Category Archives: Tools

NoSQL EXPLOITATION FRAMEWORK – Framework For NoSQL Scanning and Exploitation

Any database may include sensitive information such as usernames , passwords or users data. This makes a proper security assessment with whole architecture review is required for identifying security gaps that can be used by hackers to compromise the system.

Smalisca – Static Code Analysis for Smali files

Studying the application and learning more about what it is really doing on the system is very important. Android applications are similar to any other application that may include suspicious and malicious software. If you are looking to investigate this

SpyStudio- Security Audit Tool

Sometime you want to investigate application and processes running on the windows operating system. this will help to find the functions performed by the app which can be legitimate , suspicious or malicious. in similar cases you can check SpyStudio.

J2EEScan Burp Suite Plugin to Test J2EE Applications

J2EEScan is a plugin that you can add on Burp Suite security scanning tool. The goal of this plugin is to improve the test coverage during web application penetration tests on J2EE applications. The plugin is fully integrated into the

rop-tool – Tool to help you write binary exploits

rop-tool is a set of tools that you can use to search gadgets, Patch binaries , Print info about binary, Display heap structure and Disassemble the binary. the tool is open source and consists of a set of internal controls,

DylibHijack- Dylib Hijack Scanner


DLL Hijacking a technique that is widely used by malware writers, this to infect users , launch certain applications or make a privilege escalation. some of the tools that you can use to detect DLL hijacking on windows are: CrowdInspect

Zarp Network Attack tool

Corporate local area networks may have several vulnerabilities that allow attackers disrupt services or exploit the detected vulnerabilities. One of the tool that you can use to pentest local networks is Zarp Network Attack tool.  Zarp allows to perform network