Keyloggers Software list


Keyloggers Software list for Security Team.

The author does not hold any responsibility for the bad use of this tool, remember that attacking targets without prior consent it’s illegal and punished by law.

This is the short list of keyloggers:

  • Elite Keylogger
  • All in One Keylogger
  • Bozok
  • Revealer Keylogger Pro
  • Advanced Keylogger
  • REFOG Free Keylogger
  • NetWire 
  • Free Keylogger
  • DanuSoft Free Keylogger
  • Award Keylogger Pro
  • DarkComet
  • Invisible Keylogger Stealth
  • CyberGate Excel 
  • Looxee
  • Keylog-TVC
  • StatWin Pro
  • Keylog-Small.b
  • W32/Buchon.c!keylog
  • Keylog-Hothook.dr
  • Keylog-Small.c.dr
  • Lost Door

Note: will be updated soon with separation of malware & spy programs / I will don’t add the public link for Malware keyloggers.

REFOG Free Keylogger

Official website:

Free Keylogger

Official website:

Free keylogger is  a compact, stealthy and highly efficient keylogger designed for silent monitoring of nearly all activities on a user’s computer. Covering all major areas of interest, such as web browsing, software usage and text input, it provides the observer a detailed picture of how the system was used.

Text entry is intercepted on the lowest level, which means that literally every keystroke is recorded, no passwords remain hidden and no messages slip through unnoticed. Anything copied to the system clipboard is captured, every URL visited and link clicked is reliably logged into a report.

Spyrix Personal Monitor

Official website:

Spyrix Personal Monitor is a powerful multifunctional program for complete and detailed REMOTE MONITORING of user activity. It can monitor keyboard (Keylogger) activity, activity on social networks (Facebook, MySpace etc.), web-surfing, Skype, IM Messengers (ICQ, MSN etc.), running and active applications, printing activity and external storages (USB, CD, DVD, HDD, memory cards). The program allows conducting control remotely no matter where you are located by sending logs to your email, FTP or LAN and viewing logs from your account online. It cannot be detected by computer users and antivirus programs. The program is perfect for parental control and controlling employees.
Main features:
  • Remote monitoring via secure web account
  • Keylogger (keystrokes logging)
  • NEW! Live Viewing – watching the screen in live mode
  • Screenshots capture
  • Making snapshots from user web camera(available for PRO license)
  • Microphone Voice Surveillance(available for PRO license)
  • WEB Camera Surveillance(available for PRO license)
  • Invisible mode
  • Remote monitoring from any place and any device (PC, tablet, smartphone)
  • Undetectable to antivirus software
  • Remote Uninstallation
  • Clipboard control
  • Facebook includes capture passwords
  • MySpace, Twitter, Google+, LinkedIn
  • Skype (Two-way dialogue interception)
  • IM Chat (Google Talk, ICQ etc)
  • Search Engines Monitoring
  • URL monitoring
  • Blocking sites: by categories (for example
    adult, dating), blacklist of URLs,
    blacklist of keywords.
  • Apps activity
  • E-mail, FTP, LAN log delivery
  • Alert keywords
  • Analytics module
  • “Black List” Sites (Alert URLs)
  • Removable Drives (USB, HDD, SD) Control
  • Printer Control
  • Domain users monitoring(available for Business licenses)


Actual Keylogger

Official website:

Actual Keylogger is a program that monitors the activity on your computer so you can discover what other users are doing on your computer when you are not present.
The keylogger software keeps track of programs run or closed, websites visited and any keystrokes pressed, and can also record screenshots and content copied to the clipboard.


  Actual Keylogger records:

  • Which applications are run and closed
  • All keystrokes pressed (keystroke logger)
  • All content copied to the clipboard
  • All print activity
  • Any disk changes
  • Any Internet connections made, and all websites visited
  • Startup/shutdown operations

     Actual Keylogger generates:

  • Screen captures for a set time period
  • Encrypted log files for all activity
  • Reports in text and html format

     Actual Keylogger provides:

  • Standard and hidden operating modes
  • Invisibility in all operating systems in hidden mode – even in process lists
  • Password protected logs for extra security
  • A convenient interface for screenshot/log view
  • Reports sent by email, FTP or local area network
  • Fast installation and flexible configuration
  • Easy-to-use interface and powerful features



Official website:

  • Web history monitoring
  • Record keystrokes
  • Monitor messengers
  • Time tracking
  • Screenshots
  • Most used Applications
  • USB drives, CD\DVD usage
  • Used files & folders
  • E-mail reports

Revealer Keylogger

Official website:

key features:

  • Conversation monitoring
    Revealer Keylogger’s powerful algorithm can record everything that is typed on the keyboard, including passwords, regardless of the application used (Skype, Facebook, MSN, AOL, ICQ, AIM, GTalk, etc.).
  • Remote monitoring
    See the recorded text from another computer, a tablet or a smartphone with delivery via email, Dropbox, FTP or LAN. You can adjust the delivery frequency of the recorded texts to once or several times per day.
  • Screenshots
    With the automatic screenshot feature, watch all the actions performed on your computer. Revealer Keylogger takes a screenshot of the desktop or the active application when the user types some text or uses the mouse.
  • Invisible mode
    Revealer Keylogger features a special protection allowing it to remain invisible in Windows tools such as Windows Task Manager, Windows Explorer or the registry.


Real Free Keylogger

Official website:

Monitoring Features:

  • Records all keystrokes, is case sensitive (keylogger), including user name and passwords
  • Records Chats & Instant Messages: Skype incoming and outgoing messeages
  • Records emails opened in popular email client software
  • Records web sites visited and preview the site in the software
  • Take screenshots at the specified time interval, which records Windows apps, PC games, web searches, webmails, video talk (web cam), YouTube videos watched and everything
  • Records full text of a .txt and .doc file opened
  • Records text data in clipboard
  • Records applications executed, with the application’s window caption and file path
  • Report Features:
  • Recorded information is stored in a encrypted log file
  • User friendly interface of log viewer and screenshot viewer
  • Generates log data to reports in html format
  • Sends reports to specified email or FTPSystem Features:
  • Auto starts with Windows Startup
  • Runs in a complete stealth mode and report secretly
  • Unhide the software control panel with hotkey and it works in your own admin account only
  • Protects the software with password
  • Works with Windows XP/Vista/7/8/10


DanuSoft Free Keylogger

Official website: unknown

Download :


BlackBox Security Monitor

Official website:

Advanced monitoring in business, educational and home environments:

  • Efficient monitoring of multiple computers over the network – up to 10 monitored computers or more, depending on the license;
  • Categorization of Web sites, typed text and sent/received messages using Natural Language Processing (NLP) engine;
  • Monitor Screen recordings, Programs, Keystrokes typed, Websites, Web Searches, Emails/Webmails/ Instant Messenger Chat sent and received;
  • Monitor Skype Instant Messenger chat and voice traffic;
  • Computer usage time;
  • Total network traffic.

Alerts and Warnings instantly or as a summary on your e-mail or cell phone:

  • Highly configurable alerts and warnings;
  • Receive alerts instantly or daily summary on your e-mail via SMTP, SMTPS and START TLS or cell phone.

Reports with monitoring data summary:

  • Basic reports set includes reports on user activities such as programs launched, websites visited, web searches, emails;
  • Extended reports set includes reports on user connections and links.
  • Privacy:
  • All monitoring data goes only on your computer, we are not communicating with any other third party;
  • All monitoring traffic and data storage is encrypted.
  • It is a product for business, educational and home environments:
  • Commercial use license.


G³ iSam

Official website:

iSam is key logger that runs hidden on your system while covertly collecting data from individual users. iSam silently records every key stroke, including passwords, takes screen shots, and allows you to see and know everything anyone does on your computer

    • Hot Key and Password protected
• Records Users Individually
• Does NOT operate on a timer | Completely user interactive
• Self Reviving if terminated
• Easily have iSam logs sent to your email
• Fine tune recording measures to fit your computer and personal needs
• Advanced search feature for finding the log files your looking for
• Watch for key words being typed
• Image preview for a quick look at what the user was doing
• Full screen image viewing
• Slide show feature lets you adjust the speed of playback and simply sit back and watch as iSam surfs through all the log files
• Ability to choose which users are being recorded and which are not
• Choose which users can access iSam via Hot Key and Password
• Requires Access to iSam to un-install
• Optional customizable Warning Banner to alert users they are being watched
• Advanced mailing features to have logs sent to your email via our server or your own Pop mail / SMTP server
• View key logs in a normal readable format, show deleted keys, or show all keys to include any key on the keyboard ever pressed
• Automatic and customizable encryption
• Scheduler for adjusting recording options to fit your schedule
• Optimization engine lets iSam to operate optimally on your system according to your tuning preferences
• Printing options
• Website Blocking



Hardware-based keylogger.


AirDrive Keylogger

Official website:

The AirDrive Keylogger is an ultra-small USB keylogger, only 0.8″ (21mm) in length. It can be accessed with any Wi-Fi device such as a computer, laptop, tablet, or smartphone.

The AirDrive Keylogger Pro is an enhanced version of the AirDrive Keylogger, with additional connectivity options. It works both as a Wi-Fi hotspot, and as a Wi-Fi device, enabling features such as Email reports, time-stamping, and data streaming.

The AirDrive Keylogger Max is the most advanced keylogger in the AirDrive Keylogger family, with all the capabilities of the Pro version, enhanced with 8 GB internal memory available as a USB Hi-speed flash drive (480Mbps).


  • Records keystrokes from any USB keyboardAirDrive Keylogger
  • 16MB internal flash memory
  • 100% stealthy, undetectable for security software
  • Supports over 40 national keyboard layouts
  • Compatible with barcode readers
  • Works as a Wi-Fi hotspot
  • Connect from any computer, smartphone, or tablet
  • Access data from web browser, no software or app necessary
  • Retrieve data remotely without touching the device
  • Simple and clear WWW interface
  • Supports WEP, WPA, and WPA-2 network security
  • Memory protected by hardware encryption

Pro and Max version:

  • Works as a Wi-Fi hotspot, or as a Wi-Fi device
  • Sends Email reports with recorded data
  • Supports time-stamping
  • Live data streaming

Max version:

  • 8 gigabytes of built-in memory
  • Memory accessible as a USB Hi-speed flash drive (480Mbps)


KeyGrabber TimeKeeper

Official website:

Date and time-stamping

The world’s smallest hardware keyloggers with date and time-stamping functionality. All the features of the standard KeyGrabber USB keyloggers, with an additional time tracking module powered by an internal battery. Flash drive mode and 8 gigabytes of memory assure quick and easy access to logged data under any operating system. Completely transparent for computer operation, no software or drivers required.


  • Built-in timestamping module and battery with over 7 years lifetime guaranteed!
  • Huge memory capacity (8 gigabytes), organized as an advanced flash FAT file system
  • Memory protected with strong 128-bit encryption
  • No software or drivers required, WindowsLinux, and Mac compatible
  • Mac Compatibility Pack (MCP) option, enhancing performance on all Mac systems
  • Transparent to computer operation, undetectable for security scanners
  • Quick and easy national layout support
  • Complete functionality of the KeyGrabber USB

SANS Whitepaper : Hardware Keyloggers

READ ALSO  Anti-keyloggers




Anti-keyloggers Software

Anti-keyloggers – ensures protection against keylogging.
SSL protection, keylogging protection, clipboard and screen logging protection

SpyShelter Anti-Keylogger

Official website:


SpyShelter Anti-Keylogger provides solid protection in real time against known and unknown “zero-day” spy and monitoring software, for example: keyloggers, screen loggers, webcam loggers, and even advanced financial malware.


  • anti keylogger
  • system protection (HIPS module)
  • keystroke encryption
  • internet security
  • webcam protection
  • screen capture protection


Anti keylogger demo in Youtube : here

Cost: 29 euros or (free version of SpyShelter: here)


Zemana AntiLogger

Official website:

Note: “Free” version of Zemana AntiLogger only encrypt keystrokes.

  • Keystroke logging protection
  • secure SSL
  • anti-ransomware
  • malware scanner
  • real time protection
  • adware removal
  • zero-day malware protection


Cost: Free or License 29,95 euro/Year


DataGuard AntiKeylogger

Official website:

DataGuard AntiKeylogger is using cutting-edge heuristics methods to detect and disable all types of potential keyloggers using analyze of its activity


Cost: it’s FREE.


Official website:


GuardedID® eliminates your vulnerability to data theft due to keylogging attacks, a leading cause of cyber crime. Unlike anti-virus and anti-malware software, GuardedID® protects your data from both known and unknown keylogger threats.

StrikeForce’s patented anti-keylogging technology secures your sensitive personal and financial information by proactively encrypting every keystroke as you type. GuardedID® also provides advanced anti-clickjacking and anti-screen capture technology, for multiple layers of protection from cyber attacks.


  • Keystroke encryption
  • Anti-clickjacking
  • Anti-screen capture
  • CryptoColor® (visual verification shows you that GuardedID® is protecting your input by highlighting what you type in a color you select)
  •  Malicious driver monitoring (detecting untrusted drivers, such as keyloggers, and displaying a warning containing the name of any suspect driver.)
  • Full protection (includes USB, wireless, PS2 and Bluetooth keyboards; can encrypt all international keyboards.)

preference menu:


Cost: US $19.99/year



Official website:



  • it should work under Windows NT 3.51 SP3, Windows 2000, and Windows XP.
  • No installation is necessary.
  • It cannot detect hardware keylogger.
  • It cannot remove the keylogger automatically. You have to do it by yourself.
  • It reports the log file. If there is a log file, there should be a keylogger

Cost: It’s FREE



Official website:


Ghostpress is a free anti-keylogging software that prevent malicious software from capturing your keyboard presses

  • Full system wide key press protection
  • Delay protection to spoof typing style
  • Developer API available on request
  • Desktop widget or favicon
  • Anti low-level keylogger
  • Ultra fast performance
  • Command line support
  • Process protection
  • Completly free
  • Portable mode
  • Whitelist


Cost: It’s FREE.


go to protection page

JCrypTool – The cryptography e-learning platform


JCrypTool — The cryptography e-learning platform

Official website .:

JCrypTool enables students, teachers, developers, and anyone else interested in cryptography to apply and analyze cryptographic algorithms in a modern, easy-to-use application. The JCT plaform creates a new way of e-learning by not just encouraging users to learn about cryptography and apply the algorithms themselves, but also to develop their own cryptographic plug-ins and extend the JCrypTool platform in new directions.





Traffic Noise Generator


Traffic Noise Generator


The author does not hold any responsibility for the bad use of this tool, remember that attacking targets without prior consent it’s illegal and punished by law.


GitHub .:

A simple python script that generates random HTTP/DNS traffic noise in the background while you go about your regular web browsing, to make your web traffic data less valuable for selling and for extra obscurity.

Tested on MacOS High Sierra, Ubuntu 16.04 and Raspbian Stretch and is compatible with both Python 2.7 and 3.6



GitHub .:

A quick and dirty HTTP/S “organic” traffic generator.

Just a simple (poorly written) Python script that aimlessly “browses” the internet by starting at pre-defined rootURLs and randomly “clicking” links on pages until the pre-defined clickDepth is met.


Official website:

Noise-as-a-service that attacks the wholesale surveillance of US citizens


Squawk: Data Retention Edition

Official website:

Creating noise-as-a-service, as an act of civil disobedience, that attacks the wholesale surveillance of Australian citizens under the data retention program.



GitHub .:

A simple program to generate views for your website

WVG, or Will’s View Generator, is a simple tool created to help you generate realistic views for your website. It uses many different user agents, referers, and proxies within the TOR network to accomplish this task. Moreover, unlike other common view generators, this program doesn’t flood the server with requests but does it at a slower pace and at random intervals to make the traffic seem more realistic. Do not use this program on websites if it violates your region’s laws or your host’s rules.



GitHub .:
Official website .:

Ostinato – Packet/Traffic Generator and Analyzer

Ostinato is a packet crafter, network traffic generator and analyzer with a friendly GUI. Also a powerful Python API for network test automation. Craft and send packets of several streams with different protocols at different rates. Think of it as “Wireshark in Reverse”.


KalEl Toolkit

GitHub .:

Kal El is a neat tool for Network Stress Testing and Penetration Testing.

Traffic Generator is a tool used to generate fake web traffic that can be used to fake page views and visitor stats. If used with TOR VPN module you will have the option to enable auto switching where it will get a new IP for each request resulting in unique visitor stats as well as page views.



GitHub .:

Traffic generator and sniffer



GitHub .:

A Simple Traffic Generator for Network Experiments

The server listens for incoming requests, and replies with a flow with the requested size (using the requested DSCP value & sending at the requested rate) for each request.

The client establishes persistent TCP connections to a list of servers and randomly generates requests over TCP connections according to the client configuration file. If no available TCP connection, the client will establish a new one. Currently, we provide two types of clients: client and incast-client for dynamic flow experiments. For client, each request only consists of one flow (fanout = 1). For incast-client, each request can consist of several synchronized incast-like flows. A request is completed only when all its flows are completed.

In the client configuration file, the user can specify the list of destination servers, the request size distribution, the Differentiated Services Code Point (DSCP) value distribution, the sending rate distribution and the request fanout distribution, .


WAN Killer

Official website .:

Perform network stress tests with WAN Killer




Official website .:

GitHub .:

Send anonymous traffic to your links by automatically loading existing proxies from the web. Multiple working sets of proxies are retrieved.


Modbus Traffic Generator

GitHub .:

This tool Generates Modbus traffic to trigger alerts in Snort Intrusion detection System. It reads Snort rules from “scada.rules” input file,parses the rules and generateS proper packet(s) that would trigger the coresponding rule alerts in the intrusion detection system.

Proxies & MITM Tools


Proxies and MITM Tools


The author does not hold any responsibility for the bad use of this tool, remember that attacking targets without prior consent it’s illegal and punished by law.

Charles proxy

Official website:

Charles is an HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP and SSL / HTTPS traffic between their machine and the Internet. This includes requests, responses and the HTTP headers (which contain the cookies and caching information).



Official website:

bettercap is the Swiss army knife for network attacks and monitoring.

$ go get


Official website:

Ettercap is a comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis.




HTTP/HTTPS proxy over SSH




HoneyProxy is a lightweight man-in-the-middle proxy that helps you analyze HTTP(S) traffic flows. It is tailored to the needs of security researchers and allows both real-time and log analysis. Being compatible with mitmproxy, it focuses on features that are useful in a forensic context and allows extended visualization capabilites.
(note: HoneyProxy is now part of mitmproxy)


GitHub :

Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. It comes with pre-made binaries (agents), a working default configuration for fast pentests, and has it’s own WebServer and DNSServer modules. Easy to set up new settings, and has an autoconfiguration when new binary agents are set.


Telerik Fiddler

Official website:

Free web debugging proxy for any browser, system or platform

  • web session manipulation
  • security testing
  • performance testing
  • HTTP/HTTPS traffic recording
  • customizable free tool
  • web debugging



Official website:


DNSChef is a highly configurable DNS proxy for Penetration Testers and Malware Analysts. A DNS proxy (aka “Fake DNS”) is a tool used for application network traffic analysis among other uses. For example, a DNS proxy can be used to fake requests for “” to point to a local machine for termination or interception instead of a real host somewhere on the Internet.



Morpheus it’s a Man-In-The-Middle (mitm) suite that allows users to manipulate tcp/udp data using ettercap, urlsnarf, msgsnarf and tcpkill as backend applications. but this tool main objective its not to provide an easy way to exploit/sniff targets, but ratter a call of attemption to tcp/udp manipulations technics (etter filters).




SSH man-in-the-middle tool

This penetration testing tool allows an auditor to intercept SSH connections. A patch applied to the OpenSSH v7.5p1 source code causes it to act as a proxy between the victim and their intended SSH server; all plaintext passwords and sessions are logged to disk.



Official website:
GitHub :

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.


OWASP Zed Attack Proxy (ZAP)


The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its also a great tool for experienced pentesters to use for manual security testing.




A Java based HTTP/HTTPS proxy for assessing web application vulnerability. It supports editing/viewing HTTP messages on-the-fly. Other featuers include spiders, client certificate, proxy-chaining, intelligent scanning for XSS and SQL injections etc.

Hex Editors software for ITSEC


Hex Editors

Online Editing

Hex Editor online – Official website:

Hex-works – Official website:

Online Hexeditor – Official website:



Official website:

UltraEdit is a commercial text editor for Microsoft Windows, Linux and OS X created in 1994 by the founder of IDM Computer Solutions Inc., Ian D. Mead. The editor contains tools for programmers, including macros, configurable syntax highlighting, code folding, file type conversions, project management, regular expressions for search-and-replace, a column-edit mode, remote editing of files via FTP, interfaces for APIs or command lines of choice, and more. Files can be browsed and edited in tabs, and it also supports Unicode and hex editing mode.

Key features:

  • Facilitates the opening and editing of large files, up to 4GB and greater in size
  • Native 64-bit architecture
  • Multi-caret editing and multi-select
  • Document map navigation
  • Column (block) mode editing
  • Regular expression find and replace
  • Find/Replace in Files
  • Extensible code highlighting, with ‘wordfiles’ already available for many languages
  • Code folding and hierarchical function listing
  • Beautify and reformat source code
  • XML editing features, such as XML tree view, reformatting and validation
  • Auto-closing XML and HTML tags
  • Smart templates for code completion
  • Editor themes
  • Integrated FTP, SSH, telnet
  • Hex editing
  • Log file polling
  • File/data sorting
  • File encryption and decryption
  • Project management
  • Bookmarking
  • Automation via macros and scripts
  • Integrated file compare


Hackman Suite

Official website:

Hackman Suite is a multi-module all purpose debugging tool. It includes a hex editor, a disassembler, a template editor, a hex calculator and other everyday useful tools to assist programmers and code testers with the most common tasks.


HxD – Freeware Hex Editor and Disk Editor

Official website:

HxD is a carefully designed and fast hex editor which, additionally to raw disk editing and modifying of main memory (RAM), handles files of any size.

The easy to use interface offers features such as searching and replacing, exporting, checksums/digests, insertion of byte patterns, a file shredder, concatenation or splitting of files, statistics and much more.

Editing works like in a text editor with a focus on a simple and task-oriented operation, as such functions were streamlined to hide differences that are purely technical.
For example, drives and memory are presented similar to a file and are shown as a whole, in contrast to a sector/region-limited view that cuts off data which potentially belong together. Drives and memory can be edited the same way as a regular file including support for undo. In addition, memory-sections define a foldable region and inaccessible sections are hidden by default.

Hxd Hex editor


Free Hex Editor Neo

Official website:

Free Hex Editor Neo is the fastest large files optimized binary file editor for Windows platform developed by HHD Software Ltd. It’s distributed under “Freemium” model and provides you with all basic editing features for free.

Free Hex Editor



Official website:

ZTreeWin is a fast and flexible text-mode file/directory manager for all versions of Windows.  It has been developed as the successor to the legendary DOS file-manager XTreeGold.  Anyone who has used that remarkable program would be aware of its superior capabilities as a text-mode, tree-structured file-manager – but would also likely be aware that its limited memory support, and lack of long filename support are today a major issue.
ZTreeWin is a native Windows program (both 32-bit and 64-bit) that has been developed to provide all the powerful functionality of the past (and much more!), while avoiding all the limitations of the old DOS-based program.



Hex Fiend

Official website:

A fast and clever open source hex editor
for Mac OS X.





Synalyze It!

Official website:

Reverse Engineering and Binary File Analysis



Official website:

professional Hex Edito.

  • edit files of unlimited size.
  • compare files, compute checksums, decode numbers or display a histogram of binary file.
  • create a grammar for your file formats and decode them automatically.
  • Advanced search lets you find text, numbers or masks.
  • automate routine work with Python scripts
  • many grammars for various file formats can be downloaded for free.




Cygnus Hex Editor FREE EDITION

Official website:

Key features:

  • Fast, simple operation; delete and insert data as easily as with any word processor
  • Blazingly fast search quickly searches or replaces any combination of text and binary data
  • Multi-level undo and redo
  • Extensive drag and drop support
  • MDI (Multiple Document Interface) design allows side-by-side editing; supports multiple views of the same file
  • Dockable and moveable toolbars; state and position of main window and toolbars saved between sessions
  • Easily print all or any portion of a file; Print Preview command
  • Edit files up to available virtual memory (up to 2GB)
  • Reload command re-opens the current file from disk
  • Extensive, context-sensitive, on-line help
  • And lots more!





Official website:

0xED is a native OS X hex editor based on the Cocoa framework.

Key features:

Fast editing of large files.
Unlimited file size (limited by what the actual file system supports).
Small memory footprint.
Instant opening of files of any size.
Remains responsive with 1 million+ edits.
Supports all normal text editor keyboard shortcuts.
HFS+ compatible.
Resource fork editing.
Full hex/text search/replace.
Binary/text Cut/copy/paste support.
Main window is sizable.
Plug-in system to display your custom data types.
Requires Mac OS X 10.6 or newer.
Intel 32/64 bit binary.
Localizations available: Italian, Finnish, French, German, Simplified Chinese.
Free of charge.


Pentest with Docker


Docker container for Penetration Testing


The author does not hold any responsibility for the bad use of this tool, remember that attacking targets without prior consent it’s illegal and punished by law.

docker for pentest



Note: The docker pull command serves for downloading Docker images from a registry (default pulls images from Docker Hub)


Official Kali Linux for Docker

Short Description: This Kali Linux Docker image provides a minimal base install of the latest version of the Kali Linux Rolling

Docker Pull Command:

docker pull kalilinux/kali-linux-docker



Metasploit for Docker

Short Description: Metasploit image with steroids (nmap, tor and postgress)

docker pull strm/metasploit


Metasploit Framework for Docker

Short Description: An image of the famous Metasploit-Framework tool for pentesting.

docker pull phocean/msf



Metasploitable2 for Docker

Metasploitable2 – pristine condition

docker pull meknisa/metasploitable-base




Social Engineer Toolkit (SET) for Docker

Short Description: Dockerfile for building a Social Engineer Toolkit (SET) container



OWASP Zed Attack Proxy for Docker

Short Description: Current stable OWASP Zed Attack Proxy release in embedded docker container

docker pull owasp/zap2docker-stable


WPSCAN for Docker

Short Description: WPScan is a black box WordPress vulnerability scanner

docker pull wpscanteam/wpscan



Damn Vulnerable Web Application (DVWA) for Docker

Short Description: Ubuntu container with v1.9 of Damn Vulnerable Web App (

docker pull originalsix/docker-dvwa



Vulnerable WordPress for Docker

Short Description: Vulnerable WordPress container

docker pull wpscanteam/vulnerablewordpress



Dockerfile for BeEF (the Browser Exploitation Framework)

for Docker

Short Description: This Dockerfile allows to build a Docker image for the BeEF framework for XSS browser exploitation

docker pull janes/beef



OWASP Mutillidae II Web Pen-Test Practice Application

Short Description: Docker container for OWASP Mutillidae II Web Pen-Test Practice Application

docker pull citizenstig/nowasp



OWASP Juice Shop for Docker

Short Description: OWASP Juice Shop – An intentionally insecure Javascript Web Application

docker pull bkimminich/juice-shop



The Docker Bench for Security checks

Short Description: The Docker Bench for Security checks for all the automatable tests in the CIS Docker 1.6 Benchmark.

docker pull diogomonica/docker-bench-security



OpenDNS Security Ninjas AppSec Training for Docker

Short Description: Security Ninjas: An Open Source Application Security Training Program.

docker pull opendns/security-ninjas



OWASP WebGoat Project for Docker

Short Description: OWASP WebGoat Project docker image

docker pull danmx/docker-owasp-webgoat



The OWASP Security Shepherd project for Docker

Short Description: The OWASP Security Shepherd project is a web and mobile application security training platform.

The OWASP Security Shepherd Project is a web and mobile application security training platform. Security Shepherd has been designed to foster and improve security awareness among a varied skill-set demographic. The aim of this project is to take AppSec novices or experienced engineers and sharpen their penetration testing skill set to security expert status.

docker pull ismisepaul/securityshepherd



The OWASP NodeGoat project for Docker

Short Description: The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.



Shellshock (Vulnerability as a service) for Docker

Short Description: Vulnerability as a service: showcasing CVS-2014-6271, a.k.a. Shellshock.

This docker container is based on Debian Wheezy and has been modified to use a vulernable version of Bash (bash_4.2:2b:dfsg-0.1).

docker pull hmlio/vaas-cve-2014-6271



Heartbleed (Vulnerability as a service) for Docker

Short Description: Vulnerability as a service: showcasing CVS-2014-0160, a.k.a. Heartbleed

A Debian (Wheezy) Linux system with a vulnerable version of libssl and openssl and a web server to showcase CVS-2014-0160, a.k.a. Heartbleed.

docker pull hmlio/vaas-cve-2014-0160



SambaCry (Vulnerability as a service) for Docker

Short Description: SambaCry remote vulnerable environment with Samba 4.5.9

Samba in 4.5.9 version and before that is vulnerable to a remote code execution vulnerability named SambaCry. CVE-2017-7494 allows remote authenticated users to upload a shared library to a writable shared folder, and perform code execution attacks to take control of servers that host vulnerable Samba services.

docker pull vulnerables/cve-2017-7494


WackoPicko for Docker

Short Description: WackoPicko is a vulnerable web application used to test web application vulnerability scanners. (infos from github)

docker pull adamdoupe/wackopicko


Max size for attachments by provider (Outlook, Facebook, snapchat, Gmail and more)


Max attachments size limits list by provider

Alibaba: 10Mb
Aol Mail: 25Mb
Domino 9.0.1: 10Mb
Facebook: 25Mb
FastMail: 50mb
Gandi: 25Mb
Gmail: 25Mb (50Mb only for incoming mails)
Gmx: 50Mb
GoDaddy: 20Mb 25mb
Lycos Mail: 35Mb 50Mb 20Mb
MailGun: 25Mb (message including attachments)
Mailfence: 10Mb
Microsoft outlook: 20Mb
Mozilla Thunderbird: 20Mb
Office 365: default 25Mb customizable max: 150Mb
Outlook 2010: 20Mb
Outlook 2013: 20Mb 10Mb
Ovh: 20Mo (webmail) / 100Mb Desktop client
ProtonMail: 25Mb
SnapChat: video 31Mb / image 5Mb
Tutanota: 25mb
WhatsApps: 100Mb
Yahoo Mail: 25 Mb
Yandex Mail: 10Mb
Zoho Mail: 20Mb
Fastdomain: 35Mb
ICloud: 20Mb 35Mb 25Mb 20Mb