Projects

Metasploit Framework

The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security ... [More] researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler. [Less]

PHPIDS

PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application. The IDS neither strips, sanitizes nor filters any malicious input, it simply recognizes when an attacker tries to break your site and reacts in ... [More] exactly the way you want it to. Based on a set of approved and heavily tested filter rules any attack is given a numerical impact rating which makes it easy to decide what kind of action should follow the hacking attempt. This could range from simple logging to sending out an emergency mail to the development team, displaying a warning message for the attacker or even ending the user’s session. [Less]

nepenthes

Nepenthes is a versatile tool to collect malware. It acts passively by emulating known vulnerabilities and downloading malware trying to exploit these vulnerabilities.

sqlmap

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting ... [More] from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections. [Less]

BSQL Hacker

BSQL (Blind SQL) Hacker is an automated SQL Injection Framework / Tool designed to exploit SQL injection vulnerabilities virtually in any database. BSQL Hacker aims for experienced users as well as beginners who want to automate SQL Injections (especially Blind SQL Injections). It allows ... [More] metasploit similar exploit repository to share and update exploits. [Less]

Ronin

Ronin is a Ruby platform for exploit development and security research. Ronin allows for the rapid development and distribution of code, exploits or payloads over many common Source-Code-Management (SCM) systems.

attackapi

AttackAPI provides simple and intuitive programmable interface for composing attack vectors with JavaScript and other client and server related technologies. We are currently developing the 3.x branch which introduces great control over the Attack subroutines and provides some excellent means for packaging and delivering payloads.

WehnTrust

WehnTrust is a Host-based Intrusion Prevention System (HIPS) for Windows 2000, XP, and Server 2003. It includes support for exploit mitigations that are designed to make exploitation more difficult by preventing the use of specific exploitation techniques and by making exploitation unreliable.

ZB Block

This php security script is designed to detect certain behaviors detrimental to websites, or known bad addresses attempting to access your site. It then will send the bad robot (usually) or hacker an authentic 403 FORBIDDEN page with a description of what the problem was. If the attacker persists ... [More] , then they will be served up a permanently reccurring 503 OVERLOAD message with a 24 hour timeout. [Less]

bloit

Bloit is a bluetooth exploitation kit that is designed to mangle with bluetooth packages at it's lowest level in a very easy fashion. It's being designed mainly as a library so people can easy corporate in into there own applications.