Metasploit Framework

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com

Web Application Security Scanner Framework

Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.

Mars(战神)——资产发现、子域名枚举、C段扫描、资产变更监测、端口变更监测、域名解析变更监测、Awvs扫描、POC检测、web指纹探测、端口指纹探测、CDN探测、操作系统指纹探测、泛解析探测、WAF探测、敏感信息检测等等

SQL Vulnerability Scanner

idb is a tool to simplify some common tasks for iOS pentesting and research

DEPRECATED - A prototype SSH configuration and policy scanner (Blog: https://mozilla.github.io/ssh_scan/)

Pattern recognition for hosts, services, and content

Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem

CATPHISH project - For phishing and corporate espionage. Perfect for RED TEAM.

discontinued

VIPROY - VoIP Pen-Test Kit for Metasploit Framework

(deprecated) Android application vulnerability analysis and Android pentest tool

A GPL fork of the popular wordpress vulnerability scanner WPScan

BinProxy is a proxy for arbitrary TCP connections. You can define custom message formats using the BinData gem.

Cartero - Social Engineering Framework

CVE-2018-8174 - VBScript memory corruption exploit.

Embed a Metasploit Payload in an Original .Apk File

POC for injecting Metasploit payloads on arbitrary APKs

Security tool to trace URL's jumps across the rel links to obtain the last URL