PenBox – A Penetration Testing Framework

A Penetration Testing Framework , The Hacker’s Repo our hope is in the last version we will have evry script that a hacker needs Information Gathering : nmap Setoolkit Port Scanning Host To IP wordpress user enumeration CMS scanner XSStracer – checks remote web servers for Clickjacking, Cross-Frame Scripting, Cross-Site Tracing and Host Header Injection…

ssh_scan

Key Benefits Minimal Dependancies – Uses native Ruby and BinData to do its work, no heavy dependancies. Not Just a Script – Implementation is portable for use in another project or for automation of tasks. Simple – Just point ssh_scan at an SSH service and get a JSON report of what it supports and its…

Dradis: InfoSec Collaboration Framework

Four main goals have driven and will drive the development of Dradis, the system should: effectively share the information. Information should be available to all the clients without extra effort. be easy to use, easy to be adopted. Otherwise it would present little benefit over other systems. be flexible. It needs a powerful and simple extensions interface. In order for…

Penetration Tester Productivity Tool: MagicTree

MagicTree is a penetration tester productivity tool. It is designed to allow easy and straightforward data consolidation, querying, external command execution and (yeah!) report generation. In case you wonder, “Tree” is because all the data is stored in a tree structure, and “Magic” is because it is designed to magically do the most cumbersome and…

Python for penetration testers

If you are involved in vulnerability research, reverse engineering or penetration testing, I suggest to try out the Python programming language. It has a rich set of useful libraries and programs. This page lists some of them. Most of the listed tools are written in Python, others are just bindings for existing C libraries, i.e. they make those…