mirror of
https://github.com/enaqx/awesome-pentest.git
synced 2024-12-23 06:09:22 -05:00
Merge pull request #407 from fabacab/new-tools
Add kube-hunter (Kubernetes pentest tool) and Open Source Vulnerabilities (a vuln DB).
This commit is contained in:
commit
53a2ea62fd
@ -114,7 +114,6 @@ See also [awesome-tor](https://github.com/ajvb/awesome-tor).
|
|||||||
* [Shellter](https://www.shellterproject.com/) - Dynamic shellcode injection tool, and the first truly dynamic PE infector ever created.
|
* [Shellter](https://www.shellterproject.com/) - Dynamic shellcode injection tool, and the first truly dynamic PE infector ever created.
|
||||||
* [UniByAv](https://github.com/Mr-Un1k0d3r/UniByAv) - Simple obfuscator that takes raw shellcode and generates Anti-Virus friendly executables by using a brute-forcable, 32-bit XOR key.
|
* [UniByAv](https://github.com/Mr-Un1k0d3r/UniByAv) - Simple obfuscator that takes raw shellcode and generates Anti-Virus friendly executables by using a brute-forcable, 32-bit XOR key.
|
||||||
* [Veil](https://www.veil-framework.com/) - Generate metasploit payloads that bypass common anti-virus solutions.
|
* [Veil](https://www.veil-framework.com/) - Generate metasploit payloads that bypass common anti-virus solutions.
|
||||||
* [peCloak.py](https://www.securitysift.com/pecloak-py-an-experiment-in-av-evasion/) - Automates the process of hiding a malicious Windows executable from antivirus (AV) detection.
|
|
||||||
* [peCloakCapstone](https://github.com/v-p-b/peCloakCapstone) - Multi-platform fork of the peCloak.py automated malware antivirus evasion tool.
|
* [peCloakCapstone](https://github.com/v-p-b/peCloakCapstone) - Multi-platform fork of the peCloak.py automated malware antivirus evasion tool.
|
||||||
|
|
||||||
## Books
|
## Books
|
||||||
@ -267,7 +266,6 @@ See also *[Reverse Engineering Tools](#reverse-engineering-tools)*.
|
|||||||
|
|
||||||
## Hex Editors
|
## Hex Editors
|
||||||
|
|
||||||
* [0xED](http://www.suavetech.com/0xed/0xed.html) - Native macOS hex editor that supports plug-ins to display custom data types.
|
|
||||||
* [Bless](https://github.com/bwrsandman/Bless) - High quality, full featured, cross-platform graphical hex editor written in Gtk#.
|
* [Bless](https://github.com/bwrsandman/Bless) - High quality, full featured, cross-platform graphical hex editor written in Gtk#.
|
||||||
* [Frhed](http://frhed.sourceforge.net/) - Binary file editor for Windows.
|
* [Frhed](http://frhed.sourceforge.net/) - Binary file editor for Windows.
|
||||||
* [Hex Fiend](http://ridiculousfish.com/hexfiend/) - Fast, open source, hex editor for macOS with support for viewing binary diffs.
|
* [Hex Fiend](http://ridiculousfish.com/hexfiend/) - Fast, open source, hex editor for macOS with support for viewing binary diffs.
|
||||||
@ -443,6 +441,7 @@ See also [awesome-pcaptools](https://github.com/caesar0301/awesome-pcaptools).
|
|||||||
## Network Vulnerability Scanners
|
## Network Vulnerability Scanners
|
||||||
|
|
||||||
* [celerystalk](https://github.com/sethsec/celerystalk) - Asynchronous enumeration and vulnerability scanner that "runs all the tools on all the hosts" in a configurable manner.
|
* [celerystalk](https://github.com/sethsec/celerystalk) - Asynchronous enumeration and vulnerability scanner that "runs all the tools on all the hosts" in a configurable manner.
|
||||||
|
* [kube-hunter](https://kube-hunter.aquasec.com/) - Open-source tool that runs a set of tests ("hunters") for security issues in Kubernetes clusters from either outside ("attacker's view") or inside a cluster.
|
||||||
* [Nessus](https://www.tenable.com/products/nessus-vulnerability-scanner) - Commercial vulnerability management, configuration, and compliance assessment platform, sold by Tenable.
|
* [Nessus](https://www.tenable.com/products/nessus-vulnerability-scanner) - Commercial vulnerability management, configuration, and compliance assessment platform, sold by Tenable.
|
||||||
* [Netsparker Application Security Scanner](https://www.netsparker.com/pricing/) - Application security scanner to automatically find security flaws.
|
* [Netsparker Application Security Scanner](https://www.netsparker.com/pricing/) - Application security scanner to automatically find security flaws.
|
||||||
* [Nexpose](https://www.rapid7.com/products/nexpose/) - Commercial vulnerability and risk management assessment engine that integrates with Metasploit, sold by Rapid7.
|
* [Nexpose](https://www.rapid7.com/products/nexpose/) - Commercial vulnerability and risk management assessment engine that integrates with Metasploit, sold by Rapid7.
|
||||||
@ -759,6 +758,7 @@ See also [awesome-social-engineering](https://github.com/v2-dev/awesome-social-e
|
|||||||
* [Microsoft Security Advisories and Bulletins](https://docs.microsoft.com/en-us/security-updates/) - Archive and announcements of security advisories impacting Microsoft software, published by the Microsoft Security Response Center (MSRC).
|
* [Microsoft Security Advisories and Bulletins](https://docs.microsoft.com/en-us/security-updates/) - Archive and announcements of security advisories impacting Microsoft software, published by the Microsoft Security Response Center (MSRC).
|
||||||
* [Mozilla Foundation Security Advisories](https://www.mozilla.org/security/advisories/) - Archive of security advisories impacting Mozilla software, including the Firefox Web Browser.
|
* [Mozilla Foundation Security Advisories](https://www.mozilla.org/security/advisories/) - Archive of security advisories impacting Mozilla software, including the Firefox Web Browser.
|
||||||
* [National Vulnerability Database (NVD)](https://nvd.nist.gov/) - United States government's National Vulnerability Database provides additional meta-data (CPE, CVSS scoring) of the standard CVE List along with a fine-grained search engine.
|
* [National Vulnerability Database (NVD)](https://nvd.nist.gov/) - United States government's National Vulnerability Database provides additional meta-data (CPE, CVSS scoring) of the standard CVE List along with a fine-grained search engine.
|
||||||
|
* [Open Source Vulnerabilities (OSV)](https://osv.dev/) - Database of vulnerabilities affecting open source software, queryable by project, Git commit, or version.
|
||||||
* [Packet Storm](https://packetstormsecurity.com/files/) - Compendium of exploits, advisories, tools, and other security-related resources aggregated from across the industry.
|
* [Packet Storm](https://packetstormsecurity.com/files/) - Compendium of exploits, advisories, tools, and other security-related resources aggregated from across the industry.
|
||||||
* [SecuriTeam](http://www.securiteam.com/) - Independent source of software vulnerability information.
|
* [SecuriTeam](http://www.securiteam.com/) - Independent source of software vulnerability information.
|
||||||
* [Snyk Vulnerability DB](https://snyk.io/vuln/) - Detailed information and remediation guidance for vulnerabilities known by Snyk.
|
* [Snyk Vulnerability DB](https://snyk.io/vuln/) - Detailed information and remediation guidance for vulnerabilities known by Snyk.
|
||||||
|
Loading…
Reference in New Issue
Block a user