Add Covenant, fix grammar, move Commando VM to Windows section.

2025-01-09 06:07:55 -05:00 · 2019-04-03 00:15:44 -04:00 · 2019-04-03 00:15:44 -04:00 · 2bf587dcad
commit 2bf587dcad
parent 745e1b14a7
1 changed files with 5 additions and 4 deletions
--- a/README.md
+++ b/README.md
@ -417,7 +417,7 @@ See also [Defcon Suggested Reading](https://www.defcon.org/html/links/book-list.
 * [JCS](https://github.com/TheM4hd1/JCS) - Joomla Vulnerability Component Scanner with automatic database updater from exploitdb and packetstorm.
 * [Netsparker Application Security Scanner](https://www.netsparker.com/) - Application security scanner to automatically find security flaws.
 * [Nikto](https://cirt.net/nikto2) - Noisy but fast black box web server and web application vulnerability scanner.
-* [SQLmate](https://github.com/UltimateHackers/sqlmate) - A friend of sqlmap that identifies sqli vulnerabilities based on a given dork and website (optional).
+* [SQLmate](https://github.com/UltimateHackers/sqlmate) - Friend of `sqlmap` that identifies SQLi vulnerabilities based on a given dork and (optional) website.
 * [SecApps](https://secapps.com/) - In-browser web application security testing suite.
 * [WPScan](https://wpscan.org/) - Black box WordPress vulnerability scanner.
 * [Wapiti](http://wapiti.sourceforge.net/) - Black box web application vulnerability scanner with built-in fuzzer.
@ -545,7 +545,7 @@ See also [Defcon Suggested Reading](https://www.defcon.org/html/links/book-list.
 * [SecTools](http://sectools.org/) - Top 125 Network Security Tools.
 * [Security Talks](https://github.com/PaulSec/awesome-sec-talks) - Curated list of security conferences.
 * [Security](https://github.com/sbilly/awesome-security) - Software, libraries, documents, and other resources.
-* [Serverless Security](https://github.com/puresec/awesome-serverless-security/) - A curated list of awesome serverless security resources such as (e)books, articles, whitepapers, blogs and research papers.
+* [Serverless Security](https://github.com/puresec/awesome-serverless-security/) - Curated list of awesome serverless security resources such as (e)books, articles, whitepapers, blogs and research papers.
 * [Shell Scripting](https://github.com/alebcay/awesome-shell) - Command line frameworks, toolkits, guides and gizmos.
 * [YARA](https://github.com/InQuest/awesome-yara) - YARA rules, tools, and people.
@ -568,7 +568,6 @@ See also [Defcon Suggested Reading](https://www.defcon.org/html/links/book-list.
 * [Parrot](https://www.parrotsec.org/) - Distribution similar to Kali, with support for multiple hardware architectures.
 * [PentestBox](https://pentestbox.org/) - Open source pre-configured portable penetration testing environment for the Windows Operating System.
 * [The Pentesters Framework](https://github.com/trustedsec/ptf) - Distro organized around the Penetration Testing Execution Standard (PTES), providing a curated collection of utilities that omits less frequently used utilities.
 * [Commando VM](https://github.com/fireeye/commando-vm) - Windows-based security distribution for penetration testing and red teaming.
 ## Periodicals
@ -694,7 +693,7 @@ See also [awesome-reversing](https://github.com/tylerha97/awesome-reversing).
 * [Offensive Web Testing Framework (OWTF)](https://www.owasp.org/index.php/OWASP_OWTF) - Python-based framework for pentesting Web applications based on the OWASP Testing Guide.
 * [Raccoon](https://github.com/evyatarmeged/Raccoon) - High performance offensive security tool for reconnaissance and vulnerability scanning.
 * [SQLmap](http://sqlmap.org/) - Automatic SQL injection and database takeover tool.
-* [VHostScan](https://github.com/codingo/VHostScan) - A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages.
+* [VHostScan](https://github.com/codingo/VHostScan) - Virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages.
 * [WPSploit](https://github.com/espreto/wpsploit) - Exploit WordPress-powered websites with Metasploit.
 * [Wappalyzer](https://www.wappalyzer.com/) - Wappalyzer uncovers the technologies used on websites.
 * [WhatWaf](https://github.com/Ekultek/WhatWaf) - Detect and bypass web application firewalls and protection systems.
@ -716,6 +715,8 @@ See also [awesome-reversing](https://github.com/tylerha97/awesome-reversing).
 * [Active Directory and Privilege Escalation (ADAPE)](https://github.com/hausec/ADAPE-Script) - Umbrella script that automates numerous useful PowerShell modules to discover security misconfigurations and attempt privilege escalation against Active Directory.
 * [Bloodhound](https://github.com/adaptivethreat/Bloodhound/wiki) - Graphical Active Directory trust relationship explorer.
 * [Commando VM](https://github.com/fireeye/commando-vm) - Automated installation of over 140 Windows software packages for penetration testing and red teaming.
 * [Covenant](https://github.com/cobbr/Covenant) - ASP.NET Core application that serves as a collaborative command and control platform for red teamers.
 * [DeathStar](https://github.com/byt3bl33d3r/DeathStar) - Python script that uses Empire's RESTful API to automate gaining Domain Admin rights in Active Directory environments.
 * [Empire](https://www.powershellempire.com/) - Pure PowerShell post-exploitation agent.
 * [Fibratus](https://github.com/rabbitstack/fibratus) - Tool for exploration and tracing of the Windows kernel.