From 2dbb9edc6eaf6156526d74d5376d8bddad73001a Mon Sep 17 00:00:00 2001 From: ZJ Date: Wed, 27 Mar 2019 12:37:31 -0400 Subject: [PATCH 1/4] awesome-lint: fix header levels --- README.md | 235 +++++++++++++++++++++++++++--------------------------- 1 file changed, 118 insertions(+), 117 deletions(-) diff --git a/README.md b/README.md index ae9224a..b3ac00d 100644 --- a/README.md +++ b/README.md @@ -19,18 +19,18 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea * [Operating Systems](#operating-systems) * [Penetration Testing Report Templates](#penetration-testing-report-templates) * [Code examples for Penetration Testing](#code-examples-for-penetration-testing) +* [Network vulnerability scanners](#network-vulnerability-scanners) + * [Static Analyzers](#static-analyzers) + * [Web Vulnerability Scanners](#web-vulnerability-scanners) +* [Network Tools](#network-tools) + * [Exfiltration Tools](#exfiltration-tools) + * [Network Reconnaissance Tools](#network-reconnaissance-tools) + * [Protocol Analyzers and Sniffers](#protocol-analyzers-and-sniffers) + * [Proxies and MITM Tools](#proxies-and-mitm-tools) * [Tools](#tools) * [Penetration Testing Distributions](#penetration-testing-distributions) * [Docker for Penetration Testing](#docker-for-penetration-testing) * [Multi-paradigm Frameworks](#multi-paradigm-frameworks) - * [Network vulnerability scanners](#network-vulnerability-scanners) - * [Static Analyzers](#static-analyzers) - * [Web Vulnerability Scanners](#web-vulnerability-scanners) - * [Network Tools](#network-tools) - * [Exfiltration Tools](#exfiltration-tools) - * [Network Reconnaissance Tools](#network-reconnaissance-tools) - * [Protocol Analyzers and Sniffers](#protocol-analyzers-and-sniffers) - * [Proxies and MITM Tools](#proxies-and-mitm-tools) * [Wireless Network Tools](#wireless-network-tools) * [Transport Layer Security Tools](#transport-layer-security-tools) * [Web Exploitation](#web-exploitation) @@ -126,6 +126,115 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea * [goHackTools](https://github.com/dreddsa5dies/goHackTools) - Hacker tools on Go (Golang). +## Network vulnerability scanners + +* [Netsparker Application Security Scanner](https://www.netsparker.com/) - Application security scanner to automatically find security flaws. +* [Nexpose](https://www.rapid7.com/products/nexpose/) - Commercial vulnerability and risk management assessment engine that integrates with Metasploit, sold by Rapid7. +* [Nessus](https://www.tenable.com/products/nessus-vulnerability-scanner) - Commercial vulnerability management, configuration, and compliance assessment platform, sold by Tenable. +* [OpenVAS](http://www.openvas.org/) - Free software implementation of the popular Nessus vulnerability assessment system. +* [Vuls](https://github.com/future-architect/vuls) - Agentless vulnerability scanner for GNU/Linux and FreeBSD, written in Go. + +### Static Analyzers + +* [Brakeman](https://github.com/presidentbeef/brakeman) - Static analysis security vulnerability scanner for Ruby on Rails applications. +* [cppcheck](http://cppcheck.sourceforge.net/) - Extensible C/C++ static analyzer focused on finding bugs. +* [FindBugs](http://findbugs.sourceforge.net/) - Free software static analyzer to look for bugs in Java code. +* [sobelow](https://github.com/nccgroup/sobelow) - Security-focused static analysis for the Phoenix Framework. +* [bandit](https://pypi.python.org/pypi/bandit/) - Security oriented static analyser for python code. +* [Progpilot](https://github.com/designsecurity/progpilot) - Static security analysis tool for PHP code. +* [RegEx-DoS](https://github.com/jagracey/RegEx-DoS) - Analyzes source code for Regular Expressions susceptible to Denial of Service attacks. + +### Web Vulnerability Scanners + +* [Netsparker Application Security Scanner](https://www.netsparker.com/) - Application security scanner to automatically find security flaws. +* [Nikto](https://cirt.net/nikto2) - Noisy but fast black box web server and web application vulnerability scanner. +* [Arachni](http://www.arachni-scanner.com/) - Scriptable framework for evaluating the security of web applications. +* [w3af](https://github.com/andresriancho/w3af) - Web application attack and audit framework. +* [Wapiti](http://wapiti.sourceforge.net/) - Black box web application vulnerability scanner with built-in fuzzer. +* [SecApps](https://secapps.com/) - In-browser web application security testing suite. +* [WebReaver](https://www.webreaver.com/) - Commercial, graphical web application vulnerability scanner designed for macOS. +* [WPScan](https://wpscan.org/) - Black box WordPress vulnerability scanner. +* [cms-explorer](https://code.google.com/archive/p/cms-explorer/) - Reveal the specific modules, plugins, components and themes that various websites powered by content management systems are running. +* [joomscan](https://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project) - Joomla vulnerability scanner. +* [ACSTIS](https://github.com/tijme/angularjs-csti-scanner) - Automated client-side template injection (sandbox escape/bypass) detection for AngularJS. +* [SQLmate](https://github.com/UltimateHackers/sqlmate) - A friend of sqlmap that identifies sqli vulnerabilities based on a given dork and website (optional). +* [JCS](https://github.com/TheM4hd1/JCS) - Joomla Vulnerability Component Scanner with automatic database updater from exploitdb and packetstorm. + +## Network Tools + +* [pig](https://github.com/rafael-santiago/pig) - GNU/Linux packet crafting tool. +* [Network-Tools.com](http://network-tools.com/) - Website offering an interface to numerous basic network utilities like `ping`, `traceroute`, `whois`, and more. +* [Intercepter-NG](http://sniff.su/) - Multifunctional network toolkit. +* [SPARTA](https://sparta.secforce.com/) - Graphical interface offering scriptable, configurable access to existing network infrastructure scanning and enumeration tools. +* [Zarp](https://github.com/hatRiot/zarp) - Network attack tool centered around the exploitation of local networks. +* [dsniff](https://www.monkey.org/~dugsong/dsniff/) - Collection of tools for network auditing and pentesting. +* [scapy](https://github.com/secdev/scapy) - Python-based interactive packet manipulation program & library. +* [Printer Exploitation Toolkit (PRET)](https://github.com/RUB-NDS/PRET) - Tool for printer security testing capable of IP and USB connectivity, fuzzing, and exploitation of PostScript, PJL, and PCL printer language features. +* [Praeda](http://h.foofus.net/?page_id=218) - Automated multi-function printer data harvester for gathering usable data during security assessments. +* [routersploit](https://github.com/reverse-shell/routersploit) - Open source exploitation framework similar to Metasploit but dedicated to embedded devices. +* [CrackMapExec](https://github.com/byt3bl33d3r/CrackMapExec) - Swiss army knife for pentesting networks. +* [impacket](https://github.com/CoreSecurity/impacket) - Collection of Python classes for working with network protocols. +* [dnstwist](https://github.com/elceef/dnstwist) - Domain name permutation engine for detecting typo squatting, phishing and corporate espionage. +* [THC Hydra](https://github.com/vanhauser-thc/thc-hydra) - Online password cracking tool with built-in support for many network protocols, including HTTP, SMB, FTP, telnet, ICQ, MySQL, LDAP, IMAP, VNC, and more. +* [IKEForce](https://github.com/SpiderLabs/ikeforce) - Command line IPSEC VPN brute forcing tool for Linux that allows group name/ID enumeration and XAUTH brute forcing capabilities. +* [hping3](https://github.com/antirez/hping) - Network tool able to send custom TCP/IP packets. +* [rshijack](https://github.com/kpcyrd/rshijack) - TCP connection hijacker, Rust rewrite of `shijack`. +* [Legion](https://github.com/GoVanguard/legion) - Graphical semi-automated discovery and reconnaissance framework based on Python 3 and forked from SPARTA. + +### Exfiltration Tools + +* [DET](https://github.com/sensepost/DET) - Proof of concept to perform data exfiltration using either single or multiple channel(s) at the same time. +* [pwnat](https://github.com/samyk/pwnat) - Punches holes in firewalls and NATs. +* [tgcd](http://tgcd.sourceforge.net/) - Simple Unix network utility to extend the accessibility of TCP/IP based network services beyond firewalls. +* [Iodine](https://code.kryo.se/iodine/) - Tunnel IPv4 data through a DNS server; useful for exfiltration from networks where Internet access is firewalled, but DNS queries are allowed. +* [Cloakify](https://github.com/TryCatchHCF/Cloakify) - Textual steganography toolkit that converts any filetype into lists of everyday strings. + +### Network Reconnaissance Tools + +* [zmap](https://zmap.io/) - Open source network scanner that enables researchers to easily perform Internet-wide network studies. +* [nmap](https://nmap.org/) - Free security scanner for network exploration & security audits. +* [scanless](https://github.com/vesche/scanless) - Utility for using websites to perform port scans on your behalf so as not to reveal your own IP. +* [DNSDumpster](https://dnsdumpster.com/) - Online DNS recon and search service. +* [CloudFail](https://github.com/m0rtem/CloudFail) - Unmask server IP addresses hidden behind Cloudflare by searching old database records and detecting misconfigured DNS. +* [dnsenum](https://github.com/fwaeytens/dnsenum/) - Perl script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack, and then performs reverse look-ups on the results. +* [dnsmap](https://github.com/makefu/dnsmap/) - Passive DNS network mapper. +* [dnsrecon](https://github.com/darkoperator/dnsrecon/) - DNS enumeration script. +* [dnstracer](http://www.mavetju.org/unix/dnstracer.php) - Determines where a given DNS server gets its information from, and follows the chain of DNS servers. +* [passivedns-client](https://github.com/chrislee35/passivedns-client) - Library and query tool for querying several passive DNS providers. +* [passivedns](https://github.com/gamelinux/passivedns) - Network sniffer that logs all DNS server replies for use in a passive DNS setup. +* [Mass Scan](https://github.com/robertdavidgraham/masscan) - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. +* [smbmap](https://github.com/ShawnDEvans/smbmap) - Handy SMB enumeration tool. +* [XRay](https://github.com/evilsocket/xray) - Network (sub)domain discovery and reconnaissance automation tool. +* [ACLight](https://github.com/cyberark/ACLight) - Script for advanced discovery of sensitive Privileged Accounts - includes Shadow Admins. +* [ScanCannon](https://github.com/johnnyxmas/ScanCannon) - Python script to quickly enumerate large networks by calling `masscan` to quickly identify open ports and then `nmap` to gain details on the systems/services on those ports. +* [fierce](https://github.com/mschwager/fierce) - Python3 port of the original `fierce.pl` DNS reconnaissance tool for locating non-contiguous IP space. + +### Protocol Analyzers and Sniffers + +* [tcpdump/libpcap](http://www.tcpdump.org/) - Common packet analyzer that runs under the command line. +* [Wireshark](https://www.wireshark.org/) - Widely-used graphical, cross-platform network protocol analyzer. +* [netsniff-ng](https://github.com/netsniff-ng/netsniff-ng) - Swiss army knife for for network sniffing. +* [Dshell](https://github.com/USArmyResearchLab/Dshell) - Network forensic analysis framework. +* [Debookee](http://www.iwaxx.com/debookee/) - Simple and powerful network traffic analyzer for macOS. +* [Dripcap](https://github.com/dripcap/dripcap) - Caffeinated packet analyzer. +* [Netzob](https://github.com/netzob/netzob) - Reverse engineering, traffic generation and fuzzing of communication protocols. +* [sniffglue](https://github.com/kpcyrd/sniffglue) - Secure multithreaded packet sniffer. + +### Proxies and MITM Tools + +* [dnschef](https://github.com/iphelix/dnschef) - Highly configurable DNS proxy for pentesters. +* [mitmproxy](https://github.com/mitmproxy/mitmproxy) - Interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers. +* [Morpheus](https://github.com/r00t-3xp10it/morpheus) - Automated ettercap TCP/IP Hijacking tool. +* [mallory](https://github.com/justmao945/mallory) - HTTP/HTTPS proxy over SSH. +* [SSH MITM](https://github.com/jtesta/ssh-mitm) - Intercept SSH connections with a proxy; all plaintext passwords and sessions are logged to disk. +* [evilgrade](https://github.com/infobyte/evilgrade) - Modular framework to take advantage of poor upgrade implementations by injecting fake updates. +* [Ettercap](http://www.ettercap-project.org) - Comprehensive, mature suite for machine-in-the-middle attacks. +* [BetterCAP](https://www.bettercap.org/) - Modular, portable and easily extensible MITM framework. +* [MITMf](https://github.com/byt3bl33d3r/MITMf) - Framework for Man-In-The-Middle attacks. +* [Lambda-Proxy](https://github.com/puresec/lambda-proxy) - Utility for testing SQL Injection vulnerabilities on AWS Lambda serverless functions. +* [Habu](https://github.com/portantier/habu) - Python utility implementing a variety of network attacks, such as ARP poisoning, DHCP starvation, and more. + + ## Tools ### Penetration Testing Distributions @@ -144,7 +253,7 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea ### Docker for Penetration Testing -* `docker pull kalilinux/kali-linux-docker` - [Official Kali Linux](https://hub.docker.com/r/kalilinux/kali-linux-docker/). +* [`docker pull kalilinux/kali-linux-docker`](https://hub.docker.com/r/kalilinux/kali-linux-docker/) - Official Kali Linux. * `docker pull owasp/zap2docker-stable` - [Official OWASP ZAP](https://github.com/zaproxy/zaproxy). * `docker pull wpscanteam/wpscan` - [Official WPScan](https://hub.docker.com/r/wpscanteam/wpscan/). * `docker pull citizenstig/dvwa` - [Damn Vulnerable Web Application (DVWA)](https://hub.docker.com/r/citizenstig/dvwa/). @@ -171,114 +280,6 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea * [AutoSploit](https://github.com/NullArray/AutoSploit) - Automated mass exploiter, which collects target by employing the Shodan.io API and programmatically chooses Metasploit exploit modules based on the Shodan query. * [Decker](https://github.com/stevenaldinger/decker) - Penetration testing orchestration and automation framework, which allows writing declarative, reusable configurations capable of ingesting variables and using outputs of tools it has run as inputs to others. -### Network vulnerability scanners - -* [Netsparker Application Security Scanner](https://www.netsparker.com/) - Application security scanner to automatically find security flaws. -* [Nexpose](https://www.rapid7.com/products/nexpose/) - Commercial vulnerability and risk management assessment engine that integrates with Metasploit, sold by Rapid7. -* [Nessus](https://www.tenable.com/products/nessus-vulnerability-scanner) - Commercial vulnerability management, configuration, and compliance assessment platform, sold by Tenable. -* [OpenVAS](http://www.openvas.org/) - Free software implementation of the popular Nessus vulnerability assessment system. -* [Vuls](https://github.com/future-architect/vuls) - Agentless vulnerability scanner for GNU/Linux and FreeBSD, written in Go. - -#### Static Analyzers - -* [Brakeman](https://github.com/presidentbeef/brakeman) - Static analysis security vulnerability scanner for Ruby on Rails applications. -* [cppcheck](http://cppcheck.sourceforge.net/) - Extensible C/C++ static analyzer focused on finding bugs. -* [FindBugs](http://findbugs.sourceforge.net/) - Free software static analyzer to look for bugs in Java code. -* [sobelow](https://github.com/nccgroup/sobelow) - Security-focused static analysis for the Phoenix Framework. -* [bandit](https://pypi.python.org/pypi/bandit/) - Security oriented static analyser for python code. -* [Progpilot](https://github.com/designsecurity/progpilot) - Static security analysis tool for PHP code. -* [RegEx-DoS](https://github.com/jagracey/RegEx-DoS) - Analyzes source code for Regular Expressions susceptible to Denial of Service attacks. - -#### Web Vulnerability Scanners - -* [Netsparker Application Security Scanner](https://www.netsparker.com/) - Application security scanner to automatically find security flaws. -* [Nikto](https://cirt.net/nikto2) - Noisy but fast black box web server and web application vulnerability scanner. -* [Arachni](http://www.arachni-scanner.com/) - Scriptable framework for evaluating the security of web applications. -* [w3af](https://github.com/andresriancho/w3af) - Web application attack and audit framework. -* [Wapiti](http://wapiti.sourceforge.net/) - Black box web application vulnerability scanner with built-in fuzzer. -* [SecApps](https://secapps.com/) - In-browser web application security testing suite. -* [WebReaver](https://www.webreaver.com/) - Commercial, graphical web application vulnerability scanner designed for macOS. -* [WPScan](https://wpscan.org/) - Black box WordPress vulnerability scanner. -* [cms-explorer](https://code.google.com/archive/p/cms-explorer/) - Reveal the specific modules, plugins, components and themes that various websites powered by content management systems are running. -* [joomscan](https://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project) - Joomla vulnerability scanner. -* [ACSTIS](https://github.com/tijme/angularjs-csti-scanner) - Automated client-side template injection (sandbox escape/bypass) detection for AngularJS. -* [SQLmate](https://github.com/UltimateHackers/sqlmate) - A friend of sqlmap that identifies sqli vulnerabilities based on a given dork and website (optional). -* [JCS](https://github.com/TheM4hd1/JCS) - Joomla Vulnerability Component Scanner with automatic database updater from exploitdb and packetstorm. - -### Network Tools - -* [pig](https://github.com/rafael-santiago/pig) - GNU/Linux packet crafting tool. -* [Network-Tools.com](http://network-tools.com/) - Website offering an interface to numerous basic network utilities like `ping`, `traceroute`, `whois`, and more. -* [Intercepter-NG](http://sniff.su/) - Multifunctional network toolkit. -* [SPARTA](https://sparta.secforce.com/) - Graphical interface offering scriptable, configurable access to existing network infrastructure scanning and enumeration tools. -* [Zarp](https://github.com/hatRiot/zarp) - Network attack tool centered around the exploitation of local networks. -* [dsniff](https://www.monkey.org/~dugsong/dsniff/) - Collection of tools for network auditing and pentesting. -* [scapy](https://github.com/secdev/scapy) - Python-based interactive packet manipulation program & library. -* [Printer Exploitation Toolkit (PRET)](https://github.com/RUB-NDS/PRET) - Tool for printer security testing capable of IP and USB connectivity, fuzzing, and exploitation of PostScript, PJL, and PCL printer language features. -* [Praeda](http://h.foofus.net/?page_id=218) - Automated multi-function printer data harvester for gathering usable data during security assessments. -* [routersploit](https://github.com/reverse-shell/routersploit) - Open source exploitation framework similar to Metasploit but dedicated to embedded devices. -* [CrackMapExec](https://github.com/byt3bl33d3r/CrackMapExec) - Swiss army knife for pentesting networks. -* [impacket](https://github.com/CoreSecurity/impacket) - Collection of Python classes for working with network protocols. -* [dnstwist](https://github.com/elceef/dnstwist) - Domain name permutation engine for detecting typo squatting, phishing and corporate espionage. -* [THC Hydra](https://github.com/vanhauser-thc/thc-hydra) - Online password cracking tool with built-in support for many network protocols, including HTTP, SMB, FTP, telnet, ICQ, MySQL, LDAP, IMAP, VNC, and more. -* [IKEForce](https://github.com/SpiderLabs/ikeforce) - Command line IPSEC VPN brute forcing tool for Linux that allows group name/ID enumeration and XAUTH brute forcing capabilities. -* [hping3](https://github.com/antirez/hping) - Network tool able to send custom TCP/IP packets. -* [rshijack](https://github.com/kpcyrd/rshijack) - TCP connection hijacker, Rust rewrite of `shijack`. -* [Legion](https://github.com/GoVanguard/legion) - Graphical semi-automated discovery and reconnaissance framework based on Python 3 and forked from SPARTA. - -#### Exfiltration Tools - -* [DET](https://github.com/sensepost/DET) - Proof of concept to perform data exfiltration using either single or multiple channel(s) at the same time. -* [pwnat](https://github.com/samyk/pwnat) - Punches holes in firewalls and NATs. -* [tgcd](http://tgcd.sourceforge.net/) - Simple Unix network utility to extend the accessibility of TCP/IP based network services beyond firewalls. -* [Iodine](https://code.kryo.se/iodine/) - Tunnel IPv4 data through a DNS server; useful for exfiltration from networks where Internet access is firewalled, but DNS queries are allowed. -* [Cloakify](https://github.com/TryCatchHCF/Cloakify) - Textual steganography toolkit that converts any filetype into lists of everyday strings. - -#### Network Reconnaissance Tools - -* [zmap](https://zmap.io/) - Open source network scanner that enables researchers to easily perform Internet-wide network studies. -* [nmap](https://nmap.org/) - Free security scanner for network exploration & security audits. -* [scanless](https://github.com/vesche/scanless) - Utility for using websites to perform port scans on your behalf so as not to reveal your own IP. -* [DNSDumpster](https://dnsdumpster.com/) - Online DNS recon and search service. -* [CloudFail](https://github.com/m0rtem/CloudFail) - Unmask server IP addresses hidden behind Cloudflare by searching old database records and detecting misconfigured DNS. -* [dnsenum](https://github.com/fwaeytens/dnsenum/) - Perl script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack, and then performs reverse look-ups on the results. -* [dnsmap](https://github.com/makefu/dnsmap/) - Passive DNS network mapper. -* [dnsrecon](https://github.com/darkoperator/dnsrecon/) - DNS enumeration script. -* [dnstracer](http://www.mavetju.org/unix/dnstracer.php) - Determines where a given DNS server gets its information from, and follows the chain of DNS servers. -* [passivedns-client](https://github.com/chrislee35/passivedns-client) - Library and query tool for querying several passive DNS providers. -* [passivedns](https://github.com/gamelinux/passivedns) - Network sniffer that logs all DNS server replies for use in a passive DNS setup. -* [Mass Scan](https://github.com/robertdavidgraham/masscan) - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. -* [smbmap](https://github.com/ShawnDEvans/smbmap) - Handy SMB enumeration tool. -* [XRay](https://github.com/evilsocket/xray) - Network (sub)domain discovery and reconnaissance automation tool. -* [ACLight](https://github.com/cyberark/ACLight) - Script for advanced discovery of sensitive Privileged Accounts - includes Shadow Admins. -* [ScanCannon](https://github.com/johnnyxmas/ScanCannon) - Python script to quickly enumerate large networks by calling `masscan` to quickly identify open ports and then `nmap` to gain details on the systems/services on those ports. -* [fierce](https://github.com/mschwager/fierce) - Python3 port of the original `fierce.pl` DNS reconnaissance tool for locating non-contiguous IP space. - -#### Protocol Analyzers and Sniffers - -* [tcpdump/libpcap](http://www.tcpdump.org/) - Common packet analyzer that runs under the command line. -* [Wireshark](https://www.wireshark.org/) - Widely-used graphical, cross-platform network protocol analyzer. -* [netsniff-ng](https://github.com/netsniff-ng/netsniff-ng) - Swiss army knife for for network sniffing. -* [Dshell](https://github.com/USArmyResearchLab/Dshell) - Network forensic analysis framework. -* [Debookee](http://www.iwaxx.com/debookee/) - Simple and powerful network traffic analyzer for macOS. -* [Dripcap](https://github.com/dripcap/dripcap) - Caffeinated packet analyzer. -* [Netzob](https://github.com/netzob/netzob) - Reverse engineering, traffic generation and fuzzing of communication protocols. -* [sniffglue](https://github.com/kpcyrd/sniffglue) - Secure multithreaded packet sniffer. - -#### Proxies and MITM Tools - -* [dnschef](https://github.com/iphelix/dnschef) - Highly configurable DNS proxy for pentesters. -* [mitmproxy](https://github.com/mitmproxy/mitmproxy) - Interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers. -* [Morpheus](https://github.com/r00t-3xp10it/morpheus) - Automated ettercap TCP/IP Hijacking tool. -* [mallory](https://github.com/justmao945/mallory) - HTTP/HTTPS proxy over SSH. -* [SSH MITM](https://github.com/jtesta/ssh-mitm) - Intercept SSH connections with a proxy; all plaintext passwords and sessions are logged to disk. -* [evilgrade](https://github.com/infobyte/evilgrade) - Modular framework to take advantage of poor upgrade implementations by injecting fake updates. -* [Ettercap](http://www.ettercap-project.org) - Comprehensive, mature suite for machine-in-the-middle attacks. -* [BetterCAP](https://www.bettercap.org/) - Modular, portable and easily extensible MITM framework. -* [MITMf](https://github.com/byt3bl33d3r/MITMf) - Framework for Man-In-The-Middle attacks. -* [Lambda-Proxy](https://github.com/puresec/lambda-proxy) - Utility for testing SQL Injection vulnerabilities on AWS Lambda serverless functions. -* [Habu](https://github.com/portantier/habu) - Python utility implementing a variety of network attacks, such as ARP poisoning, DHCP starvation, and more. - ### Wireless Network Tools * [Aircrack-ng](http://www.aircrack-ng.org/) - Set of tools for auditing wireless networks. From 6f072af3ad4873921fa14d3a05854f754b49da1e Mon Sep 17 00:00:00 2001 From: ZJ Date: Wed, 27 Mar 2019 12:56:59 -0400 Subject: [PATCH 2/4] awesome-lint: reformat docker-pull links --- README.md | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index b3ac00d..ded4d4b 100644 --- a/README.md +++ b/README.md @@ -253,23 +253,23 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea ### Docker for Penetration Testing -* [`docker pull kalilinux/kali-linux-docker`](https://hub.docker.com/r/kalilinux/kali-linux-docker/) - Official Kali Linux. -* `docker pull owasp/zap2docker-stable` - [Official OWASP ZAP](https://github.com/zaproxy/zaproxy). -* `docker pull wpscanteam/wpscan` - [Official WPScan](https://hub.docker.com/r/wpscanteam/wpscan/). -* `docker pull citizenstig/dvwa` - [Damn Vulnerable Web Application (DVWA)](https://hub.docker.com/r/citizenstig/dvwa/). -* `docker pull wpscanteam/vulnerablewordpress` - [Vulnerable WordPress Installation](https://hub.docker.com/r/wpscanteam/vulnerablewordpress/). -* `docker pull hmlio/vaas-cve-2014-6271` - [Vulnerability as a service: Shellshock](https://hub.docker.com/r/hmlio/vaas-cve-2014-6271/). -* `docker pull hmlio/vaas-cve-2014-0160` - [Vulnerability as a service: Heartbleed](https://hub.docker.com/r/hmlio/vaas-cve-2014-0160/). -* `docker pull vulnerables/cve-2017-7494` - [Vulnerability as a service: SambaCry](https://hub.docker.com/r/vulnerables/cve-2017-7494/). -* `docker pull opendns/security-ninjas` - [Security Ninjas](https://hub.docker.com/r/opendns/security-ninjas/). -* `docker pull diogomonica/docker-bench-security` - [Docker Bench for Security](https://hub.docker.com/r/diogomonica/docker-bench-security/). -* `docker pull ismisepaul/securityshepherd` - [OWASP Security Shepherd](https://hub.docker.com/r/ismisepaul/securityshepherd/). -* `docker pull webgoat/webgoat-7.1` - [OWASP WebGoat Project 7.1 docker image](https://hub.docker.com/r/webgoat/webgoat-7.1/). -* `docker pull webgoat/webgoat-8.0` - [OWASP WebGoat Project 8.0 docker image](https://hub.docker.com/r/webgoat/webgoat-8.0/). -* `docker-compose build && docker-compose up` - [OWASP NodeGoat](https://github.com/owasp/nodegoat#option-3---run-nodegoat-on-docker). -* `docker pull citizenstig/nowasp` - [OWASP Mutillidae II Web Pen-Test Practice Application](https://hub.docker.com/r/citizenstig/nowasp/). -* `docker pull bkimminich/juice-shop` - [OWASP Juice Shop](https://github.com/bkimminich/juice-shop#docker-container--). -* `docker pull phocean/msf` - [docker-metasploit](https://hub.docker.com/r/phocean/msf/). +* [Official Kali Linux](https://hub.docker.com/r/kalilinux/kali-linux-docker/) - `docker pull kalilinux/kali-linux-docker`. +* [Official OWASP ZAP](https://github.com/zaproxy/zaproxy) - `docker pull owasp/zap2docker-stable`. +* [Official WPScan](https://hub.docker.com/r/wpscanteam/wpscan/) - `docker pull wpscanteam/wpscan`. +* [Damn Vulnerable Web Application (DVWA)](https://hub.docker.com/r/citizenstig/dvwa/) - `docker pull citizenstig/dvwa`. +* [Vulnerable WordPress Installation](https://hub.docker.com/r/wpscanteam/vulnerablewordpress/) - `docker pull wpscanteam/vulnerablewordpress`. +* [Vulnerability as a service: Shellshock](https://hub.docker.com/r/hmlio/vaas-cve-2014-6271/) - `docker pull hmlio/vaas-cve-2014-6271`. +* [Vulnerability as a service: Heartbleed](https://hub.docker.com/r/hmlio/vaas-cve-2014-0160/) - `docker pull hmlio/vaas-cve-2014-0160`. +* [Vulnerability as a service: SambaCry](https://hub.docker.com/r/vulnerables/cve-2017-7494/) - `docker pull vulnerables/cve-2017-7494`. +* [Security Ninjas](https://hub.docker.com/r/opendns/security-ninjas/) - `docker pull opendns/security-ninjas`. +* [Docker Bench for Security](https://hub.docker.com/r/diogomonica/docker-bench-security/) - `docker pull diogomonica/docker-bench-security`. +* [OWASP Security Shepherd](https://hub.docker.com/r/ismisepaul/securityshepherd/) - `docker pull ismisepaul/securityshepherd`. +* [OWASP WebGoat Project 7.1 docker image](https://hub.docker.com/r/webgoat/webgoat-7.1/) - `docker pull webgoat/webgoat-7.1`. +* [OWASP WebGoat Project 8.0 docker image](https://hub.docker.com/r/webgoat/webgoat-8.0/) - `docker pull webgoat/webgoat-8.0`. +* [OWASP NodeGoat](https://github.com/owasp/nodegoat#option-3---run-nodegoat-on-docker) - `docker-compose build && docker-compose up`. +* [OWASP Mutillidae II Web Pen-Test Practice Application](https://hub.docker.com/r/citizenstig/nowasp/) - `docker pull citizenstig/nowasp`. +* [OWASP Juice Shop](https://github.com/bkimminich/juice-shop#docker-container--) - `docker pull bkimminich/juice-shop`. +* [docker-metasploit](https://hub.docker.com/r/phocean/msf/) - `docker pull phocean/msf`. ### Multi-paradigm Frameworks From 19a96f2e22613d2ef8025f7b6e539e0bcb6741c2 Mon Sep 17 00:00:00 2001 From: ZJ Date: Wed, 27 Mar 2019 13:06:58 -0400 Subject: [PATCH 3/4] regroup some of the netowrk tools, based on awesome-lint headers --- README.md | 114 +++++++++++++++++++++++++++--------------------------- 1 file changed, 57 insertions(+), 57 deletions(-) diff --git a/README.md b/README.md index ded4d4b..be54020 100644 --- a/README.md +++ b/README.md @@ -27,12 +27,13 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea * [Network Reconnaissance Tools](#network-reconnaissance-tools) * [Protocol Analyzers and Sniffers](#protocol-analyzers-and-sniffers) * [Proxies and MITM Tools](#proxies-and-mitm-tools) + * [Wireless Network Tools](#wireless-network-tools) + * [Transport Layer Security Tools](#transport-layer-security-tools) + * [DDoS Tools](#ddos-tools) * [Tools](#tools) * [Penetration Testing Distributions](#penetration-testing-distributions) * [Docker for Penetration Testing](#docker-for-penetration-testing) * [Multi-paradigm Frameworks](#multi-paradigm-frameworks) - * [Wireless Network Tools](#wireless-network-tools) - * [Transport Layer Security Tools](#transport-layer-security-tools) * [Web Exploitation](#web-exploitation) * [Hex Editors](#hex-editors) * [File Format Analysis Tools](#file-format-analysis-tools) @@ -41,7 +42,6 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea * [Windows Utilities](#windows-utilities) * [GNU/Linux Utilities](#gnulinux-utilities) * [macOS Utilities](#macos-utilities) - * [DDoS Tools](#ddos-tools) * [Social Engineering Tools](#social-engineering-tools) * [OSINT Tools](#osint-tools) * [Anonymity Tools](#anonymity-tools) @@ -234,6 +234,60 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea * [Lambda-Proxy](https://github.com/puresec/lambda-proxy) - Utility for testing SQL Injection vulnerabilities on AWS Lambda serverless functions. * [Habu](https://github.com/portantier/habu) - Python utility implementing a variety of network attacks, such as ARP poisoning, DHCP starvation, and more. +### Transport Layer Security Tools + +* [SSLyze](https://github.com/nabla-c0d3/sslyze) - Fast and comprehensive TLS/SSL configuration analyzer to help identify security mis-configurations. +* [tls_prober](https://github.com/WestpointLtd/tls_prober) - Fingerprint a server's SSL/TLS implementation. +* [testssl.sh](https://github.com/drwetter/testssl.sh) - Command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws. +* [crackpkcs12](https://github.com/crackpkcs12/crackpkcs12) - Multithreaded program to crack PKCS#12 files (`.p12` and `.pfx` extensions), such as TLS/SSL certificates. + +### Web Exploitation + +* [OWASP Zed Attack Proxy (ZAP)](https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project) - Feature-rich, scriptable HTTP intercepting proxy and fuzzer for penetration testing web applications. +* [Fiddler](https://www.telerik.com/fiddler) - Free cross-platform web debugging proxy with user-friendly companion tools. +* [Burp Suite](https://portswigger.net/burp/) - Integrated platform for performing security testing of web applications. +* [autochrome](https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/march/autochrome/) - Easy to install a test browser with all the appropriate setting needed for web application testing with native Burp support, from NCCGroup. +* [Browser Exploitation Framework (BeEF)](https://github.com/beefproject/beef) - Command and control server for delivering exploits to commandeered Web browsers. +* [Offensive Web Testing Framework (OWTF)](https://www.owasp.org/index.php/OWASP_OWTF) - Python-based framework for pentesting Web applications based on the OWASP Testing Guide. +* [Wordpress Exploit Framework](https://github.com/rastating/wordpress-exploit-framework) - Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems. +* [WPSploit](https://github.com/espreto/wpsploit) - Exploit WordPress-powered websites with Metasploit. +* [SQLmap](http://sqlmap.org/) - Automatic SQL injection and database takeover tool. +* [tplmap](https://github.com/epinna/tplmap) - Automatic server-side template injection and Web server takeover tool. +* [weevely3](https://github.com/epinna/weevely3) - Weaponized web shell. +* [Wappalyzer](https://www.wappalyzer.com/) - Wappalyzer uncovers the technologies used on websites. +* [WhatWeb](https://github.com/urbanadventurer/WhatWeb) - Website fingerprinter. +* [BlindElephant](http://blindelephant.sourceforge.net/) - Web application fingerprinter. +* [wafw00f](https://github.com/EnableSecurity/wafw00f) - Identifies and fingerprints Web Application Firewall (WAF) products. +* [fimap](https://github.com/kurobeats/fimap) - Find, prepare, audit, exploit and even Google automatically for LFI/RFI bugs. +* [Kadabra](https://github.com/D35m0nd142/Kadabra) - Automatic LFI exploiter and scanner. +* [Kadimus](https://github.com/P0cL4bs/Kadimus) - LFI scan and exploit tool. +* [liffy](https://github.com/hvqzao/liffy) - LFI exploitation tool. +* [Commix](https://github.com/commixproject/commix) - Automated all-in-one operating system command injection and exploitation tool. +* [DVCS Ripper](https://github.com/kost/dvcs-ripper) - Rip web accessible (distributed) version control systems: SVN/GIT/HG/BZR. +* [GitTools](https://github.com/internetwache/GitTools) - Automatically find and download Web-accessible `.git` repositories. +* [sslstrip](https://www.thoughtcrime.org/software/sslstrip/) - Demonstration of the HTTPS stripping attacks. +* [sslstrip2](https://github.com/LeonardoNve/sslstrip2) - SSLStrip version to defeat HSTS. +* [NoSQLmap](https://github.com/codingo/NoSQLMap) - Automatic NoSQL injection and database takeover tool. +* [VHostScan](https://github.com/codingo/VHostScan) - A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages. +* [FuzzDB](https://github.com/fuzzdb-project/fuzzdb) - Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery. +* [EyeWitness](https://github.com/ChrisTruncer/EyeWitness) - Tool to take screenshots of websites, provide some server header info, and identify default credentials if possible. +* [webscreenshot](https://github.com/maaaaz/webscreenshot) - A simple script to take screenshots of list of websites. +* [recursebuster](https://github.com/c-sto/recursebuster) - Content discovery tool to perform directory and file bruteforcing. +* [Raccoon](https://github.com/evyatarmeged/Raccoon) - High performance offensive security tool for reconnaissance and vulnerability scanning. +* [WhatWaf](https://github.com/Ekultek/WhatWaf) - Detect and bypass web application firewalls and protection systems. +* [badtouch](https://github.com/kpcyrd/badtouch) - Scriptable network authentication cracker. + +### DDoS Tools + +* [LOIC](https://github.com/NewEraCracker/LOIC/) - Open source network stress tool for Windows. +* [JS LOIC](http://metacortexsecurity.com/tools/anon/LOIC/LOICv1.html) - JavaScript in-browser version of LOIC. +* [SlowLoris](https://github.com/gkbrk/slowloris) - DoS tool that uses low bandwidth on the attacking side. +* [HOIC](https://sourceforge.net/projects/high-orbit-ion-cannon/) - Updated version of Low Orbit Ion Cannon, has 'boosters' to get around common counter measures. +* [T50](https://gitlab.com/fredericopissarra/t50/) - Faster network stress tool. +* [UFONet](https://github.com/epsylon/ufonet) - Abuses OSI layer 7 HTTP to create/manage 'zombies' and to conduct different attacks using; `GET`/`POST`, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc. +* [Memcrashed](https://github.com/649/Memcrashed-DDoS-Exploit) - DDoS attack tool for sending forged UDP packets to vulnerable Memcached servers obtained using Shodan API. +* [Anevicon](https://github.com/Gymmasssorla/anevicon) - The most powerful UDP-based load generator, written in Rust. + ## Tools @@ -297,49 +351,6 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea * [wifi-arsenal](https://github.com/0x90/wifi-arsenal) - Resources for Wi-Fi Pentesting. * [WiFi-Pumpkin](https://github.com/P0cL4bs/WiFi-Pumpkin) - Framework for rogue Wi-Fi access point attack. -### Transport Layer Security Tools - -* [SSLyze](https://github.com/nabla-c0d3/sslyze) - Fast and comprehensive TLS/SSL configuration analyzer to help identify security mis-configurations. -* [tls_prober](https://github.com/WestpointLtd/tls_prober) - Fingerprint a server's SSL/TLS implementation. -* [testssl.sh](https://github.com/drwetter/testssl.sh) - Command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws. -* [crackpkcs12](https://github.com/crackpkcs12/crackpkcs12) - Multithreaded program to crack PKCS#12 files (`.p12` and `.pfx` extensions), such as TLS/SSL certificates. - -### Web Exploitation - -* [OWASP Zed Attack Proxy (ZAP)](https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project) - Feature-rich, scriptable HTTP intercepting proxy and fuzzer for penetration testing web applications. -* [Fiddler](https://www.telerik.com/fiddler) - Free cross-platform web debugging proxy with user-friendly companion tools. -* [Burp Suite](https://portswigger.net/burp/) - Integrated platform for performing security testing of web applications. -* [autochrome](https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/march/autochrome/) - Easy to install a test browser with all the appropriate setting needed for web application testing with native Burp support, from NCCGroup. -* [Browser Exploitation Framework (BeEF)](https://github.com/beefproject/beef) - Command and control server for delivering exploits to commandeered Web browsers. -* [Offensive Web Testing Framework (OWTF)](https://www.owasp.org/index.php/OWASP_OWTF) - Python-based framework for pentesting Web applications based on the OWASP Testing Guide. -* [Wordpress Exploit Framework](https://github.com/rastating/wordpress-exploit-framework) - Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems. -* [WPSploit](https://github.com/espreto/wpsploit) - Exploit WordPress-powered websites with Metasploit. -* [SQLmap](http://sqlmap.org/) - Automatic SQL injection and database takeover tool. -* [tplmap](https://github.com/epinna/tplmap) - Automatic server-side template injection and Web server takeover tool. -* [weevely3](https://github.com/epinna/weevely3) - Weaponized web shell. -* [Wappalyzer](https://www.wappalyzer.com/) - Wappalyzer uncovers the technologies used on websites. -* [WhatWeb](https://github.com/urbanadventurer/WhatWeb) - Website fingerprinter. -* [BlindElephant](http://blindelephant.sourceforge.net/) - Web application fingerprinter. -* [wafw00f](https://github.com/EnableSecurity/wafw00f) - Identifies and fingerprints Web Application Firewall (WAF) products. -* [fimap](https://github.com/kurobeats/fimap) - Find, prepare, audit, exploit and even Google automatically for LFI/RFI bugs. -* [Kadabra](https://github.com/D35m0nd142/Kadabra) - Automatic LFI exploiter and scanner. -* [Kadimus](https://github.com/P0cL4bs/Kadimus) - LFI scan and exploit tool. -* [liffy](https://github.com/hvqzao/liffy) - LFI exploitation tool. -* [Commix](https://github.com/commixproject/commix) - Automated all-in-one operating system command injection and exploitation tool. -* [DVCS Ripper](https://github.com/kost/dvcs-ripper) - Rip web accessible (distributed) version control systems: SVN/GIT/HG/BZR. -* [GitTools](https://github.com/internetwache/GitTools) - Automatically find and download Web-accessible `.git` repositories. -* [sslstrip](https://www.thoughtcrime.org/software/sslstrip/) - Demonstration of the HTTPS stripping attacks. -* [sslstrip2](https://github.com/LeonardoNve/sslstrip2) - SSLStrip version to defeat HSTS. -* [NoSQLmap](https://github.com/codingo/NoSQLMap) - Automatic NoSQL injection and database takeover tool. -* [VHostScan](https://github.com/codingo/VHostScan) - A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages. -* [FuzzDB](https://github.com/fuzzdb-project/fuzzdb) - Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery. -* [EyeWitness](https://github.com/ChrisTruncer/EyeWitness) - Tool to take screenshots of websites, provide some server header info, and identify default credentials if possible. -* [webscreenshot](https://github.com/maaaaz/webscreenshot) - A simple script to take screenshots of list of websites. -* [recursebuster](https://github.com/c-sto/recursebuster) - Content discovery tool to perform directory and file bruteforcing. -* [Raccoon](https://github.com/evyatarmeged/Raccoon) - High performance offensive security tool for reconnaissance and vulnerability scanning. -* [WhatWaf](https://github.com/Ekultek/WhatWaf) - Detect and bypass web application firewalls and protection systems. -* [badtouch](https://github.com/kpcyrd/badtouch) - Scriptable network authentication cracker. - ### Hex Editors * [HexEdit.js](https://hexed.it) - Browser-based hex editing. @@ -414,17 +425,6 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea * [Bella](https://github.com/kdaoudieh/Bella) - Pure Python post-exploitation data mining and remote administration tool for macOS. * [EvilOSX](https://github.com/Marten4n6/EvilOSX) - Modular RAT that uses numerous evasion and exfiltration techniques out-of-the-box. -### DDoS Tools - -* [LOIC](https://github.com/NewEraCracker/LOIC/) - Open source network stress tool for Windows. -* [JS LOIC](http://metacortexsecurity.com/tools/anon/LOIC/LOICv1.html) - JavaScript in-browser version of LOIC. -* [SlowLoris](https://github.com/gkbrk/slowloris) - DoS tool that uses low bandwidth on the attacking side. -* [HOIC](https://sourceforge.net/projects/high-orbit-ion-cannon/) - Updated version of Low Orbit Ion Cannon, has 'boosters' to get around common counter measures. -* [T50](https://gitlab.com/fredericopissarra/t50/) - Faster network stress tool. -* [UFONet](https://github.com/epsylon/ufonet) - Abuses OSI layer 7 HTTP to create/manage 'zombies' and to conduct different attacks using; `GET`/`POST`, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc. -* [Memcrashed](https://github.com/649/Memcrashed-DDoS-Exploit) - DDoS attack tool for sending forged UDP packets to vulnerable Memcached servers obtained using Shodan API. -* [Anevicon](https://github.com/Gymmasssorla/anevicon) - The most powerful UDP-based load generator, written in Rust. - ### Social Engineering Tools * [Social Engineer Toolkit (SET)](https://github.com/trustedsec/social-engineer-toolkit) - Open source pentesting framework designed for social engineering featuring a number of custom attack vectors to make believable attacks quickly. From 0bc9cf295427d864d844485713f7605b3e16743d Mon Sep 17 00:00:00 2001 From: ZJ Date: Wed, 27 Mar 2019 14:33:49 -0400 Subject: [PATCH 4/4] awesome-lint: added defcon to excluded link-check domains --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index f944386..79c2ff5 100644 --- a/.travis.yml +++ b/.travis.yml @@ -10,4 +10,4 @@ install: - gem install awesome_bot script: - - awesome_bot README.md --allow-redirect --white-list "www.0day.today,mvfjfugdwgc5uwho.onion,creativecommons.org,netsparker.com,www.shodan.io,www.mhprofessional.com,ghostproject.fr,www.zoomeye.org" + - awesome_bot README.md --allow-redirect --white-list "www.defcon.org,www.0day.today,mvfjfugdwgc5uwho.onion,creativecommons.org,netsparker.com,www.shodan.io,www.mhprofessional.com,ghostproject.fr,www.zoomeye.org"