A tool for bruteforce guessing pass phrases, password hashes or remote accounts of various services. Continue reading
Updated version of the Blind SQL Injection Brute Forcer from www.514.es. It work against PostgreSQL, MySQL, MSSQL and Oracle and supports custom SQL queries. Continue reading
The tool is designed as a password dictionary attack tool that targets windows authentication via the SMB protocol. It is really a wrapper script around the ‘smbclient’ binary, and as a result is dependent on it for its execution. Continue reading
MIBparse.pl has been designed as an offline parser to quickly parse output from SNMP tools such as ‘snmpwalk’. Continue reading
XSS Tunnel is a standard HTTP proxy which sits on an attacker’s system. Any tool that is configured to use it will tunnel its traffic through the active XSS Channel on the XSS Shell server. Continue reading
BannerGrab is a tool that performs connection, trigger-based and basic information collection from network services. Continue reading
Sun Patch Check lists missing security patches by comparing the output from the Sun Solaris “showrev” command to that from the Sun recommended patch list. Continue reading
NOTE : This download is no longer available on our web site. Portcullis no longer maintain the tool, if you would like the latest version visit https://github.com/portcullislabs/xssshell-xsstunnell
XSS Shell is a powerful XSS backdoor, in XSS Shell one can interactively send requests and get responses from victim and it allows you to keep the control of session. Continue reading