Reverse IP Lookup - Find Other Web Sites Hosted on a Web Server. Yara-project - A malware identification and classification tool. RIPS - free PHP security scanner using static code analysis. Code search ⋅ search. Protect Your Interwebs. BFT a Browser forensic tool. Labs Research: Solving a Little Mystery. Firmware analysis is a fascinating area within the vast world of reverse engineering, although not very extended.
This tools is intended to help Penetration testers in the early stages of the project It’s a really simple tool, but very effective. The sources supported are: Google – emails,subdomains/hostnames Google profiles – Employee names Bing search – emails, subdomains/hostnames,virtual hosts Pgp servers – emails, subdomains/hostnames Linkedin – Employee names Exalead – emails,subdomain/hostnames New Features Time delays between requests XML and HTML results export Search a domain in all sources Virtual host verifier Shodan computer database integration Active enumeration (DNS enumeration,DNS reverse lookups, DNS TLD expansion) Basic graph with stats. Raz0r.name — блог о web-безопасности. Antepedia. Koders.com.
Open Search - Home. FAQ - GrepCode.com - Java Source Code Search 2.0. How do I perform a stack trace search ?
Clicking the checkbox labeled "Stack Trace Search" on the GrepCode home page provides a text area where you can paste your Java stack trace. Doing a search after that will take you to a page with the results of your stack trace search. Alternatively, if you are not on the main page, you can click on the link in the header labeled "Stack Trace Search", and perform the same search. DEFT Linux 7 RC1. List of tools for static code analysis. This is a list of tools for static code analysis.
By language Multi-language Cppcheck - A tool for static C/C++ code analysis. FindBugs v.2.0 - Find Bugs in Java Programs. Javasnoop - A tool that lets you intercept methods, alter data and otherwise hack Java applications running on your computer. Normally, without access to the original source code, testing the security of a Java client is unpredictable at best and unrealistic at worst.
With access the original source, you can run a simple Java program and attach a debugger to it remotely, stepping through code and changing variables where needed. Doing the same with an applet is a little bit more difficult. Unfortunately, real-life scenarios don't offer you this option, anyway. Compilation and decompilation of Java are not really as deterministic as you might imagine. Therefore, you can't just decompile a Java application, run it locally and attach a debugger to it. VirSCAN.org - Free Multi-Engine Online Virus Scanner v1.02, Supports 36 AntiVirus Engines! Arachni Web scanner (CLI & WEB GUI) ~ Sudhir @ Pentester.
Download the CDE package from: Linux users enjoy the privilege of a CDE package which is a compressed archive and contains a full preconfigured Linux environment in the form of a sandbox.
Quick Basic Usage of Arachni: To see help type : p0f v3. Copyright (C) 2012 by Michal Zalewski <email@example.com> Yeah, it's back!
1. What's this? Loadbalancer-finder - Load Balancer Finder. Program to detect domains that use load balancers and/or multiple hosts by Alejandro Nolla Blanco (z0mbiehunt3r).
Tries to find load balancers using several methods: - Check multiple DNS "A" entries - IPID Analysis - IP TTL value analysis - Server banner analysis - Well-known load balancer cookies checking - HTTP Date header timestamp analysis - ICMP timestamp analysis - TCP timestamp analysis - Multiple DNS queries with different geolocated DNS servers (round-robin, anycast) Thanks to: - Rubén Garrote García (boken) - Daniel García García (cr0hn) - Raúl Siles from Taddong - Buguroo and Écija ethical hacking team - John Matherly (achillean) for Shodan and his help - Adam Maxwell for Citrix Net Scaler cookie decoder.
Wavsep - Web Application Vulnerability Scanner Evaluation Project. A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners. This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners. AS OF 2014/01/01, The Project File Hosting was migrated to Sourceforge. New downloads (WAVSEP 1.5+) can be obtained from the project sourceforge repository Quickstart: The easiest way to get started with wavsep evaluations is to use a pre-installed instance in one of the following training VMs (note that some of the path traversal test cases only work under windows): Web Security Dojo v2.0+ OWASP Broken Web Apps null's GAMEOVER VM Extras: pico-wavsep (w3af) - a minimalistic way to run wavsep wavsep cookbook (rapid7) - recipes to install and run wavsep on tomcat.
The tool will perform a search in Google to identify and download the documents to local disk and then will extract the metadata with different libraries like Hachoir, PdfMiner and others. With the results it will generate a report with usernames, software versions and servers or machine names that will help Penetration testers in the information gathering phase. This new version supports local directory scanning The application has been tested in Linux and OSX.