Merge pull request #160 from meitar/ssl-tls

Move `sslstrip` to Web Exploitation, recategorize SSL as TLS tools.
This commit is contained in:
Samar Dhwoj Acharya 2017-07-13 10:47:29 -05:00 committed by GitHub
commit 6b733bfeeb

View File

@ -24,7 +24,7 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea
- [Web Scanners](#web-scanners) - [Web Scanners](#web-scanners)
- [Network Tools](#network-tools) - [Network Tools](#network-tools)
- [Wireless Network Tools](#wireless-network-tools) - [Wireless Network Tools](#wireless-network-tools)
- [SSL Analysis Tools](#ssl-analysis-tools) - [Transport Layer Security Tools](#transport-layer-security-tools)
- [Web Exploitation](#web-exploitation) - [Web Exploitation](#web-exploitation)
- [Hex Editors](#hex-editors) - [Hex Editors](#hex-editors)
- [Hash Cracking Tools](#hash-cracking-tools) - [Hash Cracking Tools](#hash-cracking-tools)
@ -178,7 +178,7 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea
* [passivedns](https://github.com/gamelinux/passivedns) - Network sniffer that logs all DNS server replies for use in a passive DNS setup. * [passivedns](https://github.com/gamelinux/passivedns) - Network sniffer that logs all DNS server replies for use in a passive DNS setup.
* [Mass Scan](https://github.com/robertdavidgraham/masscan) - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. * [Mass Scan](https://github.com/robertdavidgraham/masscan) - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
* [Zarp](https://github.com/hatRiot/zarp) - Network attack tool centered around the exploitation of local networks. * [Zarp](https://github.com/hatRiot/zarp) - Network attack tool centered around the exploitation of local networks.
* [mitmproxy](https://github.com/mitmproxy/mitmproxy) - Interactive SSL-capable intercepting HTTP proxy for penetration testers and software developers. * [mitmproxy](https://github.com/mitmproxy/mitmproxy) - Interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
* [Morpheus](https://github.com/r00t-3xp10it/morpheus) - Automated ettercap TCP/IP Hijacking tool. * [Morpheus](https://github.com/r00t-3xp10it/morpheus) - Automated ettercap TCP/IP Hijacking tool.
* [mallory](https://github.com/justmao945/mallory) - HTTP/HTTPS proxy over SSH. * [mallory](https://github.com/justmao945/mallory) - HTTP/HTTPS proxy over SSH.
* [SSH MITM](https://github.com/jtesta/ssh-mitm) - Intercept SSH connections with a proxy; all plaintext passwords and sessions are logged to disk. * [SSH MITM](https://github.com/jtesta/ssh-mitm) - Intercept SSH connections with a proxy; all plaintext passwords and sessions are logged to disk.
@ -204,10 +204,8 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea
* [Reaver](https://code.google.com/archive/p/reaver-wps) - Brute force attack against WiFi Protected Setup. * [Reaver](https://code.google.com/archive/p/reaver-wps) - Brute force attack against WiFi Protected Setup.
* [Wifite](https://github.com/derv82/wifite) - Automated wireless attack tool. * [Wifite](https://github.com/derv82/wifite) - Automated wireless attack tool.
### SSL Analysis Tools ### Transport Layer Security Tools
* [SSLyze](https://github.com/nabla-c0d3/sslyze) - SSL configuration scanner. * [SSLyze](https://github.com/nabla-c0d3/sslyze) - Fast and comprehensive TLS/SSL configuration analyzer to help identify security mis-configurations.
* [sslstrip](https://www.thoughtcrime.org/software/sslstrip/) - Demonstration of the HTTPS stripping attacks.
* [sslstrip2](https://github.com/LeonardoNve/sslstrip2) - SSLStrip version to defeat HSTS.
* [tls_prober](https://github.com/WestpointLtd/tls_prober) - Fingerprint a server's SSL/TLS implementation. * [tls_prober](https://github.com/WestpointLtd/tls_prober) - Fingerprint a server's SSL/TLS implementation.
### Web Exploitation ### Web Exploitation
@ -233,6 +231,8 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea
* [Commix](https://github.com/commixproject/commix) - Automated all-in-one operating system command injection and exploitation tool. * [Commix](https://github.com/commixproject/commix) - Automated all-in-one operating system command injection and exploitation tool.
* [DVCS Ripper](https://github.com/kost/dvcs-ripper) - Rip web accessible (distributed) version control systems: SVN/GIT/HG/BZR. * [DVCS Ripper](https://github.com/kost/dvcs-ripper) - Rip web accessible (distributed) version control systems: SVN/GIT/HG/BZR.
* [GitTools](https://github.com/internetwache/GitTools) - Automatically find and download Web-accessible `.git` repositories. * [GitTools](https://github.com/internetwache/GitTools) - Automatically find and download Web-accessible `.git` repositories.
* [sslstrip](https://www.thoughtcrime.org/software/sslstrip/) - Demonstration of the HTTPS stripping attacks.
* [sslstrip2](https://github.com/LeonardoNve/sslstrip2) - SSLStrip version to defeat HSTS.
### Hex Editors ### Hex Editors
* [HexEdit.js](https://hexed.it) - Browser-based hex editing. * [HexEdit.js](https://hexed.it) - Browser-based hex editing.