Social Engineering Automation Kit The Social Engineering Automation Kit is a set of scripts and libraries oriented to assist testers in performing social engineering OSINT and automate several tasks that are part of all social engineering engagements. The first component, Esearchy, is a ruby library with a proof of concept interface capable of searching the Internet for email addresses and people. Currently, the supported search engines include, but are not limited to, Google, Google Profiles, Bing, Classmates, and LinkedIn. Additionally, Esearchy is capable of downloading and parsing several file types to search for emails inside them. Another component of SEAK is EMaily. EMaily is a ruby library composed of scripts and tools capable of automating highly templated mass emailing. Furthermore, it contains specially designed payloads capable of information gathering and testing egressing rules. Source DDS Fuzzers This collection of fuzzers can fuzz DHCP servers, iCalendar parsers, IRC clients, Socket system calls, UNIX system calls, and TFTP servers. It also includes mangle.c, a binary file dumb fuzzer that flips some bits. Written in C, Perl, and Python, most of these tools are straightforward and contain only a couple of hundred lines of code. Source (.zip) NTLM Web Proxy Simple and precise, this tool's functionality gives you a proxy that spoofs an NTLM request to a domain-joined request, and then forwards the NTLM challenge/response sequence to a targeted server. It works just like SMB Reflection, but over HTTP. Source (.zip) Simple Stupid HTTP V1 Tired of dealing with easy-to-own HTTP daemons? Don't want dynamic content or super-cool chunked threading? Just want to serve up static content? Stupid Simple V1 lives completely in memory after initial file upload and it performs no dynamic memory access after listening is initialized (unless you specify an interval re-load). Features include the ability to service only valid GET requests, no memory writes except during file load and kernel-level recv(), no dynamic content, no sub-directory support, and no dynamic headers except content-type. Source (.zip) MemSearch Memory Searching Tool This cross-platform (Linux and Win32) tool allows you to search for trampoline instructions in memory. Source (tar.gz) DNSWhat? Scanning Tool This tool's functionality is twofold: (1) scan the designated network segment for active DNS servers and (2) sniff off the wire to determine whether DNS servers (localhost or on the local segment) are vulnerable to the new DNS cache poisoning attack. Source (.zip) LIBWifi Tool Kit The libWifi Tool Kit provides researchers with a framework in which to fuzz 802.11 protocols. Source (.tgz) Snark v0.16—HTTP Interrogation Proxy A so called "attack proxy", Snark allows a user to monitor and edit HTTP requests and responses. Snark can be configured to act as a web proxy, or in a tunnel mode which allows for proxy chaining, or use with other tools. Snark was written in perl and should run in any environment that is supported by perl, and wxWindows. Source (.zip) NEW! WIN32 Installer (.exe) Morf v0.3—Ninja Encoder Morf is the supreme ninja god of encodings. URL, HTTP, Base64, HEX, MD5, SHA1, UTF-7, the list goes on... Source (.zip) WIN32 Installer (.exe) Secret Squirrel v0.8—Password Manager Secret Squirrel is your basic password manager application written in Java. Runs on all platforms that support recent versions of Java. Uses blowfish and SHA-384, password generation using Java secure random object (fully configurable), password groups, etc. Source (.zip) Compiled Bits (.zip) WIN32 Installer (.exe) Custos v0.1b—Dapi Wrapper This is a beta version of Custos that is a working example of using the DAPI API's to store secrets. The included Visual Studio 2003 project is both a COM object and Assembly, usable by both ASP and ASP.NET projects. Additionally a manager application is provided to help create the required Registry entries. Source and installer (.zip) Tabby Tunnel—SSL Tunnel for Windows An SSL tunnel that can make use of certificates in the Windows Certificate Store. This is usefull for creating tunnels to client certificate authenticated services. TabbyTunnel makes use of IOActive.SSL library. Source (.zip) Binary (WIN32) (.zip) IOActive.SSL—Microsoft .NET SSL Library Library to allow for easier use of SSL in .NET tools. Used by TabbyTunnel. Source (.zip) Binary (.zip)