Libinjection – SQL / SQLI Tokenizer Parser Analyzer

SQL / SQLI tokenizer parser analyzer. For C and C++ PHP Python Lua Java (external port) [LuaJIT/FFI] ( (external port) See for details and presentations. Simple example: fingerprint of ‘%s’n”, state.fingerprint); } return issqli; } “> #include <stdio.h>#include <strings.h>#include <errno.h>#include “libinjection.h”#include “libinjection_sqli.h”int main(int argc, const char* argv[]){ struct libinjection_sqli_state state; int issqli; const char*Read More

Emba – An Analyzer For Linux-based Firmware Of Embedded Devices

emba is being developed as a firmware scanner that analyses already-extracted Linux-based firmware images. It should help you to identify and focus on the interesting areas of a huge firmware image. Although emba is optimized for offline firmware images, it can test both, live systems and extracted images. Additionally, it can also analyze kernel configurations.Read More

Pidrila – Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

PIDRILA: Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer is really fast async web path scanner prototype developed by BrightSearch team for all ethical netstalkers. Installation & Usage git clone pidrilapython3 -u <URL> Options Usage: [OPTIONS]Options: -U, –user-agent TEXT User-Agent -t, –timeout INTEGER Request timeout [default: 30] -A, –auth TEXT Basic HTTP auth,Read More

Webshell-Analyzer – Web Shell Scanner And Analyzer

Web shell analyzer is a cross platform stand-alone binary built solely for the purpose of identifying, decoding, and tagging files that are suspected to be web shells. The web shell analyzer is the bigger brother to the web shell scanner project (, which only scans files via regex, no decoding or attribute analysis. Disclaimer TheRead More

FastNetMon Community – Very Fast DDoS Analyzer With Sflow/Netflow/Mirror Support

FastNetMon – A high performance DoS/DDoS load analyzer built on top of multiple packet capture engines (NetFlow, IPFIX, sFlow, AF_PACKET, SnabbSwitch, netmap, PF_RING (obsoleted), PCAP).What do we do?We detect hosts in the deployed network sending or receiving large volumes of traffic, packets/bytes/flows, per second and perform a configurable action to handle that event. These configurableRead More

Gadgetinspector – A Byte Code Analyzer For Finding Deserialization Gadget Chains In Java Applications

This project inspects Java libraries and classpaths for gadget chains. Gadgets chains are used to construct exploits for deserialization vulnerabilities. By automatically discovering possible gadgets chains in an application’s classpath penetration testers can quickly construct exploits and application security engineers can assess the impact of a deserialization vulnerability and prioritize its remediation.This project was presentedRead More

ApplicationInspector – A Source Code Analyzer Built For Surfacing Features Of Interest And Other Characteristics To Answer The Question ‘What’S In It’ Using Static Analysis With A Json Based Rules Engine

Microsoft Application Inspector is a software source code analysis tool that helps identify and surface well-known features and other interesting characteristics of source code to aid in determining what the software is or what it does.Application Inspector is different from traditional static analysis tools in that it doesn’t attempt to identify “good” or “bad” patterns;Read More