A tool for bruteforce guessing pass phrases, password hashes or remote accounts of various services. Continue reading →

Updated version of the Blind SQL Injection Brute Forcer from www.514.es. It work against PostgreSQL, MySQL, MSSQL and Oracle and supports custom SQL queries. Continue reading →

The tool is designed as a password dictionary attack tool that targets windows authentication via the SMB protocol. It is really a wrapper script around the ‘smbclient’ binary, and as a result is dependent on it for its execution. Continue reading →

MIBparse.pl has been designed as an offline parser to quickly parse output from SNMP tools such as ‘snmpwalk’. Continue reading →

NBTscan is a program for scanning IP networks for NetBIOS name information. Continue reading →

XSS Tunnel is a standard HTTP proxy which sits on an attacker’s system. Any tool that is configured to use it will tunnel its traffic through the active XSS Channel on the XSS Shell server. Continue reading →

BannerGrab is a tool that performs connection, trigger-based and basic information collection from network services. Continue reading →

Viewstate is an ASP.Net viewstate decoder, checker, parser and encoder. Continue reading →

Sun Patch Check lists missing security patches by comparing the output from the Sun Solaris “showrev” command to that from the Sun recommended patch list. Continue reading →

NOTE : This download is no longer available on our web site. Portcullis no longer maintain the tool, if you would like the latest version visit https://github.com/portcullislabs/xssshell-xsstunnell

XSS Shell is a powerful XSS backdoor, in XSS Shell one can interactively send requests and get responses from victim and it allows you to keep the control of session. Continue reading →