WhatWeb (web scanner )



WhatWeb is a web scanner



WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1700 plugins, each to recognise something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more.

WhatWeb can be stealthy and fast, or thorough but slow. WhatWeb supports an aggression level to control the trade off between speed and reliability. When you visit a website in your browser, the transaction includes many hints of what web technologies are powering that website. Sometimes a single webpage visit contains enough information to identify a website but when it does not, WhatWeb can interrogate the website further. The default level of aggression, called ‘stealthy’, is the fastest and requires only one HTTP request of a website. This is suitable for scanning public websites. More aggressive modes were developed for use in penetration tests.

Most WhatWeb plugins are thorough and recognise a range of cues from subtle to obvious. For example, most WordPress websites can be identified by the meta HTML tag, e.g. ”, but a minority of WordPress websites remove this identifying tag but this does not thwart WhatWeb. The WordPress WhatWeb plugin has over 15 tests, which include checking the favicon, default installation files, login pages, and checking for “/wp-content/” within relative links.

download : v0.4.9

This product is subject to the terms detailed in the license agreement. For more information about WhatWeb visit:

	Homepage:	http://www.morningstarsecurity.com/research/whatweb
	Wiki:		https://github.com/urbanadventurer/WhatWeb/wiki/

novahot – A webshell framework for penetration testers.


novahot – A webshell framework for penetration testers.

github: https://github.com/chrisallenlane/novahot



novahot is a webshell framework for penetration testers. It implements a JSON-based API that can communicate with trojans written in any language. By default, it ships with trojans written in PHP, ruby, and python.



The author does not hold any responsibility for the bad use of this tool, remember that attacking targets without prior consent it’s illegal and punished by law.

Online tools – GRABIFY (IP logger)


GRABIFY Create or Track URLs

website url: https://grabify.link/


Grabify IP Logger helps you track who has clicked your links. Track IP addresses, find IPs from Facebook, Twitter, friends on other sites.




How to use it:

  1. Enter a URL that you want Grabify to track.
  2. Give the link Grabify generated to the client.
  3. Save your tracking code that was generated when Grabify generated the link.
  4. Enter the tracking code on the home page and click “Tracking Code” to see all the information captured with Grabify.

WiFi HID Injector


WiFi HID Injector – An USB Rubberducky / BadUSB On Steroids.

Description: Remote WiFi HID Keyboard Injector

It stands for WiFi HID Injector. It is a WiFi remotely-controlled {Keyboard, Mouse} Emulator. Practically is an USB Rubberducky or BadUSB device on Steroids!

Github: https://github.com/whid-injector/WHID

Youtube tutorial: https://youtu.be/ADqMCKtufNY

QRadar Community Edition


QRadar Community Edition

QRadar Community Edition is a free version of QRadar that is based off of our core enterprise SIEM. Users, students, security professionals, and app developers are encouraged to download QRadar Community Edition to learn and become familiar with QRadar. This version is limited to 50 events per second and 5,000 network flows a minute, supports apps, but is based on a smaller footprint for non-enterprise use. Download, contribute, create, and engage with an ensemble of users leveraging security at home or in labs with QRadar Community Edition 7.3.1.

download: qradar ce


CertGraph – An open source intelligence tool to crawl the graph of certificate



An open source intelligence tool to crawl the graph of certificate Alternate RamesA tool to crawl the graph of certificate Alternate Names


CertGraph crawls SSL certificates creating a directed graph where each domain is a node and the certificate alternative names for that domain’s certificate are the edges to other domain nodes. New domains are printed as they are found. In Detailed mode upon completion the Graph’s adjacency list is printed

Github: https://github.com/lanrat/certgraph

A web UI is provided in the docs folder and is accessible at the github pages url https://lanrat.github.io/certgraph/.

Sitadel – Web Application Security Scanner


Sitadel – Web Application Security Scanner


Sitadel is basically an update for WAScan making it compatible for python >= 3.4 It allows more flexibility for you to write new modules and implement new features :

  • Frontend framework detection
  • Content Delivery Network detection
  • Define Risk Level to allow for scans
  • Plugin system
  • Docker image available to build and run

github : Sitadel



  • Server
  • Web Frameworks (CakePHP,CherryPy,…)
  • Frontend Frameworks (AngularJS,MeteorJS,VueJS,…)
  • Web Application Firewall (Waf)
  • Content Management System (CMS)
  • Operating System (Linux,Unix,..)
  • Language (PHP,Ruby,…)
  • Cookie Security
  • Content Delivery Networks (CDN)


    • Bruteforce
      • Admin Interface
      • Common Backdoors
      • Common Backup Directory
      • Common Backup File
      • Common Directory
      • Common File
      • Log File
    • Injection
      • HTML Injection
      • SQL Injection
      • LDAP Injection
      • XPath Injection
      • Cross Site Scripting (XSS)
      • Remote File Inclusion (RFI)
      • PHP Code Injection
    • Other
      • HTTP Allow Methods
      • HTML Object
      • Multiple Index
      • Robots Paths
      • Web Dav
      • Cross Site Tracing (XST)
      • PHPINFO
      • .Listing
    • Vulnerabilities
      • ShellShock
      • Anonymous Cipher (CVE-2007-1858)
      • Crime (SPDY) (CVE-2012-4929)
      • Struts-Shock

Two-Factor Authentication (2FA) for WordPress



Two-Factor Authentication (2FA) for WordPress

Description : Enable Two-Factor Authentication using time-based one-time passwords (OTP, Google Authenticator), Universal 2nd Factor (FIDO U2F, YubiKey), email and backup verification codes.


wordpress 2FA


Github: https://github.com/georgestephanis/two-factor
Website: https://stephanis.info/2013/08/14/two-cents-on-two-factor/




wordpress 2FA

Keyloggers Software list


Keyloggers Software list for Security Team.

The author does not hold any responsibility for the bad use of this tool, remember that attacking targets without prior consent it’s illegal and punished by law.

This is the short list of keyloggers:

  • Elite Keylogger
  • All in One Keylogger
  • Bozok
  • Revealer Keylogger Pro
  • Advanced Keylogger
  • REFOG Free Keylogger
  • NetWire 
  • Free Keylogger
  • DanuSoft Free Keylogger
  • Award Keylogger Pro
  • DarkComet
  • Invisible Keylogger Stealth
  • CyberGate Excel 
  • Looxee
  • Keylog-TVC
  • StatWin Pro
  • Keylog-Small.b
  • W32/Buchon.c!keylog
  • Keylog-Hothook.dr
  • Keylog-Small.c.dr
  • Lost Door

Note: will be updated soon with separation of malware & spy programs / I will don’t add the public link for Malware keyloggers.

REFOG Free Keylogger

Official website: https://www.refog.com/free-keylogger/

Free Keylogger

Official website: http://www.iwantsoft.com/free-keylogger.htm

Free keylogger is  a compact, stealthy and highly efficient keylogger designed for silent monitoring of nearly all activities on a user’s computer. Covering all major areas of interest, such as web browsing, software usage and text input, it provides the observer a detailed picture of how the system was used.

Text entry is intercepted on the lowest level, which means that literally every keystroke is recorded, no passwords remain hidden and no messages slip through unnoticed. Anything copied to the system clipboard is captured, every URL visited and link clicked is reliably logged into a report.

Spyrix Personal Monitor

Official website: http://www.spyrix.com/

Spyrix Personal Monitor is a powerful multifunctional program for complete and detailed REMOTE MONITORING of user activity. It can monitor keyboard (Keylogger) activity, activity on social networks (Facebook, MySpace etc.), web-surfing, Skype, IM Messengers (ICQ, MSN etc.), running and active applications, printing activity and external storages (USB, CD, DVD, HDD, memory cards). The program allows conducting control remotely no matter where you are located by sending logs to your email, FTP or LAN and viewing logs from your account online. It cannot be detected by computer users and antivirus programs. The program is perfect for parental control and controlling employees.
Main features:
  • Remote monitoring via secure web account
  • Keylogger (keystrokes logging)
  • NEW! Live Viewing – watching the screen in live mode
  • Screenshots capture
  • Making snapshots from user web camera(available for PRO license)
  • Microphone Voice Surveillance(available for PRO license)
  • WEB Camera Surveillance(available for PRO license)
  • Invisible mode
  • Remote monitoring from any place and any device (PC, tablet, smartphone)
  • Undetectable to antivirus software
  • Remote Uninstallation
  • Clipboard control
  • Facebook includes capture passwords
  • MySpace, Twitter, Google+, LinkedIn
  • Skype (Two-way dialogue interception)
  • IM Chat (Google Talk, ICQ etc)
  • Search Engines Monitoring
  • URL monitoring
  • Blocking sites: by categories (for example
    adult, dating), blacklist of URLs,
    blacklist of keywords.
  • Apps activity
  • E-mail, FTP, LAN log delivery
  • Alert keywords
  • Analytics module
  • “Black List” Sites (Alert URLs)
  • Removable Drives (USB, HDD, SD) Control
  • Printer Control
  • Domain users monitoring(available for Business licenses)


Actual Keylogger

Official website: http://www.actualkeylogger.com/

Actual Keylogger is a program that monitors the activity on your computer so you can discover what other users are doing on your computer when you are not present.
The keylogger software keeps track of programs run or closed, websites visited and any keystrokes pressed, and can also record screenshots and content copied to the clipboard.


  Actual Keylogger records:

  • Which applications are run and closed
  • All keystrokes pressed (keystroke logger)
  • All content copied to the clipboard
  • All print activity
  • Any disk changes
  • Any Internet connections made, and all websites visited
  • Startup/shutdown operations

     Actual Keylogger generates:

  • Screen captures for a set time period
  • Encrypted log files for all activity
  • Reports in text and html format

     Actual Keylogger provides:

  • Standard and hidden operating modes
  • Invisibility in all operating systems in hidden mode – even in process lists
  • Password protected logs for extra security
  • A convenient interface for screenshot/log view
  • Reports sent by email, FTP or local area network
  • Fast installation and flexible configuration
  • Easy-to-use interface and powerful features



Official website: http://kidlogger.net/

  • Web history monitoring
  • Record keystrokes
  • Monitor messengers
  • Time tracking
  • Screenshots
  • Most used Applications
  • USB drives, CD\DVD usage
  • Used files & folders
  • E-mail reports

Revealer Keylogger

Official website:  https://www.logixoft.com/index

key features:

  • Conversation monitoring
    Revealer Keylogger’s powerful algorithm can record everything that is typed on the keyboard, including passwords, regardless of the application used (Skype, Facebook, MSN, AOL, ICQ, AIM, GTalk, etc.).
  • Remote monitoring
    See the recorded text from another computer, a tablet or a smartphone with delivery via email, Dropbox, FTP or LAN. You can adjust the delivery frequency of the recorded texts to once or several times per day.
  • Screenshots
    With the automatic screenshot feature, watch all the actions performed on your computer. Revealer Keylogger takes a screenshot of the desktop or the active application when the user types some text or uses the mouse.
  • Invisible mode
    Revealer Keylogger features a special protection allowing it to remain invisible in Windows tools such as Windows Task Manager, Windows Explorer or the registry.


Real Free Keylogger

Official website: http://www.realspysoftware.com/

Monitoring Features:

  • Records all keystrokes, is case sensitive (keylogger), including user name and passwords
  • Records Chats & Instant Messages: Skype incoming and outgoing messeages
  • Records emails opened in popular email client software
  • Records web sites visited and preview the site in the software
  • Take screenshots at the specified time interval, which records Windows apps, PC games, web searches, webmails, video talk (web cam), YouTube videos watched and everything
  • Records full text of a .txt and .doc file opened
  • Records text data in clipboard
  • Records applications executed, with the application’s window caption and file path
  • Report Features:
  • Recorded information is stored in a encrypted log file
  • User friendly interface of log viewer and screenshot viewer
  • Generates log data to reports in html format
  • Sends reports to specified email or FTPSystem Features:
  • Auto starts with Windows Startup
  • Runs in a complete stealth mode and report secretly
  • Unhide the software control panel with hotkey and it works in your own admin account only
  • Protects the software with password
  • Works with Windows XP/Vista/7/8/10


DanuSoft Free Keylogger

Official website: unknown

Download : http://www.filesriver.com/app/275/danusoft-free-keylogger


BlackBox Security Monitor

Official website: http://www.asmsoftware.com/Products.aspx

Advanced monitoring in business, educational and home environments:

  • Efficient monitoring of multiple computers over the network – up to 10 monitored computers or more, depending on the license;
  • Categorization of Web sites, typed text and sent/received messages using Natural Language Processing (NLP) engine;
  • Monitor Screen recordings, Programs, Keystrokes typed, Websites, Web Searches, Emails/Webmails/ Instant Messenger Chat sent and received;
  • Monitor Skype Instant Messenger chat and voice traffic;
  • Computer usage time;
  • Total network traffic.

Alerts and Warnings instantly or as a summary on your e-mail or cell phone:

  • Highly configurable alerts and warnings;
  • Receive alerts instantly or daily summary on your e-mail via SMTP, SMTPS and START TLS or cell phone.

Reports with monitoring data summary:

  • Basic reports set includes reports on user activities such as programs launched, websites visited, web searches, emails;
  • Extended reports set includes reports on user connections and links.
  • Privacy:
  • All monitoring data goes only on your computer, we are not communicating with any other third party;
  • All monitoring traffic and data storage is encrypted.
  • It is a product for business, educational and home environments:
  • Commercial use license.


G³ iSam

Official website: http://safepics.tripleg-3.com/

iSam is key logger that runs hidden on your system while covertly collecting data from individual users. iSam silently records every key stroke, including passwords, takes screen shots, and allows you to see and know everything anyone does on your computer

    • Hot Key and Password protected
• Records Users Individually
• Does NOT operate on a timer | Completely user interactive
• Self Reviving if terminated
• Easily have iSam logs sent to your email
• Fine tune recording measures to fit your computer and personal needs
• Advanced search feature for finding the log files your looking for
• Watch for key words being typed
• Image preview for a quick look at what the user was doing
• Full screen image viewing
• Slide show feature lets you adjust the speed of playback and simply sit back and watch as iSam surfs through all the log files
• Ability to choose which users are being recorded and which are not
• Choose which users can access iSam via Hot Key and Password
• Requires Access to iSam to un-install
• Optional customizable Warning Banner to alert users they are being watched
• Advanced mailing features to have logs sent to your email via our server or your own Pop mail / SMTP server
• View key logs in a normal readable format, show deleted keys, or show all keys to include any key on the keyboard ever pressed
• Automatic and customizable encryption
• Scheduler for adjusting recording options to fit your schedule
• Optimization engine lets iSam to operate optimally on your system according to your tuning preferences
• Printing options
• Website Blocking



Hardware-based keylogger.


AirDrive Keylogger

Official website: https://www.keelog.com/

The AirDrive Keylogger is an ultra-small USB keylogger, only 0.8″ (21mm) in length. It can be accessed with any Wi-Fi device such as a computer, laptop, tablet, or smartphone.

The AirDrive Keylogger Pro is an enhanced version of the AirDrive Keylogger, with additional connectivity options. It works both as a Wi-Fi hotspot, and as a Wi-Fi device, enabling features such as Email reports, time-stamping, and data streaming.

The AirDrive Keylogger Max is the most advanced keylogger in the AirDrive Keylogger family, with all the capabilities of the Pro version, enhanced with 8 GB internal memory available as a USB Hi-speed flash drive (480Mbps).


  • Records keystrokes from any USB keyboardAirDrive Keylogger
  • 16MB internal flash memory
  • 100% stealthy, undetectable for security software
  • Supports over 40 national keyboard layouts
  • Compatible with barcode readers
  • Works as a Wi-Fi hotspot
  • Connect from any computer, smartphone, or tablet
  • Access data from web browser, no software or app necessary
  • Retrieve data remotely without touching the device
  • Simple and clear WWW interface
  • Supports WEP, WPA, and WPA-2 network security
  • Memory protected by hardware encryption

Pro and Max version:

  • Works as a Wi-Fi hotspot, or as a Wi-Fi device
  • Sends Email reports with recorded data
  • Supports time-stamping
  • Live data streaming

Max version:

  • 8 gigabytes of built-in memory
  • Memory accessible as a USB Hi-speed flash drive (480Mbps)


KeyGrabber TimeKeeper

Official website: https://www.keelog.com/

Date and time-stamping

The world’s smallest hardware keyloggers with date and time-stamping functionality. All the features of the standard KeyGrabber USB keyloggers, with an additional time tracking module powered by an internal battery. Flash drive mode and 8 gigabytes of memory assure quick and easy access to logged data under any operating system. Completely transparent for computer operation, no software or drivers required.


  • Built-in timestamping module and battery with over 7 years lifetime guaranteed!
  • Huge memory capacity (8 gigabytes), organized as an advanced flash FAT file system
  • Memory protected with strong 128-bit encryption
  • No software or drivers required, WindowsLinux, and Mac compatible
  • Mac Compatibility Pack (MCP) option, enhancing performance on all Mac systems
  • Transparent to computer operation, undetectable for security scanners
  • Quick and easy national layout support
  • Complete functionality of the KeyGrabber USB

SANS Whitepaper : Hardware Keyloggers





Anti-keyloggers Software

Anti-keyloggers – ensures protection against keylogging.
SSL protection, keylogging protection, clipboard and screen logging protection

SpyShelter Anti-Keylogger

Official website: https://www.spyshelter.com/


SpyShelter Anti-Keylogger provides solid protection in real time against known and unknown “zero-day” spy and monitoring software, for example: keyloggers, screen loggers, webcam loggers, and even advanced financial malware.


  • anti keylogger
  • system protection (HIPS module)
  • keystroke encryption
  • internet security
  • webcam protection
  • screen capture protection


Anti keylogger demo in Youtube : here

Cost: 29 euros or (free version of SpyShelter: here)


Zemana AntiLogger

Official website: https://www.zemana.com/antilogger

Note: “Free” version of Zemana AntiLogger only encrypt keystrokes.

  • Keystroke logging protection
  • secure SSL
  • anti-ransomware
  • malware scanner
  • real time protection
  • adware removal
  • zero-day malware protection


Cost: Free or License 29,95 euro/Year


DataGuard AntiKeylogger

Official website: https://qpdownload.com/dataguard-antikeylogger-free/

DataGuard AntiKeylogger is using cutting-edge heuristics methods to detect and disable all types of potential keyloggers using analyze of its activity


Cost: it’s FREE.


Official website: https://www.strikeforcecpg.com/guardedid/


GuardedID® eliminates your vulnerability to data theft due to keylogging attacks, a leading cause of cyber crime. Unlike anti-virus and anti-malware software, GuardedID® protects your data from both known and unknown keylogger threats.

StrikeForce’s patented anti-keylogging technology secures your sensitive personal and financial information by proactively encrypting every keystroke as you type. GuardedID® also provides advanced anti-clickjacking and anti-screen capture technology, for multiple layers of protection from cyber attacks.


  • Keystroke encryption
  • Anti-clickjacking
  • Anti-screen capture
  • CryptoColor® (visual verification shows you that GuardedID® is protecting your input by highlighting what you type in a color you select)
  •  Malicious driver monitoring (detecting untrusted drivers, such as keyloggers, and displaying a warning containing the name of any suspect driver.)
  • Full protection (includes USB, wireless, PS2 and Bluetooth keyboards; can encrypt all international keyboards.)

preference menu:


Cost: US $19.99/year



Official website: http://dewasoft.com/privacy/kldetector.htm



  • it should work under Windows NT 3.51 SP3, Windows 2000, and Windows XP.
  • No installation is necessary.
  • It cannot detect hardware keylogger.
  • It cannot remove the keylogger automatically. You have to do it by yourself.
  • It reports the log file. If there is a log file, there should be a keylogger

Cost: It’s FREE



Official website:  https://hendrik.tf/ghostpress.html


Ghostpress is a free anti-keylogging software that prevent malicious software from capturing your keyboard presses

  • Full system wide key press protection
  • Delay protection to spoof typing style
  • Developer API available on request
  • Desktop widget or favicon
  • Anti low-level keylogger
  • Ultra fast performance
  • Command line support
  • Process protection
  • Completly free
  • Portable mode
  • Whitelist


Cost: It’s FREE.


go to protection page