What is DalFox DalFox is a powerful open-source tool that focuses on automation, making it ideal for quickly scanning for XSS flaws and analyzing parameters. Its advanced testing engine and niche features are designed...
IllusiveFog IllusiveFog is an implant kit for Microsoft Windows-based networks for long-term stealthy access and recon. IllusiveFog is designed for highly covert & stealthy operations, because of this reason features are kept limited and...
interactsh Interactsh is an Open-Source Solution for Out of band Data Extraction, A tool designed to detect bugs that cause external interactions, For example – Blind SQLi, Blind CMDi, SSRF, etc. Features DNS/HTTP/SMTP Interaction...
scared scared is a library that aims to provide tools to achieve side-channel analysis. It provides pretty high-level APIs, and ready-to-use tools to quickly run classic CPA, DPA, … leakage, and reverse analysis. It...
FaceDancer FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs. FaceDancer performs two main functions: Recon: Scans a given DLL to create the export definition file for proxying. Attack: Creates a malicious...
CloudShovel CloudShovel is a tool designed to search for sensitive information within public or private Amazon Machine Images (AMIs). It automates the process of launching instances from target AMIs, mounting their volumes, and scanning...
Network Flight Recorder NFR is a lightweight application which processes network traffic using the AlphaSOC Analytics Engine. NFR can monitor log files on disk (e.g. Microsoft DNS debug logs, Bro IDS logs) or run as a network...
Crawl4AI Crawl4AI simplifies asynchronous web crawling and data extraction, making it accessible for large language models (LLMs) and AI applications. Feature 🆓 Completely free and open-source 🚀 Blazing fast performance, outperforming many paid services...
themis Themis is an open-source high-level cryptographic services library for mobile and server platforms, which provides secure data exchange and storage. Themis provides four important cryptographic services: Secure Message: a simple encrypted messaging...
capa capa detects capabilities in executable files. You run it against a PE file or shellcode and it tells you what it thinks the program can do. For example, it might suggest that the...
WhoYouCalling Monitors network activity made by a process through the use of Windows Event Tracing (ETW) and Full Packet Capture (FPC). Filters a generated .pcap file with BPF based on the detected network activity made by...
sslscan sslscan tests SSL/TLS-enabled services to discover supported cipher suites. This is a fork of ioerror’s version of sslscan. Changes are as follows: Highlight SSLv2 and SSLv3 ciphers in output. Highlight CBC ciphers on SSLv3 (POODLE). Highlight...
Bopscrk Bopscrk (Before Outset PaSsword CRacKing) is a tool to generate smart and powerful wordlists. Included in BlackArch Linux pentesting distribution and Rawsec’s Cybersecurity Inventory since August 2019. The first idea was inspired by Cupp and Crunch. We could say...
AuditForge AuditForge (PwnDoc fork) is a pentest reporting application making it simple and easy to write your findings and generate a customizable Docx report. The main goal is to have more time to search...
What is Acra Acra helps you easily secure your databases in distributed, microservice-rich environments. It allows you to selectively encrypt sensitive records with strong multi-layer cryptography, detect potential intrusions and SQL injections and cryptographically compartmentalize...
Dr. Memory: the memory debugger Dr. Memory is a memory monitoring tool capable of identifying memory-related programming errors such as accesses of uninitialized memory, accesses to unaddressable memory (including outside of allocated heap units...
