sockstat 0.3 A tool to let you view information about open connections. It is similar to the tool of the same name that is included in FreeBSD, trying to faithfully reproduce as much functionality as is possible.
soot 2.5.0 A Java Bytecode Analysis and Transformation Framework.
spade 114 A general-purpose Internet utility package, with some extra features to help in tracing the source of spam and other forms of Internet arassment.
sparta 15.e7bdf7b Python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase.
sparta.secforce.com
sparty 0.1 An open source tool written in python to audit web applications using sharepoint and frontpage architecture. http://sparty.secniche.org/
spectools 2010_04_R1 Spectrum-Tools is a set of utilities for using the Wi-Spy USB spectrum analyzer hardware. Stable version. http://www.kismetwireless.net/spectools/
speedpwn 8.3dd2793 An active WPA/2 Bruteforcer, original created to prove weak standard key generation in different ISP labeled routers without a client is connected.
https://gitorious.org/speedpwn/
spiderfoot 2.2.0 The Open Source Footprinting Tool.
spiderfoot.net
spiderpig-pdffuzzer 0.1 A javascript pdf fuzzer
spiga 7240.3a804ac Configurable web resource scanner
github.com
spike 2.9 IMMUNITYsec's fuzzer creation kit in C
spike-proxy 148 A Proxy for detecting vulnerabilities in web applications
http://www.immunitysec.com/resources-freesoftware.shtml
spiped 1.4.2 A utility for creating symmetrically encrypted and authenticated pipes between socket addresses. https://www.tarsnap.com/spiped.html
spipscan 69.4ad3235 SPIP (CMS) scanner for penetration testing purpose written in Python.
github.com
splint 3.1.2 A tool for statically checking C programs for security vulnerabilities and coding mistakes
sploitctl 35.23a18ca Fetch, install and search exploit archives from exploit sites like exploit-db and packetstorm. https://github.com/BlackArch/sploitctl
sploitego 153.d9568dc Maltego Penetration Testing Transforms.
github.com
spooftooph 0.5.2 Designed to automate spoofing or cloning Bluetooth device Name, Class, and Address. Cloning this information effectively allows Bluetooth device to hide in plain sight
sps 4.2 A Linux packet crafting tool. Supports IPv4, IPv6 including extension headers, and tunneling IPv6 over IPv4. https://sites.google.com/site/simplepacketsender/
sqid 0.3 A SQL injection digger.
sqlbrute 1.0 Brute forces data out of databases using blind SQL injection.
sqlmap 6445.20c272b An automatic SQL injection tool developed in Python.
sqlninja 0.2.999 A tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end http://sqlninja.sourceforge.net/
sqlpat 1.0.1 This tool should be used to audit the strength of Microsoft SQL Server passwords offline.
sqlping 4 SQL Server scanning tool that also checks for weak passwords using wordlists.
sqlsus 0.7.2 An open source MySQL injection and takeover tool, written in perl
ssdp-scanner 1.0 SSDP amplification scanner written in Python. Makes use of Scapy.
packetstormsecurity.com
ssh-privkey-crack 0.3 A SSH private key cracker
ssh-user-enum 5.3d83131 SSH User Enumeration Script in Python Using The Timing Attack.
sshatter 1.2 Password bruteforcer for SSH
sshscan 7401.3bfd4ae A horizontal SSH scanner that scans large swaths of IPv4 space for a single SSH user and pass. https://github.com/getdual/scripts-n-tools/blob/master/sshscan.py
sshtrix 0.0.2 A very fast multithreaded SSH login cracker.
sshuttle 198.9ce2fa0 Transparent proxy server that works as a poor man's VPN. Forwards all TCP packets over ssh (and even DNS requests when using --dns option). Doesn't require admin privileges on the server side.
github.com
ssl-hostname-resolver 1 CN (Common Name) grabber on X.509 Certificates over HTTPS. http://packetstormsecurity.com/files/120634/Common-Name-Grabber-Script.html
ssl-phuck3r 2.0 All in one script for Man-In-The-Middle attacks.
https://github.com/zombiesam/ssl_phuck3r
sslcat 1.0 SSLCat is a simple Unix utility that reads and writes data across an SSL enable network connection.
sslcaudit 522.5b6be3e Utility to perform security audits of SSL/TLS clients.
github.com
ssldump 0.9b3 an SSLv3/TLS network protocol analyzer
sslh 1.16 SSL/SSH/OpenVPN/XMPP/tinc port multiplexer
http://www.rutschle.net/tech/sslh.shtml
sslmap 0.2.0 A lightweight TLS/SSL cipher suite scanner.
thesprawl.org
sslnuke 5.c5faeaa Transparent proxy that decrypts SSL traffic and prints out IRC messages.
github.com
sslscan 239.1328b49 Tests SSL/TLS enabled services to discover supported cipher suites.
github.com
sslsniff 0.8 A tool to MITM all SSL connections on a LAN and dynamically generate certs for the domains that are being accessed on the fly http://www.thoughtcrime.org/software/sslsniff/
sslsplit 0.4.10 A tool for man-in-the-middle attacks against SSL/TLS encrypted network connections.
sslstrip 0.9 Transparently hijack http traffic on a network, watch for https links and redirects, then map those links. http://www.thoughtcrime.org/software/sslstrip
sslyze 0.10 Python tool for analyzing the configuration of SSL servers and for identifying misconfigurations.
github.com
stackflow 2.2af525d Universal stack-based buffer overfow exploitation tool.
github.com
starttls-mitm 7.b257756 A mitm proxy that will transparently proxy and dump both plaintext and TLS traffic.
github.com
statsprocessor 0.083 A high-performance word-generator based on per-position Markov-attack.
hashcat.net
steghide 0.5.1 Embeds a message in a file by replacing some of the least significant bits
stompy 0.0.4 an advanced utility to test the quality of WWW session identifiers and other tokens that are meant to be unpredictable. http://lcamtuf.coredump.cx/
storm-ring 0.1 This simple tool is useful to test a PABX with "allow guest" parameter set to "yes" (in this scenario an anonymous caller could place a call).
packetstormsecurity.com
stunnel 5.10 A program that allows you to encrypt arbitrary TCP connections inside SSL
www.stunnel.org
subbrute 58.ff00d72 A python subdomain bruteforce tool for pentesters.
github.com
subdomainer 1.2 A tool designed for obtaining subdomain names from public sources.
subterfuge 5.0 Automated Man-in-the-Middle Attack Framework
sucrack 1.2.3 A multi-threaded Linux/UNIX tool for brute-force cracking local user accounts via su http://labs.portcullis.co.uk/application/sucrack
sulley 1.0.cb5e62c A pure-python fully automated and unattended fuzzing framework.
github.com
superscan 4 Powerful TCP port scanner, pinger, resolver.
www.foundstone.com
suricata 2.0.6 An Open Source Next Generation Intrusion Detection and Prevention Engine. http://openinfosecfoundation.org/index.php/download-suricata
svn-extractor 28.3af00fb A simple script to extract all web resources by means of .SVN folder exposed over network. https://github.com/anantshri/svn-extractor
swaks 20130209.0 Swiss Army Knife SMTP; Command line SMTP testing, Including TLS and AUTH
swfintruder 0.9.1 First tool for testing security in Flash movies. A runtime analyzer for SWF external movies. It helps to find flaws in Flash. http://code.google.com/p/swfintruder/
synflood 0.1 A very simply script to illustrate DoS SYN Flooding attack.
thesprawl.org
synner 1.1 A custom eth->ip->tcp packet generator (spoofer) for testing firewalls and dos attacks. http://packetstormsecurity.com/files/69802/synner.c.html
synscan 5.02 fast asynchronous half-open TCP portscanner
sysdig 1436.4db7308 Open source system-level exploration and troubleshooting tool.
www.sysdig.org
sysinternals-suite 1.3 Sysinternals tools suite.
Debian -- Details of package sockstat in sid
packages.debian.org
soot 2.5.0 A Java Bytecode Analysis and Transformation Framework.
spade 114 A general-purpose Internet utility package, with some extra features to help in tracing the source of spam and other forms of Internet arassment.
sparta 15.e7bdf7b Python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase.
SECFORCE - Security without compromise
Cybersecurity consultancy specialized in offensive security helping top-tier organisations all over the world.
sparta.secforce.com
sparty 0.1 An open source tool written in python to audit web applications using sharepoint and frontpage architecture. http://sparty.secniche.org/
spectools 2010_04_R1 Spectrum-Tools is a set of utilities for using the Wi-Spy USB spectrum analyzer hardware. Stable version. http://www.kismetwireless.net/spectools/
speedpwn 8.3dd2793 An active WPA/2 Bruteforcer, original created to prove weak standard key generation in different ISP labeled routers without a client is connected.
https://gitorious.org/speedpwn/
spiderfoot 2.2.0 The Open Source Footprinting Tool.
Combat Cybercrime with Attack Surface Management
Strengthen your cyber defense & stay ahead of cybercrime. Get the latest Attack Surface Management solutions.
spiderfoot.net
spiderpig-pdffuzzer 0.1 A javascript pdf fuzzer
spiga 7240.3a804ac Configurable web resource scanner
scripts-and-tools/spiga.py at master · phxbandit/scripts-and-tools
Scripts and utilities to help your hacking needs. Contribute to phxbandit/scripts-and-tools development by creating an account on GitHub.
github.com
spike 2.9 IMMUNITYsec's fuzzer creation kit in C
spike-proxy 148 A Proxy for detecting vulnerabilities in web applications
http://www.immunitysec.com/resources-freesoftware.shtml
spiped 1.4.2 A utility for creating symmetrically encrypted and authenticated pipes between socket addresses. https://www.tarsnap.com/spiped.html
spipscan 69.4ad3235 SPIP (CMS) scanner for penetration testing purpose written in Python.
GitHub - PaulSec/SPIPScan: SPIP (CMS) Scanner for penetration testing purpose written in Python
SPIP (CMS) Scanner for penetration testing purpose written in Python - PaulSec/SPIPScan
github.com
splint 3.1.2 A tool for statically checking C programs for security vulnerabilities and coding mistakes
sploitctl 35.23a18ca Fetch, install and search exploit archives from exploit sites like exploit-db and packetstorm. https://github.com/BlackArch/sploitctl
sploitego 153.d9568dc Maltego Penetration Testing Transforms.
GitHub - allfro/sploitego: Maltego Penetration Testing Transforms
Maltego Penetration Testing Transforms. Contribute to allfro/sploitego development by creating an account on GitHub.
github.com
spooftooph 0.5.2 Designed to automate spoofing or cloning Bluetooth device Name, Class, and Address. Cloning this information effectively allows Bluetooth device to hide in plain sight
sps 4.2 A Linux packet crafting tool. Supports IPv4, IPv6 including extension headers, and tunneling IPv6 over IPv4. https://sites.google.com/site/simplepacketsender/
sqid 0.3 A SQL injection digger.
sqlbrute 1.0 Brute forces data out of databases using blind SQL injection.
sqlmap 6445.20c272b An automatic SQL injection tool developed in Python.
sqlninja 0.2.999 A tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end http://sqlninja.sourceforge.net/
sqlpat 1.0.1 This tool should be used to audit the strength of Microsoft SQL Server passwords offline.
SQLPAT
This tool should be used to audit the strength of Microsoft SQL Server passwords offline. The tool can be used either in BruteForce mode or in Dictionary attack mode. The performance on a 1 Ghz pen…
www.cqure.net
sqlping 4 SQL Server scanning tool that also checks for weak passwords using wordlists.
sqlsus 0.7.2 An open source MySQL injection and takeover tool, written in perl
sqlsus : (My)SQL injection tool
sqlsus.sourceforge.net
ssdp-scanner 1.0 SSDP amplification scanner written in Python. Makes use of Scapy.
SSDP Amplification Scanner ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
packetstormsecurity.com
ssh-privkey-crack 0.3 A SSH private key cracker
ssh-user-enum 5.3d83131 SSH User Enumeration Script in Python Using The Timing Attack.
sshatter 1.2 Password bruteforcer for SSH
sshscan 7401.3bfd4ae A horizontal SSH scanner that scans large swaths of IPv4 space for a single SSH user and pass. https://github.com/getdual/scripts-n-tools/blob/master/sshscan.py
sshtrix 0.0.2 A very fast multithreaded SSH login cracker.
sshuttle 198.9ce2fa0 Transparent proxy server that works as a poor man's VPN. Forwards all TCP packets over ssh (and even DNS requests when using --dns option). Doesn't require admin privileges on the server side.
GitHub - apenwarr/sshuttle: Wrong project! You should head over to http://github.com/sshuttle/sshuttle
Wrong project! You should head over to http://github.com/sshuttle/sshuttle - apenwarr/sshuttle
github.com
ssl-hostname-resolver 1 CN (Common Name) grabber on X.509 Certificates over HTTPS. http://packetstormsecurity.com/files/120634/Common-Name-Grabber-Script.html
ssl-phuck3r 2.0 All in one script for Man-In-The-Middle attacks.
https://github.com/zombiesam/ssl_phuck3r
sslcat 1.0 SSLCat is a simple Unix utility that reads and writes data across an SSL enable network connection.
sslcaudit 522.5b6be3e Utility to perform security audits of SSL/TLS clients.
GitHub - abbbe/sslcaudit
Contribute to abbbe/sslcaudit development by creating an account on GitHub.
github.com
ssldump 0.9b3 an SSLv3/TLS network protocol analyzer
sslh 1.16 SSL/SSH/OpenVPN/XMPP/tinc port multiplexer
http://www.rutschle.net/tech/sslh.shtml
sslmap 0.2.0 A lightweight TLS/SSL cipher suite scanner.
Peter Kacherginsky – Medium
Read writing from Peter Kacherginsky on Medium. Blockchain Security, Malware Analysis, Incident Response, Pentesting, BlockThreat.net. Every day, Peter Kacherginsky and thousands of other voices read, write, and share important stories on Medium.
thesprawl.org
sslnuke 5.c5faeaa Transparent proxy that decrypts SSL traffic and prints out IRC messages.
GitHub - jtripper/sslnuke: Transparent proxy that decrypts SSL traffic and prints out IRC messages.
Transparent proxy that decrypts SSL traffic and prints out IRC messages. - jtripper/sslnuke
github.com
sslscan 239.1328b49 Tests SSL/TLS enabled services to discover supported cipher suites.
GitHub - DinoTools/sslscan: SSLScan tests SSL/TLS enabled services to discover supported cipher suites
SSLScan tests SSL/TLS enabled services to discover supported cipher suites - DinoTools/sslscan
github.com
sslsniff 0.8 A tool to MITM all SSL connections on a LAN and dynamically generate certs for the domains that are being accessed on the fly http://www.thoughtcrime.org/software/sslsniff/
sslsplit 0.4.10 A tool for man-in-the-middle attacks against SSL/TLS encrypted network connections.
sslstrip 0.9 Transparently hijack http traffic on a network, watch for https links and redirects, then map those links. http://www.thoughtcrime.org/software/sslstrip
sslyze 0.10 Python tool for analyzing the configuration of SSL servers and for identifying misconfigurations.
GitHub - nabla-c0d3/sslyze: Fast and powerful SSL/TLS scanning library.
Fast and powerful SSL/TLS scanning library. Contribute to nabla-c0d3/sslyze development by creating an account on GitHub.
github.com
stackflow 2.2af525d Universal stack-based buffer overfow exploitation tool.
GitHub - d4rkcat/stackflow: Universal stack-based buffer overfow exploitation tool
Universal stack-based buffer overfow exploitation tool - d4rkcat/stackflow
github.com
starttls-mitm 7.b257756 A mitm proxy that will transparently proxy and dump both plaintext and TLS traffic.
GitHub - ipopov/starttls-mitm: A starttls-capable transparent man-in-the-middle proxy
A starttls-capable transparent man-in-the-middle proxy - ipopov/starttls-mitm
github.com
statsprocessor 0.083 A high-performance word-generator based on per-position Markov-attack.
statsprocessor [hashcat wiki]
steghide 0.5.1 Embeds a message in a file by replacing some of the least significant bits
Steghide
steghide.sourceforge.net
stompy 0.0.4 an advanced utility to test the quality of WWW session identifiers and other tokens that are meant to be unpredictable. http://lcamtuf.coredump.cx/
storm-ring 0.1 This simple tool is useful to test a PABX with "allow guest" parameter set to "yes" (in this scenario an anonymous caller could place a call).
Storm Ringing PABX Test Tool ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
packetstormsecurity.com
stunnel 5.10 A program that allows you to encrypt arbitrary TCP connections inside SSL
stunnel
Home page for stunnel: a multiplatform GNU/GPL-licensed proxy encrypting arbitrary TCP connections with SSL/TLS.
subbrute 58.ff00d72 A python subdomain bruteforce tool for pentesters.
GitHub - TheRook/subbrute: A DNS meta-query spider that enumerates DNS records, and subdomains.
A DNS meta-query spider that enumerates DNS records, and subdomains. - TheRook/subbrute
github.com
subdomainer 1.2 A tool designed for obtaining subdomain names from public sources.
subterfuge 5.0 Automated Man-in-the-Middle Attack Framework
sucrack 1.2.3 A multi-threaded Linux/UNIX tool for brute-force cracking local user accounts via su http://labs.portcullis.co.uk/application/sucrack
sulley 1.0.cb5e62c A pure-python fully automated and unattended fuzzing framework.
GitHub - OpenRCE/sulley: A pure-python fully automated and unattended fuzzing framework.
A pure-python fully automated and unattended fuzzing framework. - OpenRCE/sulley
github.com
superscan 4 Powerful TCP port scanner, pinger, resolver.
All-in-one Security, Identity, and Privacy Protection
Try one of our new McAfee+ plans and get online protection today!
suricata 2.0.6 An Open Source Next Generation Intrusion Detection and Prevention Engine. http://openinfosecfoundation.org/index.php/download-suricata
svn-extractor 28.3af00fb A simple script to extract all web resources by means of .SVN folder exposed over network. https://github.com/anantshri/svn-extractor
swaks 20130209.0 Swiss Army Knife SMTP; Command line SMTP testing, Including TLS and AUTH
Swaks - Swiss Army Knife for SMTP
jetmore.org
swfintruder 0.9.1 First tool for testing security in Flash movies. A runtime analyzer for SWF external movies. It helps to find flaws in Flash. http://code.google.com/p/swfintruder/
synflood 0.1 A very simply script to illustrate DoS SYN Flooding attack.
Peter Kacherginsky – Medium
Read writing from Peter Kacherginsky on Medium. Blockchain Security, Malware Analysis, Incident Response, Pentesting, BlockThreat.net. Every day, Peter Kacherginsky and thousands of other voices read, write, and share important stories on Medium.
thesprawl.org
synner 1.1 A custom eth->ip->tcp packet generator (spoofer) for testing firewalls and dos attacks. http://packetstormsecurity.com/files/69802/synner.c.html
synscan 5.02 fast asynchronous half-open TCP portscanner
sysdig 1436.4db7308 Open source system-level exploration and troubleshooting tool.
Security Tools for Containers, Kubernetes, and Cloud (FrostSullivan)
Cloud attackers move fast. Sysdig moves faster. Get the visibility and context you need with the power of runtime insights. Stop attacks before they start
www.sysdig.org
sysinternals-suite 1.3 Sysinternals tools suite.
Sysinternals - Sysinternals
Library, learning resources, downloads, support, and community. Evaluate and find out how to install, deploy, and maintain Windows with Sysinternals utilities.
sysinternals.com