HosProxy

May 3, 2017

HoSProxy is a tool designed to let you access the web in a LAN without internet connection but with access to an E-mail system only. HoS means Http over SMTP, that is to say, using the E-mail system as http-proxy to navigate the web. System Requirements: Windows Website Link: http://www.edge-security.com/hosproxy.php

Webslayer

May 3, 2017

Webslayer is a tool designed for brute forcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts,files, etc), brute force GET and POST parameters, bruteforce Forms parameters (User/Password), Fuzzing, etc. The tools has a payload generator and an easy and powerful results analyzer. System Requirements: Windows Website Link: http://www.edge-security.com/webslayer.php

ProxyStrike

May 3, 2017

ProxyStrike is an active Web Application Proxy. It’s a tool designed to find vulnerabilities while browsing an application. It was created because the problems we faced in the pentests of web applications that depends heavily on Javascript, not many web scanners did it good in this stage, so we came with this proxy. Right now […]

Wfuzz

May 3, 2017

Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts, etc), bruteforce GET and POST parameters for checking different kind of injections (SQL, XSS, LDAP,etc), bruteforce Forms parameters (User/Password), Fuzzing,etc. System Requirements: Windows Website Link: http://www.edge-security.com/wfuzz.php

Metagoofil

May 3, 2017

Metagoofil is an information gathering tool designed for extracting metadata of public documents (pdf,doc,xls,ppt,docx,pptx,xlsx) belonging to a target company. Metagoofil will perform a search in Google to identify and download the documents to local disk and then will extract the metadata with different libraries like Hachoir, PdfMiner? and others. With the results it will generate […]

theHarvester

May 3, 2017

The objective of this program is to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database. This tool is intended to help Penetration testers in the early stages of the penetration test in order to understand the customer footprint on […]

hping3

May 3, 2017

hping is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired to the ping(8) unix command, but hping isn’t only able to send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many other features. System Requirements: Linux […]

Faraday

May 3, 2017

Faraday introduces a new concept – IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distribution, indexation and analysis of the data generated during a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way. System Requirements: Windows […]

Cookie Cadger

May 3, 2017

Cookie Cadger helps identify information leakage from applications that utilize insecure HTTP GET requests. Web providers have started stepping up to the plate since Firesheep was released in 2010. Today, most major websites can provide SSL/TLS during all transactions, preventing cookie data from leaking over wired Ethernet or insecure Wi-Fi. But the fact remains that […]

Kali Linux

May 3, 2017

Full customization of Kali ISOs with live-build allowing you to create your own Kali Linux images – Kali Linux is heavily integrated with live-build, allowing endless flexibility in customizing and tailoring every aspect of your Kali Linux ISO images. The Kali Linux ISO of doom is a great example of the flexibility of live-build, and the types and complexity of […]