Open Source Windows Terminals

These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so you can recognize the misconfigurations easily. All the scripts/binaries of the PEAS suite should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own machines and/or with the owner's permission. Here you will find privilege escalation tools for Windows and Linux/Unix and MacOS. Find the latest versions of all the scripts and binaries in the releases page. Check the parsers directory to transform PEASS outputs to JSON, HTML and PDF.

CLI tool and library for generating a Software Bill of Materials from container images and filesystems. syft is a CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems. Exceptional for vulnerability detection when used with a scanner like Grype. Generates SBOMs for container images, filesystems, archives, and more to discover packages and libraries. Supports OCI, Docker and Singularity image formats. Linux distribution identification. Works seamlessly with Grype (a fast, modern vulnerability scanner). Able to create signed SBOM attestations using the in-toto specification. Convert between SBOM formats, such as CycloneDX, SPDX, and Syft's own format.

airgeddon is an alive project growing day by day. Interface mode switcher (Monitor-Managed) keeping selection even on interface name changing. DoS over wireless networks using different methods (mdk3, mdk4, aireplay-ng). "DoS Pursuit mode" is available to avoid AP channel hopping (available also on DoS performed on Evil Twin attacks). Full support for 2.4Ghz and 5Ghz bands. Assisted WPA/WPA2 personal networks Handshake file and PMKID capturing. Cleaning and optimizing Handshake captured files. Offline password decrypting on WPA/WPA2 captured files for personal networks (Handshakes and PMKIDs) using a dictionary, brute-force, and rule-based attacks with aircrack, crunch and hashcat tools. Enterprise networks captured password decrypting based on john the ripper, crunch, asleap and hashcat tools. GPU support available for hashcat. Only Rogue/Fake AP mode to sniff using external sniffer (Hostapd + DHCP + DoS).

Amazon EC2 Spot Instances let you run flexible, fault-tolerant, or stateless applications in the AWS Cloud at up to a 90% discount from On-Demand prices. Spot instances are regular EC2 capacity that can be reclaimed by AWS with a 2-minute notification called the Interruption Notification. Applications that are able to gracefully handle this notification and respond by check pointing or draining work can leverage Spot for deeply discounted compute resources! In addition to Interruption Notifications, Rebalance Recommendation Events are sent to spot instances that are at higher risk of being interrupted. Handling Rebalance Recommendations can potentially give your application even more time to gracefully shutdown than the 2 minutes an Interruption Notification would give you. It can be challenging to test your application's handling of Spot Interruption Notifications and Rebalance Recommendations.

This project now hosts the third-generation of Java SSH API, Maverick Synergy. This API builds on the Maverick Legacy commercial APIs and delivers a new API in a unified client/server framework. This API is available to the community under the LGPL open source license. This update includes ed25519 support, support for the new OpenSSH private key file format and stronger key exchange algorithms. The project continues to host both the original API and legacy applications created around it, however, these are now considered deprecated and we do not recommend their use in anyway.

The JWA library aims to provide a conversion from C to Delphi of as many headers as possible from the PSDK etc. The JWSCL (security library) is an advanced object-oriented framework for programming with the Windows security features (ACL, Tokens, etc.)

"Le Putty" is a ssh suite for Windows based on the very popular Putty project, but with added functionality that can not be included in the regular Putty. "Le Putty" should be as much as possible compatible with the original Putty.

NetworkTools has 2 components: A protocol analyzer which plays a TCP client or server or pipeline, which sits between a client and server and shows how they communicate. A port scanner can scan a range of IP addresses and ports. See screenshots.

Common Hardware Recovery Solutions by Ukrainian-Russian network

Web Console is a web-based application that allows to execute shell commands on a server directly from a browser. The application is very light, does not require any database and can be installed in about 3 minutes.

This is a perl script for hacking .. It Will make hacking easy for You .. It is For BackTrack This Script Contains This tools : Local File Disclource (LFD) Checker Scanning the whole netmask and returning IP and MAC BackConnect Tools Proxy Checker Reverse IP Add a User With Admin Access (Windows) Add a User With r00t Access (Unix) Grab Cpanel Users Remote Port Scanning With NetCat SQL Injection Scanner MD5 Hash Cracker (Online) Admin Page Finder Make Uploader With Echo Method (Linux Servers) Service Scanning BruteForce Services With Medusa And Hydra (Backtrack) Test Lfi With php:// Bypass Method Cms Analyzer (Beta Version) Server Scanning With Nmap Remote Command Execution Console Fck Editor Scanner

Copyright (C) 2016 Jonas Penno This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses.

JavaLightServer is a multi-purpose server that can be used to share our desktop across the Internet with other authorized clients. It provides also a secure connection using SSL certificates.

NimpSmartCard is a framework to interact with smart cards through PC/SC readers as well as test/production readers such as Micropross and Smartware. The framework comes with sample tasks and a sample terminal manager which supports scripts and logs

This php-script can be used to get informations from routers (cisco) like traceroute, ping, show bgp neigbour etc..

PATC is a client/server package for controlling internet access on public terminals (e.g., in a library). Users log in, and are given access to the internet with a time limit determined by the server.

Quark is a simple Java based SSH client, featuring tabbed connection windows.

SharPyShell is a tiny and obfuscated ASP.NET web shell that executes commands received by an encrypted channel compiling them in memory at runtime. SharPyShell supports only C# web applications that run on .NET Framework >= 2.0. SharPyShell is a post-exploitation framework written in Python. The main aim of this framework is to provide the penetration tester with a series of tools to ease the post-exploitation phase once exploitation has been successful against an IIS webserver. This tool is not intended as a replacement for the frameworks for C2 Server (i.e. Meterpreter, Empire, etc..) but this should be used when you land on a fully restricted server where inbound and outbound connections are very limited. In this framework, you will have all the tools needed to privesc, net discovery, and lateral movement as you are typing behind the cmd of the target server.

Soicmp is a remote shell system, similar to telnet or netcat that allows a user to connect to a remote shell daemon, by using ICMP protocol instead of classical TCP. http://soicmp.sourceforge.net/ http://billiejoex.altervista.org/Prj_Py_soicmp.shtml

*** PLEASE NOTE: THIS PROJECT HAS NOW MOVED TO THE MAIN SSHTOOLS PROJECT PAGE. PLEASE CLICK 'HOME PAGE' TO BE REDIRECTED ***

This command line tool can be used to encrypt and decrypt files and directories using the AWS Encryption SDK. If you have not already installed cryptography, you might need to install additional prerequisites as detailed in the cryptography installation guide for your operating system. Installation using a python virtual environment is recommended to avoid conflicts between system packages and user-installed packages. For the most part, the behavior of aws-encryption-cli in handling files is based on that of GNU CLIs such as cp. A qualifier to this is that when encrypting a file, if a directory is provided as the destination, rather than creating the source filename in the destination directory, a suffix is appended to the destination filename. By default the suffix is .encrypted when encrypting and .decrypted when decrypting, but a custom suffix can be provided by the caller if desired.

fortune-mod-isec is a compilation of straps/tips from the Information Security World. The straps have been compiled/produced from the Internet, books, norms, standards & collaborators' know-how.

Combined coded remote-administrative service with SSL secure port scan, anonymous routing and third-party plugin inbuilt for quick and automatic "scan and install" process. Easy to use and will work under firewalls and up to 1024 bit strong cipher

testssl.sh is a free command-line tool that checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more. testssl.sh is free and open-source software. You can use it under the terms of GPLv2, please review the License before using it. Works for Linux, Mac OSX, FreeBSD, NetBSD and WSL/MSYS2/Cygwin out of the box, no need to install or configure something, no gems, CPAN, pip or the like. OpenBSD only needs bash to be postinstalled. You can test any SSL/TLS enabled and STARTTLS service, not only webservers at port 443. Several command line options help you to run your test and configure your output. If a particular check cannot be performed because of a missing capability on your client side, you'll get a warning. You can look at the code, see what's going on and you can change it.