hackersh 0.2.0 A shell for with Pythonect-like syntax, including wrappers for commonly used security tools
http://www.hackersh.org/
halberd 0.2.4 Halberd discovers HTTP load balancers. It is useful for web application security auditing and for load balancer configuration testing. http://halberd.superadditive.com/
halcyon 0.1 A repository crawler that runs checksums for static files found within a given git repository.
http://www.blackhatlibrary.net/Halcyon
hamster 2.0.0 Tool for HTTP session sidejacking.
handle 0.0 An small application designed to analyze your system searching for global objects related to running proccess and display information for every found object, like tokens, semaphores, ports, files,..
http://www.tarasco.org/security/handle/index.html
hasere 1.0 Discover the vhosts using google and bing.
hash-identifier 1.1 Identifies the different types of hashes used to encrypt data, especially passwords
hashcat 0.49 A multithreaded cross platform hash cracker.
hashcat.net
hashcat-utils 1.1 Utilites for Hashcat
hashcat.net
hasher 33.17592ed A tool that allows you to quickly hash plaintext strings, or compare hashed values with a plaintext locally. https://github.com/ChrisTruncer/Hasher
hashfind 8.e9a9a14 A tool to search files for matching password hash types and other interesting data. https://github.com/rurapenthe/hashfind
hashid 315.3f9cddf Software to identify the different types of hashes used to encrypt data.
github.com
hashpump 34.0b3c286 A tool to exploit the hash length extension attack in various hashing algorithms.
github.com
hashtag 0.41 A python script written to parse and identify password hashes.
github.com
haystack 1035.ac2ffa4 A Python framework for finding C structures from process memory - heap analysis - Memory structures forensics. https://github.com/trolldbois/python-haystack
hbad 1.0 This tool allows you to test clients on the heartbleed bug.
http://www.curesec.com/
hcraft 1.0.0 HTTP Vuln Request Crafter
sourceforge.net
hdcp-genkey 18.e8d342d Generate HDCP source and sink keys from the leaked master key.
github.com
hdmi-sniff 5.f7fbc0e HDMI DDC (I2C) inspection tool. It is designed to demonstrate just how easy it is to recover HDCP crypto keys from HDMI devices. https://github.com/ApertureLabsLtd/hdmi-sniff
heartbleed-honeypot 0.1 Script that listens on TCP port 443 and responds with completely bogus SSL heartbeat responses, unless it detects the start of a byte pattern similar to that used in Jared Stafford's
packetstormsecurity.com
hex2bin 1.0.12 Converts Motorola and Intel hex files to binary.
hexinject 1.5 A very versatile packet injector and sniffer that provides a command-line framework for raw network access. http://hexinject.sourceforge.net
hexorbase 6 A database application designed for administering and auditing multiple database servers simultaneously from a centralized location. It is capable of performing SQL queries and bruteforce attacks against common database servers (MySQL, SQLite, Microsoft SQL Server, Oracle, PostgreSQL). https://code.google.com/p/hexorbase/
hharp 1beta This tool can perform man-in-the-middle and switch flooding attacks. It has 4 major functions, 3 of which attempt to man-in-the-middle one or more computers on a network with a passive method or flood type method.
packetstormsecurity.com
hidattack 0.1 HID Attack (attacking HID host implementations)
http://mulliner.org/bluetooth/hidattack.php
honeyd 1.6.7 A small daemon that creates virtual hosts on a network.
https://github.com/DataSoft/Honeyd/
honssh 49.0c06ee8 A high-interaction Honey Pot solution designed to log all SSH communications between a client and server. https://code.google.com/p/honssh/
hookanalyser 3.1 A hook tool which can be potentially helpful in reversing applications and analyzing malware. It can hook to an API in a process and search for a pattern in memory or dump the buffer.
hookanalyser.blogspot.de
host-extract 9 Ruby script tries to extract all IP/Host patterns in page response of a given URL and JavaScript/CSS files of that URL. https://code.google.com/p/host-extract/
hostbox-ssh 0.1.1 A ssh password/account scanner.
hotpatch 0.2 Hot patches executables on Linux using .so file injection.
hotspotter 0.4 Hotspotter passively monitors the network for probe request frames to identify the preferred networks of Windows XP clients, and will compare it to a supplied list of common hotspot network names.
http://www.remote-exploit.org/?page_id=418
hpfeeds 138.249b2f7 Honeynet Project generic authenticated datafeed protocol.
github.com
hping 3.0.0 A command-line oriented TCP/IP packet assembler/analyzer.
www.hping.org
hqlmap 35.081395e A tool to exploit HQL Injections.
github.com
htexploit 0.77 A Python script that exploits a weakness in the way that .htaccess files can be configured to protect a web directory with an authentication process
www.mkit.com.ar
htrosbif 134.9dc3f86 Active HTTP server fingerprinting and recon tool.
htshells 760b5e9 Self contained web shells and other attacks via .htaccess files.
github.com
http-enum 0.3 A tool to enumerate the enabled HTTP methods supported on a webserver.
www.thexero.co.uk
http-fuzz 0.1 A simple http fuzzer.
http-put 1.0 Simple http put perl script
http-traceroute 0.5 This is a python script that uses the Max-Forwards header in HTTP and SIP to perform a traceroute-like scanning functionality. http://packetstormsecurity.com/files/107167/Traceroute-Like-HTTP-Scanner.html
httpbog 1.0.0.0 A slow HTTP denial-of-service tool that works similarly to other attacks, but rather than leveraging request headers or POST data Bog consumes sockets by slowly reading responses.
sourceforge.net
httpforge 11.02.01 A set of shell tools that let you manipulate, send, receive, and analyze HTTP messages. These tools can be used to test, discover, and assert the security of Web servers, apps, and sites. An accompanying Python library is available for extensions. http://packetstormsecurity.com/files/98109/HTTPForge.02.01.html
httping 2.3.4 A 'ping'-like tool for http-requests.
httprint 301 A web server fingerprinting tool.
www.net-square.com
httprint-win32 301 A web server fingerprinting tool (Windows binaries).
httpry 0.1.8 A specialized packet sniffer designed for displaying and logging HTTP traffic.
httpsniff 0.4 Tool to sniff HTTP responses from TCP/IP based networks and save contained files locally for later review. http://www.sump.org/projects/httpsniff/
httpsscanner 1.2 A tool to test the strength of a SSL web server.
httptunnel 3.3 Creates a bidirectional virtual data connection tunnelled in HTTP requests
hulk 11.a9b9ad4 A webserver DoS tool (Http Unbearable Load King) ported to Go with some additional features.
github.com
hwk 0.4 Collection of packet crafting and wireless network flooding tools
hydra 8.1 A very fast network logon cracker which support many different services.
hyenae 0.36_1 flexible platform independent packet generator
sourceforge.net
hyperfox 45.79ffeb5 A security tool for proxying and recording HTTP and HTTPs traffic.
hyperion 1.2 A runtime encrypter for 32-bit portable executables.
http://www.hackersh.org/
halberd 0.2.4 Halberd discovers HTTP load balancers. It is useful for web application security auditing and for load balancer configuration testing. http://halberd.superadditive.com/
halcyon 0.1 A repository crawler that runs checksums for static files found within a given git repository.
http://www.blackhatlibrary.net/Halcyon
hamster 2.0.0 Tool for HTTP session sidejacking.
handle 0.0 An small application designed to analyze your system searching for global objects related to running proccess and display information for every found object, like tokens, semaphores, ports, files,..
http://www.tarasco.org/security/handle/index.html
hasere 1.0 Discover the vhosts using google and bing.
hash-identifier 1.1 Identifies the different types of hashes used to encrypt data, especially passwords
hashcat 0.49 A multithreaded cross platform hash cracker.
hashcat - advanced password recovery
World's fastest and most advanced password recovery utility
hashcat-utils 1.1 Utilites for Hashcat
hashcat_utils [hashcat wiki]
hasher 33.17592ed A tool that allows you to quickly hash plaintext strings, or compare hashed values with a plaintext locally. https://github.com/ChrisTruncer/Hasher
hashfind 8.e9a9a14 A tool to search files for matching password hash types and other interesting data. https://github.com/rurapenthe/hashfind
hashid 315.3f9cddf Software to identify the different types of hashes used to encrypt data.
GitHub - psypanda/hashID: Software to identify the different types of hashes -
Software to identify the different types of hashes - - psypanda/hashID
github.com
hashpump 34.0b3c286 A tool to exploit the hash length extension attack in various hashing algorithms.
GitHub - bwall/HashPump: A tool to exploit the hash length extension attack in various hashing algorithms
A tool to exploit the hash length extension attack in various hashing algorithms - GitHub - bwall/HashPump: A tool to exploit the hash length extension attack in various hashing algorithms
github.com
hashtag 0.41 A python script written to parse and identify password hashes.
GitHub - SmeegeSec/HashTag: Password Hash Identification
Password Hash Identification. Contribute to SmeegeSec/HashTag development by creating an account on GitHub.
github.com
haystack 1035.ac2ffa4 A Python framework for finding C structures from process memory - heap analysis - Memory structures forensics. https://github.com/trolldbois/python-haystack
hbad 1.0 This tool allows you to test clients on the heartbleed bug.
http://www.curesec.com/
hcraft 1.0.0 HTTP Vuln Request Crafter
hcraft - HTTP Vuln Request Crafter
Download hcraft - HTTP Vuln Request Crafter for free. hcraft is a HTTP systems penetration testing framework designed to make exploitation of known vulnerabilities in HTTP systems a dynamic, simple process.
sourceforge.net
hdcp-genkey 18.e8d342d Generate HDCP source and sink keys from the leaked master key.
GitHub - rjw57/hdcp-genkey: Generate HDCP source and sink keys from the leaked master key
Generate HDCP source and sink keys from the leaked master key - rjw57/hdcp-genkey
github.com
hdmi-sniff 5.f7fbc0e HDMI DDC (I2C) inspection tool. It is designed to demonstrate just how easy it is to recover HDCP crypto keys from HDMI devices. https://github.com/ApertureLabsLtd/hdmi-sniff
heartbleed-honeypot 0.1 Script that listens on TCP port 443 and responds with completely bogus SSL heartbeat responses, unless it detects the start of a byte pattern similar to that used in Jared Stafford's
Heartbleed Honeypot Script ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
packetstormsecurity.com
hex2bin 1.0.12 Converts Motorola and Intel hex files to binary.
Hex2bin
hex2bin.sourceforge.net
hexinject 1.5 A very versatile packet injector and sniffer that provides a command-line framework for raw network access. http://hexinject.sourceforge.net
hexorbase 6 A database application designed for administering and auditing multiple database servers simultaneously from a centralized location. It is capable of performing SQL queries and bruteforce attacks against common database servers (MySQL, SQLite, Microsoft SQL Server, Oracle, PostgreSQL). https://code.google.com/p/hexorbase/
hharp 1beta This tool can perform man-in-the-middle and switch flooding attacks. It has 4 major functions, 3 of which attempt to man-in-the-middle one or more computers on a network with a passive method or flood type method.
Hacker's Hideaway ARP Attack Tool ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
packetstormsecurity.com
hidattack 0.1 HID Attack (attacking HID host implementations)
http://mulliner.org/bluetooth/hidattack.php
honeyd 1.6.7 A small daemon that creates virtual hosts on a network.
https://github.com/DataSoft/Honeyd/
honssh 49.0c06ee8 A high-interaction Honey Pot solution designed to log all SSH communications between a client and server. https://code.google.com/p/honssh/
hookanalyser 3.1 A hook tool which can be potentially helpful in reversing applications and analyzing malware. It can hook to an API in a process and search for a pattern in memory or dump the buffer.
Hook Analyser
A Freeware Malware Analysis and Cyber Threat Intelligence Software.
host-extract 9 Ruby script tries to extract all IP/Host patterns in page response of a given URL and JavaScript/CSS files of that URL. https://code.google.com/p/host-extract/
hostbox-ssh 0.1.1 A ssh password/account scanner.
Privat webbplats
stridsmanit.wordpress.com
hotpatch 0.2 Hot patches executables on Linux using .so file injection.
hotspotter 0.4 Hotspotter passively monitors the network for probe request frames to identify the preferred networks of Windows XP clients, and will compare it to a supplied list of common hotspot network names.
http://www.remote-exploit.org/?page_id=418
hpfeeds 138.249b2f7 Honeynet Project generic authenticated datafeed protocol.
GitHub - hpfeeds/hpfeeds: Honeynet Project generic authenticated datafeed protocol
Honeynet Project generic authenticated datafeed protocol - hpfeeds/hpfeeds
github.com
hping 3.0.0 A command-line oriented TCP/IP packet assembler/analyzer.
Hping - Active Network Security Tool
hqlmap 35.081395e A tool to exploit HQL Injections.
GitHub - PaulSec/HQLmap: (Deprecated) HQLmap, Automatic tool to exploit HQL injections
(Deprecated) HQLmap, Automatic tool to exploit HQL injections - GitHub - PaulSec/HQLmap: (Deprecated) HQLmap, Automatic tool to exploit HQL injections
github.com
htexploit 0.77 A Python script that exploits a weakness in the way that .htaccess files can be configured to protect a web directory with an authentication process
Home | Mkit
Mkit provides security solutions, incident detection and response services, personalized strategy planning, and high-end hands-on technical training.
www.mkit.com.ar
htrosbif 134.9dc3f86 Active HTTP server fingerprinting and recon tool.
htshells 760b5e9 Self contained web shells and other attacks via .htaccess files.
GitHub - wireghoul/htshells: Self contained htaccess shells and attacks
Self contained htaccess shells and attacks. Contribute to wireghoul/htshells development by creating an account on GitHub.
github.com
http-enum 0.3 A tool to enumerate the enabled HTTP methods supported on a webserver.
Automated HTTP Enumeration
One of the more popular tools developed over the years, the HTTP Enum tool. This python tool assists with the manual tasks of fingerprinting of HTTP servers as well as attempts to identify a small number of deployed web technologies.
http-fuzz 0.1 A simple http fuzzer.
http-put 1.0 Simple http put perl script
http-traceroute 0.5 This is a python script that uses the Max-Forwards header in HTTP and SIP to perform a traceroute-like scanning functionality. http://packetstormsecurity.com/files/107167/Traceroute-Like-HTTP-Scanner.html
httpbog 1.0.0.0 A slow HTTP denial-of-service tool that works similarly to other attacks, but rather than leveraging request headers or POST data Bog consumes sockets by slowly reading responses.
HTTP Bog
Download HTTP Bog for free. HTTP Bog is a slow HTTP denial-of-service tool that works similarly to other attacks, but rather than leveraging request headers or POST data Bog consumes sockets by slowly reading responses
sourceforge.net
httpforge 11.02.01 A set of shell tools that let you manipulate, send, receive, and analyze HTTP messages. These tools can be used to test, discover, and assert the security of Web servers, apps, and sites. An accompanying Python library is available for extensions. http://packetstormsecurity.com/files/98109/HTTPForge.02.01.html
httping 2.3.4 A 'ping'-like tool for http-requests.
httprint 301 A web server fingerprinting tool.
Research & Tools
www.net-square.com
httprint-win32 301 A web server fingerprinting tool (Windows binaries).
httpry 0.1.8 A specialized packet sniffer designed for displaying and logging HTTP traffic.
httpry
dumpsterventures.com
httpsniff 0.4 Tool to sniff HTTP responses from TCP/IP based networks and save contained files locally for later review. http://www.sump.org/projects/httpsniff/
httpsscanner 1.2 A tool to test the strength of a SSL web server.
httptunnel 3.3 Creates a bidirectional virtual data connection tunnelled in HTTP requests
hulk 11.a9b9ad4 A webserver DoS tool (Http Unbearable Load King) ported to Go with some additional features.
GitHub - grafov/hulk: HULK DoS tool ported to Go with some additional features.
HULK DoS tool ported to Go with some additional features. - grafov/hulk
github.com
hwk 0.4 Collection of packet crafting and wireless network flooding tools
hydra 8.1 A very fast network logon cracker which support many different services.
hyenae 0.36_1 flexible platform independent packet generator
Hyenae
Download Hyenae for free. Hyenae is a highly flexible platform independent network packet generator. It allows you to reproduce several MITM, DoS and DDoS attack scenarios, comes with a clusterable remote daemon and an interactive attack assistant.
sourceforge.net
hyperfox 45.79ffeb5 A security tool for proxying and recording HTTP and HTTPs traffic.
Hyperfox
Hyperfox is a security auditing tool that proxies and records HTTP traffic between two hosts. malfunkt/hyperfoxHTTP/HTTPs MITM tool with on-the-fly TLS cert generation. - malfunkt/hyperfoxGitHubmalfunkt
hyperfox.org
hyperion 1.2 A runtime encrypter for 32-bit portable executables.