w3af 1.6 Web Application Attack and Audit Framework.
w3af.sourceforge.net
waffit 30 A set of security tools to identify and fingerprint Web Application Firewall/WAF products protecting a website http://code.google.com/p/waffit/
wafp 0.01_26c3 An easy to use Web Application Finger Printing tool written in ruby using sqlite3 databases for storing the fingerprints. http://packetstormsecurity.com/files/84468/Web-Application-Finger-Printer.01-26c3.html
waidps 16.ff8d270 Wireless Auditing, Intrusion Detection & Prevention System.
github.com
wapiti 2.3.0 A vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, LDAP injections, CRLF injections...
wavemon 0.7.6 Ncurses-based monitoring application for wireless network devices
web-soul 2 A plugin based scanner for attacking and data mining web sites written in Perl. http://packetstormsecurity.com/files/122064/Web-Soul-Scanner.html
webacoo 0.2.3 Web Backdoor Cookie Script-Kit.
webenum 0.1 Tool to enumerate http responses using dynamically generated queries and more. Useful for penetration tests against web servers. http://code.google.com/p/webenum/
webhandler 321.bcd2263 A handler for PHP system functions & also an alternative 'netcat' handler.
github.com
webpwn3r 35.3fb27bb A python based Web Applications Security Scanner.
github.com
webrute 3.3 Web server directory brute forcer.
github.com
webscarab 20120422.001828 Framework for analysing applications that communicate using the HTTP and HTTPS protocols http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project
webshag 1.10 A multi-threaded, multi-platform web server audit tool
webshells 1.c6a790b Web Backdoors.
github.com
webslayer 5 A tool designed for brute forcing Web Applications
websockify 0.6.0 WebSocket to TCP proxy/bridge.
github.com
webspa 0.8 A web knocking tool, sending a single HTTP/S to run O/S commands.
sourceforge.net
websploit 3.0.0 An Open Source Project For, Social Engineering Works, Scan, Crawler & Analysis Web, Automatic Exploiter, Support Network Attacks http://code.google.com/p/websploit/
weevely 1.1 Stealth tiny web shell
wepbuster 1.0_beta_0.7 script for automating aircrack-ng
wfuzz 32.db8d1f6 Utility to bruteforce web applications to find their not linked resources.
github.com
whatweb 4023.36d2a13 Next generation web scanner that identifies what websites are running. http://www.morningstarsecurity.com/research/whatweb
wi-feye 1.0 An automated wireless penetration testing tool written in python, its designed to simplify common attacks that can be performed on wifi networks so that they can be executed quickly and easily.
wifi-honey 1.0 A management tool for wifi honeypots
www.digininja.org
wifi-monitor 0.r22.71340a3 Prints the IPs on your local network that're sending the most packets
github.com
wificurse 0.3.9 WiFi jamming tool.
github.com
wifijammer 52.20c9b70 A python script to continuosly jam all wifi clients within range.
github.com
wifiphisher 71.dc13fe8 Fast automated phishing attacks against WPA networks.
github.com
wifitap 2b16088 WiFi injection tool through tun/tap device.
github.com
wifite 2.28fc5cd A tool to attack multiple WEP and WPA encrypted networks at the same time.
wig 365.e56b2bf WebApp Information Gatherer.
github.com
wikigen 8.348aa99 A script to generate wordlists out of wikipedia pages.
github.com
winexe 1.00 Remotely execute commands on Windows NT/2000/XP/2003 systems.
sourceforge.net
winfo 2.0 Uses null sessions to remotely try to retrieve lists of and information about user accounts, workstation/interdomain/server trust accounts, shares (also hidden), sessions, logged in users, and password/lockout policy, from Windows NT/2000/XP.
wireless-ids 24.b132071 Ability to detect suspicious activity such as (WEP/WPA/WPS) attack by sniffing the air for wireless packets. https://github.com/SYWorks/wireless-ids
wireshark-cli 1.12.3 a free network protocol analyzer for Unix/Linux and Windows - CLI version
wireshark-gtk 1.12.3 a free network protocol analyzer for Unix/Linux and Windows - GTK frontend
wirouter-keyrec 1.1.2 A powerful and platform independent software to recover the default WPA passphrases of the supported router models (Telecom Italia Alice AGPF, Fastweb Pirelli, Fastweb Tesley, Eircom Netopia, Pirelli TeleTu/Tele 2).
www.salvatorefresta.net
witchxtool 1.1 A perl script that consists of a port scanner, LFI scanner, MD5 bruteforcer, dork SQL injection scanner, fresh proxy scanner, and a dork LFI scanner.
packetstormsecurity.com
wlan2eth 1.3 re-writes 802.11 captures into standard Ethernet frames.
wmat 0.1 Automatic tool for testing webmail accounts
wnmap 0.1 A shell script written with the purpose to automate and chain scans via nmap. You can run nmap with a custom mode written by user and create directories for every mode with the xml/nmap files inside.
wol-e 2.0 A suite of tools for the Wake on LAN feature of network attached computers
wordbrutepress 1.0 Python script that performs brute forcing against WordPress installs using a wordlist. http://www.homelab.it/index.php/2014/11/03/wordpress-brute-force-multithreading/
wordpot 37.e42eeda A Wordpress Honeypot.
github.com
wpa-bruteforcer 4.d5f8586 Attacking WPA/WPA encrypted access point without client.
github.com
wpbf 7.11b6ac1 Multithreaded WordPress brute forcer.
github.com
wpscan 1868.6e01e1b A vulnerability scanner which checks the security of WordPress installations using a black box approach.
wpscan.org
ws-attacker 1.3 A modular framework for web services penetration testing.
ws-attacker.sourceforge.net
wsfuzzer 1.9.5 A Python tool written to automate SOAP pentesting of web services. https://www.owasp.org/index.php/Category:OWASP_WSFuzzer_Project
wyd 0.2 Gets keywords from personal files. IT security forensic tool.
www.remote-exploit.org
w3af - Open Source Web Application Security Scanner
w3af is a Web Application Attack and Audit Framework. The project's goal is to create a framework to find and exploit web application vulnerabilities that
w3af.sourceforge.net
waffit 30 A set of security tools to identify and fingerprint Web Application Firewall/WAF products protecting a website http://code.google.com/p/waffit/
wafp 0.01_26c3 An easy to use Web Application Finger Printing tool written in ruby using sqlite3 databases for storing the fingerprints. http://packetstormsecurity.com/files/84468/Web-Application-Finger-Printer.01-26c3.html
waidps 16.ff8d270 Wireless Auditing, Intrusion Detection & Prevention System.
GitHub - SYWorks/waidps: Wireless Auditing, Intrusion Detection & Prevention System
Wireless Auditing, Intrusion Detection & Prevention System - SYWorks/waidps
github.com
wapiti 2.3.0 A vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, LDAP injections, CRLF injections...
wavemon 0.7.6 Ncurses-based monitoring application for wireless network devices
web-soul 2 A plugin based scanner for attacking and data mining web sites written in Perl. http://packetstormsecurity.com/files/122064/Web-Soul-Scanner.html
webacoo 0.2.3 Web Backdoor Cookie Script-Kit.
webenum 0.1 Tool to enumerate http responses using dynamically generated queries and more. Useful for penetration tests against web servers. http://code.google.com/p/webenum/
webhandler 321.bcd2263 A handler for PHP system functions & also an alternative 'netcat' handler.
GitHub - lnxg33k/webhandler: Bash simulator to control a server using PHP system functions.
Bash simulator to control a server using PHP system functions. - lnxg33k/webhandler
github.com
webpwn3r 35.3fb27bb A python based Web Applications Security Scanner.
GitHub - zigoo0/webpwn3r: WebPwn3r - Web Applications Security Scanner.
WebPwn3r - Web Applications Security Scanner. Contribute to zigoo0/webpwn3r development by creating an account on GitHub.
github.com
webrute 3.3 Web server directory brute forcer.
GitHub - BlackArch/webrute: [Mirror] There's no usable upstream for this.
[Mirror] There's no usable upstream for this. Contribute to BlackArch/webrute development by creating an account on GitHub.
github.com
webscarab 20120422.001828 Framework for analysing applications that communicate using the HTTP and HTTPS protocols http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project
webshag 1.10 A multi-threaded, multi-platform web server audit tool
webshells 1.c6a790b Web Backdoors.
GitHub - BlackArch/webshells: Various webshells. We accept pull requests for additions to this collection.
Various webshells. We accept pull requests for additions to this collection. - BlackArch/webshells
github.com
webslayer 5 A tool designed for brute forcing Web Applications
websockify 0.6.0 WebSocket to TCP proxy/bridge.
GitHub - novnc/websockify: Websockify is a WebSocket to TCP proxy/bridge. This allows a browser to connect to any application/server/service.
Websockify is a WebSocket to TCP proxy/bridge. This allows a browser to connect to any application/server/service. - novnc/websockify
github.com
webspa 0.8 A web knocking tool, sending a single HTTP/S to run O/S commands.
WebSpa
Download WebSpa for free. A web knocking tool, sending a single HTTP/S to run O/S commands. WebSpa is a Java web knocking tool for sending a single HTTP/S request to your web server, in order to authorise the execution of a premeditated Operating System (O/S) command on it. If port knocking is...
sourceforge.net
websploit 3.0.0 An Open Source Project For, Social Engineering Works, Scan, Crawler & Analysis Web, Automatic Exploiter, Support Network Attacks http://code.google.com/p/websploit/
weevely 1.1 Stealth tiny web shell
wepbuster 1.0_beta_0.7 script for automating aircrack-ng
wfuzz 32.db8d1f6 Utility to bruteforce web applications to find their not linked resources.
GitHub - xmendez/wfuzz: Web application fuzzer
Web application fuzzer. Contribute to xmendez/wfuzz development by creating an account on GitHub.
github.com
whatweb 4023.36d2a13 Next generation web scanner that identifies what websites are running. http://www.morningstarsecurity.com/research/whatweb
wi-feye 1.0 An automated wireless penetration testing tool written in python, its designed to simplify common attacks that can be performed on wifi networks so that they can be executed quickly and easily.
wifi-honey 1.0 A management tool for wifi honeypots
Wifi Honey - DigiNinja
wifi-monitor 0.r22.71340a3 Prints the IPs on your local network that're sending the most packets
GitHub - DanMcInerney/wifi-monitor: Prints the IPs on your local network that're sending the most packets
Prints the IPs on your local network that're sending the most packets - DanMcInerney/wifi-monitor
github.com
wificurse 0.3.9 WiFi jamming tool.
GitHub - oblique/wificurse: WiFi Jamming tool
WiFi Jamming tool. Contribute to oblique/wificurse development by creating an account on GitHub.
github.com
wifijammer 52.20c9b70 A python script to continuosly jam all wifi clients within range.
GitHub - DanMcInerney/wifijammer: Continuously jam all wifi clients/routers
Continuously jam all wifi clients/routers. Contribute to DanMcInerney/wifijammer development by creating an account on GitHub.
github.com
wifiphisher 71.dc13fe8 Fast automated phishing attacks against WPA networks.
GitHub - wifiphisher/wifiphisher: The Rogue Access Point Framework
The Rogue Access Point Framework. Contribute to wifiphisher/wifiphisher development by creating an account on GitHub.
github.com
GitHub - GDSSecurity/wifitap: wifitap updated for BT5r3
wifitap updated for BT5r3. Contribute to GDSSecurity/wifitap development by creating an account on GitHub.
github.com
wifite 2.28fc5cd A tool to attack multiple WEP and WPA encrypted networks at the same time.
wig 365.e56b2bf WebApp Information Gatherer.
GitHub - jekyc/wig: WebApp Information Gatherer
WebApp Information Gatherer. Contribute to jekyc/wig development by creating an account on GitHub.
github.com
wikigen 8.348aa99 A script to generate wordlists out of wikipedia pages.
GitHub - zombiesam/wikigen: A script to generate wordlists out of wikipedia pages. Should support most of the subdomains. Some ugly code may occur
A script to generate wordlists out of wikipedia pages. Should support most of the subdomains. Some ugly code may occur - zombiesam/wikigen
github.com
winexe 1.00 Remotely execute commands on Windows NT/2000/XP/2003 systems.
Winexe
Download Winexe for free. Remote Windows®-command executor. Winexe remotely executes commands on Windows NT/2000/XP/2003 systems from GNU/Linux (and possibly also from other Unices capable of building the Samba 4 software package).
sourceforge.net
winfo 2.0 Uses null sessions to remotely try to retrieve lists of and information about user accounts, workstation/interdomain/server trust accounts, shares (also hidden), sessions, logged in users, and password/lockout policy, from Windows NT/2000/XP.
Winfo
Vidstrom Labs. Devoted to Application security, Hardware programming, Kernel mode, Low level programming, Network protocol analysis, Operating system internals, Reverse engineering, Security testing, Undocumented functionality
www.ntsecurity.nu
wireless-ids 24.b132071 Ability to detect suspicious activity such as (WEP/WPA/WPS) attack by sniffing the air for wireless packets. https://github.com/SYWorks/wireless-ids
wireshark-cli 1.12.3 a free network protocol analyzer for Unix/Linux and Windows - CLI version
wireshark-gtk 1.12.3 a free network protocol analyzer for Unix/Linux and Windows - GTK frontend
wirouter-keyrec 1.1.2 A powerful and platform independent software to recover the default WPA passphrases of the supported router models (Telecom Italia Alice AGPF, Fastweb Pirelli, Fastweb Tesley, Eircom Netopia, Pirelli TeleTu/Tele 2).
Tools - Salvatore Fresta
In this page there are some tools written by me. Some are not more updated, so I removed them from the list.
www.salvatorefresta.net
witchxtool 1.1 A perl script that consists of a port scanner, LFI scanner, MD5 bruteforcer, dork SQL injection scanner, fresh proxy scanner, and a dork LFI scanner.
Witchxtool Port / LFI / SQL Scanner And MD5 Bruteforcing Tool 1.1 ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
packetstormsecurity.com
wlan2eth 1.3 re-writes 802.11 captures into standard Ethernet frames.
wlan2eth | Will Hack For SUSHI
www.willhackforsushi.com
wmat 0.1 Automatic tool for testing webmail accounts
wnmap 0.1 A shell script written with the purpose to automate and chain scans via nmap. You can run nmap with a custom mode written by user and create directories for every mode with the xml/nmap files inside.
wol-e 2.0 A suite of tools for the Wake on LAN feature of network attached computers
wordbrutepress 1.0 Python script that performs brute forcing against WordPress installs using a wordlist. http://www.homelab.it/index.php/2014/11/03/wordpress-brute-force-multithreading/
wordpot 37.e42eeda A Wordpress Honeypot.
GitHub - gbrindisi/wordpot: A Wordpress Honeypot
A Wordpress Honeypot. Contribute to gbrindisi/wordpot development by creating an account on GitHub.
github.com
wpa-bruteforcer 4.d5f8586 Attacking WPA/WPA encrypted access point without client.
GitHub - SYWorks/wpa-bruteforcer: Attacking WPA/WPA encrypted access point without client.
Attacking WPA/WPA encrypted access point without client. - SYWorks/wpa-bruteforcer
github.com
wpbf 7.11b6ac1 Multithreaded WordPress brute forcer.
GitHub - dejanlevaja/wpbf: WPBF - a multithreaded WP brute forcer
WPBF - a multithreaded WP brute forcer. Contribute to dejanlevaja/wpbf development by creating an account on GitHub.
github.com
wpscan 1868.6e01e1b A vulnerability scanner which checks the security of WordPress installations using a black box approach.
WPScan: WordPress Security Scanner
A WordPress vulnerability database for WordPress core security vulnerabilities, plugin vulnerabilities and theme vulnerabilities.
wpscan.org
ws-attacker 1.3 A modular framework for web services penetration testing.
WS-Attacker
Download WS-Attacker for free. WS-Attacker is a modular framework for web services penetration testing. It is a free and easy to use software solution, which provides an all-in-one security checking interface with only a few clicks.
ws-attacker.sourceforge.net
wsfuzzer 1.9.5 A Python tool written to automate SOAP pentesting of web services. https://www.owasp.org/index.php/Category:OWASP_WSFuzzer_Project
wyd 0.2 Gets keywords from personal files. IT security forensic tool.
remote-exploit.org
www.remote-exploit.org