Free Software
These tools have been released under the GNU Public License by Immunity. By releasing tools, such as these, we hope to demonstrate our knowledge leadership, and give back to the security community as a whole.Ply 1.4 C
A modified version of ply version 1.4 (current is 2.2) used internally by MOSDEF.
Download current source tree
Unmidl
A Python utility for recovering typelib data, similar to Matthew Chapman's "muddle" program. Especially useful when a contractor has delivered a server but forgotten to include the interface file.
Download Current Tarball
libdisassemble
A Python library that will disassemble X86.
Download Current Tarball
SPIKE
When you need to analyze a new network protocol for buffer overflows or similar weaknesses,
the SPIKE is the tool of choice for professionals. While it requires a strong knowledge of
C to use, it produces results second to none in the field. SPIKE is available for the Linux
platform only.
Download Current Tarball
|
Papers on SPIKE
|
Access SPIKE Mailing List
SPIKE Proxy
Not all web applications are built in the same ways, and hence, many must be analyzed
individually. SPIKE Proxy is a professional-grade tool for looking for application-level
vulnerabilities in web applications. SPIKE Proxy covers the basics, such as SQL Injection
and cross-site-scripting, but it's completely open Python infrastructure allows advanced
users to customize it for web applications that other tools fall apart on. SPIKE Proxy is
available for Linux and Windows.
Note: that SPIKE Proxy requires a working install of Python and pyOpenSSL on Linux.
This is included in the Windows distribution
Download for Linux
|
Download for Windows
|
Access SPIKE Mailing List
Unmask
Unmask was released in 2002 as a demonstration of how to fingerprint users based only on
their emails or IRC postings.
Download
MOSDEF
MOSDEF is a next generation exploitation tool. As a pure-Python C compiler, it offers
advantages other techniques don't.
Download
|
Papers
|
Mailing List
Sharefuzz
The original environment variable fuzzer for Unixes that support loading a shared library. (AUTHOR: Dave Aitel. License: GPL)
Download