Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Exploits (to analyze):
- EARLYSHOVEL RedHat 7.0 – 7.1 Sendmail 8.11.x exploit
- EBBISLAND (EBBSHAVE) root RCE via RPC XDR overflow in Solaris 6, 7, 8, 9 & 10 (possibly newer) both SPARC and x86.
- ECHOWRECKER remote Samba 3.0.x Linux exploit.
- EASYBEE appears to be an MDaemon email server vulnerability
- EASYFUN EasyFun 2.2.0 Exploit for WDaemon / IIS MDaemon/WorldClient pre 9.5.6
- EASYPI is an IBM Lotus Notes exploit that gets detected as Stuxnet
- EWOKFRENZY is an exploit for IBM Lotus Domino 6.5.4 & 7.0.2
- EXPLODINGCAN is an IIS 6.0 exploit that creates a remote backdoor
- ETERNALROMANCE is a SMB1 exploit over TCP port 445 which targets XP, 2003, Vista, 7, Windows 8, 2008, 2008 R2, and gives SYSTEM privileges (MS17-010)
- EDUCATEDSCHOLAR is a SMB exploit (MS09-050)
- EMERALDTHREAD is a SMB exploit for Windows XP and Server 2003 (MS10-061)
- EMPHASISMINE is a remote IMAP exploit for IBM Lotus Domino 6.6.4 to 8.5.2
- ENGLISHMANSDENTIST sets Outlook Exchange WebAccess rules to trigger executable code on the client’s side to send an email to other users
- EPICHERO 0-day exploit (RCE) for Avaya Call Server
- ERRATICGOPHER is a SMBv1 exploit targeting Windows XP and Server 2003
- ETERNALSYNERGY is a SMBv3 remote code execution flaw for Windows 8 and Server 2012 SP0 (MS17-010)
- ETERNALBLUE is a SMBv2 exploit for Windows 7 SP1 (MS17-010)
- ETERNALCHAMPION is a SMBv1 exploit
- ESKIMOROLL is a Kerberos exploit targeting 2000, 2003, 2008 and 2008 R2 domain controllers
- ESTEEMAUDIT is an RDP exploit and backdoor for Windows Server 2003
- ECLIPSEDWING is an RCE exploit for the Server service in Windows Server 2008 and later (MS08-067)
- ETRE is an exploit for IMail 8.10 to 8.22
- ETCETERABLUE is an exploit for IMail 7.04 to 8.05
- FUZZBUNCH is an exploit framework, similar to MetaSploit
- ODDJOB is an implant builder and C&C server that can deliver exploits for Windows 2000 and later, also not detected by any AV vendors
- EXPIREDPAYCHECK IIS6 exploit
- EAGERLEVER NBT/SMB exploit for Windows NT4.0, 2000, XP SP1 & SP2, 2003 SP1 & Base Release
- EASYFUN WordClient / IIS6.0 exploit
- ESSAYKEYNOTE
- EVADEFRED
- Utilities:
- PASSFREELY utility which “Bypasses authentication for Oracle servers”
- SMBTOUCH check if the target is vulnerable to samba exploits like ETERNALSYNERGY, ETERNALBLUE, ETERNALROMANCE
- ERRATICGOPHERTOUCH Check if the target is running some RPC
- IISTOUCH check if the running IIS version is vulnerable
- RPCOUTCH get info about windows via RPC
- DOPU used to connect to machines exploited by ETERNALCHAMPIONS
- NAMEDPIPETOUCH Utility to test for a predefined list of named pipes, mostly AV detection. User can add checks for custom named pipes.
- Scripts Arsenal and Wine Arsenal:
- 3vilTwinAttacker
- 911ar
- a2sv
- adminfinder
- AdminPage
- ADSLPT-WPA
- wifi-breaker
- aircracktest
- airfree-wt
- airgeddon
- Airlin
- airmode
- Airodump_Scan_Visualizer
- airport-sniffer
- airssl
- airstorm
- Airvengers
- agryfuzzer
- anonsurf
- anon-manager
- anonymizer
- anon-surf-start
- anon-surf-stop
- apfucker
- apk-payload-generator
- apt2
- ARCANUS
- armitage
- asleap
- atscan
- autoDANE
- autohsgui
- automater
- AutoNessus
- autopixie
- auto-reaver
- autorelay
- avet
- backdoor-apk
- backdoorme
- backdoorppt
- BAF
- Base64ImageEncoder-Decoder
- BatchVirusGenerator
- Batch-Virus-Generator
- belkin4xx
- belkin-wpspin
- BinGoo
- BlackFilePumper
- BlindSqli
- BoopSuite
- Brutal
- BruteSploit
- brutespray
- BruteX
- BrutusV4.7
- BTIHTMLEncoder-Decoder
- BTIMultiSiteChecker
- BTIReverseIPDomainCheck
- bully
- cangibrina
- kerbnmap
- Cewl
- anon-change-identity
- CHAOS
- chap2asleap
- chapcrack
- Chap-Crack
- CloudFail
- CloudFlareResolver
- CMSmap
- cobaltstrike
- cowpatty
- CpanelBruteReiluke
- crackle
- crackle
- CrackTheCAP
- probewpacracker
- credmap
- criptator
- crowbar
- crunch
- csrfpocmaker
- CVE-2017-0199
- CVE-2017-7494
- cybersac
- Dagon
- dedsploit
- DefacePageCreated
- dkmc
- dlinkdecrypter
- domainhunter
- DorkFinder
- Dorktools
- dotdotpwn
- doublepulsar-detection
- d-tect
- eapmd5hcgen
- EaST
- Ebowla
- EggShell
- ejacoolas
- erratasec
- Eternalblue-Doublepulsar-Metasploit
- escan
- EternalsExtensionSpoofer
- EvilAPDefender
- evil-droid
- ExploitOnCLI
- exploitpack
- exploits
- ExploitScanner
- Extension_Spoofer
- ezDataBase_Defacer
- ezsploit
- F.Society
- Fakear
- fakeAP
- fake-ap3.py
- FakeAp2
- FakeImageExploiter
- fibercrunch
- Findsploit
- fipy
- firefox-ram
- gufw
- anonsurf
- fluxion
- gcat
- generadorDiccio
- genkeys
- genpmk
- Genpy
- getsploit
- GhostInTheNet
- Ghost-fisher
- gigawordlist
- Gloom-Framework
- Goohak
- hakkuframework
- Halcyon
- handshake-extractor
- HandShaker
- Hash-Buster
- hashcatgui
- hccap
- hellraiser
- HellWormsGenerator
- Her0xDa-Wps-Cracker
- HighLifeCrypter
- hostnamechanger
- hotspot_autologin
- HT-WPS-Breaker
- hydra-wizard
- Illusi0nCrypter
- Image+TextFileBinder
- ImageWorm
- InfamousTool
- Infoga
- Injectorist
- Insanity-Framework
- InstaBrute
- ipscan-win32-3_2
- IpTool
- isf
- isthisipbad
- Jazztel-StopGo
- Joomla_Security_Scanner
- jsql-injection-v0_2_jar
- KatanaFramework
- killchain
- kimi
- koadic
- kwetza
- LALIN
- LANs.py
- LegionEliteProxiesGrabber
- leviathan
- LFiExploiter
- LFiFreak
- LFISuite
- liffy
- LinDrop
- litesploit
- mac2wepkey
- macchanger
- MakeWordlistForBrute
- Maskgen
- MassBleed
- MassDorkScanner
- massExpConsole
- Matroschka
- MaXIsploit
- md5crack
- mergedict
- Meterpreter_Paranoid_Mode-SSL
- MITMf
- mitm-rogue-WiFi-AP
- MooreRPortScanner
- morpheus
- morphHTA
- mpc
- ms17
- msfvenom_custom_encoding
- netattack2
- netdiscover-0.3-pre-beta7
- netool-toolkit
- netsec-framework
- NetZapper
- NoSQLMap
- nps_payload
- nsa
- NSA-exploits
- nsa-gui
- NXcrypt
- ONO_Netgear_WPA2_Hack
- operative-framework
- OSPTF
- OWASP-Nettacker
- p0iz0nProxyProcessor
- pandora-manager
- pastezort
- pasv-agrsv
- PAYLOAD-MAKER
- PenBox
- penetrator-wps
- penmode
- pentesting-multitool
- pentestly
- pentest-machine
- PiWAT
- pixiewps
- Policygen
- portSpider
- PowerScript-KatanaFramework
- Pr0xYGrabber
- PRET
- ProPort
- ProxyFinder
- PureNetworks
- Pybelt
- PyBozoCrack
- pydictor
- python_gdork_sqli
- python-hacklib
- pyxiewps_WPS
- pyxiewps_WPShack-Python
- Quack
- reaver
- reaver.rd
- reaver-spoof
- reaver-webui
- reaver-wps-fork-t6x-master
- ReconDog
- RED_HAWK
- reGeorg
- riwifshell
- Rt2rtc
- Rtc2rt
- Rtgen
- Rtsort
- Rulegen
- saint
- scanless
- scapy-deauth
- scythian
- SEF
- sgen
- ShadowBatchVirusGenMOD
- shellsploit
- shocker
- ShockLabsFileBinder
- shodanwave
- SigPloit
- SimpleBinder
- simple-ducky
- smap
- smod
- Sn1per
- SPF
- SpiderMail
- SQLExploitScanner
- SqliColCount
- SQLiDumper
- sqlihelperv_2_7
- sqli-scanner
- sqlitebrowser
- sqliv
- sqliscan
- SQL-nightmare
- anon-i2p-start
- Stitch
- anon-i2p-stop
- String-generator
- Struts2Shell
- Sublist3r
- SuperMicro-Password-Scanner
- TeraBitClient
- The-Auto-Pentest
- fatrat
- theharvestergui
- TNscan
- torghost
- tor_ip_switcher
- toriptables2
- TPLink-AttackDictionary
- tplmap
- trape
- TripleX-Crypter
- Trity
- tulpar
- TuxCut
- 417
- U-Cracker
- Umbrella
- V3n0M
- Vanquish
- varmacreaversav9-93
- varmacscan2-8
- VBSVirusMaker
- Vbswg
- Veil-Ordnance
- venomdroid3
- Virus-O-Matic
- viSQL
- VMR-MDK
- w3af
- waidps
- WarChild
- WeBaCoo
- webpwn
- Webscan
- weeman
- wePWNise
- Wi-fEye
- wifiarnet
- wifiarp
- wifi-autopwner
- wifi_check
- wifi-contour
- wificurse
- wifidns
- wifi-hacker
- wifi-harvester
- wifi-honey
- wifijammer
- wifi-linux-rssi
- wifimonster
- wifiphisher
- wifiping
- WifiScanAndMap
- wifitap
- wifite
- wifite2
- wifite-mod-pixiewps
- Wifite_ng
- wifuzz
- wiki_wordlist_generator
- Winpayloads
- wireless-ids
- wireless-info
- Wireless-Sniffer
- wirespy
- wlanreaver
- wordlist50
- word-list-compress
- Wordlists
- wordpress-exploit-framework
- WormGen
- WPA2-HalfHandshake-Crack
- wpa-autopwn
- wpa-bruteforcer
- wpaclean
- Wpspin
- wpa-extractor
- wpaforhashcat
- wperf
- wps-connect
- wpscrack
- wpsdb
- WPSIG
- wpspin
- WPSPIN
- Wpspingenerator
- wps_scanner
- wsuxploit
- wwcleaner
- XAttacker
- xerosploit
- xerxes-dos
- xpath
- xsscrapy
- XssPy
- XSSTracer
- XSStrike
- zarp
- ZeusCrypter
- zirikatu
- Extra Tools:
- DandenSpritz
- FuzzBunch
- More tools:
- acccheck
- ace-voip
- Amap
- Automater
- bing-ip2hosts
- braa
- CaseFile
- CDPSnarf
- cisco-torch
- Cookie Cadger
- copy-router-config
- DMitry
- dnmap
- dnsenum
- dnsmap
- DNSRecon
- dnstracer
- dnswalk
- DotDotPwn
- enum4linux
- enumIAX
- Faraday
- Fierce
- Firewalk
- fragroute
- fragrouter
- Ghost Phisher
- GoLismero
- goofile
- hping3
- ident-user-enum
- InTrace
- iSMTP
- lbd
- Maltego Teeth
- masscan
- Metagoofil
- Miranda
- nbtscan-unixwiz
- Nmap
- ntop
- p0f
- Parsero
- Recon-ng
- SET
- smtp-user-enum
- snmp-check
- SPARTA
- sslcaudit
- SSLsplit
- sslstrip
- SSLyze
- THC-IPV6
- theHarvester
- TLSSLed
- twofi
- URLCrazy
- Wireshark
- WOL-E
- Xplico
- Vulnerability Analysis
- BBQSQL
- BED
- cisco-auditing-tool
- cisco-global-exploiter
- cisco-ocs
- cisco-torch
- copy-router-config
- DBPwAudit
- Doona
- DotDotPwn
- HexorBase
- Inguma
- jSQL
- Lynis
- Nmap
- ohrwurm
- Oscanner
- Powerfuzzer
- sfuzz
- SidGuesser
- SIPArmyKnife
- sqlmap
- Sqlninja
- sqlsus
- THC-IPV6
- tnscmd10g
- unix-privesc-check
- Yersinia
- Exploitation Tools
- Armitage
- Backdoor Factory
- BeEF
- cisco-auditing-tool
- cisco-global-exploiter
- cisco-ocs
- cisco-torch
- Commix
- crackle
- exploitdb
- jboss-autopwn
- Linux Exploit Suggester
- Maltego Teeth
- Metasploit Framework
- RouterSploit
- SET
- ShellNoob
- sqlmap
- THC-IPV6
- Yersinia
- Wireless Attacks
- Aircrack-ng
- Asleap
- Bluelog
- BlueMaho
- Bluepot
- BlueRanger
- Bluesnarfer
- Bully
- coWPAtty
- crackle
- eapmd5pass
- Fern Wifi Cracker
- Ghost Phisher
- GISKismet
- Gqrx
- gr-scan
- hostapd-wpe
- kalibrate-rtl
- KillerBee
- Kismet
- mdk3
- mfcuk
- mfoc
- mfterm
- Multimon-NG
- PixieWPS
- Reaver
- redfang
- RTLSDR Scanner
- Spooftooph
- Wifi Honey
- wifiphisher
- Wifitap
- Wifite
- Forensics Tools
- Binwalk
- bulk-extractor
- Capstone
- chntpw
- Cuckoo
- dc3dd
- ddrescue
- DFF
- diStorm3
- Dumpzilla
- extundelete
- Foremost
- Galleta
- Guymager
- iPhone Backup Analyzer
- p0f
- pdf-parser
- pdfid
- pdgmail
- peepdf
- RegRipper
- Volatility
- Xplico
- Web Applications
- apache-users
- Arachni
- BBQSQL
- BlindElephant
- Burp Suite
- CutyCapt
- DAVTest
- deblaze
- DIRB
- DirBuster
- fimap
- FunkLoad
- Gobuster
- Grabber
- jboss-autopwn
- joomscan
- jSQL
- Maltego Teeth
- PadBuster
- Paros
- Parsero
- plecost
- Powerfuzzer
- ProxyStrike
- Recon-ng
- Skipfish
- sqlmap
- Sqlninja
- sqlsus
- ua-tester
- Uniscan
- Vega
- w3af
- WebScarab
- Webshag
- WebSlayer
- WebSploit
- Wfuzz
- WPScan
- XSSer
- zaproxy
- Stress Testing
- DHCPig
- FunkLoad
- iaxflood
- Inundator
- inviteflood
- ipv6-toolkit
- mdk3
- Reaver
- rtpflood
- SlowHTTPTest
- t50
- Termineter
- THC-IPV6
- THC-SSL-DOS
- Sniffing & Spoofing
- Burp Suite
- DNSChef
- fiked
- hamster-sidejack
- HexInject
- iaxflood
- inviteflood
- iSMTP
- isr-evilgrade
- mitmproxy
- ohrwurm
- protos-sip
- rebind
- responder
- rtpbreak
- rtpinsertsound
- rtpmixsound
- sctpscan
- SIPArmyKnife
- SIPp
- SIPVicious
- SniffJoke
- SSLsplit
- sslstrip
- THC-IPV6
- VoIPHopper
- WebScarab
- Wifi Honey
- Wireshark
- xspy
- Yersinia
- zaproxy
- Password Attacks
- acccheck
- Burp Suite
- CeWL
- chntpw
- cisco-auditing-tool
- CmosPwd
- creddump
- crunch
- DBPwAudit
- findmyhash
- gpp-decrypt
- hash-identifier
- HexorBase
- THC-Hydra
- John the Ripper
- Johnny
- keimpx
- Maltego Teeth
- Maskprocessor
- multiforcer
- Ncrack
- oclgausscrack
- PACK
- patator
- phrasendrescher
- polenum
- RainbowCrack
- rcracki-mt
- RSMangler
- SQLdict
- Statsprocessor
- THC-pptp-bruter
- TrueCrack
- WebScarab
- wordlists
- zaproxy
- Maintaining Access
- CryptCat
- Cymothoa
- dbd
- dns2tcp
- http-tunnel
- HTTPTunnel
- Intersect
- Nishang
- polenum
- PowerSploit
- pwnat
- RidEnum
- sbd
- U3-Pwn
- Webshells
- Weevely
- Winexe
- Hardware Hacking
- android-sdk
- apktool
- Arduino
- dex2jar
- Sakis3G
- smali
- Reverse Engineering
- apktool
- dex2jar
- diStorm3
- edb-debugger
- jad
- javasnoop
- JD-GUI
- OllyDbg
- smali
- Valgrind
- YARA
- Reporting Tools
- CaseFile
- CutyCapt
- dos2unix
- Dradis
- KeepNote
- MagicTree
- Metagoofil
- Nipper-ng
- pipal
Add Comment
Please, Sign In to add comment