what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 1,664 RSS Feed

Scanner Files

Cable .NET Post Exploitation Tool
Posted Nov 18, 2024
Site github.com

Cable is a simple post-exploitation tool used for enumeration and further exploitation of Active Directory environments. This tool was primarily created to learn more about .NET offensive development in an Active Directory context.

tags | tool, scanner
systems | unix
SHA-256 | 458a872c342755e93082c07fb043a34150e44308454825841810949f373c7797
PHP-CGI Argument Injection Susceptibility Scanner
Posted Nov 14, 2024
Site github.com

This is a bash script that is a vulnerability checker for CVE-2024-4577 designed to scan multiple domains for an argument injection vulnerability in PHP-CGI. This tool allows security researchers and system administrators to quickly assess whether their systems or a list of domains are potentially vulnerable to this specific security issue. This issue affected PHP-CGI versions 8.1 before 8.1.29, 8.2 before 8.2.20, and 8.3 before 8.3.8.

tags | tool, cgi, scanner, php, bash
systems | unix
advisories | CVE-2024-4577
SHA-256 | 58c9a80f92e4d182c0940c15a33aa87129477ec3f26f7c5c954d840e6f170fd4
Scapy Packet Manipulation Tool 2.6.1
Posted Nov 5, 2024
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: This update contains fixes for various small bugs introduced in version 2.6.0 including a couple of crashes.
tags | tool, scanner, python
systems | unix
SHA-256 | a580a4cf6bbbaf72e64e082d3ee8e5afd4e06becb21eecd24c22d1ef2da58ef3
Helper 0.1
Posted Oct 21, 2024
Authored by Emiliano Febbi | Site nullsite.altervista.org

Helper is an enumerator written in PHP that helps identify directories on webservers that could be targets for things like cross site scripting, local file inclusion, remote shell upload, and remote SQL injection vulnerabilities.

tags | tool, remote, shell, local, scanner, php, vulnerability, xss, sql injection, file inclusion
systems | unix
SHA-256 | d393a8fbc83a7853129734872e32346a0060fce6cc2859479ba80540d7ca06af
Scapy Packet Manipulation Tool 2.6.0
Posted Sep 30, 2024
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: Dropped support of Python 2.7. Improved packaging. Support for RFC6874-like scope identifiers. The internals that read the routes and interfaces configuration have been rewritten on Linux and BSD. The changelog is quite extensive as it has been two years since the last release so definitely review it.
tags | tool, scanner, python
systems | unix
SHA-256 | cfd1babc5c0008bc021eede72149922c24dfc4a511ced7cc3a8665193b6be5c5
Lynis Auditing Tool 3.1.2
Posted Sep 27, 2024
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: 6 additions and 27 changes have been made.
tags | tool, scanner
systems | unix
SHA-256 | 882c46d28005c7c35d2829e646deabbd9834358d885489f7e3a472c7c10972d4
CVE-2024-26581 Checker
Posted Sep 19, 2024
Authored by madfxr | Site github.com

This is a script to check your kernel versions to see if you're susceptible to CVE-2024-26581.

tags | tool, kernel, scanner
systems | unix
advisories | CVE-2024-26581
SHA-256 | 407f3dfbe86e97c19e1f98da8a8a4c89a8e99776fb994091ba6f125594338866
jSQL Injection 0.101
Posted Jul 15, 2024
Authored by ron190 | Site github.com

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.

Changes: Added database vendor blind fingerprinting. Optimized concurrency, shutdown and non-progress threads. Improved vuln report. Warned about missing strategies implementation. Removed Time from Sqlite. Removed Memsql and CockroachDB as clones. Improved clones fingerprinting. Improved Vertica schema query and fix field casting. Fixed Vertica/Postgres fingerprint collision. Improved falsy/truthy lists on Oracle. Improved failsafe on Oracle. Improved modes test order on Blind/Time. Improved characters insertion test order. Added TryHackMe and Burp labs to Scan list.
tags | tool, scanner, sql injection
systems | linux, unix
SHA-256 | 8d0618dafc562012201b160ff1a083e7f59b02a76c7872748bc48ca60ee56147
jSQL Injection 0.100
Posted Jun 24, 2024
Authored by ron190 | Site github.com

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.

Changes: Added vulnerability report. Handled incorrect domain authority. I18n improvement and cleaning. Upgraded dependencies version.
tags | tool, scanner, sql injection
systems | linux, unix
SHA-256 | ceb6ca2287f504c38f9587d2e3b3d4bd933bb43cf78256f23d26c9dcd6761a89
jSQL Injection 0.99
Posted Jun 18, 2024
Authored by ron190 | Site github.com

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.

Changes: Fixed issue with non ASCII domain names. Allowed restricted headers: connection, content-length, expect, host, upgrade. Handled incorrect URI and header, empty csrf token, out of memory error, concurrent modification. Used default encoding instead of system encoding. Upgraded version dependencies. Validated jdk21 compatibility.
tags | tool, scanner, sql injection
systems | linux, unix
SHA-256 | 48ad8d092a1d79aa5c2620e2605e83e3d688cc6a534bf9ed77f27a4ef0c5af79
TestSSL 3.0.9
Posted Jun 14, 2024
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: Fixed bash 5 issue when encountering a short server key extension. Fixed HTML issue when using bash 5. CAA DNS records are now not being queried when nodns is set. MongoDB identification fix. Sanity check when user has broken umask to avoid runtime errors. Fixed for newer grep versions. 8 additional updates.
tags | tool, scanner, protocol, bash
systems | unix
SHA-256 | 75ecbe4470e74f9ad17f4c4ac733be123b0f67d676ed24cc2b30adb41561e05f
jSQL Injection 0.98
Posted Jun 7, 2024
Authored by ron190 | Site github.com

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.

Changes: Improved console unhandled error. Upgraded dependencies. Fixed automatic issue report.
tags | tool, scanner, sql injection
systems | linux, unix
SHA-256 | caa26310c4e9e7b6053f9a6868d38b6ead0c7ec23f78b60bf118593806685311
jSQL Injection 0.97
Posted May 31, 2024
Authored by ron190 | Site github.com

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.

Changes: Restored automatic issue report.
tags | tool, scanner, sql injection
systems | linux, unix
SHA-256 | 90399bcb164b4b112830c11dba0b7486158942ee798ef7e06e37df300f75cccf
jSQL Injection 0.96
Posted May 29, 2024
Authored by ron190 | Site github.com

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.

Changes: Fixed bug in cookie processing. Improved mysql dios. Upgraded dependencies version. Improved javadoc.
tags | tool, scanner, sql injection
systems | linux, unix
SHA-256 | 986e0909140808aa7906e212cb9896a9cf3030e9fccf810382c752b536ca2aab
ghba PTR Record Scanner
Posted Apr 1, 2024
Authored by Blake, Jerbo

ghba is a PTR record scanner ported from ghba.c. It has been enhanced to run much faster than the original ghba.c. It can scan an entire private class C network in under a minute if 32 threads are available.

tags | tool, scanner
systems | linux, unix, apple
SHA-256 | 92c4565b20b4f73f7f963a482cd44e6bc1db903941ab8b430f543fd68d9c04ca
Lynis Auditing Tool 3.1.1
Posted Mar 18, 2024
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Detection of ArcoLinux has been added. Redis configuration file path added for FreeBSD. Check /snap directory location for Redis configuration file.
tags | tool, scanner
systems | unix
SHA-256 | d72f4ee7325816bb8dbfcf31eb104207b9fe58a2493c2a875373746a71284cc3
Lynis Auditing Tool 3.1.0
Posted Mar 11, 2024
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: 12 changes and an Indonesian translation has been added.
tags | tool, scanner
systems | unix
SHA-256 | ca192ac67411b07ec8421d579b1f16c038299ff727a53d739403b729817bc2e7
Fwknop Port Knocking Utility 2.6.11
Posted Feb 7, 2024
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Fixed two bugs in PF handling code. Added ALLOW_ANY_USER_AGENT for ENABLE_SPA_OVER_HTTP mode so that fwknopd will accept any User-Agent string coming from the client. Various fixes to the AppArmor profile to support recent versions of Debian and Ubuntu. Add gpg.conf and gpg-agent.conf to set pinentry-mode loopback to restore GPG full cycle tests. A couple additional updates to the test suite.
tags | tool, scanner, vulnerability
systems | unix
SHA-256 | bcb4e0e2eb5fcece5083d506da8471f68e33fb6b17d9379c71427a95f9ca1ec8
SSH-Snake: Automated SSH-Based Network Traversal
Posted Jan 9, 2024
Authored by Joshua Rogers | Site github.com

SSH-Snake is a powerful tool designed to perform automatic network traversal using SSH private keys discovered on systems, with the objective of creating a comprehensive map of a network and its dependencies, identifying to what extent a network can be compromised using SSH and SSH private keys starting from a particular system. SSH-Snake can automatically reveal the relationship between systems which are connected via SSH, which would normally take a tremendous amount of time and effort to perform manually.suffers from bypass and traversal vulnerabilities.

tags | tool, scanner, vulnerability, file inclusion
systems | unix
SHA-256 | 955ae990d1d900f97e789c6f6cb04dd954898e032e8e00fc6d4354e9508c09ae
jSQL Injection 0.95
Posted Oct 16, 2023
Authored by ron190 | Site github.com

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.

Changes: Improved prefix and query size. Keep console tabs colored until clicked. Removed stacktrace from error messages. Added Postgres Error strategy Cast:stacked. Added Postgres query for reading file. Added Postgres system filenames to File list. Added SQL Server Stacked strategy. Improved DB2 Error strategy detection. Improved DB2 queries reliability. A couple of additional fixes.
tags | tool, scanner, sql injection
systems | linux, unix
SHA-256 | 0d7cf976c70af7866c9cb7df713e2d045e98454b80bd556dad89be93bb5bf7b9
Simple Packet Sender 5.0
Posted Oct 9, 2023
Authored by Hohlraum | Site sites.google.com

Simple Packet Sender (SPS) is a Linux packet crafting tool. It supports IPv4, IPv6 (but not extension headers yet), and tunneling IPv6 over IPv4. Written in C on Linux with GUI built using GTK+. Both source and binaries are included. Features include packet crafting and sending one, multiple, or flooding packets of type TCP, ICMP, or UDP. All values within ethernet frame can be modified arbitrarily. Supports TCP, ICMP and UDP data as well, with input from either keyboard as UTF-8/ASCII, keyboard as hexadecimal, or from file. Various other features exist as well.

Changes: Dozens of updates as this is the first release since 2015.
tags | tool, udp, scanner, tcp
systems | linux, unix
SHA-256 | 27655eb9a3a11f0253a3989eedbe5dd12a1cb92bbb5594ec4c58e5663a454db3
jSQL Injection 0.94
Posted Oct 5, 2023
Authored by ron190 | Site github.com

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.

Changes: Fixed Sleep Time always applied when disabled in Preference. Fixed URL encoding always applied in path when disabled in Preference. Fixed strategy Stacked not applied. Optimized SQL query.
tags | tool, scanner, sql injection
systems | linux, unix
SHA-256 | 5674649cb5463b17483b4b4890dd1892b295b619eea8c1a2230452f2df7677c6
jSQL Injection 0.93
Posted Oct 2, 2023
Authored by ron190 | Site github.com

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.

Changes: Added Boolean no-mode. Added Preference to disable URL random suffix. Fixed empty String not possible in SQL Engine. Add CTF platforms to Scan list.
tags | tool, scanner, sql injection
systems | linux, unix
SHA-256 | 90eb5b359e74a7af8e5bdb5cc5a8740bc57bb1ca10a3bece24054679d6da0016
jSQL Injection 0.92
Posted Sep 4, 2023
Authored by ron190 | Site github.com

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.

Changes: Added Multibit strategy. Added Preference to disable strategies. Replaced Boolean size queries with trail query. Optimized SQLite calibrator. Added vulnweb, juice.shop, hackthebox URLs to Scan. Fixed i18n managers tabs. Optimized Boolean false positive detection.
tags | tool, scanner, sql injection
systems | linux, unix
SHA-256 | c2fbf8bf0a47c670fad1bee18fdc18a0b6b5257d83d819dce0dc4303a17f79e8
jSQL Injection 0.91
Posted Aug 14, 2023
Authored by ron190 | Site github.com

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.

Changes: Added Stacked strategy. Added Stacked mode to Boolean strategies. Added Stacked payloads to Error strategies. Added file and privilege queries to SQL Engine. Improved bulk scan result. Improved cookies processing. Improved CSRF and Digest handshake processing. Improved H2 and PostgreSQL injection. Switched PHP SQL shell to mysqli_connect. One bug fix.
tags | tool, scanner, sql injection
systems | linux, unix
SHA-256 | f10e3bf405f1fc962e8bef1980943cec5018e07f66ce5260c0f04edd579c6bff
Page 1 of 67
Back12345Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close