Archive for February, 2016

Here is a list of various security tools.
I will update this list with more tools since some categories are incomplete. It will be nice to have a list of categorized tools etc., Any one can post more categories and links to tools/scripts.

Passwords
HashGrab2
http://py1337.com/tools.php
or
http://forum.intern0t.net/hacking-tools-utilities/2538-hashgrab-py-automatically-get-windows-login-hashes.html
or
http://upload.evilzone.org/download.php?id=7752913&type=zip
Evilzone’s tool info post
HashGrab2,  written by s3my0n, is an offline gathering python script that automatically discover Windows drives and extracts the username-hash pairs to user defined file. HashGrab2 must be run as root (in order to mount the Windows drives) and requires python installed. It is preferable to install samdump2 from your distribution repositories in order to automatically acquire the username-hash pairs.

Cain & Abel
http://www.oxid.it/cain.html
Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network.

CacheDump
http://www.off-by-one.net/
CacheDump, licensed under the GPL, demonstrates how to recover cache entry information: username and MSCASH.

John the Ripper
http://www.openwall.com/john/
John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), Windows, DOS, BeOS, and OpenVMS.

Hydra
http://freeworld.thc.org/thc-hydra/
A very fast network logon cracker which support many different services.Number one of the biggest security holes are passwords, as every password security study shows.

keimpx
https://github.com/inquisb/keimpx
keimpx is an open source tool, released under a modified version of Apache License 1.1. It can be used to quickly check for the usefulness of credentials across a network over SMB.

Medusa
http://www.foofus.net/~jmk/medusa/medusa.html
Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. The goal is to support as many services which allow remote authentication as possible.

Ncrack
http://nmap.org/ncrack/
Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords.

Ophcrack
http://ophcrack.sourceforge.net/
Ophcrack is a Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method.

RainbowCrack
http://project-rainbowcrack.com/
RainbowCrack is a general propose implementation of Philippe Oechslin’s faster time-memory trade-off technique.

phrasen|drescher
http://www.leidecker.info/projects/phrasendrescher/index.shtml
phrasen|drescher (p|d) is a modular and multi processing pass phrase cracking tool. It comes with a number of plugins but a simple plugin API allows an easy development of new plugins.

LCP
http://www.lcpsoft.com/english/index.htm
Main purpose of LCP program is user account passwords auditing and recovery in Windows NT/2000/XP/2003.

Crunch
http://sourceforge.net/projects/crunch-wordlist/
Crunch is a wordlist generator where you can specify a standard character set or a character set you specify. crunch can generate all possible combinations and permutations.

Fcrackzip
http://oldhome.schmorp.de/marc/fcrackzip.html
Naturally, programs are born out of an actual need. The situation with fcrackzip was no different… I’m not using zip very much, but recently I needed a password cracker.

FSCrack
http://www.mcafee.com/us/downloads/free-tools/fscrack.aspx
GUI for John the Ripper. FSCrack is a front end for John the Ripper (JtR) that provides a graphical user interface (GUI) for access to most of JtR’s functions.

Enumiax
http://enumiax.sourceforge.net/
enumIAX is an Inter Asterisk Exchange version 2 (IAX2) protocol username brute-force enumerator. enumIAX may operate in two distinct modes; Sequential Username Guessing or Dictionary Attack.

Wyd
http://linux.softpedia.com/get/Security/Wyd-23540.shtml
wyd.pl was born out of those two of situations: 1. A penetration test should be performed and the default wordlist does not contain a valid password. 2. During a forensic crime investigation a password protected file must be opened without knowing the the password.

Bruter
http://sourceforge.net/projects/worawita/
Bruter is a parallel network login brute-forcer on Win32. This tool is intended to demonstrate the importance of choosing strong passwords. The goal of Bruter is to support a variety of services that allow remote authentication.

The ssh bruteforcer
http://www.edge-security.com/edgessh.php
Is a tool to perform dictionary attacks to the SSH servers, it’s a simple tool, you set the target server, target account, wordlist, port and wait..

Lodowep
http://www.cqure.net/wp/lodowep/
Lodowep is a tool for analyzing password strength of accounts on a Lotus Domino webserver system. The tool supports both session- and basic-authentication.

SSHatter
http://freecode.com/projects/sshatter
SSHatter uses a brute force technique to determine how to log into an SSH server. It rigorously tries each combination in a list of usernames and passwords to determine which ones successfully log in.

Scanning
Amap
http://freeworld.thc.org/thc-amap/
Amap is a next-generation scanning tool, which identifies applications and services even if they are not listening on the default port by creating a bogus-communication and analyzing the responses.

Dr. Morena
http://www.securityfriday.com/tools/DrMorena.html
Dr.Morena is a tool to confirm the rule configuration of a Firewall. The configuration of a Firewall is done by combining more than one rule.

Firewalk
http://packetfactory.openwall.net/projects/firewalk/index.html
Firewalk is an active reconnaissance network security tool that attempts to determine what layer 4 protocols a  given IP forwarding device will pass. Firewalk  works  by sending out TCP or UDP packets with a TTL one greater than the targeted gateway.

Netcat
http://netcat.sourceforge.net/
Netcat is a featured networking utility which reads and writes data across network connections, using the TCP/IP protocol. It is designed to be a reliable “back-end” tool that can be used directly or easily driven by other programs and scripts.

Ike Scan
http://www.nta-monitor.com/tools-resources/security-tools/ike-scan
Ike-scan is a command-line tool that uses the IKE protocol to discover, fingerprint and test IPSec VPN servers. It is available for Linux, Unix, MacOS and Windows under the GPL license.

Nmap
http://nmap.org/
Nmap (‘Network Mapper’) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts.

Zenmap
http://nmap.org/
Zenmap is the official Nmap Security Scanner GUI. It is a multi-platform (Linux, Windows, Mac OS X, BSD, etc.)

Onesixtyone
http://www.phreedom.org/software/onesixtyone/
onesixtyone is an SNMP scanner which utilizes a sweep technique to achieve very high performance. It can scan an entire class B network in under 13 minutes.

SuperScan 4
http://www.mcafee.com/us/downloads/free-tools/superscan.aspx
Powerful TCP port scanner, pinger, resolver. SuperScan 4 is an update of the highly popular Windows port scanning tool, SuperScan

Autoscan
http://autoscan-network.com/
AutoScan-Network is a network scanner (discovering and managing application). No configuration is required to scan your network. The main goal is to print the list of connected equipments in your network.

Knocker
http://knocker.sourceforge.net/
Knocker is a simple and easy to use TCP security port scanner written in C to analyze hosts and all of the different services started on them.

Nsat
http://nsat.sourceforge.net/
NSAT is a robust scanner which is designed for: Different kinds of wide-ranging scans, keeping stable for days. Scanning on multi-user boxes (local stealth and non-priority scanning options).

OutputPBNJ
http://pbnj.sourceforge.net/
PBNJ is a suite of tools to monitor changes on a network over time. It does this by checking for changes on the target machine(s), which includes the details about the services running on them as well as the service state.

ScanPBNJ
http://pbnj.sourceforge.net/
ScanPBNJ performs an Nmap scan and then stores the results in a database. The ScanPBNJ stores information about the machine that has been scanned. ScanPBNJ stores the IP Address, Operating System, Hostname and a localhost bit.

glypeahead
https://github.com/sensepost/glypeahead
By default the Glype proxy script has few restrictions on what hosts/ports can be accessed through it. In addition, the proxy script normally displays all cURL-related error messages.

Unicornscan
http://www.unicornscan.org/
Unicornscan is a new information gathering and correlation engine built for and by members of the security research and testing communities.

TCP Fast Scan
http://www.stev.org/page/TCP-Fast-Scan.aspx
A very very fast tcp port scanner for linux. Runs very quickly. Can scan a lot of hosts / ports + ranges at a time.

Multi Threaded TCP Port Scanner 3.0
http://www.secpoint.com/Multi-Threaded-TCP-Port-Scanner.html
This tool could be used to scan ports of certain IP. It also could describe each port with standard name (well-known and registered ports).

MingSweeper
http://www.hoobie.net/mingsweeper/
MingSweeper is a network reconnaissance tool designed to facilitate large address space,high speed node discovery and identification.

Umap (UPNP Map)
http://packetstormsecurity.com/files/90598/umap-bypass.txt
Umap (UPNP Map) attempts to scan open TCP ports on the hosts behind a UPNP enabled Internet Gateway Device(IGD) NAT.

SendIP
http://www.earth.li/projectpurple/progs/sendip.html
SendIP has a large number of command line options to specify the content of every header of a NTP, BGP, RIP, RIPng, TCP, UDP, ICMP or raw IPv4 and IPv6 packet. It also allows any data to be added to the packet.

PortSentry
http://sourceforge.net/projects/sentrytools/
The Sentry tools provide host-level security services for the Unix platform. PortSentry, Logcheck/LogSentry, and HostSentry protect against portscans, automate log file auditing, and detect suspicious login activity on a continuous basis.

CurrPorts
http://freestickdownload.blogspot.com/2008/06/currport.html
CurrPorts will display the list of all currently opened TCP/IP and UDP ports on your PC. For each port in the list, information about the process that opened the port is also displayed.

Nscan
http://nscan.hypermart.net/
NScan itself is a port scanner, which uses connect() method to find the list of the host’s open ports. The difference from the most of other portscanners is it’s flexibility and speed.

NetworkActiv Scan
http://www.networkactiv.com/
NetworkActiv Port Scanner is a network exploration and administration tool that allows you to scan and explore internal LANs and external WANs.

Blues Port Scanner
http://www.bluebitter.de/portscn2.htm
A good port scanner is just one of the basic tools anyone who is seriously interested in the internet needs. The BluesPortScan is, i think, the fastest scanner for 32Bit windows which you can found in the net.

Sniffer
Chaosreader
http://chaosreader.sourceforge.net/
A freeware tool to trace TCP/UDP/… sessions and fetch application data from snoop or tcpdump logs. This is a type of “any-snarf” program, as it will fetch telnet sessions, FTP files, HTTP transfers (HTML, GIF, JPEG, …), SMTP emails, … from the captured data inside network traffic logs.

dsniff
http://monkey.org/~dugsong/dsniff/
dsniff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data.

Ettercap
http://ettercap.github.com/ettercap/
Ettercap is a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks.

NetworkMiner
http://www.netresec.com/?page=NetworkMiner
NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc.

RawCap
http://www.netresec.com/?page=RawCap
RawCap is a free command line network sniffer for Windows that uses raw sockets.

Spike proxy
http://www.immunitysec.com/resources-freesoftware.shtml
Not all web applications are built in the same ways, and hence, many must be analyzed individually. SPIKE Proxy is a professional-grade tool for looking for application-level vulnerabilities in web applications.

Tcpdump
http://www.tcpdump.org/
Tcpdump prints out the headers of packets on a network interface that match the boolean expression.

Tcpreplay
http://tcpreplay.synfin.net/trac/
Tcpreplay is a suite of BSD licensed tools written by Aaron Turner for UNIX (and Win32 under Cygwin) operating systems which gives you the ability to use previously captured traffic in libpcap format to test a variety of network devices

Wireshark
http://www.wireshark.org/
Wireshark is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education.

Enumeration
dnsenum
http://code.google.com/p/dnsenum/
The purpose of Dnsenum is to gather as much information as possible about a domain.

DumpSec
http://www.systemtools.com/somarsoft/
SomarSoft’s DumpSec is a security auditing program for Microsoft Windows NT/XP/200x.

LDAP Browser
http://www.ldapbrowser.com/
LDAP Browser is a premier Windows Explorer-like LDAP Directory client available for Win32 platforms.

NBTEnum
http://www.secguru.com/link/nbtenum_netbios_enumeration_utility
NetBIOS Enumeration Utility (NBTEnum) is a utility for Windows that can be used to enumerate NetBIOS information from one host or a range of hosts.

nbtscan
http://www.unixwiz.net/tools/nbtscan.html#download
This tool that scans for open NETBIOS nameservers on a local or remote TCP/IP network, and this is a first step in finding of open shares.

wmi client
http://dev.zenoss.org/svn/trunk/inst/externallibs/
This DCOM/WMI client implementation is based on Samba4 sources. It uses RPC/DCOM mechanisms to interact with WMI services on Windows 2000/XP/2003 machines.

Dnsmap
http://www.gnucitizen.org/blog/new-version-of-dnsmap-out/
Dnsmap is mainly meant to be used by pentesters during the information gathering/enumeration phase of infrastructure security assessments.

Dnsrecon
http://www.darkoperator.com/blog/2009/4/3/dns-recon-tool-written-in-ruby.html
I wrote this tool back in late 2006 and it has been my favorite tool for enumeration thru DNS, in great part because I wrote it and it gives the output in a way that I can manipulate it in my own style.  One of the features that I used the most and gave me excellent results is the SRV record enumeration.

Dnstracer
http://www.mavetju.org/unix/dnstracer.php
Dnstracer determines where a given Domain Name Server (DNS) gets its information from, and follows the chain of DNS servers back to the servers which know the data.

Networking Tools
fragroute
http://monkey.org/~dugsong/fragroute/
fragroute intercepts, modifies, and rewrites egress traffic destined for a specified host.

hping
http://www.hping.org/
hping is a command-line oriented TCP/IP packet assembler/analyzer.

Scapy
http://www.secdev.org/projects/scapy/
Scapy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more.

Stunnel
http://www.stunnel.org/
The stunnel program is designed to work as an SSL encryption wrapper between remote client and local (inetd-startable) or remote server.

tcptraceroute
http://michael.toren.net/code/tcptraceroute/
tcptraceroute is a traceroute implementation using TCP packets. The more traditional traceroute sends out either UDP or ICMP ECHO packets with a TTL of one, and increments the TTL until the destination has been reached.

tracetcp
http://tracetcp.sourceforge.net/
tracetcp is a command line traceroute utility for WIN32 that uses TCP SYN packets rather than ICMP/UDP packets that the usual implementations use, thus bypassing gateways that block traditional traceroute packets.

Yersinia
http://www.yersinia.net/
Yersinia is a network tool designed to take advantage of some weakeness in different network protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems.

Wireless
Aircrack-ng
http://www.aircrack-ng.org/
Aircrack is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured.

Kismet
http://www.kismetwireless.net/
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.

NetStumbler
http://www.netstumbler.com/
NetStumbler delivers a tool that helps you detect 802.11 a/b/g WLAN standards. While wardriving is its main use, the application also facilitates the verifying of network configurations.

AirGrab WiFi Radar
http://www.airgrab.com/AirGrab_WiFi_Radar/
AirGrab WiFi Radar is a tool to display information about Apple Airport base stations and other WiFi (802.11b/g/n) wireless access points.

AirMobile agent
http://www.airmobile.se/airmobile_agent.htm
Client application is downloaded in to your PDA or Windows cellular Phone where it will run in quite mode in the background. If the application finds a rouge access point it will investigate the AP and see if it posed a direct threat to your network.

AirRadar 2
http://www.koingosw.com/products/airradar.php?affChecked=1
AirRadar allows you to scan for open networks and tag them as favourites or filter them out. View detailed network information, graph network signal strength, and automatically join the best open network in range.

iStumbler
http://www.istumbler.net/
iStumbler is the leading wireless discovery tool for Mac OS X, providing plugins for finding AirPort networks, Bluetooth devices, Bonjour services and Location information with your Mac.

KisMAC
http://trac.kismac-ng.org/
KisMAC is an open-source and free sniffer/scanner application for Mac OS X. It has an advantage over MacStumbler / iStumbler / NetStumbler in that it uses monitor mode and passive scanning.

WirelessMon
http://www.passmark.com/products/wirelessmonitor.htm
WirelessMon is a software tool that allows users to monitor the status of wireless WiFi adapter(s) and gather information about nearby wireless access points and hot spots in real time.

Vistumbler
http://www.vistumbler.net/
Vistumbler is a wireless network scanner written in AutoIT for Vista, Windows 7, and Windows 8. WiFiDB is a database written in php to store Vistumbler VS1 files. Keeps track of total access points w/gps, maps to kml, signal graphs, statistics, and more.

WaveStumbler
http://www.cqure.net/wp/tools/other/wavestumbler/
WaveStumbler is console based 802.11 network mapper for Linux. It reports the basic AP stuff like channel, WEP, ESSID, MAC etc.

Bluetooth
Haraldscan
http://code.google.com/p/haraldscan/
A Bluetooth Scanner for Linux and Mac OS X. Harald Scan is able to determine Major and Minor device class of device, as well as attempt to resolve the device’s MAC address to the largest known Bluetooth MAC address Vendor list.

Web applications
Arachni
http://arachni-scanner.com/
Arachni is a fully automated system which tries to enforce the fire and forget principle. As soon as a scan is started it will not bother you for anything nor require further user interaction.

Burp Suite
http://www.portswigger.net/burp/
Burp Suite is an integrated platform for performing security testing of web applications.

CAL9000
https://www.owasp.org/index.php/Category:OWASP_CAL9000_Pr oject
CAL9000 is a collection of web application security testing tools that complement the feature set of current web proxies and automated scanners. CAL9000 gives you the flexibility and functionality you need for more effective manual testing efforts.

CAT
http://www.contextis.co.uk/research/tools/cat/
CAT is designed to facilitate manual web application penetration testing for more complex, demanding application testing tasks.

CookieDigger
http://www.mcafee.com/us/downloads/free-tools/cookiedigger.aspx
CookieDigger helps identify weak cookie generation and insecure implementations of session management by web applications. The tool works by collecting and analyzing cookies issued by a web application for multiple users.

DIRB
http://dirb.sourceforge.net/
DIRB is a Web Content Scanner. It looks for existing (and/or hidden) Web Objects. It basically works by launching a dictionary based attack against a web server and analizing the response.

Fiddler
http://www.fiddler2.com/fiddler2/
Fiddler is a Web Debugging Proxy which logs all HTTP(S) traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP(S) traffic, set breakpoints, and ‘fiddle’ with incoming or outgoing data.

Gamja
http://sourceforge.net/projects/gamja/
Gamja will find XSS(Cross site scripting) & SQL Injection weak point also URL parameter validation error. Who knows that which parameter is weak parameter? Gamja will be helpful for finding vulnerability[ XSS , Validation Error , SQL Injection].

Grendel-Scan
http://sourceforge.net/projects/grendel/
A tool for automated security scanning of web applications. Many features are also present for manual penetration testing.

HTTrack
http://www.httrack.com/
HTTrack is a free and easy-to-use offline browser utility. It allows you to download a World Wide Web site from the Internet to a local directory, building recursively all directories, getting HTML, images, and other files from the server to your computer.

LiLith
http://michaelhendrickx.com/lilith
LiLith is a tool written in Perl to audit web applications. This tool analyses webpages and looks for html <form> tags, which often refer to dynamic pages that might be subject to SQL injection or other flaws.

Nikto2
http://www.cirt.net/nikto2
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potentially dangerous files/CGIs.

Paros
http://www.parosproxy.org/index.shtml
A program called ‘Paros’ for people who need to evaluate the security of their web applications. It is free of charge and completely written in Java.

Powerfuzzer
http://www.powerfuzzer.com/
Powerfuzzer is a highly automated and fully customizable web fuzzer (HTTP protocol based application fuzzer) based on many other Open Source fuzzers available and information gathered from numerous security resources and websites.

ProxyScan.pl
http://freecode.com/projects/proxyscan
proxyScan.pl is a security penetration testing tool to scan for hosts and ports through a Web proxy server. Features include various HTTP methods such as GET, CONNECT, HEAD as well as host and port ranges.

Ratproxy
http://code.google.com/p/ratproxy/
A semi-automated, largely passive web application security audit tool, optimized for an accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic in complex web 2.0 environments.

ScanEx
http://www.blueinfy.com/tools.html
This is a simple utility which runs against target site and look for external references and cross domain malicious injections. There are several vulnerable sites which get manipulated with these types of injections and compromised.

Scrawlr
https://h30406.www3.hp.com/campaigns/2008/wwcampaign/1-57C4K/index.php
Scrawlr, developed by the HP Web Security Research Group in coordination with the MSRC, is short for SQL Injector and Crawler. Scrawlr will crawl a website while simultaneously analyzing the parameters of each individual web page for SQL Injection vulnerabilities.

Springenwerk
http://sourceforge.net/projects/springenwerk/
Springenwerk is a free Cross Site Scripting (XSS) security scanner written in Python.

Sqlmap
http://sqlmap.org/
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

Sqlsus
http://sqlsus.sourceforge.net/
sqlsus is an open source MySQL injection and takeover tool, written in perl.

THCSSLCheck
http://freeworld.thc.org/root/tools/
Windows tool that checks the remote ssl stack for supported ciphers and version.

w3af
http://w3af.org/
w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to help you secure your web applications by finding and exploiting all web application vulnerabilities.

Wapiti
http://wapiti.sourceforge.net/
Wapiti allows you to audit the security of your web applications. It performs “black-box” scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data.

Webfuzzer
http://gunzip.altervista.org/g.php?f=projects#webfuzzer
Webfuzzer is a tool that can be useful for both pen testers and web masters, it’s a poor man web vulnerability scanner.

WebGoat
http://www.owasp.org/index.php/Category:OWASP_WebGoat_Pro ject
WebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons.

Websecurify
http://www.websecurify.com/
The Websecurify Suite is a web application security solution designed to run entirely from your web browser.

WebSlayer
http://www.owasp.org/index.php/Category:OWASP_Webslayer_Pr oject
WebSlayer is a tool designed for bruteforcing Web Applications, it can be used for finding not linked resources (directories, servlets, scripts, etc), bruteforce GET and POST parameters, bruteforce Forms parameters (User/Password), Fuzzing, etc. The tools has a payload generator and a easy and powerful results analyzer.

WhatWeb
https://github.com/urbanadventurer/WhatWeb/wiki
WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, Javascript libraries, web servers, and embedded devices.

Wikto
http://www.sensepost.com/labs/tools/pentest/wikto
Wikto is Nikto for Windows – but with a couple of fancy extra features including Fuzzy logic error code checking, a back-end miner, Google assisted directory mining and real time HTTP request/response monitoring.

WSDigger
http://www.mcafee.com/us/downloads/free-tools/wsdigger.aspx
WSDigger is a free open source tool designed by McAfee Foundstone to automate black-box web services security testing (also known as penetration testing). WSDigger is more than a tool, it is a web services testing framework.

XSSploit
http://www.scrt.ch/en/attack/downloads/xssploit
XSSploit is a multi-platform Cross-Site Scripting scanner and exploiter written in Python. It has been developed to help discovery and exploitation of XSS vulnerabilities in penetration testing missions.

Fireforce
http://www.scrt.ch/en/attack/downloads/fireforce
Fireforce is a Firefox extension designed to perform brute-force attacks on GET and POST forms. Fireforce can use dictionaries or generate passwords based on several character types.

Databases
Berkeley DB
http://www.oracle.com/us/products/database/berkeley-db/index.html
Oracle Berkeley DB is a family of open source, embeddable databases that allows developers to incorporate within their applications a fast, scalable, transactional database engine with industrial grade reliability and availability.

Database browser
http://www.dbsoftlab.com/database-editors/database-browser/overview.html
Database browser is an universal table editor. This easy to use tool allows user to connect to any database and browse or modify data,run sql scripts, export and print data.

Db2utils
http://www.cqure.net/wp/db2utils/
db2utils is a small collection of db2 utilities. It currently features three different tools db2disco, db2fakesrv and db2getprofile.

Oracle Auditing Tools
http://www.cqure.net/wp/test/
The Oracle Auditing Tools is a toolkit that could be used to audit security within Oracle database servers.

Oscanner
http://www.cqure.net/wp/oscanner/
Oscanner is an Oracle assessment framework developed in Java. It has a plugin-based architecture and comes with a couple of plugins.

SQL Auditing Tools
http://www.cqure.net/wp/sql-auditing-tools/
SQLAT is a suite of tools which could be usefull for pentesting a MS SQL Server. The tools are still in development but tend to be quite stable. The tools do dictionary attacks, upload files, read registry and dump the SAM.

THC-ORACLE
http://freeworld.thc.org/thc-orakel/
THC presents a crypto paper analyzing the database authentication mechansim used by oracle. THC further releases practical tools to sniff and crack the password of an oracle database within seconds.

thc-orakelcrackert11g
http://freeworld.thc.org/thc-orakelcrackert11g/
OrakelCrackert is an Oracle 11g database password hash cracker using a weakness in the Oracle password storage strategy. With Oracle 11g, case sensitive SHA1 based hashing is introduced.

Vulnerability
Metasploit Framework
http://www.metasploit.com/
The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code.

OpenVAS
http://www.openvas.org/
OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.

Nessus
http://www.tenable.com/products/nessus
Nessus detects, scans, and profiles numerous devices and resources to increase security and compliance across your network.

Porkbind
http://innu.org/
Porkbind is a multi-threaded nameserver scanner that can recursively query nameservers of subdomains for version strings. (i.e. sub.host.dom’s nameservers then host.dom’s nameservers)

Live CD’s
BackTrack
http://www.backtrack-linux.org/
BackTrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking.

If you want to split a Single Linear layout into a Two Columns(Like newspaper Columns). Here’s the layout for it. Use recursively as per your requirement:


 <LinearLayout
        xmlns:android="http://schemas.android.com/apk/res/android"
        android:layout_width="match_parent"
        android:layout_height="match_parent"
        android:orientation="horizontal" >

        <LinearLayout
            android:layout_width="0dp"
            android:layout_height="match_parent"
            android:layout_weight="1"
            android:orientation="vertical" >

            <ImageView
                android:layout_width="wrap_content"
                android:layout_height="wrap_content"
                android:src="@drawable/item" />

            <TextView
                android:id="@+id/text"
                android:layout_width="wrap_content"
                android:layout_height="wrap_content"/>

        </LinearLayout>

        <LinearLayout
            android:layout_width="0dp"
            android:layout_height="match_parent"
            android:layout_weight="1"
            android:orientation="vertical" >

            <ImageView
                content here/>

            <TextView
                content here/>

        </LinearLayout>
    </LinearLayout>

If anyone wants to split the android layout into two parts horizontally then use the below snippet.

<?xml version="1.0" encoding="utf-8"?>
<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"
    android:orientation="vertical"
    android:layout_width="match_parent"
    android:layout_height="match_parent"
    android:background="#FF0000"
    android:weightSum="4"
    android:padding="5dp"> <!-- to show what the parent is -->
    <LinearLayout
        android:background="#0000FF"
        android:layout_height="0dp"
        android:layout_width="match_parent"
        android:layout_weight="2" />
    <LinearLayout
        android:background="#00FF00"
        android:layout_height="0dp"
        android:layout_width="match_parent"
        android:layout_weight="1" />
</LinearLayout>

 

You can recursively use this layout as per your requirement.

I’m just going to put it right here. Taken from techinferno forum, they make you write “meaningful” posts in order to unlock there download. So here are the attached file and the guide copied from there. Because they deserve this 🙂

Download Link:

https://mega.nz/#!ZNskyT4b!e27HXeMTIjzJQ9ZGl50M5PJr7_8L9SEgwiwYh2rV7EU

Guide:

For those who don’t like the restrictions Lenovo put on their system, here’s a BIOS mod that will get you back at least some of the freedom you should have over your own hardware.

 

Features:

 

  • WLAN card whitelist removed, any (hardware-wise compatible) card should now work
  • hidden BIOS menus unlocked
  • VBIOS tweaked for more performance and better tuning possibilities

 

Keep in mind that not necessarily all of the BIOS options available with this mod will be fully functional, so use the new available settings with care.

If you’re unsure about something don’t change it and ask here, someone might be able to help.

 

Available for v1.07 / v1.09 / v1.10 and v3.05.

v2.04 and v2.07 added (only whitelist removal as for now)

 

If you have a different BIOS (or more specific, a BIOS newer than 3.05) I will need a copy of it in order to make it work for your system.

 

Instructions for flashing the modified BIOS v3.05:

You need a USB stick prepared to run DOS, here is a guide you can follow in case you don’t know how to do this:

 

Guide by @StamatisX – thanks!

  StamatisX said:
This is a simple way to make a USB flash drive bootable (i.e. if you want to flash your VBIOS)
  StamatisX said:
First download the attachment from below and extract it (i.e. on your Desktop)
bootable_disk.zip
Install the program and once done run it as administrator otherwise it will give you an error (right click on it and run as administrator)
Insert the USB flash disk you want to use as a bootable device
bootable1.JPG.4295a3fbfc09c83a5bd19006c5
make sure you have the following selected
bootable2.JPG.e9d966d5ec7026f5cb5597ec14
and press on the button with the 3 dots in order to define the location of the needed files (basically where you chose to unzip the file you downloaded)
Press start and after a while you are all set

 

 

>>> Before continuing make sure the AC adapter is connected to your laptop and your battery has at least 20% charge remaining. <<<

 

  • (0) – NOTE: This step is Only necessary if your system isn’t already using BIOS v3.05
    Update to the official v3.05 BIOS provided by Lenovo
    .
  • (1) – Create a backup of your own BIOS (now v3.05) by using Fptw64 tool.
    Extract the files and run the included .bat file from an admin command prompt.
    .
  • (2) – Download Lenovo_Y510p-Y410p_[v3.05]_modified.zip and  put the files of folder [1] to the root of your prepared USB DOS stick.
    Let the BiosFixer prepare your BIOS for flashing by drag and dropping your backup file on it. Put the created “v305mod.bin” file to the root of your USB DOS drive as well.
    .
  • (3) – Now you need to downgrade the firmware back to v2.07 (Y510p-Y410p_v207_[stock].zip) in order to flash the mod.
    .
  • (4) – Boot from your USB DOS drive, when you see the command prompt type BIOS and hit enter. Wait until the BIOS is flashed (you can safely ignore warnings about non-existing regions).
    .
  • (5) – Once the BIOS flash completed with no errors, type EC and hit enter. Wait until the EC is flashed. Then reboot.
    .
  • (6) – Go to the BIOS setup menu, load the default settings, apply and reboot.
    Done. In case you’re using an ultra bay GPU follow the instructions in post #2 and flash the vbios..

 

NOTE: It’s crucial that you flash both, BIOS and EC. Having different EC and BIOS versions can in certain situations lead to issues.

 

IMPORTANT: If you want to go back to stock v3.05 you can do that easily by simply using the official update from Lenovo. That’s it, nothing additional required in this case.

 

Old instructions for users with v1.07 / v1.09 / v1.10 or v2.04 / v2.07 who for some reasons don’t want to update to v3.05:

  Reveal hidden contents

 

Video walk-through of bios settings (thanks @allstone):

 

 

Or just head over to the forum and use the attached file:

https://www.techinferno.com/index.php?/forums/topic/3546-lenovo-y410p-y510p-unlocked-bios-wlan-whitelist-mod-vbios-mod/

  • Dropbox -This service is very useful to anyone who has lots of files they want to store in the cloud. While anyone can get a free Dropbox account, there are limits on how much storage you get. With a .EDU email, you get an extra 500 mb of space, which translates to lots of photos or documents.
  • Spotify – The online music streaming service gives a 50% discount on the premium plan to students based in the US.
  • Norton -Students can purchase some of the best known anti-virus software and other programs at a 50% discount.
  • Adobe Creative Cloud -Adobe, one of the world’s leading software companies, provides a generous 60% discount to students and teachers on many programs and apps.
  • Autodesk -This software company provides free engineering, animation and design software to students and people associated with academic institutions. Some of the software programs that are included in this program are Fusion 360, 3ds Max, Revit, Maya and AutoCAD.
  • Dell – Avail an exclusive discount to all Dell products for students with valid .EDU email accounts to enhance their education.  Join their Member Purchase Program for University Students to enjoy these amazing deals.
  • Newegg – First year of Newegg Premier is free once you provide your name@school.edu email address, and  50% off afterwards. Premier benefits of this computer hardware and software retailer are similar to Prime benefits in Amazon.
  • Best Buy – Best Buy offers exclusive deals for college students, once you sign up and confirm your .EDU email.
  • AWeber – The #1 rated email marketing service provides a 20% discount for students with .EDU or .AC email. (get extra discount with our exclusive AWeber coupons).
  • LastPass – Get 6 months of LastPass free premium and have all your passwords kept safe and stored on one location.

  • Powtoon – Students and teachers alike can now create beautiful animated videos and presentations they could use to make learning fun and engaging.  You can try it for free or check out their premium accounts exclusive for educators and students. See also our Powtoon review and coupons.

  • Prezi – Educators and students who are using a .EDU email address can enjoy this cloud-based software with Zooming User Interface (ZUI) to create beautiful presentations for FREE.  A special discounted price is also available if you want to upgrade for an unlimited storage and maximize its powerful features.

  • Connectify – Stay connected and transform your single internet connection into a Wi-Fi hotspot so you can share it to your fellow college students, co-teachers or even the whole school using this widely used software.  Connectify Hotspot offers a whopping 75% off its regular price to students or academic staff with a .EDU email account.

  •  iMazing – Seamlessly manage and even transfer your files from your iPhone, iPod, iPad, or Mac to your PC or any iOS device using this amazing application. .EDU email account holders can download iMazing with 30% discount from its original price using the iMazing Educational Licenses Program.

  •  LucidChart – A web-based diagram software and flow chart maker, LucidChart, is completely FREE for students and teachers who have valid .EDU email addresses.  This application is designed to help its users create professional-looking flowcharts, website wireframes, mind maps, organizational charts, and other diagram types.

These are just some of the special discounts that are available to anyone with a .EDU email address. You will also be eligible for many other discounts, including travel, concert and other tickets, online stores and many other things. We will keep updating the benefits list with additional .EDU benefits.

Students, teachers and college staff can enjoy these benefits, but what about other people? There are, in fact, ways to get a .EDU email address even if you aren’t affiliated with a school.
Other worthy mentions:

  • Amazon Prime Trial ( 180 Days )
  • Discounted Adobe CC
  • AutoDesk ( Free 3Ds Max and other )
  • Microsoft Dreamspark ( Free Microsoft Product )
  • RipTiger
  • MindSumo
  • My Uni Days
  • Github Student Pack (worth 200$+)
  • RazerStore
  • Sumpto
  • Viggle
  • AutoDesk Software
  • RipTiger
  • Jetbrains
  • Amazon AWS  credits in hunders of $.

How to get it?

 

How to Get a .EDU Email Address

Obviously, the easiest way to get a free .EDU email address is to be a student or faculty member at an academic institution. Even if you are a nontraditional student, you could be eligible for this benefit. For example, if you are taking classes, either online or in person at an accredited school, you might be able to get a .EDU email address. Of course, if you are not a student you probably don’t want to become one simply for this purpose. There are other ways to do it.

  • If You’re a College Graduate -If you’re not a student currently but have graduated from an accredited college or university, you may be eligible for a .EDU email address as an alumnus. You can contact the alumni department of your college and find out if this is possible.
  • Signing Up For an Online College -There are certain online institutions that provide you with a free .EDU email address. You can sign up as a student, parent or educator.
  • Fiverr.com -Fiverr.com is a fast growing site, with a recent $60M funding round. On Fiverr, freelancers offer just about every imaginable service for $5. You can search for whatever you’re looking for and you’ll most likely find it. There are people offering .EDU email addresses on Fiverr. Some of these sellers will even sell you multiple .EDU accounts, for an extra charge of course. The following are a few examples of such Fiverr gigs.

I will provide you with a valid edu email account for $5

I will provide you with a high value edu email account for $5

I will provide you with a valid edu email account for $5

Keep in mind that Fiverr.com is a dynamic service with new gigs appearing every day and old ones sometimes being paused. So if the above links don’t work, you can always do a search on Fiverr for “Valid .EDU email account” or something similar. On our side, we’ll definitely try to keep the above links updated with reliable sellers, as there’s always another member of the family who needs a .EDU account.

Since .EDU email addresses are actually designed for students, parents and educators, alternative methods for obtaining these email addresses may not always seem legit. However, these are essentially loopholes that may be closed anytime in the future. There is also no guarantee that, once obtained, your .EDU email will work forever. However, if you do get one, you will probably have a chance to enjoy quite valuable discounts and other perks, for a significant amount of time.

If you’re set on obtaining a .EDU email address without being a student, you may have to be creative and persistent. It is highly likely, though, that there will always be some way to get a coveted .EDU email, either on your own or through someone on a site such as Fiverr.

 

You can just google for more if you are still looking for more!

https://www.google.com/search?q=RipTiger+student&aqs=chrome..69i57.1706j0j7&sourceid=chrome&es_sm=93&ie=UTF-8#q=free+license+for+edu+students&start=0