From b025fd1256672c70e7955843c66ef305d238d819 Mon Sep 17 00:00:00 2001 From: Samar Dhwoj Acharya Date: Sun, 13 Mar 2016 10:51:32 -0500 Subject: [PATCH 01/35] Update README.md Add info from various PRs Some typo fix Some additions --- README.md | 35 +++++++++++++++++++++++++++++------ 1 file changed, 29 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index c1af9a1..5560935 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ A collection of awesome penetration testing resources - [Online Resources](#online-resources) - [Penetration Testing Resources](#penetration-testing-resources) - - [Shellcode development](#shellcode-development) + - [Exploit development](#exploit-development) - [Social Engineering Resources](#social-engineering-resources) - [Lock Picking Resources](#lock-picking-resources) - [Tools](#tools) @@ -22,7 +22,7 @@ A collection of awesome penetration testing resources - [DDoS Tools](#ddos-tools) - [Social Engineering Tools](#social-engineering-tools) - [OSInt Tools](#osint-tools) - - [Anonimity Tools](#anonimity-tools) + - [Anonymity Tools](#anonymity-tools) - [Reverse Engineering Tools](#reverse-engineering-tools) - [Books](#books) - [Penetration Testing Books](#penetration-testing-books) @@ -48,9 +48,10 @@ A collection of awesome penetration testing resources * [PTES](http://www.pentest-standard.org/) - Penetration Testing Execution Standard * [OWASP](https://www.owasp.org/index.php/Main_Page) - Open Web Application Security Project -#### Shellcode development -* [Shellcode Tutorials](http://www.projectshellcode.com/?q=node/12) - Tutorials on how to write shellcode +#### Exploit development +* [Shellcode Tutorial](http://www.vividmachines.com/shellcode/shellcode.html) - Tutorial on how to write shellcode * [Shellcode Examples](http://shell-storm.org/shellcode/) - Shellcodes database +* [Exploit Writing Tutorials](https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/) - Tutorials on how to develop exploits #### Social Engineering Resources * [Social Engineering Framework](http://www.social-engineer.org/framework/) - An information resource for social engineers @@ -71,6 +72,9 @@ A collection of awesome penetration testing resources * [Metasploit Framework](http://www.metasploit.com/) - World's most used penetration testing software * [Burp Suite](http://portswigger.net/burp/) - An integrated platform for performing security testing of web applications * [ExploitPack](http://exploitpack.com/) - Graphical tool for penetration testing with a bunch of exploits +* [BeeF](https://github.com/beefproject/beef) - The Browser Exploitation Framework Project +* [faraday](https://github.com/infobyte/faraday) - Collaborative Penetration Test and Vulnerability Management Platform +* [evilgrade](https://github.com/infobyte/evilgrade) - The update explotation framework #### Vulnerability Scanners * [Netsparker](https://www.netsparker.com/communityedition/) - Web Application Security Scanner @@ -92,6 +96,7 @@ A collection of awesome penetration testing resources * [netsniff-ng](https://github.com/netsniff-ng/netsniff-ng) - A Swiss army knife for for network sniffing * [Intercepter-NG](http://intercepter.nerf.ru/) - a multifunctional network toolkit * [SPARTA](http://sparta.secforce.com/) - Network Infrastructure Penetration Testing Tool +* [DNSDumpster](https://dnsdumpster.com/) - Online DNS recond and search service #### Wireless Network Tools * [Aircrack-ng](http://www.aircrack-ng.org/) - a set of tools for auditing wireless network @@ -124,9 +129,10 @@ A collection of awesome penetration testing resources #### OSInt Tools * [Maltego](http://www.paterva.com/web6/products/maltego.php) - Proprietary software for open source intelligence and forensics, from Paterva. -#### Anonimity Tools +#### Anonymity Tools * [Tor](https://www.torproject.org/) - The free software for enabling onion routing online anonymity * [I2P](https://geti2p.net) - The Invisible Internet Project +* [Nipe](https://github.com/HeitorG/nipe) - Script to redirect all traffic from the machine to the Tor network. #### Reverse Engineering Tools * [IDA Pro](https://www.hex-rays.com/products/ida/) - A Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger @@ -241,11 +247,19 @@ A collection of awesome penetration testing resources * [Troopers](https://www.troopers.de) - Annual international IT Security event with workshops held in Heidelberg, Germany * [Hack3rCon](http://hack3rcon.org/) - An annual US hacker conference * [ThotCon](http://thotcon.org/) - An annual US hacker conference held in Chicago -* [LayerOne](http://www.layerone.org/) - An annual US security conerence held every spring in Los Angeles +* [LayerOne](http://www.layerone.org/) - An annual US security conference held every spring in Los Angeles * [DeepSec](https://deepsec.net/) - Security Conference in Vienna, Austria * [SkyDogCon](http://www.skydogcon.com/) - A technology conference in Nashville * [SECUINSIDE](http://secuinside.com) - Security Conference in [Seoul](http://en.wikipedia.org/wiki/Seoul) * [DefCamp](http://defcamp.ro) - Largest Security Conference in Eastern Europe, held anually in Bucharest, Romania +* [AppSecUSA](https://appsecusa.org/) - An annual conference organised by OWASP +* [BruCON](http://brucon.org) - An annual security conference in Belgium +* [Infosecurity Europe](http://www.infosecurityeurope.com/) - Europe's number one information security event, held in London, UK +* [Nullcon](http://nullcon.net/website/) - An annual conference in Delhi and Goa, India +* [RSA Conference USA](http://www.rsaconference.com/) - An annual security conference in San Francisco, California, USA +* [Swiss Cyber Storm](https://www.swisscyberstorm.com/) - An annual security conference in Lucerne, Switzerland +* [Virus Bulletin Conference](https://www.virusbtn.com/conference/index) - An annual conference going to be held in Denver, USA for 2016 +* [Ekoparty](http://www.ekoparty.org) - Largest Security Conference in Latin America, held annually in Buenos Aires, Argentina ### Information Security Magazines @@ -269,6 +283,15 @@ A collection of awesome penetration testing resources * [Python Programming by @vinta](https://github.com/vinta/awesome-python) - General Python programming * [Android Security](https://github.com/ashishb/android-security-awesome) - A collection of android security related resources * [Awesome Awesomness](https://github.com/bayandin/awesome-awesomeness) - The List of the Lists +* [AppSec](https://github.com/paragonie/awesome-appsec) - Resources for learning about application security +* [CTFs](https://github.com/apsdehal/awesome-ctf) - Capture The Flag frameworks, libraries, etc +* [Hacking](https://github.com/carpedm20/awesome-hacking) - Tutorials, tools, and resources +* [Honeypots](https://github.com/paralax/awesome-honeypots) - Honeypots, tools, components, and more +* [Infosec](https://github.com/onlurking/awesome-infosec) - Information security resources for pentesting, forensics, and more +* [Malware Analysis](https://github.com/rshipp/awesome-malware-analysis) - Tools and resources for analysts +* [PCAP Tools](https://github.com/caesar0301/awesome-pcaptools) - Tools for processing network traffic +* [Security](https://github.com/sbilly/awesome-security) - Software, libraries, documents, and other resources +* [Awesome List](https://github.com/sindresorhus/awesome) - A curated list of awesome lists ### Contribution From 38313fa836ffbe58869e366295cebb2c01f9b53b Mon Sep 17 00:00:00 2001 From: Samar Dhwoj Acharya Date: Sun, 13 Mar 2016 11:15:28 -0500 Subject: [PATCH 02/35] More updates and additions Added more tools and categories --- README.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/README.md b/README.md index 5560935..e2adf3b 100644 --- a/README.md +++ b/README.md @@ -24,6 +24,7 @@ A collection of awesome penetration testing resources - [OSInt Tools](#osint-tools) - [Anonymity Tools](#anonymity-tools) - [Reverse Engineering Tools](#reverse-engineering-tools) + - [CTF Tools](#ctf-tools) - [Books](#books) - [Penetration Testing Books](#penetration-testing-books) - [Hackers Handbook Series](#hackers-handbook-series) @@ -52,6 +53,7 @@ A collection of awesome penetration testing resources * [Shellcode Tutorial](http://www.vividmachines.com/shellcode/shellcode.html) - Tutorial on how to write shellcode * [Shellcode Examples](http://shell-storm.org/shellcode/) - Shellcodes database * [Exploit Writing Tutorials](https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/) - Tutorials on how to develop exploits +* [GDB-peda](https://github.com/longld/peda) - Python Exploit Development Assistance for GDB #### Social Engineering Resources * [Social Engineering Framework](http://www.social-engineer.org/framework/) - An information resource for social engineers @@ -75,6 +77,7 @@ A collection of awesome penetration testing resources * [BeeF](https://github.com/beefproject/beef) - The Browser Exploitation Framework Project * [faraday](https://github.com/infobyte/faraday) - Collaborative Penetration Test and Vulnerability Management Platform * [evilgrade](https://github.com/infobyte/evilgrade) - The update explotation framework +* [WPScan](http://wpscan.org/) - Black box WordPress vulnerability scanner #### Vulnerability Scanners * [Netsparker](https://www.netsparker.com/communityedition/) - Web Application Security Scanner @@ -87,6 +90,7 @@ A collection of awesome penetration testing resources * [w3af](https://github.com/andresriancho/w3af) - Web application attack and audit framework * [Wapiti](http://wapiti.sourceforge.net/) - Web application vulnerability scanner * [WebReaver](http://www.webreaver.com/) - Web application vulnerability scanner for Mac OS X +* [DVCS Ripper](https://github.com/kost/dvcs-ripper) - Rip web accessible (distributed) version control systems: SVN/GIT/HG/BZR #### Network Tools * [nmap](http://nmap.org/) - Free Security Scanner For Network Exploration & Security Audits @@ -97,11 +101,13 @@ A collection of awesome penetration testing resources * [Intercepter-NG](http://intercepter.nerf.ru/) - a multifunctional network toolkit * [SPARTA](http://sparta.secforce.com/) - Network Infrastructure Penetration Testing Tool * [DNSDumpster](https://dnsdumpster.com/) - Online DNS recond and search service +* [Mass Scan](https://github.com/robertdavidgraham/masscan) - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. #### Wireless Network Tools * [Aircrack-ng](http://www.aircrack-ng.org/) - a set of tools for auditing wireless network * [Kismet](https://kismetwireless.net/) - Wireless network detector, sniffer, and IDS * [Reaver](https://code.google.com/p/reaver-wps/) - Brute force attack against Wifi Protected Setup + * [Wifite](https://github.com/derv82/wifite) - Automated wireless attack tool #### SSL Analysis Tools * [SSLyze](https://github.com/nabla-c0d3/sslyze) - SSL configuration scanner @@ -113,6 +119,7 @@ A collection of awesome penetration testing resources #### Crackers * [John the Ripper](http://www.openwall.com/john/) - Fast password cracker * [Online MD5 cracker](http://www.md5crack.com/) - Online MD5 hash Cracker +* [Hashcat](http://hashcat.net/oclhashcat/) - The more fast hash cracker #### Windows Utils * [Sysinternals Suite](http://technet.microsoft.com/en-us/sysinternals/bb842062) - The Sysinternals Troubleshooting Utilities @@ -122,6 +129,7 @@ A collection of awesome penetration testing resources #### DDoS Tools * [LOIC](https://github.com/NewEraCracker/LOIC/) - An open source network stress tool for Windows * [JS LOIC](http://metacortexsecurity.com/tools/anon/LOIC/LOICv1.html) - JavaScript in-browser version of LOIC +* [T50](http://sourceforge.net/projects/t50/) - The more fast network stress tool #### Social Engineering Tools * [SET](https://github.com/trustedsec/social-engineer-toolkit) - The Social-Engineer Toolkit from TrustedSec @@ -145,7 +153,10 @@ A collection of awesome penetration testing resources * [Bokken](https://inguma.eu/projects/bokken) - GUI for Pyew Radare2. * [Immunity Debugger](http://debugger.immunityinc.com/) - A powerful new way to write exploits and analyze malware * [Evan's Debugger](http://www.codef00.com/projects#debugger) - OllyDbg-like debugger for Linux +* [Medusa disassembler](https://github.com/wisk/medusa) - An open source interactive disassembler +#### CTF Tools +* [Pwntools](https://github.com/Gallopsled/pwntools) - CTF framework for use in CTFs ### Books #### Penetration Testing Books @@ -292,6 +303,7 @@ A collection of awesome penetration testing resources * [PCAP Tools](https://github.com/caesar0301/awesome-pcaptools) - Tools for processing network traffic * [Security](https://github.com/sbilly/awesome-security) - Software, libraries, documents, and other resources * [Awesome List](https://github.com/sindresorhus/awesome) - A curated list of awesome lists +* [SecLists](https://github.com/danielmiessler/SecLists) - Collection of multiple types of lists used during security assessments ### Contribution From c6727e4ad4bfa92a5d3e9881e66b177af01efd2a Mon Sep 17 00:00:00 2001 From: techgaun Date: Sun, 13 Mar 2016 11:18:36 -0500 Subject: [PATCH 03/35] add basic contributing guideline --- .github/CONTRIBUTING.md | 28 ++++++++++++++++++++++++++++ README.md | 1 + 2 files changed, 29 insertions(+) create mode 100644 .github/CONTRIBUTING.md diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md new file mode 100644 index 0000000..860f376 --- /dev/null +++ b/.github/CONTRIBUTING.md @@ -0,0 +1,28 @@ +# Contribution Guidelines + +## Table of Contents + +- [Adding to this list](#adding-to-this-list) +- [Updating your Pull Request](#updating-your-pull-request) + +## Adding to this list + +Please ensure your pull request adheres to the following guidelines: + +- Search previous suggestions before making a new one, as yours may be a duplicate. +- Make sure the list is useful before submitting. That implies it has enough content and every item has a good succinct description. +- Make an individual pull request for each suggestion. +- Use [title-casing](http://titlecapitalization.com) (AP style). +- Use the following format: `[List Name](link)` +- Link additions should be added to the bottom of the relevant category. +- New categories or improvements to the existing categorization are welcome. +- Check your spelling and grammar. +- Make sure your text editor is set to remove trailing whitespace. +- The pull request and commit should have a useful title. +- The body of your commit message should contain a link to the repository. + +## Updating your Pull Request + +Sometimes, a maintainer of an awesome list will ask you to edit your Pull Request before it is included. This is normally due to spelling errors or because your PR didn't match the awesome-* list guidelines. + +[Here](https://github.com/RichardLitt/docs/blob/master/amending-a-commit-guide.md) is a write up on how to change a Pull Request, and the different ways you can do that. diff --git a/README.md b/README.md index e2adf3b..4a7571b 100644 --- a/README.md +++ b/README.md @@ -308,6 +308,7 @@ A collection of awesome penetration testing resources ### Contribution Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕) +Please check the [Contributing Guidelines](.github/CONTRIBUTING.md) for more details. ### License From 36b999548f6043e481caa5a74f1bbac7d804b309 Mon Sep 17 00:00:00 2001 From: Samar Dhwoj Acharya Date: Sun, 13 Mar 2016 11:23:01 -0500 Subject: [PATCH 04/35] Update README.md fix formatting --- README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/README.md b/README.md index 4a7571b..9836bf5 100644 --- a/README.md +++ b/README.md @@ -307,8 +307,7 @@ A collection of awesome penetration testing resources ### Contribution -Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕) -Please check the [Contributing Guidelines](.github/CONTRIBUTING.md) for more details. +Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Please check the [Contributing Guidelines](.github/CONTRIBUTING.md) for more details. ### License From 09bf297601b848bb457d22eae578b3fa06ced4f3 Mon Sep 17 00:00:00 2001 From: Samar Dhwoj Acharya Date: Sun, 13 Mar 2016 11:39:55 -0500 Subject: [PATCH 05/35] Update README.md Add awesome-sec-talks to the list --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 9836bf5..2ae95cf 100644 --- a/README.md +++ b/README.md @@ -304,6 +304,7 @@ A collection of awesome penetration testing resources * [Security](https://github.com/sbilly/awesome-security) - Software, libraries, documents, and other resources * [Awesome List](https://github.com/sindresorhus/awesome) - A curated list of awesome lists * [SecLists](https://github.com/danielmiessler/SecLists) - Collection of multiple types of lists used during security assessments +* [Security Talks](https://github.com/PaulSec/awesome-sec-talks) - A curated list of security conferences ### Contribution From 7a26aa0ee41d732ba8832e938814dfc9dc10ff56 Mon Sep 17 00:00:00 2001 From: Samar Dhwoj Acharya Date: Sun, 13 Mar 2016 11:43:10 -0500 Subject: [PATCH 06/35] Update CONTRIBUTING.md --- .github/CONTRIBUTING.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 860f376..0d99365 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -10,10 +10,11 @@ Please ensure your pull request adheres to the following guidelines: - Search previous suggestions before making a new one, as yours may be a duplicate. -- Make sure the list is useful before submitting. That implies it has enough content and every item has a good succinct description. +- Make sure the submission is useful before submitting. - Make an individual pull request for each suggestion. - Use [title-casing](http://titlecapitalization.com) (AP style). -- Use the following format: `[List Name](link)` +- Use the following format: `[List Name](link) - Optional Description`. +- Optional descriptions are useful when the name itself is not descriptive. - Link additions should be added to the bottom of the relevant category. - New categories or improvements to the existing categorization are welcome. - Check your spelling and grammar. @@ -23,6 +24,6 @@ Please ensure your pull request adheres to the following guidelines: ## Updating your Pull Request -Sometimes, a maintainer of an awesome list will ask you to edit your Pull Request before it is included. This is normally due to spelling errors or because your PR didn't match the awesome-* list guidelines. +Sometimes, a maintainer of an awesome list will ask you to edit your Pull Request before it is included. This is normally due to spelling errors or because your PR didn't make any useful addition. [Here](https://github.com/RichardLitt/docs/blob/master/amending-a-commit-guide.md) is a write up on how to change a Pull Request, and the different ways you can do that. From 51ca76a4f12f4fa3c849275784445bc0ea2568fa Mon Sep 17 00:00:00 2001 From: rafael-santiago Date: Sun, 13 Mar 2016 15:43:42 -0300 Subject: [PATCH 07/35] Added pig --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index c1af9a1..5b01d9e 100644 --- a/README.md +++ b/README.md @@ -86,6 +86,7 @@ A collection of awesome penetration testing resources #### Network Tools * [nmap](http://nmap.org/) - Free Security Scanner For Network Exploration & Security Audits +* [pig](https://github.com/rafael-santiago/pig) - A Linux packet crafting tool. * [tcpdump/libpcap](http://www.tcpdump.org/) - A common packet analyzer that runs under the command line * [Wireshark](http://www.wireshark.org/) - A network protocol analyzer for Unix and Windows * [Network Tools](http://network-tools.com/) - Different network tools: ping, lookup, whois, etc From d6f16b245dcdb29e7709a4e3341f239cb3eabd9b Mon Sep 17 00:00:00 2001 From: rafael-santiago Date: Sun, 13 Mar 2016 15:46:27 -0300 Subject: [PATCH 08/35] typo --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 5b01d9e..47e2e4b 100644 --- a/README.md +++ b/README.md @@ -86,7 +86,7 @@ A collection of awesome penetration testing resources #### Network Tools * [nmap](http://nmap.org/) - Free Security Scanner For Network Exploration & Security Audits -* [pig](https://github.com/rafael-santiago/pig) - A Linux packet crafting tool. +* [pig](https://github.com/rafael-santiago/pig) - A Linux packet crafting tool * [tcpdump/libpcap](http://www.tcpdump.org/) - A common packet analyzer that runs under the command line * [Wireshark](http://www.wireshark.org/) - A network protocol analyzer for Unix and Windows * [Network Tools](http://network-tools.com/) - Different network tools: ping, lookup, whois, etc From 2008999b22b7e6ae85d43ff5e657502320cc6543 Mon Sep 17 00:00:00 2001 From: Karl Walsh Date: Thu, 17 Mar 2016 10:12:11 +0000 Subject: [PATCH 09/35] Update README.md Add 44Con --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 59bae04..5562f91 100644 --- a/README.md +++ b/README.md @@ -272,6 +272,7 @@ A collection of awesome penetration testing resources * [Swiss Cyber Storm](https://www.swisscyberstorm.com/) - An annual security conference in Lucerne, Switzerland * [Virus Bulletin Conference](https://www.virusbtn.com/conference/index) - An annual conference going to be held in Denver, USA for 2016 * [Ekoparty](http://www.ekoparty.org) - Largest Security Conference in Latin America, held annually in Buenos Aires, Argentina +* [44Con](http://44con.com/) - Annual Security Conference held in London ### Information Security Magazines From f2e073dccb6a2ec520aad376158dd84a7eb3994d Mon Sep 17 00:00:00 2001 From: barajus Date: Wed, 30 Mar 2016 13:47:17 +0200 Subject: [PATCH 10/35] Update README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 59bae04..1102f4b 100644 --- a/README.md +++ b/README.md @@ -78,6 +78,7 @@ A collection of awesome penetration testing resources * [faraday](https://github.com/infobyte/faraday) - Collaborative Penetration Test and Vulnerability Management Platform * [evilgrade](https://github.com/infobyte/evilgrade) - The update explotation framework * [WPScan](http://wpscan.org/) - Black box WordPress vulnerability scanner +* [SQLmap](http://http://sqlmap.org/) - Automatic SQL injection and database takeover tool #### Vulnerability Scanners * [Netsparker](https://www.netsparker.com/communityedition/) - Web Application Security Scanner From 2cbc4be46e94684d857516f684929015397b3bf4 Mon Sep 17 00:00:00 2001 From: barajus Date: Wed, 30 Mar 2016 16:45:30 +0200 Subject: [PATCH 11/35] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 1102f4b..05db7a6 100644 --- a/README.md +++ b/README.md @@ -78,7 +78,7 @@ A collection of awesome penetration testing resources * [faraday](https://github.com/infobyte/faraday) - Collaborative Penetration Test and Vulnerability Management Platform * [evilgrade](https://github.com/infobyte/evilgrade) - The update explotation framework * [WPScan](http://wpscan.org/) - Black box WordPress vulnerability scanner -* [SQLmap](http://http://sqlmap.org/) - Automatic SQL injection and database takeover tool +* [SQLmap](http://sqlmap.org/) - Automatic SQL injection and database takeover tool #### Vulnerability Scanners * [Netsparker](https://www.netsparker.com/communityedition/) - Web Application Security Scanner From fafe13ea658262ca33203c8526de4b2a5f94b223 Mon Sep 17 00:00:00 2001 From: Anastasios Stasinopoulos Date: Mon, 11 Apr 2016 17:38:41 +0300 Subject: [PATCH 12/35] Added commix tool --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 0caa3c2..0975530 100644 --- a/README.md +++ b/README.md @@ -79,6 +79,7 @@ A collection of awesome penetration testing resources * [evilgrade](https://github.com/infobyte/evilgrade) - The update explotation framework * [WPScan](http://wpscan.org/) - Black box WordPress vulnerability scanner * [SQLmap](http://sqlmap.org/) - Automatic SQL injection and database takeover tool +* [commix](https://github.com/stasinopoulos/commix) - Automated All-in-One OS Command Injection and Exploitation Tool #### Vulnerability Scanners * [Netsparker](https://www.netsparker.com/communityedition/) - Web Application Security Scanner From 9d92d655c15114a7d748c20d205e879fc4b44ec9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Patrik=20Hud=C3=A1k?= Date: Thu, 14 Apr 2016 20:28:38 +0200 Subject: [PATCH 13/35] Add tools, books & books cleanup (#51) * Add tools, books & books cleanup --- README.md | 69 +++++++++++++++++++++++++++++-------------------------- 1 file changed, 36 insertions(+), 33 deletions(-) diff --git a/README.md b/README.md index 0975530..179e564 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -## Awesome Penetration Testing +## Awesome Penetration Testing A collection of awesome penetration testing resources @@ -47,7 +47,7 @@ A collection of awesome penetration testing resources #### Penetration Testing Resources * [Metasploit Unleashed](http://www.offensive-security.com/metasploit-unleashed/) - Free Offensive Security metasploit course * [PTES](http://www.pentest-standard.org/) - Penetration Testing Execution Standard -* [OWASP](https://www.owasp.org/index.php/Main_Page) - Open Web Application Security Project +* [OWASP](https://www.owasp.org/index.php/Main_Page) - Open Web Application Security Project #### Exploit development * [Shellcode Tutorial](http://www.vividmachines.com/shellcode/shellcode.html) - Tutorial on how to write shellcode @@ -66,7 +66,7 @@ A collection of awesome penetration testing resources #### Penetration Testing Distributions * [Kali](http://www.kali.org/) - A Linux distribution designed for digital forensics and penetration testing * [BlackArch](http://www.blackarch.org/) - Arch Linux-based distribution for penetration testers and security researchers -* [NST](http://networksecuritytoolkit.org/) - Network Security Toolkit distribution +* [NST](http://networksecuritytoolkit.org/) - Network Security Toolkit distribution * [Pentoo](http://www.pentoo.ch/) - security-focused livecd based on Gentoo * [BackBox](http://www.backbox.org/) - Ubuntu-based distribution for penetration tests and security assessments @@ -104,7 +104,7 @@ A collection of awesome penetration testing resources * [Intercepter-NG](http://intercepter.nerf.ru/) - a multifunctional network toolkit * [SPARTA](http://sparta.secforce.com/) - Network Infrastructure Penetration Testing Tool * [DNSDumpster](https://dnsdumpster.com/) - Online DNS recond and search service -* [Mass Scan](https://github.com/robertdavidgraham/masscan) - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. +* [Mass Scan](https://github.com/robertdavidgraham/masscan) - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. #### Wireless Network Tools * [Aircrack-ng](http://www.aircrack-ng.org/) - a set of tools for auditing wireless network @@ -115,6 +115,7 @@ A collection of awesome penetration testing resources #### SSL Analysis Tools * [SSLyze](https://github.com/nabla-c0d3/sslyze) - SSL configuration scanner * [sslstrip](http://www.thoughtcrime.org/software/sslstrip/) - a demonstration of the HTTPS stripping attacks +* [sslstrip2](https://github.com/LeonardoNve/sslstrip2) - SSLStrip version to defeat HSTS #### Hex Editors * [HexEdit.js](http://hexed.it/) - Browser-based hex editing @@ -139,6 +140,11 @@ A collection of awesome penetration testing resources #### OSInt Tools * [Maltego](http://www.paterva.com/web6/products/maltego.php) - Proprietary software for open source intelligence and forensics, from Paterva. +* [theHarvester](https://github.com/laramies/theHarvester) - E-mail, subdomain and people names harvester +* [creepy](https://github.com/ilektrojohn/creepy) - A geolocation OSINT tool +* [metagoofil](https://github.com/laramies/metagoofil) - Metadata harvester +* [Google Hacking Database](https://www.exploit-db.com/google-hacking-database/) - a database of Google dorks; can be used for recon +* [Shodan](https://www.shodan.io/) - Shodan is the world's first search engine for Internet-connected devices #### Anonymity Tools * [Tor](https://www.torproject.org/) - The free software for enabling onion routing online anonymity @@ -159,55 +165,58 @@ A collection of awesome penetration testing resources * [Medusa disassembler](https://github.com/wisk/medusa) - An open source interactive disassembler #### CTF Tools -* [Pwntools](https://github.com/Gallopsled/pwntools) - CTF framework for use in CTFs +* [Pwntools](https://github.com/Gallopsled/pwntools) - CTF framework for use in CTFs ### Books #### Penetration Testing Books * [The Art of Exploitation by Jon Erickson, 2008](http://www.nostarch.com/hacking2.htm) -* [Metasploit: The Penetration Tester's Guide by David Kennedy and others, 2011](http://www.nostarch.com/metasploit) +* [Metasploit: The Penetration Tester's Guide by David Kennedy et al., 2011](http://www.nostarch.com/metasploit) * [Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman, 2014](http://www.nostarch.com/pentesting) * [Rtfm: Red Team Field Manual by Ben Clark, 2014](http://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504/) * [The Hacker Playbook by Peter Kim, 2014](http://www.amazon.com/The-Hacker-Playbook-Practical-Penetration/dp/1494932636/) * [The Basics of Hacking and Penetration Testing by Patrick Engebretson, 2013](https://www.elsevier.com/books/the-basics-of-hacking-and-penetration-testing/engebretson/978-1-59749-655-1) * [Professional Penetration Testing by Thomas Wilhelm, 2013](https://www.elsevier.com/books/professional-penetration-testing/wilhelm/978-1-59749-993-4) -* [Advanced Penetration Testing for Highly-Secured Environments by Lee Allen,2012](http://www.packtpub.com/advanced-penetration-testing-for-highly-secured-environments/book) +* [Advanced Penetration Testing for Highly-Secured Environments by Lee Allen, 2012](http://www.packtpub.com/advanced-penetration-testing-for-highly-secured-environments/book) * [Violent Python by TJ O'Connor, 2012](http://www.elsevier.com/books/violent-python/unknown/978-1-59749-957-6) -* [Fuzzing: Brute Force Vulnerability Discovery by Michael Sutton, Adam Greene, Pedram Amini, 2007](http://www.fuzzing.org/) -* [Black Hat Python: Python Programming for Hackers and Pentesters, 2014](http://www.amazon.com/Black-Hat-Python-Programming-Pentesters/dp/1593275900) -* [Penetration Testing: Procedures & Methodologies (EC-Council Press),2010](http://www.amazon.com/Penetration-Testing-Procedures-Methodologies-EC-Council/dp/1435483677) +* [Fuzzing: Brute Force Vulnerability Discovery by Michael Sutton et al., 2007](http://www.fuzzing.org/) +* [Black Hat Python: Python Programming for Hackers and Pentesters by Justin Seitz, 2014](http://www.amazon.com/Black-Hat-Python-Programming-Pentesters/dp/1593275900) +* [Penetration Testing: Procedures & Methodologies by EC-Council, 2010](http://www.amazon.com/Penetration-Testing-Procedures-Methodologies-EC-Council/dp/1435483677) +* [Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp, 2010](http://www.amazon.com/Unauthorised-Access-Physical-Penetration-Security-ebook/dp/B005DIAPKE) +* [Advanced Persistent Threat Hacking: The Art and Science of Hacking Any Organization by Tyler Wrightson, 2014](http://www.amazon.com/Advanced-Persistent-Threat-Hacking-Organization/dp/0071828362) #### Hackers Handbook Series -* [The Shellcoders Handbook by Chris Anley and others, 2007](http://wiley.com/WileyCDA/WileyTitle/productCd-047008023X.html) +* [The Shellcoders Handbook by Chris Anley et al., 2007](http://wiley.com/WileyCDA/WileyTitle/productCd-047008023X.html) * [The Web Application Hackers Handbook by D. Stuttard, M. Pinto, 2011](http://wiley.com/WileyCDA/WileyTitle/productCd-1118026470.html) -* [iOS Hackers Handbook by Charlie Miller and others, 2012](http://wiley.com/WileyCDA/WileyTitle/productCd-1118204123.html) -* [Android Hackers Handbook by Joshua J. Drake and others, 2014](http://wiley.com/WileyCDA/WileyTitle/productCd-111860864X.html) -* [The Browser Hackers Handbook by Wade Alcorn and others, 2014](http://wiley.com/WileyCDA/WileyTitle/productCd-1118662091.html) -* [The Mobile Application Hackers Handbook by Dominic Chell and others, 2015](http://wiley.com/WileyCDA/WileyTitle/productCd-1118958500.html) +* [iOS Hackers Handbook by Charlie Miller et al., 2012](http://wiley.com/WileyCDA/WileyTitle/productCd-1118204123.html) +* [Android Hackers Handbook by Joshua J. Drake et al., 2014](http://wiley.com/WileyCDA/WileyTitle/productCd-111860864X.html) +* [The Browser Hackers Handbook by Wade Alcorn et al., 2014](http://wiley.com/WileyCDA/WileyTitle/productCd-1118662091.html) +* [The Mobile Application Hackers Handbook by Dominic Chell et al., 2015](http://wiley.com/WileyCDA/WileyTitle/productCd-1118958500.html) #### Network Analysis Books * [Nmap Network Scanning by Gordon Fyodor Lyon, 2009](http://nmap.org/book/) * [Practical Packet Analysis by Chris Sanders, 2011](http://www.nostarch.com/packet2.htm) -* [Wireshark Network Analysis by by Laura Chappell, Gerald Combs, 2012](http://www.wiresharkbook.com/) +* [Wireshark Network Analysis by by Laura Chappell & Gerald Combs, 2012](http://www.wiresharkbook.com/) +* [Network Forensics: Tracking Hackers through Cyberspace by Sherri Davidoff & Jonathan Ham, 2012](http://www.amazon.com/Network-Forensics-Tracking-Hackers-Cyberspace-ebook/dp/B008CG8CYU/) #### Reverse Engineering Books -* [Reverse Engineering for Beginners by Dennis Yurichev (free!)](http://beginners.re/) +* [Reverse Engineering for Beginners by Dennis Yurichev](http://beginners.re/) * [The IDA Pro Book by Chris Eagle, 2011](http://www.nostarch.com/idapro2.htm) -* [Practical Reverse Engineering by Bruce Dang and others, 2014](http://wiley.com/WileyCDA/WileyTitle/productCd-1118787315.html) -* [Reverse Engineering for Beginners](http://beginners.re/) +* [Practical Reverse Engineering by Bruce Dang et al., 2014](http://wiley.com/WileyCDA/WileyTitle/productCd-1118787315.html) +* [Gray Hat Hacking The Ethical Hacker's Handbook by Daniel Regalado et al., 2015](http://www.amazon.com/Hacking-Ethical-Hackers-Handbook-Edition/dp/0071832386) #### Malware Analysis Books -* [Practical Malware Analysis by Michael Sikorski, Andrew Honig, 2012](http://www.nostarch.com/malware) -* [The Art of Memory Forensics by Michael Hale Ligh and others, 2014](http://wiley.com/WileyCDA/WileyTitle/productCd-1118825098.html) -* [Malware Analyst's Cookbook and DVD by Michael Hale Ligh and others, 2010](http://www.wiley.com/WileyCDA/WileyTitle/productCd-0470613033.html) +* [Practical Malware Analysis by Michael Sikorski & Andrew Honig, 2012](http://www.nostarch.com/malware) +* [The Art of Memory Forensics by Michael Hale Ligh et al., 2014](http://wiley.com/WileyCDA/WileyTitle/productCd-1118825098.html) +* [Malware Analyst's Cookbook and DVD by Michael Hale Ligh et al., 2010](http://www.wiley.com/WileyCDA/WileyTitle/productCd-0470613033.html) #### Windows Books -* [Windows Internals by Mark Russinovich, David Solomon, Alex Ionescu](http://technet.microsoft.com/en-us/sysinternals/bb963901.aspx) +* [Windows Internals by Mark Russinovich et al., 2012](http://www.amazon.com/Windows-Internals-Part-Developer-Reference/dp/0735648735/) #### Social Engineering Books -* [The Art of Deception by Kevin D. Mitnick, William L. Simon, 2002](http://wiley.com/WileyCDA/WileyTitle/productCd-0471237124.html) -* [The Art of Intrusion by Kevin D. Mitnick, William L. Simon, 2005](http://wiley.com/WileyCDA/WileyTitle/productCd-0764569597.html) -* [Ghost in the Wires by Kevin D. Mitnick, William L. Simon, 2011](http://www.hachettebookgroup.com/titles/kevin-mitnick/ghost-in-the-wires/9780316134477/) -* [No Tech Hacking by Johnny Long, Jack Wiles, 2008](http://www.elsevier.com/books/no-tech-hacking/mitnick/978-1-59749-215-7) +* [The Art of Deception by Kevin D. Mitnick & William L. Simon, 2002](http://wiley.com/WileyCDA/WileyTitle/productCd-0471237124.html) +* [The Art of Intrusion by Kevin D. Mitnick & William L. Simon, 2005](http://wiley.com/WileyCDA/WileyTitle/productCd-0764569597.html) +* [Ghost in the Wires by Kevin D. Mitnick & William L. Simon, 2011](http://www.hachettebookgroup.com/titles/kevin-mitnick/ghost-in-the-wires/9780316134477/) +* [No Tech Hacking by Johnny Long & Jack Wiles, 2008](http://www.elsevier.com/books/no-tech-hacking/mitnick/978-1-59749-215-7) * [Social Engineering: The Art of Human Hacking by Christopher Hadnagy, 2010](http://wiley.com/WileyCDA/WileyTitle/productCd-0470639539.html) * [Unmasking the Social Engineer: The Human Element of Security by Christopher Hadnagy, 2014](http://wiley.com/WileyCDA/WileyTitle/productCd-1118608577.html) * [Social Engineering in IT Security: Tools, Tactics, and Techniques by Sharon Conheady, 2014](http://www.mhprofessional.com/product.php?isbn=0071818464) @@ -219,7 +228,6 @@ A collection of awesome penetration testing resources * [Lock Picking: Detail Overkill by Solomon](https://www.dropbox.com/s/y39ix9u9qpqffct/Lockpicking%20Detail%20Overkill.pdf?dl=0) * [Eddie the Wire books](https://www.dropbox.com/sh/k3z4dm4vyyojp3o/AAAIXQuwMmNuCch_StLPUYm-a?dl=0) - ### Vulnerability Databases * [NVD](http://nvd.nist.gov/) - US National Vulnerability Database * [CERT](http://www.us-cert.gov/) - US Computer Emergency Readiness Team @@ -236,7 +244,6 @@ A collection of awesome penetration testing resources * [Vulnerability Laboratory](http://www.vulnerability-lab.com/) - Vulnerability Research Laboratory * [ZDI](http://www.zerodayinitiative.com/) - Zero Day Initiative - ### Security Courses * [Offensive Security Training](http://www.offensive-security.com/information-security-training/) - Training from BackTrack/Kali developers * [SANS Security Training](http://www.sans.org/) - Computer Security Training & Certification @@ -244,7 +251,6 @@ A collection of awesome penetration testing resources * [CTF Field Guide](https://trailofbits.github.io/ctf/) - everything you need to win your next CTF competition * [Cybrary](https://www.cybrary.it/) - online IT and Cyber Security training platform - ### Information Security Conferences * [DEF CON](https://www.defcon.org/) - An annual hacker convention in Las Vegas * [Black Hat](http://www.blackhat.com/) - An annual security conference in Las Vegas @@ -276,12 +282,10 @@ A collection of awesome penetration testing resources * [Ekoparty](http://www.ekoparty.org) - Largest Security Conference in Latin America, held annually in Buenos Aires, Argentina * [44Con](http://44con.com/) - Annual Security Conference held in London - ### Information Security Magazines * [2600: The Hacker Quarterly](http://www.2600.com/Magazine/DigitalEditions) - An American publication about technology and computer "underground" * [Phrack Magazine](http://www.phrack.org/) - By far the longest running hacker zine - ### Awesome Lists * [SecTools](http://sectools.org/) - Top 125 Network Security Tools * [C/C++ Programming](https://github.com/fffaraz/awesome-cpp) - One of the main language for open source security tools @@ -310,7 +314,6 @@ A collection of awesome penetration testing resources * [SecLists](https://github.com/danielmiessler/SecLists) - Collection of multiple types of lists used during security assessments * [Security Talks](https://github.com/PaulSec/awesome-sec-talks) - A curated list of security conferences - ### Contribution Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Please check the [Contributing Guidelines](.github/CONTRIBUTING.md) for more details. From 997e980d09ee519c1c59c9e407bf96c04862e090 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Patrik=20Hud=C3=A1k?= Date: Sun, 17 Apr 2016 01:58:09 +0200 Subject: [PATCH 14/35] Add tools (#52) Add tools, books & books cleanup --- README.md | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 179e564..7ae2e7b 100644 --- a/README.md +++ b/README.md @@ -77,8 +77,6 @@ A collection of awesome penetration testing resources * [BeeF](https://github.com/beefproject/beef) - The Browser Exploitation Framework Project * [faraday](https://github.com/infobyte/faraday) - Collaborative Penetration Test and Vulnerability Management Platform * [evilgrade](https://github.com/infobyte/evilgrade) - The update explotation framework -* [WPScan](http://wpscan.org/) - Black box WordPress vulnerability scanner -* [SQLmap](http://sqlmap.org/) - Automatic SQL injection and database takeover tool * [commix](https://github.com/stasinopoulos/commix) - Automated All-in-One OS Command Injection and Exploitation Tool #### Vulnerability Scanners @@ -105,6 +103,10 @@ A collection of awesome penetration testing resources * [SPARTA](http://sparta.secforce.com/) - Network Infrastructure Penetration Testing Tool * [DNSDumpster](https://dnsdumpster.com/) - Online DNS recond and search service * [Mass Scan](https://github.com/robertdavidgraham/masscan) - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. +* [Zarp](https://github.com/hatRiot/zarp) - Zarp is a network attack tool centered around the exploitation of local networks +* [mitmproxy](https://github.com/mitmproxy/mitmproxy) - An interactive SSL-capable intercepting HTTP proxy for penetration testers and software developers +* [mallory](https://github.com/justmao945/mallory) - HTTP/HTTPS proxy over SSH +* [DET](https://github.com/sensepost/DET) - DET is a proof of concept to perform Data Exfiltration using either single or multiple channel(s) at the same time #### Wireless Network Tools * [Aircrack-ng](http://www.aircrack-ng.org/) - a set of tools for auditing wireless network @@ -117,8 +119,15 @@ A collection of awesome penetration testing resources * [sslstrip](http://www.thoughtcrime.org/software/sslstrip/) - a demonstration of the HTTPS stripping attacks * [sslstrip2](https://github.com/LeonardoNve/sslstrip2) - SSLStrip version to defeat HSTS +#### Web exploitation +* [WPScan](http://wpscan.org/) - Black box WordPress vulnerability scanner +* [SQLmap](http://sqlmap.org/) - Automatic SQL injection and database takeover tool +* [weevely3](https://github.com/epinna/weevely3) - Weaponized web shell +* [Wappalyzer](https://wappalyzer.com/) - Wappalyzer uncovers the technologies used on websites + #### Hex Editors * [HexEdit.js](http://hexed.it/) - Browser-based hex editing +* [Hexinator](https://hexinator.com/) (commercial) - World's finest Hex Editor #### Crackers * [John the Ripper](http://www.openwall.com/john/) - Fast password cracker @@ -129,6 +138,7 @@ A collection of awesome penetration testing resources * [Sysinternals Suite](http://technet.microsoft.com/en-us/sysinternals/bb842062) - The Sysinternals Troubleshooting Utilities * [Windows Credentials Editor](http://www.ampliasecurity.com/research/windows-credentials-editor/) - security tool to list logon sessions and add, change, list and delete associated credentials * [mimikatz](http://blog.gentilkiwi.com/mimikatz) - Credentials extraction tool for Windows OS +* [PowerSpoit](https://github.com/PowerShellMafia/PowerSploit) - A PowerShell Post-Exploitation Framework #### DDoS Tools * [LOIC](https://github.com/NewEraCracker/LOIC/) - An open source network stress tool for Windows @@ -163,6 +173,7 @@ A collection of awesome penetration testing resources * [Immunity Debugger](http://debugger.immunityinc.com/) - A powerful new way to write exploits and analyze malware * [Evan's Debugger](http://www.codef00.com/projects#debugger) - OllyDbg-like debugger for Linux * [Medusa disassembler](https://github.com/wisk/medusa) - An open source interactive disassembler +* [plasma](https://github.com/joelpx/plasma) - Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code. #### CTF Tools * [Pwntools](https://github.com/Gallopsled/pwntools) - CTF framework for use in CTFs From e4c072b26241d188918e90899f75fdad64242ebf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Patrik=20Hud=C3=A1k?= Date: Sat, 23 Apr 2016 19:30:56 +0200 Subject: [PATCH 15/35] Add tools and books (#53) * Add tools, books & books cleanup * Add Shodan * Add tools * Add tools * Add tools and books * Add tools and books * Add tools and books * Add Kali tools list --- README.md | 33 +++++++++++++++++++++++++++++---- 1 file changed, 29 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 7ae2e7b..f706845 100644 --- a/README.md +++ b/README.md @@ -16,9 +16,11 @@ A collection of awesome penetration testing resources - [Network Tools](#network-tools) - [Wireless Network Tools](#wireless-network-tools) - [SSL Analysis Tools](#ssl-analysis-tools) + - [Web exploitation](#web-exploitation) - [Hex Editors](#hex-editors) - [Crackers](#crackers) - [Windows Utils](#windows-utils) + - [Linux Utils](#linux-utils) - [DDoS Tools](#ddos-tools) - [Social Engineering Tools](#social-engineering-tools) - [OSInt Tools](#osint-tools) @@ -54,6 +56,7 @@ A collection of awesome penetration testing resources * [Shellcode Examples](http://shell-storm.org/shellcode/) - Shellcodes database * [Exploit Writing Tutorials](https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/) - Tutorials on how to develop exploits * [GDB-peda](https://github.com/longld/peda) - Python Exploit Development Assistance for GDB +* [shellsploit](https://github.com/b3mb4m/shellsploit-framework) - New Generation Exploit Development Kit #### Social Engineering Resources * [Social Engineering Framework](http://www.social-engineer.org/framework/) - An information resource for social engineers @@ -91,6 +94,7 @@ A collection of awesome penetration testing resources * [Wapiti](http://wapiti.sourceforge.net/) - Web application vulnerability scanner * [WebReaver](http://www.webreaver.com/) - Web application vulnerability scanner for Mac OS X * [DVCS Ripper](https://github.com/kost/dvcs-ripper) - Rip web accessible (distributed) version control systems: SVN/GIT/HG/BZR +* [arachni](https://github.com/Arachni/arachni) - Web Application Security Scanner Framework #### Network Tools * [nmap](http://nmap.org/) - Free Security Scanner For Network Exploration & Security Audits @@ -107,12 +111,16 @@ A collection of awesome penetration testing resources * [mitmproxy](https://github.com/mitmproxy/mitmproxy) - An interactive SSL-capable intercepting HTTP proxy for penetration testers and software developers * [mallory](https://github.com/justmao945/mallory) - HTTP/HTTPS proxy over SSH * [DET](https://github.com/sensepost/DET) - DET is a proof of concept to perform Data Exfiltration using either single or multiple channel(s) at the same time +* [pwnat](https://github.com/samyk/pwnat) - punches holes in firewalls and NATs +* [dsniff](https://www.monkey.org/~dugsong/dsniff/) - a collection of tools for network auditing and pentesting +* [tgcd](http://tgcd.sourceforge.net/) - a simple Unix network utility to extend the accessibility of TCP/IP based network services beyond firewalls #### Wireless Network Tools - * [Aircrack-ng](http://www.aircrack-ng.org/) - a set of tools for auditing wireless network - * [Kismet](https://kismetwireless.net/) - Wireless network detector, sniffer, and IDS - * [Reaver](https://code.google.com/p/reaver-wps/) - Brute force attack against Wifi Protected Setup - * [Wifite](https://github.com/derv82/wifite) - Automated wireless attack tool +* [Aircrack-ng](http://www.aircrack-ng.org/) - a set of tools for auditing wireless network +* [Kismet](https://kismetwireless.net/) - Wireless network detector, sniffer, and IDS +* [Reaver](https://code.google.com/p/reaver-wps/) - Brute force attack against Wifi Protected Setup +* [Wifite](https://github.com/derv82/wifite) - Automated wireless attack tool +* [wifiphisher](https://github.com/sophron/wifiphisher) - Automated phishing attacks against Wi-Fi networks #### SSL Analysis Tools * [SSLyze](https://github.com/nabla-c0d3/sslyze) - SSL configuration scanner @@ -124,6 +132,10 @@ A collection of awesome penetration testing resources * [SQLmap](http://sqlmap.org/) - Automatic SQL injection and database takeover tool * [weevely3](https://github.com/epinna/weevely3) - Weaponized web shell * [Wappalyzer](https://wappalyzer.com/) - Wappalyzer uncovers the technologies used on websites +* [cms-explorer](https://code.google.com/archive/p/cms-explorer/) - CMS Explorer is designed to reveal the the specific modules, plugins, components and themes that various CMS driven web sites are running. +* [joomscan](https://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project) - Joomla CMS scanner +* [WhatWeb](https://github.com/urbanadventurer/WhatWeb) - Website Fingerprinter +* [BlindElephant](http://blindelephant.sourceforge.net/) - Web Application Fingerprinter #### Hex Editors * [HexEdit.js](http://hexed.it/) - Browser-based hex editing @@ -139,6 +151,12 @@ A collection of awesome penetration testing resources * [Windows Credentials Editor](http://www.ampliasecurity.com/research/windows-credentials-editor/) - security tool to list logon sessions and add, change, list and delete associated credentials * [mimikatz](http://blog.gentilkiwi.com/mimikatz) - Credentials extraction tool for Windows OS * [PowerSpoit](https://github.com/PowerShellMafia/PowerSploit) - A PowerShell Post-Exploitation Framework +* [Windows Exploit Suggester](https://github.com/GDSSecurity/Windows-Exploit-Suggester) - Detects potential missing patches on the target +* [Responder](https://github.com/SpiderLabs/Responder) - A LLMNR, NBT-NS and MDNS poisoner +* [Empire](https://github.com/PowerShellEmpire/Empire) - Empire is a pure PowerShell post-exploitation agent + +#### Linux Utils +* [Linux Exploit Suggester](https://github.com/PenturaLabs/Linux_Exploit_Suggester) - Linux Exploit Suggester; based on operating system release number. #### DDoS Tools * [LOIC](https://github.com/NewEraCracker/LOIC/) - An open source network stress tool for Windows @@ -155,6 +173,7 @@ A collection of awesome penetration testing resources * [metagoofil](https://github.com/laramies/metagoofil) - Metadata harvester * [Google Hacking Database](https://www.exploit-db.com/google-hacking-database/) - a database of Google dorks; can be used for recon * [Shodan](https://www.shodan.io/) - Shodan is the world's first search engine for Internet-connected devices +* [recon-ng](https://bitbucket.org/LaNMaSteR53/recon-ng) - A full-featured Web Reconnaissance framework written in Python #### Anonymity Tools * [Tor](https://www.torproject.org/) - The free software for enabling onion routing online anonymity @@ -194,14 +213,18 @@ A collection of awesome penetration testing resources * [Penetration Testing: Procedures & Methodologies by EC-Council, 2010](http://www.amazon.com/Penetration-Testing-Procedures-Methodologies-EC-Council/dp/1435483677) * [Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp, 2010](http://www.amazon.com/Unauthorised-Access-Physical-Penetration-Security-ebook/dp/B005DIAPKE) * [Advanced Persistent Threat Hacking: The Art and Science of Hacking Any Organization by Tyler Wrightson, 2014](http://www.amazon.com/Advanced-Persistent-Threat-Hacking-Organization/dp/0071828362) +* [Bug Hunter's Diary by Tobias Klein, 2011](https://www.nostarch.com/bughunter) #### Hackers Handbook Series +* [The Database Hacker's Handbook, David Litchfield et al., 2005](http://wiley.com/WileyCDA/WileyTitle/productCd-0764578014.html) * [The Shellcoders Handbook by Chris Anley et al., 2007](http://wiley.com/WileyCDA/WileyTitle/productCd-047008023X.html) +* [The Mac Hacker's Handbook by Charlie Miller & Dino Dai Zovi, 2009](http://wiley.com/WileyCDA/WileyTitle/productCd-0470395362.html) * [The Web Application Hackers Handbook by D. Stuttard, M. Pinto, 2011](http://wiley.com/WileyCDA/WileyTitle/productCd-1118026470.html) * [iOS Hackers Handbook by Charlie Miller et al., 2012](http://wiley.com/WileyCDA/WileyTitle/productCd-1118204123.html) * [Android Hackers Handbook by Joshua J. Drake et al., 2014](http://wiley.com/WileyCDA/WileyTitle/productCd-111860864X.html) * [The Browser Hackers Handbook by Wade Alcorn et al., 2014](http://wiley.com/WileyCDA/WileyTitle/productCd-1118662091.html) * [The Mobile Application Hackers Handbook by Dominic Chell et al., 2015](http://wiley.com/WileyCDA/WileyTitle/productCd-1118958500.html) +* [Car Hacker's Handbook by Craig Smith, 2016](https://www.nostarch.com/carhacking) #### Network Analysis Books * [Nmap Network Scanning by Gordon Fyodor Lyon, 2009](http://nmap.org/book/) @@ -211,6 +234,7 @@ A collection of awesome penetration testing resources #### Reverse Engineering Books * [Reverse Engineering for Beginners by Dennis Yurichev](http://beginners.re/) +* [Hacking the Xbox by Andrew Huang, 2003](https://www.nostarch.com/xbox.htm) * [The IDA Pro Book by Chris Eagle, 2011](http://www.nostarch.com/idapro2.htm) * [Practical Reverse Engineering by Bruce Dang et al., 2014](http://wiley.com/WileyCDA/WileyTitle/productCd-1118787315.html) * [Gray Hat Hacking The Ethical Hacker's Handbook by Daniel Regalado et al., 2015](http://www.amazon.com/Hacking-Ethical-Hackers-Handbook-Edition/dp/0071832386) @@ -298,6 +322,7 @@ A collection of awesome penetration testing resources * [Phrack Magazine](http://www.phrack.org/) - By far the longest running hacker zine ### Awesome Lists +* [Kali Linux Tools](http://tools.kali.org/tools-listing) - List of tools present in Kali Linux * [SecTools](http://sectools.org/) - Top 125 Network Security Tools * [C/C++ Programming](https://github.com/fffaraz/awesome-cpp) - One of the main language for open source security tools * [.NET Programming](https://github.com/quozd/awesome-dotnet) - A software framework for Microsoft Windows platform development From da7f6cf7a739b9fbd187d3d9240a92a1bb1ded41 Mon Sep 17 00:00:00 2001 From: Leonardo Rezende Date: Wed, 4 May 2016 12:15:10 -0300 Subject: [PATCH 16/35] Update README.md (#54) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index f706845..cf9c95b 100644 --- a/README.md +++ b/README.md @@ -333,7 +333,7 @@ A collection of awesome penetration testing resources * [JavaScript Programming](https://github.com/sorrycc/awesome-javascript) - In-browser development and scripting * [Node.js Programming by @sindresorhus](https://github.com/sindresorhus/awesome-nodejs) - JavaScript in command-line * [Node.js Programming by @vndmtrx](https://github.com/vndmtrx/awesome-nodejs) - JavaScript in command-line -* [Python tools for penetration testers](http://www.dirk-loss.de/python-tools.htm) - Lots of pentesting tools are written in Python +* [Python tools for penetration testers](https://github.com/dloss/python-pentest-tools) - Lots of pentesting tools are written in Python * [Python Programming by @svaksha](https://github.com/svaksha/pythonidae) - General Python programming * [Python Programming by @vinta](https://github.com/vinta/awesome-python) - General Python programming * [Android Security](https://github.com/ashishb/android-security-awesome) - A collection of android security related resources From af442928f9bf564b3142a198c5b95f6e1db5d30e Mon Sep 17 00:00:00 2001 From: Alexander Knorr Date: Tue, 17 May 2016 17:28:52 +0200 Subject: [PATCH 17/35] Update README.md (#55) fixed typo --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index cf9c95b..f459a45 100644 --- a/README.md +++ b/README.md @@ -150,7 +150,7 @@ A collection of awesome penetration testing resources * [Sysinternals Suite](http://technet.microsoft.com/en-us/sysinternals/bb842062) - The Sysinternals Troubleshooting Utilities * [Windows Credentials Editor](http://www.ampliasecurity.com/research/windows-credentials-editor/) - security tool to list logon sessions and add, change, list and delete associated credentials * [mimikatz](http://blog.gentilkiwi.com/mimikatz) - Credentials extraction tool for Windows OS -* [PowerSpoit](https://github.com/PowerShellMafia/PowerSploit) - A PowerShell Post-Exploitation Framework +* [PowerSploit](https://github.com/PowerShellMafia/PowerSploit) - A PowerShell Post-Exploitation Framework * [Windows Exploit Suggester](https://github.com/GDSSecurity/Windows-Exploit-Suggester) - Detects potential missing patches on the target * [Responder](https://github.com/SpiderLabs/Responder) - A LLMNR, NBT-NS and MDNS poisoner * [Empire](https://github.com/PowerShellEmpire/Empire) - Empire is a pure PowerShell post-exploitation agent From 480bdd28a71d0d35cc2442ba443808d9a1473111 Mon Sep 17 00:00:00 2001 From: Meitar M Date: Wed, 1 Jun 2016 00:40:26 -0600 Subject: [PATCH 18/35] Suggest `tls_prober` tool be added (fingerprint a TLS implementation). (#56) --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index f459a45..94475fc 100644 --- a/README.md +++ b/README.md @@ -126,6 +126,7 @@ A collection of awesome penetration testing resources * [SSLyze](https://github.com/nabla-c0d3/sslyze) - SSL configuration scanner * [sslstrip](http://www.thoughtcrime.org/software/sslstrip/) - a demonstration of the HTTPS stripping attacks * [sslstrip2](https://github.com/LeonardoNve/sslstrip2) - SSLStrip version to defeat HSTS +* [tls_prober](https://github.com/WestpointLtd/tls_prober) - fingerprint a server's SSL/TLS implementation #### Web exploitation * [WPScan](http://wpscan.org/) - Black box WordPress vulnerability scanner From 8e47eeec69754cc99583fd87cd786af5a374a994 Mon Sep 17 00:00:00 2001 From: Maik Ellerbrock Date: Tue, 7 Jun 2016 23:23:29 +0800 Subject: [PATCH 19/35] added Docker Images for Penetration Testing & Security (#57) --- README.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/README.md b/README.md index 94475fc..a6dfcf0 100644 --- a/README.md +++ b/README.md @@ -12,6 +12,7 @@ A collection of awesome penetration testing resources - [Tools](#tools) - [Penetration Testing Distributions](#penetration-testing-distributions) - [Basic Penetration Testing Tools](#basic-penetration-testing-tools) + - [Docker for Penetration Testing](#docker) - [Vulnerability Scanners](#vulnerability-scanners) - [Network Tools](#network-tools) - [Wireless Network Tools](#wireless-network-tools) @@ -82,6 +83,22 @@ A collection of awesome penetration testing resources * [evilgrade](https://github.com/infobyte/evilgrade) - The update explotation framework * [commix](https://github.com/stasinopoulos/commix) - Automated All-in-One OS Command Injection and Exploitation Tool +#### Docker for Penetration Testing +* `docker pull kalilinux/kali-linux-docker` [official Kali Linux](https://hub.docker.com/r/kalilinux/kali-linux-docker/) +* `docker pull owasp/zap2docker-stable` - [official OWASP ZAP](https://github.com/zaproxy/zaproxy) +* `docker pull wpscanteam/wpscan` - [official WPScan](https://hub.docker.com/r/wpscanteam/wpscan/) +* `docker pull pandrew/metasploit` - [docker-metasploit](https://hub.docker.com/r/pandrew/metasploit/) +* `docker pull citizenstig/dvwa` - [Damn Vulnerable Web Application (DVWA)](https://hub.docker.com/r/citizenstig/dvwa/) +* `docker pull wpscanteam/vulnerablewordpress` - [Vulnerable WordPress Installation](https://hub.docker.com/r/wpscanteam/vulnerablewordpress/) +* `docker pull hmlio/vaas-cve-2014-6271` - [Vulnerability as a service: Shellshock](https://hub.docker.com/r/hmlio/vaas-cve-2014-6271/) +* `docker pull hmlio/vaas-cve-2014-0160` - [Vulnerability as a service: Heartbleed](https://hub.docker.com/r/hmlio/vaas-cve-2014-0160/) +* `docker pull opendns/security-ninjas` - [Security Ninjas](https://hub.docker.com/r/opendns/security-ninjas/) +* `docker pull usertaken/archlinux-pentest-lxde` - [Arch Linux Penetration Tester](https://hub.docker.com/r/usertaken/archlinux-pentest-lxde/) +* `docker pull diogomonica/docker-bench-security` - [Docker Bench for Security](https://hub.docker.com/r/diogomonica/docker-bench-security/) +* `docker pull ismisepaul/securityshepherd` - [OWASP Security Shepherd](https://hub.docker.com/r/ismisepaul/securityshepherd/) +* `docker pull danmx/docker-owasp-webgoat` - [OWASP WebGoat Project docker image](https://hub.docker.com/r/danmx/docker-owasp-webgoat/) +* `docker pull citizenstig/nowasp` - [OWASP Mutillidae II Web Pen-Test Practice Application](https://hub.docker.com/r/citizenstig/nowasp/) + #### Vulnerability Scanners * [Netsparker](https://www.netsparker.com/communityedition/) - Web Application Security Scanner * [Nexpose](https://www.rapid7.com/products/nexpose/) - Vulnerability Management & Risk Management Software From b26fd5b9a0f776c3549eab0e670d33b9fb7a1bf3 Mon Sep 17 00:00:00 2001 From: Samar Dhwoj Acharya Date: Tue, 7 Jun 2016 10:25:36 -0500 Subject: [PATCH 20/35] update link --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a6dfcf0..320aa27 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ A collection of awesome penetration testing resources - [Tools](#tools) - [Penetration Testing Distributions](#penetration-testing-distributions) - [Basic Penetration Testing Tools](#basic-penetration-testing-tools) - - [Docker for Penetration Testing](#docker) + - [Docker for Penetration Testing](#docker-for-penetration-testing) - [Vulnerability Scanners](#vulnerability-scanners) - [Network Tools](#network-tools) - [Wireless Network Tools](#wireless-network-tools) From 709e98b14521b68b78a2b643c96b70e74c8ccc95 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nedim=20=C5=A0abi=C4=87?= Date: Sun, 12 Jun 2016 23:29:25 +0200 Subject: [PATCH 21/35] Added fibratus (#58) --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 320aa27..e2073ae 100644 --- a/README.md +++ b/README.md @@ -172,6 +172,7 @@ A collection of awesome penetration testing resources * [Windows Exploit Suggester](https://github.com/GDSSecurity/Windows-Exploit-Suggester) - Detects potential missing patches on the target * [Responder](https://github.com/SpiderLabs/Responder) - A LLMNR, NBT-NS and MDNS poisoner * [Empire](https://github.com/PowerShellEmpire/Empire) - Empire is a pure PowerShell post-exploitation agent +* [Fibratus](https://github.com/rabbitstack/fibratus) - Tool for exploration and tracing of the Windows kernel #### Linux Utils * [Linux Exploit Suggester](https://github.com/PenturaLabs/Linux_Exploit_Suggester) - Linux Exploit Suggester; based on operating system release number. From daa4870c3a42475443b24a00553d2a7085106add Mon Sep 17 00:00:00 2001 From: Meitar M Date: Fri, 24 Jun 2016 18:14:29 -0600 Subject: [PATCH 22/35] Suggest `smbmap` utility be added. (#59) --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index e2073ae..44bbb60 100644 --- a/README.md +++ b/README.md @@ -131,6 +131,7 @@ A collection of awesome penetration testing resources * [pwnat](https://github.com/samyk/pwnat) - punches holes in firewalls and NATs * [dsniff](https://www.monkey.org/~dugsong/dsniff/) - a collection of tools for network auditing and pentesting * [tgcd](http://tgcd.sourceforge.net/) - a simple Unix network utility to extend the accessibility of TCP/IP based network services beyond firewalls +* [smbmap](https://github.com/ShawnDEvans/smbmap) - a handy SMB enumeration tool #### Wireless Network Tools * [Aircrack-ng](http://www.aircrack-ng.org/) - a set of tools for auditing wireless network From a38ec8545c03b3c4d36bd7b3ecffd4f304a1f3c5 Mon Sep 17 00:00:00 2001 From: Tonimir Kisasondi Date: Tue, 28 Jun 2016 22:33:12 +0200 Subject: [PATCH 23/35] Added BalCCon and FSec conferences (#60) Added BalCCon and FSec conferences --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 44bbb60..5565458 100644 --- a/README.md +++ b/README.md @@ -336,6 +336,8 @@ A collection of awesome penetration testing resources * [Virus Bulletin Conference](https://www.virusbtn.com/conference/index) - An annual conference going to be held in Denver, USA for 2016 * [Ekoparty](http://www.ekoparty.org) - Largest Security Conference in Latin America, held annually in Buenos Aires, Argentina * [44Con](http://44con.com/) - Annual Security Conference held in London +* [BalCCon](https://www.balccon.org) - Balkan Computer Congress, annualy held in Novi Sad, Serbia +* [FSec](http://fsec.foi.hr) - FSec - Croatian Information Security Gathering in Varaždin, Croatia ### Information Security Magazines * [2600: The Hacker Quarterly](http://www.2600.com/Magazine/DigitalEditions) - An American publication about technology and computer "underground" From 1fdbce5665e4b7e04bdf0dab85ccfa764a35436b Mon Sep 17 00:00:00 2001 From: Themercee Date: Thu, 30 Jun 2016 19:18:28 -0400 Subject: [PATCH 24/35] Add Parrot Security OS (#62) I add the Parrot distribution. It is similar to Kali, but the display is lighter because it use XFCE with some custom graphics. All tools seems to be there :) --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 5565458..e4a8fc2 100644 --- a/README.md +++ b/README.md @@ -73,6 +73,7 @@ A collection of awesome penetration testing resources * [NST](http://networksecuritytoolkit.org/) - Network Security Toolkit distribution * [Pentoo](http://www.pentoo.ch/) - security-focused livecd based on Gentoo * [BackBox](http://www.backbox.org/) - Ubuntu-based distribution for penetration tests and security assessments +* [Parrot](https://www.parrotsec.org/) - A distribution similar to Kali, with multiple architecture #### Basic Penetration Testing Tools * [Metasploit Framework](http://www.metasploit.com/) - World's most used penetration testing software From 71613b199185647fe4641c7c3b06a1199623e3fa Mon Sep 17 00:00:00 2001 From: Samar Dhwoj Acharya Date: Sat, 2 Jul 2016 23:11:16 -0500 Subject: [PATCH 25/35] Add github-dorks --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index e4a8fc2..e492881 100644 --- a/README.md +++ b/README.md @@ -195,6 +195,7 @@ A collection of awesome penetration testing resources * [Google Hacking Database](https://www.exploit-db.com/google-hacking-database/) - a database of Google dorks; can be used for recon * [Shodan](https://www.shodan.io/) - Shodan is the world's first search engine for Internet-connected devices * [recon-ng](https://bitbucket.org/LaNMaSteR53/recon-ng) - A full-featured Web Reconnaissance framework written in Python +* [github-dorks](https://github.com/techgaun/github-dorks) - CLI tool to scan github repos/organizations for potential sensitive information leak #### Anonymity Tools * [Tor](https://www.torproject.org/) - The free software for enabling onion routing online anonymity From c4d3bc3bafcf519568360f97deaff186a809c48c Mon Sep 17 00:00:00 2001 From: Themercee Date: Tue, 5 Jul 2016 17:41:24 -0400 Subject: [PATCH 26/35] Add routersploit in penetration testing tools (#63) Routersploit is a tool similar to metasploit, but adapt to router exploitation. The project is really active. --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index e492881..34bd17d 100644 --- a/README.md +++ b/README.md @@ -83,6 +83,7 @@ A collection of awesome penetration testing resources * [faraday](https://github.com/infobyte/faraday) - Collaborative Penetration Test and Vulnerability Management Platform * [evilgrade](https://github.com/infobyte/evilgrade) - The update explotation framework * [commix](https://github.com/stasinopoulos/commix) - Automated All-in-One OS Command Injection and Exploitation Tool +* [routersploit](https://github.com/reverse-shell/routersploit) - Automated penetration testing software for router #### Docker for Penetration Testing * `docker pull kalilinux/kali-linux-docker` [official Kali Linux](https://hub.docker.com/r/kalilinux/kali-linux-docker/) From db36b3995b01d8cb8fd45b998bc852710065f70e Mon Sep 17 00:00:00 2001 From: "T.v.Dein" Date: Wed, 13 Jul 2016 13:57:09 +0200 Subject: [PATCH 27/35] added scapy, python interactive packet manipulation (#66) --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 34bd17d..c3147f4 100644 --- a/README.md +++ b/README.md @@ -134,6 +134,7 @@ A collection of awesome penetration testing resources * [dsniff](https://www.monkey.org/~dugsong/dsniff/) - a collection of tools for network auditing and pentesting * [tgcd](http://tgcd.sourceforge.net/) - a simple Unix network utility to extend the accessibility of TCP/IP based network services beyond firewalls * [smbmap](https://github.com/ShawnDEvans/smbmap) - a handy SMB enumeration tool +* [scapy](https://github.com/secdev/scapy) - a python-based interactive packet manipulation program & library #### Wireless Network Tools * [Aircrack-ng](http://www.aircrack-ng.org/) - a set of tools for auditing wireless network From 8de8f606423a4c52066d6ebcf1090f2eba0ece9f Mon Sep 17 00:00:00 2001 From: "O . S . O" Date: Sun, 24 Jul 2016 00:22:30 +0200 Subject: [PATCH 28/35] Updated OSInt Tools (added Censys and ZoomEye) and added LFI tools (#64) * Added Censys and ZoomEye * Added LFI tools + Https for some links --- README.md | 23 +++++++++++++++-------- 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index c3147f4..17bd9bd 100644 --- a/README.md +++ b/README.md @@ -48,7 +48,7 @@ A collection of awesome penetration testing resources ### Online Resources #### Penetration Testing Resources -* [Metasploit Unleashed](http://www.offensive-security.com/metasploit-unleashed/) - Free Offensive Security metasploit course +* [Metasploit Unleashed](https://www.offensive-security.com/metasploit-unleashed/) - Free Offensive Security metasploit course * [PTES](http://www.pentest-standard.org/) - Penetration Testing Execution Standard * [OWASP](https://www.owasp.org/index.php/Main_Page) - Open Web Application Security Project @@ -60,23 +60,24 @@ A collection of awesome penetration testing resources * [shellsploit](https://github.com/b3mb4m/shellsploit-framework) - New Generation Exploit Development Kit #### Social Engineering Resources -* [Social Engineering Framework](http://www.social-engineer.org/framework/) - An information resource for social engineers +* [Social Engineering Framework](https://www.social-engineer.org/framework/) - An information resource for social engineers #### Lock Picking Resources -* [Schuyler Towne channel](http://www.youtube.com/user/SchuylerTowne/) - Lockpicking videos and security talks +* [Schuyler Towne channel](https://www.youtube.com/user/SchuylerTowne/) - Lockpicking videos and security talks * [/r/lockpicking](https://www.reddit.com/r/lockpicking) - Resources for learning lockpicking, equipment recommendations. ### Tools #### Penetration Testing Distributions -* [Kali](http://www.kali.org/) - A Linux distribution designed for digital forensics and penetration testing -* [BlackArch](http://www.blackarch.org/) - Arch Linux-based distribution for penetration testers and security researchers +* [Kali](https://www.kali.org/) - A Linux distribution designed for digital forensics and penetration testing +* [ArchStrike](https://archstrike.org/) - An Arch Linux repository for security professionals and enthusiasts +* [BlackArch](https://www.blackarch.org/) - Arch Linux-based distribution for penetration testers and security researchers * [NST](http://networksecuritytoolkit.org/) - Network Security Toolkit distribution -* [Pentoo](http://www.pentoo.ch/) - security-focused livecd based on Gentoo -* [BackBox](http://www.backbox.org/) - Ubuntu-based distribution for penetration tests and security assessments +* [Pentoo](http://www.pentoo.ch/) - Security-focused livecd based on Gentoo +* [BackBox](https://www.backbox.org/) - Ubuntu-based distribution for penetration tests and security assessments * [Parrot](https://www.parrotsec.org/) - A distribution similar to Kali, with multiple architecture #### Basic Penetration Testing Tools -* [Metasploit Framework](http://www.metasploit.com/) - World's most used penetration testing software +* [Metasploit Framework](https://www.metasploit.com/) - World's most used penetration testing software * [Burp Suite](http://portswigger.net/burp/) - An integrated platform for performing security testing of web applications * [ExploitPack](http://exploitpack.com/) - Graphical tool for penetration testing with a bunch of exploits * [BeeF](https://github.com/beefproject/beef) - The Browser Exploitation Framework Project @@ -158,6 +159,10 @@ A collection of awesome penetration testing resources * [joomscan](https://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project) - Joomla CMS scanner * [WhatWeb](https://github.com/urbanadventurer/WhatWeb) - Website Fingerprinter * [BlindElephant](http://blindelephant.sourceforge.net/) - Web Application Fingerprinter +* [fimap](https://github.com/kurobeats/fimap) - Find, prepare, audit, exploit and even google automatically for LFI/RFI bugs +* [Kadabra](https://github.com/D35m0nd142/Kadabra) - Automatic LFI exploiter and scanner +* [Kadimus](https://github.com/P0cL4bs/Kadimus) - LFI scan and exploit tool +* [liffy](https://github.com/hvqzao/liffy) - LFI exploitation tool #### Hex Editors * [HexEdit.js](http://hexed.it/) - Browser-based hex editing @@ -195,7 +200,9 @@ A collection of awesome penetration testing resources * [creepy](https://github.com/ilektrojohn/creepy) - A geolocation OSINT tool * [metagoofil](https://github.com/laramies/metagoofil) - Metadata harvester * [Google Hacking Database](https://www.exploit-db.com/google-hacking-database/) - a database of Google dorks; can be used for recon +* [Censys](https://www.censys.io/) - Collects data on hosts and websites through daily ZMap and ZGrab scans * [Shodan](https://www.shodan.io/) - Shodan is the world's first search engine for Internet-connected devices +* [ZoomEye](https://www.zoomeye.org/) - A cyberspace search engine for Internet-connected devices and websites using Xmap and Wmap * [recon-ng](https://bitbucket.org/LaNMaSteR53/recon-ng) - A full-featured Web Reconnaissance framework written in Python * [github-dorks](https://github.com/techgaun/github-dorks) - CLI tool to scan github repos/organizations for potential sensitive information leak From 11148aecc9d727af9d9a2d321fa8840bb270a9b3 Mon Sep 17 00:00:00 2001 From: "O . S . O" Date: Sun, 24 Jul 2016 18:37:18 +0200 Subject: [PATCH 29/35] Added DNS tools (#67) * Added DNS tools * Update DNS tools --- README.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 17bd9bd..34f258d 100644 --- a/README.md +++ b/README.md @@ -125,7 +125,14 @@ A collection of awesome penetration testing resources * [netsniff-ng](https://github.com/netsniff-ng/netsniff-ng) - A Swiss army knife for for network sniffing * [Intercepter-NG](http://intercepter.nerf.ru/) - a multifunctional network toolkit * [SPARTA](http://sparta.secforce.com/) - Network Infrastructure Penetration Testing Tool -* [DNSDumpster](https://dnsdumpster.com/) - Online DNS recond and search service +* [dnschef](https://thesprawl.org/projects/dnschef/) - A highly configurable DNS proxy for pentesters +* [DNSDumpster](https://dnsdumpster.com/) - Online DNS recon and search service +* [dnsenum](https://github.com/fwaeytens/dnsenum/) - Perl script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack, and then performs reverse look-ups on the results +* [dnsmap](https://github.com/makefu/dnsmap/) - Passive DNS network mapper +* [dnsrecon](https://github.com/darkoperator/dnsrecon/) - DNS Enumeration Script +* [dnstracer](http://www.mavetju.org/unix/dnstracer.php) - Determines where a given DNS server gets its information from, and follows the chain of DNS servers +* [passivedns-client](https://github.com/chrislee35/passivedns-client) - Provides a library and a query tool for querying several passive DNS providers +* [passivedns](https://github.com/gamelinux/passivedns) - A network sniffer that logs all DNS server replies for use in a passive DNS setup * [Mass Scan](https://github.com/robertdavidgraham/masscan) - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. * [Zarp](https://github.com/hatRiot/zarp) - Zarp is a network attack tool centered around the exploitation of local networks * [mitmproxy](https://github.com/mitmproxy/mitmproxy) - An interactive SSL-capable intercepting HTTP proxy for penetration testers and software developers From 2ddb21543b5f555c0522aa04ed841d05a7af4cb5 Mon Sep 17 00:00:00 2001 From: ReadmeCritic Date: Mon, 25 Jul 2016 07:03:45 -0700 Subject: [PATCH 30/35] Update README URLs based on HTTP redirects --- README.md | 134 +++++++++++++++++++++++++++--------------------------- 1 file changed, 67 insertions(+), 67 deletions(-) diff --git a/README.md b/README.md index 34f258d..e68b4ba 100644 --- a/README.md +++ b/README.md @@ -60,7 +60,7 @@ A collection of awesome penetration testing resources * [shellsploit](https://github.com/b3mb4m/shellsploit-framework) - New Generation Exploit Development Kit #### Social Engineering Resources -* [Social Engineering Framework](https://www.social-engineer.org/framework/) - An information resource for social engineers +* [Social Engineering Framework](http://www.social-engineer.org/framework/general-discussion/) - An information resource for social engineers #### Lock Picking Resources * [Schuyler Towne channel](https://www.youtube.com/user/SchuylerTowne/) - Lockpicking videos and security talks @@ -71,14 +71,14 @@ A collection of awesome penetration testing resources * [Kali](https://www.kali.org/) - A Linux distribution designed for digital forensics and penetration testing * [ArchStrike](https://archstrike.org/) - An Arch Linux repository for security professionals and enthusiasts * [BlackArch](https://www.blackarch.org/) - Arch Linux-based distribution for penetration testers and security researchers -* [NST](http://networksecuritytoolkit.org/) - Network Security Toolkit distribution +* [NST](./nst/index.html) - Network Security Toolkit distribution * [Pentoo](http://www.pentoo.ch/) - Security-focused livecd based on Gentoo -* [BackBox](https://www.backbox.org/) - Ubuntu-based distribution for penetration tests and security assessments +* [BackBox](https://backbox.org/) - Ubuntu-based distribution for penetration tests and security assessments * [Parrot](https://www.parrotsec.org/) - A distribution similar to Kali, with multiple architecture #### Basic Penetration Testing Tools * [Metasploit Framework](https://www.metasploit.com/) - World's most used penetration testing software -* [Burp Suite](http://portswigger.net/burp/) - An integrated platform for performing security testing of web applications +* [Burp Suite](https://portswigger.net/burp/) - An integrated platform for performing security testing of web applications * [ExploitPack](http://exploitpack.com/) - Graphical tool for penetration testing with a bunch of exploits * [BeeF](https://github.com/beefproject/beef) - The Browser Exploitation Framework Project * [faraday](https://github.com/infobyte/faraday) - Collaborative Penetration Test and Vulnerability Management Platform @@ -103,9 +103,9 @@ A collection of awesome penetration testing resources * `docker pull citizenstig/nowasp` - [OWASP Mutillidae II Web Pen-Test Practice Application](https://hub.docker.com/r/citizenstig/nowasp/) #### Vulnerability Scanners -* [Netsparker](https://www.netsparker.com/communityedition/) - Web Application Security Scanner +* [Netsparker](https://www.netsparker.com:443/) - Web Application Security Scanner * [Nexpose](https://www.rapid7.com/products/nexpose/) - Vulnerability Management & Risk Management Software -* [Nessus](http://www.tenable.com/products/nessus) - Vulnerability, configuration, and compliance assessment +* [Nessus](http://www.tenable.com/products/nessus-vulnerability-scanner) - Vulnerability, configuration, and compliance assessment * [Nikto](https://cirt.net/nikto2) - Web application vulnerability scanner * [OpenVAS](http://www.openvas.org/) - Open Source vulnerability scanner and manager * [OWASP Zed Attack Proxy](https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project) - Penetration testing tool for web applications @@ -117,10 +117,10 @@ A collection of awesome penetration testing resources * [arachni](https://github.com/Arachni/arachni) - Web Application Security Scanner Framework #### Network Tools -* [nmap](http://nmap.org/) - Free Security Scanner For Network Exploration & Security Audits +* [nmap](https://nmap.org/) - Free Security Scanner For Network Exploration & Security Audits * [pig](https://github.com/rafael-santiago/pig) - A Linux packet crafting tool * [tcpdump/libpcap](http://www.tcpdump.org/) - A common packet analyzer that runs under the command line -* [Wireshark](http://www.wireshark.org/) - A network protocol analyzer for Unix and Windows +* [Wireshark](https://www.wireshark.org/) - A network protocol analyzer for Unix and Windows * [Network Tools](http://network-tools.com/) - Different network tools: ping, lookup, whois, etc * [netsniff-ng](https://github.com/netsniff-ng/netsniff-ng) - A Swiss army knife for for network sniffing * [Intercepter-NG](http://intercepter.nerf.ru/) - a multifunctional network toolkit @@ -147,18 +147,18 @@ A collection of awesome penetration testing resources #### Wireless Network Tools * [Aircrack-ng](http://www.aircrack-ng.org/) - a set of tools for auditing wireless network * [Kismet](https://kismetwireless.net/) - Wireless network detector, sniffer, and IDS -* [Reaver](https://code.google.com/p/reaver-wps/) - Brute force attack against Wifi Protected Setup +* [Reaver](https://code.google.com/archive/p/reaver-wps) - Brute force attack against Wifi Protected Setup * [Wifite](https://github.com/derv82/wifite) - Automated wireless attack tool * [wifiphisher](https://github.com/sophron/wifiphisher) - Automated phishing attacks against Wi-Fi networks #### SSL Analysis Tools * [SSLyze](https://github.com/nabla-c0d3/sslyze) - SSL configuration scanner -* [sslstrip](http://www.thoughtcrime.org/software/sslstrip/) - a demonstration of the HTTPS stripping attacks +* [sslstrip](https://www.thoughtcrime.org/software/sslstrip/) - a demonstration of the HTTPS stripping attacks * [sslstrip2](https://github.com/LeonardoNve/sslstrip2) - SSLStrip version to defeat HSTS * [tls_prober](https://github.com/WestpointLtd/tls_prober) - fingerprint a server's SSL/TLS implementation #### Web exploitation -* [WPScan](http://wpscan.org/) - Black box WordPress vulnerability scanner +* [WPScan](https://wpscan.org/) - Black box WordPress vulnerability scanner * [SQLmap](http://sqlmap.org/) - Automatic SQL injection and database takeover tool * [weevely3](https://github.com/epinna/weevely3) - Weaponized web shell * [Wappalyzer](https://wappalyzer.com/) - Wappalyzer uncovers the technologies used on websites @@ -172,16 +172,16 @@ A collection of awesome penetration testing resources * [liffy](https://github.com/hvqzao/liffy) - LFI exploitation tool #### Hex Editors -* [HexEdit.js](http://hexed.it/) - Browser-based hex editing +* [HexEdit.js](https://hexed.it) - Browser-based hex editing * [Hexinator](https://hexinator.com/) (commercial) - World's finest Hex Editor #### Crackers * [John the Ripper](http://www.openwall.com/john/) - Fast password cracker * [Online MD5 cracker](http://www.md5crack.com/) - Online MD5 hash Cracker -* [Hashcat](http://hashcat.net/oclhashcat/) - The more fast hash cracker +* [Hashcat](http://hashcat.net/hashcat/) - The more fast hash cracker #### Windows Utils -* [Sysinternals Suite](http://technet.microsoft.com/en-us/sysinternals/bb842062) - The Sysinternals Troubleshooting Utilities +* [Sysinternals Suite](https://technet.microsoft.com/en-us/sysinternals/bb842062) - The Sysinternals Troubleshooting Utilities * [Windows Credentials Editor](http://www.ampliasecurity.com/research/windows-credentials-editor/) - security tool to list logon sessions and add, change, list and delete associated credentials * [mimikatz](http://blog.gentilkiwi.com/mimikatz) - Credentials extraction tool for Windows OS * [PowerSploit](https://github.com/PowerShellMafia/PowerSploit) - A PowerShell Post-Exploitation Framework @@ -196,13 +196,13 @@ A collection of awesome penetration testing resources #### DDoS Tools * [LOIC](https://github.com/NewEraCracker/LOIC/) - An open source network stress tool for Windows * [JS LOIC](http://metacortexsecurity.com/tools/anon/LOIC/LOICv1.html) - JavaScript in-browser version of LOIC -* [T50](http://sourceforge.net/projects/t50/) - The more fast network stress tool +* [T50](https://sourceforge.net/projects/t50/) - The more fast network stress tool #### Social Engineering Tools * [SET](https://github.com/trustedsec/social-engineer-toolkit) - The Social-Engineer Toolkit from TrustedSec #### OSInt Tools -* [Maltego](http://www.paterva.com/web6/products/maltego.php) - Proprietary software for open source intelligence and forensics, from Paterva. +* [Maltego](http://www.paterva.com/web7/) - Proprietary software for open source intelligence and forensics, from Paterva. * [theHarvester](https://github.com/laramies/theHarvester) - E-mail, subdomain and people names harvester * [creepy](https://github.com/ilektrojohn/creepy) - A geolocation OSINT tool * [metagoofil](https://github.com/laramies/metagoofil) - Metadata harvester @@ -215,17 +215,17 @@ A collection of awesome penetration testing resources #### Anonymity Tools * [Tor](https://www.torproject.org/) - The free software for enabling onion routing online anonymity -* [I2P](https://geti2p.net) - The Invisible Internet Project -* [Nipe](https://github.com/HeitorG/nipe) - Script to redirect all traffic from the machine to the Tor network. +* [I2P](https://geti2p.net/en/) - The Invisible Internet Project +* [Nipe](https://github.com/GouveaHeitor/nipe) - Script to redirect all traffic from the machine to the Tor network. #### Reverse Engineering Tools * [IDA Pro](https://www.hex-rays.com/products/ida/) - A Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger * [IDA Free](https://www.hex-rays.com/products/ida/support/download_freeware.shtml) - The freeware version of IDA v5.0 -* [WDK/WinDbg](http://msdn.microsoft.com/en-us/windows/hardware/hh852365.aspx) - Windows Driver Kit and WinDbg +* [WDK/WinDbg](https://msdn.microsoft.com/en-us/windows/hardware/hh852365.aspx) - Windows Driver Kit and WinDbg * [OllyDbg](http://www.ollydbg.de/) - An x86 debugger that emphasizes binary code analysis * [Radare2](http://rada.re/r/index.html) - Opensource, crossplatform reverse engineering framework. * [x64_dbg](http://x64dbg.com/) - An open-source x64/x32 debugger for windows. -* [Pyew](http://code.google.com/p/pyew/) - A Python tool for static malware analysis. +* [Pyew](https://github.com/joxeankoret/pyew) - A Python tool for static malware analysis. * [Bokken](https://inguma.eu/projects/bokken) - GUI for Pyew Radare2. * [Immunity Debugger](http://debugger.immunityinc.com/) - A powerful new way to write exploits and analyze malware * [Evan's Debugger](http://www.codef00.com/projects#debugger) - OllyDbg-like debugger for Linux @@ -237,15 +237,15 @@ A collection of awesome penetration testing resources ### Books #### Penetration Testing Books -* [The Art of Exploitation by Jon Erickson, 2008](http://www.nostarch.com/hacking2.htm) -* [Metasploit: The Penetration Tester's Guide by David Kennedy et al., 2011](http://www.nostarch.com/metasploit) -* [Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman, 2014](http://www.nostarch.com/pentesting) +* [The Art of Exploitation by Jon Erickson, 2008](https://www.nostarch.com/hacking2.htm) +* [Metasploit: The Penetration Tester's Guide by David Kennedy et al., 2011](https://www.nostarch.com/metasploit) +* [Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman, 2014](https://www.nostarch.com/pentesting) * [Rtfm: Red Team Field Manual by Ben Clark, 2014](http://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504/) * [The Hacker Playbook by Peter Kim, 2014](http://www.amazon.com/The-Hacker-Playbook-Practical-Penetration/dp/1494932636/) * [The Basics of Hacking and Penetration Testing by Patrick Engebretson, 2013](https://www.elsevier.com/books/the-basics-of-hacking-and-penetration-testing/engebretson/978-1-59749-655-1) * [Professional Penetration Testing by Thomas Wilhelm, 2013](https://www.elsevier.com/books/professional-penetration-testing/wilhelm/978-1-59749-993-4) -* [Advanced Penetration Testing for Highly-Secured Environments by Lee Allen, 2012](http://www.packtpub.com/advanced-penetration-testing-for-highly-secured-environments/book) -* [Violent Python by TJ O'Connor, 2012](http://www.elsevier.com/books/violent-python/unknown/978-1-59749-957-6) +* [Advanced Penetration Testing for Highly-Secured Environments by Lee Allen, 2012](http://www.packtpub.com/networking-and-servers/advanced-penetration-testing-highly-secured-environments-ultimate-security-gu) +* [Violent Python by TJ O'Connor, 2012](https://www.elsevier.com/books/violent-python/unknown/978-1-59749-957-6) * [Fuzzing: Brute Force Vulnerability Discovery by Michael Sutton et al., 2007](http://www.fuzzing.org/) * [Black Hat Python: Python Programming for Hackers and Pentesters by Justin Seitz, 2014](http://www.amazon.com/Black-Hat-Python-Programming-Pentesters/dp/1593275900) * [Penetration Testing: Procedures & Methodologies by EC-Council, 2010](http://www.amazon.com/Penetration-Testing-Procedures-Methodologies-EC-Council/dp/1435483677) @@ -254,71 +254,71 @@ A collection of awesome penetration testing resources * [Bug Hunter's Diary by Tobias Klein, 2011](https://www.nostarch.com/bughunter) #### Hackers Handbook Series -* [The Database Hacker's Handbook, David Litchfield et al., 2005](http://wiley.com/WileyCDA/WileyTitle/productCd-0764578014.html) -* [The Shellcoders Handbook by Chris Anley et al., 2007](http://wiley.com/WileyCDA/WileyTitle/productCd-047008023X.html) -* [The Mac Hacker's Handbook by Charlie Miller & Dino Dai Zovi, 2009](http://wiley.com/WileyCDA/WileyTitle/productCd-0470395362.html) -* [The Web Application Hackers Handbook by D. Stuttard, M. Pinto, 2011](http://wiley.com/WileyCDA/WileyTitle/productCd-1118026470.html) -* [iOS Hackers Handbook by Charlie Miller et al., 2012](http://wiley.com/WileyCDA/WileyTitle/productCd-1118204123.html) -* [Android Hackers Handbook by Joshua J. Drake et al., 2014](http://wiley.com/WileyCDA/WileyTitle/productCd-111860864X.html) -* [The Browser Hackers Handbook by Wade Alcorn et al., 2014](http://wiley.com/WileyCDA/WileyTitle/productCd-1118662091.html) -* [The Mobile Application Hackers Handbook by Dominic Chell et al., 2015](http://wiley.com/WileyCDA/WileyTitle/productCd-1118958500.html) +* [The Database Hacker's Handbook, David Litchfield et al., 2005](http://www.wiley.com/WileyCDA/WileyTitle/productCd-0764578014.html) +* [The Shellcoders Handbook by Chris Anley et al., 2007](http://www.wiley.com/WileyCDA/WileyTitle/productCd-047008023X.html) +* [The Mac Hacker's Handbook by Charlie Miller & Dino Dai Zovi, 2009](http://www.wiley.com/WileyCDA/WileyTitle/productCd-0470395362.html) +* [The Web Application Hackers Handbook by D. Stuttard, M. Pinto, 2011](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118026470.html) +* [iOS Hackers Handbook by Charlie Miller et al., 2012](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118204123.html) +* [Android Hackers Handbook by Joshua J. Drake et al., 2014](http://www.wiley.com/WileyCDA/WileyTitle/productCd-111860864X.html) +* [The Browser Hackers Handbook by Wade Alcorn et al., 2014](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118662091.html) +* [The Mobile Application Hackers Handbook by Dominic Chell et al., 2015](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118958500.html) * [Car Hacker's Handbook by Craig Smith, 2016](https://www.nostarch.com/carhacking) #### Network Analysis Books -* [Nmap Network Scanning by Gordon Fyodor Lyon, 2009](http://nmap.org/book/) -* [Practical Packet Analysis by Chris Sanders, 2011](http://www.nostarch.com/packet2.htm) +* [Nmap Network Scanning by Gordon Fyodor Lyon, 2009](https://nmap.org/book/) +* [Practical Packet Analysis by Chris Sanders, 2011](https://www.nostarch.com/packet2.htm) * [Wireshark Network Analysis by by Laura Chappell & Gerald Combs, 2012](http://www.wiresharkbook.com/) * [Network Forensics: Tracking Hackers through Cyberspace by Sherri Davidoff & Jonathan Ham, 2012](http://www.amazon.com/Network-Forensics-Tracking-Hackers-Cyberspace-ebook/dp/B008CG8CYU/) #### Reverse Engineering Books * [Reverse Engineering for Beginners by Dennis Yurichev](http://beginners.re/) * [Hacking the Xbox by Andrew Huang, 2003](https://www.nostarch.com/xbox.htm) -* [The IDA Pro Book by Chris Eagle, 2011](http://www.nostarch.com/idapro2.htm) -* [Practical Reverse Engineering by Bruce Dang et al., 2014](http://wiley.com/WileyCDA/WileyTitle/productCd-1118787315.html) +* [The IDA Pro Book by Chris Eagle, 2011](https://www.nostarch.com/idapro2.htm) +* [Practical Reverse Engineering by Bruce Dang et al., 2014](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118787315.html) * [Gray Hat Hacking The Ethical Hacker's Handbook by Daniel Regalado et al., 2015](http://www.amazon.com/Hacking-Ethical-Hackers-Handbook-Edition/dp/0071832386) #### Malware Analysis Books -* [Practical Malware Analysis by Michael Sikorski & Andrew Honig, 2012](http://www.nostarch.com/malware) -* [The Art of Memory Forensics by Michael Hale Ligh et al., 2014](http://wiley.com/WileyCDA/WileyTitle/productCd-1118825098.html) +* [Practical Malware Analysis by Michael Sikorski & Andrew Honig, 2012](https://www.nostarch.com/malware) +* [The Art of Memory Forensics by Michael Hale Ligh et al., 2014](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118825098.html) * [Malware Analyst's Cookbook and DVD by Michael Hale Ligh et al., 2010](http://www.wiley.com/WileyCDA/WileyTitle/productCd-0470613033.html) #### Windows Books * [Windows Internals by Mark Russinovich et al., 2012](http://www.amazon.com/Windows-Internals-Part-Developer-Reference/dp/0735648735/) #### Social Engineering Books -* [The Art of Deception by Kevin D. Mitnick & William L. Simon, 2002](http://wiley.com/WileyCDA/WileyTitle/productCd-0471237124.html) -* [The Art of Intrusion by Kevin D. Mitnick & William L. Simon, 2005](http://wiley.com/WileyCDA/WileyTitle/productCd-0764569597.html) +* [The Art of Deception by Kevin D. Mitnick & William L. Simon, 2002](http://www.wiley.com/WileyCDA/WileyTitle/productCd-0471237124.html) +* [The Art of Intrusion by Kevin D. Mitnick & William L. Simon, 2005](http://www.wiley.com/WileyCDA/WileyTitle/productCd-0764569597.html) * [Ghost in the Wires by Kevin D. Mitnick & William L. Simon, 2011](http://www.hachettebookgroup.com/titles/kevin-mitnick/ghost-in-the-wires/9780316134477/) -* [No Tech Hacking by Johnny Long & Jack Wiles, 2008](http://www.elsevier.com/books/no-tech-hacking/mitnick/978-1-59749-215-7) -* [Social Engineering: The Art of Human Hacking by Christopher Hadnagy, 2010](http://wiley.com/WileyCDA/WileyTitle/productCd-0470639539.html) -* [Unmasking the Social Engineer: The Human Element of Security by Christopher Hadnagy, 2014](http://wiley.com/WileyCDA/WileyTitle/productCd-1118608577.html) -* [Social Engineering in IT Security: Tools, Tactics, and Techniques by Sharon Conheady, 2014](http://www.mhprofessional.com/product.php?isbn=0071818464) +* [No Tech Hacking by Johnny Long & Jack Wiles, 2008](https://www.elsevier.com/books/no-tech-hacking/mitnick/978-1-59749-215-7) +* [Social Engineering: The Art of Human Hacking by Christopher Hadnagy, 2010](http://www.wiley.com/WileyCDA/WileyTitle/productCd-0470639539.html) +* [Unmasking the Social Engineer: The Human Element of Security by Christopher Hadnagy, 2014](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118608577.html) +* [Social Engineering in IT Security: Tools, Tactics, and Techniques by Sharon Conheady, 2014](https://www.mhprofessional.com/product.php?isbn=0071818464) #### Lock Picking Books * [Practical Lock Picking by Deviant Ollam, 2012](https://www.elsevier.com/books/practical-lock-picking/ollam/978-1-59749-989-7) * [Keys to the Kingdom by Deviant Ollam, 2012](https://www.elsevier.com/books/keys-to-the-kingdom/ollam/978-1-59749-983-5) -* [CIA Lock Picking Field Operative Training Manual](http://www.scribd.com/doc/7207/CIA-Lock-Picking-Field-Operative-Training-Manual) +* [CIA Lock Picking Field Operative Training Manual](https://www.scribd.com/doc/7207/CIA-Lock-Picking-Field-Operative-Training-Manual) * [Lock Picking: Detail Overkill by Solomon](https://www.dropbox.com/s/y39ix9u9qpqffct/Lockpicking%20Detail%20Overkill.pdf?dl=0) * [Eddie the Wire books](https://www.dropbox.com/sh/k3z4dm4vyyojp3o/AAAIXQuwMmNuCch_StLPUYm-a?dl=0) ### Vulnerability Databases -* [NVD](http://nvd.nist.gov/) - US National Vulnerability Database -* [CERT](http://www.us-cert.gov/) - US Computer Emergency Readiness Team -* [OSVDB](http://osvdb.org/) - Open Sourced Vulnerability Database +* [NVD](https://nvd.nist.gov/) - US National Vulnerability Database +* [CERT](https://www.us-cert.gov/) - US Computer Emergency Readiness Team +* [OSVDB](https://blog.osvdb.org/) - Open Sourced Vulnerability Database * [Bugtraq](http://www.securityfocus.com/) - Symantec SecurityFocus -* [Exploit-DB](http://www.exploit-db.com/) - Offensive Security Exploit Database +* [Exploit-DB](https://www.exploit-db.com/) - Offensive Security Exploit Database * [Fulldisclosure](http://seclists.org/fulldisclosure/) - Full Disclosure Mailing List -* [MS Bulletin](https://technet.microsoft.com/security/bulletin/) - Microsoft Security Bulletin -* [MS Advisory](https://technet.microsoft.com/security/advisory/) - Microsoft Security Advisories -* [Inj3ct0r](http://1337day.com/) - Inj3ct0r Exploit Database -* [Packet Storm](http://packetstormsecurity.com/) - Packet Storm Global Security Resource +* [MS Bulletin](https://technet.microsoft.com/en-us/security/bulletins) - Microsoft Security Bulletin +* [MS Advisory](https://technet.microsoft.com/en-us/security/advisories) - Microsoft Security Advisories +* [Inj3ct0r](http://www.1337day.com/) - Inj3ct0r Exploit Database +* [Packet Storm](https://packetstormsecurity.com/) - Packet Storm Global Security Resource * [SecuriTeam](http://www.securiteam.com/) - Securiteam Vulnerability Information * [CXSecurity](http://cxsecurity.com/) - CSSecurity Bugtraq List * [Vulnerability Laboratory](http://www.vulnerability-lab.com/) - Vulnerability Research Laboratory * [ZDI](http://www.zerodayinitiative.com/) - Zero Day Initiative ### Security Courses -* [Offensive Security Training](http://www.offensive-security.com/information-security-training/) - Training from BackTrack/Kali developers +* [Offensive Security Training](https://www.offensive-security.com/information-security-training/) - Training from BackTrack/Kali developers * [SANS Security Training](http://www.sans.org/) - Computer Security Training & Certification * [Open Security Training](http://opensecuritytraining.info/) - Training material for computer security classes * [CTF Field Guide](https://trailofbits.github.io/ctf/) - everything you need to win your next CTF competition @@ -328,37 +328,37 @@ A collection of awesome penetration testing resources * [DEF CON](https://www.defcon.org/) - An annual hacker convention in Las Vegas * [Black Hat](http://www.blackhat.com/) - An annual security conference in Las Vegas * [BSides](http://www.securitybsides.com/) - A framework for organising and holding security conferences -* [CCC](http://events.ccc.de/congress/) - An annual meeting of the international hacker scene in Germany +* [CCC](https://events.ccc.de/congress/) - An annual meeting of the international hacker scene in Germany * [DerbyCon](https://www.derbycon.com/) - An annual hacker conference based in Louisville * [PhreakNIC](http://phreaknic.info/) - A technology conference held annually in middle Tennessee -* [ShmooCon](http://www.shmoocon.org/) - An annual US east coast hacker convention +* [ShmooCon](http://shmoocon.org/) - An annual US east coast hacker convention * [CarolinaCon](http://www.carolinacon.org/) - An infosec conference, held annually in North Carolina -* [HOPE](http://hope.net/) - A conference series sponsored by the hacker magazine 2600 +* [HOPE](https://hope.net/) - A conference series sponsored by the hacker magazine 2600 * [SummerCon](http://www.summercon.org/) - One of the oldest hacker conventions, held during Summer -* [Hack.lu](http://hack.lu/) - An annual conference held in Luxembourg -* [HITB](http://conference.hitb.org/) - Deep-knowledge security conference held in Malaysia and The Netherlands +* [Hack.lu](https://2016.hack.lu/) - An annual conference held in Luxembourg +* [HITB](https://conference.hitb.org/) - Deep-knowledge security conference held in Malaysia and The Netherlands * [Troopers](https://www.troopers.de) - Annual international IT Security event with workshops held in Heidelberg, Germany * [Hack3rCon](http://hack3rcon.org/) - An annual US hacker conference * [ThotCon](http://thotcon.org/) - An annual US hacker conference held in Chicago * [LayerOne](http://www.layerone.org/) - An annual US security conference held every spring in Los Angeles * [DeepSec](https://deepsec.net/) - Security Conference in Vienna, Austria * [SkyDogCon](http://www.skydogcon.com/) - A technology conference in Nashville -* [SECUINSIDE](http://secuinside.com) - Security Conference in [Seoul](http://en.wikipedia.org/wiki/Seoul) -* [DefCamp](http://defcamp.ro) - Largest Security Conference in Eastern Europe, held anually in Bucharest, Romania +* [SECUINSIDE](http://secuinside.com) - Security Conference in [Seoul](https://en.wikipedia.org/wiki/Seoul) +* [DefCamp](http://def.camp/) - Largest Security Conference in Eastern Europe, held anually in Bucharest, Romania * [AppSecUSA](https://appsecusa.org/) - An annual conference organised by OWASP * [BruCON](http://brucon.org) - An annual security conference in Belgium * [Infosecurity Europe](http://www.infosecurityeurope.com/) - Europe's number one information security event, held in London, UK * [Nullcon](http://nullcon.net/website/) - An annual conference in Delhi and Goa, India -* [RSA Conference USA](http://www.rsaconference.com/) - An annual security conference in San Francisco, California, USA +* [RSA Conference USA](https://www.rsaconference.com/) - An annual security conference in San Francisco, California, USA * [Swiss Cyber Storm](https://www.swisscyberstorm.com/) - An annual security conference in Lucerne, Switzerland -* [Virus Bulletin Conference](https://www.virusbtn.com/conference/index) - An annual conference going to be held in Denver, USA for 2016 +* [Virus Bulletin Conference](https://www.virusbulletin.com/conference/index) - An annual conference going to be held in Denver, USA for 2016 * [Ekoparty](http://www.ekoparty.org) - Largest Security Conference in Latin America, held annually in Buenos Aires, Argentina -* [44Con](http://44con.com/) - Annual Security Conference held in London +* [44Con](https://44con.com/) - Annual Security Conference held in London * [BalCCon](https://www.balccon.org) - Balkan Computer Congress, annualy held in Novi Sad, Serbia * [FSec](http://fsec.foi.hr) - FSec - Croatian Information Security Gathering in Varaždin, Croatia ### Information Security Magazines -* [2600: The Hacker Quarterly](http://www.2600.com/Magazine/DigitalEditions) - An American publication about technology and computer "underground" +* [2600: The Hacker Quarterly](https://www.2600.com/Magazine/DigitalEditions) - An American publication about technology and computer "underground" * [Phrack Magazine](http://www.phrack.org/) - By far the longest running hacker zine ### Awesome Lists @@ -395,6 +395,6 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea ### License -[![Creative Commons License](http://i.creativecommons.org/l/by/4.0/88x31.png)](http://creativecommons.org/licenses/by/4.0/) +[![Creative Commons License](http://i.creativecommons.org/l/by/4.0/88x31.png)](https://creativecommons.org/licenses/by/4.0/) This work is licensed under a [Creative Commons Attribution 4.0 International License](http://creativecommons.org/licenses/by/4.0/) From b92b21d9781a65dd620eab5b62ebaadec0c5d580 Mon Sep 17 00:00:00 2001 From: ReadmeCritic Date: Tue, 26 Jul 2016 07:53:41 -0700 Subject: [PATCH 31/35] Fix NST link --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index e68b4ba..9690ddc 100644 --- a/README.md +++ b/README.md @@ -71,7 +71,7 @@ A collection of awesome penetration testing resources * [Kali](https://www.kali.org/) - A Linux distribution designed for digital forensics and penetration testing * [ArchStrike](https://archstrike.org/) - An Arch Linux repository for security professionals and enthusiasts * [BlackArch](https://www.blackarch.org/) - Arch Linux-based distribution for penetration testers and security researchers -* [NST](./nst/index.html) - Network Security Toolkit distribution +* [NST](http://networksecuritytoolkit.org/) - Network Security Toolkit distribution * [Pentoo](http://www.pentoo.ch/) - Security-focused livecd based on Gentoo * [BackBox](https://backbox.org/) - Ubuntu-based distribution for penetration tests and security assessments * [Parrot](https://www.parrotsec.org/) - A distribution similar to Kali, with multiple architecture From 090f112c5630b17d9898180d682387cbf41f4c19 Mon Sep 17 00:00:00 2001 From: Louis Dion-Marcil Date: Sun, 31 Jul 2016 17:24:05 -0400 Subject: [PATCH 32/35] Removed usertaken/archlinux-pentest-lxde docker (404) Doesn't seem to be available anymore https://hub.docker.com/r/usertaken/archlinux-pentest-lxde/ [ldionmarcil:~]$ sudo docker pull usertaken/archlinux-pentest-lxde Using default tag: latest Pulling repository docker.io/usertaken/archlinux-pentest-lxde Error: image usertaken/archlinux-pentest-lxde not found --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 9690ddc..0c75682 100644 --- a/README.md +++ b/README.md @@ -96,7 +96,6 @@ A collection of awesome penetration testing resources * `docker pull hmlio/vaas-cve-2014-6271` - [Vulnerability as a service: Shellshock](https://hub.docker.com/r/hmlio/vaas-cve-2014-6271/) * `docker pull hmlio/vaas-cve-2014-0160` - [Vulnerability as a service: Heartbleed](https://hub.docker.com/r/hmlio/vaas-cve-2014-0160/) * `docker pull opendns/security-ninjas` - [Security Ninjas](https://hub.docker.com/r/opendns/security-ninjas/) -* `docker pull usertaken/archlinux-pentest-lxde` - [Arch Linux Penetration Tester](https://hub.docker.com/r/usertaken/archlinux-pentest-lxde/) * `docker pull diogomonica/docker-bench-security` - [Docker Bench for Security](https://hub.docker.com/r/diogomonica/docker-bench-security/) * `docker pull ismisepaul/securityshepherd` - [OWASP Security Shepherd](https://hub.docker.com/r/ismisepaul/securityshepherd/) * `docker pull danmx/docker-owasp-webgoat` - [OWASP WebGoat Project docker image](https://hub.docker.com/r/danmx/docker-owasp-webgoat/) From 20ad0d1119b625eb8cf8173a46185d54b1d72965 Mon Sep 17 00:00:00 2001 From: "O . S . O" Date: Sun, 7 Aug 2016 06:08:08 +0200 Subject: [PATCH 33/35] Added Netzob (#70) --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 0c75682..793dbf7 100644 --- a/README.md +++ b/README.md @@ -136,6 +136,7 @@ A collection of awesome penetration testing resources * [Zarp](https://github.com/hatRiot/zarp) - Zarp is a network attack tool centered around the exploitation of local networks * [mitmproxy](https://github.com/mitmproxy/mitmproxy) - An interactive SSL-capable intercepting HTTP proxy for penetration testers and software developers * [mallory](https://github.com/justmao945/mallory) - HTTP/HTTPS proxy over SSH +* [Netzob](https://github.com/netzob/netzob) - Reverse engineering, traffic generation and fuzzing of communication protocols * [DET](https://github.com/sensepost/DET) - DET is a proof of concept to perform Data Exfiltration using either single or multiple channel(s) at the same time * [pwnat](https://github.com/samyk/pwnat) - punches holes in firewalls and NATs * [dsniff](https://www.monkey.org/~dugsong/dsniff/) - a collection of tools for network auditing and pentesting From fd2d72d108e3dd710f44f490eb593830d32c5be2 Mon Sep 17 00:00:00 2001 From: Melvin Lammerts Date: Thu, 25 Aug 2016 18:51:04 +0200 Subject: [PATCH 34/35] Add vcsmap (#72) --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 793dbf7..b632392 100644 --- a/README.md +++ b/README.md @@ -212,6 +212,7 @@ A collection of awesome penetration testing resources * [ZoomEye](https://www.zoomeye.org/) - A cyberspace search engine for Internet-connected devices and websites using Xmap and Wmap * [recon-ng](https://bitbucket.org/LaNMaSteR53/recon-ng) - A full-featured Web Reconnaissance framework written in Python * [github-dorks](https://github.com/techgaun/github-dorks) - CLI tool to scan github repos/organizations for potential sensitive information leak +* [vcsmap](https://github.com/melvinsh/vcsmap) - A plugin-based tool to scan public version control systems for sensitive information #### Anonymity Tools * [Tor](https://www.torproject.org/) - The free software for enabling onion routing online anonymity From 6d227715923475beaac0a5d0dd92a8eae6eb6823 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=90o=C3=A0n=20Tr=E1=BA=A7n=20Ho=C3=A0ng?= Date: Wed, 21 Sep 2016 09:43:40 +0700 Subject: [PATCH 35/35] Add Voltron Debugger (#73) A hacky debugger UI for hackers --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index b632392..284b621 100644 --- a/README.md +++ b/README.md @@ -58,6 +58,7 @@ A collection of awesome penetration testing resources * [Exploit Writing Tutorials](https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/) - Tutorials on how to develop exploits * [GDB-peda](https://github.com/longld/peda) - Python Exploit Development Assistance for GDB * [shellsploit](https://github.com/b3mb4m/shellsploit-framework) - New Generation Exploit Development Kit +* [Voltron](https://github.com/snare/voltron) - A hacky debugger UI for hackers #### Social Engineering Resources * [Social Engineering Framework](http://www.social-engineer.org/framework/general-discussion/) - An information resource for social engineers