diff --git a/README.md b/README.md index 5560935..e2adf3b 100644 --- a/README.md +++ b/README.md @@ -24,6 +24,7 @@ A collection of awesome penetration testing resources - [OSInt Tools](#osint-tools) - [Anonymity Tools](#anonymity-tools) - [Reverse Engineering Tools](#reverse-engineering-tools) + - [CTF Tools](#ctf-tools) - [Books](#books) - [Penetration Testing Books](#penetration-testing-books) - [Hackers Handbook Series](#hackers-handbook-series) @@ -52,6 +53,7 @@ A collection of awesome penetration testing resources * [Shellcode Tutorial](http://www.vividmachines.com/shellcode/shellcode.html) - Tutorial on how to write shellcode * [Shellcode Examples](http://shell-storm.org/shellcode/) - Shellcodes database * [Exploit Writing Tutorials](https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/) - Tutorials on how to develop exploits +* [GDB-peda](https://github.com/longld/peda) - Python Exploit Development Assistance for GDB #### Social Engineering Resources * [Social Engineering Framework](http://www.social-engineer.org/framework/) - An information resource for social engineers @@ -75,6 +77,7 @@ A collection of awesome penetration testing resources * [BeeF](https://github.com/beefproject/beef) - The Browser Exploitation Framework Project * [faraday](https://github.com/infobyte/faraday) - Collaborative Penetration Test and Vulnerability Management Platform * [evilgrade](https://github.com/infobyte/evilgrade) - The update explotation framework +* [WPScan](http://wpscan.org/) - Black box WordPress vulnerability scanner #### Vulnerability Scanners * [Netsparker](https://www.netsparker.com/communityedition/) - Web Application Security Scanner @@ -87,6 +90,7 @@ A collection of awesome penetration testing resources * [w3af](https://github.com/andresriancho/w3af) - Web application attack and audit framework * [Wapiti](http://wapiti.sourceforge.net/) - Web application vulnerability scanner * [WebReaver](http://www.webreaver.com/) - Web application vulnerability scanner for Mac OS X +* [DVCS Ripper](https://github.com/kost/dvcs-ripper) - Rip web accessible (distributed) version control systems: SVN/GIT/HG/BZR #### Network Tools * [nmap](http://nmap.org/) - Free Security Scanner For Network Exploration & Security Audits @@ -97,11 +101,13 @@ A collection of awesome penetration testing resources * [Intercepter-NG](http://intercepter.nerf.ru/) - a multifunctional network toolkit * [SPARTA](http://sparta.secforce.com/) - Network Infrastructure Penetration Testing Tool * [DNSDumpster](https://dnsdumpster.com/) - Online DNS recond and search service +* [Mass Scan](https://github.com/robertdavidgraham/masscan) - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. #### Wireless Network Tools * [Aircrack-ng](http://www.aircrack-ng.org/) - a set of tools for auditing wireless network * [Kismet](https://kismetwireless.net/) - Wireless network detector, sniffer, and IDS * [Reaver](https://code.google.com/p/reaver-wps/) - Brute force attack against Wifi Protected Setup + * [Wifite](https://github.com/derv82/wifite) - Automated wireless attack tool #### SSL Analysis Tools * [SSLyze](https://github.com/nabla-c0d3/sslyze) - SSL configuration scanner @@ -113,6 +119,7 @@ A collection of awesome penetration testing resources #### Crackers * [John the Ripper](http://www.openwall.com/john/) - Fast password cracker * [Online MD5 cracker](http://www.md5crack.com/) - Online MD5 hash Cracker +* [Hashcat](http://hashcat.net/oclhashcat/) - The more fast hash cracker #### Windows Utils * [Sysinternals Suite](http://technet.microsoft.com/en-us/sysinternals/bb842062) - The Sysinternals Troubleshooting Utilities @@ -122,6 +129,7 @@ A collection of awesome penetration testing resources #### DDoS Tools * [LOIC](https://github.com/NewEraCracker/LOIC/) - An open source network stress tool for Windows * [JS LOIC](http://metacortexsecurity.com/tools/anon/LOIC/LOICv1.html) - JavaScript in-browser version of LOIC +* [T50](http://sourceforge.net/projects/t50/) - The more fast network stress tool #### Social Engineering Tools * [SET](https://github.com/trustedsec/social-engineer-toolkit) - The Social-Engineer Toolkit from TrustedSec @@ -145,7 +153,10 @@ A collection of awesome penetration testing resources * [Bokken](https://inguma.eu/projects/bokken) - GUI for Pyew Radare2. * [Immunity Debugger](http://debugger.immunityinc.com/) - A powerful new way to write exploits and analyze malware * [Evan's Debugger](http://www.codef00.com/projects#debugger) - OllyDbg-like debugger for Linux +* [Medusa disassembler](https://github.com/wisk/medusa) - An open source interactive disassembler +#### CTF Tools +* [Pwntools](https://github.com/Gallopsled/pwntools) - CTF framework for use in CTFs ### Books #### Penetration Testing Books @@ -292,6 +303,7 @@ A collection of awesome penetration testing resources * [PCAP Tools](https://github.com/caesar0301/awesome-pcaptools) - Tools for processing network traffic * [Security](https://github.com/sbilly/awesome-security) - Software, libraries, documents, and other resources * [Awesome List](https://github.com/sindresorhus/awesome) - A curated list of awesome lists +* [SecLists](https://github.com/danielmiessler/SecLists) - Collection of multiple types of lists used during security assessments ### Contribution