Open Source Perl Penetration Testing Tools

The most complete and Advanced Penetration Testing and Ethical Hacking Platform dedicated to Advanced Professionals. Developed to bring the power of Offensive Security in the anyone's pocket 100% OPEN SOURCE - ANDRAX is a independent solution for Security professionals who loves Linux

<<Hack|Track GNU/Linux is an open source operating system developed by the HTGL Project from Indonesia which provides penetration testing.

This is a script to perform a dictionary based attack through protocol FTP and SSH2. You need libssh2 to use ssh2 methods. Syntax use: perl ssh2ftpcrack.pl [ssh or ftp] [user] [host] [wordlist] http://packetstormsecurity.org/Crackers/wordlists/

BlockSSHD protects computers from SSH brute force attacks by dynamically blocking IP addresses by adding iptables rules.

This is a perl script for hacking .. It Will make hacking easy for You .. It is For BackTrack This Script Contains This tools : Local File Disclource (LFD) Checker Scanning the whole netmask and returning IP and MAC BackConnect Tools Proxy Checker Reverse IP Add a User With Admin Access (Windows) Add a User With r00t Access (Unix) Grab Cpanel Users Remote Port Scanning With NetCat SQL Injection Scanner MD5 Hash Cracker (Online) Admin Page Finder Make Uploader With Echo Method (Linux Servers) Service Scanning BruteForce Services With Medusa And Hydra (Backtrack) Test Lfi With php:// Bypass Method Cms Analyzer (Beta Version) Server Scanning With Nmap Remote Command Execution Console Fck Editor Scanner

Authdefender is a filtering application that, in combination with iptables, blocks malicious users from accessing any aspect of the server in question. Malicious users are defined by brute force ssh/ftp attempts and blocked regardless of tcp wrappers.

BashCore is a Debian-based live ISO for security professionals, networking enthusiasts, and students. Minimalist and GUI-free, it relies entirely on Bash. Lightweight, fast, and GPU-ready, it provides a fresh environment on every boot, ideal for safe experimentation, learning, and diagnostics. Built with Debian live-build and distributed under the MIT License. No branding, no telemetry, no tracking. Also available: BashCoreX adds XFCE with Firefox, Tor and Mullvad browsers, Wireshark, GParted, and FileZilla. BashCoreT is CLI-only, built on Debian 13 “Trixie” with Linux Kernel 6.12 (PREEMPT_RT). BashCoreTX combines XFCE with Debian 13, Kernel 6.12, Firefox, Tor and Mullvad browsers, and Wireshark. BashCoreZ is ultra-minimal CLI, live Debian 13 netinst, PREEMPT_RT kernel. BashLabOS is for everyday use, featuring XFCE with GIMP, FileZilla, VLC, LibreOffice, GParted, Tor, Mullvad, Tor and LibreWolf browsers and Proxychains4. Info & download at https://www.bashcore.org

#Pwn Linux (pronounced CrunchPwn) is a penetration testing repository/addition for CrunchBang Linux. The packages also work with any Debian Wheezy compliant system. Default themes are built specifically for OpenBox, but feel free to submit themes for various windows managers. Pull requests are gladly accepted, and requests for tools can be made by opening an issue on github or on sourceforge.

DES Cracker is a small perl script that cracks DES encrypted passwords.Currently there is only a brute force implementation where phrases are generated. Later version will have a possibility to use word lists for cracking.

Dark Cracker is a dictionary based brute-force DES-encrypted password cracker written in PERL which allows *nix system administrators to test password files against a dictionary of common passwords and detect accounts without a password.

Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. It comes with pre-made binaries (agents), a working default configuration for fast pentests, and has it's own WebServer and DNSServer modules. Easy to set up new settings, and has an autoconfiguration when new binary agents are set. Evilgrade works with modules, in each module there's an implemented structure which is needed to emulate a fake update for an specific application/system.

FZBFD is Brute Force Detection for Filezilla ftp server. fzbfd.pl looks at the logs from filezilla and will auto ban or block ips from accessing your FTP server. FZBFD can be setup to run hourly using task manager and uses dshield.org's top offenders...

Advanced Perl script for DES password cracking. Might be handy for password QA. Brut-force, load Unix passwd/shadow, multi hash crack, input/output file, save/resume cracking state.

SMTPA is a penetration testing and email compliance tool. Want to know if a renamed, encrypted MS word document with a wrongly set content-type header fools your Content Security infrastructure? Check this out!

ISR-evilgrade: is a modular framework that allow us to take advantage of poor upgrade implementations by injecting fake updates.

MD5 Brute Force Cracker

Operative Systems Suported are: Linux-ubuntu, kali-linux, backtack-linux (un-continued), freeBSD, Mac osx (un-continued) Netool its a toolkit written using 'bash, python, ruby' that allows you to automate frameworks like Nmap, Driftnet, Sslstrip, Metasploit and Ettercap MitM attacks. this toolkit makes it easy tasks such as SNIFFING tcp/udp traffic, Man-In-The-Middle attacks, SSL-sniff, DNS-spoofing, D0S attacks in wan/lan networks, TCP/UDP packet manipulation using etter-filters, and gives you the ability to capture pictures of target webbrowser surfing (driftnet), also uses macchanger to decoy scans changing the mac address. Rootsector module allows you to automate some attacks over DNS_SPOOF + MitM (phishing - social engineering) using metasploit, apache2 and ettercap frameworks. Like the generation of payloads, shellcode, backdoors delivered using dns_spoof and MitM method to redirect a target to your phishing webpage. recent as introducted the scanner inurlbr (by cleiton)