Latest Cyber Security Tools

Linux Exploit Suggester


As the name suggests, this is a Linux Exploit Suggester, with no frills and no fancy features; just a simple script to keep track of vulnerabilities and suggest possible exploits to use to gain ‘root‘ on a legitimate penetration test, or governing examining body. LES tool is designed to assist in detecting security deficiencies for given Linux kernel/Linux-based machines.

Linux Exploit Suggester tool | IEMLabs



This JBoss script deploys a JSP shell on the target JBoss AS server. Once deployed, the script uses its upload and command execution capability to

provide an interactive session.


Features include:

Jboss-autopwn tool | IEMLabs



The Exploit Database is an archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. Its aim is to serve as the most comprehensive collection of exploits, shellcode and papers gathered through direct submissions, mailing lists, and other public sources, and present them in a freely-available and easy-to-navigate database.

Exploitdb tool | IEMLabs



crackle cracks BLE Encryption (AKA Bluetooth Smart).

crackle exploits a flaw in the BLE pairing process that allows an attacker to guess or very quickly brute force the TK (Temporary Key). With the TK and other data collected from the pairing process, the STK (Short Term Key) and later the LTK (Long Term Key) can be collected.

crackle tool | IEMLabs



Commix (short for [comm]and [i]njection e[x]ploiter) is an automated tool written by Anastasios Stasinopoulos that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities related to command injection attacks

Commix tool | IEMLabs

Backdoor Factory


The goal of BDF is to patch executable binaries with user desired shellcode and continue normal execution of the prepatched state.

Supporting: Windows PE x32/x64 and Linux ELF x32/x64 (System V)

Backdoor Factory tool | IEMLabs



OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. The framework is part of Greenbone Networks’ commercial vulnerability management solution from which developments have contributed to the Open Source community since 2009.

Armitage tool | IEMLabs



Yersinia is a framework for performing layer 2 attacks. It is designed to take advantage of some weaknesses in different network protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems.

Yersinia tool | IEMLabs



Shell script to check for simple privilege escalation vectors on Unix systems.

Unix-privesc-checker is a script that runs on Unix systems (tested on Solaris 9, HP UX 11, Various Linuxes, FreeBSD 6.2).

Unix-privesc-check tool | IEMLabs



The THC IPV6 ATTACK TOOLKIT comes already with lots of effective attacking


 – parasite6: ICMPv6 neighbor solicitation/advertisement spoofer, puts you as man-in-the-middle, same as ARP mitm (and parasite)

 – alive6: an effective alive scanning, which will detect all systems listening to this address

THC-IPV6 tool | IEMLabs



OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. The framework is part of Greenbone Networks’ commercial vulnerability management solution from which developments have contributed to the Open Source community since 2009.

Openvas | IEMLabs



ohrwurm is a small and simple RTP fuzzer that has been successfully tested on a small number of SIP phones. Features:

  • reads SIP messages to get information of the RTP port numbers
  • reading SIP can be omitted by providing the RTP port numbers, so that any RTP traffic can be fuzzed
Ohrwurm | IEMLabs

jSQL Injection


 jSQL Injection is a lightweight application used to find database information from a distant server.

It is free, open source and it works cross-platform on Windows, Linux and Mac OS X with Java from version 8 to 15. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux.

jSQL Injection | IEMLabs



HexorBase is a database application designed for administering and auditing multiple database servers simultaneously from a centralized location, it is capable of performing SQL queries and brute force attacks against common database servers (MySQL, SQLite, Microsoft SQL Server, Oracle, PostgreSQL ).

Hexorbase | IEMLabs



Doona is a fork of the Bruteforce Exploit Detector Tool (BED). BED is a program which is designed to check daemons for potential buffer overflows, format string bugs etc. Doona is Australian for duvet. It adds a significant enough number  of features/changes to BED.

Doona | IEMLabs

Cisco Global Exploiter


Cisco Global Exploiter (CGE), is an advanced, simple and fast security testing tool, that is able to exploit the most dangerous vulnerabilities of Cisco systems. CGE has an intuitive and simple user interface and it is executable from commands line, by inputting two simple parameters, like the target and the vulnerability to exploit.

Cisco-global-exploiter | IEMLabs



Xplico is a Network Forensic Analysis Tool NFAT, for Unix and Unix-like operating systems. It uses libpcap, a packet capture and filtering library.
Xplico in console-mode permits you to decode a single pcap file, directory of pcap files or decode in realtime from an ethernet interface (eth0, eth1, …).

Xplico | IEMLabs



WOL-E is a suite of tools for the Wake on LAN feature of network attached computers, this is now enabled by default on many Apple computers.

These tools include:
Bruteforcing the MAC address to wake up clients.




Wireshark is a network traffic analyzer, or “sniffer”, for Linux, macOS, *BSD and other Unix and Unix-like operating systems and for Windows. It uses Qt, a graphical user interface library, and libpcap and npcap as packet capture and filtering libraries.

Wireshark | IEMLabs



URLCrazy is an OSINT tool to generate and test domain typos or variations to detect or perform typosquatting, URL hijacking, phishing, and corporate espionage.

URLCrazy Tool | IEMLabs



Unicornscan is a new information gathering and correlation engine built for and by members of the security research and testing communities. It was designed to provide an engine that is Scalable, Accurate, Flexible, and Efficient. It is released for the community to use under the terms of the GPL license.

Unicornscan Tool | IEMLabs



The objective of this program is to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database.

This tool is intended to help Penetration testers in the early stages of the penetration test in order to understand the customer footprint on the Internet. It is also useful for anyone that wants to know what an attacker can see about their organization.

Harvester Tool | IEMLabs



Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Sublist3r enumerates subdomains using many search engines such as Google, Yahoo, Bing, Baidu and Ask. Sublist3r also enumerates subdomains using Netcraft, Virustotal, ThreatCrowd, DNSdumpster and ReverseDNS.

subbrute was integrated with Sublist3r to increase the possibility of finding more subdomains using bruteforce with an improved wordlist. The credit goes to TheRook who is the author of subbrute.

SSLyze Tool | IEMLabs



When attempting to crack passwords custom word lists are very useful additions to standard dictionaries.

An interesting idea originally released on the “7 Habits of Highly Effective Hackers” blog was to use Twitter to help generate those lists based on searches for keywords related to the list that is being cracked.

Twofi Tool | IEMLabs



SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL servers.

SSLyze Tool | IEMLabs



sslstrip is a tool that transparently hijacks HTTP traffic on a network, watches for HTTPS links and redirects, and then maps those links into look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which looks like a lock icon, selective logging, and session denial.

SSLstrip Tool | IEMLabs



SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing.

SSLsplit Tool | IEMLabs



The goal of sslcaudit project is to develop a utility to automate testing SSL/TLS clients for resistance against MITM attacks. It might be useful for testing a thick client, a mobile application, an appliance, pretty much anything communicating over SSL/TLS over TCP.

SSLcaudit Tool | IEMLabs



SPARTA is a python GUI application that simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. It allows the tester to save time by having point-and-click access to their toolkit and by displaying all tool output in a convenient way. If less time is spent setting up commands and tools, more time can be spent focusing on analysing results.

Sparta Tool | IEMLabs



Like snmpwalk, snmp-check allows you to enumerate the SNMP devices and places the output in a very human readable friendly format. It could be useful for penetration testing or systems monitoring. Distributed under GPL license and based on “Athena-2k” script by jshaw.

Snmp-check Tool | IEMLabs



Smtp-user-enum is a tool for enumerating OS-level user accounts on Solaris via the SMTP service (sendmail). Enumeration is performed by inspecting the responses to VRFY, EXPN and RCPT TO commands. It could be adapted to work against other vulnerable SMTP daemons, but this hasn’t been done as of v1.0.

Smtp-user-enum Tool | IEMLabs



SMBMap allows users to enumerate samba share drives across an entire domain. List share drives, drive permissions, share contents, upload/download functionality, file name auto-download pattern matching, and even execute remote commands. This tool was designed with pen testing in mind, and is intended to simplify searching for potentially sensitive data across large networks.

SMBMap Tool | IEMLabs

Social Engineer Toolkit(SET)


The Social-Engineer Toolkit is an open-source penetration testing framework designed for social engineering. SET has a number of custom attack vectors that allow you to make a believable attack quickly. SET is a product of TrustedSec, LLC – an information security consulting firm located in Cleveland, Ohio.

SET Tool | IEMLabs

Recon-ng Framework


Recon-ng is a full-featured reconnaissance framework designed with the goal of providing a powerful environment to conduct open source web-based reconnaissance quickly and thoroughly.

Recon-ng Tool | IEMLabs



Parsero is a free script written in Python which reads the Robots.txt file of a web server and looks at the Disallow entries. The Disallow entries tell the search engines what directories or files hosted on a web server mustn’t be indexed. For example, “Disallow: /portal/login” means that the content on it’s not allowed to be indexed by crawlers like Google, Bing, Yahoo… This is the way the administrator have to not share sensitive or private information with the search engines.

Parsero Tool | IEMLabs



OSRFramework is a GNU AGPLv3+ set of libraries developed by i3visio to perform Open Source Intelligence collection tasks. They include references to a bunch of different applications related to username checking, DNS lookups, information leaks research, deep web search, regular expressions extraction and many others. At the same time, by means of ad-hoc Maltego transforms, OSRFramework provides a way of making these queries graphically as well as several interfaces to interact with like OSRFConsole or a Web interface.

OSRFramework Tool | IEMLabs



Ntopng is a web-based network traffic monitoring application released under GPLv3. It is the new incarnation of the original ntop written in 1998, and now revamped in terms of performance, usability, and features.

Ntopng Tool | IEMLabs



Metagoofil is a tool for extracting metadata of public documents (pdf,doc,xls,ppt,etc) availables in the target websites.This information could be useful because you can get valid usernames, people names, for using later in brute force password attacks (vpn, ftp, webapps), the tool will also extracts interesting “paths” of the documents, where we can get shared resources names, server names, etc.

Metagoofil Tool | IEMLabs



This is an Internet-scale port scanner. It can scan the entire Internet in under 6 minutes, transmitting 10 million packets per second, from a single machine.

It’s input/output is similar to nmap, the most famous port scanner. When in doubt, try one of those features.

Masscan Tool | IEMLabs



InTrace is a traceroute-like application that enables users to enumerate IP hops using existing TCP connections, both initiated from local network (local system) or from remote hosts. It could be useful for network reconnaissance and firewall bypassing.

InTrace Tool | IEMLabs



Ident-user-enum is a simple PERL script to query the ident service (113/TCP) in order to determine the owner of the process listening on each TCP port of a target system.

Ident-user-enum Tool | IEMLabs



Hping3 is a network tool able to send custom TCP/IP packets and to display target replies like ping do with ICMP replies. hping3 can handle fragmentation, and almost arbitrary packet size and content, using the command line interface.

Hping3 Tool | IEMLabs



GoLismero is an open source framework for security testing. It’s currently geared towards web security, but it can easily be expanded to other kinds of scans.

GoLismero Tool | IEMLabs

Ghost Phisher


Ghost Phisher is a Wireless and Ethernet security auditing and attack software program written using the Python Programming Language and the Python Qt GUI library, the program is able to emulate access points and deploy various internal networking servers for networking, penetration testing and phishing attacks.

Ghost Phisher Tool | IEMLabs



FragRouter is a hash-based routing for web browsers, similar to normal URL routing found in server-side MVC frameworks like Django or Ruby on Rails (and most others). It is ‘hash-based’ because it uses the fragment identifier (commonly called ‘hash’) to determine the path. FragRouter can be used either as stand-alone script using the conventional <script> tag, or as an AMD module with loaders like RequireJS.

Fragrouter Tool | IEMLabs



A simple backdoor with the goal of circumventing network firewalls. The daemon process, fwalk.c, runs on the system that you’re wanting to backdoor. It processes all incoming ICMP packets, looking for a password, ip address and port number in the payload. If the password matches, it establishes a TCP connection with the IP address and port number specified and launches a root shell.

Firewalk Tool | IEMLabs



Fierce is a semi-lightweight scanner that helps locate non-contiguous IP space and hostnames against specified domains. It’s really meant as a pre-cursor to nmap, unicornscan, nessus, nikto, etc, since all of those require that you already know what IP space you are looking for. This does not perform exploitation and does not scan the whole internet indiscriminately.

Fierce Tool | IEMLabs



Faraday introduces a new concept – IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit. Faraday was made to let you take advantage of the available tools in the community in a truly multiuser way.

Faraday Tool | IEMLabs



EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if known.

EyeWitness is designed to run on Kali Linux. It will auto detect the file you give it with the -f flag as either being a text file with URLs on each new line, nmap xml output, or nessus xml output.

EyeWitness Tool | IEMLabs



EnumIAX is an Inter Asterisk Exchange protocol username brute-force


EnumIAX may operate in two distinct modes; Sequential Username Guessing or

Dictionary Attack.

EnumIAX Tool | IEMLabs



Enum4linux is a tool for enumerating information from Windows and Samba systems. It attempts to offer similar functionality to enum.exe formerly available from

It is written in Perl and is basically a wrapper around the Samba tools smbclient, rpclient, net and nmblookup.

Enum4linux Tool | IEMLabs



 DotDotPwn is a very flexible intelligent fuzzer to discover traversal directory vulnerabilities in software such as HTTP/FTP/TFTP servers, Web platforms such as CMSs, ERPs, Blogs, etc.

Also, it has a protocol-independent module to send the desired payload to the host and port specified. On the other hand, it also could be used in a scripting way using the STDOUT module.

DotDotPwn Tool | IEMLabs



Dnswalk is a DNS debugger.  It performs zone transfers of specified domains, and checks the database in numerous ways for internal consistency, as well as accuracy.

DnsWalk Tool | IEMLabs



Dnstracer determines where a given Domain Name Server (DNS) gets its information from, and follows the chain of DNS servers back to the servers which know the data. Its behaviour is similar to ntptrace(8), which does it for the NTP protocol.

DNSTracer Tool | IEMLabs



Dnsmap was originally released back in 2006 and was inspired by the fictional story “The Thief No One Saw” by Paul Craig, which can be found in the book “Stealing the Network – How to 0wn the Box” dnsmap is mainly meant to be used by pentesters during the information gathering/enumeration phase of infrastructure security assessments.

Dnsmap Tool | IEMLabs



dnmap is a framework to distribute nmap scans among several clients. It reads an already created file with nmap commands and sends those commands to each client connected to it. The framework uses a client/server architecture. The server knows what to do and the clients do it.

Dnmap Tool | IEMLabs



 DMitry (Deepmagic Information Gathering Tool) is a UNIX/(GNU)Linux Command Line program coded purely in C with the ability to gather as much information as possible about a host.  DMitry has a base functionality with the ability to add new functions.

DMitry Tool | IEMLabs



The main feature that makes cisco-torch different from similar tools is the extensive use of forking to launch multiple scanning processes on the background for maximum scanning efficiency. Also, it uses several methods of application layer fingerprinting simultaneously, if needed.

Cisco-Torch Tool | IEMLabs



CDPSnarf is a network sniffer exclusively written to extract information from CDP packets. It provides all the information a “show cdp neighbors detail” command would return on a Cisco router and even more.

CDPSnarf Tool | IEMLabs



  1. A Casefile tab that displays all bookmarks in the project
  2. Bookmarks that include text to find at (or around) the designated location
  3. Drag-and-drop reordering and hierarchical organization of bookmarks
  4. User-supplied notes on bookmarks
Casefile Tool | IEMLabs



Braa implements its OWN snmp stack, so it does NOT need any SNMP libraries like net-snmp. The implementation is very dirty, supports only several data types, and in any case cannot be stated ‘standard-conforming’! It was designed to be fast, and it is fast.

Braa Tool | IEMLabs



Bing-ip2hosts is a web scraper that discovers hostnames by IP address. Bing is the flagship Microsoft search engine formerly known as MSN Search and Live Search. It can be used to discover subdomains and other related domains. It also helps to identify websites hosted in a shared hosting environment. This technique follows best practices during the reconnaissance phase of a penetration test or bug bounty, to expand the target’s attack surface.


BING Tool | IEMLabs



APT2 is an automated penetration testing toolkit. This tool will perform an NMap scan, or import the results of a scan from Nexpose, Nessus, or NMap. The processed results will be used to launch exploit and enumeration modules according to the configurable Safe Level and enumerated service information.


APT2 Tool | IEMLabs



Amap is a next-generation scanning tool for pentesters. It attempts to identify applications even if they are running on a different port than normal. It also identifies non-ascii based applications. This is achieved by sending trigger packets, and looking up the responses in a list of response strings. 

AMAP Tool | IEMLabs



BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors.

BeEF Tool | IEMLabs



Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks.

Skipfish Tool | IEMLabs



Number one of the biggest security holes are passwords, as every password security study shows. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system.

Hydra Tool | IEMLabs



The WPScan CLI tool uses the WPScan API to retrieve WordPress vulnerability data in real time. For WPScan to retrieve the vulnerability data an API token must be supplied via the –api-token option, or via a configuration file, as discussed below. An API token can be obtained by registering an account on WPScan.

WPScan Tool | IEMLabs



Lynis is a security auditing tool for systems based on UNIX like Linux, macOS, BSD, and others. It performs an in-depth security scan and runs on the system itself. The primary goal is to test security defenses and provide tips for further system hardening.

Lynis Tool | IEMLabs



Bradamsa is a Burp Suite extension for Radamsa, a well-known fuzzer made by the Oulu University Secure Programming Group. Inspired by burp-radamsa, this plugin allows to generate Intruder payloads using Radamsa.

Bradamsa Tool | IEMLabs

Turbo Intruder


 Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results. It’s intended to complement Burp Intruder by handling attacks that require exceptional speed, duration, or complexity.

Turbo Intruder Tool | IEMLabs



GDA, a new Dalvik bytecode decompiler, is implemented in C++, which has the advantages of faster execution and lower memory disk consumption and an stronger ability to decompiling the APK, DEX, ODEX, OAT files(supports JAR, CLASS and AAR files since 3.79). GDA is completely self-independent and works without Java VM and installation, so it works well in any newly installed windows system and virtual machine system without additional configuration. GDA Decompiler project started in 2013 and its first version 1.0 released in 2015 at GDA website.

GJoy Dex Analysizer | IEMLabs



GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also known as PGP).  GnuPG enables encryption and signing of data and communication, and features a versatile keY management system as well as access modules for public key directories.

gnuPG Tool | IEMLabs



This is a burp plugin (python) that extracts keywords from response using regexes and test for reflected XSS on the target scope. Valid parameters reflected, vulnerable parameters are show in results in the rexsser extension tab.

Rexsser Tool | IEMLabs

I/O Riot


It is an I/O benchmarking tool for Linux based operating systems which captures I/O operations on a (possibly production) server in order to replay the exact same I/O operations on a load test machine.


Riot Tool | IEMLabs

SolarWinds Security Event Manager


The SolarWinds Orion Platform is a unified suite of network and system management products. Orion is installed on one or more servers in your organization’s intranet. IT professionals in your organization interact with Orion primarily through the Orion website, which provides a single pane of glass for monitoring your IT infrastructure.

Orion Tool | IEMLabs



DTail (a distributed tail program) is a DevOps tool for engineers programmed in Google Go for following (tailing), catting and grepping (including gzip and zstd decompression support) log files on many machines concurrently. An advanced feature of DTail is to execute distributed mapreduce aggregations across many machines.

Dtail Tool | IEMLabs

Robin mta tester


Robin MTA Tester is a development, debug and testing tool for MTA architects. It is powered by a highly customizable SMTP client designed to emulate the behaviour of popular email clients. A rudimentary server is also provided that is mainly used for testing the client.

Robin Tool | IEMLabs



Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular service providers as well as custom in-house solutions.

Terraform Tool | IEMLabs

Our Certifications

Collaboration | ISO | IEMLabs

Our Accreditation

Collaboration | EC Council | IEMLabs

Our Membership

Collaboration | Nasscom | IEMLabs
DSCI Logo | IEMLabs
ICC Logo | IEMLabs
CII Logo | IEMLabs

Christmas Bonanza

Contact Us and Get


Call Us - 1800 270 3002

Use Promocode - IEMA20

Valid Till - 31st December, 2020

Get In touch

We are available 24 * 7, Contact Us and Avail Instant Discount

WhatsApp Now