Tag Archive | "Python"


04 March 2014 | 2,003 views

EyeWitness – A Rapid Web Application Triage Tool

EyeWitness is a rapid web application triage tool designed to take screenshots of websites, provide some server header info, and identify default credentials if possible. The author would love for EyeWitness to identify more default credentials of various web applications. So as you find devices which utilizes default credentials, please e-mail him the source code [...]

Continue Reading


24 February 2014 | 1,258 views

wig – WebApp Information Gatherer – Identify CMS

wig is a Python tool that identifies a websites CMS by searching for fingerprints of static files and extracting version numbers from known files. OS identification is done by using the value of the ‘server’ and ‘X-Powered-By’ in the response header. These values are compared to a database of which package versions are include with [...]

Continue Reading


05 February 2014 | 3,298 views

hash-identifier – Identify Types Of Hashes Used To Encrypt Passwords

Somewhat similar to HashTag – Password Hash Type Identification (Identify Hashes) – which we posted about a while back, here we have hash-identifier or Hash ID. Once again this is a Python script created to identify types of hashes used to encrypt data and especially passwords. It supports a whole bunch of hashes such as [...]

Continue Reading


06 January 2014 | 1,796 views

xssless – An Automated XSS Payload Generator Written In Python

xssless is an automated XSS payload generator written in python. Usage Record request(s) with Burp proxy Select request(s) you want to generate, then right click and select “Save items” Use xssless to generate your payload: ./xssless.py burp_export_file Pwn! Features Automated XSS payload generation from imported Burp proxy requests Payloads are 100% asynchronous and won’t freeze [...]

Continue Reading


22 November 2013 | 2,455 views

LANs.py ARP Spoofer – Multithreaded Asynchronous Packet Parsing/Injecting

LANs.py is a multithreaded asynchronous packet parsing/injecting ARP spoofer & poisoner. Individually poisons the ARP tables of the target box, the router and the DNS server if necessary. Does not poison anyone else on the network. Displays all most the interesting bits of their traffic and can inject custom html into pages they visit. Cleans [...]

Continue Reading


19 November 2013 | 4,945 views

HashTag – Password Hash Type Identification (Identify Hashes)

HashTag.py is a Python script written to parse and identify the password hash type used. HashTag supports the identification of over 250 hash types along with matching them to over 110 hashcat modes (use the command line switch -hc to output the hashcat modes). It is also able to identify a single hash, parse a [...]

Continue Reading


27 February 2013 | 7,221 views

ARPwner – ARP & DNS Poisoning Attack Tool

ARPwner is a tool to do ARP poisoning and DNS poisoning attacks, with a simple GUI and a plugin system to do filtering of the information gathered, also has a implementation of sslstrip and is coded 100% in python and on Github, so you can modify according to your needs. This tool was released by [...]

Continue Reading


28 June 2012 | 10,138 views

The Mole v0.3 Released For Download – Automatic SQL Injection Exploitation Tool

The Mole is an automatic SQL Injection exploitation tool. All you need to do is provide a vulnerable URL and a valid string on the site you are testing and The Mole will detect the injection and exploit it, either by using the union technique or a boolean query based technique. We did mention The [...]

Continue Reading


29 December 2011 | 28,291 views

Patator – Multi Purpose Brute Forcing Tool

Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage. Basically the author got tired of using Medusa, Hydra, ncrack, metasploit auxiliary modules, nmap NSE scripts and the like because: They either do not work or are not reliable (false negatives several times in the past) They are slow (not multi-threaded or [...]

Continue Reading


14 November 2011 | 9,000 views

w3af v1.1 Released For Download – Web Application Attack & Audit Framework

w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. The w3af core and it’s plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross [...]

Continue Reading


Popular Tags

computer-security · darknet · exploits · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · Information-Security · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·