Projects

attackapi

AttackAPI provides simple and intuitive programmable interface for composing attack vectors with JavaScript and other client and server related technologies. We are currently developing the 3.x branch which introduces great control over the Attack subroutines and provides some excellent means for packaging and delivering payloads.

websecurify

Websecurify Security Testing RuntimeWebsecurify is a powerful web application security testing environment designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies. ReleasesCurrent releases: Websecurify 0.5 (Windows) Websecurify ... [More] 0.5 (Mac) Websecurify 0.5 (Linux) Websecurify 0.5 (Source) Old releases: Websecurify 0.4 (Windows) Websecurify 0.4 (Mac) Websecurify 0.4 (Linux) Websecurify 0.4 (Source) Websecurify 0.3 (Windows) Websecurify 0.3 (Mac) Websecurify 0.3 (Linux) Websecurify 0.3 (Source) ToolsWebsecurify Build Environment (xulrunner 1.9.1.7) TopicsHowToBuildWebsecurify - introduction to how the cross-platform building process works CreditsThe Websecurify initiative is proudly sponsored by GNUCITIZEN, a leading body in the spheres of offensive and defensive information security research and technology. [Less]

backframe

Backframe is a full featured attack console for exploiting WEB browsers, WEB users and WEB applications.

gc-renaissance

javascript api

zombiemap

ZombieMap is an AJAX application that you can use to locate Zombie hooked on bi-directional persistent communication channels. Carnaval is such type of channel and it is added by default. If you want to spawn your own attack channel, use AttackAPI’s channel.php infrastructure module.

coreapi

multi-purpose JavaScript development library

bashitsu

BASHITSU (The Bash Ninjitsu)

h4ck

scripting environment

gc-met

Massive Enumeration Toolset

mashina

Mashina is a framework for composing and launching exploits.