mirror of
https://github.com/enaqx/awesome-pentest.git
synced 2024-12-23 06:09:22 -05:00
parent
9d92d655c1
commit
997e980d09
15
README.md
15
README.md
@ -77,8 +77,6 @@ A collection of awesome penetration testing resources
|
|||||||
* [BeeF](https://github.com/beefproject/beef) - The Browser Exploitation Framework Project
|
* [BeeF](https://github.com/beefproject/beef) - The Browser Exploitation Framework Project
|
||||||
* [faraday](https://github.com/infobyte/faraday) - Collaborative Penetration Test and Vulnerability Management Platform
|
* [faraday](https://github.com/infobyte/faraday) - Collaborative Penetration Test and Vulnerability Management Platform
|
||||||
* [evilgrade](https://github.com/infobyte/evilgrade) - The update explotation framework
|
* [evilgrade](https://github.com/infobyte/evilgrade) - The update explotation framework
|
||||||
* [WPScan](http://wpscan.org/) - Black box WordPress vulnerability scanner
|
|
||||||
* [SQLmap](http://sqlmap.org/) - Automatic SQL injection and database takeover tool
|
|
||||||
* [commix](https://github.com/stasinopoulos/commix) - Automated All-in-One OS Command Injection and Exploitation Tool
|
* [commix](https://github.com/stasinopoulos/commix) - Automated All-in-One OS Command Injection and Exploitation Tool
|
||||||
|
|
||||||
#### Vulnerability Scanners
|
#### Vulnerability Scanners
|
||||||
@ -105,6 +103,10 @@ A collection of awesome penetration testing resources
|
|||||||
* [SPARTA](http://sparta.secforce.com/) - Network Infrastructure Penetration Testing Tool
|
* [SPARTA](http://sparta.secforce.com/) - Network Infrastructure Penetration Testing Tool
|
||||||
* [DNSDumpster](https://dnsdumpster.com/) - Online DNS recond and search service
|
* [DNSDumpster](https://dnsdumpster.com/) - Online DNS recond and search service
|
||||||
* [Mass Scan](https://github.com/robertdavidgraham/masscan) - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
|
* [Mass Scan](https://github.com/robertdavidgraham/masscan) - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
|
||||||
|
* [Zarp](https://github.com/hatRiot/zarp) - Zarp is a network attack tool centered around the exploitation of local networks
|
||||||
|
* [mitmproxy](https://github.com/mitmproxy/mitmproxy) - An interactive SSL-capable intercepting HTTP proxy for penetration testers and software developers
|
||||||
|
* [mallory](https://github.com/justmao945/mallory) - HTTP/HTTPS proxy over SSH
|
||||||
|
* [DET](https://github.com/sensepost/DET) - DET is a proof of concept to perform Data Exfiltration using either single or multiple channel(s) at the same time
|
||||||
|
|
||||||
#### Wireless Network Tools
|
#### Wireless Network Tools
|
||||||
* [Aircrack-ng](http://www.aircrack-ng.org/) - a set of tools for auditing wireless network
|
* [Aircrack-ng](http://www.aircrack-ng.org/) - a set of tools for auditing wireless network
|
||||||
@ -117,8 +119,15 @@ A collection of awesome penetration testing resources
|
|||||||
* [sslstrip](http://www.thoughtcrime.org/software/sslstrip/) - a demonstration of the HTTPS stripping attacks
|
* [sslstrip](http://www.thoughtcrime.org/software/sslstrip/) - a demonstration of the HTTPS stripping attacks
|
||||||
* [sslstrip2](https://github.com/LeonardoNve/sslstrip2) - SSLStrip version to defeat HSTS
|
* [sslstrip2](https://github.com/LeonardoNve/sslstrip2) - SSLStrip version to defeat HSTS
|
||||||
|
|
||||||
|
#### Web exploitation
|
||||||
|
* [WPScan](http://wpscan.org/) - Black box WordPress vulnerability scanner
|
||||||
|
* [SQLmap](http://sqlmap.org/) - Automatic SQL injection and database takeover tool
|
||||||
|
* [weevely3](https://github.com/epinna/weevely3) - Weaponized web shell
|
||||||
|
* [Wappalyzer](https://wappalyzer.com/) - Wappalyzer uncovers the technologies used on websites
|
||||||
|
|
||||||
#### Hex Editors
|
#### Hex Editors
|
||||||
* [HexEdit.js](http://hexed.it/) - Browser-based hex editing
|
* [HexEdit.js](http://hexed.it/) - Browser-based hex editing
|
||||||
|
* [Hexinator](https://hexinator.com/) (commercial) - World's finest Hex Editor
|
||||||
|
|
||||||
#### Crackers
|
#### Crackers
|
||||||
* [John the Ripper](http://www.openwall.com/john/) - Fast password cracker
|
* [John the Ripper](http://www.openwall.com/john/) - Fast password cracker
|
||||||
@ -129,6 +138,7 @@ A collection of awesome penetration testing resources
|
|||||||
* [Sysinternals Suite](http://technet.microsoft.com/en-us/sysinternals/bb842062) - The Sysinternals Troubleshooting Utilities
|
* [Sysinternals Suite](http://technet.microsoft.com/en-us/sysinternals/bb842062) - The Sysinternals Troubleshooting Utilities
|
||||||
* [Windows Credentials Editor](http://www.ampliasecurity.com/research/windows-credentials-editor/) - security tool to list logon sessions and add, change, list and delete associated credentials
|
* [Windows Credentials Editor](http://www.ampliasecurity.com/research/windows-credentials-editor/) - security tool to list logon sessions and add, change, list and delete associated credentials
|
||||||
* [mimikatz](http://blog.gentilkiwi.com/mimikatz) - Credentials extraction tool for Windows OS
|
* [mimikatz](http://blog.gentilkiwi.com/mimikatz) - Credentials extraction tool for Windows OS
|
||||||
|
* [PowerSpoit](https://github.com/PowerShellMafia/PowerSploit) - A PowerShell Post-Exploitation Framework
|
||||||
|
|
||||||
#### DDoS Tools
|
#### DDoS Tools
|
||||||
* [LOIC](https://github.com/NewEraCracker/LOIC/) - An open source network stress tool for Windows
|
* [LOIC](https://github.com/NewEraCracker/LOIC/) - An open source network stress tool for Windows
|
||||||
@ -163,6 +173,7 @@ A collection of awesome penetration testing resources
|
|||||||
* [Immunity Debugger](http://debugger.immunityinc.com/) - A powerful new way to write exploits and analyze malware
|
* [Immunity Debugger](http://debugger.immunityinc.com/) - A powerful new way to write exploits and analyze malware
|
||||||
* [Evan's Debugger](http://www.codef00.com/projects#debugger) - OllyDbg-like debugger for Linux
|
* [Evan's Debugger](http://www.codef00.com/projects#debugger) - OllyDbg-like debugger for Linux
|
||||||
* [Medusa disassembler](https://github.com/wisk/medusa) - An open source interactive disassembler
|
* [Medusa disassembler](https://github.com/wisk/medusa) - An open source interactive disassembler
|
||||||
|
* [plasma](https://github.com/joelpx/plasma) - Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.
|
||||||
|
|
||||||
#### CTF Tools
|
#### CTF Tools
|
||||||
* [Pwntools](https://github.com/Gallopsled/pwntools) - CTF framework for use in CTFs
|
* [Pwntools](https://github.com/Gallopsled/pwntools) - CTF framework for use in CTFs
|
||||||
|
Loading…
Reference in New Issue
Block a user