mirror of
https://github.com/enaqx/awesome-pentest.git
synced 2024-10-01 01:05:56 -04:00
Merge pull request #99 from Occupy4Elephants/patch-1
updated with a nice number of goodies
This commit is contained in:
commit
9971bff13f
@ -58,7 +58,6 @@ A collection of awesome penetration testing resources
|
|||||||
* [OWASP](https://www.owasp.org/index.php/Main_Page) - Open Web Application Security Project
|
* [OWASP](https://www.owasp.org/index.php/Main_Page) - Open Web Application Security Project
|
||||||
* [PENTEST-WIKI](https://github.com/nixawk/pentest-wiki) - A free online security knowledge library for pentesters / researchers.
|
* [PENTEST-WIKI](https://github.com/nixawk/pentest-wiki) - A free online security knowledge library for pentesters / researchers.
|
||||||
* [Vulnerability Assessment Framework](http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html) - Penetration Testing Framework.
|
* [Vulnerability Assessment Framework](http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html) - Penetration Testing Framework.
|
||||||
* [The Pentesters Framework](https://github.com/trustedsec/ptf) - PTF attempts to install all of your penetration testing tools (latest and greatest), compile them, build them, and make it so that you can install/update your distribution on any machine. Everything is organized in a fashion that is cohesive to the Penetration Testing Execution Standard (PTES) and eliminates a lot of things that are hardly used.
|
|
||||||
* [XSS-Payloads](http://www.xss-payloads.com) - Ultimate resource for all things cross-site including payloads, tools, games and documentation.
|
* [XSS-Payloads](http://www.xss-payloads.com) - Ultimate resource for all things cross-site including payloads, tools, games and documentation.
|
||||||
|
|
||||||
#### Exploit development
|
#### Exploit development
|
||||||
@ -91,6 +90,7 @@ A collection of awesome penetration testing resources
|
|||||||
* [Parrot](https://www.parrotsec.org/) - A distribution similar to Kali, with multiple architecture
|
* [Parrot](https://www.parrotsec.org/) - A distribution similar to Kali, with multiple architecture
|
||||||
* [Buscador](https://inteltechniques.com/buscador/) - A Linux Virtual Machine that is pre-configured for online investigators
|
* [Buscador](https://inteltechniques.com/buscador/) - A Linux Virtual Machine that is pre-configured for online investigators
|
||||||
* [Fedora Security Lab](https://labs.fedoraproject.org/en/security/) - Provides a safe test environment to work on security auditing, forensics, system rescue and teaching security testing methodologies.
|
* [Fedora Security Lab](https://labs.fedoraproject.org/en/security/) - Provides a safe test environment to work on security auditing, forensics, system rescue and teaching security testing methodologies.
|
||||||
|
* [The Pentesters Framework](https://github.com/trustedsec/ptf) - PTF attempts to install all of your penetration testing tools (latest and greatest), compile them, build them, and make it so that you can install/update your distribution on any machine. Everything is organized in a fashion that is cohesive to the Penetration Testing Execution Standard (PTES) and eliminates a lot of things that are hardly used.
|
||||||
|
|
||||||
#### Basic Penetration Testing Tools
|
#### Basic Penetration Testing Tools
|
||||||
* [Metasploit Framework](https://www.metasploit.com/) - World's most used penetration testing software
|
* [Metasploit Framework](https://www.metasploit.com/) - World's most used penetration testing software
|
||||||
@ -185,6 +185,8 @@ A collection of awesome penetration testing resources
|
|||||||
|
|
||||||
#### Web exploitation
|
#### Web exploitation
|
||||||
* [WPScan](https://wpscan.org/) - Black box WordPress vulnerability scanner
|
* [WPScan](https://wpscan.org/) - Black box WordPress vulnerability scanner
|
||||||
|
* [Wordpress Exploit Framework](https://github.com/rastating/wordpress-exploit-framework) - A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems.
|
||||||
|
* [WPSploit](https://github.com/espreto/wpsploit) - WPSploit - Exploiting Wordpress With Metasploit
|
||||||
* [SQLmap](http://sqlmap.org/) - Automatic SQL injection and database takeover tool
|
* [SQLmap](http://sqlmap.org/) - Automatic SQL injection and database takeover tool
|
||||||
* [tplmap](https://github.com/epinna/tplmap) - Automatic server-side template injection and Web server takeover tool
|
* [tplmap](https://github.com/epinna/tplmap) - Automatic server-side template injection and Web server takeover tool
|
||||||
* [weevely3](https://github.com/epinna/weevely3) - Weaponized web shell
|
* [weevely3](https://github.com/epinna/weevely3) - Weaponized web shell
|
||||||
@ -200,6 +202,7 @@ A collection of awesome penetration testing resources
|
|||||||
* [GitTools](https://github.com/internetwache/GitTools) - Automatically find and download Web-accessible `.git` repositories
|
* [GitTools](https://github.com/internetwache/GitTools) - Automatically find and download Web-accessible `.git` repositories
|
||||||
* [Commix](https://github.com/commixproject/commix) - Automated All-in-One OS command injection and exploitation tool
|
* [Commix](https://github.com/commixproject/commix) - Automated All-in-One OS command injection and exploitation tool
|
||||||
|
|
||||||
|
|
||||||
#### Hex Editors
|
#### Hex Editors
|
||||||
* [HexEdit.js](https://hexed.it) - Browser-based hex editing
|
* [HexEdit.js](https://hexed.it) - Browser-based hex editing
|
||||||
* [Hexinator](https://hexinator.com/) (commercial) - World's finest Hex Editor
|
* [Hexinator](https://hexinator.com/) (commercial) - World's finest Hex Editor
|
||||||
@ -233,6 +236,7 @@ A collection of awesome penetration testing resources
|
|||||||
* [LOIC](https://github.com/NewEraCracker/LOIC/) - An open source network stress tool for Windows
|
* [LOIC](https://github.com/NewEraCracker/LOIC/) - An open source network stress tool for Windows
|
||||||
* [JS LOIC](http://metacortexsecurity.com/tools/anon/LOIC/LOICv1.html) - JavaScript in-browser version of LOIC
|
* [JS LOIC](http://metacortexsecurity.com/tools/anon/LOIC/LOICv1.html) - JavaScript in-browser version of LOIC
|
||||||
* [T50](https://sourceforge.net/projects/t50/) - The more fast network stress tool
|
* [T50](https://sourceforge.net/projects/t50/) - The more fast network stress tool
|
||||||
|
* [UFONet](https://github.com/epsylon/ufonet) - UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using; GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.
|
||||||
|
|
||||||
#### Social Engineering Tools
|
#### Social Engineering Tools
|
||||||
* [SET](https://github.com/trustedsec/social-engineer-toolkit) - The Social-Engineer Toolkit from TrustedSec
|
* [SET](https://github.com/trustedsec/social-engineer-toolkit) - The Social-Engineer Toolkit from TrustedSec
|
||||||
@ -256,6 +260,9 @@ A collection of awesome penetration testing resources
|
|||||||
* [Google-dorks](https://github.com/JohnTroony/Google-dorks) - Common google dorks and others you prolly don't know
|
* [Google-dorks](https://github.com/JohnTroony/Google-dorks) - Common google dorks and others you prolly don't know
|
||||||
* [snitch](https://github.com/Smaash/snitch) - information gathering via dorks
|
* [snitch](https://github.com/Smaash/snitch) - information gathering via dorks
|
||||||
* [GooDork](https://github.com/k3170makan/GooDork) - Command line go0gle dorking tool
|
* [GooDork](https://github.com/k3170makan/GooDork) - Command line go0gle dorking tool
|
||||||
|
* [Sn1per](https://github.com/1N3/Sn1per) - Automated Pentest Recon Scanner
|
||||||
|
* [Threat Crowd](https://www.threatcrowd.org/) - A search engine for threats
|
||||||
|
* [Virus Total](https://www.virustotal.com/) - VirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.
|
||||||
* [OSINT Framework](http://osintframework.com/) - Collection of various OSInt tools broken out by category.
|
* [OSINT Framework](http://osintframework.com/) - Collection of various OSInt tools broken out by category.
|
||||||
* [Intel Techniques](https://inteltechniques.com/menu.html) - A collection of OSINT tools. Menu on the left can be used to navigate through the categories.
|
* [Intel Techniques](https://inteltechniques.com/menu.html) - A collection of OSINT tools. Menu on the left can be used to navigate through the categories.
|
||||||
* [DataSploit](https://github.com/upgoingstar/datasploit) - OSINT visualizer utilizing Shodan, Censys, Clearbit, EmailHunter, FullContact, and Zoomeye behind the scenes.
|
* [DataSploit](https://github.com/upgoingstar/datasploit) - OSINT visualizer utilizing Shodan, Censys, Clearbit, EmailHunter, FullContact, and Zoomeye behind the scenes.
|
||||||
|
Loading…
Reference in New Issue
Block a user