HoneyProxy -a man-in-the-middle SSL proxy & traffic analyzer

HoneyProxy

a man-in-the-middle SSL proxy & traffic analyzer

HoneyProxy is a lightweight tool that allows live HTTP(S) traffic inspection and analysis.
It focuses on features that are useful for malware analysis and network forensics.

Features

• Analyze HTTP(S) traffic on the fly
• Filter and highlight traffic, regex support included.
• Report Generation for saved flows, including a live JS editor.
• Save HTTP conversations for later analysis
• Make scripted changes with Python, e.g. remove Cache Header.
• based on and compatible to mitmproxy.
• cross-platform (Windows, OSX and Linux)
• SSL interception certs generated on the fly

Looking for more? Check out our GitHub wiki!

Quick Start

Download the latest release or pick a development snapshot.

Install all dependencies: pip install pyOpenSSL pyasn1 Twisted Autobahn
Windows users: Install the binaries for pyOpenSSL and Twisted manually (or compile yourself).
Ubuntu / Debian users: Install twisted as a package (sudo apt-get install python-twisted). If you get errors, check this page.

Start HoneyProxy with python honeyproxy.py or python honeyproxy.py --help. 
If you don't use a modern browser, a kitten will die. We support both Firefox and Chrome!

Most command line parameters are documented in the mitmproxy docs.

ghost-phisher

ghost-phisher

Ghost Phisher is a Wireless and Ethernet security auditing and attack software program written using the Python Programming Language and the Python Qt GUI library, the program is able to emulate access points and deploy

various internal networking servers for networking, penetration testing and phishing attacks.

Operating System Supported

The Software runs on any Linux machine with the programs prerequisites, But the program has been tested on the following Linux based operating systems:

Ubuntu KDE/GNOME

BackTrack Linux

BackBox Linux

Prerequisites

The Program requires the following to run properly:
The following dependencies can be installed using the Debian package installer command on Debian based systems using "apt-get install program" or otherwise downloaded and installed manually

Aircrack-NG

Python-Scapy

Python Qt4

Python

Subversion

Xterm

Metasploit Framework (Optional)

Download

Video

PYLORIS DDOS TOOL

PyLoris (PYLORIS DDOS TOOL)

A protocol agnostic application layer denial of service attack.

PyLoris is a scriptable tool for testing a server's vulnerability to connection exhaustion denial of service (DoS) attacks. PyLoris can utilize SOCKS proxies and SSL connections, and can target protocols such as HTTP, FTP, SMTP, IMAP, and Telnet.

Features

• Tkinter GUI
• Scripting API
• Anonymity
• TOR Proxying
• SOCKS Proxying

Download

Open Source Admin Tools

Adminer (formerly phpMinAdmin)

Adminer (formerly phpMinAdmin) is a full-featured database management tool written in PHP. Conversely to phpMyAdmin, it consist of a single file ready to deploy to the target server. Adminer is available for MySQL, PostgreSQL, SQLite, MS SQL and Oracl

PhpSysInfo

PhpSysInfo: a customizable PHP script that displays information about your system nicely

Swiss File Knife - A Command Line Tools Collection

combines many functions in a single, portable executable that belongs onto every USB stick. Search and convert text files, instant simple FTP/HTTP server, find duplicate files, compare folders, treesize, run own commands on all files of a folder - it's all within a single tool. Download from sourceforge. This package contains binaries and source code for Windows (7/Vista/XP), Linux and Mac. You may also download just the Windows executable sfk.exeor the Linux binary for Ubuntu or DSL. No installation, no registry changes, instant use.

What New in backtrack R3.

few new tools covered below.

Information Gathering Analysis

• Jigsaw – Grabs information about company employees
• Uberharvest – E-mail harvester
• sslcaudit – SSL Cert audit
• VoIP honey – VoIP Honeypot
• urlcrazy – Detects URL typos used in typo squatting, url hijacking, phishing

Vulnerability Assessment

• Lynis – Scans systems & software for security issues
• DotDotPwn – Directory Traversal fuzzer

Exploitation Tools

• Netgear-telnetable – Enables Telnet console on Netgear devices
• Termineter – Smart Meter tester
• Htexploit – Tool to bypass standard directory protection
• Jboss-Autopwn – Deploys JSP shell on target JBoss servers
• Websploit – Scans & analyses remote systems for vulnerabilities

Wireless Exploitation Tools

• Bluepot – Bluetooth honeypot
• Spooftooph – Spoofs or clones Bluetooth devices
• Smartphone-Pentest-Framework
• Fern-Wifi-cracker – Gui for testing Wireless encryption strength
• Wi-fihoney – Creates fake APs using all encryption and monitors with Airodump
• Wifite – Automated wireless auditor