DNSTrails v1.0 – DNS intelligence database

DNSTrails is an intelligence database, featuring IP and Domain related data such as current and historical DNS records, current and historical WHOIS, technologies used, subdomains and the ability to...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

OWASP Joomscan v0.0.1

OWASP JoomScan (short for [Joom]la Vulnerability [Scan]ner) is an opensource project in perl programming language to detect Joomla CMS vulnerabilities and analysis them. If you want to do a...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

PoT – Phishing on Twitter v0.1

PoT (Phishing on Twitter) is phishing tool. It is spoofing target’s friend and creating tweet like him. It all happens automatically. How it works? Collect data from target’s twitter...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

GAN v1.0 – A SSL Subdomain Extractor

GetAltName (or GAN) is a tool that extracts sub-domains or virtual domains directly from SSL certificates found in HTTPS sites. It returns a handy list of sub-domains to ease the phase of information...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Enumdb Beta – Brute Force MySQL and MSSQL Databases

Enumdb is brute force and post exploitation tool for MySQL and MSSQL databases. When provided a list of usernames and/or passwords, it will cycle through each looking for valid credentials. By...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Black Hat Arsenal USA 2018 – Call For Tools (Now Closed)

The Black Hat Arsenal team will once again provide hackers & security researchers the opportunity to demo their newest and latest code! The Arsenal tool demo area is dedicated to independent...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

T.rex_scan v0.2 – Integrate Tools to Audit Web Sites

T.rex_scan only facilitates the visualization when auditing a web page. With this script you can optimize your time, reducing the time you audit a page web since T.rex_scan executes the task you...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Purplemet Online Tool To Detect WebApp Technologies

Purplemet Security provides you an efficient and fast way to detect technologies used on web application as well their versions. It comes with 3 main features : Real-time Purplemet technology...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Black Hat Arsenal USA 2018 The “w0w” Lineup !!

Just woow. Finally after few days of reviewing, selecting, unselecting, doubting, screaming and re-reviewing. The Blackhat  & ToolsWatch team released the selected tools for the USA...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Recon Village @ DEFCON 2018 (Hackathon)

ToolsWatch likes open source tools, for that reason we will participate in the Recon Village @ DEF CON 2018 as part of jury. Maxi Soler will be there 🙂 Recon Village is an Open Space with Talks,...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Blackhat Arsenal Europe 2018 CFT Open

The Black Hat Arsenal team is heading to London with the very same goal: give hackers & security researchers the opportunity to demo their newest and latest code. The Arsenal tool demo area is...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

HITB Armory – Call for Tools is OPEN! (Dubai, UAE)

We’re pleased to announce the first ever HackInTheBox Armory! The HITB Armory is where you can showcase your security tools to the world. You will get 30 minutes to present your tools onstage,...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Black Hat Arsenal Europe 2018 Lineup Announced

After days of reviewing the hundreds of submitted tools, ToolsWatch and Black Hat teams selected 50 tools. They will be demonstrated over 2 days the 5th and 6th of December 2018 at the Excel London...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Black Hat Arsenal Asia 2019 CFT Open

The Black Hat Arsenal team will be back in Singapore with the very same goal: give hackers & security researchers the opportunity to demo their newest and latest code. The Arsenal tool demo area...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Black Hat Arsenal Asia 2019 Lineup Announced

The Black Hat Arsenal event is back to Singapore after a successful session in London. In case you are attending the Blackhat Asia 2019, do not forget to stop by the Arsenal because we have selected...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Amazing Black Hat Arsenal USA 2019 Lineup Announced

After days of though reviewing, the whole Arsenal team has selected nearly 94 tools. Most of them will be released during the event. This USA session will introduce as well a new daily meet-up in the...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Introducing the 1st Arsenal Lab USA 2019

After several years of a dazzling success of the famous Black Hat Arsenal, the team has brainstormed to offer some new entertainment.Several ideas have been reviewed however the principle of an...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Objective By The Sea & ToolsWatch To Organize The First Edition Of macOS “Aloha” Armory (CLOSED)

We are extremely pleased and excited to announce our recent partnership with the renowned Objective By The Sea to promote a security & hacking tools demonstration area exclusively macOS oriented....

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Top 5 Critical CVEs Vulnerability from 2019 That Every CISO Must Patch Before He Gets Fired !

The number of vulnerabilities continues to increase so much that the technical teams in charge […]

CVE In The Hook – Monthly Vulnerability Review (January 2020 Issue)

Every day, new common vulnerabilities and exploits are publicly exposed. While this brings these flaws

Fox Kitten -Iranian Espionage – leveraged 4 CVEs Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs

Security company ClearSky has released few days ago a very detailed report about Iranian hackers

CVE In The Hook – Monthly Vulnerability Review (February 2020 Issue)

Almost for as long as computers have been around, there have been vulnerabilities and individuals

CVE In The Hook – Monthly Vulnerability Review (March 2020 Issue)

There is no shortage of potential threats to your digital security. In fact, the number

Efficiency of the Vulnerability Response With vFeed Intelligence

This paper is based on the report from Ponemon Institute “Costs and Consequences of Gaps

vFeed, Inc. Introduces Vulnerability Common Patch Format Feature

New Feature !Vulnerability Common Patch Format vFeed Vulnerability Intelligence Service was created to provide correlation

Top 10 Most Exploited Vulnerabilities in 2020

We delved into the tons of vulnerability intelligence data we accumulated over the years. I

Top 10 Most Used MITRE ATT&CK Tactics & Techniques In 2020

MITRE’s Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) is a curated knowledge base and model

Top Twenty Most Exploited Vulnerabilities in 2021

The number of vulnerabilities in 2021 have dramatically increased so that the technical teams in […]

COOPER Analysis Tool

Cooper utilizes cooperative mutation to test the binding code of scripting languages to find memory-safe issues. Cooperative mutation simultaneously modifies the script code and the related document objects to explore various code paths of the binding code. To support cooperative mutation, the authors infer the relationship between script code and document objects to guide the two-dimensional mutation. They applied their tool Cooper on three popular commercial PDF tools, Adobe Acrobat, Foxit Reader, and Microsoft Word. Cooper detected 134 previously unknown bugs, which resulted in 33 CVE entries and 22K bug bounties.

Lynis Auditing Tool 3.0.8

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

TP-Link Backup Decryption Utility

This is a small tool written to help decrypt encrypted TP-Link backups.

Deliverance 0.018-daf9452 File Descriptor Fuzzer

Deliverance is a file descriptor fuzzer written in bash. It injects random data into file descriptors of pids associated with a process until the program crashes, then outputs the results of what caused the crash. It leaves behind files that were used as input for the last 2 minutes before the fault, useful for reproduction.

I2P 1.8.0

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

GRR 3.4.6.0

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Falco 0.32.0

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Zeek 4.2.2

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

TOR Virtual Network Tunneling Tool 0.4.7.8

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.

Wireshark Analyzer 3.6.6

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

OpenSSL Toolkit 1.1.1p

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

MIMEDefang Email Scanner 3.0

MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.

American Fuzzy Lop plus plus 4.01c

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Global Socket 1.4.36

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Blue Team Training Toolkit (BT3) 2.9

Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.

Queue Abstract Data Type Tool

This tool can be embedded into AI systems for storing information and deleting it very efficiently by using queues disguising themselves as arrays and adding data and removing the data using pointers and flags.

Bash / Netcat Reverse Shells

This script is a great tool for pentesters needing to create reverse shells using either bash or netcat.

Global Socket 1.4.37

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

C Language Reverse Shell Generator

This is a C language reverse shell generator that is written in Python.

TripleCross Linux eBPF Rootkit

TripleCross is a Linux eBPF rootkit that demonstrates the offensive capabilities of the eBPF technology. TripleCross is inspired by previous implant designs in this area, notably the works of Jeff Dileo at DEFCON 271, Pat Hogan at DEFCON 292, Guillaume Fournier and Sylvain Afchain also at DEFCON 293, and Kris Nóva's Boopkit4. The authors reuse and extend some of the techniques pioneered by these previous explorations of the offensive capabilities of eBPF technology.

OpenSSL Toolkit 3.0.5

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide. The 3.x series is the current major version of OpenSSL.

OpenSSL Toolkit 1.1.1q

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Zeek 5.0.0

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Falco 0.32.1

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

GNU Privacy Guard 2.2.36

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions. This is the LTS release.

GNU Privacy Guard 2.3.7

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

Suricata IDPE 6.0.6

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Global Socket 1.4.38

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

AIEngine 2.2.0

AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.

Logwatch 7.7

Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.

Clam AntiVirus Toolkit 0.105.1

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Wireshark Analyzer 3.6.7

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.