Monthly Archives: August 2018

Portspoof – Tool to Emulate Valid Services

The Portspoof program primary goal is to enhance your systems security through a set of new camouflage techniques.

Passhunt Tool for Searching Default Credentials

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

AQUATONE – Tool for Domain Flyovers

AQUATONE is a set of tools for performing reconnaissance on domain names. It can discover subdomains on a given domain by using open sources as well as the more common subdomain dictionary brute force approach.

Chiron – An Advanced IPv6 Security Testing Framework

Chiron is an IPv6 Security Assessment Framework, written in Python and employing Scapy.

Astra – Automated Security Testing For REST API’s

Astra can automatically detect and test login & logout (Authentication API), so it's easy for anyone to integrate this into CICD pipeline

Burp Replicator- Automate Reproduction of Complex Vulnerabilities

Burp Replicator is another extension plugin that you can add to Burpsuite proxy tool. Replicator helps developers to reproduce issues discovered by pen testers. The pen tester produces a Replicator file which contains the findings in the report.

Damn Vulnerable iOS App: Swift Edition

Damn Vulnerable iOS App (DVIA) is an iOS application that is damn vulnerable. Its main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their iOS penetration testing skills in a legal environment.