性能multihash brute forcer,支持CUDA。 |
cracker | 破解 | cudahashcat | Worlds fastest WPA cracker with dictionary mutation engine. | 世界上最快的WPA破解者与字典变异引擎。 |
cracker | 破解 | cupp | Common User Password Profiler | 通用用户密码分析器 |
cracker | 破解 | dbpwaudit | A Java tool that allows you to perform online audits of password quality for several database engines. | 一种Java工具,允许您对多个数据库引擎执行密码质量的在线审核。 |
cracker | 破解 | depant | Check network for services with default passwords. | 使用默认密码检查网络中的服务。 |
cracker | 破解 | device-pharmer | Opens 1K+ IPs or Shodan search results and attempts to login. | 打开1K + IP或Shodan搜索结果并尝试登录。 |
cracker | 破解 | doozer | A Password cracking utility. | 密码破解实用程序。 |
cracker | 破解 | dpeparser | Default password enumeration project | 默认密码枚举项目 |
cracker | 破解 | eapmd5pass | An implementation of an offline dictionary attack against the EAP-MD5 protocol | 针对EAP-MD5协议的离线字典攻击的实现 |
cracker | 破解 | enabler | Attempts to find the enable password on a cisco system via brute force. | 尝试通过强力在cisco系统上查找启用密码。 |
cracker | 破解 | evilize | Tool to create MD5 colliding binaries. | 创建MD5碰撞二进制文件的工具。 |
cracker | 破解 | evilmaid | TrueCrypt loader backdoor to sniff volume password | TrueCrypt装载机后门嗅探密码 |
cracker | 破解 | f-scrack | A single file bruteforcer supports multi-protocol. | 单个文件bruteforcer支持多协议。 |
cracker | 破解 | facebrute | This script tries to guess passwords for a given facebook account using a list of passwords (dictionary). | 此脚本尝试使用密码列表(字典)猜测给定Facebook帐户的密码。 |
cracker | 破解 | fang | A multi service threaded MD5 cracker. | 多服务线程MD5破解器。 |
cracker | 破解 | fcrackzip | Zip file password cracker | Zip文件密码破解程序 |
cracker | 破解 | fern-wifi-cracker | WEP, WPA wifi cracker for wireless penetration testing | WEP,WPA wifi破解器用于无线渗透测试 |
cracker | 破解 | ftp-scanner | Multithreaded ftp scanner/brute forcer. Tested on Linux, OpenBSD and Solaris. | 多线程ftp扫描仪/暴力破碎机。在Linux,OpenBSD和Solaris上测试过。 |
cracker | 破解 | hashcat | Multithreaded advanced password recovery utility | 多线程高级密码恢复实用程序 |
cracker | 破解 | hasher | A tool that allows you to quickly hash plaintext strings, or compare hashed values with a plaintext locally. | 一种工具,允许您快速散列明文字符串,或将散列值与本地明文进行比较。 |
cracker | 破解 | hashtag | A python script written to parse and identify password hashes. | 编写用于解析和识别密码哈希值的python脚本。 |
cracker | 破解 | hostbox-ssh | A ssh password/account scanner. | 一个ssh密码/帐户扫描程序。 |
cracker | 破解 | htpwdscan | A python HTTP weak pass scanner. | 一个python HTTP弱传递扫描器。 |
cracker | 破解 | hydra | Very fast network logon cracker which support many different services | 非常快速的网络登录cracker,支持许多不同的服务 |
cracker | 破解 | ibrute | An AppleID password bruteforce tool. It uses Find My Iphone service API, where bruteforce protection was not implemented. | AppleID密码暴力工具。它使用Find My Iphone服务API,其中未实现强力保护。 |
cracker | 破解 | icloudbrutter | Tool for AppleID Bruteforce. | AppleID Bruteforce工具。 |
cracker | 破解 | iheartxor | A tool for bruteforcing encoded strings within a boundary defined by a regular expression. It will bruteforce the key value range of 0x1 through 0x255. | 用于在由正则表达式定义的边界内强制编码字符串的工具。它将强制执行0x1到0x255的键值范围。 |
cracker | 破解 | iisbruteforcer | HTTP authentication cracker. It's a tool that launchs an online dictionary attack to test for weak or simple passwords against protected areas on an IIS Web server. | HTTP身份验证破解程序。它是一种启动在线字典攻击的工具,用于测试IIS Web服务器上受保护区域的弱密码或简单密码。 |
cracker | 破解 | ikecrack | An IKE/IPSec crack tool designed to perform Pre-Shared-Key analysis of RFC compliant aggressive mode authentication | IKE / IPSec破解工具,用于执行符合RFC的主动模式身份验证的预共享密钥分析 |
cracker | 破解 | inguma | A free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler. | 完全用python编写的免费渗透测试和漏洞发现工具包。框架包括发现主机,收集有关信息,模糊目标,暴力用户名和密码,漏洞利用程序和反汇编程序的模块。 |
cracker | 破解 | instashell | Multi-threaded Instagram Brute Forcer without password limit. | 多线程Instagram Brute Forcer没有密码限制。 |
cracker | 破解 | ipmipwn | IPMI cipher 0 attack tool. | IPMI密码0攻击工具。 |
cracker | 破解 | jbrute | Open Source Security tool to audit hashed passwords. | 用于审核散列密码的开源安全工具。 |
cracker | 破解 | jeangrey | A tool to perform differential fault analysis attacks (DFA). | 一种执行差分故障分析攻击(DFA)的工具。 |
cracker | 破解 | john | John the Ripper password cracker | John the Ripper密码破解者 |
cracker | 破解 | johnny | GUI for John the Ripper. | John the Ripper的GUI。 |
cracker | 破解 | jwt-cracker | JWT brute force cracker written in C. | 用C写的JWT蛮力饼干 |
cracker | 破解 | keimpx | Tool to verify the usefulness of credentials across a network over SMB. | 用于通过SMB验证网络上凭据的有用性的工具。 |
cracker | 破解 | khc | A small tool designed to recover hashed known_hosts fiels back to their plain-text equivalents. | 一个旨在恢复散列known_hosts的小工具可以恢复到它们的纯文本等价物。 |
cracker | 破解 | ldap-brute | A semi fast tool to bruteforce values of LDAP injections over HTTP. | 一种半快速工具,可通过HTTP强制执行LDAP注入的值。 |
cracker | 破解 | levye | A brute force tool which is support sshkey, vnckey, rdp, openvpn. | 一个强大的工具,支持sshkey,vnckey,rdp,openvpn。 |
cracker | 破解 | lodowep | Lodowep is a tool for analyzing password strength of accounts on a Lotus Domino webserver system. | Lodowep是一种用于分析Lotus Domino Web服务器系统上帐户密码强度的工具。 |
cracker | 破解 | mdcrack | MD4/MD5/NTLM1 hash cracker | MD4 / MD5 / NTLM1哈希破解器 |
cracker | 破解 | medusa | Speedy, massively parallel and modular login brute-forcer for network | 用于网络的快速,大规模并行和模块化登录brute-forcer |
cracker | 破解 | mfoc | MiFare Classic Universal toolKit | MiFare Classic Universal toolKit |
cracker | 破解 | mkbrutus | Password bruteforcer for MikroTik devices or boxes running RouterOS. | 用于MikroTik设备的密码强制执行器或运行RouterOS的盒子。 |
cracker | 破解 | morxbook | A password cracking tool written in perl to perform a dictionary-based attack on a specific Facebook user through HTTPS. | 用perl编写的密码破解工具,通过HTTPS对特定的Facebook用户执行基于字典的攻击。 |
cracker | 破解 | morxbrute | A customizable HTTP dictionary-based password cracking tool written in Perl. | 一个用Perl编写的可自定义的基于HTTP字典的密码破解工具。 |
cracker | 破解 | morxbtcrack | Single Bitcoin private key cracking tool released. | 发布单比特币私钥破解工具。 |
cracker | 破解 | morxcoinpwn | Mass Bitcoin private keys brute forcing/Take over tool released. | 大量比特币私钥暴力强制/接管工具发布。 |
cracker | 破解 | morxcrack | A cracking tool written in Perl to perform a dictionary-based attack on various hashing algorithm and CMS salted-passwords. | 用Perl编写的破解工具,用于对各种散列算法和CMS salted-passwords执行基于字典的攻击。 |
cracker | 破解 | mybff | A Brute Force Framework. | 蛮力框架。 |
cracker | 破解 | ncrack | High-speed network authentication cracking tool | 高速网络认证破解工具 |
cracker | 破解 | oclhashcat | Worlds fastest WPA cracker with dictionary mutation engine. | 世界上最快的WPA破解者与字典变异引擎。 |
cracker | 破解 | omen | Ordered Markov ENumerator - Password Guesser. | 有序马尔可夫枚举器 - 密码猜测器。 |
cracker | 破解 | onesixtyone | An SNMP scanner that sends multiple SNMP requests to multiple IP addresses | SNMP扫描程序,可将多个SNMP请求发送到多个IP地址 |
cracker | 破解 | ophcrack | Windows password cracker based on rainbow tables | 基于彩虹表的Windows密码破解程序 |
cracker | 破解 | outlook-webapp-brute | Microsoft Outlook WebAPP Brute. | Microsoft Outlook WebAPP Brute。 |
cracker | 破解 | owabf | Outlook Web Access bruteforcer tool. | Outlook Web Access bruteforcer工具。 |
cracker | 破解 | pack | Password Analysis and Cracking Kit | 密码分析和破解工具包 |
cracker | 破解 | passcracking | A little python script for sending hashes to passcracking.com and milw0rm | 一个小的python脚本,用于将散列发送到passcracking.com和milw0rm |
cracker | 破解 | passe-partout | Tool to extract RSA and DSA private keys from any process linked with OpenSSL. The target memory is scanned to lookup specific OpenSSL patterns. | 用于从与OpenSSL链接的任何进程中提取RSA和DSA私钥的工具。扫描目标内存以查找特定的OpenSSL模式。 |
cracker | 破解 | patator | A multi-purpose bruteforcer. | 多用途的bruteforcer。 |
cracker | 破解 | pdfcrack | Password recovery tool for PDF-files | PDF文件的密码恢复工具 |
cracker | 破解 | pdgmail | A password dictionary attack tool that targets windows authentication via the SMB protocol. | 密码字典攻击工具,通过SMB协议进行Windows身份验证。 |
cracker | 破解 | pemcrack | Cracks SSL PEM files that hold encrypted private keys. Brute forces or dictionary cracks. | 破解包含加密私钥的SSL PEM文件。蛮力或字典裂缝。 |
cracker | 破解 | pemcracker | Tool to crack encrypted PEM files. | 破解加密的PEM文件的工具。 |
cracker | 破解 | phoss | Sniffer designed to find HTTP, FTP, LDAP, Telnet, IMAP4, VNC and POP3 logins. | Sniffer旨在查找HTTP,FTP,LDAP,Telnet,IMAP4,VNC和POP3登录。 |
cracker | 破解 | php-mt-seed | PHP mt_rand() seed cracker. | PHP mt_rand()种子破解者。 |
cracker | 破解 | php-rfi-payload-decoder | Decode and analyze RFI payloads developed in PHP. | 解码和分析PHP开发的RFI有效负载。 |
cracker | 破解 | phrasendrescher | A modular and multi processing pass phrase cracking tool. | 模块化和多处理密码破解工具。 |
cracker | 破解 | pipal | A password analyser. | 密码分析。 |
cracker | 破解 | pipeline | Designed to aid in targeted brute force password cracking attacks. | 旨在帮助有针对性的暴力密码破解攻击。 |
cracker | 破解 | pkcrack | A PkZip encryption cracker. | PkZip加密破解程序。 |
cracker | 破解 | pybozocrack | A silly & effective MD5 cracker in Python. | Python中一个愚蠢而有效的MD5破解程序。 |
cracker | 破解 | pyrit | The famous WPA precomputed cracker | 着名的WPA预先计算好的饼干 |
cracker | 破解 | rainbowcrack | Password cracker based on the faster time-memory trade-off. With MySQL and Cisco PIX Algorithm patches. | 密码破解程序基于更快的时间内存权衡。使用MySQL和Cisco PIX算法补丁。 |
cracker | 破解 | rarcrack | This program uses bruteforce algorithm to find correct password (rar, 7z, zip). | 该程序使用bruteforce算法来查找正确的密码(rar,7z,zip)。 |
cracker | 破解 | rcracki-mt | A tool to perform rainbow table attacks on password hashes. It is intended for indexed/perfected rainbow tables, mainly generated by the distributed project www.freerainbowtables.com | 用于对密码哈希执行彩虹表攻击的工具。它适用于索引/完善的彩虹表,主要由分布式项目www.freerainbowtables.com生成 |
cracker | 破解 | rdesktop-brute | It connects to windows terminal servers - Bruteforce patch included. | 它连接到Windows终端服务器 - 包括Bruteforce补丁。 |
cracker | 破解 | ridenum | A null session RID cycle attack for brute forcing domain controllers. | 针对暴力强制域控制器的空会话RID周期攻击。 |
cracker | 破解 | rlogin-scanner | Multithreaded rlogin scanner. Tested on Linux, OpenBSD and Solaris. | 多线程rlogin扫描程序。在Linux,OpenBSD和Solaris上测试过。 |
cracker | 破解 | rootbrute | Local root account bruteforcer. | 本地root帐户bruteforcer。 |
cracker | 破解 | rpdscan | Remmina Password Decoder and scanner. | Remmina密码解码器和扫描仪。 |
cracker | 破解 | rsakeyfind | A tool to find RSA key in RAM. | 在RAM中查找RSA密钥的工具。 |
cracker | 破解 | samdump2 | Dump password hashes from a Windows NT/2k/XP installation | 从Windows NT / 2k / XP安装转储密码哈希 |
cracker | 破解 | samydeluxe | Automatic samdump creation script. | 自动samdump创建脚本。 |
cracker | 破解 | sidguesser | Guesses sids/instances against an Oracle database according to a predefined dictionary file. | 根据预定义的字典文件猜测针对Oracle数据库的sid /实例。 |
cracker | 破解 | sipcrack | A SIP protocol login cracker. | SIP协议登录破解程序。 |
cracker | 破解 | skul | A PoC to bruteforce the Cryptsetup implementation of Linux Unified Key Setup (LUKS). | PoC强制执行Linux Unified Key Setup(LUKS)的Cryptsetup实现。 |
cracker | 破解 | smbbf | SMB password bruteforcer. | SMB密码强制执行者。 |
cracker | 破解 | snmp-brute | SNMP brute force, enumeration, CISCO config downloader and password cracking script. | SNMP暴力,枚举,CISCO配置下载和密码破解脚本。 |
cracker | 破解 | speedpwn | An active WPA/2 Bruteforcer, original created to prove weak standard key generation in different ISP labeled routers without a client is connected. | 一个活动的WPA / 2 Bruteforcer,原始创建用于证明在没有客户端的不同ISP标记的路由器中生成弱标准密钥生成。 |
cracker | 破解 | sqlpat | This tool should be used to audit the strength of Microsoft SQL Server passwords offline. | 此工具应用于离线审核Microsoft SQL Server密码的强度。 |
cracker | 破解 | ssh-privkey-crack | A SSH private key cracker. | 一个SSH私钥破解者。 |
cracker | 破解 | sshatter | Password bruteforcer for SSH. | SSH的密码强制执行器。 |
cracker | 破解 | sshscan | A horizontal SSH scanner that scans large swaths of IPv4 space for a single SSH user and pass. | 一个水平SSH扫描程序,可扫描单个SSH用户的大块IPv4空间并通过。 |
cracker | 破解 | sshtrix | A very fast multithreaded SSH login cracker. | 一个非常快速的多线程SSH登录破解程序。 |
cracker | 破解 | sslnuke | Transparent proxy that decrypts SSL traffic and prints out IRC messages. | 透明代理,用于解密SSL流量并打印出IRC消息。 |
cracker | 破解 | sucrack | A multi-threaded Linux/UNIX tool for brute-force cracking local user accounts via su | 一种多线程Linux / UNIX工具,用于通过su强制破解本地用户帐户 |
cracker | 破解 | tckfc | TrueCrypt key file cracker. | TrueCrypt密钥文件破解程序。 |
cracker | 破解 | tftp-bruteforce | A fast TFTP filename bruteforcer written in perl. | 用perl编写的快速TFTP文件名bruteforcer。 |
cracker | 破解 | thc-keyfinder | Finds crypto keys, encrypted data and compressed data in files by analyzing the entropy of parts of the file. | 通过分析文件各部分的熵,在文件中查找加密密钥,加密数据和压缩数据。 |
cracker | 破解 | thc-pptp-bruter | A brute force program that works against pptp vpn endpoints (tcp port 1723). | 对pptp vpn端点(tcp端口1723)起作用的强制程序。 |
cracker | 破解 | thc-smartbrute | This tool finds undocumented and secret commands implemented in a smartcard. | 此工具查找在智能卡中实现的未记录和秘密命令。 |
cracker | 破解 | truecrack | Password cracking for truecrypt(c) volumes. | truecrypt(c)卷的密码破解。 |
cracker | 破解 | ufo-wardriving | Allows you to test the security of wireless networks by detecting their passwords based on the router model. | 允许您通过根据路由器型号检测其密码来测试无线网络的安全性。 |
cracker | 破解 | vnc-bypauth | Multi-threaded bypass authentication scanner for VNC smaller than v4.1.1 servers. | VNC的多线程旁路认证扫描程序小于v4.1.1服务器。 |
cracker | 破解 | vncrack | What it looks like: crack VNC. | 它看起来像:破解VNC。 |
cracker | 破解 | wmat | Automatic tool for testing webmail accounts. | 用于测试webmail帐户的自动工具。 |
cracker | 破解 | wordbrutepress | Python script that performs brute forcing against WordPress installs using a wordlist. | Python脚本,使用wordlist对WordPress安装执行强制强制。 |
cracker | 破解 | wpbf | Multithreaded WordPress brute forcer. | 多线程WordPress粗暴的forcer。 |
cracker | 破解 | wpbrute-rpc | Tool for amplified bruteforce attacks on wordpress based website via xmlrcp API. | 通过xmlrcp API对基于wordpress的网站进行放大暴力攻击的工具。 |
cracker | 破解 | wyd | Gets keywords from personal files. IT security/forensic tool. | 从个人文件中获取关键字。IT安全/取证工具。 |
cracker | 破解 | zulu | A light weight 802.11 wireless frame generation tool to enable fast and easy debugging and probing of 802.11 networks. | 轻量级802.11无线帧生成工具,可以快速轻松地调试和探测802.11网络。 |
cracking | 破解 | obevilion | Another archive cracker created in python | 另一个在python中创建的存档破解程序 |
crypto | 加密 | aespipe | Reads data from stdin and outputs encrypted or decrypted results to stdout. | 从stdin读取数据并将加密或解密的结果输出到stdout。 |
crypto | 加密 | argon2 | A password-hashing function (reference C implementation) | 密码散列函数(参考C实现) |
crypto | 加密 | auto-xor-decryptor | Automatic XOR decryptor tool. | 自动XOR解密器工具。 |
crypto | 加密 | bletchley | A collection of practical application cryptanalysis tools. | 一组实用的应用程序密码分析工具。 |
crypto | 加密 | ciphertest | A better SSL cipher checker using gnutls. | 使用gnutls的更好的SSL密码检查程序。 |
crypto | 加密 | ciphr | A CLI tool for encoding, decoding, encryption, decryption, and hashing streams of data. | 用于编码,解码,加密,解密和散列数据流的CLI工具。 |
crypto | 加密 | codetective | A tool to determine the crypto/encoding algorithm used according to traces of its representation. | 一种工具,用于根据其表示的痕迹确定使用的加密/编码算法。 |
crypto | 加密 | cribdrag | An interactive crib dragging tool for cryptanalysis on ciphertext generated with reused or predictable stream cipher keys. | 一种交互式婴儿床拖动工具,用于对使用重用或可预测的流密码密钥生成的密文进行密码分析。 |
crypto | 加密 | crypthook | TCP/UDP symmetric encryption tunnel wrapper. | TCP / UDP对称加密隧道包装器。 |
crypto | 加密 | cryptonark | SSL security checker. | SSL安全检查程序。 |
crypto | 加密 | dagon | Advanced Hash Manipulation. | 高级哈希操作。 |
crypto | 加密 | daredevil | A tool to perform (higher-order) correlation power analysis attacks (CPA). | 执行(高阶)相关功率分析攻击(CPA)的工具。 |
crypto | 加密 | decodify | Tool that can detect and decode encoded strings, recursively. | 可以递归地检测和解码编码字符串的工具。 |
crypto | 加密 | deen | Generic data encoding/decoding application built with PyQt5. | 使用PyQt5构建的通用数据编码/解码应用程序。 |
crypto | 加密 | demiguise | HTA encryption tool for RedTeams. | 适用于RedTeams的HTA加密工具。 |
crypto | 加密 | dislocker | Read BitLocker encrypted volumes under Linux | 在Linux下读取BitLocker加密卷 |
crypto | 加密 | factordb-pycli | CLI for factordb and Python API Client. | 用于factordb和Python API客户端的CLI。 |
crypto | 加密 | featherduster | An automated, modular cryptanalysis tool. | 一种自动化的模块化密码分析工具。 |
crypto | 加密 | findmyhash | Crack different types of hashes using free online services | 使用免费在线服务破解不同类型的哈希 |
crypto | 加密 | foresight | A tool for predicting the output of random number generators. | 用于预测随机数生成器输出的工具。 |
crypto | 加密 | gcrypt | Simple file encryption tool written in C++. | 用C ++编写的简单文件加密工具。 |
crypto | 加密 | gnutls2 | A library which provides a secure layer over a reliable transport layer (Version 2) | 在可靠传输层上提供安全层的库(版本2) |
crypto | 加密 | hash-buster | A python script which scraps online hash crackers to find cleartext of a hash. | 一个python脚本,它会废弃在线哈希破解程序以查找散列的明文。 |
crypto | 加密 | hash-extender | A hash length extension attack tool. | 哈希长度扩展攻击工具。 |
crypto | 加密 | hashdb | A block hash toolkit. | 块哈希工具包。 |
crypto | 加密 | hashdeep | cross-platform tools to message digests for any number of files | 跨平台工具,用于消息任意数量的文件摘要 |
crypto | 加密 | hashfind | A tool to search files for matching password hash types and other interesting data. | 搜索文件以查找匹配密码哈希类型和其他有趣数据的工具。 |
crypto | 加密 | hashid | Software to identify the different types of hashes used to encrypt data. | 用于识别用于加密数据的不同类型哈希的软件。 |
crypto | 加密 | hashpump | A tool to exploit the hash length extension attack in various hashing algorithms. | 一种在各种散列算法中利用散列长度扩展攻击的工具。 |
crypto | 加密 | hcxkeys | Set of tools to generate plainmasterkeys (rainbowtables) and hashes for hashcat and John the Ripper | 用于为hashcat和John the Ripper生成plainmasterkeys(rainbowtables)和哈希的工具集 |
crypto | 加密 | hdcp-genkey | Generate HDCP source and sink keys from the leaked master key. | 从泄漏的主密钥生成HDCP源和宿密钥。 |
crypto | 加密 | hlextend | Pure Python hash length extension module. | 纯Python哈希长度扩展模块。 |
crypto | 加密 | kraken | A project to encrypt A5/1 GSM signaling using a Time/Memory Tradeoff Attack. | 使用时间/内存权衡攻击加密A5 / 1 GSM信令的项目。 |
crypto | 加密 | libbde | A library to access the BitLocker Drive Encryption (BDE) format. | 用于访问BitLocker驱动器加密(BDE)格式的库。 |
crypto | 加密 | luksipc | A tool to convert unencrypted block devices to encrypted LUKS devices in-place. | 一种将未加密的块设备就地转换为加密的LUKS设备的工具。 |
crypto | 加密 | morxkeyfmt | Read a private key from stdin and output formatted data values. | 从stdin读取私钥并输出格式化的数据值。 |
crypto | 加密 | nomorexor | Tool to help guess a files 256 byte XOR key by using frequency analysis. | 使用频率分析帮助猜测文件256字节XOR密钥的工具。 |
crypto | 加密 | omnihash | Hash files, strings, input streams and network resources in various common algorithms simultaneously. | 同时在各种常见算法中散列文件,字符串,输入流和网络资源。 |
crypto | 加密 | openstego | A tool implemented in Java for generic steganography, with support for password-based encryption of the data. | 用Java实现的通用隐写工具,支持基于密码的数据加密。 |
crypto | 加密 | outguess | A universal steganographic tool. | 通用的隐写工具。 |
crypto | 加密 | pacumen | Packet Acumen - Analyse encrypted network traffic and more (side-channel attacks). | Packet Acumen - 分析加密的网络流量和更多(侧通道攻击)。 |
crypto | 加密 | pip3line | The Swiss army knife of byte manipulation. | 字节操纵的瑞士军刀。 |
crypto | 加密 | poracle | A tool for demonstrating padding oracle attacks. | 用于演示填充oracle攻击的工具。 |
crypto | 加密 | posttester | A jar file that will send POST requests to servers in order to test for the hash collision vulnerability discussed at the Chaos Communication Congress in Berlin. | 一个jar文件,它将向服务器发送POST请求,以测试柏林Chaos通信大会讨论的哈希冲突漏洞。 |
crypto | 加密 | pwd-hash | A password hashing tool that use the crypt function to generate the hash of a string given on standard input. | 密码散列工具,使用crypt函数生成标准输入上给出的字符串的散列。 |
crypto | 加密 | pwdlyser | Python-based CLI Password Analyser (Reporting Tool). | 基于Python的CLI密码分析器(报告工具)。 |
crypto | 加密 | rsactftool | RSA tool for ctf - retreive private key from weak public key and/or uncipher data. | 用于ctf的RSA工具 - 来自弱公钥和/或uncipher数据的retreive私钥。 |
crypto | 加密 | rsatool | Tool that can be used to calculate RSA and RSA-CRT parameters. | 可用于计算RSA和RSA-CRT参数的工具。 |
crypto | 加密 | sbd | Netcat-clone, portable, offers strong encryption - features AES-CBC + HMAC-SHA1 encryption, program execution (-e), choosing source port, continuous reconnection with delay + more | Netcat-clone,可移植,提供强大的加密功能 - 具有AES-CBC + HMAC-SHA1加密,程序执行(-e),选择源端口,连续重新连接和延迟+更多功能 |
crypto | 加密 | sha1collisiondetection | Library and command line tool to detect SHA collision in a file | 用于检测文件中的SHA冲突的库和命令行工具 |
crypto | 加密 | snow | Steganography program for concealing messages in text files. | 用于隐藏文本文件中的消息的隐写程序。 |
crypto | 加密 | ssdeep | A program for computing context triggered piecewise hashes | 用于计算上下文触发的分段散列的程序 |
crypto | 加密 | sslyze | Python tool for analyzing the configuration of SSL servers and for identifying misconfigurations. | Python工具,用于分析SSL服务器的配置和识别错误配置。 |
crypto | 加密 | testssl.sh | Testing TLS/SSL encryption | 测试TLS / SSL加密 |
crypto | 加密 | tls-attacker | A Java-based framework for analyzing TLS libraries. | 用于分析TLS库的基于Java的框架。 |
crypto | 加密 | tlsenum | A command line tool to enumerate TLS cipher-suites supported by a server. | 用于枚举服务器支持的TLS密码套件的命令行工具。 |
crypto | 加密 | tlsfuzzer | SSL and TLS protocol test suite and fuzzer. | SSL和TLS协议测试套件和模糊器。 |
crypto | 加密 | tlspretense | SSL/TLS client testing framework. | SSL / TLS客户端测试框架。 |
crypto | 加密 | untwister | Seed recovery tool for PRNGs. | PRNG的种子恢复工具。 |
crypto | 加密 | veracrypt | Disk encryption with strong security based on TrueCrypt | 基于TrueCrypt的强大安全性的磁盘加密 |
crypto | 加密 | xorbruteforcer | Script that implements a XOR bruteforcing of a given file, although a specific key can be used too. | 虽然也可以使用特定的密钥,但是实现给定文件的XOR强制执行的脚本。 |
crypto | 加密 | xorsearch | Program to search for a given string in an XOR, ROL or ROT encoded binary file. | 用于在XOR,ROL或ROT编码的二进制文件中搜索给定字符串的程序。 |
crypto | 加密 | xortool | A tool to analyze multi-byte xor cipher. | 一种分析多字节xor密码的工具。 |
crypto | 加密 | zulucrypt | Front end to cryptsetup and tcplay and it allows easy management of encrypted block devices. | cryptsetup和tcplay的前端,可以轻松管理加密的块设备。 |
database | 数据库 | blindsql | Set of bash scripts for blind SQL injection attacks. | 用于盲目SQL注入攻击的bash脚本集。 |
database | 数据库 | flamerobin | A tool to handle Firebird database management. | 一种处理Firebird数据库管理的工具。 |
database | 数据库 | getsids | Getsids tries to enumerate Oracle Sids by sending the services command to the Oracle TNS listener. Like doing ‘lsnrctl service’. | Getsids尝试通过将services命令发送到Oracle TNS侦听器来枚举Oracle Sids。喜欢做'lsnrctl服务'。 |
database | 数据库 | metacoretex | MetaCoretex is an entirely JAVA vulnerability scanning framework for databases. | MetaCoretex是一个完全用于数据库的JAVA漏洞扫描框架。 |
database | 数据库 | mysql2sqlite | Converts a mysqldump file into a Sqlite 3 compatible file. | 将mysqldump文件转换为Sqlite 3兼容文件。 |
database | 数据库 | pgdbf | Convert XBase / FoxPro databases to PostgreSQL | 将XBase / FoxPro数据库转换为PostgreSQL |
debugger | 调试器 | edb | A QT4-based binary mode debugger with the goal of having usability on par with OllyDbg. | 基于QT4的二进制模式调试器,其目标是使用性与OllyDbg相同。 |
debugger | 调试器 | gdb | The GNU Debugger | GNU调试器 |
debugger | 调试器 | gdbgui | Browser-based gdb frontend using Flask and JavaScript to visually debug C, C++, Go, or Rust. | 基于浏览器的gdb前端使用Flask和JavaScript可视化调试C,C ++,Go或Rust。 |
debugger | 调试器 | gef | Multi-Architecture GDB Enhanced Features for Exploiters & Reverse-Engineers. | 针对漏洞利用者和反向工程师的多架构GDB增强功能。 |
debugger | 调试器 | lldb | Next generation, high-performance debugger | 下一代高性能调试器 |
debugger | 调试器 | ollydbg | A 32-bit assembler-level analysing debugger. | 32位汇编程序级分析调试程序。 |
debugger | 调试器 | peda | Python Exploit Development Assistance for GDB | 针对GDB的Python漏洞利用开发协助 |
debugger | 调试器 | pwndbg | Makes debugging with GDB suck less | 使用GDB调试更少 |
debugger | 调试器 | rr | A Record and Replay Framework. | 记录和重播框架。 |
debugger | 调试器 | shellnoob | A toolkit that eases the writing and debugging of shellcode. | 一个工具包,可以简化shellcode的编写和调试。 |
debugger | 调试器 | vivisect | A Python based static analysis and reverse engineering framework, Vdb is a Python based research/reversing focused debugger and programatic debugging API by invisigoth of kenshoto | Vdb是一个基于Python的静态分析和逆向工程框架,是一个基于Python的研究/反转调试器和编程调试API,由kenshoto的invisigoth |
debugger | 调试器 | voltron | UI for GDB, LLDB and Vivisect's VDB. | GDB,LLDB和Vivisect的VDB的UI。 |
decompiler | 反编译 | beebug | A tool for checking exploitability. | 用于检查可利用性的工具。 |
decompiler | 反编译 | cfr | Another Java decompiler. | 另一个Java反编译器。 |
decompiler | 反编译 | fernflower | An analytical decompiler for Java. | Java的分析反编译器。 |
decompiler | 反编译 | jadx | Command line and GUI tools to produce Java source code from Android Dex and APK files | 用于从Android Dex和APK文件生成Java源代码的命令行和GUI工具 |
decompiler | 反编译 | jd-gui | A standalone graphical utility that displays Java source codes of .class files. | 一个独立的图形实用程序,显示.class文件的Java源代码。 |
decompiler | 反编译 | jpexs-decompiler | JPEXS Free Flash Decompiler. | JPEXS免费Flash反编译器。 |
decompiler | 反编译 | luyten | An Open Source Java Decompiler Gui for Procyon. | Procyon的开源Java反编译器Gui。 |
decompiler | 反编译 | procyon | A suite of Java metaprogramming tools focused on code generation and analysis. | 一套Java元编程工具,专注于代码生成和分析。 |
decompiler | 反编译 | python-uncompyle6 | A Python cross-version decompiler. | Python跨版本反编译器。 |
decompiler | 反编译 | recaf | Modern Java bytecode editor. | 现代Java字节码编辑器。 |
decompiler | 反编译 | recstudio | Cross platform interactive decompiler | 跨平台交互式反编译器 |
decompiler | 反编译 | retdec | Retargetable machine-code decompiler based on LLVM. | 基于LLVM的可重定向机器码反编译器。 |
defensive | 防御性 | arpon | A portable handler daemon that make ARP protocol secure in order to avoid the Man In The Middle (MITM) attack through ARP Spoofing, ARP Cache Poisoning or ARP Poison Routing (APR) attacks. | 一种便携式处理程序守护程序,它使ARP协议安全,以避免通过ARP欺骗,ARP缓存中毒或ARP毒性路由(APR)攻击进行中间人(MITM)攻击。 |
defensive | 防御性 | arpstraw | Arp spoof detection tool. | Arp欺骗检测工具。 |
defensive | 防御性 | artillery | A combination of a honeypot, file-system monitoring, system hardening, and overall health of a server to create a comprehensive way to secure a system. | 结合使用蜜罐,文件系统监控,系统强化和服务器的整体运行状况,创建一种保护系统安全的综合方法。 |
defensive | 防御性 | artlas | Apache Real Time Logs Analyzer System. | Apache实时日志分析器系统。 |
defensive | 防御性 | chkrootkit | Checks for rootkits on a system | 检查系统上的rootkit |
defensive | 防御性 | detect-sniffer | Tool that detects sniffers in the network. | 检测网络中嗅探器的工具。 |
defensive | 防御性 | fastnetmon | High performance DoS/DDoS load analyzer built on top of multiple packet capture engines. | 基于多个数据包捕获引擎构建的高性能DoS / DDoS负载分析器。 |
defensive | 防御性 | fssb | A low-level filesystem sandbox for Linux using syscall intercepts. | 用于Linux的低级文件系统沙箱,使用系统调用拦截。 |
defensive | 防御性 | ifchk | A network interface promiscuous mode detection tool. | 网络接口混杂模式检测工具。 |
defensive | 防御性 | inetsim | A software suite for simulating common internet services in a lab environment, e.g. for analyzing the network behaviour of unknown malware samples. | 用于在实验室环境中模拟常见互联网服务的软件套件,例如用于分析未知恶意软件样本的网络行为。 |
defensive | 防御性 | jhead | EXIF JPEG info parser and thumbnail remover | EXIF JPEG信息解析器和缩略图移除器 |
defensive | 防御性 | lorg | Apache Logfile Security Analyzer. | Apache Logfile安全分析器。 |
defensive | 防御性 | malice | VirusTotal Wanna Be - Now with 100% more Hipster. | VirusTotal想要 - 现在拥有100%的时髦。 |
defensive | 防御性 | malmon | Hosting exploit/backdoor detection daemon. | 托管漏洞利用/后门检测守护进程。 |
defensive | 防御性 | maltrail | Malicious traffic detection system. | 恶意交通检测系统。 |
defensive | 防御性 | mat | Metadata Anonymisation Toolkit composed of a GUI application, a CLI application and a library. | 元数据匿名工具包由GUI应用程序,CLI应用程序和库组成。 |
defensive | 防御性 | mat2 | A metadata removal tool, supporting a wide range of commonly used file formats. | 元数据删除工具,支持各种常用文件格式。 |
defensive | 防御性 | nipe | A script to make Tor Network your default gateway. | 使Tor Network成为默认网关的脚本。 |
defensive | 防御性 | portspoof | This program's primary goal is to enhance OS security through a set of new techniques. | 该计划的主要目标是通过一系列新技术增强操作系统安全性。 |
defensive | 防御性 | prowler | Tool for AWS security assessment, auditing and hardening. | 用于AWS安全评估,审核和强化的工具。 |
defensive | 防御性 | quicksand-lite | Command line tool for scanning streams within office documents plus xor db attack. | 用于扫描office文档中的流以及xor db攻击的命令行工具。 |
defensive | 防御性 | sniffjoke | Injects packets in the transmission flow that are able to seriously disturb passive analysis like sniffing, interception and low level information theft. | 在传输流中注入能够严重干扰被动分析的数据包,如嗅探,拦截和低级信息窃取。 |
defensive | 防御性 | snort | A lightweight network intrusion detection system. | 轻量级网络入侵检测系统。 |
defensive | 防御性 | suricata | An Open Source Next Generation Intrusion Detection and Prevention Engine. | 开源下一代入侵检测和防御引擎。 |
defensive | 防御性 | tabi | BGP Hijack Detection. | BGP劫持检测。 |
defensive | 防御性 | tor-autocircuit | Tor Autocircuit was developed to give users a finer control over Tor circuit creation. The tool exposes the functionality of TorCtl library which allows its users to control circuit length, speed, geolocation, and other parameters. | Tor Autocircuit的开发旨在让用户更好地控制Tor电路的创建。该工具公开了TorCtl库的功能,允许用户控制电路长度,速度,地理位置和其他参数。 |
defensive | 防御性 | tor-browser-en | Tor Browser Bundle: anonymous browsing using Firefox and Tor. | Tor Browser Bundle:使用Firefox和Tor进行匿名浏览。 |
defensive | 防御性 | tor-router | A tool that allow you to make TOR your default gateway and send all internet connections under TOR (as transparent proxy) for increase privacy/anonymity without extra unnecessary code. | 一种工具,允许您将TOR作为默认网关,并在TOR(作为透明代理)下发送所有互联网连接,以增加隐私/匿名性,而无需额外的不必要代码。 |
defensive | 防御性 | truecrypt | Free open-source cross-platform disk encryption software | 免费的开源跨平台磁盘加密软件 |
defensive | 防御性 | tyton | Kernel-Mode Rootkit Hunter. | 内核模式Rootkit猎人。 |
defensive | 防御性 | zeus | AWS Auditing & Hardening Tool. | AWS审核和强化工具。 |
disassembler | 反汇编 | abcd | ActionScript ByteCode Disassembler. | ActionScript ByteCode反汇编程序。 |
disassembler | 反汇编 | binnavi | A binary analysis IDE that allows to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code. | 一个二进制分析IDE,允许检查,导航,编辑和注释控制流图和调用反汇编代码的图形。 |
disassembler | 反汇编 | binwalk | A tool for searching a given binary image for embedded files | 用于在给定二进制图像中搜索嵌入文件的工具 |
disassembler | 反汇编 | chiasm-shell | Python-based interactive assembler/disassembler CLI, powered byKeystone/Capstone. | 基于Python的交互式汇编程序/反汇编程序CLI,由Keystone / Capstone提供支持。 |
disassembler | 反汇编 | distorm | Powerful disassembler library for x86/AMD64 | 适用于x86 / AMD64的强大反汇编程序库 |
disassembler | 反汇编 | libdisasm | A disassembler library. | 一个反汇编程序库。 |
disassembler | 反汇编 | lief | Library to Instrument Executable Formats. | 库到仪器可执行格式。 |
disassembler | 反汇编 | marc4dasm | This python-based tool is a disassembler for the Atmel MARC4 (a 4 bit Harvard micro). | 这个基于python的工具是Atmel MARC4(一个4位哈佛微型)的反汇编程序。 |
disassembler | 反汇编 | plasma | An interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax. | 用于x86 / ARM / MIPS的交互式反汇编程序。它可以生成带有彩色语法的缩进伪代码。 |
disassembler | 反汇编 | pwntools | CTF framework and exploit development library. | CTF框架和漏洞利用开发库。 |
disassembler | 反汇编 | redasm | Interactive, multiarchitecture disassembler written in C++ using Qt5 as UI Framework. | 使用Qt5作为UI Framework以C ++编写的交互式多体系结构反汇编程序。 |
disassembler | 反汇编 | scratchabit | Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API. | 使用IDAPython兼容的插件API轻松重定向和可破解的交互式反汇编程序。 |
disassembler | 反汇编 | smali | Assembler/disassembler for Android's dex format | Android的dex格式的汇编程序/反汇编程序 |
disassembler | 反汇编 | unstrip | ELF Unstrip Tool. | ELF Unstrip工具。 |
disassembler | 反汇编 | viper | A Binary analysis framework. | 二进制分析框架。 |
dos | DOS | 42zip | Recursive Zip archive bomb. | 递归Zip档案炸弹。 |
dos | DOS | blacknurse | A low bandwidth ICMP attack that is capable of doing denial of service to well known firewalls. | 低带宽ICMP攻击,能够对众所周知的防火墙进行拒绝服务。 |
dos | DOS | bonesi | The DDoS Botnet Simulator. | DDoS僵尸网络模拟器。 |
dos | DOS | davoset | A tool for using Abuse of Functionality and XML External Entities vulnerabilities on some websites to attack other websites. | 在某些网站上使用滥用功能和XML外部实体漏洞攻击其他网站的工具。 |
dos | DOS | dnsdrdos | Proof of concept code for distributed DNS reflection DoS. | 分布式DNS反射DoS的概念代码证明。 |
dos | DOS | goldeneye | A HTTP DoS test tool. Attack Vector exploited: HTTP Keep Alive + NoCache. | HTTP DoS测试工具。攻击向量被利用:HTTP Keep Alive + NoCache。 |
dos | DOS | hulk | A webserver DoS tool (Http Unbearable Load King) ported to Go with some additional features. | 一个Web服务器DoS工具(Http Unbearable Load King)移植到Go,带有一些额外的功能。 |
dos | DOS | hwk | Collection of packet crafting and wireless network flooding tools | 数据包制作和无线网络泛滥工具的集合 |
dos | DOS | iaxflood | IAX flooder. | IAX flooder。 |
dos | DOS | inviteflood | Flood a device with INVITE requests | 使用INVITE请求泛洪设备 |
dos | DOS | mausezahn | A free fast traffic generator written in C which allows you to send nearly every possible and impossible packet. | 一个用C语言编写的免费快速流量生成器,它允许您发送几乎所有可能和不可能的数据包。 |
dos | DOS | network-app-stress-tester | Network Application Stress Testing Yammer. | 网络应用压力测试Yammer。 |
dos | DOS | nkiller2 | A TCP exhaustion/stressing tool. | TCP耗尽/压力工具。 |
dos | DOS | ntpdos | Create a DDOS attack using NTP servers. | 使用NTP服务器创建DDOS攻击。 |
dos | DOS | phpstress | A PHP denial of service / stress test for Web Servers running PHP-FPM or PHP-CGI. | 运行PHP-FPM或PHP-CGI的Web服务器的PHP拒绝服务/压力测试。 |
dos | DOS | pwnloris | An improved slowloris DOS tool which keeps attacking until the server starts getting exhausted. | 一个改进的slowloris DOS工具,它一直保持攻击,直到服务器开始耗尽。 |
dos | DOS | shitflood | A Socks5 clone flooder for the Internet Relay Chat (IRC) protocol. | 用于Internet中继聊天(IRC)协议的Socks5克隆flooder。 |
dos | DOS | siege | An http regression testing and benchmarking utility | 一个http回归测试和基准测试实用程序 |
dos | DOS | slowhttptest | Highly configurable tool that simulates some Application Layer Denial of Service (DoS) attacks | 高度可配置的工具,可模拟某些应用层拒绝服务(DoS)攻击 |
dos | DOS | slowloris | A tool which is written in perl to test http-server vulnerabilites for connection exhaustion denial of service (DoS) attacks so you can enhance the security of your webserver. | 用于编写用于连接耗尽拒绝服务(DoS)攻击的http-server漏洞的工具,以便您可以增强Web服务器的安全性。 |
dos | DOS | slowloris-py | Low bandwidth DoS tool. | 低带宽DoS工具。 |
dos | DOS | synflood | A very simply script to illustrate DoS SYN Flooding attack. | 一个非常简单的脚本来说明DoS SYN Flooding攻击。 |
dos | DOS | t50 | Experimental Multi-protocol Packet Injector Tool. | 实验性多协议包注入工具。 |
dos | DOS | tcgetkey | A set of tools that deal with acquiring physical memory dumps via FireWire and then scan the memory dump to locate TrueCrypt keys and finally decrypt the encrypted TrueCrypt container using the keys. | 一组工具,用于处理通过FireWire获取物理内存转储,然后扫描内存转储以找到TrueCrypt密钥,最后使用密钥解密加密的TrueCrypt容器。 |
dos | DOS | thc-ssl-dos | A tool to verify the performance of SSL. To be used in your authorized and legitimate area ONLY. You need to accept this to make use of it, no use for bad intentions, you have been warned! | 用于验证SSL性能的工具。仅在您的授权和合法区域使用。你需要接受这个来利用它,没有用于恶意,你已被警告过! |
dos | DOS | torshammer | A slow POST Denial of Service testing tool written in Python. | 用Python编写的慢速POST拒绝服务测试工具。 |
dos | DOS | ufonet | A tool designed to launch DDoS attacks against a target, using 'Open Redirect' vectors on third party web applications, like botnet. | 一种旨在针对目标发起DDoS攻击的工具,使用僵尸网络等第三方Web应用程序上的“Open Redirect”向量。 |
dos | DOS | wreckuests | Yet another one hard-hitting tool to run DDoS atacks with HTTP-flood. | 另一个用HTTP-flood运行DDoS攻击的强硬工具。 |
drone | 无人机 | crozono | A modular framework designed to automate the penetration testing of wireless networks from drones and such unconventional devices. | 模块化框架,旨在自动化无人机和此类非常规设备的无线网络渗透测试。 |
drone | 无人机 | missionplanner | A GroundControl Station for Ardupilot. | Ardupilot的GroundControl站。 |
drone | 无人机 | skyjack | Takes over Parrot drones, deauthenticating their true owner and taking over control, turning them into zombie drones under your own control. | 接管鹦鹉无人机,取消其真正的拥有者并取代控制权,将它们变成你自己控制下的僵尸无人机。 |
drone | 无人机 | snoopy-ng | A distributed, sensor, data collection, interception, analysis, and visualization framework. | 分布式,传感器,数据收集,拦截,分析和可视化框架。 |
exploitation | 开发 | aggroargs | Bruteforce commandline buffer overflows, linux, aggressive arguments. | Bruteforce命令行缓冲区溢出,linux,激进的参数。 |
exploitation | 开发 | angrop | A rop gadget finder and chain builder. | 一个rop小工具查找器和链构建器。 |
exploitation | 开发 | armitage | A graphical cyber attack management tool for Metasploit. | Metasploit的图形网络攻击管理工具。 |
exploitation | 开发 | armor | A simple Bash script designed to create encrypted macOS payloads capable of evading antivirus scanners. | 一个简单的Bash脚本,旨在创建能够逃避防病毒扫描程序的加密macOS有效负载。 |
exploitation | 开发 | armscgen | ARM Shellcode Generator (Mostly Thumb Mode). | ARM Shellcode Generator(主要是Thumb模式)。 |
exploitation | 开发 | arpoison | The UNIX arp cache update utility | UNIX arp缓存更新实用程序 |
exploitation | 开发 | autosploit | Automate the exploitation of remote hosts. | 自动利用远程主机。 |
exploitation | 开发 | bad-pdf | Steal NTLM Hashes with Bad-PDF. | 使用Bad-PDF窃取NTLM哈希值。 |
exploitation | 开发 | bed | Collection of scripts to test for buffer overflows, format string vulnerabilities. | 收集脚本以测试缓冲区溢出,格式化字符串漏洞。 |
exploitation | 开发 | beef | The Browser Exploitation Framework that focuses on the web browser. | 浏览器开发框架,专注于Web浏览器。 |
exploitation | 开发 | bfbtester | Performs checks of single and multiple argument command line overflows and environment variable overflows | 执行单个和多个参数命令行溢出和环境变量溢出的检查 |
exploitation | 开发 | binex | Format String exploit building tool. | 格式字符串利用构建工具。 |
exploitation | 开发 | bitdump | A tool to extract database data from a blind SQL injection vulnerability. | 从盲SQL注入漏洞中提取数据库数据的工具。 |
exploitation | 开发 | blind-sql-bitshifting | A blind SQL injection module that uses bitshfting to calculate characters. | 盲目SQL注入模块,使用bitshfting来计算字符。 |
exploitation | 开发 | bowcaster | A framework intended to aid those developing exploits. | 旨在帮助那些开发漏洞的框架。 |
exploitation | 开发 | brosec | An interactive reference tool to help security professionals utilize useful payloads and commands. | 一种交互式参考工具,可帮助安全专业人员利用有用的负载和命令。 |
exploitation | 开发 | chw00t | Unices chroot breaking tool. | Unices chroot破解工具。 |
exploitation | 开发 | cisco-global-exploiter | A perl script that targets multiple vulnerabilities in the Cisco Internetwork Operating System (IOS) and Catalyst products. | 一个perl脚本,针对思科互联网络操作系统(IOS)和Catalyst产品中的多个漏洞。 |
exploitation | 开发 | cisco-torch | Cisco Torch mass scanning, fingerprinting, and exploitation tool. | Cisco Torch质量扫描,指纹识别和开发工具。 |
exploitation | 开发 | cve-search | A tool to perform local searches for known vulnerabilities. | 用于执行已知漏洞的本地搜索的工具。 |
exploitation | 开发 | darkd0rk3r | Python script that performs dork searching and searches for local file inclusion and SQL injection errors. | 执行dork搜索并搜索本地文件包含和SQL注入错误的Python脚本。 |
exploitation | 开发 | darkmysqli | Multi-Purpose MySQL Injection Tool | 多用途MySQL注入工具 |
exploitation | 开发 | darkspiritz | A penetration testing framework for Linux, MacOS, and Windows systems. | 适用于Linux,MacOS和Windows系统的渗透测试框架。 |
exploitation | 开发 | delorean | NTP Main-in-the-Middle tool. | NTP Main-in-the-Middle工具。 |
exploitation | 开发 | dkmc | Dont kill my cat - Malicious payload evasion tool. | 不要杀我的猫 - 恶意有效载荷逃避工具。 |
exploitation | 开发 | dotdotpwn | The Transversal Directory Fuzzer | 横向目录模糊器 |
exploitation | 开发 | dr-checker | A Soundy Vulnerability Detection Tool for Linux Kernel Drivers. | 适用于Linux内核驱动程序的Soundy漏洞检测工具。 |
exploitation | 开发 | drinkme | A shellcode testing harness. | shellcode测试工具。 |
exploitation | 开发 | encodeshellcode | This is an encoding tool for 32-bit x86 shellcode that assists a researcher when dealing with character filter or byte restrictions in a buffer overflow vulnerability or some kind of IDS/IPS/AV blocking your code. | 这是一个32位x86 shellcode的编码工具,可以帮助研究人员处理缓冲区溢出漏洞中的字符过滤器或字节限制或某种IDS / IPS / AV阻止您的代码。 |
exploitation | 开发 | enteletaor | Message Queue & Broker Injection tool that implements attacks to Redis, RabbitMQ and ZeroMQ. | Message Queue&Broker Injection工具,可以对Redis,RabbitMQ和ZeroMQ实施攻击。 |
exploitation | 开发 | exploit-db | The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software - A collection of hacks | 漏洞利用数据库(EDB) - 漏洞和易受攻击软件的终极存档 - 黑客攻击的集合 |
exploitation | 开发 | exploitdb | Offensive Security’s Exploit Database Archive | 攻击性安全的漏洞利用数据库存档 |
exploitation | 开发 | exploitpack | Exploit Pack - The next generation exploit framework. | Exploit Pack - 下一代漏洞利用框架。 |
exploitation | 开发 | eyepwn | Exploit for Eye-Fi Helper directory traversal vulnerability | 利用Eye-Fi Helper目录遍历漏洞 |
exploitation | 开发 | fimap | A little tool for local and remote file inclusion auditing and exploitation | 一个用于本地和远程文件包含审计和利用的小工具 |
exploitation | 开发 | firstexecution | A Collection of different ways to execute code outside of the expected entry points. | 在预期入口点之外执行代码的不同方法的集合。 |
exploitation | 开发 | formatstringexploiter | Helper script for working with format string bugs. | 用于处理格式字符串错误的帮助程序脚本。 |
exploitation | 开发 | fs-exploit | Format string exploit generation. | 格式字符串漏洞生成。 |
exploitation | 开发 | getsploit | Command line utility for searching and downloading exploits. | 用于搜索和下载漏洞利用的命令行实用程序。 |
exploitation | 开发 | ghostdelivery | Python script to generate obfuscated .vbs script that delivers payload (payload dropper) with persistence and windows antivirus disabling functions. | 用于生成混淆.vbs脚本的Python脚本,该脚本使用持久性和Windows防病毒禁用功能来提供有效负载(有效负载管理器)。 |
exploitation | 开发 | hackredis | A simple tool to scan and exploit redis servers. | 一个扫描和利用redis服务器的简单工具。 |
exploitation | 开发 | hamster | Tool for HTTP session sidejacking. | 用于HTTP会话sidejacking的工具。 |
exploitation | 开发 | hcraft | HTTP Vuln Request Crafter | HTTP Vuln请求Crafter |
exploitation | 开发 | heartleech | Scans for systems vulnerable to the heartbleed bug, and then download them. | 扫描容易受到心脏病的系统,然后下载它们。 |
exploitation | 开发 | hqlmap | A tool to exploit HQL Injections. | 一种利用HQL注入的工具。 |
exploitation | 开发 | htexploit | A Python script that exploits a weakness in the way that .htaccess files can be configured to protect a web directory with an authentication process | 一个Python脚本,利用.htaccess文件可以配置为通过身份验证过程保护Web目录的方式的弱点 |
exploitation | 开发 | htshells | Self contained web shells and other attacks via .htaccess files. | 通过.htaccess文件自包含Web shell和其他攻击。 |
exploitation | 开发 | inception | A FireWire physical memory manipulation and hacking tool exploiting IEEE 1394 SBP DMA. | 利用IEEE 1394 SBP DMA的FireWire物理内存操作和黑客工具。 |
exploitation | 开发 | insanity | Generate Payloads and Control Remote Machines . | 生成有效负载和控制远程计算机。 |
exploitation | 开发 | irpas | Internetwork Routing Protocol Attack Suite. | 网络路由协议攻击套件。 |
exploitation | 开发 | isf | An exploitation framework based on Python. | 一个基于Python的开发框架。 |
exploitation | 开发 | jboss-autopwn | A JBoss script for obtaining remote shell access. | 用于获取远程shell访问的JBoss脚本。 |
exploitation | 开发 | katana | A framework that seekss to unite general auditing tools, which are general pentesting tools (Network,Web,Desktop and others). | 寻求统一通用审计工具的框架,这些工具是一般的测试工具(网络,Web,桌面等)。 |
exploitation | 开发 | kernelpop | Kernel privilege escalation enumeration and exploitation framework. | 内核权限升级枚举和开发框架。 |
exploitation | 开发 | killcast | Manipulate Chromecast Devices in your Network. | 处理网络中的Chromecast设备。 |
exploitation | 开发 | killerbee | Framework and tools for exploiting ZigBee and IEEE 802.15.4 networks. | 利用ZigBee和IEEE 802.15.4网络的框架和工具。 |
exploitation | 开发 | l0l | The Exploit Development Kit. | 漏洞利用开发套件。 |
exploitation | 开发 | leroy-jenkins | A python tool that will allow remote execution of commands on a Jenkins server and its nodes. | 一个python工具,允许在Jenkins服务器及其节点上远程执行命令。 |
exploitation | 开发 | lfi-autopwn | A Perl script to try to gain code execution on a remote server via LFI | 一个Perl脚本,尝试通过LFI在远程服务器上获取代码 |
exploitation | 开发 | lisa.py | An Exploit Dev Swiss Army Knife. | Exploit Dev瑞士军刀。 |
exploitation | 开发 | metasploit | Advanced open-source platform for developing, testing, and using exploit code | 用于开发,测试和使用漏洞利用代码的高级开源平台 |
exploitation | 开发 | minimysqlator | A multi-platform application used to audit web sites in order to discover and exploit SQL injection vulnerabilities. | 用于审核网站以发现和利用SQL注入漏洞的多平台应用程序。 |
exploitation | 开发 | miranda-upnp | A Python-based Universal Plug-N-Play client application designed to discover, query and interact with UPNP devices | 基于Python的通用Plug-N-Play客户端应用程序,旨在发现,查询和与UPNP设备交互 |
exploitation | 开发 | mitmf | A Framework for Man-In-The-Middle attacks written in Python. | 用Python编写的中间人攻击框架。 |
exploitation | 开发 | mosquito | XSS exploitation tool - access victims through HTTP proxy. | XSS开发工具 - 通过HTTP代理访问受害者。 |
exploitation | 开发 | opensvp | A security tool implementing "attacks" to be able to the resistance of firewall to protocol level attack. | 实施“攻击”的安全工具,能够抵御防火墙对协议级别的攻击。 |
exploitation | 开发 | osueta | A simple Python script to exploit the OpenSSH User Enumeration Timing Attack. | 一个简单的Python脚本来利用OpenSSH用户枚举时间攻击。 |
exploitation | 开发 | otori | A python-based toolbox intended to allow useful exploitation of XML external entity ("XXE") vulnerabilities. | 一个基于python的工具箱,旨在允许有用地利用XML外部实体(“XXE”)漏洞。 |
exploitation | 开发 | owasp-zsc | Shellcode/Obfuscate Code Generator. | Shellcode / Obfuscate代码生成器。 |
exploitation | 开发 | padbuster | Automated script for performing Padding Oracle attacks. | 用于执行Padding Oracle攻击的自动脚本。 |
exploitation | 开发 | pathzuzu | Checks for PATH substitution vulnerabilities and logs the commands executed by the vulnerable executables. | 检查PATH替换漏洞并记录易受攻击的可执行文件执行的命令。 |
exploitation | 开发 | pblind | Little utility to help exploiting blind sql injection vulnerabilities. | 用于帮助利用盲sql注入漏洞的小实用程序。 |
exploitation | 开发 | pirana | Exploitation framework that tests the security of a email content filter. | 用于测试电子邮件内容过滤器安全性的漏洞利用框架。 |
exploitation | 开发 | pmcma | Automated exploitation of invalid memory writes (being them the consequences of an overflow in a writable section, of a missing format string, integer overflow, variable misuse, or any other type of memory corruption). | 自动利用无效的内存写入(因为它们是可写部分溢出,丢失格式字符串,整数溢出,可变误用或任何其他类型的内存损坏的后果)。 |
exploitation | 开发 | pocsuite | An open-sourced remote vulnerability testing framework developed by the Knownsec Security Team. | 由Knownsec安全团队开发的开源远程漏洞测试框架。 |
exploitation | 开发 | pompem | A python exploit tool finder. | 一个python漏洞利用工具查找器。 |
exploitation | 开发 | powersploit | A PowerShell Post-Exploitation Framework. | PowerShell后利用漏洞框架。 |
exploitation | 开发 | preeny | Some helpful preload libraries for pwning stuff. | 一些有用的预装库用于计算内容。 |
exploitation | 开发 | pret | Printer Exploitation Toolkit - The tool that made dumpster diving obsolete. | Printer Exploitation Toolkit - 使垃圾箱潜水过时的工具。 |
exploitation | 开发 | ps1encode | A tool to generate and encode a PowerShell based Metasploit payloads. | 用于生成和编码基于PowerShell的Metasploit有效负载的工具。 |
exploitation | 开发 | ptf | The Penetration Testers Framework: Way for modular support for up-to-date tools. | 渗透测试仪框架:模块化支持最新工具的方法。 |
exploitation | 开发 | pykek | Kerberos Exploitation Kit. | Kerberos开发套件。 |
exploitation | 开发 | rebind | DNS Rebinding Tool | DNS重新绑定工具 |
exploitation | 开发 | rex | Shellphish's automated exploitation engine, originally created for the Cyber Grand Challenge. | Shellphish的自动化开发引擎,最初是为Cyber Grand Challenge创建的。 |
exploitation | 开发 | rext | Router EXploitation Toolkit - small toolkit for easy creation and usage of various python scripts that work with embedded devices. | Router EXploitation Toolkit - 一个小工具包,可以轻松创建和使用与嵌入式设备配合使用的各种python脚本。 |
exploitation | 开发 | rfcat | RF ChipCon-based Attack Toolset. | 基于RF ChipCon的攻击工具集。 |
exploitation | 开发 | ropeme | A set of python scripts to generate ROP gadgets and payload. | 一组用于生成ROP小工具和有效负载的python脚本。 |
exploitation | 开发 | ropgadget | Search gadgets in binaries to facilitate ROP exploitation for several file formats and architectures | 在二进制文件中搜索小工具以促进对多种文件格式和体系结构的ROP利用 |
exploitation | 开发 | ropgadget2 | Search gadgets in binaries to facilitate ROP exploitation for several file formats and architectures | 在二进制文件中搜索小工具以促进对多种文件格式和体系结构的ROP利用 |
exploitation | 开发 | ropper | Show information about binary files and find gadgets to build rop chains for different architectures | 显示有关二进制文件的信息并查找小工具以构建不同体系结构的rop链 |
exploitation | 开发 | roputils | A Return-oriented Programming toolkit. | 面向返回的编程工具包。 |
exploitation | 开发 | routersploit | Open-source exploitation framework dedicated to embedded devices | 专用于嵌入式设备的开源开发框架 |
exploitation | 开发 | rp | A full-cpp written tool that aims to find ROP sequences in PE/Elf/Mach-O x86/x64 binaries. | 一个完整的cpp编写工具,旨在在PE / Elf / Mach-O x86 / x64二进制文件中查找ROP序列。 |
exploitation | 开发 | rspet | A Python based reverse shell equipped with functionalities that assist in a post exploitation scenario. | 基于Python的反向shell,具有协助后期利用场景的功能。 |
exploitation | 开发 | sc-make | Tool for automating shellcode creation. | 用于自动创建shellcode的工具。 |
exploitation | 开发 | scansploit | Exploit using barcodes, QRcodes, earn13, datamatrix. | 利用条形码,QR码,赚13,数据矩阵进行利用。 |
exploitation | 开发 | sensepost-xrdp | A rudimentary remote desktop tool for the X11 protocol exploiting unauthenticated x11 sessions. | 用于X11协议的基本远程桌面工具,利用未经身份验证的x11会话。 |
exploitation | 开发 | serialbrute | Java serialization brute force attack tool. | Java序列化暴力攻击工具。 |
exploitation | 开发 | shellcode-factory | Tool to create and test shellcodes from custom assembly sources. | 从自定义程序集源创建和测试shellcode的工具。 |
exploitation | 开发 | shellcodecs | A collection of shellcode, loaders, sources, and generators provided with documentation designed to ease the exploitation and shellcode programming process. | 一系列shellcode,加载器,源代码和生成器,提供了旨在简化利用和shellcode编程过程的文档。 |
exploitation | 开发 | shellen | Interactive shellcoding environment to easily craft shellcodes. | 交互式shellcoding环境,可轻松制作shellcode。 |
exploitation | 开发 | shellme | Because sometimes you just need shellcode and opcodes quickly. This essentially just wraps some nasm/objdump calls into a neat script. | 因为有时你只需要快速获得shellcode和操作码。这基本上只是将一些nasm / objdump调用包装成一个简洁的脚本。 |
exploitation | 开发 | shellsploit-framework | New Generation Exploit Development Kit. | 新一代漏洞利用开发套件。 |
exploitation | 开发 | shellter | A dynamic shellcode injection tool, and the first truly dynamic PE infector ever created. | 动态shellcode注入工具,以及有史以来第一个真正动态的PE infector。 |
exploitation | 开发 | shocker | A tool to find and exploit servers vulnerable to Shellshock. | 查找和利用易受Shellshock攻击的服务器的工具。 |
exploitation | 开发 | sickle | A shellcode development tool, created to speed up the various steps needed to create functioning shellcode. | 一个shellcode开发工具,用于加速创建正常运行的shellcode所需的各个步骤。 |
exploitation | 开发 | sigploit | Telecom Signaling Exploitation Framework - SS7, GTP, Diameter & SIP. | 电信信令开发框架 - SS7,GTP,Diameter和SIP。 |
exploitation | 开发 | sigthief | Stealing Signatures and Making One Invalid Signature at a Time. | 窃取签名并一次制作一个无效签名。 |
exploitation | 开发 | sjet | Siberas JMX exploitation toolkit. | Siberas JMX利用工具包。 |
exploitation | 开发 | smap | Shellcode mapper - Handy tool for shellcode analysis. | Shellcode mapper - 用于shellcode分析的便捷工具。 |
exploitation | 开发 | snarf-mitm | SMB Man in the Middle Attack Engine / relay suite. | 中级攻击引擎/中继套件中的SMB人员。 |
exploitation | 开发 | sqlninja | A tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. | 一种工具,旨在利用使用Microsoft SQL Server作为后端的Web应用程序上的SQL注入漏洞。 |
exploitation | 开发 | sqlsus | An open source MySQL injection and takeover tool, written in perl | 一个开源的MySQL注入和接管工具,用perl编写 |
exploitation | 开发 | ssh-mitm | SSH man-in-the-middle tool. | SSH man-in-the-middle工具。 |
exploitation | 开发 | stackflow | Universal stack-based buffer overfow exploitation tool. | 基于通用堆栈的缓冲区overfow开发工具。 |
exploitation | 开发 | staekka | This plugin extends Metasploit for some missing features and modules allowing interaction with other/custom exploits/ways of getting shell access. | 这个插件扩展了Metasploit的一些缺失功能和模块,允许与其他/自定义漏洞/获取shell访问的方式进行交互。 |
exploitation | 开发 | subterfuge | Automated Man-in-the-Middle Attack Framework | 自动化中间人攻击框架 |
exploitation | 开发 | tcpjunk | A general tcp protocols testing and hacking utility. | 一般的tcp协议测试和黑客实用程序。 |
exploitation | 开发 | tomcatwardeployer | Apache Tomcat auto WAR deployment & pwning penetration testing tool. | Apache Tomcat自动WAR部署和pwning渗透测试工具。 |
exploitation | 开发 | unibrute | Multithreaded SQL union bruteforcer. | 多线程SQL联合bruteforcer。 |
exploitation | 开发 | viproy-voipkit | VoIP Pen-Test Kit for Metasploit Framework | Metasploit框架的VoIP笔测试工具包 |
exploitation | 开发 | vmap | A Vulnerability-Exploit desktop finder. | 漏洞利用漏洞利用程序。 |
exploitation | 开发 | webexploitationtool | A cross platform web exploitation toolkit. | 跨平台Web开发工具包。 |
exploitation | 开发 | websploit | An Open Source Project For, Social Engineering Works, Scan, Crawler & Analysis Web, Automatic Exploiter, Support Network Attacks | 一个开源项目,社交工程,扫描,爬虫和分析Web,自动漏洞利用,支持网络攻击 |
exploitation | 开发 | wesng | Windows Exploit Suggester - Next Generation. | Windows漏洞利用建议器 - 下一代。 |
exploitation | 开发 | wildpwn | Unix wildcard attacks. | Unix通配符攻击。 |
exploitation | 开发 | wsuspect-proxy | A tool for MITM'ing insecure WSUS connections. | 用于MITM的不安全WSUS连接的工具。 |
exploitation | 开发 | xcat | A command line tool to automate the exploitation of blind XPath injection vulnerabilities. | 一个命令行工具,用于自动利用盲目XPath注入漏洞。 |
exploitation | 开发 | xpl-search | Search exploits in multiple exploit databases!. | 在多个漏洞利用数据库中搜索漏洞利用! |
exploitation | 开发 | xrop | Tool to generate ROP gadgets for ARM, AARCH64, x86, MIPS, PPC, RISCV, SH4 and SPARC. | 用于为ARM,AARCH64,x86,MIPS,PPC,RISCV,SH4和SPARC生成ROP小工具的工具。 |
exploitation | 开发 | xxeinjector | Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods. | 使用直接和不同的带外方法自动利用XXE漏洞的工具。 |
exploitation | 开发 | yinjector | A MySQL injection penetration tool. It has multiple features, proxy support, and multiple exploitation methods. | 一个MySQL注入渗透工具。它具有多种功能,代理支持和多种利用方法。 |
exploitation | 开发 | zarp | A network attack tool centered around the exploitation of local networks. | 一种以利用本地网络为中心的网络攻击工具。 |
exploitation | 开发 | zeratool | Automatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems. | 自动漏洞利用生成(AEG)和远程标记捕获,用于可利用的CTF问题。 |
exploitation | 开发 | zirikatu | Fud Payload generator script. | Fud Payload生成器脚本。 |
fingerprint | 指纹 | asp-audit | An ASP fingerprinting tool and vulnerability scanner. | ASP指纹识别工具和漏洞扫描程序。 |
fingerprint | 指纹 | blindelephant | A web application fingerprinter. Attempts to discover the version of a (known) web application by comparing static files at known locations | Web应用程序指纹识别器。尝试通过比较已知位置的静态文件来发现(已知)Web应用程序的版本 |
fingerprint | 指纹 | cms-explorer | Designed to reveal the specific modules, plugins, components and themes that various cms driven websites are running | 旨在揭示各种cms驱动的网站正在运行的特定模块,插件,组件和主题 |
fingerprint | 指纹 | complemento | A collection of tools for pentester: LetDown is a powerful tcp flooder ReverseRaider is a domain scanner that use wordlist scanning or reverse resolution scanning Httsquash is an http server scanner, banner grabber and data retriever | Pentester的一系列工具:LetDown是一个功能强大的tcp flooder ReverseRaider是一个使用wordlist扫描或反向分辨率扫描的域扫描程序Httsquash是一个http服务器扫描程序,横幅抓取器和数据检索器 |
fingerprint | 指纹 | detectem | Detect software and its version on websites. | 在网站上检测软件及其版本。 |
fingerprint | 指纹 | dhcpf | Passive DHCP fingerprinting implementation. | 被动DHCP指纹识别实现。 |
fingerprint | 指纹 | dnsmap | Passive DNS network mapper | 被动DNS网络映射器 |
fingerprint | 指纹 | fl0p | A passive L7 flow fingerprinter that examines TCP/UDP/ICMP packet sequences, can peek into cryptographic tunnels, can tell human beings and robots apart, and performs a couple of other infosec-related tricks. | 一个检测TCP / UDP / ICMP数据包序列的被动L7流指纹器,可以窥视加密隧道,可以分辨人类和机器人,并执行其他一些与信息安全相关的技巧。 |
fingerprint | 指纹 | fpdns | Program that remotely determines DNS server versions. | 远程确定DNS服务器版本的程序。 |
fingerprint | 指纹 | ftpmap | Scans remote FTP servers to identify what software and what versions they are running. | 扫描远程FTP服务器以识别它们正在运行的软件和版本。 |
fingerprint | 指纹 | htrosbif | Active HTTP server fingerprinting and recon tool. | 主动HTTP服务器指纹识别和侦察工具。 |
fingerprint | 指纹 | httprint | A web server fingerprinting tool. | Web服务器指纹识别工具。 |
fingerprint | 指纹 | lbmap | Proof of concept scripts for advanced web application fingerprinting, presented at OWASP AppSecAsia 2012. | 用于高级Web应用程序指纹识别的概念脚本证明,在OWASP AppSecAsia 2012上展示。 |
fingerprint | 指纹 | mwebfp | Mass Web Fingerprinter. | Mass Web Fingerprinter。 |
fingerprint | 指纹 | neighbor-cache-fingerprinter | An ARP based Operating System version scanner. | 基于ARP的操作系统版本扫描程序。 |
fingerprint | 指纹 | nimbostratus | Tools for fingerprintinging and exploiting Amazon cloud infrastructures. | 用于指纹识别和利用亚马逊云基础架构的工具。 |
fingerprint | 指纹 | ntp-fingerprint | An active fingerprinting utility specifically designed to identify the OS the NTP server is running on. | 一种主动指纹识别实用程序,专门用于识别运行NTP服务器的操作系统。 |
fingerprint | 指纹 | operative | Framework based on fingerprint action, this tool is used for get information on a website or a enterprise target with multiple modules (Viadeo search,Linkedin search, Reverse email whois, Reverse ip whois, SQL file forensics ...). | 基于指纹动作的框架,该工具用于获取具有多个模块的网站或企业目标的信息(Viadeo搜索,Linkedin搜索,反向电子邮件whois,反向ip whois,SQL文件取证...)。 |
fingerprint | 指纹 | p0f | Purely passive TCP/IP traffic fingerprinting tool | 纯粹被动的TCP / IP流量指纹识别工具 |
fingerprint | 指纹 | propecia | A fast class scanner that scans for a specified open port with banner grabbing | 快速类扫描程序,扫描指定的打开端口并抓取横幅 |
fingerprint | 指纹 | scannerl | The modular distributed fingerprinting engine. | 模块化分布式指纹识别引擎。 |
fingerprint | 指纹 | sinfp | A full operating system stack fingerprinting suite. | 完整的操作系统堆栈指纹套件。 |
fingerprint | 指纹 | smtpmap | Tool to identify the running smtp software on a given host. | 用于识别给定主机上正在运行的smtp软件的工具。 |
fingerprint | 指纹 | smtpscan | An SMTP scanner | SMTP扫描程序 |
fingerprint | 指纹 | spartan | Frontpage and Sharepoint fingerprinting and attack tool. | Frontpage和Sharepoint指纹识别和攻击工具。 |
fingerprint | 指纹 | tls-fingerprinting | Tool and scripts to perform TLS Fingerprinting. | 用于执行TLS指纹识别的工具和脚本。 |
fingerprint | 指纹 | tls-prober | A tool to fingerprint SSL/TLS servers. | 指纹SSL / TLS服务器的工具。 |
fingerprint | 指纹 | xprobe2 | An active OS fingerprinting tool. | 一个活跃的OS指纹识别工具。 |
fingerprint | 指纹 | zgrab2 | Go Application Layer Scanner. | 转到应用层扫描器。 |
firmware | 固件 | firmwalker | Script for searching the extracted firmware file system for goodies. | 用于搜索提取的固件文件系统的脚本。 |
firmware | 固件 | firmware-mod-kit | Modify firmware images without recompiling. | 无需重新编译即可修改固件映像。 |
firmware | 固件 | meanalyzer | Intel Engine Firmware Analysis Tool. | 英特尔引擎固件分析工具。 |
firmware | 固件 | uefi-firmware-parser | Parse BIOS/Intel ME/UEFI firmware related structures: Volumes, FileSystems, Files, etc | 解析BIOS / Intel ME / UEFI固件相关结构:卷,文件系统,文件等 |
forensic | 取证 | afflib | An extensible open format for the storage of disk images and related forensic information. | 一种可扩展的开放格式,用于存储磁盘映像和相关的取证信息。 |
forensic | 取证 | aimage | A program to create aff-images. | 一个创建aff-images的程序。 |
forensic | 取证 | air | A GUI front-end to dd/dc3dd designed for easily creating forensic images. | dd / dc3dd的GUI前端,专为轻松创建取证图像而设计。 |
forensic | 取证 | autopsy | The forensic browser. A GUI for the Sleuth Kit. | 法医浏览器。Sleuth Kit的GUI。 |
forensic | 取证 | bmap-tools | Tool for copying largely sparse files using information from a block map file. | 使用块映射文件中的信息复制大量稀疏文件的工具。 |
forensic | 取证 | bulk-extractor | Bulk Email and URL extraction tool. | 批量电子邮件和URL提取工具。 |
forensic | 取证 | canari | Maltego rapid transform development and execution framework. | Maltego快速转换开发和执行框架。 |
forensic | 取证 | captipper | Malicious HTTP traffic explorer tool. | 恶意HTTP流量资源管理器工具。 |
forensic | 取证 | casefile | The little brother to Maltego without transforms, but combines graph and link analysis to examine links between manually added data to mind map your information | Maltego的小兄弟没有变换,但结合图形和链接分析来检查手动添加的数据之间的链接,以便思考您的信息 |
forensic | 取证 | chaosmap | An information gathering tool and dns / whois / web server scanner | 信息收集工具和dns / whois / web服务器扫描程序 |
forensic | 取证 | chntpw | Offline NT Password Editor - reset passwords in a Windows NT SAM user database file | 脱机NT密码编辑器 - 重置Windows NT SAM用户数据库文件中的密码 |
forensic | 取证 | chromefreak | A Cross-Platform Forensic Framework for Google Chrome | 适用于Google Chrome的跨平台取证框架 |
forensic | 取证 | dc3dd | A patched version of dd that includes a number of features useful for computer forensics. | dd的修补版本,其中包含许多对计算机取证有用的功能。 |
forensic | 取证 | dcfldd | DCFL (DoD Computer Forensics Lab) dd replacement with hashing | DCFL(DoD计算机取证实验室)用哈希替换dd |
forensic | 取证 | ddrescue | GNU data recovery tool | GNU数据恢复工具 |
forensic | 取证 | disitool | Tool to work with Windows executables digital signatures. | 使用Windows可执行文件数字签名的工具。 |
forensic | 取证 | dmg2img | A CLI tool to uncompress Apple's compressed DMG files to the HFS+ IMG format | 用于将Apple的压缩DMG文件解压缩为HFS + IMG格式的CLI工具 |
forensic | 取证 | dumpzilla | A forensic tool for firefox. | firefox的取证工具。 |
forensic | 取证 | eindeutig | Examine the contents of Outlook Express DBX email repository files (forensic purposes) | 检查Outlook Express DBX电子邮件存储库文件的内容(取证目的) |
forensic | 取证 | emldump | Analyze MIME files. | 分析MIME文件。 |
forensic | 取证 | evtkit | Fix acquired .evt - Windows Event Log files (Forensics). | 修复获取的.evt - Windows事件日志文件(取证)。 |
forensic | 取证 | exiv2 | Exif, Iptc and XMP metadata manipulation library and tools | Exif,Iptc和XMP元数据操作库和工具 |
forensic | 取证 | extundelete | Utility for recovering deleted files from ext2, ext3 or ext4 partitions by parsing the journal | 用于通过解析日志从ext2,ext3或ext4分区恢复已删除文件的实用程序 |
forensic | 取证 | foremost | A console program to recover files based on their headers, footers, and internal data structures | 一个控制台程序,用于根据页眉,页脚和内部数据结构恢复文件 |
forensic | 取证 | fridump | A universal memory dumper using Frida. | 使用Frida的通用内存转储器。 |
forensic | 取证 | galleta | Examine the contents of the IE's cookie files for forensic purposes | 检查IE的cookie文件的内容以进行取证 |
forensic | 取证 | grokevt | A collection of scripts built for reading Windows® NT/2K/XP/2K eventlog files. | 为读取Windows®NT/ 2K / XP / 2K事件日志文件而构建的脚本集合。 |
forensic | 取证 | guymager | A forensic imager for media acquisition. | 用于媒体获取的取证成像器。 |
forensic | 取证 | imagemounter | Command line utility and Python package to ease the (un)mounting of forensic disk images. | 命令行实用程序和Python包,以简化(取消)安装取证磁盘映像。 |
forensic | 取证 | indxparse | A Tool suite for inspecting NTFS artifacts. | 用于检查NTFS工件的工具套件。 |
forensic | 取证 | interrogate | A proof-of-concept tool for identification of cryptographic keys in binary material (regardless of target operating system), first and foremost for memory dump analysis and forensic usage. | 概念验证工具,用于识别二进制材料中的加密密钥(无论目标操作系统如何),首先是内存转储分析和取证使用。 |
forensic | 取证 | iosforensic | iOS forensic tool https://www.owasp.org/index.php/Projects/OWASP_iOSForensic | iOS取证工具https://www.owasp.org/index.php/Projects/OWASP_iOSForensic |
forensic | 取证 | ipba2 | IOS Backup Analyzer | IOS备份分析器 |
forensic | 取证 | iphoneanalyzer | Allows you to forensically examine or recover date from in iOS device. | 允许您从iOS设备中进行法医检查或恢复日期。 |
forensic | 取证 | lazagne | An open source application used to retrieve lots of passwords stored on a local computer. | 一种开源应用程序,用于检索存储在本地计算机上的大量密码。 |
forensic | 取证 | lfle | Recover event log entries from an image by heurisitically looking for record structures. | 通过heurisitically查找记录结构从映像中恢复事件日志条目。 |
forensic | 取证 | limeaide | Remotely dump RAM of a Linux client and create a volatility profile for later analysis on your local host. | 远程转储Linux客户端的RAM并创建易失性配置文件,以便以后在本地主机上进行分析。 |
forensic | 取证 | loki-scanner | Simple IOC and Incident Response Scanner. | 简单的IOC和事件响应扫描程序。 |
forensic | 取证 | mac-robber | A digital investigation tool that collects data from allocated files in a mounted file system. | 一种数字调查工具,用于从已安装的文件系统中的已分配文件中收集数据。 |
forensic | 取证 | magicrescue | Find and recover deleted files on block devices | 在块设备上查找并恢复已删除的文件 |
forensic | 取证 | make-pdf | This tool will embed javascript inside a PDF document. | 此工具将javascript嵌入PDF文档中。 |
forensic | 取证 | malheur | A tool for the automatic analyze of malware behavior. | 用于自动分析恶意软件行为的工具。 |
forensic | 取证 | maltego | An open source intelligence and forensics application, enabling to easily gather information about DNS, domains, IP addresses, websites, persons, etc. | 一个开源智能和取证应用程序,可以轻松收集有关DNS,域,IP地址,网站,人员等的信息。 |
forensic | 取证 | malwaredetect | Submits a file's SHA1 sum to VirusTotal to determine whether it is a known piece of malware | 向VirusTotal提交文件的SHA1总和,以确定它是否是已知的恶意软件 |
forensic | 取证 | mboxgrep | A small, non-interactive utility that scans mail folders for messages matching regular expressions. It does matching against basic and extended POSIX regular expressions, and reads and writes a variety of mailbox formats. | 一种小型非交互式实用程序,用于扫描邮件文件夹中是否存在与正则表达式匹 它与基本和扩展的POSIX正则表达式匹配,并读取和写入各种邮箱格式。 |
forensic | 取证 | memdump | Dumps system memory to stdout, skipping over holes in memory maps. | 将系统内存转储到stdout,跳过内存映射中的漏洞。 |
forensic | 取证 | memfetch | Dumps any userspace process memory without affecting its execution. | 转储任何用户空间进程内存而不影响其执行。 |
forensic | 取证 | mimipenguin | A tool to dump the login password from the current linux user. | 从当前linux用户转储登录密码的工具。 |
forensic | 取证 | mobiusft | An open-source forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. | 一个用Python / GTK编写的开源取证框架,用于管理案例和案例项,为开发扩展提供抽象接口。 |
forensic | 取证 | mp3nema | A tool aimed at analyzing and capturing data that is hidden between frames in an MP3 file or stream, otherwise noted as "out of band" data. | 一种旨在分析和捕获隐藏在MP3文件或流中的帧之间的数据的工具,否则称为“带外”数据。 |
forensic | 取证 | mxtract | Memory Extractor & Analyzer. | 内存提取器和分析器。 |
forensic | 取证 | naft | Network Appliance Forensic Toolkit. | Network Appliance取证工具包。 |
forensic | 取证 | networkminer | A Network Forensic Analysis Tool for advanced Network Traffic Analysis, sniffer and packet analyzer. | 用于高级网络流量分析,嗅探器和数据包分析器的网络取证分析工具。 |
forensic | 取证 | nfex | A tool for extracting files from the network in real-time or post-capture from an offline tcpdump pcap savefile. | 用于从脱机tcpdump pcap savefile实时或后捕获从网络中提取文件的工具。 |
forensic | 取证 | ntdsxtract | Active Directory forensic framework. | Active Directory取证框架。 |
forensic | 取证 | parse-evtx | A tool to parse the Windows XML Event Log (EVTX) format. | 一种解析Windows XML事件日志(EVTX)格式的工具。 |
forensic | 取证 | pasco | Examines the contents of Internet Explorer's cache files for forensic purposes | 检查Internet Explorer缓存文件的内容以进行取证 |
forensic | 取证 | pcapxray | A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction. | 网络取证工具 - 将数据包捕获脱机可视化为包含设备标识的网络图,突出显示重要的通信和文件提取。 |
forensic | 取证 | pdf-parser | Parses a PDF document to identify the fundamental elements used in the analyzed file. | 解析PDF文档以识别分析文件中使用的基本元素。 |
forensic | 取证 | pdfbook-analyzer | Utility for facebook memory forensics. | 用于facebook内存取证的实用程序。 |
forensic | 取证 | pdfid | Scan a file to look for certain PDF keywords. | 扫描文件以查找某些PDF关键字。 |
forensic | 取证 | pdfresurrect | A tool aimed at analyzing PDF documents. | 一种旨在分析PDF文档的工具。 |
forensic | 取证 | peepdf | A Python tool to explore PDF files in order to find out if the file can be harmful or not | 用于探索PDF文件的Python工具,以确定文件是否有害 |
forensic | 取证 | perl-image-exiftool | Reader and rewriter of EXIF informations that supports raw files | 支持原始文件的EXIF信息的读取器和重写器 |
forensic | 取证 | pev | Command line based tool for PE32/PE32+ file analysis. | 基于命令行的PE32 / PE32 +文件分析工具。 |
forensic | 取证 | python-rekall | Memory Forensic Framework. | 记忆取证框架。 |
forensic | 取证 | python2-rekall | Memory Forensic Framework. | 记忆取证框架。 |
forensic | 取证 | recoverjpeg | Recover jpegs from damaged devices. | 从受损设备中恢复jpeg。 |
forensic | 取证 | recuperabit | A tool for forensic file system reconstruction. | 用于取证文件系统重建的工具。 |
forensic | 取证 | reglookup | Command line utility for reading and querying Windows NT registries | 用于读取和查询Windows NT注册表的命令行实用程序 |
forensic | 取证 | rekall | Memory Forensic Framework. | 记忆取证框架。 |
forensic | 取证 | replayproxy | Forensic tool to replay web-based attacks (and also general HTTP traffic) that were captured in a pcap file. | 用于重放在pcap文件中捕获的基于Web的攻击(以及常规HTTP流量)的取证工具。 |
forensic | 取证 | rifiuti2 | A rewrite of rifiuti, a great tool from Foundstone folks for analyzing Windows Recycle Bin INFO2 file. | 重写rifiuti,这是Foundstone人员分析Windows回收站INFO2文件的一个很棒的工具。 |
forensic | 取证 | rkhunter | Checks machines for the presence of rootkits and other unwanted tools. | 检查机器是否存在rootkit和其他不需要的工具。 |
forensic | 取证 | safecopy | A disk data recovery tool to extract data from damaged media. | 磁盘数据恢复工具,用于从损坏的介质中提取数据。 |
forensic | 取证 | scalpel | A frugal, high performance file carver. | 节俭,高性能的文件雕刻师。 |
forensic | 取证 | scrounge-ntfs | Data recovery program for NTFS file systems | NTFS文件系统的数据恢复程序 |
forensic | 取证 | skypefreak | A Cross Platform Forensic Framework for Skype. | Skype的跨平台取证框架。 |
forensic | 取证 | sleuthkit | File system and media management forensic analysis tools | 文件系统和媒体管理取证分析工具 |
forensic | 取证 | swap-digger | A tool used to automate Linux swap analysis during post-exploitation or forensics. | 用于在后期利用或取证期间自动执行Linux交换分析的工具。 |
forensic | 取证 | tchunt-ng | Reveal encrypted files stored on a filesystem. | 显示存储在文件系统上的加密文件。 |
forensic | 取证 | tekdefense-automater | IP URL and MD5 OSINT Analysis | IP URL和MD5 OSINT分析 |
forensic | 取证 | testdisk | Checks and undeletes partitions + PhotoRec, signature based recovery tool | 检查并取消删除分区+ PhotoRec,基于签名的恢复工具 |
forensic | 取证 | thumbcacheviewer | Extract Windows thumbcache database files. | 提取Windows thumbcache数据库文件。 |
forensic | 取证 | trid | An utility designed to identify file types from their binary signatures. | 用于从二进制签名中识别文件类型的实用程序。 |
forensic | 取证 | truehunter | Detect TrueCrypt containers using a fast and memory efficient approach. | 使用快速且内存有效的方法检测TrueCrypt容器。 |
forensic | 取证 | unhide | A forensic tool to find processes hidden by rootkits, LKMs or by other techniques. | 一种取证工具,用于查找rootkit,LKM或其他技术隐藏的进程。 |
forensic | 取证 | vinetto | A forensics tool to examine Thumbs.db files | 用于检查Thumbs.db文件的取证工具 |
forensic | 取证 | volafox | Mac OS X Memory Analysis Toolkit. | Mac OS X内存分析工具包。 |
forensic | 取证 | volatility | Advanced memory forensics framework | 高级内存取证框架 |
forensic | 取证 | xplico | Internet Traffic Decoder. Network Forensic Analysis Tool (NFAT). | 互联网流量解码器。网络取证分析工具(NFAT)。 |
forensic | 取证 | zipdump | ZIP dump utility. | ZIP转储实用程序。 |
fuzzer | 模糊器 | afl | Security-oriented fuzzer using compile-time instrumentation and genetic algorithms | 使用编译时仪器和遗传算法的面向安全的模糊器 |
fuzzer | 模糊器 | ajpfuzzer | A command-line fuzzer for the Apache JServ Protocol (ajp13). | Apache JServ协议(ajp13)的命令行模糊器。 |
fuzzer | 模糊器 | backfuzz | A network protocol fuzzing toolkit. | 网络协议模糊测试工具包。 |
fuzzer | 模糊器 | bfuzz | Input based fuzzer tool for browsers. | 基于输入的浏览器fuzzer工具。 |
fuzzer | 模糊器 | browser-fuzzer | Browser Fuzzer 3 | 浏览器Fuzzer 3 |
fuzzer | 模糊器 | bunny | A closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. | 用于C程序的闭环,高性能,通用协议盲目模糊器。 |
fuzzer | 模糊器 | burpsuite | An integrated platform for attacking web applications (free edition). | 用于攻击Web应用程序的集成平台(免费版)。 |
fuzzer | 模糊器 | choronzon | An evolutionary knowledge-based fuzzer. | 一种基于知识的进化模糊器。 |
fuzzer | 模糊器 | cirt-fuzzer | A simple TCP/UDP protocol fuzzer. | 一个简单的TCP / UDP协议模糊器。 |
fuzzer | 模糊器 | conscan | A blackbox vulnerability scanner for the Concre5 CMS. | 适用于Concre5 CMS的黑盒漏洞扫描程序。 |
fuzzer | 模糊器 | cookie-cadger | An auditing tool for Wi-Fi or wired Ethernet connections. | 用于Wi-Fi或有线以太网连接的审计工具。 |
fuzzer | 模糊器 | crlf-injector | A python script for testing CRLF injecting issues. | 用于测试CRLF注入问题的python脚本。 |
fuzzer | 模糊器 | dizzy | A Python based fuzzing framework with many features. | 基于Python的模糊测试框架,具有许多功能。 |
fuzzer | 模糊器 | doona | A fork of the Bruteforce Exploit Detector Tool (BED). | Bruteforce Exploit Detector Tool(BED)的一个分支。 |
fuzzer | 模糊器 | easyfuzzer | A flexible fuzzer, not only for web, has a CSV output for efficient output analysis (platform independant). | 灵活的模糊器,不仅适用于Web,还具有CSV输出,可进行高效的输出分析(平台无关)。 |
fuzzer | 模糊器 | firewalk | An active reconnaissance network security tool | 一种主动侦察网络安全工具 |
fuzzer | 模糊器 | flyr | Block-based software vulnerability fuzzing framework. | 基于块的软件漏洞模糊测试框架。 |
fuzzer | 模糊器 | frisbeelite | A GUI-based USB device fuzzer. | 基于GUI的USB设备模糊器。 |
fuzzer | 模糊器 | ftester | A tool designed for testing firewall filtering policies and Intrusion Detection System (IDS) capabilities. | 一种用于测试防火墙过滤策略和入侵检测系统(IDS)功能的工具。 |
fuzzer | 模糊器 | ftp-fuzz | The master of all master fuzzing scripts specifically targeted towards FTP server sofware. | 所有主要模糊脚本的主人专门针对FTP服务器软件。 |
fuzzer | 模糊器 | fuddly | Fuzzing and Data Manipulation Framework (for GNU/Linux). | 模糊测试和数据操作框架(适用于GNU / Linux)。 |
fuzzer | 模糊器 | fusil | A Python library used to write fuzzing programs. | 用于编写模糊测试程序的Python库。 |
fuzzer | 模糊器 | fuzzball2 | A little fuzzer for TCP and IP options. It sends a bunch of more or less bogus packets to the host of your choice. | TCP和IP选项有点模糊。它会向您选择的主机发送一堆或多或少的虚假数据包。 |
fuzzer | 模糊器 | fuzzdb | Attack and Discovery Pattern Dictionary for Application Fault Injection Testing | 应用故障注入测试的攻击和发现模式字典 |
fuzzer | 模糊器 | fuzzdiff | A simple tool designed to help out with crash analysis during fuzz testing. It selectively 'un-fuzzes' portions of a fuzzed file that is known to cause a crash, re-launches the targeted application, and sees if it still crashes. | 一个简单的工具,旨在帮助在模糊测试期间进行崩溃分析。它选择性地“取消模糊”已知导致崩溃的模糊文件部分,重新启动目标应用程序,并查看它是否仍然崩溃。 |
fuzzer | 模糊器 | grr | High-throughput fuzzer and emulator of DECREE binaries. | DECREE二进制文件的高吞吐量模糊器和模拟器。 |
fuzzer | 模糊器 | hexorbase | A database application designed for administering and auditing multiple database servers simultaneously from a centralized location. It is capable of performing SQL queries and bruteforce attacks against common database servers (MySQL, SQLite, Microsoft SQL Server, Oracle, PostgreSQL). | 一种数据库应用程序,用于从集中位置同时管理和审核多个数据库服务器。它能够对常见的数据库服务器(MySQL,SQLite,Microsoft SQL Server,Oracle,PostgreSQL)执行SQL查询和暴力攻击。 |
fuzzer | 模糊器 | hodor | A general-use fuzzer that can be configured to use known-good input and delimiters in order to fuzz specific locations. | 通用型模糊器,可配置为使用已知良好的输入和分隔符以模糊特定位置。 |
fuzzer | 模糊器 | honggfuzz | A general-purpose fuzzer with simple, command-line interface. | 具有简单命令行界面的通用模糊器。 |
fuzzer | 模糊器 | http-fuzz | A simple http fuzzer. | 一个简单的http模糊器。 |
fuzzer | 模糊器 | ifuzz | A binary file fuzzer with several options. | 带有多个选项的二进制文件模糊器。 |
fuzzer | 模糊器 | ikeprober | Tool crafting IKE initiator packets and allowing many options to be manually set. Useful to find overflows, error conditions and identifiyng vendors | 工具制作IKE启动程序数据包并允许手动设置许多选项。用于查找溢出,错误条件和识别供应商 |
fuzzer | 模糊器 | jbrofuzz | Web application protocol fuzzer that emerged from the needs of penetration testing. | 从渗透测试的需求出现的Web应用程序协议模糊器。 |
fuzzer | 模糊器 | kitty-framework | Fuzzing framework written in python. | 用python编写的模糊框架。 |
fuzzer | 模糊器 | malybuzz | A Python tool focused in discovering programming faults in network software. | 一个Python工具,专注于发现网络软件中的编程错误。 |
fuzzer | 模糊器 | melkor | An ELF fuzzer that mutates the existing data in an ELF sample given to create orcs (malformed ELFs), however, it does not change values randomly (dumb fuzzing), instead, it fuzzes certain metadata with semi-valid values through the use of fuzzing rules (knowledge base). | ELF模糊器改变ELF样本中的现有数据,用于创建orcs(格式错误的ELF),但是,它不会随机更改值(哑模糊),而是通过使用模糊测试将某些元数据模糊为半有效值规则(知识库)。 |
fuzzer | 模糊器 | notspikefile | A Linux based file format fuzzing tool | 基于Linux的文件格式模糊测试工具 |
fuzzer | 模糊器 | oat | A toolkit that could be used to audit security within Oracle database servers. | 可用于审核Oracle数据库服务器内安全性的工具包。 |
fuzzer | 模糊器 | ohrwurm | A small and simple RTP fuzzer. | 一个小而简单的RTP模糊器。 |
fuzzer | 模糊器 | oscanner | An Oracle assessment framework developed in Java. | 用Java开发的Oracle评估框架。 |
fuzzer | 模糊器 | peach | A SmartFuzzer that is capable of performing both generation and mutation based fuzzing. | SmartFuzzer,能够执行基于生成和基于突变的模糊测试。 |
fuzzer | 模糊器 | peach-fuzz | Simple vulnerability scanning framework. | 简单的漏洞扫描框架。 |
fuzzer | 模糊器 | pentbox | A security suite that packs security and stability testing oriented tools for networks and systems. | 一种安全套件,包含面向网络和系统的安全性和稳定性测试导向工具。 |
fuzzer | 模糊器 | portmanteau | An experimental unix driver IOCTL security tool that is useful for fuzzing and discovering device driver attack surface. | 一个实验性的unix驱动程序IOCTL安全工具,可用于模糊测试和发现设备驱动程序攻击面。 |
fuzzer | 模糊器 | powerfuzzer | Powerfuzzer is a highly automated web fuzzer based on many other Open Source fuzzers available (incl. cfuzzer, fuzzled, fuzzer.pl, jbrofuzz, webscarab, wapiti, Socket Fuzzer). It can detect XSS, Injections (SQL, LDAP, commands, code, XPATH) and others. | Powerfuzzer是一款高度自动化的网络模糊器,基于许多其他开源模糊器(包括cfuzzer,fuzzled,fuzzer.pl,jbrofuzz,webscarab,wapiti,Socket Fuzzer)。它可以检测XSS,注入(SQL,LDAP,命令,代码,XPATH)等。 |
fuzzer | 模糊器 | profuzz | Simple PROFINET fuzzer based on Scapy. | 基于Scapy的简单PROFINET模糊器。 |
fuzzer | 模糊器 | pulsar | Protocol Learning and Stateful Fuzzing. | 协议学习和状态模糊测试。 |
fuzzer | 模糊器 | pyjfuzz | Python JSON Fuzzer. | Python JSON Fuzzer。 |
fuzzer | 模糊器 | radamsa | General purpose mutation based fuzzer | 基于通用变异的模糊器 |
fuzzer | 模糊器 | ratproxy | A passive web application security assessment tool | 被动Web应用程序安全评估工具 |
fuzzer | 模糊器 | s3-fuzzer | A concurrent, command-line AWS S3 Fuzzer. | 并发命令行AWS S3 Fuzzer。 |
fuzzer | 模糊器 | sandsifter | The x86 processor fuzzer. | x86处理器模糊器。 |
fuzzer | 模糊器 | sfuzz | A simple fuzzer. | 一个简单的模糊器。 |
fuzzer | 模糊器 | sloth-fuzzer | A smart file fuzzer. | 一个智能文件模糊器。 |
fuzzer | 模糊器 | smtp-fuzz | Simple smtp fuzzer. | 简单的smtp模糊器。 |
fuzzer | 模糊器 | snmp-fuzzer | SNMP fuzzer uses Protos test cases with an entirely new engine written in Perl. | SNMP模糊器使用Protos测试用例和一个用Perl编写的全新引擎。 |
fuzzer | 模糊器 | socketfuzz | Simple socket fuzzer. | 简单的插座模糊器。 |
fuzzer | 模糊器 | spiderpig-pdffuzzer | A javascript pdf fuzzer | 一个javascript pdf模糊器 |
fuzzer | 模糊器 | spike-fuzzer | IMMUNITYsec's fuzzer creation kit in C. | IMMUNITYsec在C中的模糊创建工具包 |
fuzzer | 模糊器 | sploitego | Maltego Penetration Testing Transforms. | Maltego渗透测试转换。 |
fuzzer | 模糊器 | sqlbrute | Brute forces data out of databases using blind SQL injection. | 使用盲SQL注入从数据库中强制数据。 |
fuzzer | 模糊器 | sulley | A pure-python fully automated and unattended fuzzing framework. | 纯python全自动和无人值守的模糊测试框架。 |
fuzzer | 模糊器 | taof | Taof is a GUI cross-platform Python generic network protocol fuzzer. | Taof是一个GUI跨平台的Python通用网络协议模糊器。 |
fuzzer | 模糊器 | tcpcontrol-fuzzer | 2^6 TCP control bit fuzzer (no ECN or CWR). | 2 ^ 6 TCP控制位模糊器(无ECN或CWR)。 |
fuzzer | 模糊器 | termineter | Smart meter testing framework | 智能电表测试框架 |
fuzzer | 模糊器 | tftp-fuzz | Master TFTP fuzzing script as part of the ftools series of fuzzers. | 硕士TFTP模糊测试脚本作为ftools系列模糊器的一部分。 |
fuzzer | 模糊器 | thefuzz | CLI fuzzing tool. | CLI fuzzing工具。 |
fuzzer | 模糊器 | trinity | A Linux System call fuzzer. | Linux系统调用fuzzer。 |
fuzzer | 模糊器 | uniofuzz | The universal fuzzing tool for browsers, web services, files, programs and network services/ports | 适用于浏览器,Web服务,文件,程序和网络服务/端口的通用模糊测试工具 |
fuzzer | 模糊器 | uniscan | A simple Remote File Include, Local File Include and Remote Command Execution vulnerability scanner. | 一个简单的远程文件包含,本地文件包含和远程命令执行漏洞扫描程序。 |
fuzzer | 模糊器 | w3af | Web Application Attack and Audit Framework. | Web应用程序攻击和审计框架。 |
fuzzer | 模糊器 | wapiti | A vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, LDAP injections, CRLF injections... | Web应用程序的漏洞扫描程序。它目前正在搜索XSS,SQL和XPath注入,文件包含,命令执行,LDAP注入,CRLF注入等漏洞...... |
fuzzer | 模糊器 | webscarab | Framework for analysing applications that communicate using the HTTP and HTTPS protocols | 用于分析使用HTTP和HTTPS协议进行通信的应用程序的框架 |
fuzzer | 模糊器 | webshag | A multi-threaded, multi-platform web server audit tool. | 一种多线程,多平台的Web服务器审计工具。 |
fuzzer | 模糊器 | wfuzz | Utility to bruteforce web applications to find their not linked resources. | 用于强制Web应用程序查找未链接资源的实用程序。 |
fuzzer | 模糊器 | wsfuzzer | A Python tool written to automate SOAP pentesting of web services. | 一种Python工具,用于自动化Web测试的Web测试。 |
fuzzer | 模糊器 | zzuf | Transparent application input fuzzer | 透明应用程序输入模糊器 |
hardware | 硬件 | arduino | Arduino prototyping platform SDK | Arduino原型平台SDK |
hardware | 硬件 | chipsec | Platform Security Assessment Framework. | 平台安全评估框架。 |
hardware | 硬件 | dex2jar | A tool for converting Android's .dex format to Java's .class format | 用于将Android的.dex格式转换为Java的.class格式的工具 |
hardware | 硬件 | hdmi-sniff | HDMI DDC (I2C) inspection tool. It is designed to demonstrate just how easy it is to recover HDCP crypto keys from HDMI devices. | HDMI DDC(I2C)检测工具。它旨在演示从HDMI设备恢复HDCP加密密钥的难易程度。 |
hardware | 硬件 | kautilya | Pwnage with Human Interface Devices using Teensy++2.0 and Teensy 3.0 devices. | Pwnage与人机接口设备使用Teensy ++ 2.0和Teensy 3.0设备。 |
hardware | 硬件 | pcileech | Tool, which uses PCIe hardware devices to read and write from the target system memory. | 工具,它使用PCIe硬件设备从目标系统内存进行读写。 |
honeypot | 蜜罐 | beeswarm | Honeypot deployment made easy http://www.beeswarm-ids.org/ | 蜜罐部署变得简单http://www.beeswarm-ids.org/ |
honeypot | 蜜罐 | conpot | ICS honeypot with the goal to collect intelligence about the motives and methods of adversaries targeting industrial control systems url="http://conpot.org" | ICS蜜罐,旨在收集有关针对工业控制系统的敌人的动机和方法的情报url =“http://conpot.org” |
honeypot | 蜜罐 | fakeap | Black Alchemy's Fake AP generates thousands of counterfeit 802.11b access points. Hide in plain sight amongst Fake AP's cacophony of beacon frames. | Black Alchemy的Fake AP会产生数千个伪造的802.11b接入点。隐藏在假AP的烽火台框架中。 |
honeypot | 蜜罐 | fiked | Fake IDE daemon | 假IDE守护进程 |
honeypot | 蜜罐 | heartbleed-honeypot | Script that listens on TCP port 443 and responds with completely bogus SSL heartbeat responses, unless it detects the start of a byte pattern similar to that used in Jared Stafford's | 侦听TCP端口443并以完全伪造的SSL心跳响应进行响应的脚本,除非它检测到类似于Jared Stafford中使用的字节模式的开始 |
honeypot | 蜜罐 | honeyd | A small daemon that creates virtual hosts on a network. | 一个在网络上创建虚拟主机的小守护程序。 |
honeypot | 蜜罐 | honeypy | A low interaction Honeypot. | 低交互蜜罐。 |
honeypot | 蜜罐 | honssh | A high-interaction Honey Pot solution designed to log all SSH communications between a client and server. | 高交互性Honey Pot解决方案,用于记录客户端和服务器之间的所有SSH通信。 |
honeypot | 蜜罐 | hpfeeds | Honeynet Project generic authenticated datafeed protocol. | Honeynet Project通用认证数据馈送协议。 |
honeypot | 蜜罐 | kippo | A medium interaction SSH honeypot designed to log brute force attacks and most importantly, the entire shell interaction by the attacker. | 一种中等交互式SSH蜜罐,用于记录暴力攻击,最重要的是,攻击者进行整个shell交互。 |
honeypot | 蜜罐 | pshitt | A lightweight fake SSH server designed to collect authentication data sent by intruders. | 轻量级假SSH服务器,用于收集入侵者发送的身份验证数据。 |
honeypot | 蜜罐 | ssh-honeypot | Fake sshd that logs ip addresses, usernames, and passwords. | 记录IP地址,用户名和密码的假sshd。 |
honeypot | 蜜罐 | wifi-honey | A management tool for wifi honeypots. | wifi蜜罐的管理工具。 |
honeypot | 蜜罐 | wordpot | A Wordpress Honeypot. | 一个Wordpress蜜罐。 |
ids | 入侵检测 | sagan | A snort-like log analysis engine. | 类似snort的日志分析引擎。 |
keylogger | 键盘记录 | logkeys | A GNU/Linux keylogger that worked. | 一个有效的GNU / Linux键盘记录器。 |
keylogger | 键盘记录 | python-keylogger | Simple keystroke logger. | 简单的击键记录器。 |
keylogger | 键盘记录 | xspy | A utility for monitoring keypresses on remote X servers | 用于监视远程X服务器上的按键的实用程序 |
malware | 恶意软件 | balbuzard | A package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). | python中的一套恶意软件分析工具,用于从可疑文件中提取感兴趣的模式(IP地址,域名,已知文件头,有趣的字符串等)。 |
malware | 恶意软件 | bamf-framework | A modular framework designed to be a platform to launch attacks against botnets. | 模块化框架,旨在成为针对僵尸网络发起攻击的平台。 |
malware | 恶意软件 | bdlogparser | This is a utility to parse a Bit Defender log file, in order to sort them into a malware archive for easier maintanence of your malware collection. | 这是一个解析Bit Defender日志文件的实用程序,以便将它们分类为恶意软件存档,以便更轻松地维护您的恶意软件集合。 |
malware | 恶意软件 | box-js | A tool for studying JavaScript malware. | 用于研究JavaScript恶意软件的工具。 |
malware | 恶意软件 | clamscanlogparser | This is a utility to parse a Clam Anti Virus log file, in order to sort them into a malware archive for easier maintanence of your malware collection. | 这是一个解析Clam Anti Virus日志文件的实用程序,以便将它们分类为恶意软件存档,以便更轻松地维护您的恶意软件集合。 |
malware | 恶意软件 | cuckoo | Automated malware analysis system. | 自动恶意软件分析系统。 |
malware | 恶意软件 | damm | Differential Analysis of Malware in Memory. | 内存中恶意软件的差异性分析。 |
malware | 恶意软件 | fakenet-ng | Next Generation Dynamic Network Analysis Tool. | 下一代动态网络分析工具。 |
malware | 恶意软件 | fileintel | A modular Python application to pull intelligence about malicious files. | 模拟Python应用程序,用于提取有关恶意文件的信息。 |
malware | 恶意软件 | flare-floss | Obfuscated String Solver - Automatically extract obfuscated strings from malware. | 混淆的字符串解算器 - 自动从恶意软件中提取混淆的字符串。 |
malware | 恶意软件 | fprotlogparser | This is a utility to parse a F-Prot Anti Virus log file, in order to sort them into a malware archive for easier maintanence of your collection. | 这是一个解析F-Prot反病毒日志文件的实用程序,以便将它们分类为恶意软件存档,以便于维护您的集合。 |
malware | 恶意软件 | gcat | A fully featured backdoor that uses Gmail as a C&C server. | 功能齐全的后门程序,使用Gmail作为C&C服务器。 |
malware | 恶意软件 | malboxes | Builds malware analysis Windows VMs so that you don't have to. | 构建恶意软件分析Windows VM,以便您不必这样做。 |
malware | 恶意软件 | malscan | A Simple PE File Heuristics Scanner. | 一个简单的PE文件启发式扫描程序。 |
malware | 恶意软件 | maltrieve | Originated as a fork of mwcrawler. It retrieves malware directly from the sources as listed at a number of sites. | 起源于mwcrawler的一个分支。它直接从多个站点列出的源检索恶意软件。 |
malware | 恶意软件 | malware-check-tool | Python script that detects malicious files via checking md5 hashes from an offline set or via the virustotal site. It has http proxy support and an update feature. | Python脚本,通过检查来自脱机集或通过virustotal站点的md5哈希来检测恶意文件。它具有http代理支持和更新功能。 |
malware | 恶意软件 | noriben | Portable, Simple, Malware Analysis Sandbox. | 便携,简单,恶意软件分析沙箱。 |
malware | 恶意软件 | origami | Aims at providing a scripting tool to generate and analyze malicious PDF files. | 旨在提供用于生成和分析恶意PDF文件的脚本工具。 |
malware | 恶意软件 | peframe | Tool to perform static analysis on (portable executable) malware. | 用于对(可移植可执行)恶意软件执行静态分析的工具。 |
malware | 恶意软件 | pftriage | Python tool and library to help analyze files during malware triage and analysis. | Python工具和库,用于在恶意软件分类和分析期间帮助分析文件。 |
malware | 恶意软件 | pyew | A python tool to analyse malware. | 用于分析恶意软件的python工具。 |
malware | 恶意软件 | python2-yara | Tool aimed at helping malware researchers to identify and classify malware samples | 旨在帮助恶意软件研究人员识别和分类恶意软件样本的工具 |
malware | 恶意软件 | sea | A tool to help to create exploits of binary programs. | 一种帮助创建二进制程序漏洞利用的工具。 |
malware | 恶意软件 | ssma | Simple Static Malware Analyzer. | 简单静态恶意软件分析器。 |
malware | 恶意软件 | thezoo | A project created to make the possibility of malware analysis open and available to the public. | 创建一个项目,使恶意软件分析的可能性开放并向公众开放。 |
malware | 恶意软件 | virustotal | Command-line utility to automatically lookup on VirusTotal all files recursively contained in a directory. | 命令行实用程序,用于在VirusTotal上自动查找递归包含在目录中的所有文件。 |
malware | 恶意软件 | vmcloak | Automated Virtual Machine Generation and Cloaking for Cuckoo Sandbox. | 杜鹃沙盒的自动虚拟机生成和隐藏真实内容。 |
malware | 恶意软件 | yara | Tool aimed at helping malware researchers to identify and classify malware samples | 旨在帮助恶意软件研究人员识别和分类恶意软件样本的工具 |
malware | 恶意软件 | zerowine | Malware Analysis Tool - research project to dynamically analyze the behavior of malware | 恶意软件分析工具 - 动态分析恶意软件行为的研究项目 |
misc | 杂项 | airgraph-ng | Graphing tool for the aircrack suite. | 用于aircrack套件的图形工具。 |
misc | 杂项 | archivebox | The open source self-hosted web archive. Takes browser history/bookmarks/Pocket/Pinboard/etc., saves HTML, JS, PDFs, media, and more. | 开源自托管Web存档。使用浏览器历史/书签/ Pocket / Pinboard /等,保存HTML,JS,PDF,媒体等。 |
misc | 杂项 | arybo | Manipulation, canonicalization and identification of mixed boolean-arithmetic symbolic expressions. | 操纵,规范化和混合布尔算术符号表达式的识别。 |
misc | 杂项 | base64dump | Extract and decode base64 strings from files. | 从文件中提取和解码base64字符串。 |
misc | 杂项 | bettercap-ui | Official Bettercap's Web UI. | 官方Bettercap的Web UI。 |
misc | 杂项 | bokken | GUI for radare2 and pyew. | 用于radare2和pyew的GUI。 |
misc | 杂项 | centry | Cold boot & DMA protection | 冷启动和DMA保护 |
misc | 杂项 | checkiban | Checks the validity of an International Bank Account Number (IBAN). | 检查国际银行帐号(IBAN)的有效性。 |
misc | 杂项 | cisco-router-config | Tools to copy and merge Cisco Routers Configuration. | 用于复制和合并Cisco路由器配置的工具。 |
misc | 杂项 | cloakify | Data Exfiltration In Plain Sight; Evade DLP/MLS Devices; Social Engineering of Analysts; Evade AV Detection. | 平原视野中的数据泄漏; Evade DLP / MLS设备; 分析师社会工程; 避免AV检测。 |
misc | 杂项 | credmap | The Credential mapper - Tool that was created to bring awareness to the dangers of credential reuse. | 凭据映射器 - 用于提高对凭证重用危险性的认识而创建的工具。 |
misc | 杂项 | crosstool-ng | Versatile (cross-)toolchain generator. | 多功能(交叉)工具链发生器。 |
misc | 杂项 | dartspylru | Simple dictionary with LRU behaviour. | 具有LRU行为的简单字典。 |
misc | 杂项 | dbd | A Netcat-clone, designed to be portable and offer strong encryption. It runs on Unix-like operating systems and on Microsoft Win32. | Netcat克隆,旨在提供便携性并提供强大的加密功能。它运行在类Unix操作系统和Microsoft Win32上。 |
misc | 杂项 | dhcdrop | Remove illegal dhcp servers with IP-pool underflow. | 删除具有IP池下溢的非法dhcp服务器。 |
misc | 杂项 | domlink | A tool to link a domain with registered organisation names and emails, to other domains. | 用于将域与注册的组织名称和电子邮件链接到其他域的工具。 |
misc | 杂项 | dsd | Digital Speech Decoder | 数字语音解码器 |
misc | 杂项 | elettra | Encryption utility by Julia Identity | Julia Identity的加密实用程序 |
misc | 杂项 | elettra-gui | Gui for the elettra crypto application. | Gui为elettra加密应用程序。 |
misc | 杂项 | ent | Pseudorandom number sequence test. | 伪随机数序列测试。 |
misc | 杂项 | evilgrade | Modular framework that takes advantage of poor upgrade implementations by injecting fake updates. | 模块化框架,通过注入虚假更新来利用糟糕的升级实现。 |
misc | 杂项 | exrex | Irregular methods on regular expressions. | 正则表达式的不规则方法。 |
misc | 杂项 | extracthosts | Extracts hosts (IP/Hostnames) from files. | 从文件中提取主机(IP /主机名)。 |
misc | 杂项 | fakemail | Fake mail server that captures e-mails as files for acceptance testing. | 假邮件服务器将电子邮件捕获为验证测试文件。 |
misc | 杂项 | firefox-security-toolkit | A tool that transforms Firefox browsers into a penetration testing suite. | 一种将Firefox浏览器转换为渗透测试套件的工具。 |
misc | 杂项 | flare | Flare processes an SWF and extracts all scripts from it. | Flare处理SWF并从中提取所有脚本。 |
misc | 杂项 | genlist | Generates lists of IP addresses. | 生成IP地址列表。 |
misc | 杂项 | geoipgen | GeoIPgen is a country to IP addresses generator. | GeoIPgen是IP地址生成器的国家/地区。 |
misc | 杂项 | githubcloner | A script that clones Github repositories of users and organizations automatically. | 一个自动克隆用户和组织的Github存储库的脚本。 |
misc | 杂项 | graffiti | A tool to generate obfuscated one liners to aid in penetration testing. | 生成混淆的一个衬垫以帮助渗透测试的工具。 |
misc | 杂项 | h2spec | A conformance testing tool for HTTP/2 implementation. | 用于HTTP / 2实现的一致性测试工具。 |
misc | 杂项 | hashcat-utils | Set of small utilities that are useful in advanced password cracking | 一组在高级密码破解中有用的小实用程序 |
misc | 杂项 | hexyl | Colored command-line hex viewer | 彩色命令行十六进制查看器 |
misc | 杂项 | http-put | Simple http put perl script. | 简单的http放入perl脚本。 |
misc | 杂项 | httpscreenshot | A tool for grabbing screenshots and HTML of large numbers of websites. | 用于获取大量网站的屏幕截图和HTML的工具。 |
misc | 杂项 | httrack | An easy-to-use offline browser utility | 易于使用的离线浏览器实用程序 |
misc | 杂项 | imagegrep | Grep word in pdf or image based on OCR. | 基于OCR的pdf或图像中的grep单词。 |
misc | 杂项 | ipobfuscator | A simple tool to convert the IP to a DWORD IP. | 一种将IP转换为DWORD IP的简单工具。 |
misc | 杂项 | laudanum | A collection of injectable files, designed to be used in a pentest when SQL injection flaws are found and are in multiple languages for different environments. | 一组可注入文件,设计用于在发现SQL注入漏洞时用于pentest,并且针对不同的环境使用多种语言。 |
misc | 杂项 | leo | Literate programmer's editor, outliner, and project manager. | 文学程序员的编辑,大纲和项目经理。 |
misc | 杂项 | libpst | Outlook .pst file converter | Outlook .pst文件转换器 |
misc | 杂项 | magictree | A penetration tester productivity tool designed to allow easy and straightforward data consolidation, querying, external command execution and report generation | 渗透测试仪生产力工具,旨在实现简单,直接的数据整合,查询,外部命令执行和报告生成 |
misc | 杂项 | mibble | An open-source SNMP MIB parser (or SMI parser) written in Java. It can be used to read SNMP MIB files as well as simple ASN.1 files. | 用Java编写的开源SNMP MIB解析器(或SMI解析器)。它可用于读取SNMP MIB文件以及简单的ASN.1文件。 |
misc | 杂项 | minimodem | A command-line program which decodes (or generates) audio modem tones at any specified baud rate, using various framing protocols. | 一种命令行程序,使用各种成帧协议以任何指定的波特率解码(或生成)音频调制解调器音调。 |
misc | 杂项 | mrtparse | A module to read and analyze the MRT format data. | 用于读取和分析MRT格式数据的模块。 |
misc | 杂项 | msfdb | Manage the metasploit framework database. | 管理metasploit框架数据库。 |
misc | 杂项 | netkit-rwho | Remote who client and server (with Debian patches). | 远程谁客户端和服务器(与Debian补丁)。 |
misc | 杂项 | nmap-parse-output | Converts/manipulates/extracts data from a nmap scan output. | 从nmap扫描输出转换/操作/提取数据。 |
misc | 杂项 | nsearch | Minimal script to help find script into the nse database. | 帮助在nse数据库中找到脚本的最小脚本。 |
misc | 杂项 | onionshare | Securely and anonymously share a file of any size. | 安全地匿名共享任何大小的文件。 |
misc | 杂项 | plumber | A python implementation of a grep friendly ftrace wrapper. | grep友好的ftrace包装器的python实现。 |
misc | 杂项 | plutil | Converts .plist files between binary and UTF (editable) text formats. | 在二进制和UTF(可编辑)文本格式之间转换.plist文件。 |
misc | 杂项 | princeprocessor | Standalone password candidate generator using the PRINCE algorithm. | 使用PRINCE算法的独立密码候选生成器。 |
misc | 杂项 | pulledpork | Snort rule management. | Snort规则管理。 |
misc | 杂项 | pwdlogy | A target specific wordlist generating tool for social engineers and security researchers. | 针对社会工程师和安全研究人员的目标特定词汇表生成工具。 |
misc | 杂项 | pydictor | A useful hacker dictionary builder for a brute-force attack. | 一个有用的黑客字典构建器,用于暴力攻击。 |
misc | 杂项 | pyinstaller | A program that converts (packages) Python programs into stand-alone executables, under Windows, Linux, Mac OS X, Solaris and AIX. | 在Windows,Linux,Mac OS X,Solaris和AIX下将Python程序转换(打包)为独立可执行文件的程序。 |
misc | 杂项 | python-utidylib | Python bindings for Tidy HTML parser/cleaner. | Tidy HTML解析器/清理器的Python绑定。 |
misc | 杂项 | redpoint | Digital Bond's ICS Enumeration Tools. | Digital Bond的ICS枚举工具。 |
misc | 杂项 | rtfm | A database of common, interesting or useful commands, in one handy referable form. | 一个方便的参考形式的常见,有趣或有用命令的数据库。 |
misc | 杂项 | sasm | A simple crossplatform IDE for NASM, MASM, GAS and FASM assembly languages. | 用于NASM,MASM,GAS和FASM汇编语言的简单跨平台IDE。 |
misc | 杂项 | schnappi-dhcp | Can fuck network with no DHCP. | 他妈的网络没有DHCP。 |
misc | 杂项 | sh00t | A Testing Environment for Manual Security Testers. | 手动安全测试人员的测试环境。 |
misc | 杂项 | shelling | An offensive approach to the anatomy of improperly written OS command injection sanitisers. | 对不正确编写的OS命令注射杀菌剂的解剖学进攻方法。 |
misc | 杂项 | sleuthql | Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap. | Python3 Burp History解析工具,用于发现潜在的SQL注入点。与SQLmap一起使用。 |
misc | 杂项 | sslcat | SSLCat is a simple Unix utility that reads and writes data across an SSL enable network connection. | SSLCat是一个简单的Unix实用程序,可以通过SSL启用网络连接读取和写入数据。 |
misc | 杂项 | stompy | An advanced utility to test the quality of WWW session identifiers and other tokens that are meant to be unpredictable. | 一种高级实用程序,用于测试WWW会话标识符和其他令牌不可预测的令牌的质量。 |
misc | 杂项 | suricata-verify | Suricata Verification Tests - Testing Suricata Output. | Suricata验证测试 - 测试Suricata输出。 |
misc | 杂项 | tcpxtract | A tool for extracting files from network traffic. | 用于从网络流量中提取文件的工具。 |
misc | 杂项 | tnscmd | a lame tool to prod the oracle tnslsnr process (1521/tcp) | 刺激oracle tnslsnr进程的蹩脚工具(1521 / tcp) |
misc | 杂项 | tpcat | Tool based upon pcapdiff by the EFF. It will analyze two packet captures (taken on each side of the firewall as an example) and report any packets that were seen on the source capture but didn’t make it to the dest. | EFF基于pcapdiff的工具。它将分析两个数据包捕获(以防火墙的每一侧为例)并报告在源捕获中看到但未进入dest的任何数据包。 |
misc | 杂项 | uatester | User Agent String Tester | 用户代理字符串测试程序 |
misc | 杂项 | urlview | A curses URL parser for text files. | curses文本文件的URL解析器。 |
misc | 杂项 | usernamer | Pentest Tool to generate usernames/logins based on supplied names. | Pentest工具根据提供的名称生成用户名/登录。 |
misc | 杂项 | valabind | Tool to parse vala or vapi files to transform them into swig interface files, C++, NodeJS-ffi or GIR | 解析vala或vapi文件的工具,将它们转换为swig接口文件,C ++,NodeJS-ffi或GIR |
misc | 杂项 | verinice | Tool for managing information security. | 管理信息安全的工具。 |
misc | 杂项 | vfeed | Open Source Cross Linked and Aggregated Local Vulnerability Database main repository. | 开源交叉链接和聚合本地漏洞数据库主存储库。 |
misc | 杂项 | visualize-logs | A Python library and command line tools to provide interactive log visualization. | Python库和命令行工具,用于提供交互式日志可视化。 |
misc | 杂项 | web2ldap | Full-featured LDAP client running as web application. | 作为Web应用程序运行的全功能LDAP客户端。 |
misc | 杂项 | whapa | WhatsApp Parser Tool. | WhatsApp解析器工具。 |
misc | 杂项 | whatportis | A command to search port names and numbers. | 搜索端口名称和数字的命令。 |
misc | 杂项 | winexe | Remotely execute commands on Windows NT/2000/XP/2003 systems. | 在Windows NT / 2000 / XP / 2003系统上远程执行命令。 |
misc | 杂项 | winregfs | Windows Registry FUSE filesystem. | Windows注册表FUSE文件系统。 |
misc | 杂项 | wol-e | A suite of tools for the Wake on LAN feature of network attached computers. | 一套用于网络连接计算机的Wake on LAN功能的工具。 |
misc | 杂项 | wordlistctl | Fetch, install and search wordlist archives from websites and torrent peers. | 从网站和torrent对等方获取,安装和搜索wordlist档案。 |
misc | 杂项 | yay | Yet another yogurt. Pacman wrapper and AUR helper written in go. | 另一种酸奶。吃的Pacman包装和AUR帮助。 |
mobile | 移动 | androbugs | An efficient Android vulnerability scanner that helps developers or hackers find potential security vulnerabilities in Android applications. | 一款高效的Android漏洞扫描程序,可帮助开发人员或黑客发现Android应用程序中的潜在安全漏洞。 |
mobile | 移动 | androick | A python tool to help in forensics analysis on android. | 一个python工具,可以帮助在android上进行取证分析。 |
mobile | 移动 | android-ndk | Android C/C++ developer kit. | Android C / C ++开发人员套件。 |
mobile | 移动 | android-sdk | Google Android SDK | 谷歌Android SDK |
mobile | 移动 | android-udev-rules | Android udev rules. | Android udev规则。 |
mobile | 移动 | androidpincrack | Bruteforce the Android Passcode given the hash and salt. | 给出哈希和盐的强制执行Android密码。 |
mobile | 移动 | androidsniffer | A perl script that lets you search for 3rd party passwords, dump the call log, dump contacts, dump wireless configuration, and more. | 一个perl脚本,可让您搜索第三方密码,转储呼叫日志,转储联系人,转储无线配置等。 |
mobile | 移动 | androwarn | Yet another static code analyzer for malicious Android applications. | 另一种用于恶意Android应用程序的静态代码分析器 |
mobile | 移动 | apkid | Android Application Identifier for Packers, Protectors, Obfuscators and Oddities. | 包装工,保护装置,混淆器和奇怪的Android应用程序标识符。 |
mobile | 移动 | apkstat | Automated Information Retrieval From APKs For Initial Analysis. | 来自APK的自动信息检索用于初始分析。 |
mobile | 移动 | appmon | A runtime security testing & profiling framework for native apps on macOS, iOS & android and it is built using Frida. | 适用于macOS,iOS和android上的本机应用程序的运行时安全测试和分析框架,它是使用Frida构建的。 |
mobile | 移动 | backdoor-apk | Shell script that simplifies the process of adding a backdoor to any Android APK file | Shell脚本简化了向任何Android APK文件添加后门的过程 |
mobile | 移动 | backhack | Tool to perform Android app analysis by backing up and extracting apps, allowing you to analyze and modify file system contents for apps. | 通过备份和解压缩应用程序来执行Android应用程序分析的工具,允许您分析和修改应用程序的文件系统内容。 |
mobile | 移动 | bandicoot | A toolbox to analyze mobile phone metadata. | 用于分析手机元数据的工具箱。 |
mobile | 移动 | cnamulator | A phone CNAM lookup utility using the OpenCNAM API. | 使用OpenCNAM API的手机CNAM查找实用程序。 |
mobile | 移动 | dexpatcher | Modify Android DEX/APK files at source-level using Java. | 使用Java在源级别修改Android DEX / APK文件。 |
mobile | 移动 | drozer | A security testing framework for Android - Precompiled binary from official repository. | Android的安全测试框架 - 来自官方存储库的预编译二进制文件。 |
mobile | 移动 | findmyiphone | Locates all devices associated with an iCloud account | 找到与iCloud帐户关联的所有设备 |
mobile | 移动 | idb | A tool to simplify some common tasks for iOS pentesting and research. | 一种简化iOS测试和研究的常见任务的工具。 |
mobile | 移动 | kalibrate-rtl | Fork of http://thre.at/kalibrate/ for use with rtl-sdr devices. | http://thre.at/kalibrate/用于与rtl-sdr设备一起使用的叉子。 |
mobile | 移动 | lazydroid | Tool written as a bash script to facilitate some aspects of an Android Assessment | 作为bash脚本编写的工具,用于促进Android评估的某些方面 |
mobile | 移动 | mara-framework | A Mobile Application Reverse engineering and Analysis Framework. | 移动应用程序逆向工程和分析框架。 |
mobile | 移动 | mobsf | An intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static, dynamic analysis and web API testing. | 智能,一体化的开源移动应用程序(Android / iOS)自动笔测试框架,能够执行静态,动态分析和Web API测试。 |
mobile | 移动 | needle | The iOS Security Testing Framework. | iOS安全测试框架。 |
mobile | 移动 | qark | Tool to look for several security related Android application vulnerabilities. | 寻找几个与安全相关的Android应用程序漏洞的工具。 |
mobile | 移动 | sign | Automatically signs an apk with the Android test certificate. | 使用Android测试证书自动签署apk。 |
mobile | 移动 | simplify | Generic Android Deobfuscator. | 通用Android反混淆器。 |
mobile | 移动 | smali-cfgs | Smali Control Flow Graph's. | Smali控制流程图。 |
mobile | 移动 | smalisca | Static Code Analysis for Smali files. | Smali文件的静态代码分析。 |
mobile | 移动 | smartphone-pentest-framework | Repository for the Smartphone Pentest Framework (SPF). | 智能手机Pentest框架(SPF)的存储库。 |
mobile | 移动 | stacoan | Crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications. | Crossplatform工具,可以帮助开发人员,bugbounty猎人和道德黑客在移动应用程序上执行静态代码分析。 |
networking | 联网 | afpfs-ng | A client for the Apple Filing Protocol (AFP) | Apple文件协议(AFP)的客户 |
networking | 联网 | aiengine | A packet inspection engine with capabilities of learning without any human intervention. | 一种数据包检测引擎,具有无需人工干预即可学习的功能。 |
networking | 联网 | apacket | Sniffer syn and backscatter packets. | Sniffer syn和反向散射包。 |
networking | 联网 | argus | Network monitoring tool with flow control. | 具有流量控制的网络监控工具。 |
networking | 联网 | argus-clients | Network monitoring client for Argus. | Argus的网络监控客户端。 |
networking | 联网 | arp-scan | A tool that uses ARP to discover and fingerprint IP hosts on the local network | 使用ARP在本地网络上发现和指纹IP主机的工具 |
networking | 联网 | arpalert | Monitor ARP changes in ethernet networks. | 监控以太网网络中的ARP更改。 |
networking | 联网 | arptools | A simple tool about ARP broadcast, ARP attack, and data transmission. | 一个关于ARP广播,ARP攻击和数据传输的简单工具。 |
networking | 联网 | arpwner | GUI-based python tool for arp posioning and dns poisoning attacks. | 用于arp posioning和dns中毒攻击的基于GUI的python工具。 |
networking | 联网 | atftp | Client/server implementation of the TFTP protocol that implements RFCs 1350, 2090, 2347, 2348, and 2349 | 实现RFC 1350,2090,2347,2348和2349的TFTP协议的客户端/服务器实现 |
networking | 联网 | bind-tools | The ISC DNS tools | ISC DNS工具 |
networking | 联网 | bro | A powerful network analysis framework that is much different from the typical IDS you may know. | 一个强大的网络分析框架,与您可能知道的典型IDS有很大不同。 |
networking | 联网 | bro-aux | Handy auxiliary programs related to the use of the Bro Network Security Monitor (https://www.bro.org/). | 与使用Bro Network Security Monitor(https://www.bro.org/)相关的便捷辅助程序。 |
networking | 联网 | buttinsky | Provide an open source framework for automated botnet monitoring. | 为自动僵尸网络监控提供开源框架。 |
networking | 联网 | bypass-firewall-dns-history | Firewall bypass script based on DNS history records. | 防火墙绕过基于DNS历史记录的脚本。 |
networking | 联网 | cadaver | Command-line WebDAV client for Unix | 用于Unix的命令行WebDAV客户端 |
networking | 联网 | chameleon | A tool for evading Proxy categorisation. | 用于规避代理分类的工具。 |
networking | 联网 | chaosreader | A freeware tool to trace tcp, udp etc. sessions and fetch application data from snoop or tcpdump logs. | 一个免费软件工具,用于跟踪tcp,udp等会话,并从snoop或tcpdump日志中获取应用程序数据。 |
networking | 联网 | chopshop | Protocol Analysis/Decoder Framework. | 协议分析/解码器框架。 |
networking | 联网 | cidr2range | Script for listing the IP addresses contained in a CIDR netblock. | 用于列出CIDR网络块中包含的IP地址的脚本。 |
networking | 联网 | creak | Poison, reset, spoof, redirect MITM script. | 毒药,重置,欺骗,重定向MITM脚本。 |
networking | 联网 | cyberscan | A Network Pentesting Tool | 网络测试工具 |
networking | 联网 | depdep | A merciless sentinel which will seek sensitive files containing critical info leaking through your network. | 一个无情的哨兵,它将寻找包含通过您的网络泄漏的关键信息的敏感文件。 |
networking | 联网 | det | (extensible) Data Exfiltration Toolkit. | (可扩展)数据泄漏工具包。 |
networking | 联网 | dhcpoptinj | DHCP option injector. | DHCP选项注入器。 |
networking | 联网 | dinouml | A network simulation tool, based on UML (User Mode Linux) that can simulate big Linux networks on a single PC | 一种基于UML(用户模式Linux)的网络仿真工具,可以在一台PC上模拟大型Linux网络 |
networking | 联网 | dnsdiag | DNS Diagnostics and Performance Measurement Tools. | DNS诊断和性能测量工具。 |
networking | 联网 | dnsfilexfer | File transfer via DNS. | 通过DNS传输文件。 |
networking | 联网 | dnsteal | DNS Exfiltration tool for stealthily sending files over DNS requests.. | DNS Exfiltration工具,用于通过DNS请求秘密发送文件。 |
networking | 联网 | dripcap | Caffeinated Packet Analyzer. | 含咖啡因的包分析仪。 |
networking | 联网 | dtp-spoof | Python script/security tool to test Dynamic Trunking Protocol configuration on a switch. | 用于在交换机上测试动态中继协议配置的Python脚本/安全工具。 |
networking | 联网 | dump1090 | A simple Mode S decoder for RTLSDR devices. | 用于RTLSDR设备的简单模式S解码器。 |
networking | 联网 | etherape | Graphical network monitor for various OSI layers and protocols | 用于各种OSI层和协议的图形网络监视器 |
networking | 联网 | exabgp | The BGP swiss army knife of networking. | BGP瑞士军刀网络。 |
networking | 联网 | filibuster | A Egress filter mapping application with additional functionality. | 具有附加功能的Egress过滤器映射应用程序。 |
networking | 联网 | firecat | A penetration testing tool that allows you to punch reverse TCP tunnels out of a compromised network. | 一种渗透测试工具,允许您从受损网络中打出反向TCP隧道。 |
networking | 联网 | flowinspect | A network traffic inspection tool. | 网络流量检查工具。 |
networking | 联网 | fping | Utility to ping multiple hosts at once | 用于一次ping多个主机的实用程序 |
networking | 联网 | freeipmi | Sensor monitoring, system event monitoring, power control, and serial-over-LAN (SOL). | 传感器监控,系统事件监控,电源控制和LAN上串行(SOL)。 |
networking | 联网 | geoip | Non-DNS IP-to-country resolver C library & utils | 非DNS IP到国家/地区的解析器C库和实用程序 |
networking | 联网 | gspoof | A simple GTK/command line TCP/IP packet generator. | 一个简单的GTK /命令行TCP / IP数据包生成器。 |
networking | 联网 | gwcheck | A simple program that checks if a host in an ethernet network is a gateway to Internet. | 一个简单的程序,用于检查以太网网络中的主机是否是Internet的网关。 |
networking | 联网 | haka | A collection of tool that allows capturing TCP/IP packets and filtering them based on Lua policy files. | 一组工具,允许捕获TCP / IP数据包并根据Lua策略文件对其进行过滤。 |
networking | 联网 | hharp | This tool can perform man-in-the-middle and switch flooding attacks. It has 4 major functions, 3 of which attempt to man-in-the-middle one or more computers on a network with a passive method or flood type method. | 该工具可以执行中间人和交换洪水攻击。它有4个主要功能,其中3个尝试使用被动方法或泛洪类型方法在网络中的一个或多个计算机。 |
networking | 联网 | hping | A command-line oriented TCP/IP packet assembler/analyzer. | 面向命令行的TCP / IP数据包汇编器/分析器。 |
networking | 联网 | http-traceroute | This is a python script that uses the Max-Forwards header in HTTP and SIP to perform a traceroute-like scanning functionality. | 这是一个python脚本,它使用HTTP和SIP中的Max-Forwards标头来执行类似traceroute的扫描功能。 |
networking | 联网 | httping | A ping-like tool for http-requests | 用于http请求的类似ping的工具 |
networking | 联网 | hyde | Just another tool in C to do DDoS (with spoofing). | 只是C中的另一个工具来做DDoS(带欺骗)。 |
networking | 联网 | hyenae | flexible platform independent packet generator | 灵活的平*立包发生器 |
networking | 联网 | hyperfox | A security tool for proxying and recording HTTP and HTTPs traffic. | 用于代理和记录HTTP和HTTP流量的安全工具。 |
networking | 联网 | interlace | Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support. | 通过CIDR和glob支持,轻松将单线程命令行应用程序转换为快速的多线程应用程序。 |
networking | 联网 | ipaudit | Monitors network activity on a network. | 监控网络上的网络活动。 |
networking | 联网 | ipdecap | Can decapsulate traffic encapsulated within GRE, IPIP, 6in4, ESP (ipsec) protocols, and can also remove IEEE 802.1Q (virtual lan) header. | 可以解封封在GRE,IPIP,6in4,ESP(ipsec)协议中的流量,还可以删除IEEE 802.1Q(虚拟局域网)报头。 |
networking | 联网 | ipmitool | Command-line interface to IPMI-enabled devices | 启用IPMI的设备的命令行界面 |
networking | 联网 | iputils | Network monitoring tools, including ping | 网络监控工具,包括ping |
networking | 联网 | ipv4bypass | Using IPv6 to Bypass Security. | 使用IPv6绕过安全性。 |
networking | 联网 | jnetmap | A network monitor of sorts | 各种网络监视器 |
networking | 联网 | kickthemout | Kick devices off your network by performing an ARP Spoof attack. | 通过执行ARP欺骗攻击来破坏网络设备。 |
networking | 联网 | latd | A LAT terminal daemon for Linux and BSD. | 适用于Linux和BSD的LAT终端守护程序。 |
networking | 联网 | loic | An open source network stress tool for Windows. | 适用于Windows的开源网络压力工具。 |
networking | 联网 | macchanger | A small utility to change your NIC's MAC address | 一个用于更改NIC的MAC地址的小工具 |
networking | 联网 | maclookup | Lookup MAC addresses in the IEEE MA-L/OUI public listing. | 查找IEEE MA-L / OUI公开列表中的MAC地址。 |
networking | 联网 | maketh | A packet generator that supports forging ARP, IP, TCP, UDP, ICMP and the ethernet header as well. | 一种数据包生成器,支持伪造ARP,IP,TCP,UDP,ICMP和以太网头。 |
networking | 联网 | malcom | Analyze a system's network communication using graphical representations of network traffic. | 使用网络流量的图形表示来分析系统的网络通信。 |
networking | 联网 | massdns | A high-performance DNS stub resolver in C. | C中的高性能DNS存根解析器 |
networking | 联网 | middler | A Man in the Middle tool to demonstrate protocol middling attacks. | 一个Man in the Middle工具,用于演示协议中等攻击。 |
networking | 联网 | moloch | An open source large scale IPv4 full PCAP capturing, indexing and database system. | 一个开源的大型IPv4完整PCAP捕获,索引和数据库系统。 |
networking | 联网 | mptcp | A tool for manipulation of raw packets that allows a large number of options. | 用于处理原始数据包的工具,允许大量选项。 |
networking | 联网 | mptcp-abuse | A collection of tools and resources to explore MPTCP on your network. Initially released at Black Hat USA 2014. | 一系列工具和资源,用于探索网络上的MPTCP。最初于2014年Black Hat USA发布。 |
networking | 联网 | mtr | Combines the functionality of traceroute and ping into one tool (CLI version) | 将traceroute和ping的功能合并到一个工具中(CLI版本) |
networking | 联网 | mylg | Network Diagnostic Tool. | 网络诊断工具。 |
networking | 联网 | nacker | A tool to circumvent 802.1x Network Access Control on a wired LAN. | 一种绕过有线LAN上的802.1x网络访问控制的工具。 |
networking | 联网 | nbtool | Some tools for NetBIOS and DNS investigation, attacks, and communication. | 一些用于NetBIOS和DNS调查,攻击和通信的工具。 |
networking | 联网 | ncpfs | Allows you to mount volumes of NetWare servers under Linux. | 允许您在Linux下安装大量NetWare服务器。 |
networking | 联网 | nemesis | A command-line network packet crafting and injection utility. | 命令行网络数据包制作和注入实用程序。 |
networking | 联网 | netactview | A graphical network connections viewer similar in functionality to netstat. | 一种图形网络连接查看器,其功能与netstat类似。 |
networking | 联网 | netcon | A network connection establishment and management script. | 网络连接建立和管理脚本。 |
networking | 联网 | netmap | Can be used to make a graphical representation of the surounding network. | 可用于制作外围网络的图形表示。 |
networking | 联网 | netreconn | A collection of network scan/recon tools that are relatively small compared to their larger cousins. | 网络扫描/侦察工具的集合,与其较大的同类相比相对较小。 |
networking | 联网 | netsed | Small and handful utility design to alter the contents of packets forwarded thru network in real time. | 小而实用的实用程序设计,可以实时改变通过网络转发的数据包的内容。 |
networking | 联网 | networkmap | Post-exploitation network mapper. | 后期开发网络映射器。 |
networking | 联网 | nextnet | Pivot point discovery tool. | 枢轴点发现工具。 |
networking | 联网 | nfdump | A set of tools to collect and process netflow data. | 一组用于收集和处理netflow数据的工具。 |
networking | 联网 | ngrep | A grep-like utility that allows you to search for network packets on an interface. | 类似grep的实用程序,允许您在接口上搜索网络数据包。 |
networking | 联网 | nield | A tool to receive notifications from kernel through netlink socket, and generate logs related to interfaces, neighbor cache(ARP,NDP), IP address(IPv4,IPv6), routing, FIB rules, traffic control. | 一种工具,通过netlink套接字从内核接收通知,并生成与接口,邻居缓存(ARP,NDP),IP地址(IPv4,IPv6),路由,FIB规则,流量控制相关的日志。 |
networking | 联网 | nipper | Network Infrastructure Parser | 网络基础设施解析器 |
networking | 联网 | nsdtool | A netgear switch discovery tool. It contains some extra features like bruteoforce and setting a new password. | netgear交换机发现工具。它包含一些额外的功能,如bruteoforce和设置新密码。 |
networking | 联网 | nsoq | A Network Security Tool for packet manipulation that allows a large number of options. | 用于数据包操作的网络安全工具,允许大量选项。 |
networking | 联网 | packet-o-matic | A real time packet processor. Reads the packet from an input module, match the packet using rules and connection tracking information and then send it to a target module. | 实时数据包处理器。从输入模块读取数据包,使用规则和连接跟踪信息匹配数据包,然后将其发送到目标模块。 |
networking | 联网 | packeth | A Linux GUI packet generator tool for ethernet. | 用于以太网的Linux GUI数据包生成器工具。 |
networking | 联网 | packetq | A tool that provides a basic SQL-frontend to PCAP-files. | 一种为PCAP文件提供基本SQL前端的工具。 |
networking | 联网 | packetsender | An open source utility to allow sending and receiving TCP and UDP packets. | 允许发送和接收TCP和UDP数据包的开源实用程序。 |
networking | 联网 | packit | A network auditing tool. Its value is derived from its ability to customize, inject, monitor, and manipulate IP traffic. | 网络审计工具。它的价值来自于它定制,注入,监控和操纵IP流量的能力。 |
networking | 联网 | pcapfex | Packet CAPture Forensic Evidence eXtractor. | Packet CAPture法证证据eXtractor。 |
networking | 联网 | pcapfix | Tries to repair your broken pcap and pcapng files. | 尝试修复损坏的pcap和pcapng文件。 |
networking | 联网 | pkt2flow | A simple utility to classify packets into flows. | 一种将数据包分类为流的简单实用程序。 |
networking | 联网 | pmacct | Small set of multi-purpose passive network monitoring tools [NetFlow IPFIX sFlow libpcap BGP BMP IGP Streaming Telemetry]. | 小型多用途被动网络监控工具[NetFlow IPFIX sFlow libpcap BGP BMP IGP Streaming Telemetry]。 |
networking | 联网 | prometheus-firewall | A Firewall analyzer written in ruby | 用ruby编写的防火墙分析器 |
networking | 联网 | pwnat | A tool that allows any number of clients behind NATs to communicate with a server behind a separate NAT with *no* port forwarding and *no* DMZ setup on any routers in order to directly communicate with each other. | 允许NAT后面的任意数量的客户端与单独的NAT后面的服务器通信的工具,在任何路由器上都有* no *端口转发和* no * DMZ设置,以便直接相互通信。 |
networking | 联网 | pyersinia | Network attack tool like yersinia but written in Python. | 网络攻击工具,如yersinia,但用Python编写。 |
networking | 联网 | pyexfil | A couple of beta stage tools for data exfiltration. | 一些用于数据泄露的beta阶段工具。 |
networking | 联网 | pyminifakedns | Minimal DNS server written in Python; it always replies with a 127.0.0.1 A-record. | 用Python编写的最小DNS服务器; 它总是回复127.0.0.1 A记录。 |
networking | 联网 | python-python-cymruwhois | Python client for the whois.cymru.com service | whois.cymru.com服务的Python客户端 |
networking | 联网 | rinetd | internet redirection server | 互联网重定向服务器 |
networking | 联网 | rtpbreak | Detects, reconstructs and analyzes any RTP session | 检测,重建和分析任何RTP会话 |
networking | 联网 | samplicator | Send copies of (UDP) datagrams to multiple receivers, with optional sampling and spoofing. | 将(UDP)数据报的副本发送到多个接收器,可选择采样和欺骗。 |
networking | 联网 | scapy | Powerful interactive packet manipulation program written in Python (tools) | 用Python编写的强大的交互式数据包操作程序(工具) |
networking | 联网 | sdn-toolkit | Discover, Identify, and Manipulate SDN-Based Networks | 发现,识别和操纵基于SDN的网络 |
networking | 联网 | sessionlist | Sniffer that intents to sniff HTTP packets and attempts to reconstruct interesting authentication data from websites that do not employ proper secure cookie auth. | 试图嗅探HTTP数据包并试图从未使用适当的安全cookie身份验证的网站重建有趣的身份验证数据的嗅探器。 |
networking | 联网 | seth | Perform a MitM attack and extract clear text credentials from RDP connections. | 执行MitM攻击并从RDP连接中提取明文凭据。 |
networking | 联网 | silk | A collection of traffic analysis tools developed by the CERT NetSA to facilitate security analysis of large networks. | 由CERT NetSA开发的一组流量分析工具,用于促进大型网络的安全分析。 |
networking | 联网 | sniffer | Packet Trace Parser for TCP, SMTP Emails, and HTTP Cookies. | 用于TCP,SMTP电子邮件和HTTP Cookie的数据包跟踪分析器。 |
networking | 联网 | sniffles | A Packet Capture Generator for IDS and Regular Expression Evaluation. | 用于IDS和正则表达式评估的数据包捕获生成器。 |
networking | 联网 | snmpattack | SNMP scanner and attacking tool. | SNMP扫描程序和攻击工具。 |
networking | 联网 | snmpcheck | A free open source utility to get information via SNMP protocols. | 一个免费的开源实用程序,通过SNMP协议获取信息。 |
networking | 联网 | socat | Multipurpose relay | 多用途继电器 |
networking | 联网 | sockstat | A tool to let you view information about open connections. It is similar to the tool of the same name that is included in FreeBSD, trying to faithfully reproduce as much functionality as is possible. | 一种工具,可让您查看有关打开的连接的信息。它类似于FreeBSD中包含的同名工具,试图忠实地再现尽可能多的功能。 |
networking | 联网 | spiped | A utility for creating symmetrically encrypted and authenticated pipes between socket addresses. | 用于在套接字地址之间创建对称加密和验证管道的实用程序。 |
networking | 联网 | sps | A Linux packet crafting tool. Supports IPv4, IPv6 including extension headers, and tunneling IPv6 over IPv4. | Linux数据包制作工具。支持IPv4,IPv6,包括扩展头,以及通过IPv4隧道传输IPv6。 |
networking | 联网 | sslh | SSL/SSH/OpenVPN/XMPP/tinc port multiplexer | SSL / SSH / OpenVPN / XMPP / tinc端口多路复用器 |
networking | 联网 | stunnel | A program that allows you to encrypt arbitrary TCP connections inside SSL | 一个程序,允许您加密SSL内的任意TCP连接 |
networking | 联网 | swaks | Swiss Army Knife SMTP; Command line SMTP testing, including TLS and AUTH | 瑞士军刀SMTP; 命令行SMTP测试,包括TLS和AUTH |
networking | 联网 | tcpcopy | A TCP stream replay tool to support real testing of Internet server applications. | TCP流重放工具,支持Internet服务器应用程序的实际测试。 |
networking | 联网 | tcpdstat | Get protocol statistics from tcpdump pcap files. | 从tcpdump pcap文件中获取协议统计信息。 |
networking | 联网 | tcpdump | Powerful command-line packet analyzer | 强大的命令行数据包分析器 |
networking | 联网 | tcpextract | Extracts files from captured TCP sessions. Support live streams and pcap files. | 从捕获的TCP会话中提取文件。支持实时流和pcap文件。 |
networking | 联网 | tcpflow | Captures data transmitted as part of TCP connections then stores the data conveniently | 捕获作为TCP连接的一部分传输的数据,然后方便地存储数据 |
networking | 联网 | tcpreplay | Gives the ability to replay previously captured traffic in a libpcap format | 能够以libpcap格式重放以前捕获的流量 |
networking | 联网 | tcptrace | A TCP dump file analysis tool | TCP转储文件分析工具 |
networking | 联网 | tcptraceroute | A traceroute implementation using TCP packets. | 使用TCP数据包的traceroute实现。 |
networking | 联网 | tcpwatch | A utility written in Python that lets you monitor forwarded TCP connections or HTTP proxy connections. | 用Python编写的实用程序,可用于监视转发的TCP连接或HTTP代理连接。 |
networking | 联网 | tgcd | TCP/IP Gender Changer Daemon utility. | TCP / IP性别转换器守护程序实用程序。 |
networking | 联网 | thc-ipv6 | Complete tool set to attack the inherent protocol weaknesses of IPv6 and ICMP6 | 完整的工具集可以攻击IPv6和ICMP6的固有协议弱点 |
networking | 联网 | tinc | VPN (Virtual Private Network) daemon | VPN(虚拟专用网络)守护程序 |
networking | 联网 | tunna | a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments. | 一组工具,它们将通过HTTP包装和隧道任何TCP通信。它可用于在完全防火墙环境中绕过网络限制。 |
networking | 联网 | udpastcp | This program hides UDP traffic as TCP traffic in order to bypass certain firewalls. | 此程序将UDP流量隐藏为TCP流量,以绕过某些防火墙。 |
networking | 联网 | udptunnel | Tunnels TCP over UDP packets. | 隧道TCP over UDP数据包。 |
networking | 联网 | umit | A powerful nmap frontend. | 一个强大的nmap前端。 |
networking | 联网 | uw-offish | Clear-text protocol simulator. | 明文协议模拟器。 |
networking | 联网 | websockify | WebSocket to TCP proxy/bridge. | WebSocket到TCP代理/桥接。 |
networking | 联网 | xerosploit | Efficient and advanced man in the middle framework. | 中间框架中的高效和先进的人。 |
networking | 联网 | yaf | Yet Another Flowmeter. | 还有另一台流量计。 |
networking | 联网 | yersinia | A network tool designed to take advantage of some weakness in different network protocols. | 一种网络工具,旨在利用不同网络协议中的一些弱点。 |
networking | 联网 | zackattack | A new tool set to do NTLM Authentication relaying unlike any other tool currently out there. | 一个新的工具集,用于执行NTLM身份验证中继,与当前其他工具不同。 |
networking | 联网 | zssh | SSH and Telnet client with ZMODEM file transfer capability | 具有ZMODEM文件传输功能的SSH和Telnet客户端 |
nfc | NFC | nfcutils | Provides a simple 'lsnfc' command that list tags which are in your NFC device field | 提供简单的'lsnfc'命令,列出NFC设备字段中的标签 |
packer | 打包机 | sherlocked | Universal script packer-- transforms any type of script into a protected ELF executable, encrypted with anti-debugging. | 通用脚本打包器 - 将任何类型的脚本转换为受保护的ELF可执行文件,并使用反调试进行加密。 |
proxy | 代理 | 3proxy | Tiny free proxy server. | 微小的免费代理服务器。 |
proxy | 代理 | bdfproxy | Patch Binaries via MITM: BackdoorFactory + mitmProxy | 通过MITM修补二进制文件:BackdoorFactory + mitmProxy |
proxy | 代理 | binproxy | A proxy for arbitrary TCP connections. | 任意TCP连接的代理。 |
proxy | 代理 | cntlm | An NTLM, NTLM2SR, and NTLMv2 authenticating HTTP proxy. | 验证HTTP代理的NTLM,NTLM2SR和NTLMv2。 |
proxy | 代理 | dns-reverse-proxy | A reverse DNS proxy written in Go. | 用Go编写的反向DNS代理。 |
proxy | 代理 | dnschef | A highly configurable DNS proxy for pentesters. | 用于测试者的高度可配置的DNS代理。 |
proxy | 代理 | elite-proxy-finder | Finds public elite anonymity proxies and concurrently tests them. | 找到公共精英匿名代理并同时测试它们。 |
proxy | 代理 | fakedns | A regular-expression based python MITM DNS server with correct DNS request passthrough and "Not Found" responses. | 基于正则表达式的python MITM DNS服务器,具有正确的DNS请求直通和“未找到”响应。 |
proxy | 代理 | mitm-relay | Hackish way to intercept and modify non-HTTP protocols through Burp & others. | Hackish通过Burp和其他人拦截和修改非HTTP协议的方式。 |
proxy | 代理 | mitmproxy | SSL-capable man-in-the-middle HTTP proxy | 具有SSL功能的中间人HTTP代理 |
proxy | 代理 | obfs4proxy | A pluggable transport proxy written in Go. | 用Go编写的可插拔传输代理。 |
proxy | 代理 | obfsproxy | A pluggable transport proxy written in Python | 用Python编写的可插拔传输代理 |
proxy | 代理 | pr0cks | python script setting up a transparent proxy to forward all TCP and DNS traffic through a SOCKS / SOCKS5 or HTTP(CONNECT) proxy using iptables -j REDIRECT target. | python脚本设置透明代理,使用iptables -j REDIRECT目标通过SOCKS / SOCKS5或HTTP(CONNECT)代理转发所有TCP和DNS流量。 |
proxy | 代理 | proxychains-ng | A hook preloader that allows to redirect TCP traffic of existing dynamically linked programs through one or more SOCKS or HTTP proxies | 钩子预加载器,允许通过一个或多个SOCKS或HTTP代理重定向现有动态链接程序的TCP流量 |
proxy | 代理 | proxyp | Small multithreaded Perl script written to enumerate latency, port numbers, server names, & geolocations of proxy IP addresses. | 编写的小型多线程Perl脚本,用于枚举代理IP地址的延迟,端口号,服务器名称和地理位置。 |
proxy | 代理 | redsocks | Transparent redirector of any TCP connection to proxy. | 代理的任何TCP连接的透明重定向器。 |
proxy | 代理 | rpivot | Socks4 reverse proxy for penetration testing. | Socks4反向代理进行渗透测试。 |
proxy | 代理 | sergio-proxy | A multi-threaded transparent HTTP proxy for manipulating web traffic | 用于处理Web流量的多线程透明HTTP代理 |
proxy | 代理 | soapui | The Swiss-Army Knife for SOAP Testing. | 用于SOAP测试的瑞士军刀。 |
proxy | 代理 | sshuttle | Transparent proxy server that forwards all TCP packets over ssh | 透明代理服务器,通过ssh转发所有TCP数据包 |
proxy | 代理 | ssrf-proxy | Facilitates tunneling HTTP communications through servers vulnerable to Server-Side Request Forgery. | 通过易受服务器端请求伪造攻击的服务器促进HTTP通信的隧道传输。 |
proxy | 代理 | starttls-mitm | A mitm proxy that will transparently proxy and dump both plaintext and TLS traffic. | 一个mitm代理,它将透明地代理和转储明文和TLS流量。 |
proxy | 代理 | striptls | Proxy PoC implementation of STARTTLS stripping attacks. | 代理PoC实施STARTTLS剥离攻击。 |
proxy | 代理 | tftp-proxy | This tool accepts connection on tftp and reloads requested content from an upstream tftp server. Meanwhile modifications to the content can be done by pluggable modules. So this one's nice if your mitm with some embedded devices. | 此工具接受tftp上的连接,并从上游tftp服务器重新加载请求的内容。同时,可以通过可插拔模块对内容进行修改。所以,如果你的装备有一些嵌入式设备,这个很好。 |
proxy | 代理 | tinyproxy | A light-weight HTTP proxy daemon for POSIX operating systems. | 用于POSIX操作系统的轻量级HTTP代理守护程序。 |
proxy | 代理 | tor | Anonymizing overlay network. | 匿名覆盖网络。 |
proxy | 代理 | torsocks | Wrapper to safely torify applications | 包装,以安全地扭曲应用程序 |
proxy | 代理 | webfixy | On-the-fly decryption proxy for MikroTik RouterOS WebFig sessions. | 用于MikroTik RouterOS WebFig会话的动态解密代理。 |
radio | 无线电 | gpredict | A real-time satellite tracking and orbit prediction application. | 实时卫星跟踪和轨道预测应用程序。 |
radio | 无线电 | gps-sdr-sim | Software-Defined GPS Signal Simulator. | 软件定义的GPS信号模拟器。 |
radio | 无线电 | gr-air-modes | Gnuradio tools for receiving Mode S transponder signals, including ADS-B. | 用于接收模式S转发器信号的Gnuradio工具,包括ADS-B。 |
radio | 无线电 | gr-gsm | Gnuradio blocks and tools for receiving GSM transmissions | Gnuradio阻止和接收GSM传输的工具 |
radio | 无线电 | gr-paint | An OFDM Spectrum Painter for GNU Radio. | 用于GNU无线电的OFDM频谱画家。 |
radio | 无线电 | hackrf | Driver for HackRF, allowing general purpose software defined radio (SDR). | HackRF的驱动程序,允许通用软件定义无线电(SDR)。 |
radio | 无线电 | libosmocore | Collection of common code used in various sub-projects inside the Osmocom family of projects. | Osmocom系列项目中各种子项目中使用的公共代码的集合。 |
radio | 无线电 | multimon-ng | An sdr decoder, supports pocsag, ufsk, clipfsk, afsk, hapn, fsk, dtmf, zvei. | 解码器,pocsag支持,ufsk,clipfsk,afsk,hapn,fsk,dtmf,zvei。 |
radio | 无线电 | proxmark | A powerful general purpose RFID tool, the size of a deck of cards, designed to snoop, listen and emulate everything from Low Frequency (125kHz) to High Frequency (13.56MHz) tags. | 功能强大的通用RFID工具,一副卡片的大小,旨在窥探,收听和模拟从低频(125kHz)到高频(13.56MHz)标签的所有内容。 |
radio | 无线电 | rtlamr | An rtl-sdr receiver for smart meters operating in the 900MHz ISM band. | 用于智能电表的rtl-sdr接收器,工作在900MHz ISM频段。 |
radio | 无线电 | simtrace2 | Host utilities to communicate with SIMtrace2 USB Devices. | 主机实用程序与SIMtrace2 USB设备通信。 |
radio | 无线电 | urh | Universal Radio Hacker: investigate wireless protocols like a boss | Universal Radio Hacker:像老板一样研究无线协议 |
radio | 无线电 | yate-bts | An open source GSM Base Station software. | 一个开源的GSM基站软件。 |
recon | 侦察 | ad-ldap-enum | An LDAP based Active Directory user and group enumeration tool. | 基于LDAP的Active Directory用户和组枚举工具。 |
recon | 侦察 | altdns | Generates permutations, alterations and mutations of subdomains and then resolves them. | 生成子域的排列,更改和突变,然后解析它们。 |
recon | 侦察 | api-dnsdumpster | Unofficial Python API for http://dnsdumpster.com/. | 适用于http://dnsdumpster.com/的非官方Python API。 |
recon | 侦察 | aquatone | A Tool for Domain Flyovers. | 域名天桥的工具。 |
recon | 侦察 | autosint | Tool to automate common osint tasks. | 用于自动执行常见osint任务的工具。 |
recon | 侦察 | aws-inventory | Discover resources created in an AWS account. | 发现在AWS账户中创建的资源。 |
recon | 侦察 | aztarna | A footprinting tool for ROS and SROS systems. | ROS和SROS系统的足迹工具。 |
recon | 侦察 | badkarma | Advanced network reconnaissance toolkit. | 先进的网络侦察工具包。 |
recon | 侦察 | basedomainname | Tool that can extract TLD (Top Level Domain), domain extensions (Second Level Domain + TLD), domain name, and hostname from fully qualified domain names. | 可以从完全限定的域名中提取TLD(*域),域扩展(二级域+ TLD),域名和主机名的工具。 |
recon | 侦察 | bfac | An automated tool that checks for backup artifacts that may disclose the web-application's source code. | 一种自动化工具,用于检查可能泄露Web应用程序源代码的备份工件。 |
recon | 侦察 | billcipher | Information Gathering tool for a Website or IP address. | 用于网站或IP地址的信息收集工具。 |
recon | 侦察 | bing-ip2hosts | Enumerates all hostnames which Bing has indexed for a specific IP address. | 枚举Bing已为特定IP地址编制索引的所有主机名。 |
recon | 侦察 | bloodhound | Six Degrees of Domain Admin | 六度域名管理员 |
recon | 侦察 | catnthecanary | An application to query the canary.pw data set for leaked data. | 用于查询canary.pw数据集以泄漏数据的应用程序。 |
recon | 侦察 | certgraph | Crawl the graph of certificate Alternate Names. | 抓取证书替代名称的图表。 |
recon | 侦察 | cloudfail | Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network. | 利用配置错误的DNS和旧数据库记录来查找CloudFlare网络背后的隐藏IP。 |
recon | 侦察 | cr3dov3r | Search for public leaks for email addresses + check creds against 16 websites. | 搜索电子邮件地址的公共泄密+检查16个网站的信誉。 |
recon | 侦察 | cutycapt | A Qt and WebKit based command-line utility that captures WebKit's rendering of a web page. | 基于Qt和WebKit的命令行实用程序,用于捕获WebKit对网页的呈现。 |
recon | 侦察 | datasploit | Performs automated OSINT and more. | 执行自动OSINT等。 |
recon | 侦察 | dga-detection | DGA Domain Detection using Bigram Frequency Analysis. | 使用Bigram频率分析的DGA域检测。 |
recon | 侦察 | dns-parallel-prober | PoC for an adaptive parallelised DNS prober. | 适用于自适应并行DNS探测器的PoC。 |
recon | 侦察 | dnsbrute | Multi-theaded DNS bruteforcing, average speed 80 lookups/second with 40 threads. | 多线程DNS强制执行,平均速度80次查找/秒,40个线程。 |
recon | 侦察 | dnsenum | Script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack, and then performs reverse look-ups on the results. | 从域中枚举DNS信息,尝试区域传输,执行暴力字典样式攻击,然后对结果执行反向查找的脚本。 |
recon | 侦察 | dnsgrep | A utility for quickly searching presorted DNS names. | 用于快速搜索预分类DNS名称的实用程序。 |
recon | 侦察 | dnsrecon | Python script for enumeration of hosts, subdomains and emails from a given domain using google. | Python脚本,用于使用谷歌枚举来自给定域的主机,子域和电子邮件。 |
recon | 侦察 | dnssearch | A subdomain enumeration tool. | 子域枚举工具。 |
recon | 侦察 | dnsspider | A very fast multithreaded bruteforcer of subdomains that leverages a wordlist and/or character permutation. | 一个非常快速的多线程子域的bruteforcer,利用词表和/或字符排列。 |
recon | 侦察 | dnstracer | Determines where a given DNS server gets its information from, and follows the chain of DNS servers | 确定给定DNS服务器从哪里获取其信息,并遵循DNS服务器链 |
recon | 侦察 | dnswalk | A DNS debugger. | DNS调试器。 |
recon | 侦察 | domain-analyzer | Finds all the security information for a given domain name. | 查找给定域名的所有安全信息。 |
recon | 侦察 | domain-stats | A web API to deliver domain information from whois and alexa. | 用于从whois和alexa提供域信息的Web API。 |
recon | 侦察 | dradis | An open source framework to enable effective information sharing. | 一个开源框架,可实现有效的信息共享。 |
recon | 侦察 | dradis-ce | An open source framework to enable effective information sharing. | 一个开源框架,可实现有效的信息共享。 |
recon | 侦察 | enum4linux | A tool for enumerating information from Windows and Samba systems. | 用于枚举Windows和Samba系统信息的工具。 |
recon | 侦察 | enumerid | Enumerate RIDs using pure Python. | 使用纯Python枚举RID。 |
recon | 侦察 | exitmap | A fast and modular scanner for Tor exit relays. | 用于Tor出口继电器的快速模块化扫描仪。 |
recon | 侦察 | facebot | A facebook profile and reconnaissance system. | Facebook个人资料和侦察系统。 |
recon | 侦察 | fbid | Show info about the author by facebook photo url. | 通过facebook photo url显示作者信息。 |
recon | 侦察 | flashlight | Automated Information Gathering Tool for Penetration Testers. | 渗透测试仪的自动信息收集工具。 |
recon | 侦察 | forager | Multithreaded threat Intelligence gathering utilizing. | 多线程威胁情报收集利用。 |
recon | 侦察 | gasmask | All in one Information gathering tool - OSINT. | 一体化信息收集工具 - OSINT。 |
recon | 侦察 | gatecrasher | Network auditing and analysis tool developed in Python. | 用Python开发的网络审计和分析工具。 |
recon | 侦察 | geoedge | This little tools is designed to get geolocalization information of a host, it get the information from two sources (maxmind and geoiptool). | 这个小工具旨在获取主机的地理定位信息,它从两个来源(maxmind和geoiptool)获取信息。 |
recon | 侦察 | gitem | A Github organization reconnaissance tool. | Github组织侦察工具。 |
recon | 侦察 | githack | A `.git` folder disclosure exploit. | 一个`.git`文件夹披露漏洞利用。 |
recon | 侦察 | gitleaks | Audit Git repos for secrets and keys. | 审核Git回收秘密和密钥。 |
recon | 侦察 | gitmails | An information gathering tool to collect git commit emails in version control host services. | 一种信息收集工具,用于在版本控制主机服务中收集git提交电子邮件。 |
recon | 侦察 | gitminer | Tool for advanced mining for content on Github. | Github上内容的高级挖掘工具。 |
recon | 侦察 | goddi | Dumps Active Directory domain information. | 转储Active Directory域信息。 |
recon | 侦察 | goodork | A python script designed to allow you to leverage the power of google dorking straight from the comfort of your command line. | 一个python脚本,旨在让您从舒适的命令行直接利用谷歌dorking的力量。 |
recon | 侦察 | goofile | Command line filetype search | 命令行文件类型搜索 |
recon | 侦察 | goog-mail | Enumerate domain emails from google. | 枚举来自谷歌的域电子邮件。 |
recon | 侦察 | googlesub | A python script to find domains by using google dorks. | 一个python脚本,使用谷歌dorks查找域名。 |
recon | 侦察 | goohak | Automatically Launch Google Hacking Queries Against A Target Domain. | 针对目标域自动启动Google Hacking查询。 |
recon | 侦察 | gosint | OSINT framework in Go. | Go中的OSINT框架。 |
recon | 侦察 | grabing | Counts all the hostnames for an IP adress | 计算IP地址的所有主机名 |
recon | 侦察 | gwtenum | Enumeration of GWT-RCP method calls. | GWT-RCP方法调用的枚举。 |
recon | 侦察 | h8mail | Email OSINT and password breach hunting. | 通过电子邮件发送OSINT和密码破解程序。 |
recon | 侦察 | halcyon | A repository crawler that runs checksums for static files found within a given git repository. | 一个存储库爬网程序,它运行在给定git存储库中找到的静态文件的校验和。 |
recon | 侦察 | hasere | Discover the vhosts using google and bing. | 使用谷歌和bing发现虚拟主机。 |
recon | 侦察 | hatcloud | Bypass CloudFlare with Ruby. | 用Ruby绕过CloudFlare。 |
recon | 侦察 | hoper | Trace URL's jumps across the rel links to obtain the last URL. | 跟踪URL跳过rel链接以获取最后一个URL。 |
recon | 侦察 | hosthunter | A recon tool for discovering hostnames using OSINT techniques. | 用于使用OSINT技术发现主机名的侦察工具。 |
recon | 侦察 | howmanypeoplearearound | Count the number of people around you by monitoring wifi signals. | 通过监控wifi信号来计算您周围的人数。 |
recon | 侦察 | id-entify | Search for information related to a domain: Emails - IP addresses - Domains - Information on WEB technology - Type of Firewall - NS and MX records. | 搜索与域相关的信息:电子邮件 - IP地址 - 域 - 有关WEB技术的信息 - 防火墙类型 - NS和MX记录。 |
recon | 侦察 | idswakeup | A collection of tools that allows to test network intrusion detection systems. | 一组允许测试网络入侵检测系统的工具。 |
recon | 侦察 | infoga | Tool for gathering e-mail accounts information from different public sources (search engines, pgp key servers). | 用于从不同公共来源(搜索引擎,pgp密钥服务器)收集电子邮件帐户信息的工具。 |
recon | 侦察 | inquisitor | OSINT Gathering Tool for Companies and Organizations. | OSINT为公司和组织收集工具。 |
recon | 侦察 | intrace | Traceroute-like application piggybacking on existing TCP connections | 类似Traceroute的应用程序搭载现有的TCP连接 |
recon | 侦察 | ip-tracer | Track and retrieve any ip address information. | 跟踪和检索任何IP地址信息。 |
recon | 侦察 | ip2clue | A small memory/CPU footprint daemon to lookup country (and other info) based on IP (v4 and v6). | 一个小内存/ CPU占用守护程序,用于根据IP(v4和v6)查找国家(和其他信息)。 |
recon | 侦察 | iptodomain | This tool extract domains from IP address based in the information saved in virustotal. | 此工具根据保存在virustotal中的信息从IP地址中提取域。 |
recon | 侦察 | ircsnapshot | Tool to gather information from IRC servers. | 从IRC服务器收集信息的工具。 |
recon | 侦察 | isr-form | Simple html parsing tool that extracts all form related information and generates reports of the data. Allows for quick analyzing of data. | 简单的html解析工具,可提取所有与表单相关的信息并生成数据报告。允许快速分析数据。 |
recon | 侦察 | ivre | Network recon framework | 网络侦察框架 |
recon | 侦察 | ivre-docs | Network recon framework (documentation) | 网络侦察框架(文档) |
recon | 侦察 | ivre-web | Network recon framework (web application) | 网络侦察框架(网络应用程序) |
recon | 侦察 | kacak | Tools for penetration testers that can enumerate which users logged on windows system. | 用于渗透测试人员的工具,可以枚举哪些用户登录Windows系统。 |
recon | 侦察 | lanmap2 | Passive network mapping tool. | 被动网络映射工具。 |
recon | 侦察 | lbd | Load Balancing detector | 负载平衡检测器 |
recon | 侦察 | ldapenum | Enumerate domain controllers using LDAP. | 使用LDAP枚举域控制器。 |
recon | 侦察 | ldeep | In-depth ldap enumeration utility. | 深入的ldap枚举实用程序。 |
recon | 侦察 | lft | A layer four traceroute implementing numerous other features. | 第四层traceroute实现了许多其他功能。 |
recon | 侦察 | lhf | A modular recon tool for pentesting. | 用于测试的模块化侦察工具。 |
recon | 侦察 | linux-exploit-suggester | A Perl script that tries to suggest exploits based OS version number. | 一个Perl脚本,试图根据操作系统版本号建议漏洞。 |
recon | 侦察 | linux-exploit-suggester.sh | Linux privilege escalation auditing tool. | Linux权限升级审核工具。 |
recon | 侦察 | littlebrother | OSINT tool to get informations on French, Belgian and Swizerland people. | OSINT工具,用于获取法国,比利时和瑞士人的信息。 |
recon | 侦察 | loot | Sensitive information extraction tool. | 敏感信息提取工具。 |
recon | 侦察 | machinae | A tool for collecting intelligence from public sites/feeds about various security-related pieces of data. | 用于从公共站点/提要中收集有关各种与安全相关的数据的情报的工具。 |
recon | 侦察 | mail-crawl | Tool to harvest emails from website. | 从网站收集电子邮件的工具。 |
recon | 侦察 | massbleed | SSL Vulnerability Scanner. | SSL漏洞扫描程序。 |
recon | 侦察 | mdns-recon | An mDNS recon tool written in Python. | 用Python编写的mDNS recon工具。 |
recon | 侦察 | metagoofil | An information gathering tool designed for extracting metadata of public documents. | 一种信息收集工具,用于提取公共文档的元数据。 |
recon | 侦察 | missidentify | A program to find Win32 applications. | 一个查找Win32应用程序的程序。 |
recon | 侦察 | monocle | A local network host discovery tool. In passive mode, it will listen for ARP request and reply packets. In active mode, it will send ARP requests to the specific IP range. The results are a list of IP and MAC addresses present on the local network. | 本地网络主机发现工具。在被动模式下,它将侦听ARP请求并回复数据包。在活动模式下,它会将ARP请求发送到特定的IP范围。结果是本地网络上存在的IP和MAC地址列表。 |
recon | 侦察 | nasnum | Script to enumerate network attached storages. | 用于枚举网络附加存储的脚本。 |
recon | 侦察 | necromant | Python Script that search unused Virtual Hosts in Web Servers. | 搜索Web服务器中未使用的虚拟主机的Python脚本。 |
recon | 侦察 | neglected | Facebook CDN Photo Resolver. | Facebook CDN Photo Resolver。 |
recon | 侦察 | netdiscover | An active/passive address reconnaissance tool, mainly developed for those wireless networks without dhcp server, when you are wardriving. It can be also used on hub/switched networks. | 主动/被动地址侦察工具,主要是为那些没有dhcp服务器的无线网络开发的。它也可以用在集线器/交换网络上。 |
recon | 侦察 | netkit-bsd-finger | BSD-finger ported to Linux. | BSD-finger移植到Linux。 |
recon | 侦察 | netmask | Helps determine network masks | 帮助确定网络掩码 |
recon | 侦察 | nohidy | The system admins best friend, multi platform auditing tool. | 系统管理最好的朋友,多平台审计工具。 |
recon | 侦察 | nsec3walker | Enumerates domain names using DNSSEC | 使用DNSSEC枚举域名 |
recon | 侦察 | ntp-ip-enum | Script to pull addresses from a NTP server using the monlist command. Can also output Maltego resultset. | 使用monlist命令从NTP服务器提取地址的脚本。也可以输出Maltego结果集。 |
recon | 侦察 | nullinux | Tool that can be used to enumerate OS information, domain information, shares, directories, and users through SMB null sessions. | 可用于通过SMB空会话枚举OS信息,域信息,共享,目录和用户的工具。 |
recon | 侦察 | omnibus | OSINT tool for intelligence collection, research and artifact management. | OSINT工具,用于情报收集,研究和工件管理。 |
recon | 侦察 | onioff | An onion url inspector for inspecting deep web links. | 用于检查深层网络链接的洋葱网页检查员。 |
recon | 侦察 | osint-spy | Performs OSINT scan on email/domain/ip_address/organization. | 在email / domain / ip_address / organization上执行OSINT扫描。 |
recon | 侦察 | osinterator | Open Source Toolkit for Open Source Intelligence Gathering. | 用于开源智能收集的开源工具包。 |
recon | 侦察 | osrframework | A project focused on providing API and tools to perform more accurate online researches. | 一个项目专注于提供API和工具,以执行更准确的在线研究。 |
recon | 侦察 | parsero | A robots.txt audit tool. | robots.txt审核工具。 |
recon | 侦察 | pmapper | A tool for quickly evaluating IAM permissions in AWS. | 用于在AWS中快速评估IAM权限的工具。 |
recon | 侦察 | punter | Hunt domain names using DNSDumpster, WHOIS, Reverse WHOIS, Shodan, Crimeflare. | 使用DNSDumpster,WHOIS,反向WHOIS,Shodan,Crimeflare寻找域名。 |
recon | 侦察 | pwned | A command-line tool for querying the 'Have I been pwned?' service. | 一个命令行工具,用于查询“我已经被淹没了吗?” 服务。 |
recon | 侦察 | pwnedornot | Tool to find passwords for compromised email addresses. | 用于查找受感染电子邮件地址的密码的工具。 |
recon | 侦察 | pymeta | Auto Scanning to SSL Vulnerability. | 自动扫描到SSL漏洞。 |
recon | 侦察 | python-ivre | Network recon framework (library) | 网络侦察框架(图书馆) |
recon | 侦察 | python-shodan | Python library and command-line utility for Shodan (https://developer.shodan.io). | Shodan的Python库和命令行实用程序(https://developer.shodan.io)。 |
recon | 侦察 | python2-ivre | Network recon framework (library) | 网络侦察框架(图书馆) |
recon | 侦察 | python2-shodan | Python library and command-line utility for Shodan (https://developer.shodan.io). | Shodan的Python库和命令行实用程序(https://developer.shodan.io)。 |
recon | 侦察 | quickrecon | A python script for simple information gathering. It attempts to find subdomain names, perform zone transfers and gathers emails from Google and Bing. | 用于简单信息收集的python脚本。它会尝试查找子域名,执行区域传输以及收集来自Google和Bing的电子邮件。 |
recon | 侦察 | raccoon | A high performance offensive security tool for reconnaissance and vulnerability scanning. | 一种用于侦察和漏洞扫描的高性能攻击性安全工具。 |
recon | 侦察 | recon-ng | A full-featured Web Reconnaissance framework written in Python. | 用Python编写的全功能Web侦察框架。 |
recon | 侦察 | reconnoitre | A security tool for multithreaded information gathering and service enumeration. | 用于多线程信息收集和服务枚举的安全工具。 |
recon | 侦察 | reconscan | Network reconnaissance and vulnerability assessment tools. | 网络侦察和漏洞评估工具。 |
recon | 侦察 | recsech | Tool for doing Footprinting and Reconnaissance on the target web. | 在目标网站上进行足迹和侦察的工具。 |
recon | 侦察 | red-hawk | All in one tool for Information Gathering, Vulnerability Scanning and Crawling. | 所有功能于一身的信息收集,漏洞扫描和抓取工具。 |
recon | 侦察 | reverseip | Ruby based reverse IP-lookup tool. | 基于Ruby的反向IP查找工具。 |
recon | 侦察 | revipd | A simple reverse IP domain scanner. | 一个简单的反向IP域扫描器。 |
recon | 侦察 | ripdc | A script which maps domains related to an given ip address or domainname. | 映射与给定IP地址或域名相关的域的脚本。 |
recon | 侦察 | sctpscan | A network scanner for discovery and security. | 用于发现和安全的网络扫描程序。 |
recon | 侦察 | server-status-pwn | A script that monitors and extracts requested URLs and clients connected to the service by exploiting publicly accessible Apache server-status instances. | 通过利用可公开访问的Apache服务器状态实例来监视和提取连接到服务的请求URL和客户端的脚本。 |
recon | 侦察 | shard | A command line tool to detect shared passwords. | 用于检测共享密码的命令行工具。 |
recon | 侦察 | shodan | Python library and command-line utility for Shodan (https://developer.shodan.io). | Shodan的Python库和命令行实用程序(https://developer.shodan.io)。 |
recon | 侦察 | shodanhat | Search for hosts info with shodan. | 使用shodan搜索主机信息。 |
recon | 侦察 | simplyemail | Email recon made fast and easy, with a framework to build on CyberSyndicates | 通过在CyberSyndicates上构建的框架,可以快速轻松地进行电子邮件侦察 |
recon | 侦察 | sipi | Simple IP Information Tools for Reputation Data Analysis. | 用于声誉数据分析的简单IP信息工具。 |
recon | 侦察 | smbcrunch | 3 tools that work together to simplify reconaissance of Windows File Shares. | 3个工具,它们协同工作以简化Windows文件共享的重新组合。 |
recon | 侦察 | smtp-user-enum | Username guessing tool primarily for use against the default Solaris SMTP service. Can use either EXPN, VRFY or RCPT TO. | 用户名猜测工具主要用于默认的Solaris SMTP服务。可以使用EXPN,VRFY或RCPT TO。 |
recon | 侦察 | spfmap | A program to map out SPF and DKIM records for a large number of domains. | 用于为大量域映射SPF和DKIM记录的程序。 |
recon | 侦察 | spiderfoot | The Open Source Footprinting Tool. | 开源足迹工具。 |
recon | 侦察 | spoofcheck | Simple script that checks a domain for email protections. | 检查域以获取电子邮件保护的简单脚本。 |
recon | 侦察 | ssl-hostname-resolver | CN (Common Name) grabber on X.509 Certificates over HTTPS. | 通过HTTPS获取X.509证书上的CN(公用名)抓取器。 |
recon | 侦察 | stardox | Github stargazers information gathering tool. | Github观星者信息收集工具。 |
recon | 侦察 | subdomainer | A tool designed for obtaining subdomain names from public sources. | 用于从公共源获取子域名的工具。 |
recon | 侦察 | subfinder | Modular subdomain discovery tool that can discover massive amounts of valid subdomains for any target. | 模块化子域发现工具,可以为任何目标发现大量有效子域。 |
recon | 侦察 | sublist3r | A Fast subdomains enumeration tool for penetration testers. | 用于渗透测试人员的快速子域名枚举工具。 |
recon | 侦察 | subscraper | Tool that performs subdomain enumeration through various techniques. | 通过各种技术执行子域枚举的工具。 |
recon | 侦察 | sysdig | Open source system-level exploration and troubleshooting tool | 开源系统级探索和故障排除工具 |
recon | 侦察 | theharvester | Python tool for gathering e-mail accounts and subdomain names from different public sources (search engines, pgp key servers). | 用于从不同公共源(搜索引擎,pgp密钥服务器)收集电子邮件帐户和子域名的Python工具。 |
recon | 侦察 | tilt | An easy and simple tool implemented in Python for ip reconnaissance, with reverse ip lookup. | 一个简单而简单的工具,在Python中用于ip侦察,具有反向ip查找功能。 |
recon | 侦察 | tinfoleak | Get detailed information about a Twitter user activity. | 获取有关Twitter用户活动的详细信息。 |
recon | 侦察 | tinfoleak2 | The most complete open-source tool for Twitter intelligence analysis. | 用于Twitter智能分析的最完整的开源工具。 |
recon | 侦察 | traceroute | Tracks the route taken by packets over an IP network | 跟踪IP网络上的数据包路由 |
recon | 侦察 | treasure | Hunt for sensitive information through githubs code search. | 通过githubs代码搜索寻找敏感信息。 |
recon | 侦察 | trufflehog | Searches through git repositories for high entropy strings, digging deep into commit history. | 通过git存储库搜索高熵字符串,深入挖掘提交历史记录。 |
recon | 侦察 | trusttrees | A Tool for DNS Delegation Trust Graphing. | DNS委托信任图形工具。 |
recon | 侦察 | twofi | Twitter Words of Interest. | Twitter感兴趣的词。 |
recon | 侦察 | ubiquiti-probing | A Ubiquiti device discovery tool. | Ubiquiti设备发现工具。 |
recon | 侦察 | userrecon | Find usernames across over 75 social networks. | 查找超过75个社交网络的用户名。 |
recon | 侦察 | vbrute | Virtual hosts brute forcer. | 虚拟主机蛮力。 |
recon | 侦察 | vpnpivot | Explore the network using this tool. | 使用此工具探索网络。 |
recon | 侦察 | waldo | A lightweight and multithreaded directory and subdomain bruteforcer implemented in Python. | Python中实现的轻量级多线程目录和子域bruteforcer。 |
recon | 侦察 | websearch | Search vhost names given a host range. Powered by Bing.. | 在给定主机范围的情况下搜索vhost名称。由Bing提供.. |
recon | 侦察 | whatweb | Next generation web scanner that identifies what websites are running. | 下一代Web扫描程序,用于识别正在运行的网站。 |
recon | 侦察 | windows-exploit-suggester | This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. | 此工具将目标修补程序级别与Microsoft漏洞数据库进行比较,以便检测目标上可能缺少的修补程序。 |
recon | 侦察 | xray | A tool for recon, mapping and OSINT gathering from public networks. | 用于从公共网络收集的侦察,映射和OSINT的工具。 |
recon | 侦察 | zeus-scanner | Advanced dork searching utility. | 高级傻瓜搜索工具。 |
recon | 侦察 | zgrab | Grab banners (optionally over TLS). | 抓住横幅(可选择通过TLS)。 |
reversing | 倒车 | android-apktool | A tool for reverse engineering Android apk files. | 用于逆向工程Android apk文件的工具。 |
reversing | 倒车 | apkstudio | An IDE for decompiling/editing & then recompiling of android application binaries. | 用于反编译/编辑然后重新编译android应用程序二进制文件的IDE。 |
reversing | 倒车 | binaryninja-demo | A new kind of reversing platform (demo version). | 一种新型的倒车平台(演示版)。 |
reversing | 倒车 | bsdiff | bsdiff and bspatch are tools for building and applying patches to binary files. | bsdiff和bspatch是用于构建和应用补丁到二进制文件的工具。 |
reversing | 倒车 | capstone | Lightweight multi-platform, multi-architecture disassembly framework | 轻量级多平台,多架构反汇编框架 |
reversing | 倒车 | elidecode | A tool to decode obfuscated shellcodes using the unicorn-engine for the emulation and the capstone-engine to print the asm code. | 使用unicorn-engine进行仿真和capstone-engine来打印asm代码的解码混淆shellcode的工具。 |
reversing | 倒车 | flasm | Disassembler tool for SWF bytecode | 用于SWF字节码的反汇编工具 |
reversing | 倒车 | frida | Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers. | 适用于开发人员,逆向工程师和安全研究人员的动态检测工具包。 |
reversing | 倒车 | frida-extract | Frida.re based RunPE (and MapViewOfSection) extraction tool. | Frida.re基于RunPE(和MapViewOfSection)提取工具。 |
reversing | 倒车 | ghidra | A software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate in support of the Cybersecurity mission. | 由NSA研究理事会开发的软件逆向工程(SRE)工具套件,用于支持网络安全任务。 |
reversing | 倒车 | jad | Java decompiler | Java反编译器 |
reversing | 倒车 | javasnoop | A tool that lets you intercept methods, alter data and otherwise hack Java applications running on your computer | 一种工具,可让您拦截方法,更改数据以及破解计算机上运行的Java应用程序 |
reversing | 倒车 | jeb-android | Android decompiler. | Android反编译器。 |
reversing | 倒车 | jeb-arm | Arm decompiler. | 手臂反编译器。 |
reversing | 倒车 | jeb-intel | Intel decompiler. | 英特尔反编译器。 |
reversing | 倒车 | jeb-mips | Mips decompiler. | Mips反编译器。 |
reversing | 倒车 | jeb-webasm | WebAssembly decompiler. | WebAssembly反编译器。 |
reversing | 倒车 | jwscan | Scanner for Jar to EXE wrapper like Launch4j, Exe4j, JSmooth, Jar2Exe. | Jar的扫描仪到EXE包装器,如Launch4j,Exe4j,JSmooth,Jar2Exe。 |
reversing | 倒车 | malwasm | Offline debugger for malware's reverse engineering. | 用于恶意软件逆向工程的离线调试器。 |
reversing | 倒车 | mikrotik-npk | Python tools for manipulating Mikrotik NPK format. | 用于操纵Mikrotik NPK格式的Python工具。 |
reversing | 倒车 | netzob | An open source tool for reverse engineering, traffic generation and fuzzing of communication protocols. | 用于逆向工程,流量生成和通信协议模糊测试的开源工具。 |
reversing | 倒车 | pintool | This tool can be useful for solving some reversing challenges in CTFs events. | 该工具可用于解决CTF事件中的一些逆转挑战。 |
reversing | 倒车 | pintool2 | Improved version of pintool. | 改进版的pintool。 |
reversing | 倒车 | python-capstone | Lightweight multi-platform, multi-architecture disassembly framework | 轻量级多平台,多架构反汇编框架 |
reversing | 倒车 | python-frida | Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers. | 适用于开发人员,逆向工程师和安全研究人员的动态检测工具包。 |
reversing | 倒车 | python-jsbeautifier | JavaScript unobfuscator and beautifier | JavaScript unobfuscator和美化 |
reversing | 倒车 | python2-capstone | Lightweight multi-platform, multi-architecture disassembly framework | 轻量级多平台,多架构反汇编框架 |
reversing | 倒车 | python2-frida | Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers. | 适用于开发人员,逆向工程师和安全研究人员的动态检测工具包。 |
reversing | 倒车 | radare2 | Open-source tools to disasm, debug, analyze and manipulate binary files | 用于解析,调试,分析和操作二进制文件的开源工具 |
reversing | 倒车 | radare2-cutter | Qt and C++ GUI for radare2 reverse engineering framework | 用于radare2逆向工程框架的Qt和C ++ GUI |
reversing | 倒车 | radare2-keystone | Keystone assembler plugins for radare2. | 用于radare2的Keystone汇编插件。 |
reversing | 倒车 | scanmem | Memory scanner designed to isolate the address of an arbitrary variable in an executing process | 内存扫描程序旨在隔离执行过程中任意变量的地址 |
reversing | 倒车 | swfintruder | First tool for testing security in Flash movies. A runtime analyzer for SWF external movies. It helps to find flaws in Flash. | 用于测试Flash电影中安全性的第一个工具。用于SWF外部电影的运行时分析器。它有助于找到Flash中的缺陷。 |
reversing | 倒车 | syms2elf | A plugin for Hex-Ray's IDA Pro and radare2 to export the symbols recognized to the ELF symbol table. | Hex-Ray IDA Pro和radare2的插件,用于将识别的符号导出到ELF符号表。 |
reversing | 倒车 | udis86 | A minimalistic disassembler library | 一个简约的反汇编程序库 |
scanner | 扫描器 | 0trace | A hop enumeration tool. | 跳跃枚举工具。 |
scanner | 扫描器 | a2sv | Auto Scanning to SSL Vulnerability. | 自动扫描到SSL漏洞。 |
scanner | 扫描器 | admsnmp | ADM SNMP audit scanner. | ADM SNMP审核扫描程序。 |
scanner | 扫描器 | allthevhosts | A vhost discovery tool that scrapes various web applications. | 一种vhost发现工具,可以抓取各种Web应用程序。 |
scanner | 扫描器 | amass | In-depth subdomain enumeration written in Go. | 用Go编写的深入子域枚举。 |
scanner | 扫描器 | apache-users | This perl script will enumerate the usernames on a unix system that use the apache module UserDir. | 这个perl脚本将枚举使用apache模块UserDir的unix系统上的用户名。 |
scanner | 扫描器 | athena-ssl-scanner | A SSL cipher scanner that checks all cipher codes. It can identify about 150 different ciphers. | 一种SSL密码扫描程序,用于检查所有密码。它可以识别大约150种不同的密码。 |
scanner | 扫描器 | atscan | Server, Site and Dork Scanner. | 服务器,站点和Dork扫描仪。 |
scanner | 扫描器 | aws-extender-cli | Script to test S3 buckets as well as Google Storage buckets and Azure Storage containers for common misconfiguration issues. | 用于测试S3存储桶以及Google存储桶和Azure存储容器的脚本,用于解决常见的错误配置问题。 |
scanner | 扫描器 | barmie | Java RMI enumeration and attack tool. | Java RMI枚举和攻击工具。 |
scanner | 扫描器 | belati | The Traditional Swiss Army Knife for OSINT. | OSINT的传统瑞士军刀。 |
scanner | 扫描器 | bingoo | A Linux bash based Bing and Google Dorking Tool. | 基于Linux bash的Bing和Google Dorking工具。 |
scanner | 扫描器 | birp | A tool that will assist in the security assessment of mainframe applications served over TN3270. | 一种有助于TN3270服务的大型机应用程序安全评估的工具。 |
scanner | 扫描器 | blackbox-scanner | Dork scanner & bruteforcing & hash cracker with blackbox framework. | Dork扫描仪和bruteforcing&哈希饼干与blackbox框架。 |
scanner | 扫描器 | bleah | A BLE scanner for "smart" devices hacking. | 用于“智能”设备黑客攻击的BLE扫描仪。 |
scanner | 扫描器 | blindy | Simple script to automate brutforcing blind sql injection vulnerabilities. | 简单的脚本,可以自动执行盲目的SQL注入漏洞。 |
scanner | 扫描器 | bluto | Recon, Subdomain Bruting, Zone Transfers. | Recon,Subdomain Bruting,Zone Transfers。 |
scanner | 扫描器 | braa | A mass snmp scanner | 质量snmp扫描仪 |
scanner | 扫描器 | cameradar | Hacks its way into RTSP videosurveillance cameras. | 闯入RTSP视频监控摄像头。 |
scanner | 扫描器 | camscan | A tool which will analyze the CAM table of Cisco switches to look for anamolies. | 一种工具,可以分析Cisco交换机的CAM表以查找anamolies。 |
scanner | 扫描器 | cangibrina | Dashboard Finder. | 仪表板查找器。 |
scanner | 扫描器 | cecster | A tool to perform security testing against the HDMI CEC (Consumer Electronics Control) and HEC (HDMI Ethernet Channel) protocols. | 一种针对HDMI CEC(消费电子控制)和HEC(HDMI以太网通道)协议执行安全测试的工具。 |
scanner | 扫描器 | changeme | A default credential scanner. | 默认凭据扫描程序。 |
scanner | 扫描器 | check-weak-dh-ssh | Debian OpenSSL weak client Diffie-Hellman Exchange checker. | Debian OpenSSL弱客户端Diffie-Hellman Exchange检查器。 |
scanner | 扫描器 | chiron | An all-in-one IPv6 Penetration Testing Framework. | 一体化IPv6渗透测试框架。 |
scanner | 扫描器 | cipherscan | A very simple way to find out which SSL ciphersuites are supported by a target. | 一种非常简单的方法,可以找出目标支持哪些SSL密码套件。 |
scanner | 扫描器 | ciscos | Scans class A, B, and C networks for cisco routers which have telnet open and have not changed the default password from cisco. | 扫描已打开telnet并且未更改cisco的默认密码的cisco路由器的A,B和C类网络。 |
scanner | 扫描器 | clair | Vulnerability Static Analysis for Containers. | 容器的漏洞静态分析。 |
scanner | 扫描器 | climber | Check UNIX/Linux systems for privilege escalation. | 检查UNIX / Linux系统以获取权限提升。 |
scanner | 扫描器 | cloudflare-enum | Cloudflare DNS Enumeration Tool for Pentesters. | 用于Pentesters的Cloudflare DNS枚举工具。 |
scanner | 扫描器 | cloudsploit | AWS security scanning checks. | AWS安全扫描检查。 |
scanner | 扫描器 | cmsmap | A python open source Content Management System scanner that automates the process of detecting security flaws of the most popular CMSs. | 一个python开源内容管理系统扫描程序,可自动检测最流行的CMS的安全漏洞。 |
scanner | 扫描器 | configpush | This is a tool to span /8-sized networks quickly sending snmpset requests with default or otherwise specified community string to Cisco devices. | 这是一个跨越/ 8大小网络的工具,可以快速向思科设备发送带有默认或其他指定社区字符串的snmpset请求。 |
scanner | 扫描器 | corstest | A simple CORS misconfigurations checker. | 一个简单的CORS配置错误检查器。 |
scanner | 扫描器 | cpfinder | Simple script that looks for administrative web interfaces. | 查找管理Web界面的简单脚本。 |
scanner | 扫描器 | crackmapexec | A swiss army knife for pentesting Windows/Active Directory environments. | 用于测试Windows / Active Directory环境的瑞士军刀。 |
scanner | 扫描器 | creepy | A geolocation information gatherer. Offers geolocation information gathering through social networking platforms. | 地理定位信息收集器。通过社交网络平台提供地理定位信息收集。 |
scanner | 扫描器 | ct-exposer | An OSINT tool that discovers sub-domains by searching Certificate Transparency logs | 一种OSINT工具,通过搜索证书透明度日志来发现子域 |
scanner | 扫描器 | cvechecker | The goal of cvechecker is to report about possible vulnerabilities on your system, by scanning the installed software and matching the results with the CVE database. | cvechecker的目标是通过扫描已安装的软件并将结果与CVE数据库相匹配来报告系统上可能存在的漏洞。 |
scanner | 扫描器 | d-tect | Pentesting the Modern Web. | 对现代网络进行测试。 |
scanner | 扫描器 | darkbing | A tool written in python that leverages bing for mining data on systems that may be susceptible to SQL injection. | 一个用python编写的工具,利用bing挖掘可能易受SQL注入的系统上的数据。 |
scanner | 扫描器 | davtest | Tests WebDAV enabled servers by uploading test executable files, and then (optionally) uploading files which allow for command execution or other actions directly on the target | 通过上载测试可执行文件,然后(可选)上载允许命令执行或直接在目标上执行其他操作的文件来测试启用WebDAV的服务器 |
scanner | 扫描器 | dbusmap | Simple utility for enumerating D-Bus endpoints, an nmap for D-Bus. | 枚举D-Bus端点的简单实用程序,D-Bus的nmap。 |
scanner | 扫描器 | dcrawl | Simple, but smart, multi-threaded web crawler for randomly gathering huge lists of unique domain names. | 简单但智能的多线程Web爬虫,用于随机收集大量唯一域名列表。 |
scanner | 扫描器 | deblaze | A remote method enumeration tool for flex servers | 用于Flex服务器的远程方法枚举工具 |
scanner | 扫描器 | delldrac | DellDRAC and Dell Chassis Discovery and Brute Forcer. | DellDRAC和Dell Chassis Discovery和Brute Forcer。 |
scanner | 扫描器 | dhcpig | Enhanced DHCPv4 and DHCPv6 exhaustion and fuzzing script written in python using scapy network library. | 使用scapy网络库在python中编写的增强的DHCPv4和DHCPv6耗尽和模糊测试脚本。 |
scanner | 扫描器 | dirb | A web content scanner, brute forceing for hidden files. | 一个Web内容扫描程序,强制隐藏文件。 |
scanner | 扫描器 | dirbuster | An application designed to brute force directories and files names on web/application servers | 用于在Web /应用程序服务器上强制执行目录和文件名的应用程序 |
scanner | 扫描器 | dirscanner | This is a python script that scans webservers looking for administrative directories, php shells, and more. | 这是一个python脚本,它扫描Web服务器,寻找管理目录,php shell等。 |
scanner | 扫描器 | dmitry | Deepmagic Information Gathering Tool. Gathers information about hosts. It is able to gather possible subdomains, email addresses, and uptime information and run tcp port scans, whois lookups, and more. | Deepmagic信息收集工具。收集有关主机的信息。它能够收集可能的子域,电子邮件地址和正常运行时间信息,并运行tcp端口扫描,whois查找等。 |
scanner | 扫描器 | dnmap | The distributed nmap framework | 分布式nmap框架 |
scanner | 扫描器 | dns2geoip | A simple python script that brute forces DNS and subsequently geolocates the found subdomains. | 一个简单的python脚本,强制DNS,然后对找到的子域进行地理定位。 |
scanner | 扫描器 | dnsa | DNSA is a dns security swiss army knife | DNSA是一种安全瑞士军刀 |
scanner | 扫描器 | dnsbf | Search for available domain names in an IP range. | 搜索IP范围内的可用域名。 |
scanner | 扫描器 | dnsgoblin | Nasty creature constantly searching for DNS servers. It uses standard dns querys and waits for the replies. | 讨厌的生物不断搜索DNS服务器。它使用标准的dns查询并等待回复。 |
scanner | 扫描器 | dnspredict | DNS prediction. | DNS预测。 |
scanner | 扫描器 | dnstwist | Domain name permutation engine for detecting typo squatting, phishing and corporate espionage. | 用于检测拼写错误,网络钓鱼和企业间谍活动的域名置换引擎。 |
scanner | 扫描器 | dockerscan | Docker security analysis & hacking tools. | Docker安全分析和黑客工具。 |
scanner | 扫描器 | dorkbot | Command-line tool to scan Google search results for vulnerabilities. | 用于扫描Google搜索结果中的漏洞的命令行工具。 |
scanner | 扫描器 | dorkme | Tool designed with the purpose of making easier the searching of vulnerabilities with Google Dorks, such as SQL Injection vulnerabilities. | 设计工具的目的是使用Google Dorks更容易地搜索漏洞,例如SQL Injection漏洞。 |
scanner | 扫描器 | dpscan | Drupal Vulnerabilty Scanner. | Drupal Vulnerabilty扫描仪。 |
scanner | 扫描器 | driftnet | Listens to network traffic and picks out images from TCP streams it observes. | 侦听网络流量并从其观察到的TCP流中挑选出图像。 |
scanner | 扫描器 | dripper | A fast, asynchronous DNS scanner; it can be used for enumerating subdomains and enumerating boxes via reverse DNS. | 快速的异步DNS扫描程序; 它可以用于通过反向DNS枚举子域和枚举框。 |
scanner | 扫描器 | dvcs-ripper | Rip web accessible (distributed) version control systems: SVN/GIT/BZR/CVS/HG. | Rip web可访问(分布式)版本控制系统:SVN / GIT / BZR / CVS / HG。 |
scanner | 扫描器 | eazy | This is a small python tool that scans websites to look for PHP shells, backups, admin panels, and more. | 这是一个小型python工具,可扫描网站以查找PHP shell,备份,管理面板等。 |
scanner | 扫描器 | enum-shares | Tool that enumerates shared folders across the network and under a custom user account. | 在整个网络和自定义用户帐户下枚举共享文件夹的工具。 |
scanner | 扫描器 | enumiax | An IAX enumerator. | IAX普查员。 |
scanner | 扫描器 | eternal-scanner | An internet scanner for exploit CVE-0144 (Eternal Blue). | 利用CVE-0144(永恒蓝色)的互联网扫描仪。 |
scanner | 扫描器 | faraday | A new concept (IPE) Integrated Penetration-Test Environment a multiuser Penetration test IDE. Designed for distribution, indexation and analyze of the generated data during the process of a security audit. | 新概念(IPE)集成渗透测试环境多用户渗透测试IDE。设计用于在安全审计过程中分发,索引和分析生成的数据。 |
scanner | 扫描器 | fernmelder | Asynchronous mass DNS scanner. | 异步海量DNS扫描程序。 |
scanner | 扫描器 | fgscanner | An advanced, opensource URL scanner. | 一个高级的开源URL扫描程序。 |
scanner | 扫描器 | fi6s | IPv6 network scanner designed to be fast. | IPv6网络扫描仪设计得很快。 |
scanner | 扫描器 | fierce | A DNS scanner | DNS扫描程序 |
scanner | 扫描器 | find-dns | A tool that scans networks looking for DNS servers. | 扫描寻找DNS服务器的网络的工具。 |
scanner | 扫描器 | findomain | A tool that use Certificate Transparency logs to find subdomains. | 使用证书透明度日志查找子域的工具。 |
scanner | 扫描器 | flashscanner | Flash XSS Scanner. | Flash XSS扫描仪。 |
scanner | 扫描器 | flunym0us | A Vulnerability Scanner for Wordpress and Moodle. | Wordpress和Moodle的漏洞扫描程序。 |
scanner | 扫描器 | forkingportscanner | Simple and fast forking port scanner written in perl. Can only scan on host at a time, the forking is done on the specified port range. Or on the default range of 1. Has the ability to scan UDP or TCP, defaults to tcp. | 用perl编写的简单快速的分叉端口扫描器。一次只能在主机上扫描,分叉在指定的端口范围内完成。或者在默认范围为1.能够扫描UDP或TCP,默认为tcp。 |
scanner | 扫描器 | fs-nyarl | A network takeover & forensic analysis tool - useful to advanced PenTest tasks & for fun and profit. | 网络接管和取证分析工具 - 对高级PenTest任务和娱乐和利润非常有用。 |
scanner | 扫描器 | fsnoop | A tool to monitor file operations on GNU/Linux systems by using the Inotify mechanism. Its primary purpose is to help detecting file race condition vulnerabilities and since version 3, to exploit them with loadable DSO modules (also called "payload modules" or "paymods"). | 一种使用Inotify机制监视GNU / Linux系统上的文件操作的工具。其主要目的是帮助检测文件竞争条件漏洞,从版本3开始,利用可加载的DSO模块(也称为“有效负载模块”或“paymods”)来利用它们。 |
scanner | 扫描器 | ftp-spider | FTP investigation tool - Scans ftp server for the following: reveal entire directory tree structures, detect anonymous access, detect directories with write permissions, find user specified data within repository. | FTP调查工具 - 扫描ftp服务器以获取以下信息:显示整个目录树结构,检测匿名访问,检测具有写权限的目录,在存储库中查找用户指定的数据。 |
scanner | 扫描器 | ftpscout | Scans ftps for anonymous access. | 扫描ftps以进行匿名访问。 |
scanner | 扫描器 | gethsploit | Finding Ethereum nodes which are vulnerable to RPC-attacks. | 查找容易受到RPC攻击的以太坊节点。 |
scanner | 扫描器 | gggooglescan | A Google scraper which performs automated searches and returns results of search queries in the form of URLs or hostnames. | Google抓取工具,可执行自动搜索并以网址或主机名的形式返回搜索查询结果。 |
scanner | 扫描器 | ghost-phisher | GUI suite for phishing and penetration attacks | 用于网络钓鱼和渗透攻击的GUI套件 |
scanner | 扫描器 | gitrob | Reconnaissance tool for GitHub organizations. | GitHub组织的侦察工具。 |
scanner | 扫描器 | gloom | Linux Penetration Testing Framework. | Linux渗透测试框架。 |
scanner | 扫描器 | grabbb | Clean, functional, and fast banner scanner. | 干净,实用,快速的横幅扫描仪。 |
scanner | 扫描器 | greenbone-security-assistant | Greenbone Security Assistant (gsa) - OpenVAS web frontend | Greenbone Security Assistant(gsa) - OpenVAS Web前端 |
scanner | 扫描器 | grepforrfi | Simple script for parsing web logs for RFIs and Webshells v1.2 | 用于解析RFI和Webshell v1.2的Web日志的简单脚本 |
scanner | 扫描器 | gtp-scan | A small python script that scans for GTP (GPRS tunneling protocol) speaking hosts. | 一个小的python脚本,扫描GTP(GPRS隧道协议)说话主机。 |
scanner | 扫描器 | habu | Python Network Hacking Toolkit. | Python网络黑客工具包。 |
scanner | 扫描器 | hakku | Simple framework that has been made for penetration testing tools. | 为渗透测试工具制作的简单框架。 |
scanner | 扫描器 | halberd | Halberd discovers HTTP load balancers. It is useful for web application security auditing and for load balancer configuration testing. | Halberd发现HTTP负载均衡器。它对Web应用程序安全审核和负载平衡器配置测试很有用。 |
scanner | 扫描器 | hbad | This tool allows you to test clients on the heartbleed bug. | 此工具允许您在heartbleed错误上测试客户端。 |
scanner | 扫描器 | hoppy | A python script which tests http methods for configuration issues leaking information or just to see if they are enabled. | 一个python脚本,它测试http方法的配置问题泄漏信息或只是为了查看它们是否已启用。 |
scanner | 扫描器 | host-extract | Ruby script tries to extract all IP/Host patterns in page response of a given URL and JavaScript/CSS files of that URL. | Ruby脚本尝试提取给定URL的页面响应中的所有IP /主机模式以及该URL的JavaScript / CSS文件。 |
scanner | 扫描器 | hsecscan | A security scanner for HTTP response headers. | 用于HTTP响应标头的安全扫描程序。 |
scanner | 扫描器 | http-enum | A tool to enumerate the enabled HTTP methods supported on a webserver. | 用于枚举Web服务器上支持的已启用HTTP方法的工具。 |
scanner | 扫描器 | httpsscanner | A tool to test the strength of a SSL web server. | 用于测试SSL Web服务器强度的工具。 |
scanner | 扫描器 | iaxscan | A Python based scanner for detecting live IAX/2 hosts and then enumerating (by bruteforce) users on those hosts. | 基于Python的扫描程序,用于检测实时IAX / 2主机,然后枚举(通过强力执行)这些主机上的用户。 |
scanner | 扫描器 | icmpquery | Send and receive ICMP queries for address mask and current time. | 发送和接收地址掩码和当前时间的ICMP查询。 |
scanner | 扫描器 | iis-shortname-scanner | An IIS shortname Scanner. | IIS短名称扫描程序。 |
scanner | 扫描器 | ike-scan | A tool that uses IKE protocol to discover, fingerprint and test IPSec VPN servers | 使用IKE协议发现,指纹和测试IPSec VPN服务器的工具 |
scanner | 扫描器 | ilo4-toolbox | Toolbox for HPE iLO4 analysis. | 用于HPE iLO4分析的工具箱。 |
scanner | 扫描器 | infip | A python script that checks output from netstat against RBLs from Spamhaus. | 一个python脚本,用于检查来自netstat的输出与来自Spamhaus的RBL。 |
scanner | 扫描器 | inurlbr | Advanced search in the search engines - Inurl scanner, dorker, exploiter. | 搜索引擎中的高级搜索 - Inurl扫描仪,dorker,开发者。 |
scanner | 扫描器 | ipscan | A very fast IP address and port scanner. | 一个非常快速的IP地址和端口扫描器。 |
scanner | 扫描器 | iptv | Search and brute force illegal iptv server. | 搜索和暴力非法iptv服务器。 |
scanner | 扫描器 | ipv6toolkit | SI6 Networks' IPv6 Toolkit | SI6 Networks的IPv6工具包 |
scanner | 扫描器 | jaadas | Joint Advanced Defect assEsment for android applications. | 针对Android应用程序的联合高级缺陷问题。 |
scanner | 扫描器 | knock | Subdomain scanner. | 子域扫描程序。 |
scanner | 扫描器 | knxmap | KNXnet/IP scanning and auditing tool for KNX home automation installations. | 用于KNX家庭自动化安装的KNXnet / IP扫描和审计工具。 |
scanner | 扫描器 | krbrelayx | Kerberos unconstrained delegation abuse toolkit. | Kerberos无约束委托滥用工具包。 |
scanner | 扫描器 | kube-hunter | Hunt for security weaknesses in Kubernetes clusters. | 寻找Kubernetes集群中的安全漏洞。 |
scanner | 扫描器 | laf | Login Area Finder: scans host/s for login panels. | 登录区域查找器:扫描登录面板的主机/ s。 |
scanner | 扫描器 | ldapdomaindump | Active Directory information dumper via LDAP. | 通过LDAP的Active Directory信息转储程序。 |
scanner | 扫描器 | leaklooker | Find open databases with Shodan. | 使用Shodan查找开放式数据库。 |
scanner | 扫描器 | letmefuckit-scanner | Scanner and Exploit Magento. | 扫描仪和漏洞利用Magento。 |
scanner | 扫描器 | leviathan | A mass audit toolkit which has wide range service discovery, brute force, SQL injection detection and running custom exploit capabilities. | 大规模审计工具包,具有广泛的服务发现,强力,SQL注入检测和运行自定义漏洞利用功能。 |
scanner | 扫描器 | lfi-scanner | This is a simple perl script that enumerates local file inclusion attempts when given a specific target. | 这是一个简单的perl脚本,在给定特定目标时枚举本地文件包含尝试。 |
scanner | 扫描器 | lfisuite | Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner. | 完全自动LFI漏洞利用(+反向壳)和扫描仪。 |
scanner | 扫描器 | linenum | Scripted Local Linux Enumeration & Privilege Escalation Checks | 脚本本地Linux枚举和权限升级检查 |
scanner | 扫描器 | littleblackbox | Penetration testing tool, search in a collection of thousands of private SSL keys extracted from various embedded devices. | 渗透测试工具,搜索从各种嵌入式设备中提取的数千个私有SSL密钥的集合。 |
scanner | 扫描器 | locasploit | Local enumeration and exploitation framework. | 本地枚举和开发框架。 |
scanner | 扫描器 | lotophagi | a relatively compact Perl script designed to scan remote hosts for default (or common) Lotus NSF and BOX databases. | 一个相对紧凑的Perl脚本,用于扫描远程主机的默认(或常见)Lotus NSF和BOX数据库。 |
scanner | 扫描器 | lte-cell-scanner | LTE SDR cell scanner optimized to work with very low performance RF front ends (8bit A/D, 20dB noise figure). | LTE SDR单元扫描器经过优化,可与极低性能的RF前端配合使用(8位A / D,20dB噪声系数)。 |
scanner | 扫描器 | lunar | A UNIX security auditing tool based on several security frameworks. | 基于多个安全框架的UNIX安全审核工具。 |
scanner | 扫描器 | lynis | Security and system auditing tool to harden Unix/Linux systems | 安全和系统审计工具,以加强Unix / Linux系统 |
scanner | 扫描器 | maligno | An open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. | 用python编写的开源渗透测试工具,用于Metasploit有效负载。它使用msfvenom生成shellcode并通过HTTP或HTTPS传输。 |
scanner | 扫描器 | maryam | Full-featured Web Identification framework written in Python. | 用Python编写的全功能Web标识框架。 |
scanner | 扫描器 | masscan | TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes | TCP端口扫描程序,异步喷出SYN数据包,在5分钟内扫描整个Internet |
scanner | 扫描器 | modscan | A new tool designed to map a SCADA MODBUS TCP based network. | 一种新工具,用于映射基于SCADA MODBUS TCP的网络。 |
scanner | 扫描器 | mongoaudit | A powerful MongoDB auditing and pentesting tool . | 强大的MongoDB审计和测试工具。 |
scanner | 扫描器 | mssqlscan | A small multi-threaded tool that scans for Microsoft SQL Servers. | 一种用于扫描Microsoft SQL Server的小型多线程工具。 |
scanner | 扫描器 | multiscanner | Modular file scanning/analysis framework. | 模块化文件扫描/分析框架。 |
scanner | 扫描器 | nbtscan | NBTscan is a program for scanning IP networks for NetBIOS name information. | NBTscan是一个用于扫描IP网络以获取NetBIOS名称信息的程序。 |
scanner | 扫描器 | netbios-share-scanner | This tool could be used to check windows workstations and servers if they have accessible shared resources. | 如果Windows工作站和服务器具有可访问的共享资源,则可以使用此工具检查它们。 |
scanner | 扫描器 | netscan | Tcp/Udp/Tor port scanner with: synpacket, connect TCP/UDP and socks5 (tor connection). | Tcp / Udp / Tor端口扫描器:synpacket,连接TCP / UDP和socks5(tor连接)。 |
scanner | 扫描器 | netscan2 | Active / passive network scanner. | 主动/被动网络扫描仪。 |
scanner | 扫描器 | nikto | A web server scanner which performs comprehensive tests against web servers for multiple items | Web服务器扫描程序,针对多个项目对Web服务器执行全面测试 |
scanner | 扫描器 | nili | Tool for Network Scan, Man in the Middle, Protocol Reverse Engineering and Fuzzing. | 网络扫描工具,中间人,协议逆向工程和模糊测试。 |
scanner | 扫描器 | nmap | Utility for network discovery and security auditing | 用于网络发现和安全审核的实用程序 |
scanner | 扫描器 | nmbscan | Tool to scan the shares of a SMB/NetBIOS network, using the NMB/SMB/NetBIOS protocols. | 使用NMB / SMB / NetBIOS协议扫描SMB / NetBIOS网络共享的工具。 |
scanner | 扫描器 | nsec3map | A tool to enumerate the resource records of a DNS zone using its DNSSEC NSEC or NSEC3 chain. | 使用DNSSEC NSEC或NSEC3链枚举DNS区域的资源记录的工具。 |
scanner | 扫描器 | nsia | A website scanner that monitors websites in realtime in order to detect defacements, compliance violations, exploits, sensitive information disclosure and other issues. | 一种网站扫描仪,可以实时监控网站,以检测违规,合规违规,漏洞利用,敏感信息泄露和其他问题。 |
scanner | 扫描器 | o-saft | A tool to show informations about SSL certificate and tests the SSL connection according given list of ciphers and various SSL configurations. | 一种工具,用于显示有关SSL证书的信息,并根据给定的密码列表和各种SSL配置测试SSL连接。 |
scanner | 扫描器 | ocs | Compact mass scanner for Cisco routers with default telnet/enable passwords. | 用于Cisco路由器的紧凑型扫描仪,具有默认的telnet / enable密码。 |
scanner | 扫描器 | onetwopunch | Use unicornscan to quickly scan all open ports, and then pass the open ports to nmap for detailed scans. | 使用unicornscan快速扫描所有打开的端口,然后将打开的端口传递给nmap以进行详细扫描。 |
scanner | 扫描器 | onionscan | Scan Onion Services for Security Issues. | 扫描洋葱服务以解决安全问题。 |
scanner | 扫描器 | openvas-manager | A layer between the OpenVAS Scanner and various client applications | OpenVAS Scanner与各种客户端应用程序之间的层 |
scanner | 扫描器 | openvas-scanner | The OpenVAS scanning Daemon | OpenVAS扫描守护进程 |
scanner | 扫描器 | paketto | Advanced TCP/IP Toolkit. | 高级TCP / IP工具包。 |
scanner | 扫描器 | panhunt | Searches for credit card numbers (PANs) in directories. | 在目录中搜索信用卡号(PAN)。 |
scanner | 扫描器 | paranoic | A simple vulnerability scanner written in Perl. | 一个用Perl编写的简单漏洞扫描程序。 |
scanner | 扫描器 | passhunt | Search drives for documents containing passwords. | 搜索包含密码的文档。 |
scanner | 扫描器 | pbscan | Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage. | 由于用户域TCP / IP堆栈使用,更快,更高效的无状态SYN扫描器和横幅抓取器。 |
scanner | 扫描器 | pcredz | A tool that extracts credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, and more from a pcap file or from a live interface. | 提取信用卡号,NTLM(DCE-RPC,HTTP,SQL,LDAP等),Kerberos(AS-REQ Pre-Auth etype 23),HTTP Basic,SNMP,POP,SMTP,FTP,IMAP等的工具来自pcap文件或实时界面。 |
scanner | 扫描器 | pentestly | Python and Powershell internal penetration testing framework. | Python和Powershell内部渗透测试框架。 |
scanner | 扫描器 | plcscan | This is a tool written in Python that will scan for PLC devices over s7comm or modbus protocols. | 这是一个用Python编写的工具,它将通过s7comm或modbus协议扫描PLC设备。 |
scanner | 扫描器 | pnscan | A parallel network scanner that can be used to survey TCP network services. | 可用于调查TCP网络服务的并行网络扫描程序。 |
scanner | 扫描器 | poison | A fast, asynchronous syn and udp scanner. | 快速,异步的syn和udp扫描程序。 |
scanner | 扫描器 | ppscan | Yet another port scanner with HTTP and FTP tunneling support. | 另一个端口扫描器支持HTTP和FTP隧道。 |
scanner | 扫描器 | prads | Is a "Passive Real-time Asset Detection System". | 是“被动实时资产检测系统”。 |
scanner | 扫描器 | praeda | An automated data/information harvesting tool designed to gather critical information from various embedded devices. | 一种自动数据/信息收集工具,旨在从各种嵌入式设备中收集关键信息。 |
scanner | 扫描器 | proxycheck | This is a simple proxy tool that checks for the HTTP CONNECT method and grabs verbose output from a webserver. | 这是一个简单的代理工具,用于检查HTTP CONNECT方法并从Web服务器获取详细输出。 |
scanner | 扫描器 | proxyscan | A security penetration testing tool to scan for hosts and ports through a Web proxy server. | 一种安全渗透测试工具,用于通过Web代理服务器扫描主机和端口。 |
scanner | 扫描器 | pyssltest | A python multithreaded script to make use of Qualys ssllabs api to test SSL flaws. | 一个python多线程脚本,利用Qualys ssllabs api来测试SSL漏洞。 |
scanner | 扫描器 | pytbull | A python based flexible IDS/IPS testing framework shipped with more than 300 tests. | 基于python的灵活IDS / IPS测试框架,附带300多个测试。 |
scanner | 扫描器 | pythem | python2 penetration testing framework. | python2渗透测试框架。 |
scanner | 扫描器 | python2-ldapdomaindump | Active Directory information dumper via LDAP. | 通过LDAP的Active Directory信息转储程序。 |
scanner | 扫描器 | ranger-scanner | A tool to support security professionals to access and interact with remote Microsoft Windows based systems. | 支持安全专业人员访问基于Microsoft Windows的远程系统并与之交互的工具。 |
scanner | 扫描器 | rawr | Rapid Assessment of Web Resources. A web enumerator. | 快速评估Web资源。网络普查员。 |
scanner | 扫描器 | relay-scanner | An SMTP relay scanner. | SMTP中继扫描程序。 |
scanner | 扫描器 | responder | A LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. | LLMNR和NBT-NS中毒,内置HTTP / SMB / MSSQL / FTP / LDAP流氓认证服务器,支持NTLMv1 / NTLMv2 / LMv2,扩展安全性NTLMSSP和基本HTTP身份验证。 |
scanner | 扫描器 | responder-multirelay | A LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2 (multirelay version), | LLMNR和NBT-NS中毒,内置HTTP / SMB / MSSQL / FTP / LDAP流氓认证服务器,支持NTLMv1 / NTLMv2 / LMv2(多中继版), |
scanner | 扫描器 | routerhunter | Tool used to find vulnerable routers and devices on the Internet and perform tests. | 用于在Internet上查找易受攻击的路由器和设备并执行测试的工具。 |
scanner | 扫描器 | rtlizer | Simple spectrum analyzer. | 简单的频谱分析仪 |
scanner | 扫描器 | rtlsdr-scanner | A cross platform Python frequency scanning GUI for the OsmoSDR rtl-sdr library. | 用于OsmoSDR rtl-sdr库的跨平台Python频率扫描GUI。 |
scanner | 扫描器 | s3scanner | Scan for open S3 buckets and dump. | 扫描打开的S3存储桶并转储。 |
scanner | 扫描器 | sambascan | Allows you to search an entire network or a number of hosts for SMB shares. It will also list the contents of all public shares that it finds. | 允许您搜索整个网络或多个主机以获取SMB共享。它还将列出它找到的所有公共共享的内容。 |
scanner | 扫描器 | sandmap | Nmap on steroids! Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles. | 关于类固醇的Nmap!简单的CLI,能够运行纯Nmap引擎,31个模块,具有459个扫描配置文件。 |
scanner | 扫描器 | sandy | An open-source Samsung phone encryption assessment framework | 一个开源的三星手机加密评估框架 |
scanner | 扫描器 | sb0x | A simple and Lightweight framework for Penetration testing. | 用于渗透测试的简单轻量级框架。 |
scanner | 扫描器 | scamper | A tool that actively probes the Internet in order to analyze topology and performance. | 一种主动探测Internet以分析拓扑和性能的工具。 |
scanner | 扫描器 | scanless | Utility for using websites that can perform port scans on your behalf. | 用于使用可代表您执行端口扫描的网站的实用程序。 |
scanner | 扫描器 | scanssh | Fast SSH server and open proxy scanner. | 快速SSH服务器和开放代理扫描程序。 |
scanner | 扫描器 | scout2 | Security auditing tool for AWS environments. | 适用于AWS环境的安全审核工具。 |
scanner | 扫描器 | scoutsuite | Multi-Cloud Security Auditing Tool. | 多云安全审计工具。 |
scanner | 扫描器 | scrape-dns | Searches for interesting cached DNS entries. | 搜索有趣的缓存DNS条目。 |
scanner | 扫描器 | sdnpwn | An SDN penetration testing toolkit. | SDN渗透测试工具包。 |
scanner | 扫描器 | seat | Next generation information digging application geared toward the needs of security professionals. It uses information stored in search engine databases, cache repositories, and other public resources to scan web sites for potential vulnerabilities. | 下一代信息挖掘应用程序,面向安全专业人员的需求。它使用存储在搜索引擎数据库,缓存存储库和其他公共资源中的信息来扫描网站以查找潜在的漏洞。 |
scanner | 扫描器 | shareenum | Tool to enumerate shares from Windows hosts. | 用于枚举Windows主机的共享的工具。 |
scanner | 扫描器 | sharesniffer | Network share sniffer and auto-mounter for crawling remote file systems. | 用于爬网远程文件系统的网络共享嗅探器和自动安装程序。 |
scanner | 扫描器 | simple-lan-scan | A simple python script that leverages scapy for discovering live hosts on a network. | 一个简单的python脚本,它利用scapy来发现网络上的实时主机。 |
scanner | 扫描器 | sipshock | A scanner for SIP proxies vulnerable to Shellshock. | 用于SIP代理的扫描程序易受Shellshock攻击。 |
scanner | 扫描器 | smbexec | A rapid psexec style attack with samba tools. | 使用samba工具进行快速的psexec风格攻击。 |
scanner | 扫描器 | smbmap | A handy SMB enumeration tool. | 一个方便的SMB枚举工具。 |
scanner | 扫描器 | smbspider | A lightweight python utility for searching SMB/CIFS/Samba file shares. | 用于搜索SMB / CIFS / Samba文件共享的轻量级python实用程序。 |
scanner | 扫描器 | smod | A modular framework with every kind of diagnostic and offensive feature you could need in order to pentest modbus protocol. | 一个模块化的框架,具有您可能需要的各种诊断和攻击功能,以便测试modbus协议。 |
scanner | 扫描器 | smtp-test | Automated testing of SMTP servers for penetration testing. | 自动测试SMTP服务器以进行渗透测试。 |
scanner | 扫描器 | smtp-vrfy | An SMTP Protocol Hacker. | 一个SMTP协议黑客。 |
scanner | 扫描器 | smtptx | A very simple tool used for sending simple email and do some basic email testing from a pentester perspective. | 一个非常简单的工具,用于发送简单的电子邮件,并从pentester的角度进行一些基本的电子邮件测试。 |
scanner | 扫描器 | snmpenum | An snmp enumerator. | 一个snmp枚举器。 |
scanner | 扫描器 | snmpscan | A free, multi-processes SNMP scanner. | 免费的多进程SNMP扫描程序。 |
scanner | 扫描器 | snoopbrute | Multithreaded DNS recursive host brute-force tool. | 多线程DNS递归主机暴力工具。 |
scanner | 扫描器 | sparta | Python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. | Python GUI应用程序,通过帮助渗透测试人员进行扫描和枚举阶段,简化了网络基础设施渗透测试。 |
scanner | 扫描器 | sqlivulscan | This will give you the SQLi Vulnerable Website Just by Adding the Dork. | 这将通过添加Dork为您提供SQLi易受攻击的网站。 |
scanner | 扫描器 | ssdp-scanner | SSDP amplification scanner written in Python. Makes use of Scapy. | 用Python编写的SSDP放大扫描器。使用Scapy。 |
scanner | 扫描器 | ssh-audit | SSH server auditing (banner, key exchange, encryption, mac, compression, compatbility, etc). | SSH服务器审计(横幅,密钥交换,加密,mac,压缩,兼容性等)。 |
scanner | 扫描器 | ssh-user-enum | SSH User Enumeration Script in Python Using The Timing Attack. | 使用时序攻击的Python中的SSH用户枚举脚本。 |
scanner | 扫描器 | sslcaudit | Utility to perform security audits of SSL/TLS clients. | 用于执行SSL / TLS客户端安全审核的实用程序。 |
scanner | 扫描器 | ssllabs-scan | Command-line client for the SSL Labs APIs | SSL Labs API的命令行客户端 |
scanner | 扫描器 | sslmap | A lightweight TLS/SSL cipher suite scanner. | 轻量级TLS / SSL密码套件扫描程序。 |
scanner | 扫描器 | sslscan | A fast tools to scan SSL services, such as HTTPS to determine the ciphers that are supported | 扫描SSL服务的快速工具,例如HTTPS,以确定支持的密码 |
scanner | 扫描器 | sticky-keys-hunter | Script to test an RDP host for sticky keys and utilman backdoor. | 用于测试RDP主机的粘滞密钥和utilman后门的脚本。 |
scanner | 扫描器 | stig-viewer | XCCDF formatted SRGs and STIGs files viewer for SCAP validation tools. | 用于SCAP验证工具的XCCDF格式化SRG和STIG文件查看器。 |
scanner | 扫描器 | striker | An offensive information and vulnerability scanner. | 令人反感的信息和漏洞扫描程序。 |
scanner | 扫描器 | strutscan | Apache Struts2 vulnerability scanner written in Perl. | 用Perl编写的Apache Struts2漏洞扫描程序。 |
scanner | 扫描器 | subbrute | A DNS meta-query spider that enumerates DNS records and subdomains | DNS元查询蜘蛛,枚举DNS记录和子域 |
scanner | 扫描器 | subover | A Powerful Subdomain Takeover Tool. | 一个强大的子域名接管工具。 |
scanner | 扫描器 | svn-extractor | A simple script to extract all web resources by means of .SVN folder exposed over network. | 一个简单的脚本,通过网络公开的.SVN文件夹提取所有Web资源。 |
scanner | 扫描器 | swarm | A distributed penetration testing tool. | 分布式渗透测试工具。 |
scanner | 扫描器 | synscan | fast asynchronous half-open TCP portscanner | 快速异步半开TCP口扫描程序 |
scanner | 扫描器 | tachyon-scanner | Fast Multi-Threaded Web Discovery Tool. | 快速多线程Web发现工具。 |
scanner | 扫描器 | tactical-exploitation | Modern tactical exploitation toolkit. | 现代战术开发工具包。 |
scanner | 扫描器 | taipan | Web application security scanner. | Web应用安全扫描器。 |
scanner | 扫描器 | topera | An IPv6 security analysis toolkit, with the particularity that their attacks can't be detected by Snort. | 一个IPv6安全分析工具包,具有Snort无法检测到其攻击的特殊性。 |
scanner | 扫描器 | udsim | A graphical simulator that can emulate different modules in a vehicle and respond to UDS request. | 一种图形模拟器,可以模拟车辆中的不同模块并响应UDS请求。 |
scanner | 扫描器 | umap | The USB host security assessment tool. | USB主机安全评估工具。 |
scanner | 扫描器 | unicornscan | A new information gathering and correlation engine. | 一种新的信息收集和关联引擎。 |
scanner | 扫描器 | upnpscan | Scans the LAN or a given address range for UPnP capable devices. | 扫描LAN或给定UPnP设备的给定地址范围。 |
scanner | 扫描器 | uw-loveimap | Multi threaded imap bounce scanner. | 多线程imap反弹扫描仪。 |
scanner | 扫描器 | uw-udpscan | Multi threaded udp scanner. | 多线程udp扫描仪。 |
scanner | 扫描器 | uw-zone | Multi threaded, randomized IP zoner. | 多线程随机IP区域。 |
scanner | 扫描器 | v3n0m | A tool to automate mass SQLi d0rk scans and Metasploit Vulns. | 一种自动化大规模SQLi d0rk扫描和Metasploit Vulns的工具。 |
scanner | 扫描器 | vais | SWF Vulnerability & Information Scanner. | SWF漏洞和信息扫描程序。 |
scanner | 扫描器 | vane | A vulnerability scanner which checks the security of WordPress installations using a black box approach. | 一种漏洞扫描程序,使用黑盒方法检查WordPress安装的安全性。 |
scanner | 扫描器 | vcsmap | A plugin-based tool to scan public version control systems for sensitive information. | 一种基于插件的工具,用于扫描公共版本控制系统以获取敏感信息。 |
scanner | 扫描器 | vhostscan | A virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages. | 虚拟主机扫描程序,可与数据透视工具一起使用,检测全能方案,别名和动态默认页面。 |
scanner | 扫描器 | videosnarf | A new security assessment tool for pcap analysis | 用于pcap分析的新安全评估工具 |
scanner | 扫描器 | visql | Scan SQL vulnerability on target site and sites of on server. | 扫描目标站点和服务器上的站点上的SQL漏洞。 |
scanner | 扫描器 | vscan | HTTPS / Vulnerability scanner. | HTTPS /漏洞扫描程序。 |
scanner | 扫描器 | vulmap | Vulmap Online Local Vulnerability Scanners Project | Vulmap联机本地漏洞扫描程序项目 |
scanner | 扫描器 | vuls | Vulnerability scanner for Linux/FreeBSD, agentless, written in Go. | 用于Linux / FreeBSD的漏洞扫描程序,无代理,用Go编写。 |
scanner | 扫描器 | vulscan | A module which enhances nmap to a vulnerability scanner | 一个增强nmap到漏洞扫描程序的模块 |
scanner | 扫描器 | wafw00f | Identify and fingerprint Web Application Firewall (WAF) products protecting a website. | 识别并指纹保护网站的Web应用程序防火墙(WAF)产品。 |
scanner | 扫描器 | webenum | Tool to enumerate http responses using dynamically generated queries and more. Useful for penetration tests against web servers. | 使用动态生成的查询等枚举http响应的工具。对于Web服务器的渗透测试很有用。 |
scanner | 扫描器 | webhunter | Tool for scanning web applications and networks and easily completing the process of collecting knowledge. | 用于扫描Web应用程序和网络的工具,可轻松完成收集知识的过程。 |
scanner | 扫描器 | webpwn3r | A python based Web Applications Security Scanner. | 基于python的Web应用程序安全扫描程序。 |
scanner | 扫描器 | webrute | Web server directory brute forcer. | Web服务器目录暴力破解。 |
scanner | 扫描器 | whitewidow | SQL Vulnerability Scanner. | SQL漏洞扫描程序。 |
scanner | 扫描器 | wolpertinger | A distributed portscanner. | 分布式端口扫描程序。 |
scanner | 扫描器 | wordpresscan | WPScan rewritten in Python + some WPSeku ideas. | WPScan用Python +改写了一些WPSeku的想法。 |
scanner | 扫描器 | xcname | A tool for enumerating expired domains in CNAME records. | 用于枚举CNAME记录中过期域的工具。 |
scanner | 扫描器 | xpire-crossdomain-scanner | Scans crossdomain.xml policies for expired domain names. | 扫描过期域名的crossdomain.xml策略。 |
scanner | 扫描器 | xsstracer | Python script that checks remote web servers for Clickjacking, Cross-Frame Scripting, Cross-Site Tracing and Host Header Injection. | Python脚本,用于检查远程Web服务器的Clickjacking,跨框架脚本,跨站点跟踪和主机头注入。 |
scanner | 扫描器 | yasat | Yet Another Stupid Audit Tool. | 又一个愚蠢的审计工具。 |
scanner | 扫描器 | zmap | Fast network scanner designed for Internet-wide network surveys | 专为全网络网络调查而设计的快速网络扫描仪 |
sniffer | 嗅探器 | bettercap | Swiss army knife for network attacks and monitoring | 瑞士军刀用于网络攻击和监控 |
sniffer | 嗅探器 | bittwist | A simple yet powerful libpcap-based Ethernet packet generator. It is designed to complement tcpdump, which by itself has done a great job at capturing network traffic. | 一个简单但功能强大的基于libpcap的以太网数据包生成器。它旨在补充tcpdump,它本身在捕获网络流量方面做得很好。 |
sniffer | 嗅探器 | capfuzz | Capture, fuzz and intercept web traffic. | 捕获,模糊和拦截Web流量。 |
sniffer | 嗅探器 | cdpsnarf | Cisco discovery protocol sniffer. | 思科发现协议嗅探器。 |
sniffer | 嗅探器 | creds | Harvest FTP/POP/IMAP/HTTP/IRC credentials along with interesting data from each of the protocols. | 收获FTP / POP / IMAP / HTTP / IRC凭证以及来自每个协议的有趣数据。 |
sniffer | 嗅探器 | darkstat | Network statistics gatherer (packet sniffer) | 网络统计收集器(数据包嗅探器) |
sniffer | 嗅探器 | dsniff | Collection of tools for network auditing and penetration testing | 用于网络审计和渗透测试的工具集合 |
sniffer | 嗅探器 | eigrp-tools | This is a custom EIGRP packet generator and sniffer developed to test the security and overall operation quality of this brilliant Cisco routing protocol. | 这是一个定制的EIGRP数据包生成器和嗅探器,用于测试这种出色的思科路由协议的安全性和整体操作质量。 |
sniffer | 嗅探器 | ettercap | A network sniffer/interceptor/logger for ethernet LANs - console | 以太网LAN的网络嗅探器/拦截器/记录器 - 控制台 |
sniffer | 嗅探器 | firstorder | A traffic analyzer to evade Empire communication from Anomaly-Based IDS. | 一种流量分析器,用于逃避基于Anomaly的IDS的Empire通信。 |
sniffer | 嗅探器 | hexinject | A very versatile packet injector and sniffer that provides a command-line framework for raw network access. | 一种非常通用的数据包注入器和嗅探器,为原始网络访问提供命令行框架。 |
sniffer | 嗅探器 | httpry | A specialized packet sniffer designed for displaying and logging HTTP traffic. | 专门用于显示和记录HTTP流量的数据包嗅探器。 |
sniffer | 嗅探器 | httpsniff | Tool to sniff HTTP responses from TCP/IP based networks and save contained files locally for later review. | 用于从基于TCP / IP的网络嗅探HTTP响应并在本地保存包含的文件以供以后查看的工具。 |
sniffer | 嗅探器 | hubbit-sniffer | Simple application that listens for WIFI-frames and records the mac-address of the sender and posts them to a REST-api. | 简单的应用程序,侦听WIFI帧并记录发件人的mac-address并将其发布到REST-api。 |
sniffer | 嗅探器 | hungry-interceptor | Intercepts data, does something with it, stores it. | 拦截数据,对其进行处理,存储数据。 |
sniffer | 嗅探器 | issniff | Internet Session Sniffer. | 互联网会话嗅探器。 |
sniffer | 嗅探器 | junkie | A modular packet sniffer and analyzer. | 模块化数据包嗅探器和分析器。 |
sniffer | 嗅探器 | katsnoop | Utility that sniffs HTTP Basic Authentication information and prints the base64 decoded form. | 用于嗅探HTTP基本身份验证信息并打印base64解码形式的实用程序。 |
sniffer | 嗅探器 | mfsniffer | A python script for capturing unencrypted TSO login credentials. | 用于捕获未加密的TSO登录凭据的python脚本。 |
sniffer | 嗅探器 | mitmer | A man-in-the-middle and phishing attack tool that steals the victim's credentials of some web services like Facebook. | 一种中间人和网络钓鱼攻击工具,可以窃取受害者对Facebook等某些Web服务的凭据。 |
sniffer | 嗅探器 | mots | Man on the Side Attack - experimental packet injection and detection. | 侧面攻击的人 - 实验包注入和检测。 |
sniffer | 嗅探器 | net-creds | Sniffs sensitive data from interface or pcap. | 从界面或pcap中嗅探敏感数据。 |
sniffer | 嗅探器 | netsniff-ng | High performance Linux network sniffer for packet inspection | 用于数据包检测的高性能Linux网络嗅探器 |
sniffer | 嗅探器 | nsntrace | Perform network trace of a single process by using network namespaces. | 使用网络命名空间执行单个进程的网络跟踪。 |
sniffer | 嗅探器 | ofp-sniffer | An OpenFlow sniffer to help network troubleshooting in production networks. | OpenFlow嗅探器,可帮助生产网络中的网络故障排除。 |
sniffer | 嗅探器 | ostinato | An open-source, cross-platform packet/traffic generator and analyzer with a friendly GUI. It aims to be "Wireshark in Reverse" and thus become complementary to Wireshark. | 一个开源的,跨平台的数据包/流量生成器和分析器,具有友好的GUI。它旨在成为“反向的Wireshark”,从而成为Wireshark的补充。 |
sniffer | 嗅探器 | passivedns | A network sniffer that logs all DNS server replies for use in a passive DNS setup. | 一种网络嗅探器,记录所有DNS服务器回复,以便在被动DNS设置中使用。 |
sniffer | 嗅探器 | pcapteller | A tool designed for traffic manipulation and replay. | 专为交通操纵和重播而设计的工具。 |
sniffer | 嗅探器 | pth-toolkit | Modified version of the passing-the-hash tool collection made to work straight out of the box. | 传递哈希工具集合的修改版本直接开箱即用。 |
sniffer | 嗅探器 | pytacle | Automates the task of sniffing GSM frames | 自动化嗅探GSM帧的任务 |
sniffer | 嗅探器 | sipffer | SIP protocol command line sniffer. | SIP协议命令行嗅探器。 |
sniffer | 嗅探器 | snapception | Intercept and decrypt all snapchats received over your network. | 拦截并解密通过网络收到的所有快照。 |
sniffer | 嗅探器 | sniffglue | Secure multithreaded packet sniffer | 安全的多线程数据包嗅探器 |
sniffer | 嗅探器 | ssl-phuck3r | All in one script for Man-In-The-Middle attacks. | 用于中间人攻击的一体化脚本。 |
sniffer | 嗅探器 | ssldump | an SSLv3/TLS network protocol analyzer | SSLv3 / TLS网络协议分析仪 |
sniffer | 嗅探器 | sslsniff | A tool to MITM all SSL connections on a LAN and dynamically generate certs for the domains that are being accessed on the fly | 一种工具,用于MITM LAN上的所有SSL连接,并动态生成即时访问的域的证书 |
sniffer | 嗅探器 | stenographer | A packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets. | 一种数据包捕获解决方案,旨在快速将所有数据包假脱机到磁盘,然后提供对这些数据包的子集的简单,快速访问。 |
sniffer | 嗅探器 | tcpick | TCP stream sniffer and connection tracker | TCP流嗅探器和连接跟踪器 |
sniffer | 嗅探器 | wifi-monitor | Prints the IPs on your local network that're sending the most packets. | 打印本地网络上发送最多数据包的IP。 |
sniffer | 嗅探器 | wireshark-cli | Network traffic and protocol analyzer/sniffer - CLI tools and data files | 网络流量和协议分析器/嗅探器 - CLI工具和数据文件 |
sniffer | 嗅探器 | wireshark-qt | Network traffic and protocol analyzer/sniffer - Qt GUI | 网络流量和协议分析器/嗅探器 - Qt GUI |
sniffer | 嗅探器 | xcavator | Man-In-The-Middle and phishing attack tool that steals the victim's credentials of some web services like Facebook. | Man-In-The-Middle和网络钓鱼攻击工具窃取受害者的一些Web服务(如Facebook)的凭据。 |
social | 社会 | anontwi | A free software python client designed to navigate anonymously on social networks. It supports Identi.ca and Twitter.com. | 一个免费的软件python客户端,旨在匿名浏览社交网络。它支持Identi.ca和Twitter.com。 |
social | 社会 | blackeye | The most complete Phishing Tool, with 32 templates +1 customizable. | 最完整的网络钓鱼工具,可自定义32个模板+1。 |
social | 社会 | catphish | For phishing and corporate espionage. | 用于网络钓鱼和企业间谍活动。 |
social | 社会 | chameleonmini | Official repository of ChameleonMini, a freely programmable, portable tool for NFC security analysis that can emulate and clone contactless cards, read RFID tags and sniff/log RF data. | ChameleonMini的官方存储库,这是一款可*编程的便携式NFC安全分析工具,可以模拟和克隆非接触式卡,读取RFID标签和嗅探/记录RF数据。 |
social | 社会 | crosslinked | LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping. | LinkedIn枚举工具,通过搜索引擎抓取从组织中提取有效的员工姓名。 |
social | 社会 | evilginx | Man-in-the-middle attack framework used for phishing login credentials | 用于网络钓鱼登录凭据的中间人攻击框架 |
social | 社会 | facebash | Facebook Brute Forcer in shellscript using TOR. | Facebook Brute Forcer在使用TOR的shellscript中。 |
social | 社会 | facebrok | Social Engineering Tool Oriented to facebook. | 面向Facebook的社交工程工具。 |
social | 社会 | fluxion | A security auditing and social-engineering research tool. | 安全审计和社会工程研究工具。 |
social | 社会 | gophish | Open-Source Phishing Framework. | 开源网络钓鱼框架。 |
social | 社会 | hemingway | A simple and easy to use spear phishing helper. | 一个简单易用的鱼叉式网络钓鱼助手。 |
social | 社会 | hiddeneye | Modern phishing tool with advanced functionality. | 具有高级功能的现代网络钓鱼工具。 |
social | 社会 | pepe | Collect information about email addresses from Pastebin. | 从Pastebin收集有关电子邮件地址的信息。 |
social | 社会 | phemail | A python open source phishing email tool that automates the process of sending phishing emails as part of a social engineering test. | 一种python开源网络钓鱼电子邮件工具,可自动执行发送网络钓鱼电子邮件的过程,作为社交工程测试的一部分。 |
social | 社会 | phishingkithunter | Find phishing kits which use your brand/organization's files and image'. | 查找使用您的品牌/组织的文件和图像的网络钓鱼工具包'。 |
social | 社会 | qrljacker | QRLJacker is a highly customizable exploitation framework to demonstrate "QRLJacking Attack Vector". | QRLJacker是一个高度可定制的开发框架,用于演示“QRLJacking攻击向量”。 |
social | 社会 | raven | A Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin. | 一个Linkedin信息收集工具,可供测试人员使用,以使用Linkedin收集有关组织员工的信息。 |
social | 社会 | reelphish | A Real-Time Two-Factor Phishing Tool. | 实时双因素网络钓鱼工具。 |
social | 社会 | sees | Increase the success rate of phishing attacks by sending emails to company users as if they are coming from the very same company's domain. | 通过向公司用户发送电子邮件来提高网络钓鱼攻击的成功率,就像它们来自同一公司的域一样。 |
social | 社会 | set | Social-engineer toolkit. Aimed at penetration testing around Social-Engineering. | 社会工程师工具包。旨在围绕社会工程的渗透测试。 |
social | 社会 | simpleemailspoofer | A simple Python CLI to spoof emails. | 一个简单的Python CLI来欺骗电子邮件。 |
social | 社会 | skiptracer | OSINT python2 webscraping framework. Skipping the needs of API keys. | OSINT python2 webscraping框架。跳过API密钥的需求。 |
social | 社会 | slackpirate | Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace. | Slack Enumeration和Extraction Tool - 从Slack工作区中提取敏感信息。 |
social | 社会 | social-mapper | A social media enumeration and correlation tool. | 社交媒体枚举和关联工具。 |
social | 社会 | social-vuln-scanner | Gathers public information on companies to highlight social engineering risk. | 收集有关公司的公共信息,以突出社会工程风险。 |
social | 社会 | socialfish | Ultimate phishing tool with Ngrok integrated. | Ngrok集成的终极网络钓鱼工具。 |
social | 社会 | spf | A python tool designed to allow for quick recon and deployment of simple social engineering phishing exercises. | 一个python工具,旨在允许快速侦察和部署简单的社会工程网络钓鱼练习。 |
social | 社会 | trape | People tracker on the Internet: OSINT analysis and research tool by Jose Pino. | 互联网上的人物跟踪器:Jose Pino的OSINT分析和研究工具。 |
social | 社会 | tweets-analyzer | Tweets metadata scraper & activity analyzer. | 推文元数据抓取器和活动分析器。 |
social | 社会 | weeman | HTTP Server for phishing in python. | 用于python中的网络钓鱼的HTTP Server。 |
spoof | 欺骗 | admid-pack | ADM DNS spoofing tools - Uses a variety of active and passive methods to spoof DNS packets. Very powerful. | ADM DNS欺骗工具 - 使用各种主动和被动方法来欺骗DNS数据包。很强大。 |
spoof | 欺骗 | aranea | A fast and clean dns spoofing tool. | 一个快速和干净的DNS欺骗工具。 |
spoof | 欺骗 | cisco-snmp-slap | IP address spoofing tool in order to bypass an ACL protecting an SNMP service on Cisco IOS devices. | IP地址欺骗工具,以绕过保护Cisco IOS设备上的SNMP服务的ACL。 |
spoof | 欺骗 | dns-spoof | Yet another DNS spoof utility. | 又一个DNS欺骗实用程序。 |
spoof | 欺骗 | evil-ssdp | Spoof SSDP replies to phish for NetNTLM challenge/response on a network. | 欺骗SSDP回复网络上的NetNTLM挑战/响应的网络钓鱼。 |
spoof | 欺骗 | fakenetbios | A family of tools designed to simulate Windows hosts (NetBIOS) on a LAN. | 一系列旨在模拟LAN上的Windows主机(NetBIOS)的工具。 |
spoof | 欺骗 | inundator | An ids evasion tool, used to anonymously inundate intrusion detection logs with false positives in order to obfuscate a real attack. | 一种ids逃避工具,用于匿名淹没入侵检测日志,并带有误报,以便混淆真正的攻击。 |
spoof | 欺骗 | lans | A Multithreaded asynchronous packet parsing/injecting arp spoofer. | 一个多线程异步数据包解析/注入arp欺骗者。 |
spoof | 欺骗 | lsrtunnel | Spoofs connections using source routed packets. | 使用源路由数据包进行欺骗连接。 |
spoof | 欺骗 | motsa-dns-spoofing | ManOnTheSideAttack-DNS Spoofing. | ManOnTheSideAttack DNS Spoofing。 |
spoof | 欺骗 | multimac | Multiple MACs on an adapter | 适配器上有多个MAC |
spoof | 欺骗 | nbnspoof | NBNSpoof - NetBIOS Name Service Spoofer | NBNSpoof - NetBIOS名称服务欺骗者 |
spoof | 欺骗 | netcommander | An easy-to-use arp spoofing tool. | 易于使用的arp欺骗工具。 |
spoof | 欺骗 | rbndr | Simple DNS Rebinding Service. | 简单的DNS重新绑定服务。 |
spoof | 欺骗 | smikims-arpspoof | Performs an ARP spoofing attack using the Linux kernel's raw sockets. | 使用Linux内核的原始套接字执行ARP欺骗攻击。 |
spoof | 欺骗 | sylkie | IPv6 address spoofing with the Neighbor Discovery Protocol. | 使用邻居发现协议进行IPv6地址欺骗。 |
spoof | 欺骗 | synner | A custom eth->ip->tcp packet generator (spoofer) for testing firewalls and dos attacks. | 用于测试防火墙和dos攻击的自定义eth-> ip-> tcp数据包生成器(欺骗程序)。 |
stego | 隐秘 | matroschka | Python steganography tool to hide images or text in images. | Python隐写术工具,用于隐藏图像中的图像或文本。 |
stego | 隐秘 | openpuff | Yet not another steganography SW. | 然而,不是另一个隐写术SW。 |
stego | 隐秘 | pngcheck | Verifies the integrity of PNG, JNG and MNG files by checking the CRCs and decompressing the image data. | 通过检查CRC并解压缩图像数据来验证PNG,JNG和MNG文件的完整性。 |
stego | 隐秘 | silenteye | A cross-platform application design for an easy use of steganography. | 一种跨平台应用程序设计,可轻松使用隐写术。 |
stego | 隐秘 | stegdetect | An automated tool for detecting steganographic content in images. | 一种用于检测图像中的隐写内容的自动化工具。 |
stego | 隐秘 | stegolego | Simple program for using stegonography to hide data within BMP images. | 使用stegonography隐藏BMP图像中的数据的简单程序。 |
stego | 隐秘 | stegoveritas | Automatic image steganography analysis tool. | 自动图像隐写分析工具。 |
stego | 隐秘 | stegsolve | Steganography Solver. | 隐写术解算器。 |
stego | 隐秘 | stepic | A python image steganography tool. | 蟒蛇图像隐写术工具。 |
tunnel | 隧道 | chisel | A fast TCP tunnel over HTTP. | HTTP上的快速TCP隧道。 |
tunnel | 隧道 | chownat | Allows two peers behind two separate NATs with no port forwarding and no DMZ setup on their routers to directly communicate with each other | 允许两个独立NAT后面的两个对等端没有端口转发,路由器上没有DMZ设置,可以直接相互通信 |
tunnel | 隧道 | corkscrew | A tool for tunneling SSH through HTTP proxies | 用于通过HTTP代理隧道SSH的工具 |
tunnel | 隧道 | ctunnel | Tunnel and/or proxy TCP or UDP connections via a cryptographic tunnel. | 通过加密隧道的隧道和/或代理TCP或UDP连接。 |
tunnel | 隧道 | dns2tcp | A tool for relaying TCP connections over DNS. | 用于通过DNS中继TCP连接的工具。 |
tunnel | 隧道 | fraud-bridge | ICMP and DNS tunneling via IPv4 and IPv6. | 通过IPv4和IPv6实现ICMP和DNS隧道。 |
tunnel | 隧道 | httptunnel | Creates a bidirectional virtual data connection tunnelled in HTTP requests | 创建在HTTP请求中隧道传输的双向虚拟数据连接 |
tunnel | 隧道 | icmptx | IP over ICMP tunnel. | IP over ICMP隧道。 |
tunnel | 隧道 | iodine | Tunnel IPv4 data through a DNS server | 通过DNS服务器隧道传输IPv4数据 |
tunnel | 隧道 | ip-https-tools | Tools for the IP over HTTPS (IP-HTTPS) Tunneling Protocol. | 用于IP over HTTPS(IP-HTTPS)隧道协议的工具。 |
tunnel | 隧道 | matahari | A reverse HTTP shell to execute commands on remote machines behind firewalls. | 反向HTTP shell,用于在防火墙后面的远程计算机上执行命令。 |
tunnel | 隧道 | morxtunel | Network Tunneling using TUN/TAP interfaces over TCP tool. | 通过TCP工具使用TUN / TAP接口的网络隧道。 |
tunnel | 隧道 | multitun | Tunnel arbitrary traffic through an innocuous WebSocket. | 通过无害的WebSocket隧道任意流量。 |
tunnel | 隧道 | ngrok | A tunneling, reverse proxy for developing and understanding networked, HTTP services. | 用于开发和理解网络HTTP服务的隧道,反向代理。 |
tunnel | 隧道 | proxytunnel | a program that connects stdin and stdout to a server somewhere on the network, through a standard HTTPS proxy | 通过标准HTTPS代理将stdin和stdout连接到网络某处的服务器的程序 |
tunnel | 隧道 | ptunnel | A tool for reliably tunneling TCP connections over ICMP echo request and reply packets | 用于通过ICMP回送请求和回复数据包可靠地隧道连接TCP的工具 |
tunnel | 隧道 | sshtunnel | Pure python SSH tunnels (CLI) | 纯python SSH隧道(CLI) |
tunnel | 隧道 | stegosip | TCP tunnel over RTP/SIP. | 通过RTP / SIP的TCP隧道。 |
tunnel | 隧道 | udp2raw-tunnel | An Encrypted, Anti-Replay, Multiplexed UdP Tunnel, tunnels udp traffic through fake-tcp or icmp by using raw socket | 加密,反重播,多路复用UdP隧道,通过使用原始套接字通过fake-tcp或icmp隧道传输udp流量 |
tunnel | 隧道 | vstt | VSTT is a multi-protocol tunneling tool. It accepts input by TCP stream sockets and FIFOs, and can send data via TCP, POP3, and ICMP tunneling. | VSTT是一种多协议隧道工具。它接受TCP流套接字和FIFO的输入,并可以通过TCP,POP3和ICMP隧道发送数据。 |
tunnel | 隧道 | xfltreat | Tunnelling framework. | 隧道框架。 |
voip | VOIP | ace | Automated Corporate Enumerator. A simple yet powerful VoIP Corporate Directory enumeration tool that mimics the behavior of an IP Phone in order to download the name and extension entries that a given phone can display on its screen interface | 自动化公司调查员。一个简单但功能强大的VoIP公司目录枚举工具,模拟IP电话的行为,以便下载给定电话可在其屏幕界面上显示的名称和扩展条目 |
voip | VOIP | bluebox-ng | A GPL VoIP/UC vulnerability scanner. | GPL VoIP / UC漏洞扫描程序。 |
voip | VOIP | erase-registrations | An IAX flooder. | IAX flooder。 |
voip | VOIP | ilty | An interception phone system for VoIP network. | 一种用于VoIP网络的拦截电话系统。 |
voip | VOIP | isip | Interactive sip toolkit for packet manipulations, sniffing, man in the middle attacks, fuzzing, simulating of dos attacks. | 交互式SIP工具包,用于数据包操作,嗅探,中间人攻击,模糊测试,模拟dos攻击。 |
voip | VOIP | isme | Scans a VOIP environment, adapts to enterprise VOIP, and exploits the possibilities of being connected directly to an IP Phone VLAN. | 扫描VOIP环境,适应企业VOIP,并利用直接连接到IP电话VLAN的可能性。 |
voip | VOIP | mrsip | SIP-Based Audit and Attack Tool. | 基于SIP的审计和攻击工具。 |
voip | VOIP | pcapsipdump | A tool for dumping SIP sessions (+RTP traffic, if available) to disk in a fashion similar to 'tcpdump -w' (format is exactly the same), but one file per sip session (even if there is thousands of concurrect SIP sessions). | 用于以类似于'tcpdump -w'的方式将SIP会话(+ RTP流量,如果可用)转储到磁盘的工具(格式完全相同),但每个sip会话一个文件(即使有数千个连续的SIP会话) )。 |
voip | VOIP | protos-sip | SIP test suite. | SIP测试套件。 |
voip | VOIP | redirectpoison | A tool to poison a targeted issuer of SIP INVITE requests with 301 (i.e. Moved Permanently) redirection responses. | 使用301(即,永久移动)重定向响应来中毒SIP INVITE请求的目标发布者的工具。 |
voip | VOIP | rtp-flood | RTP flooder | RTP flooder |
voip | VOIP | siparmyknife | A small command line tool for developers and administrators of Session Initiation Protocol (SIP) applications. | 用于会话初始协议(SIP)应用程序的开发人员和管理员的小型命令行工具。 |
voip | VOIP | sipbrute | A utility to perform dictionary attacks against the VoIP SIP Register hash. | 用于对VoIP SIP注册哈希执行字典攻击的实用程序。 |
voip | VOIP | sipp | A free Open Source test tool / traffic generator for the SIP protocol. | 用于SIP协议的免费开源测试工具/流量生成器。 |
voip | VOIP | sippts | Set of tools to audit SIP based VoIP Systems. | 用于审核基于SIP的VoIP系统的工具集。 |
voip | VOIP | sipsak | A small command line tool for developers and administrators of Session Initiation Protocol (SIP) applications. | 用于会话初始协议(SIP)应用程序的开发人员和管理员的小型命令行工具。 |
voip | VOIP | storm-ring | This simple tool is useful to test a PABX with "allow guest" parameter set to "yes" (in this scenario an anonymous caller could place a call). | 这个简单的工具可用于测试PABX,其中“allow guest”参数设置为“yes”(在这种情况下,匿名调用者可以发出调用)。 |
voip | VOIP | teardown | Command line tool to send a BYE request to tear down a call. | 命令行工具发送BYE请求以拆除呼叫。 |
voip | VOIP | vnak | Aim is to be the one tool a user needs to attack multiple VoIP protocols. | 目标是成为用户攻击多种VoIP协议所需的工具之一。 |
voip | VOIP | voiper | A VoIP security testing toolkit incorporating several VoIP fuzzers and auxilliary tools to assist the auditor. | 一个VoIP安全测试工具包,包含多个VoIP模糊器和辅助工具,以协助审计员。 |
voip | VOIP | voipong | A utility which detects all Voice Over IP calls on a pipeline, and for those which are G711 encoded, dumps actual conversation to seperate wave files. | 检测管道上所有Voice Over IP呼叫的实用程序,以及G711编码的实用程序,将实际会话转储为单独的wave文件。 |
voip | VOIP | vsaudit | VOIP Security Audit Framework. | VOIP安全审计框架。 |
webapp | Web应用程序 | 0d1n | Web security tool to make fuzzing at HTTP inputs, made in C with libCurl. | 用于在HTTP输入进行模糊测试的Web安全工具,使用libCurl在C中创建。 |
webapp | Web应用程序 | abuse-ssl-bypass-waf | Bypassing WAF by abusing SSL/TLS Ciphers. | 通过滥用SSL / TLS密码绕过WAF。 |
webapp | Web应用程序 | adfind | Simple admin panel finder for php,js,cgi,asp and aspx admin panels. | 用于php,js,cgi,asp和aspx管理面板的简单管理面板查找器。 |
webapp | Web应用程序 | adminpagefinder | This python script looks for a large amount of possible administrative interfaces on a given site. | 此python脚本在给定站点上查找大量可能的管理接口。 |
webapp | Web应用程序 | albatar | A SQLi exploitation framework in Python. | Python中的SQLi开发框架。 |
webapp | Web应用程序 | anti-xss | A XSS vulnerability scanner. | XSS漏洞扫描程序。 |
webapp | Web应用程序 | arachni | A feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. | 功能齐全,模块化,高性能的Ruby框架,旨在帮助渗透测试人员和管理员评估Web应用程序的安全性。 |
webapp | Web应用程序 | arjun | HTTP parameter discovery suite. | HTTP参数发现套件。 |
webapp | Web应用程序 | astra | Automated Security Testing For REST API's. | REST API的自动安全测试。 |
webapp | Web应用程序 | bbqsql | SQL injection exploit tool. | SQL注入漏洞利用工具。 |
webapp | Web应用程序 | bbscan | A tiny Batch weB vulnerability Scanner. | 一个很小的批量weB漏洞扫描程序。 |
webapp | Web应用程序 | bing-lfi-rfi | Python script for searching Bing for sites that may have local and remote file inclusion vulnerabilities. | 用于在Bing中搜索可能存在本地和远程文件包含漏洞的站点的Python脚本。 |
webapp | Web应用程序 | blisqy | Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB). | 在HTTP-Headers(MySQL / MariaDB)中利用基于时间的盲SQL注入。 |
webapp | Web应用程序 | brutemap | Penetration testing tool that automates testing accounts to the site's login page. | 渗透测试工具,可自动将帐户测试到站点的登录页面。 |
webapp | Web应用程序 | brutexss | Cross-Site Scripting Bruteforcer. | 跨站点脚本Bruteforcer。 |
webapp | Web应用程序 | bsqlbf | Blind SQL Injection Brute Forcer. | 盲SQL注入蛮力。 |
webapp | Web应用程序 | bsqlinjector | Blind SQL injection exploitation tool written in ruby. | 用ruby编写的盲SQL注入开发工具。 |
webapp | Web应用程序 | c5scan | Vulnerability scanner and information gatherer for the Concrete5 CMS. | Concrete5 CMS的漏洞扫描程序和信息收集程序。 |
webapp | Web应用程序 | cansina | A python-based Web Content Discovery Tool. | 基于python的Web内容发现工具。 |
webapp | Web应用程序 | chankro | Tool that generates a PHP capable of run a custom binary (like a meterpreter) or a bash script (p.e. reverse shell) bypassing disable_functions & open_basedir). | 生成PHP的工具可以运行自定义二进制文件(如计量器)或bash脚本(pe反向shell)绕过disable_functions和open_basedir)。 |
webapp | Web应用程序 | cjexploiter | Drag and Drop ClickJacking exploit development assistance tool. | 拖放ClickJacking利用开发辅助工具。 |
webapp | Web应用程序 | cloudget | Python script to bypass cloudflare from command line. Built upon cfscrape module. | Python脚本从命令行绕过cloudflare。基于cfscrape模块。 |
webapp | Web应用程序 | cms-few | Joomla, Mambo, PHP-Nuke, and XOOPS CMS SQL injection vulnerability scanning tool written in Python. | 用Python编写的Joomla,Mambo,PHP-Nuke和XOOPS CMS SQL注入漏洞扫描工具。 |
webapp | Web应用程序 | cmseek | CMS (Content Management Systems) Detection and Exploitation suite. | CMS(内容管理系统)检测和利用套件。 |
webapp | Web应用程序 | cmsfuzz | Fuzzer for wordpress, cold fusion, drupal, joomla, and phpnuke. | 用于wordpress,冷聚变,drupal,joomla和phpnuke的模糊器。 |
webapp | Web应用程序 | comission | WhiteBox CMS analysis. | WhiteBox CMS分析。 |
webapp | Web应用程序 | commix | Automated All-in-One OS Command Injection and Exploitation Tool. | 自动化一体化操作系统命令注入和利用工具。 |
webapp | Web应用程序 | crawlic | Web recon tool (find temporary files, parse robots.txt, search folders, google dorks and search domains hosted on same server). | Web侦察工具(查找临时文件,解析robots.txt,搜索文件夹,google dorks以及托管在同一服务器上的搜索域)。 |
webapp | Web应用程序 | csrftester | The OWASP CSRFTester Project attempts to give developers the ability to test their applications for CSRF flaws. | OWASP CSRFTester项目试图让开发人员能够测试他们的应用程序是否存在CSRF缺陷。 |
webapp | Web应用程序 | cybercrowl | A Python Web path scanner tool. | Python Web路径扫描程序工具。 |
webapp | Web应用程序 | darkjumper | This tool will try to find every website that host at the same server at your target. | 此工具将尝试查找托管在目标服务器上的每个网站。 |
webapp | Web应用程序 | davscan | Fingerprints servers, finds exploits, scans WebDAV. | 指纹服务器,发现漏洞,扫描WebDAV。 |
webapp | Web应用程序 | dawnscanner | A static analysis security scanner for ruby written web applications. | 用于ruby编写的Web应用程序的静态分析安全扫描程序。 |
webapp | Web应用程序 | dff-scanner | Tool for finding path of predictable resource locations. | 用于查找可预测资源位置路径的工具。 |
webapp | Web应用程序 | dirble | Fast directory scanning and scraping tool. | 快速目录扫描和抓取工具。 |
webapp | Web应用程序 | dirbuster-ng | C CLI implementation of the Java dirbuster tool. | Java Dirbuster工具的C CLI实现。 |
webapp | Web应用程序 | dirhunt | Find web directories without bruteforce. | 查找没有暴力的web目录。 |
webapp | Web应用程序 | dirscraper | OSINT Scanning tool which discovers and maps directories found in javascript files hosted on a website. | OSINT扫描工具,可发现并映射网站上托管的javascript文件中的目录。 |
webapp | Web应用程序 | dirsearch | HTTP(S) directory/file brute forcer. | HTTP(S)目录/文件暴力破解程序。 |
webapp | Web应用程序 | domi-owned | A tool used for compromising IBM/Lotus Domino servers. | 用于危害IBM / Lotus Domino服务器的工具。 |
webapp | Web应用程序 | doork | Passive Vulnerability Auditor. | 被动漏洞审计员。 |
webapp | Web应用程序 | dorknet | Selenium powered Python script to automate searching for vulnerable web apps. | Selenium支持Python脚本,可自动搜索易受攻击的Web应用程序。 |
webapp | Web应用程序 | droopescan | A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe. | 基于插件的扫描程序,可帮助安全研究人员识别多个CMS的问题,主要是Drupal和Silverstripe。 |
webapp | Web应用程序 | drupal-module-enum | Enumerate on drupal modules. | 枚举drupal模块。 |
webapp | Web应用程序 | drupalscan | Simple non-intrusive Drupal scanner. | 简单的非侵入式Drupal扫描仪。 |
webapp | Web应用程序 | drupwn | Drupal enumeration & exploitation tool. | Drupal枚举和开发工具。 |
webapp | Web应用程序 | dsfs | A fully functional File inclusion vulnerability scanner (supporting GET and POST parameters) written in under 100 lines of code. | 一个功能齐全的文件包含漏洞扫描程序(支持GET和POST参数),用100行代码编写。 |
webapp | Web应用程序 | dsjs | A fully functional JavaScript library vulnerability scanner written in under 100 lines of code. | 一个功能齐全的JavaScript库漏洞扫描程序,用100行代码编写。 |
webapp | Web应用程序 | dsss | A fully functional SQL injection vulnerability scanner (supporting GET and POST parameters) written in under 100 lines of code. | 一个功能齐全的SQL注入漏洞扫描程序(支持GET和POST参数),用100行代码编写。 |
webapp | Web应用程序 | dsxs | A fully functional Cross-site scripting vulnerability scanner (supporting GET and POST parameters) written in under 100 lines of code. | 一个功能齐全的跨站点脚本漏洞扫描程序(支持GET和POST参数),用100行代码编写。 |
webapp | Web应用程序 | epicwebhoneypot | Tool which aims to lure attackers using various types of web vulnerability scanners by tricking them into believing that they have found a vulnerability on a host. | 该工具旨在通过欺骗他们相信他们在主机上发现了漏洞来诱使攻击者使用各种类型的Web漏洞扫描程序。 |
webapp | Web应用程序 | eyewitness | Designed to take screenshots of websites, provide some server header info, and identify default credentials if possible. | 旨在获取网站的屏幕截图,提供一些服务器标头信息,并在可能的情况下识别默认凭据。 |
webapp | Web应用程序 | fbht | A Facebook Hacking Tool | Facebook黑客工具 |
webapp | Web应用程序 | ffuf | Fast web fuzzer written in Go. | 用Go写的快速网络模糊器。 |
webapp | Web应用程序 | fhttp | This is a framework for HTTP related attacks. It is written in Perl with a GTK interface, has a proxy for debugging and manipulation, proxy chaining, evasion rules, and more. | 这是HTTP相关攻击的框架。它是用Perl编写的,带有GTK接口,具有调试和操作的代理,代理链,规避规则等。 |
webapp | Web应用程序 | filebuster | An extremely fast and flexible web fuzzer. | 一个非常快速和灵活的网络模糊器。 |
webapp | Web应用程序 | fuxploider | Tool that automates the process of detecting and exploiting file upload forms flaws. | 自动执行检测和利用文件上载过程的工具形成缺陷。 |
webapp | Web应用程序 | ghost-py | Webkit based webclient (relies on PyQT). | 基于Webkit的webclient(依赖于PyQT)。 |
webapp | Web应用程序 | gittools | A repository with 3 tools for pwn'ing websites with .git repositories available'. | 一个包含3个工具的存储库,用于提供具有.git存储库的网站。 |
webapp | Web应用程序 | gobuster | Directory/file & DNS busting tool written in Go. | 用Go编写的目录/文件和DNS破坏工具。 |
webapp | Web应用程序 | golismero | Opensource web security testing framework. | 开源Web安全测试框架。 |
webapp | Web应用程序 | gopherus | Tool generates gopher link for exploiting SSRF and gaining RCE in various servers. | 工具生成gopher链接以利用SSRF并在各种服务器中获得RCE。 |
webapp | Web应用程序 | grabber | A web application scanner. Basically it detects some kind of vulnerabilities in your website. | Web应用程序扫描程序。基本上它会检测到您网站中的某些漏洞。 |
webapp | Web应用程序 | htcap | A web application analysis tool for detecting communications between javascript and the server. | 一种用于检测javascript和服务器之间通信的Web应用程序分析工具。 |
webapp | Web应用程序 | httpforge | A set of shell tools that let you manipulate, send, receive, and analyze HTTP messages. These tools can be used to test, discover, and assert the security of Web servers, apps, and sites. An accompanying Python library is available for extensions. | 一组shell工具,可让您操作,发送,接收和分析HTTP消息。这些工具可用于测试,发现和断言Web服务器,应用程序和站点的安全性。随附的Python库可用于扩展。 |
webapp | Web应用程序 | httppwnly | "Repeater" style XSS post-exploitation tool for mass browser control. | “Repeater”风格的XSS后期开发工具,适用于大众浏览器控制。 |
webapp | Web应用程序 | jaidam | Penetration testing tool that would take as input a list of domain names, scan them, determine if wordpress or joomla platform was used and finally check them automatically, for web vulnerabilities using two well-known open source tools, WPScan and Joomscan. | 渗透测试工具将输入域名列表,扫描它们,确定是否使用了wordpress或joomla平台,并最终自动检查它们,使用两个众所周知的开源工具WPScan和Joomscan进行Web漏洞检测。 |
webapp | Web应用程序 | jast | Just Another Screenshot Tool. | 只是另一个截图工具。 |
webapp | Web应用程序 | jexboss | Jboss verify and Exploitation Tool. | Jboss验证和利用工具。 |
webapp | Web应用程序 | jok3r | Network and Web Pentest Framework. | 网络和Web Pentest框架。 |
webapp | Web应用程序 | jomplug | This php script fingerprints a given Joomla system and then uses Packet Storm's archive to check for bugs related to the installed components. | 这个php脚本指纹给定的Joomla系统,然后使用Packet Storm的存档来检查与已安装组件相关的错误。 |
webapp | Web应用程序 | jooforce | A Joomla password brute force tester. | 一个Joomla密码暴力测试仪。 |
webapp | Web应用程序 | joomlascan | Joomla scanner scans for known vulnerable remote file inclusion paths and files. | Joomla扫描程序扫描已知易受攻击的远程文件包含路径和文件。 |
webapp | Web应用程序 | joomlavs | A black box, Ruby powered, Joomla vulnerability scanner. | 黑匣子,Ruby驱动,Joomla漏洞扫描程序。 |
webapp | Web应用程序 | joomscan | Detects file inclusion, sql injection, command execution vulnerabilities of a target Joomla! web site. | 检测文件包含,sql注入,目标Joomla的命令执行漏洞!网站。 |
webapp | Web应用程序 | jshell | Get a JavaScript shell with XSS. | 使用XSS获取JavaScript shell。 |
webapp | Web应用程序 | jsql-injection | A Java application for automatic SQL database injection. | 用于自动SQL数据库注入的Java应用程序。 |
webapp | Web应用程序 | jstillery | Advanced JavaScript Deobfuscation via Partial Evaluation. | 通过部分评估进行高级JavaScript反模糊处理。 |
webapp | Web应用程序 | kadimus | LFI Scan & Exploit Tool. | LFI扫描和利用工具。 |
webapp | Web应用程序 | kolkata | A web application fingerprinting engine written in Perl that combines cryptography with IDS evasion. | 用Perl编写的Web应用程序指纹识别引擎,它将密码学与IDS规避相结合。 |
webapp | Web应用程序 | konan | Advanced Web Application Dir Scanner. | 高级Web应用程序目录扫描程序。 |
webapp | Web应用程序 | lfi-exploiter | This perl script leverages /proc/self/environ to attempt getting code execution out of a local file inclusion vulnerability.. | 此perl脚本利用/ proc / self / environ尝试从本地文件包含漏洞中获取代码。 |
webapp | Web应用程序 | lfi-fuzzploit | A simple tool to help in the fuzzing for, finding, and exploiting of local file inclusion vulnerabilities in Linux-based PHP applications. | 一个简单的工具,可帮助在基于Linux的PHP应用程序中进行模糊,查找和利用本地文件包含漏洞。 |
webapp | Web应用程序 | lfi-image-helper | A simple script to infect images with PHP Backdoors for local file inclusion attacks. | 使用PHP后门感染图像的简单脚本,用于本地文件包含攻击。 |
webapp | Web应用程序 | lfi-sploiter | This tool helps you exploit LFI (Local File Inclusion) vulnerabilities. Post discovery, simply pass the affected URL and vulnerable parameter to this tool. You can also use this tool to scan a URL for LFI vulnerabilities. | 此工具可帮助您利用LFI(本地文件包含)漏洞。发布后,只需将受影响的URL和易受攻击的参数传递给此工具。您还可以使用此工具扫描URL以查找LFI漏洞。 |
webapp | Web应用程序 | lfifreak | A unique automated LFi Exploiter with Bind/Reverse Shells. | 独特的自动LFi探索器,带有绑定/反向壳。 |
webapp | Web应用程序 | lfimap | This script is used to take the highest beneficts of the local file include vulnerability in a webserver. | 此脚本用于获取Web服务器中本地文件包含漏洞的最高优势。 |
webapp | Web应用程序 | liffy | A Local File Inclusion Exploitation tool. | 本地文件包含漏洞利用工具。 |
webapp | Web应用程序 | lightbulb | Python framework for auditing web applications firewalls. | 用于审核Web应用程序防火墙的Python框架。 |
webapp | Web应用程序 | linkfinder | Discovers endpoint and their parameters in JavaScript files. | 在JavaScript文件中发现端点及其参数。 |
webapp | Web应用程序 | list-urls | Extracts links from webpage. | 从网页中提取链接。 |
webapp | Web应用程序 | magescan | Scan a Magento site for information. | 扫描Magento站点以获取信息。 |
webapp | Web应用程序 | mando.me | Web Command Injection Tool. | Web命令注入工具。 |
webapp | Web应用程序 | metoscan | Tool for scanning the HTTP methods supported by a webserver. It works by testing a URL and checking the responses for the different requests. | 用于扫描Web服务器支持的HTTP方法的工具。它的工作原理是测试URL并检查不同请求的响应。 |
webapp | Web应用程序 | mooscan | A scanner for Moodle LMS. | Moodle LMS的扫描仪。 |
webapp | Web应用程序 | morxtraversal | Path Traversal checking tool. | 路径遍历检查工具。 |
webapp | Web应用程序 | multiinjector | Automatic SQL injection utility using a lsit of URI addresses to test parameter manipulation. | 自动SQL注入实用程序使用lsit的URI地址来测试参数操作。 |
webapp | Web应用程序 | nosqlmap | Automated Mongo database and NoSQL web application exploitation tool | 自动Mongo数据库和NoSQL Web应用程序开发工具 |
webapp | Web应用程序 | novahot | A webshell framework for penetration testers. | 用于穿透测试仪的webshell框架。 |
webapp | Web应用程序 | okadminfinder | Tool to find admin panels / admin login pages. | 查找管理面板/管理员登录页面的工具。 |
webapp | Web应用程序 | opendoor | OWASP WEB Directory Scanner. | OWASP WEB目录扫描程序。 |
webapp | Web应用程序 | owasp-bywaf | A web application penetration testing framework (WAPTF). | Web应用程序渗透测试框架(WAPTF)。 |
webapp | Web应用程序 | owtf | The Offensive (Web) Testing Framework. | 攻击性(网络)测试框架。 |
webapp | Web应用程序 | pappy-proxy | An intercepting proxy for web application testing. | 用于Web应用程序测试的拦截代理。 |
webapp | Web应用程序 | parameth | This tool can be used to brute discover GET and POST parameters. | 此工具可用于发现GET和POST参数。 |
webapp | Web应用程序 | parampampam | This tool for brute discover GET and POST parameters. | 这个用于粗暴发现GET和POST参数的工具。 |
webapp | Web应用程序 | paros | Java-based HTTP/HTTPS proxy for assessing web app vulnerabilities. Supports editing/viewing HTTP messages on-the-fly, spiders, client certificates, proxy-chaining, intelligent scanning for XSS and SQLi, etc. | 基于Java的HTTP / HTTPS代理,用于评估Web应用程序漏洞。支持即时编辑/查看HTTP消息,蜘蛛,客户端证书,代理链,XSS和SQLi的智能扫描等。 |
webapp | Web应用程序 | payloadmask | Web Payload list editor to use techniques to try bypass web application firewall. | Web Payload列表编辑器使用技术尝试绕过Web应用程序防火墙。 |
webapp | Web应用程序 | peepingtom | A tool to take screenshots of websites. Much like eyewitness. | 截取网站截图的工具。很像目击者。 |
webapp | Web应用程序 | photon | Incredibly fast crawler which extracts urls, emails, files, website accounts and much more. | 令人难以置信的快速爬虫,可以提取网址,电子邮件,文件,网站帐户等等。 |
webapp | Web应用程序 | php-findsock-shell | A Findsock Shell implementation in PHP + C. | PHP + C中的Findsock Shell实现 |
webapp | Web应用程序 | phpsploit | Stealth post-exploitation framework. | 隐形后开发框架。 |
webapp | Web应用程序 | plecost | Wordpress finger printer Tool. | Wordpress手指打印机工具。 |
webapp | Web应用程序 | plown | A security scanner for Plone CMS. | Plone CMS的安全扫描程序。 |
webapp | Web应用程序 | pown | Security testing and exploitation toolkit built on top of Node.js and NPM. | 基于Node.js和NPM构建的安全测试和利用工具包。 |
webapp | Web应用程序 | proxenet | THE REAL hacker friendly proxy for web application pentests. | 真正的黑客友好代理网络应用程序测试。 |
webapp | Web应用程序 | pyfiscan | Free web-application vulnerability and version scanner. | 免费的Web应用程序漏洞和版本扫描程序。 |
webapp | Web应用程序 | python2-jsbeautifier | JavaScript unobfuscator and beautifier. | JavaScript unobfuscator和美化。 |
webapp | Web应用程序 | python2-webtech | Identify technologies used on websites. | 识别网站上使用的技术。 |
webapp | Web应用程序 | rapidscan | The Multi-Tool Web Vulnerability Scanner. | 多工具Web漏洞扫描程序。 |
webapp | Web应用程序 | remot3d | An Simple Exploit for PHP Language. | PHP语言的简单漏洞。 |
webapp | Web应用程序 | riwifshell | Web backdoor - infector - explorer. | Web后门 - 传染者 - 探险家。 |
webapp | Web应用程序 | ruler | A tool to abuse Exchange services. | 滥用Exchange服务的工具。 |
webapp | Web应用程序 | rustbuster | DirBuster for Rust. | DirBuster for Rust。 |
webapp | Web应用程序 | rww-attack | The Remote Web Workplace Attack tool will perform a dictionary attack against a live Microsoft Windows Small Business Server's 'Remote Web Workplace' portal. It currently supports both SBS 2003 and SBS 2008 and includes features to avoid account lock out. | 远程Web工作区攻击工具将对实时Microsoft Windows Small Business Server的“远程Web工作区”门户执行字典攻击。它目前支持SBS 2003和SBS 2008,并包含避免帐户锁定的功能。 |
webapp | Web应用程序 | sawef | Send Attack Web Forms. | 发送攻击Web表单。 |
webapp | Web应用程序 | scanqli | SQLi scanner to detect SQL vulns. | SQLi扫描程序检测SQL漏洞。 |
webapp | Web应用程序 | scrapy | A fast high-level scraping and web crawling framework. | 一个快速的高级抓取和网络爬行框架。 |
webapp | Web应用程序 | secscan | Web Apps Scanner and Much more utilities. | Web Apps Scanner和更多实用程序。 |
webapp | Web应用程序 | shortfuzzy | A web fuzzing script written in perl. | 用perl编写的web fuzzing脚本。 |
webapp | Web应用程序 | sitadel | Web Application Security Scanner. | Web应用程序安全扫描程序。 |
webapp | Web应用程序 | sitediff | Fingerprint a web app using local files as the fingerprint sources. | 使用本地文件作为指纹源指纹Web应用程序。 |
webapp | Web应用程序 | skipfish | A fully automated, active web application security reconnaissance tool. | 一种全自动,活跃的Web应用程序安全侦察工具。 |
webapp | Web应用程序 | smplshllctrlr | PHP Command Injection exploitation tool. | PHP命令注入开发工具。 |
webapp | Web应用程序 | snallygaster | Tool to scan for secret files on HTTP servers. | 用于扫描HTTP服务器上的机密文件的工具。 |
webapp | Web应用程序 | snuck | Automatic XSS filter bypass. | 自动XSS过滤器旁路。 |
webapp | Web应用程序 | spaf | Static Php Analysis and Fuzzer. | 静态Php分析和模糊器。 |
webapp | Web应用程序 | sparty | An open source tool written in python to audit web applications using sharepoint and frontpage architecture. | 一个用python编写的开源工具,用于使用sharepoint和frontpage架构审计Web应用程序。 |
webapp | Web应用程序 | spiga | Configurable web resource scanner. | 可配置的Web资源扫描程序。 |
webapp | Web应用程序 | spike-proxy | A Proxy for detecting vulnerabilities in web applications | 用于检测Web应用程序中的漏洞的代理 |
webapp | Web应用程序 | spipscan | SPIP (CMS) scanner for penetration testing purpose written in Python. | SPIP(CMS)扫描程序,用于以Python编写的渗透测试目的。 |
webapp | Web应用程序 | sqid | A SQL injection digger. | 一个SQL注入挖掘机。 |
webapp | Web应用程序 | sqlmap | Automatic SQL injection and database takeover tool | 自动SQL注入和数据库接管工具 |
webapp | Web应用程序 | themole | Automatic SQL injection exploitation tool. | 自动SQL注入开发工具。 |
webapp | Web应用程序 | tplmap | Automatic Server-Side Template Injection Detection and Exploitation Tool. | 自动服务器端模板注入检测和利用工具。 |
webapp | Web应用程序 | typo-enumerator | Enumerate Typo3 version and extensions. | 枚举Typo3版本和扩展。 |
webapp | Web应用程序 | uncaptcha2 | Defeating the latest version of ReCaptcha with 91% accuracy. | 以91%的准确率击败最新版本的ReCaptcha。 |
webapp | Web应用程序 | uppwn | A script that automates detection of security flaws on websites' file upload systems'. | 一个自动检测网站文件上传系统安全漏洞的脚本。 |
webapp | Web应用程序 | urlcrazy | Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. | 生成并测试域名拼写错误和变体,以检测和执行拼写错误,URL劫持,网络钓鱼和企业间谍活动。 |
webapp | Web应用程序 | urldigger | A python tool to extract URL addresses from different HOT sources and/or detect SPAM and malicious code | 一种python工具,用于从不同的HOT源提取URL地址和/或检测垃圾邮件和恶意代码 |
webapp | Web应用程序 | vanguard | A comprehensive web penetration testing tool written in Perl thatidentifies vulnerabilities in web applications. | 用Perl编写的综合Web渗透测试工具可识别Web应用程序中的漏洞。 |
webapp | Web应用程序 | vbscan | A black box vBulletin vulnerability scanner written in perl. | 用perl编写的黑匣子vBulletin漏洞扫描程序。 |
webapp | Web应用程序 | vega | An open source platform to test the security of web applications. | 一个开源平台,用于测试Web应用程序的安全性。 |
webapp | Web应用程序 | vsvbp | Black box tool for Vulnerability detection in web applications. | 用于Web应用程序中漏洞检测的黑盒工具。 |
webapp | Web应用程序 | vulnerabilities-spider | A tool to scan for web vulnerabilities. | 用于扫描Web漏洞的工具。 |
webapp | Web应用程序 | vulnx | Cms and vulnerabilites detector & An intelligent bot auto shell injector. | Cms和漏洞检测器和智能机器人自动壳体注射器。 |
webapp | Web应用程序 | wafninja | A tool which contains two functions to attack Web Application Firewalls. | 一种工具,包含两个攻击Web应用程序防火墙的功能。 |
webapp | Web应用程序 | wafp | An easy to use Web Application Finger Printing tool written in ruby using sqlite3 databases for storing the fingerprints. | 一个易于使用的Web应用程序指纹打印工具,使用sqlite3数据库以ruby编写,用于存储指纹。 |
webapp | Web应用程序 | wafpass | Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF. | 使用所有有效负载的旁路方法分析参数,旨在对像WAF这样的安全解决方案进行基准测试。 |
webapp | Web应用程序 | wascan | Web Application Scanner. | Web应用程序扫描程序。 |
webapp | Web应用程序 | waybackpack | Download the entire Wayback Machine archive for a given URL. | 下载给定URL的整个Wayback Machine存档。 |
webapp | Web应用程序 | web-soul | A plugin based scanner for attacking and data mining web sites written in Perl. | 一种基于插件的扫描程序,用于攻击和数据挖掘用Perl编写的网站。 |
webapp | Web应用程序 | webanalyze | Port of Wappalyzer (uncovers technologies used on websites) in go to automate scanning. | Wappalyzer端口(揭示网站上使用的技术)进行自动扫描。 |
webapp | Web应用程序 | webborer | A directory-enumeration tool written in Go. | 用Go编写的目录枚举工具。 |
webapp | Web应用程序 | webhandler | A handler for PHP system functions & also an alternative 'netcat' handler. | PHP系统函数的处理程序以及另一个'netcat'处理程序。 |
webapp | Web应用程序 | webslayer | A tool designed for brute forcing Web Applications. | 专为强制Web应用程序而设计的工具。 |
webapp | Web应用程序 | webtech | Identify technologies used on websites. | 识别网站上使用的技术。 |
webapp | Web应用程序 | webxploiter | An OWASP Top 10 Security scanner. | OWASP十大安全扫描程序。 |
webapp | Web应用程序 | weevely | Weaponized web shell. | 武器化网壳。 |
webapp | Web应用程序 | whatsmyname | Tool to perform user and username enumeration on various websites. | 在各种网站上执行用户和用户名枚举的工具。 |
webapp | Web应用程序 | whichcdn | Tool to detect if a given website is protected by a Content Delivery Network. | 用于检测给定网站是否受内容分发网络保护的工具。 |
webapp | Web应用程序 | wig | WebApp Information Gatherer. | WebApp信息收集器。 |
webapp | Web应用程序 | witchxtool | A perl script that consists of a port scanner, LFI scanner, MD5 bruteforcer, dork SQL injection scanner, fresh proxy scanner, and a dork LFI scanner. | 一个perl脚本,包括端口扫描程序,LFI扫描程序,MD5 bruteforcer,dork SQL注入扫描程序,新代理扫描程序和dork LFI扫描程序。 |
webapp | Web应用程序 | wordpress-exploit-framework | A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems. | 用于开发和使用模块的Ruby框架,有助于对WordPress驱动的网站和系统进行渗透测试。 |
webapp | Web应用程序 | wpforce | Wordpress Attack Suite. | Wordpress攻击套件。 |
webapp | Web应用程序 | wpintel | Chrome extension designed for WordPress Vulnerability Scanning and information gathering. | Chrome扩展程序专为WordPress漏洞扫描和信息收集而设计。 |
webapp | Web应用程序 | wpscan | Black box WordPress vulnerability scanner | 黑匣子WordPress漏洞扫描程序 |
webapp | Web应用程序 | wpseku | Simple Wordpress Security Scanner. | 简单的Wordpress安全扫描仪。 |
webapp | Web应用程序 | ws-attacker | A modular framework for web services penetration testing. | 用于Web服务渗透测试的模块化框架。 |
webapp | Web应用程序 | wssip | Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa. | 应用程序从客户端到服务器捕获,修改和发送自定义WebSocket数据,反之亦然。 |
webapp | Web应用程序 | wuzz | Interactive cli tool for HTTP inspection. | 用于HTTP检查的交互式cli工具。 |
webapp | Web应用程序 | xattacker | Website Vulnerability Scanner & Auto Exploiter. | 网站漏洞扫描程序和自动漏洞利用程序。 |
webapp | Web应用程序 | xsrfprobe | The Prime Cross Site Request Forgery Audit and Exploitation Toolkit. | Prime Cross Site请求伪造审计和利用工具包。 |
webapp | Web应用程序 | xsscon | Simple XSS Scanner tool. | 简单的XSS扫描仪工具。 |
webapp | Web应用程序 | xsscrapy | XSS spider - 66/66 wavsep XSS detected. | XSS spider - 检测到66/66 wavsep XSS。 |
webapp | Web应用程序 | xsser | A penetration testing tool for detecting and exploiting XSS vulnerabilites. | 用于检测和利用XSS漏洞的渗透测试工具。 |
webapp | Web应用程序 | xssless | An automated XSS payload generator written in python. | 用python编写的自动XSS有效负载生成器。 |
webapp | Web应用程序 | xsspy | Web Application XSS Scanner. | Web应用程序XSS扫描程序。 |
webapp | Web应用程序 | xsss | A brute force cross site scripting scanner. | 蛮力跨站点脚本扫描程序。 |
webapp | Web应用程序 | xssscan | Command line tool for detection of XSS attacks in URLs. Based on ModSecurity rules from OWASP CRS. | 用于检测URL中的XSS攻击的命令行工具。基于OWASP CRS的ModSecurity规则。 |
webapp | Web应用程序 | xsssniper | An automatic XSS discovery tool | 自动XSS发现工具 |
webapp | Web应用程序 | xsstrike | An advanced XSS detection and exploitation suite. | 先进的XSS检测和开发套件。 |
webapp | Web应用程序 | xssya | A Cross Site Scripting Scanner & Vulnerability Confirmation. | 跨站点脚本扫描程序和漏洞确认。 |
webapp | Web应用程序 | xwaf | Automatic WAF bypass tool. | 自动WAF旁路工具。 |
webapp | Web应用程序 | yaaf | Yet Another Admin Finder. | 另一个管理员查找器。 |
webapp | Web应用程序 | yasuo | A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network. | 一个ruby脚本,用于扫描网络上易受攻击且可利用的第三方Web应用程序。 |
webapp | Web应用程序 | yawast | The YAWAST Antecedent Web Application Security Toolkit. | YAWAST Antecedent Web应用程序安全工具包。 |
webapp | Web应用程序 | ycrawler | A web crawler that is useful for grabbing all user supplied input related to a given website and will save the output. It has proxy and log file support. | 一种网络爬虫,可用于获取与给定网站相关的所有用户提供的输入,并将保存输出。它具有代理和日志文件支持。 |
webapp | Web应用程序 | ysoserial | A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. | 用于生成利用不安全Java对象反序列化的有效负载的概念验证工具。 |
webapp | Web应用程序 | zaproxy | Integrated penetration testing tool for finding vulnerabilities in web applications | 集成的渗透测试工具,用于查找Web应用程序中的漏洞 |
windows | 视窗 | 3proxy-win32 | Tiny free proxy server. | 微小的免费代理服务器。 |
windows | 视窗 | agafi | A gadget finder and a ROP-Chainer tool for x86 platforms. | 适用于x86平台的小工具查找程序和ROP-Chainer工具。 |
windows | 视窗 | analyzepesig | Analyze digital signature of PE file. | 分析PE文件的数字签名。 |
windows | 视窗 | antiransom | A tool capable of detect and stop attacks of Ransomware using honeypots. | 一种能够使用蜜罐检测和阻止勒索软件攻击的工具。 |
windows | 视窗 | atstaketools | This is an archive of various @Stake tools that help perform vulnerability scanning and analysis, information gathering, password auditing, and forensics. | 这是各种@Stake工具的存档,可帮助执行漏洞扫描和分析,信息收集,密码审核和取证。 |
windows | 视窗 | backorifice | A remote administration system which allows a user to control a computer across a tcpip connection using a simple console or GUI application. | 一种远程管理系统,允许用户使用简单的控制台或GUI应用程序跨tcpip连接控制计算机。 |
windows | 视窗 | browselist | Retrieves the browse list ; the output list contains computer names, and the roles they play in the network. | 检索浏览列表; 输出列表包含计算机名称以及它们在网络中扮演的角色。 |
windows | 视窗 | brute12 | A tool designed for auditing the cryptography container security in PKCS12 format. | 用于审核PKCS12格式的加密容器安全性的工具。 |
windows | 视窗 | brutus | One of the fastest, most flexible remote password crackers you can get your hands on. | 您可以亲身体验最快,最灵活的远程密码破解程序之一。 |
windows | 视窗 | cachedump | A tool that demonstrates how to recover cache entry information: username and hashed password (called MSCASH). | 演示如何恢复缓存条目信息的工具:用户名和散列密码(称为MSCASH)。 |
windows | 视窗 | chrome-decode | Chrome web browser decoder tool that demonstrates recovering passwords. | Chrome网络浏览器解码器工具,用于演示恢复密码。 |
windows | 视窗 | chromensics | A Google chrome forensics tool. | Google Chrome取证工具。 |
windows | 视窗 | dark-dork-searcher | Dark-Dork Searcher. | Dark-Dork Searcher。 |
windows | 视窗 | de4dot | .NET deobfuscator and unpacker. | .NET反混淆器和解包器。 |
windows | 视窗 | directorytraversalscan | Detect directory traversal vulnerabilities in HTTP servers and web applications. | 检测HTTP服务器和Web应用程序中的目录遍历漏洞。 |
windows | 视窗 | dnspy | .NET debugger and assembly editor. | .NET调试器和程序集编辑器。 |
windows | 视窗 | dotpeek | Free .NET Decompiler and Assembly Browser. | 免费的.NET反编译器和汇编浏览器。 |
windows | 视窗 | dumpacl | Dumps NTs ACLs and audit settings. | 转储NTs ACL和审核设置。 |
windows | 视窗 | dumpusers | Dumps account names and information even though RestrictAnonymous has been set to 1. | 即使RestrictAnonymous已设置为1,也会转储帐户名称和信息。 |
windows | 视窗 | eraser | Windows tool which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. | Windows工具,允许您通过精心选择的模式多次覆盖硬盘驱动器中的敏感数据。 |
windows | 视窗 | etherchange | Can change the Ethernet address of the network adapters in Windows. | 可以在Windows中更改网络适配器的以太网地址。 |
windows | 视窗 | etherflood | Floods a switched network with Ethernet frames with random hardware addresses. | 使用随机硬件地址对具有以太网帧的交换网络进行泛洪。 |
windows | 视窗 | filefuzz | A binary file fuzzer for Windows with several options. | Windows的二进制文件模糊器,有多个选项。 |
windows | 视窗 | fport | Identify unknown open ports and their associated applications. | 识别未知的开放端口及其相关应用程序。 |
windows | 视窗 | fuzztalk | An XML driven fuzz testing framework that emphasizes easy extensibility and reusability. | 一种XML驱动的模糊测试框架,强调易于扩展性和可重用性。 |
windows | 视窗 | gplist | Lists information about the applied Group Policies. | 列出有关应用的组策略的信息。 |
windows | 视窗 | grabitall | Performs traffic redirection by sending spoofed ARP replies. | 通过发送欺骗性ARP回复执行流量重定向。 |
windows | 视窗 | gsd | Gives you the Discretionary Access Control List of any Windows NT service you specify as a command line option. | 为您指定的任何Windows NT服务的*访问控制列表提供命令行选项。 |
windows | 视窗 | gtalk-decode | Google Talk decoder tool that demonstrates recovering passwords from accounts. | Google Talk解码器工具,用于演示从帐户恢复密码。 |
windows | 视窗 | handle | An small application designed to analyze your system searching for global objects related to running proccess and display information for every found object, like tokens, semaphores, ports, files,.. | 一个小应用程序,旨在分析您的系统搜索与运行proccess相关的全局对象,并显示每个找到的对象的信息,如标记,信号量,端口,文件,.. |
windows | 视窗 | hollows-hunter | Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches). | 扫描所有正在运行的进程。识别并转储各种潜在的恶意植入物(替换/注入的PE,shellcode,钩子,内存中的补丁)。 |
windows | 视窗 | hookanalyser | A hook tool which can be potentially helpful in reversing applications and analyzing malware. It can hook to an API in a process and search for a pattern in memory or dump the buffer. | 一种钩子工具,可能有助于逆转应用程序和分析恶意软件。它可以挂钩进程中的API并在内存中搜索模式或转储缓冲区。 |
windows | 视窗 | httpbog | A slow HTTP denial-of-service tool that works similarly to other attacks, but rather than leveraging request headers or POST data Bog consumes sockets by slowly reading responses. | 一种缓慢的HTTP拒绝服务工具,与其他攻击类似,但不是利用请求头或POST数据,而是通过慢慢读取响应来消耗套接字。 |
windows | 视窗 | httprecon | Tool for web server fingerprinting, also known as http fingerprinting. | 用于Web服务器指纹识别的工具,也称为http指纹识别。 |
windows | 视窗 | httprint-win32 | A web server fingerprinting tool (Windows binaries). | Web服务器指纹识别工具(Windows二进制文件)。 |
windows | 视窗 | hyperion-crypter | A runtime encrypter for 32-bit portable executables. | 用于32位可移植可执行文件的运行时加密程序。 |
windows | 视窗 | ikeprobe | Determine vulnerabilities in the PSK implementation of the VPN server. | 确定VPN服务器的PSK实现中的漏洞。 |
windows | 视窗 | intercepter-ng | A next generation sniffer including a lot of features: capturing passwords/hashes, sniffing chat messages, performing man-in-the-middle attacks, etc. | 下一代嗅探器,包括许多功能:捕获密码/哈希,嗅探聊天消息,执行中间人攻击等。 |
windows | 视窗 | inzider | This is a tool that lists processes in your Windows system and the ports each one listen on. | 这是一个列出Windows系统中的进程和每个侦听端口的工具。 |
windows | 视窗 | juicy-potato | A sugared version of RottenPotatoNG, with a bit of juice. | RottenPotatoNG的加糖版本,有点果汁。 |
windows | 视窗 | justdecompile | The decompilation engine of JustDecompile. | JustDecompile的反编译引擎。 |
windows | 视窗 | kekeo | A little toolbox to play with Microsoft Kerberos in C. | 一个可以在C中使用Microsoft Kerberos的小工具箱 |
windows | 视窗 | kerbcrack | Kerberos sniffer and cracker for Windows. | 用于Windows的Kerberos嗅探器和饼干。 |
windows | 视窗 | klogger | A keystroke logger for the NT-series of Windows. | NT系列Windows的击键记录器。 |
windows | 视窗 | lolbas | Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts). | 靠土地二进制和脚本生活 - (LOLBins和LOLScripts)。 |
windows | 视窗 | malwareanalyser | A freeware tool to perform static and dynamic analysis on malware. | 一种免费软件工具,可对恶意软件执行静态和动态分析。 |
windows | 视窗 | mbenum | Queries the master browser for whatever information it has registered. | 查询主浏览器以获取其已注册的任何信息。 |
windows | 视窗 | memimager | Performs a memory dump using NtSystemDebugControl. | 使用NtSystemDebugControl执行内存转储。 |
windows | 视窗 | mimikatz | A little tool to play with Windows security. | 一个与Windows安全性一起使用的小工具。 |
windows | 视窗 | mingsweeper | A network reconnaissance tool designed to facilitate large address space,high speed node discovery and identification. | 一种网络侦察工具,旨在促进大地址空间,高速节点发现和识别。 |
windows | 视窗 | msvpwn | Bypass Windows' authentication via binary patching. | 通过二进制修补绕过Windows身份验证。 |
windows | 视窗 | nbname | Decodes and displays all NetBIOS name packets it receives on UDP port 137 and more! | 解码并显示它在UDP端口137上接收的所有NetBIOS名称数据包等等! |
windows | 视窗 | nbtenum | A utility for Windows that can be used to enumerate NetBIOS information from one host or a range of hosts. | Windows实用程序,可用于枚举来自一个主机或一系列主机的NetBIOS信息。 |
windows | 视窗 | netbus | NetBus remote adminsitration tool | NetBus远程管理工具 |
windows | 视窗 | netripper | Smart traffic sniffing for penetration testers. | 智能交通嗅探渗透测试人员。 |
windows | 视窗 | netstumbler | Well-known wireless AP scanner and sniffer. | 着名的无线AP扫描仪和嗅探器。 |
windows | 视窗 | nirsoft | Unique collection of small and useful freeware utilities. | 独特的小型和有用的免费软件实用程序集合。 |
windows | 视窗 | nishang | Using PowerShell for Penetration Testing. | 使用PowerShell进行渗透测试。 |
windows | 视窗 | ntds-decode | This application dumps LM and NTLM hashes from active accounts stored in an Active Directory database. | 此应用程序从存储在Active Directory数据库中的活动帐户转储LM和NTLM哈希。 |
windows | 视窗 | orakelcrackert | This tool can crack passwords which are encrypted using Oracle's latest SHA1 based password protection algorithm. | 此工具可以破解使用Oracle最新的基于SHA1的密码保护算法加密的密码。 |
windows | 视窗 | pafish | A demonstration tool that employs several techniques to detect sandboxes and analysis environments in the same way as malware families do. | 一种演示工具,采用多种技术以与恶意软件系列相同的方式检测沙箱和分析环境。 |
windows | 视窗 | pe-sieve | Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches). | 扫描给定的过程。识别并转储各种潜在的恶意植入物(替换/注入的PE,shellcode,钩子,内存中的补丁)。 |
windows | 视窗 | periscope | A PE file inspection tool. | PE文件检查工具。 |
windows | 视窗 | petools | Portable executable (PE) manipulation toolkit. | 便携式可执行(PE)操作工具包。 |
windows | 视窗 | pextractor | A forensics tool that can extract all files from an executable file created by a joiner or similar. | 一种取证工具,可以从由连接器或类似工具创建的可执行文件中提取所有文件。 |
windows | 视窗 | php-vulnerability-hunter | An whitebox fuzz testing tool capable of detected several classes of vulnerabilities in PHP web applications. | 一个whitebox模糊测试工具,能够检测PHP Web应用程序中的几类漏洞。 |
windows | 视窗 | pingcastle | Active Directory scanning tool. | Active Directory扫描工具。 |
windows | 视窗 | pmap | Passively discover, scan, and fingerprint link-local peers by the background noise they generate (i.e. their broadcast and multicast traffic). | 通过它们生成的背景噪声(即它们的广播和多播流量)被动地发现,扫描和指纹链路本地对等体。 |
windows | 视窗 | pmdump | A tool that lets you dump the memory contents of a process to a file without stopping the process. | 一种工具,允许您将进程的内存内容转储到文件而不会停止进程。 |
windows | 视窗 | powercloud | Deliver powershell payloads via DNS TXT via CloudFlare using PowerShell. | 使用PowerShell通过CloudFlare通过DNS TXT提供powershell有效负载。 |
windows | 视窗 | powerlessshell | Run PowerShell command without invoking powershell.exe. | 在不调用powershell.exe的情况下运行PowerShell命令。 |
windows | 视窗 | powerops | PowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell "easier". | PowerShell Runspace便携式后期利用工具旨在使PowerShell的“渗透测试更容易”。 |
windows | 视窗 | ppee | A Professional PE file Explorer for reversers, malware researchers and those who want to statically inspect PE files in more details. | 用于反向器的专业PE文件浏览器,恶意软件研究人员以及希望更详细地静态检查PE文件的人员。 |
windows | 视窗 | promiscdetect | Checks if your network adapter(s) is running in promiscuous mode, which may be a sign that you have a sniffer running on your computer. | 检查您的网络适配器是否以混杂模式运行,这可能表示您的计算机上正在运行嗅探器。 |
windows | 视窗 | pstoreview | Lists the contents of the Protected Storage. | 列出受保护存储的内容。 |
windows | 视窗 | pwdump | Extracts the binary SAM and SYSTEM file from the filesystem and then the hashes. | 从文件系统中提取二进制SAM和SYSTEM文件,然后从哈希中提取。 |
windows | 视窗 | python-minidump | Python library to parse and read Microsoft minidump file format. | Python库解析和读取Microsoft minidump文件格式。 |
windows | 视窗 | python-minikerberos | Kerberos manipulation library in pure Python. | 纯Python中的Kerberos操作库。 |
windows | 视窗 | python2-minidump | Python library to parse and read Microsoft minidump file format. | Python库解析和读取Microsoft minidump文件格式。 |
windows | 视窗 | python2-minikerberos | Kerberos manipulation library in pure Python. | 纯Python中的Kerberos操作库。 |
windows | 视窗 | radiography | A forensic tool which grabs as much information as possible from a Windows system. | 一种取证工具,可从Windows系统中获取尽可能多的信息。 |
windows | 视窗 | rasenum | A small program which lists the information for all of the entries in any phonebook file (.pbk). | 一个小程序,列出任何电话簿文件(.pbk)中所有条目的信息。 |
windows | 视窗 | regreport | Windows registry forensic analysis tool. | Windows注册表取证分析工具。 |
windows | 视窗 | regview | Open raw Windows NT 5 Registry files (Windows 2000 or higher). | 打开原始Windows NT 5注册表文件(Windows 2000或更高版本)。 |
windows | 视窗 | resourcehacker | Resource compiler and decompiler for Windows® applications. | Windows®应用程序的资源编译器和反编译器。 |
windows | 视窗 | rpak | A collection of tools that can be useful for doing attacks on routing protocols. | 一组工具,可用于对路由协议进行攻击。 |
windows | 视窗 | rpcsniffer | Sniffs WINDOWS RPC messages in a given RPC server process. | 在给定的RPC服务器进程中嗅探WINDOWS RPC消息。 |
windows | 视窗 | rpctools | Contains three separate tools for obtaining information from a system that is running RPC services | 包含三个单独的工具,用于从运行RPC服务的系统获取信息 |
windows | 视窗 | setowner | Allows you to set file ownership to any account, as long as you have the "Restore files and directories" user right. | 允许您将文件所有权设置为任何帐户,只要您具有“还原文件和目录”用户权限即可。 |
windows | 视窗 | shed | .NET runtime inspector. | .NET运行时检查器。 |
windows | 视窗 | sigspotter | A tool that search in your HD to find wich publishers has been signed binaries in your PC. | 在您的高清搜索中找到有关发布者的工具已经在您的PC中签署了二进制文件。 |
windows | 视窗 | sipscan | A sip scanner. | 一个sip扫描仪。 |
windows | 视窗 | skype-dump | This is a tool that demonstrates dumping MD5 password hashes from the configuration file in Skype. | 这是一个演示从Skype配置文件中转储MD5密码哈希值的工具。 |
windows | 视窗 | smbrelay | SMB / HTTP to SMB replay attack toolkit. | SMB / HTTP到SMB重放攻击工具包。 |
windows | 视窗 | snitch | Turn back the asterisks in password fields to plaintext passwords. | 将密码字段中的星号转回明文密码。 |
windows | 视窗 | snowman | A native code to C/C++ decompiler, see the examples of generated code. | C / C ++反编译器的本机代码,请参阅生成代码的示例。 |
windows | 视窗 | snscan | A Windows based SNMP detection utility that can quickly and accurately identify SNMP enabled devices on a network. | 基于Windows的SNMP检测实用程序,可以快速准确地识别网络上启用SNMP的设备。 |
windows | 视窗 | spade | A general-purpose Internet utility package, with some extra features to help in tracing the source of spam and other forms of Internet harassment. | 通用Internet实用程序包,具有一些额外功能,可帮助跟踪垃圾邮件源和其他形式的Internet骚扰。 |
windows | 视窗 | sqldict | A dictionary attack tool for SQL Server. | SQL Server的字典攻击工具。 |
windows | 视窗 | sqlping | SQL Server scanning tool that also checks for weak passwords using wordlists. | SQL Server扫描工具,还使用单词列表检查弱密码。 |
windows | 视窗 | sqlpowerinjector | Application created in .Net 1.1 that helps the penetration tester to find and exploit SQL injections on a web page. | 在.Net 1.1中创建的应用程序,可帮助渗透测试人员在网页上查找和利用SQL注入。 |
windows | 视窗 | streamfinder | Searches for Alternate Data Streams (ADS). | 搜索备用数据流(ADS)。 |
windows | 视窗 | sub7 | A remote administration tool. No further comments ;-) | 远程管理工具。没有进一步的评论;-) |
windows | 视窗 | superscan | Powerful TCP port scanner, pinger, resolver. | 强大的TCP端口扫描器,pinger,旋转变压器。 |
windows | 视窗 | sysinternals-suite | Sysinternals tools suite. | Sysinternals工具套件。 |
windows | 视窗 | uacme | Defeating Windows User Account Control. | 击败Windows用户帐户控制。 |
windows | 视窗 | unsecure | Bruteforces network login masks. | Bruteforces网络登录掩码。 |
windows | 视窗 | upnp-pentest-toolkit | UPnP Pentest Toolkit for Windows. | 适用于Windows的UPnP Pentest Toolkit。 |
windows | 视窗 | wce | A security tool to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes, plaintext passwords and Kerberos tickets). | 一种安全工具,用于列出登录会话以及添加,更改,列出和删除相关凭据(例如:LM / NT哈希,明文密码和Kerberos票证)。 |
windows | 视窗 | wifichannelmonitor | A utility for Windows that captures wifi traffic on the channel you choose, using Microsoft Network Monitor capture driver. | Windows实用程序,使用Microsoft网络监视器捕获驱动程序捕获您选择的通道上的wifi流量。 |
windows | 视窗 | windivert | A user-mode packet capture-and-divert package for Windows. | 用于Windows的用户模式数据包捕获和转移程序包。 |
windows | 视窗 | windows-privesc-check | Standalone Executable to Check for Simple Privilege Escalation Vectors on Windows Systems. | 独立可执行文件,用于检查Windows系统上的简单权限提升向量。 |
windows | 视窗 | windowsspyblocker | Block spying and tracking on Windows. | 阻止Windows上的间谍和跟踪。 |
windows | 视窗 | winfo | Uses null sessions to remotely try to retrieve lists of and information about user accounts, workstation/interdomain/server trust accounts, shares (also hidden), sessions, logged in users, and password/lockout policy, from Windows NT/2000/XP. | 使用空会话远程尝试从Windows NT / 2000 / XP检索用户帐户,工作站/域间/服务器信任帐户,共享(也隐藏),会话,登录用户和密码/锁定策略的列表和信息。 |
windows | 视窗 | winhex | Hex Editor and Disk Editor. | Hex Editor和Disk Editor。 |
windows | 视窗 | winrelay | A TCP/UDP forwarder/redirector that works with both IPv4 and IPv6. | 适用于IPv4和IPv6的TCP / UDP转发器/重定向器。 |
windows | 视窗 | wpsweep | A simple ping sweeper, that is, it pings a range of IP addresses and lists the ones that reply. | 一个简单的ping扫描程序,即它ping一系列IP地址并列出回复的地址。 |
windows | 视窗 | wups | An UDP port scanner for Windows. | 适用于Windows的UDP端口扫描程序。 |
windows | 视窗 | x-scan | A general network vulnerabilities scanner for scanning network vulnerabilities for specific IP address scope or stand-alone computer by multi-threading method, plug-ins are supportable. | 一般的网络漏洞扫描程序,用于通过多线程方法扫描特定IP地址范围或独立计算机的网络漏洞,插件是可支持的。 |
windows | 视窗 | x64dbg | An open-source x64/x32 debugger for windows. | 一个用于Windows的开源x64 / x32调试器。 |
wireless | 无线 | aircrack-ng | Key cracker for the 802.11 WEP and WPA-PSK protocols | 802.11 WEP和WPA-PSK协议的关键破解者 |
wireless | 无线 | airflood | A modification of aireplay that allows for a DoS of the AP. This program fills the table of clients of the AP with random MACs doing impossible new connections. [Tool in Spanish] | 允许AP的DoS的aireplay的修改。该程序用随机MAC填充AP的客户端表,从而进行不可能的新连接。[西班牙语工具] |
wireless | 无线 | airgeddon | Multi-use bash script for Linux systems to audit wireless networks. | 用于Linux系统的多用途bash脚本,用于审核无线网络。 |
wireless | 无线 | airoscript | A script to simplify the use of aircrack-ng tools. | 一个简化aircrack-ng工具使用的脚本。 |
wireless | 无线 | airpwn | A tool for generic packet injection on an 802.11 network. | 用于在802.11网络上进行通用数据包注入的工具。 |
wireless | 无线 | aphopper | A program that automatically hops between access points of different wireless networks. | 在不同无线网络的接入点之间自动跳跃的程序。 |
wireless | 无线 | apnbf | A small python script designed for enumerating valid APNs (Access Point Name) on a GTP-C speaking device. | 一个小的python脚本,用于枚举GTP-C语音设备上的有效APN(接入点名称)。 |
wireless | 无线 | atear | Wireless Hacking, WiFi Security, Vulnerability Analyzer, Pentestration. | 无线黑客,WiFi安全,漏洞分析器,Pentestration。 |
wireless | 无线 | batctl | B.A.T.M.A.N. advanced control and management tool | BATMAN先进的控制和管理工具 |
wireless | 无线 | batman-adv | Batman kernel module, (included upstream since .38) | 蝙蝠侠内核模块,(包括上游自.38) |
wireless | 无线 | batman-alfred | Almighty Lightweight Fact Remote Exchange Daemon | 全能轻量级事实远程交换守护进程 |
wireless | 无线 | beholder | A wireless intrusion detection tool that looks for anomalies in a wifi environment. | 一种无线入侵检测工具,可在wifi环境中查找异常情况。 |
wireless | 无线 | boopsuite | A Suite of Tools written in Python for wireless auditing and security testing. | 用Python编写的一套工具,用于无线审计和安全测试。 |
wireless | 无线 | bully | Retrieve WPA/WPA2 passphrase from a WPS enabled access point | 从启用WPS的访问点检索WPA / WPA2密码 |
wireless | 无线 | cowpatty | Wireless WPA/WPA2 PSK handshake cracking utility | 无线WPA / WPA2 PSK握手破解实用程序 |
wireless | 无线 | create_ap | A shell script to create a NATed/Bridged Software Access Point | 用于创建NATed /桥接软件访问点的shell脚本 |
wireless | 无线 | eapeak | Analysis Suite For EAP Enabled Wireless Networks. | 适用于EAP的无线网络分析套件。 |
wireless | 无线 | eaphammer | Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks. | 针对WPA2-Enterprise网络的有针对性的邪恶双重攻击。使用敌对门户攻击的间接无线枢纽。 |
wireless | 无线 | freeradius | The premier open source RADIUS server | 首要的开源RADIUS服务器 |
wireless | 无线 | freewifi | How to get free wifi. | 如何获得免费的无线网络。 |
wireless | 无线 | fuzzap | A python script for obfuscating wireless networks. | 用于混淆无线网络的python脚本。 |
wireless | 无线 | g72x++ | Decoder for the g72x++ codec. | g72x ++编解码器的解码器。 |
wireless | 无线 | gerix-wifi-cracker | A graphical user interface for aircrack-ng and pyrit. | 用于aircrack-ng和pyrit的图形用户界面。 |
wireless | 无线 | giskismet | A program to visually represent the Kismet data in a flexible manner. | 一种以灵活的方式直观地表示Kismet数据的程序。 |
wireless | 无线 | gnuradio | General purpose DSP and SDR toolkit. With drivers for usrp and fcd. | 通用DSP和SDR工具包。带有usrp和fcd的驱动程序。 |
wireless | 无线 | gqrx | Interactive SDR receiver waterfall for many devices. | 交互式SDR接收器瀑布适用于许多设备。 |
wireless | 无线 | hcxdumptool | Small tool to capture packets from wlan devices | 从wlan设备捕获数据包的小工具 |
wireless | 无线 | hcxtools | Portable solution for capturing wlan traffic and conversion to hashcat and John the Ripper formats | 便携式解决方案,用于捕获wlan流量并转换为hashcat和John the Ripper格式 |
wireless | 无线 | hoover | Wireless Probe Requests Sniffer. | 无线探针请求嗅探器。 |
wireless | 无线 | hostapd-wpe | IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator - Wireless Pwnage Edition. | IEEE 802.11 AP,IEEE 802.1X / WPA / WPA2 / EAP / RADIUS认证器 - 无线Pwnage版。 |
wireless | 无线 | hotspotter | Hotspotter passively monitors the network for probe request frames to identify the preferred networks of Windows XP clients, and will compare it to a supplied list of common hotspot network names. | Hotspotter被动地监视网络以查找探测请求帧以识别Windows XP客户端的首选网络,并将其与提供的公共热点网络名称列表进行比较。 |
wireless | 无线 | jcrack | A utility to create dictionary files that will crack the default passwords of select wireless gateways | 用于创建将破解选定无线网关的默认密码的字典文件的实用程序 |
wireless | 无线 | kismet | 802.11 layer2 wireless network detector, sniffer, and intrusion detection system | 802.11 layer2无线网络探测器,嗅探器和入侵检测系统 |
wireless | 无线 | kismet-earth | Various scripts to convert kismet logs to kml file to be used in Google Earth. | 用于将kismet日志转换为要在Google Earth中使用的kml文件的各种脚本。 |
wireless | 无线 | kismet2earth | A set of utilities that convert from Kismet logs to Google Earth .kml format | 一组从Kismet日志转换为Google Earth .kml格式的实用程序 |
wireless | 无线 | kismon | GUI client for kismet (wireless scanner/sniffer/monitor). | 用于kismet的GUI客户端(无线扫描仪/嗅探器/监视器)。 |
wireless | 无线 | lorcon | Generic library for injecting 802.11 frames | 用于注入802.11帧的通用库 |
wireless | 无线 | mana | A toolkit for rogue access point (evilAP) attacks first presented at Defcon 22. | 针对恶意接入点(evilAP)攻击的工具包首先在Defcon 22上展示。 |
wireless | 无线 | mdk3 | WLAN penetration tool | WLAN渗透工具 |
wireless | 无线 | mdk4 | Proof-of-Concept tool to exploit common IEEE 802.11 protocol weaknesses. | 概念验证工具,用于利用常见的IEEE 802.11协议弱点。 |
wireless | 无线 | mfcuk | MIFARE Classic Universal toolKit | MIFARE Classic Universal toolKit |
wireless | 无线 | mitmap | A python program to create a fake AP and sniff data. | 一个python程序,用于创建虚假AP和嗅探数据。 |
wireless | 无线 | mousejack | Wireless mouse/keyboard attack with replay/transmit poc. | 无线鼠标/键盘攻击与重播/传输poc。 |
wireless | 无线 | mtscan | Mikrotik RouterOS wireless scanner. | Mikrotik RouterOS无线扫描仪。 |
wireless | 无线 | netattack | Python script to scan and attack wireless networks. | 用于扫描和攻击无线网络的Python脚本。 |
wireless | 无线 | pidense | Monitor illegal wireless network activities. (Fake Access Points) | 监控非法的无线网络活动。(假接入点) |
wireless | 无线 | pixiewps | Offline bruteforce of the WPS pin exploiting the low or non-existing entropy of some APs | WPS引脚的离线暴力攻击利用某些AP的低或不存在的熵 |
wireless | 无线 | python-trackerjacker | Finds and tracks wifi devices through raw 802.11 monitoring. | 通过原始802.11监控查找和跟踪wifi设备。 |
wireless | 无线 | reaver | Brute force attack against Wifi Protected Setup | 对Wifi Protected Setup的暴力攻击 |
wireless | 无线 | rfdump | Tool to detect RFID-Tags and show their meta information | 用于检测RFID标签并显示其元信息的工具 |
wireless | 无线 | rfidiot | An open source python library for exploring RFID devices. | 用于探索RFID设备的开源python库。 |
wireless | 无线 | rfidtool | A opensource tool to read / write rfid tags | 一个用于读/写rfid标签的开源工具 |
wireless | 无线 | sniff-probe-req | Wi-Fi Probe Requests Sniffer. | Wi-Fi探测器请求嗅探器。 |
wireless | 无线 | spectools | Spectrum-Tools is a set of utilities for using the Wi-Spy USB spectrum analyzer hardware. Stable version. | Spectrum-Tools是一组使用Wi-Spy USB频谱分析仪硬件的实用程序。稳定的版本。 |
wireless | 无线 | timegen | This program generates a *.wav file to "send" an own time signal to DCF77 compatible devices. | 该程序生成* .wav文件,以便将自己的时间信号“发送”到DCF77兼容设备。 |
wireless | 无线 | ubitack | Tool, which automates some of the tasks you might need on a (wireless) penetration test or while you are on the go. | 工具,可以自动执行(无线)穿透测试或您在旅途中可能需要的一些任务。 |
wireless | 无线 | waidps | Wireless Auditing, Intrusion Detection & Prevention System. | 无线审计,入侵检测和预防系统。 |
wireless | 无线 | wavemon | Ncurses-based monitoring application for wireless network devices | 基于Ncurses的无线网络设备监控应用程序 |
wireless | 无线 | wepbuster | script for automating aircrack-ng | 用于自动化aircrack-ng的脚本 |
wireless | 无线 | wi-feye | An automated wireless penetration testing tool written in python, its designed to simplify common attacks that can be performed on wifi networks so that they can be executed quickly and easily. | 一种用python编写的自动无线穿透测试工具,旨在简化可在wifi网络上执行的常见攻击,以便快速,轻松地执行。 |
wireless | 无线 | wifi-pumpkin | Framework for Rogue Wi-Fi Access Point Attack. | 恶意Wi-Fi接入点攻击框架。 |
wireless | 无线 | wificurse | WiFi jamming tool. | WiFi干扰工具。 |
wireless | 无线 | wifijammer | A python script to continuosly jam all wifi clients within range. | 一个python脚本,可以持续阻塞范围内的所有wifi客户端。 |
wireless | 无线 | wifiphisher | Fast automated phishing attacks against WPA networks. | 针对WPA网络的快速自动网络钓鱼攻击。 |
wireless | 无线 | wifiscanmap | Another wifi mapping tool. | 另一个wifi映射工具。 |
wireless | 无线 | wifitap | WiFi injection tool through tun/tap device. | WiFi注入工具通过tun / tap设备。 |
wireless | 无线 | wifite | Tool to attack multiple WEP and WPA encrypted networks at the same time | 同时攻击多个WEP和WPA加密网络的工具 |
wireless | 无线 | wireless-ids | Ability to detect suspicious activity such as (WEP/WPA/WPS) attack by sniffing the air for wireless packets. | 能够通过嗅探无线数据包的空气来检测(WEP / WPA / WPS)攻击等可疑活动。 |
wireless | 无线 | wirouter-keyrec | A platform independent software to recover the default WPA passphrases of the supported router models | 一种独立于平台的软件,用于恢复支持的路由器型号的默认WPA密码 |
wireless | 无线 | wlan2eth | Re-writes 802.11 captures into standard Ethernet frames. | 将802.11捕获重写为标准以太网帧。 |
wireless | 无线 | wpa-bruteforcer | Attacking WPA/WPA encrypted access point without client. | 在没有客户端的情况下攻击WPA / WPA加密接入点。 |
wireless | 无线 | wpa2-halfhandshake-crack | A POC to show it is possible to capture enough of a handshake with a user from a fake AP to crack a WPA2 network without knowing the passphrase of the actual AP. | 显示它的POC可以捕获与来自假AP的用户的足够握手以破解WPA2网络而不知道实际AP的密码短语。 |
wireless | 无线 | wpsik | WPS scan and pwn tool. | WPS扫描和pwn工具。 |
wireless | 无线 | zizzania | Automated DeAuth attack. | 自动DeAuth攻击。 |
wireless | 无线 | zykeys | Demonstrates how default wireless settings are derived on some models of ZyXEL routers. | 演示如何在某些型号的ZyXEL路由器上派生默认无线设置。 |