Open Source Windows Penetration Testing Tools - Page 11
Sort By:
Penetration Testing Tools for Windows
View 20 business solutions-
Simple, Secure Domain RegistrationRegister or renew your domain and pay only what we pay. No markups, hidden fees, or surprise add-ons. Choose from over 400 TLDs (.com, .ai, .dev). Every domain is integrated with Cloudflare's industry-leading DNS, CDN, and free SSL to make your site faster and more secure. Simple, secure, at-cost domain registration.
-
Gen AI apps are built with MongoDB AtlasMongoDB Atlas is the developer-friendly database used to build, scale, and run gen AI and LLM-powered apps—without needing a separate vector database. Atlas offers built-in vector search, global availability across 115+ regions, and flexible document modeling. Start building AI apps faster, all in one place.
-
1
PYramid
PYramid is a usefull tool for programers.
The pyramid has a small pirating project inside the major project. This is PYramid. Here are the small projects: brute-force, password_generator, spam_bot, word_cheater, wifi password shower, advanced calculator, definiton_answer. To download it, you need a Windows OS, python and pip installed. Hopefully you'll like it. Made by R2_systems, project VI. -
2
Password Checker
A program designed to check passwords.
This program checks the namespace of the password input ([a-z][A-Z][0-9][`-/]) and then determine the total number of passwords that an attacker might go through to brute-force the password. This is currently and ALPHA program, and as such everything that you "get" out of it should be examined closely. -
3
Crack the encrypted passwords (MD5,SHA, etc....)
-
4
Advanced Perl script for DES password cracking. Might be handy for password QA. Brut-force, load Unix passwd/shadow, multi hash crack, input/output file, save/resume cracking state.
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
5
Supplementary files for Georgia Weidman's Penetration Testing: A Hands-On Guide to Hacking (No Starch Press, 2014) https://www.nostarch.com/pentesting
-
6
PhishMailer
Phishing Tool that has multiple templates
-
7
PivotSuite
Network Pivoting Toolkit
PivotSuite is a portable, platform-independent and powerful network pivoting toolkit, Which helps Red Teamers / Penetration Testers to use a compromised system to move around inside a network. It is a Standalone Utility, Which can use as a Server or as a Client. If the compromised host is directly accessible (Forward Connection) from Our pentest machine, Then we can run pivotsuite as a server on the compromised machine and access the different subnet hosts from our pentest machine, Which was only accessible from the compromised machine. If the compromised host is behind a Firewall / NAT and isn't directly accessible from our pentest machine, Then we can run pivotsuite as a server on pentest machine and pivotsuite as a client on the compromised machine for creating a reverse tunnel (Reverse Connection). Using this we can reach different subnet hosts from our pentest machine, which was only accessible from the compromised machine. -
8
A Windows software to find the prime numbers and save them, also features an ability to check whether the given number is prime or not.
-
9
Primzahlen-Suchen_3
Searching primes with brute force, Parallel.For up to 20 digits
- Brute Force Methode bis 20 Stellen - C# Console - Parallel.For Methode - very fast Topics: prime -
Build Securely on AWS with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
10
Primzahlen-Suchen_5
Searching primes with brute force Parallel.For over 20 digits possible
- Brute Force Methode über 20 Stellen möglich. Parallel.For Methode - C# Console Topics: prime -
11
Bitte neue Website des aktuellen sourceforge Projekts PF_HP beachten! Please see new Website of the current sourceforge project PF_HP! Selbst im vereinfachten zweidimensionalen HP-Modell (hydrophob/polar) ist die Proteinfaltung bereits NP-vollständig. Hier implementieren wir einen brute-force Algorithmus zur Lösung kurzer Eingabesequenzen (0-1-Bitstrings) für die Proteinfaltung. Spende einen Cappuccino: Bitcoin: 1HqrdnfQgi9B4LW8UEvLAwh7X5gXPCoQ5B Litecoin: LeCx44jGjHxiVZ8f6MyumLTCxPcp3ePKJT Paypal: paypal.me/GerritLeder
-
12
A java application for creating, playing and solving SuDoku puzzles of various types. Features both a Swing GUI and command-line operation. The automatic solving of puzzles uses "smart" techniques rather than a brute force search of every possibility.
-
13
PyExfil
A Python Package for Data Exfiltration
PyExfil was born as a PoC and kind of a playground and grew to be something a bit more. In my eyes it’s still a messy PoC that needs a lot more work and testing to become stable. The purpose of PyExfil is to set as many exfiltrations, and now also communication, techniques that CAN be used by various threat actors/malware around to bypass various detection and mitigation tools and techniques. You can track changes at the official GitHub page. Putting it simply, it’s meant to be used as a testing tool rather than an actual Red Teaming tool. Although most techniques and methods should be easily ported and compiled to various operating systems, some stable some experimental, the transmission mechanism should be stable on all techniques. Clone it, deploy on a node in your organization and see which systems can catch which techniques. -
14
Computer chess engine written using Qt4, which works under Knights, Jose, Arena and other chess board GUI games. Uses bitboard game representation and alpha beta brute-force search to analyse chess positions.
-
15
R-AP balloons checker
Checker for recursively arbitrarily partitionable balloons
An app which uses brute force strategies to determine whether a balloon graph is recursively arbitrarily partitionable or not -
16
RTCP is a network man-in-the-middle service for protecting TCP, enabling fault-tolerant servers to recover their connections when restarting.
-
17
Reactor Breeder
A Genetic Algorithm for Reactors in StarMade
This software uses a genetic algorithm to "evolve" reactor designs for Schema's space-simulation game, Star-Made (http://star-made.org/). One of the more unique aspects of the game is that ship power management is not as simple as filling a cube with power generation blocks. This mechanism leads to difficulties in getting maximal power generation out of such reactors. This program rectifies this issue by using a self-organizing variant of brute force search. Much of the search space is pruned early on by a user-selectable fitness function. Within a few epochs, reactor output quickly converges to several sub-optimal, yet high-output reactors. Given enough time, the idea is that the optimal reactor configuration will be yielded. -
18
This is a simple bash script that uses nikto, nmap, nslookup, the Harvester, subdomainer and metagoofil for penetration testing and enumeration. This code is very straight-forward and you can do whatever you wish with it.
-
19
Retracer Linux is a Linux operating system based off Arch Linux and inspired by Backtrack. Its a performance penetration testing distribution.
-
20
SHA256 Bruter
Brutforces 4 characters of the SHA256 cryptograhy.
Brutforces 4 characters of the SHA256 cryptograhy. This bruteforcer can crack any SHA256 hash that is a maximum of 4 chars long. There are 97 recognized characters. The bruteforcer has to go through 97^4 characters (88,529,281) -
21
SHAD0W
A post exploitation framework designed to operate covertly
It uses a range of methods to evade EDR and AV while allowing the operator to continue using tooling and tradecraft they are familiar with. Its powered by Python 3.8 and C, and uses Donut for payload generation. By using Donut along with the process injection capabilities of SHAD0W, it provides the operator the ability to execute .NET assemblies, DLLs, EXEs, JS, VBS or XSLs fully inside the memory. Dynamically resolved syscalls are heavily used to avoid userland API hooking, anti-DLL injection to make it harder for EDR to load code into the beacons, and official Microsoft mitigation methods to protect spawn processes. Runs fully inside of Docker allowing cross-platform usage. SHAD0W is a modular C2 framework designed to successfully operate on mature environments. All traffic between beacons and the C2 are encrypted and transmitted over HTTPS. -
22
SMTPA is a penetration testing and email compliance tool. Want to know if a renamed, encrypted MS word document with a wrongly set content-type header fools your Content Security infrastructure? Check this out!
-
23
SNames is a threaded java dns scanner. It uses patterns to provide good bruteforce strength when trying to resolve hostnames.
-
24
SQLi Aid is a sleek, compact penetration testing tool for hacking method of Structure Query Language Injection. SQLi Aid comes with a manual, you'll need it. This program aids and suggests for you but will not do all the work for you, that's no fun.
-
25
SSH MITM
SSH man-in-the-middle tool
This penetration testing tool allows an auditor to intercept SSH connections. A patch applied to the OpenSSH v7.5p1 source code causes it to act as a proxy between the victim and their intended SSH server; all plaintext passwords and sessions are logged to disk. Of course, the victim's SSH client will complain that the server's key has changed. But because 99.99999% of the time this is caused by a legitimate action (OS re-install, configuration change, etc), many/most users will disregard the warning and continue on. NOTE: Only run the modified sshd_mitm in a VM or container! Ad-hoc edits were made to the OpenSSH sources in critical regions, with no regard to their security implications. Its not hard to imagine these edits introduce serious vulnerabilities.