Socket Injecting Fuzzer - Dumb fuzzer, focused on applications working in the client-server architecture. It uses the LD_PRELOAD
trick to hook network sending functions (sendto
, send
, write
etc.) and mutates outgoing data using radamsa.
Wireless Discover Crack Scan - CLI tool, utilizes known WiFi-related security tools to automate the process of discovering wireless networks, cracking passwords, and scanning ports and services. It automatically selects targets and runs all suitable attacks. Results are stored in a local database, so they can be viewed anytime or exported for further usage.
HTTP Mock - Burp extension, provides mock responses that can be customized, based on the real ones.
ExifTool Scanner - Burp extension, reads metadata from various filetypes (JPEG, PNG, PDF, DOC, XLS and much more) using ExifTool. Results are presented as Passive scan issues and Message editor tabs.
Match/Replace Session Action - Burp extension, provides match and replace function as Session Handling Rule. The main purpose was to easily replace CSRF tokens in headers and body parameters performing Compare Site Maps.
WebSocket Proxy - CLI tool, creates an HTTP bridge to a websocket service. The purpose was to use HTTP oriented tools (eg. Burp Scanner, sqlmap, nikto etc.) against websockets.