Open Source Windows Penetration Testing Tools

HconSTF is Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments.contains webtools which are powerful in doing xss(cross site scripting), Sql injection, siXSS, CSRF, Trace XSS, RFI, LFI, etc. Even useful to anybody interested in information security domain - students, Security Professionals,web developers, manual vulnerability assessments and much more.

zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.

This is a Project I have been working on I call it PITT or Public Intelligence Tool, It is built of the open source web browser Iron, filled with links for searching tons for Public Information. There a similar tools on the market but I laid mine out the way I like it, and I hope everyone else will to. I will be hopefully trying to update this tool weekly with new links and information, making new improvements. I Have the discussions open if you want to add anything new or feel something should change just write it and il research it and add it in. Please use the tool responsibly and give credit where credit is due. This tool is not for criminal uses, it is only for Official use with proper permissions. I do not own any links in here. Be Awesome with a 100% Free Donation :D - http://adf.ly/4228472/free-donation !Contains Ads! It is for use by Security Researchers, Government Agencies, Law Enforcement, Student Research and Legal Red Teaming and Penetration Testing

Sudomy is a subdomain enumeration tool to collect subdomains and analyze domains performing advanced automated reconnaissance (framework). This tool can also be used for OSINT (Open-source intelligence) activities. Easy, light, fast and powerful. Bash script (controller) is available by default in almost all Linux distributions. By using bash script multiprocessing feature, all processors will be utilized optimally. Subdomain enumeration process can be achieved by using active method or passive method. Sudomy utilize Gobuster tools because of its highspeed performance in carrying out DNS Subdomain Bruteforce attack (wildcard support). The wordlist that is used comes from combined SecList (Discover/DNS) lists which contains around 3 million entries. By evaluating and selecting the good third-party sites/resources, the enumeration process can be optimized. More results will be obtained with less time required.