Archive for the ‘Tools’ Category

WPScan WordPress Vulnerability Scanner

New version of the wordpress security assessment tool – WPScan, the tool already included in many popular pentest distributions such as BackBox Linux, Kali Linux ,Pentoo and SamuraiWTF. The new release is 2.4 include new fingerprints for WP 3.8.3 & 3.7.3, 3.9 and addition vulnerabilities for wordpress CMS. There is also update for the theme [...]

Share

Subterfuge Automated Man-in-the-Middle Attack Framework

Subterfuge is a python based tool that you can use for testing Man-In-The-Middle attacks. the program will start to sniff network traffic and wait to have user login to online websites such as gmail , twitter, facebook and more.  Next it will display accounts information. Beside the session hijacking module there are other modules that [...]

Share

passivedns network sniffer to log DNS query

Domain name servers may contain several type of security vulnerabilities that allow a malicious user to redirect website visitors to a third party website. The attack can be cache poisoning or ARP spoof and this in case that the DNS server is not patched or hardened. Passivedns is an open source tool that you can [...]

Share

Smbexec rapid post exploitation tool

Smbexec is a tool that you can use for penetration testing domain controllers, the program allows to run post exploitation for domain accounts and expand the access to targeted network. this makes pentester have a full access without any privilege requirement. Latest release include improvements so it runs faster and there are more options in [...]

Share

IE PassView 1.31

We have several tools for recovering passwords in web browsers. IE PassView can be used for internet explorer in case you have forget the passwords you are using to log in different system. the tool have a graphical interface and simple to use. ” IE PassView is a small password management utility that reveals the [...]

Share

Mobius Forensic Toolkit 0.5.16

Forensic frameworks are important in running investigation and finding the root cause for any incident. open source programs are widely used for creating cases and gathering evidence.  one of the open source framework is Mobius Forensic Toolkit the toolkit is extensible to investigate data from several entries such as skype and windows operating system registry. [...]

Share

Wi-Fi Password Dump v2.0

WiFi Password Dump is the free command-line tool to quickly recover all the Wireless account passwords stored on your system. It automatically recovers all type of Wireless Keys/Passwords (WEP/WPA/WPA2 etc) stored by Windows Wireless Configuration Manager. For each recovered WiFi account, it displays following information: WiFi Name (SSID) Security Settings (WEP-64/WEP-128/WPA2/AES/TKIP) Password Type Password in [...]

Share