An impressive collection of research papers, exploits, and utilities.
A framework used by penetration testers for building custom exploits for infiltrating systems. Written in Ruby. Comes with a large library of payloads and other nifty and fascinating tools. It's worth learning to use if you're serious about penetration testing or exploit development. Also, the cutting edge of attack technologies winds up coming out of the Metasploit project.
A Windows password cracker that uses rainbow tables. A LiveCD is also available.
An application designed to assist in exploiting SQL injection attacks against applications based upon Microsoft SQL Server. Written in Perl. Fingerprints server, can bruteforce the password on the "sa" account, escalate privileges, create custom stored procedures to wreak havoc.
A massive online database of default passwords for networking hardware, embedded devices, and operating systems.
A handy cheatsheet for crafting SQL injection attacks against web apps backed by Oracle.
A utility that digs through DNS domain records to find things that aren't obvious, such as subdomains, hostnames with more than one kind of record associated with them, and IP address range calculation. It even Google scrapes to gather intelligence.
UCSniff is a VoIP & IP Video Security Assessment tool that integrates existing open source software into several useful features, allowing VoIP and IP Video owners and security professionals to rapidly test for the threat of unauthorized VoIP and Video Eavesdropping. Written in C/C++, and available on Linux and Windows, the software is free and available for anyone to download, under the GPLv3 license.
Determines what version of a web app that it already knows about is run by comparing hashes of certain files with precomputed hashes from known versions. Designed to be low-bandwidth, fast, and automatable. Runs as a stand-alone tool or can be included as a Python module in other software.
A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
4996 links, including 376 private