Processed through Paypal
No account required.


Donate Bitcoin to this wallet:
1KkUMXvQ2ko3xcJkzitB7WYgoW6m79WFfm
Donate Ethereum to this wallet:
0x40E56922F43637224935CDC35e2c96E0392A8505
Donate Litecoin to this wallet:
LLYAFEyqjH69gkyCEpRjXNyedRCWrVChfL

  Our merchandise, sold here, helps keep the site alive.  


Facebook Follow @GeekOnTheLoose




 Home » OlderGeeks.com Freeware Downloads » Anti-Virus, Anti-Malware, Security Utilities » Pentesting and Vulnerability Tools   
Files
  File Name Rating Downloads
Last Update/Developer
Bitdefender Home Scanner 1.0
Bitdefender Home Scanner 1.0 Scan for weaknesses and hidden backdoors into your home Bitdefender Home Scanner is a free tool that scans your Wi-Fi network, maps devices and identifies and highlights network security flaws. Bitdefender Home Scanner looks for weak passwords, as well as vulnerable or poorly encrypted communications. It correlates the information gathered from your connected devices with online vulnerability databases and gives you a thorough report so you can ensure maximum security for your network. Map your home network Scan open ports in the network Wi-Fi scanner: identify all connected devices and security risks Complementary to and compatible with all existing security tools Why use Bitdefender Home Scanner New software vulnerabilities are being discovered in many smart devices every day, and hackers are taking advantage of these security flaws to target homes and businesses. It is time to start thinking about the security of your smart devices. Recently, a mom who had installed a smart surveillance system in her home discovered that someone had hacked into a webcam and live-streamed her daughters’ room on the Internet. There have been numerous reports about light bulbs being hacked. In one case, a security company demonstrated that unauthorized persons could hack into a home network by posing as a new light bulb joining the system. This way the other light bulbs were tricked into giving away the username and password for the network. Moreover, hackers can take advantage of vulnerabilities to take control of vast numbers of smart devices and use them to launch massive attacks against commercial and government websites. Technical Details Minimum system requirements: Windows 7 SP 1, 8, 8.1, 10 CPU: Dual Core 1.6 GHz RAM: 1 GB HDD: 300 MB Recommended system requirements: Windows 7 SP ...
5/5 1,766 Nov 13, 2019
BitDefender Labs
EOPRadar v1.08
EOPRadar v1.08 Use this new tool to check your system for several classes of privilege escalation vulnerabilities. Useful in pentesting engagements, OS image hardening, SRP/AppLocker testing. Win 7 and above. x64 only Quick start 1. Note that the tool must be launched as a standard user account (SUA) - not an administrator. 2. Launch the application and click Scan. 3. In the scan results, a warning (yellow) indicates a writable process path, while an alert (red) indicates a critical EOP vulnerability, which would allow any standard user to elevate privileges to administrator. Any findings in red should be taken very seriously, especially in a AD domain environment. 4. Based on the results, review and fix your NTFS permissions for the affected processes. Remember, SUA-writable paths should not be executable, and vice versa. Click here to visit the author's website.
5/5 1,221 Dec 18, 2019
FS1
ESET EternalBlue Checker 1.0.0.1
ESET EternalBlue Checker 1.0.0.1 ESET has released a free tool to help determine whether your Windows machine is patched against EternalBlue. If the tool finds a vulnerability in your system due to missing Microsoft patches, Your computer is vulnerable will be displayed. Press any key to open the Microsoft Windows update page. Click Microsoft Update Catalog in Method 2: Microsoft update Catalog section. On the Microsoft Update Catalog page, find your operating system in the Products column and click the Download button next to your system. Click the link in the Download window to download the security update for your system. After the security update has been installed, restart your computer. After the computer has restarted, run ESETEternalBlueChecker.exe again to verify that the security update installed correctly and your system is no longer at risk. If the security update was installed correctly, Your computer is safe, Microsoft security update is already installed will be displayed. Warn colleagues who frequently receive emails from external sources – for instance financial departments or Human Resources. Regularly back up your data. In the event of infection, this will help you recover all data. Do not leave external storage used for backups connected to your computer to eliminate the risk of infecting your backups. If your system requires Windows Updates to receive the patch for this exploit, create new backups after applying the patch. Disable or restrict Remote Desktop Protocol (RDP) access Disable macros in Microsoft Office. If you are using Windows XP, disable SMBv1.
5/5 1,771 Nov 13, 2019
ESET
Eternal Blues 0.0.0.8
Eternal Blues 0.0.0.8 Eternal Blues is a free EternalBlue vulnerability scanner. It helps finding the blind spots in your network, these endpoints that are still vulnerable to EternalBlue. Just hit the SCAN button and you will immediately start to get which of your computers are vulnerable and which aren’t. That’s it. If you wish, you can switch networks, or edit your own (yeah, you can also scan the world wide web if you wish). Please use it for good cause only. We have enough bad guys already… Was this tool tested in real networks? Oh yeah. Obviously I cannot say which, but with almost every network I connected to, there were a few vulnerable computers. IMPORTANT: It does *not* exploit the vulnerability, but just checks whether it is exploitable. Yet another vulnerability scanner? There are many vulnerability scanners out there. So… why did I create another? Mainly for the ease of use. The majority of latest WannaCry, NoPetya (Petya, GoldenEye or whatever) victims, are not technical organizations and sometimes just small business who don’t have a security team, or even just an IT team to help them mitigate this. Running NMap, Metasploit (not to mention more commercial products) is something they will never do. I aimed to create a simple ‘one-button’ tool that tells you one thing and one thing only – which systems are vulnerable in your network. Tips If you’re about to run it in your working environment, please update the IT/Security team in advance. You don’t want to cause (IDS/IPS/AV) false alarms If vulnerable systems were found – please take a Windows update asap For God’s sake, please disable SMBv1 already. Whether your systems are patched or not. This protocol was written over 3 decades ago…! If you would like to enjoy the ...
5/5 1,752 Nov 13, 2019
Omerez
GIGABYTE Intel ME Critical FW Update Utility vB18.0125.1
GIGABYTE Intel ME Critical FW Update Utility vB18.0125.1 GIGABYTE TECHNOLOGY Co. Ltd, a leading manufacturer of motherboards and graphics cards, has implemented safety measures aligned with Intel®’s response to the Intel Management Engine (ME) and Intel Trusted Execution Engine (TXE) security vulnerabilities, so customers can be reassured their motherboards are fully protected. For all customers who have purchased GIGABYTE motherboards for Intel platforms, please visit the official website to download the latest BIOS versions as well as ME and TXE drivers. The updates for the motherboards will be released starting with the Z370, 200 and 100 series and then previous generation motherboards. GIGABYTE has released a safety update for the user’s convenience. The GIGABYTE Intel ME Critical FW Update Utility on the GIGABYTE website will automatically detect the system's ME version and update it to the latest version.
5/5 1,791 Nov 13, 2019
Gigabyte
Gophish v0.9.0
Gophish v0.9.0 Open-Source Phishing Framework. Gophish is a powerful, open-source phishing framework that makes it easy to test your organization's exposure to phishing. Launch a Campaign in 3 steps: Set Templates & Targets Gophish makes it easy to create or import pixel-perfect phishing templates. Our web UI includes a full HTML editor, making it easy to customize your templates right in your browser. Launch the Campaign Launch the campaign and phishing emails are sent in the background. You can also schedule campaigns to launch whenever you'd like. Track Results Detailed results are delivered in near real-time. Results can be exported for use in reports. View full installation and usage instructions here. This download is for the Windows version. If you need the MacOS version, download here. If you need the Linux version, download here. Click here to visit the author's website.
5/5 78 Mar 03, 2020
Jordan Wright
Hardentools v2.0-rc2
Hardentools v2.0-rc2 Hardentools is a collection of simple utilities designed to disable a number of "features" exposed by operating systems (Microsoft Windows, for now), and primary consumer applications. These features, commonly thought for enterprise customers, are generally useless to regular users and rather pose as dangers as they are very commonly abused by attackers to execute malicious code on a victim's computer. The intent of this tool is to simply reduce the attack surface by disabling the low-hanging fruit. Hardentools is intended for individuals at risk, who might want an extra level of security at the price of some usability. It is not intended for corporate environments. WARNING: This is just an experiment, it is not meant for public distribution yet. Also, this tool disables a number of features, including of Microsoft Office, Adobe Reader, and Windows, that might cause malfunctions to certain applications. Use this at your own risk. Bear in mind, after running Hardentools you won't be able, for example, to do complex calculations with Microsoft Office Excel or use the Command-line terminal, but those are pretty much the only considerable "downsides" of having a slightly safer Windows environment. Before deciding to use it, make sure you read this document thoroughly and understand that yes, something might break. In case you experience malfunctions as a result of the modifications implemented by this tool, please do let us know. How to use it Once you double-click on the icon, depending on your Windows privileges, you are asked if you want to run Hardentools with administrative privileges. If you select "No" only a subset of the harden features is available, but you can also use hardentools if you have only restricted privileges to harden your user account. If you select "Yes", depending on your Windows security settings, you should be ...
5/5 811 Nov 13, 2019
Security Without Borders
InSpectre v8
InSpectre v8 Easily examine and understand any Windows system's hardware and software capability to prevent Meltdown and Spectre attacks. “InSpectre” is an easy to use & understand utility designed to clarify the many overlapping and confusing aspects of any Windows system's ability to prevent the Meltdown and Spectre attacks. As the application's textual display says... In early 2018 the PC industry was rocked by the revelation that common processor design features, widely used to increase the performance of modern PCs, could be abused to create critical security vulnerabilities. The industry quickly responded, and is responding, to these Meltdown and Spectre threats by updating operating systems, motherboard BIOSes and CPU firmware. Protection from these two significant vulnerabilities requires updates to every system's hardware–its BIOS which reloads updated processor firmware–and its operating system–to use the new processor features. To further complicate matters, newer processors contain features to minimize the performance impact of these important security improvements. But older processors, lacking these newer features, will be significantly burdened and system performance will suffer under some workloads. This InSpectre utility was designed to clarify every system's current situation so that appropriate measures can be taken to update the system's hardware and software for maximum security and performance. Release History Release #8 — Now shows whether an Intel microcode patch is (ever) available for Spectre. Intel has finished designing microcode update patches for its processors. On April 2nd, 2018, they announced that processors that have not yet been patches will never be patched. Their full statement is available in this PDF document. In that document, Intel specifies which of their many processors do have patches and which of their more recent processors will never receive updated firmware. Now that the industry has this information, this 8th release of InSpectre incorporates that list of CPUIDs and displays whether microcode firmware updates exist for the system's Intel CPU. BOGUS “SmartScreen” ...
5/5 1,769 Nov 13, 2019
Gibson Research Corporation
Kaspersky ShadowHammer Check Tool
Kaspersky ShadowHammer Check Tool About ShadowHammer from Kaspersky: Operation ShadowHammer Earlier today, Motherboard published a story by Kim Zetter on Operation ShadowHammer, a newly discovered supply chain attack that leveraged ASUS Live Update software. While the investigation is still in progress and full results and technical paper will be published during SAS 2019 conference in Singapore, we would like to share some important details about the attack. In January 2019, we discovered a sophisticated supply chain attack involving the ASUS Live Update Utility. The attack took place between June and November 2018 and according to our telemetry, it affected a large number of users. ASUS Live Update is an utility that is pre-installed on most ASUS computers and is used to automatically update certain components such as BIOS, UEFI, drivers and applications. According to Gartner, ASUS is the world’s 5th-largest PC vendor by 2017 unit sales. This makes it an extremely attractive target for APT groups that might want to take advantage of their userbase. Based on our statistics, over 57,000 Kaspersky users have downloaded and installed the backdoored version of ASUS Live Update at some point in time. We are not able to calculate the total count of affected users based only on our data; however, we estimate that the real scale of the problem is much bigger and is possibly affecting over a million users worldwide. The goal of the attack was to surgically target an unknown pool of users, which were identified by their network adapters’ MAC addresses. To achieve this, the attackers had hardcoded a list of MAC addresses in the trojanized samples and this list was used to identify the actual intended targets of this massive operation. We were able to extract more than 600 unique MAC addresses from over 200 samples used in this attack. Of course, there might be other ...
5/5 860 Nov 13, 2019
Kaspersky
Malwarebytes Anti-Exploit v1.13.1.146
Malwarebytes Anti-Exploit v1.13.1.146 Malwarebytes Anti-Exploit protects you against the security vulnerabilities in the code, which make up your software programs. Your software contains millions of lines of code, which unfortunately some people want to exploit. Malwarebytes Anti-Exploit protects you from these vulnerabilities which people can manipulate in order to infect your system with malware. The software gives you three layers of security protection around popular browsers and applications, thereby preventing the vulnerable code from being exploited. The software is not an antivirus product in itself, but it is compatible with most antivirus software. KEY FEATURES INCLUDE It protects browsers and their add-ons Protects browser components Protects media players and PDF readers Allows you to manage custom shields Best of all, it's free! Changelog Malwarebytes Anti-Exploit 1.13 Build 146 released - Feb 18, 2020 Protection: Protection for the new Edge browser and MS ACCESS application Fixed false detection of Grammarly plugin and OfficeConnect plugin during updates Protection against new exploit attack techniques Usability: Fixed false detection of Grammarly plugin and OfficeConnect plugin during updates Stability/issues fixed: Bug fixes Fixed false positive detections with MS Office applications Improved Logging capabilities Internal Product Improvements Click here to visit the author's website.
5/5 5,720 Feb 19, 2020
Malwarebytes
Metasploitable v2.0.0
Metasploitable v2.0.0 This is Metasploitable2 (Linux) Metasploitable is an intentionally vulnerable Linux virtual machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing techniques. The default login and password is msfadmin:msfadmin. Never expose this VM to an untrusted network (use NAT or Host-only mode if you have any questions what that means). Metasploitable 2 Exploitability Guide is HERE. Click here to visit the author's website.
5/5 414 Nov 13, 2019
rapid7user
Waircut v2.0
Waircut v2.0 WPS wireless protocol audit software for Windows. Wireless Air Cut is a WPS wireless, portable and free network audit software for Ms Windows. It is used to check the security of our wps wireless networks and to detect possible security breaches. You can check if the router has a generic and known wps pin set, if it is vulnerable to a brute-force attack or is vulnerable to a Pixie-Dust attack. Features Compatible with windows 7, 8, 8.1 and 10 Scans wireless networks with the WPS protocol enabled. Compatible with pins that do not meet the checksum rule. Several WPS pin generation algorithms: ZAO, Arcadyan LiveBox 2.1 / 2.2, FTE ... Able to audit a pixie-dust attack on windows. Editable and upgradable database of generic pins. Multilingual, English, Spanish, French and Russian. INSTALLATION: This is a portable application so you only need to unzip it to a folder and run the file waircut.exe. However, in order for the application to work, you must first install the JumpStart wireless network management software. If you already have it installed at other times you do not have to install it again. Another requirement is that you have installed the Microsoft .NET Framework 4.0. You can download these dependencies from the following links: Microsoft .net framework 4.0 Atheros jumpstart for wireless Drivers Changes: [2.0] - 2018-05-15 ### Fixed - Bug in WPS data base pin editor with empty SSID. - Function reimplementation for check new versión. Click here to visit the author's website.
5/5 5,202 Nov 13, 2019
patcherr
Win10 Security Plus v1.0
Win10 Security Plus v1.0 Win10 Security Plus is a powerful Windows OS software application that improves the security of Windows. It applies many recommended security settings and advanced security enhancements to the operating system, the changes should not cause conflicts or system errors, we have tested them many times. The program enables important security services, disables vulnerable system features (such as autorun.inf autoplay, NTVDM executions, Windows host script), improves the security of Internet Explorer and of the system integrity. And best of all, you just need to click the button "Apply Selected" and reboot the PC, that's all. This program works on Windows XP, Vista, 7, 8, 8.1, 10 (32\64-bit). If you have programs that use cscript.exe or wscript.exe you should uncheck the option "Disable Windows Script Host". Else you may get an error message like "Windows Script Host access is disabled on this machine. Contact your administrator for details." when a program executes VBScript or JScript scripts. Program Key Features Enable Important System Security Services Disable Commonly Exploited System Features Disable Autorun.inf Autoplay, 16-bit Processes, WSCRIPT.EXE Enable SmartScreen, Windows Updates, Windows Defender Enable User Acces Control (UAC), Windows File Protection (SFC) Activate Internet Explorer Memory Protection Enable Structured Exception Handling Overwrite Protection Disable Remote Registry, Remote Assistance, Short File Names Enable Driver Signing Check, System Restore, Security Center Enable Signature Verification of Downloaded Programs 40+ Security Improvements in One Powerful Program Improves System Protection Against Malware ...
5/5 1,751 Nov 13, 2019
site2unblock
   
 
Showing rows 1 to 13 of 13 Showing Page 1 of 1  1 


Copyright (c) 2019


Tweets by @GeekOnTheLoose