SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.

FruityWiFi is a wireless network auditing tool. The application can be installed in any Debian based system (Jessie) adding the extra packages. Tested in Debian, Kali Linux, Kali Linux ARM (Raspber…

Hashtopolis - distributed password cracking with Hashcat

MASSCAN Web UI

Password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and …

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

The "bot" component of the PlugBot project