Awesome-Mirrors/awesome-pentest
1
0
Fork 0
mirror of https://github.com/enaqx/awesome-pentest.git synced 2025-04-24 17:09:15 -04:00
Code Issues Packages Projects Releases Wiki Activity

Update README.md / added resources for OSINT, C2s, Web tools and Flipper Zero

Browse Source 
I added the following links:
https://github.com/djsime1/awesome-flipperzero
https://github.com/sherlock-project/sherlock
https://github.com/sundowndev/phoneinfoga
https://github.com/twintproject/twint
https://pentest-tools.com/
https://github.com/EmpireProject/Empire
https://github.com/3ct0s/dystopia-c2
This commit is contained in:
Bryan 2024-08-08 07:10:38 -05:00 committed by GitHub
parent 9f12fc119f
commit e16d06b3b8
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 93 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

177
README.md
View File

@ -10,87 +10,88 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea
## Contents
* [Android Utilities](#android-utilities)
* [Anonymity Tools](#anonymity-tools)
* [Tor Tools](#tor-tools)
* [Anti-virus Evasion Tools](#anti-virus-evasion-tools)
* [Books](#books)
* [Malware Analysis Books](#malware-analysis-books)
* [CTF Tools](#ctf-tools)
* [Cloud Platform Attack Tools](#cloud-platform-attack-tools)
* [Collaboration Tools](#collaboration-tools)
* [Conferences and Events](#conferences-and-events)
* [Asia](#asia)
* [Europe](#europe)
* [North America](#north-america)
* [South America](#south-america)
* [Zealandia](#zealandia)
* [Exfiltration Tools](#exfiltration-tools)
* [Exploit Development Tools](#exploit-development-tools)
* [File Format Analysis Tools](#file-format-analysis-tools)
* [GNU/Linux Utilities](#gnulinux-utilities)
* [Hash Cracking Tools](#hash-cracking-tools)
* [Hex Editors](#hex-editors)
* [Industrial Control and SCADA Systems](#industrial-control-and-scada-systems)
* [Intentionally Vulnerable Systems](#intentionally-vulnerable-systems)
* [Intentionally Vulnerable Systems as Docker Containers](#intentionally-vulnerable-systems-as-docker-containers)
* [Lock Picking](#lock-picking)
* [macOS Utilities](#macos-utilities)
* [Multi-paradigm Frameworks](#multi-paradigm-frameworks)
* [Network Tools](#network-tools)
* [DDoS Tools](#ddos-tools)
* [Network Reconnaissance Tools](#network-reconnaissance-tools)
* [Protocol Analyzers and Sniffers](#protocol-analyzers-and-sniffers)
* [Network Traffic Replay and Editing Tools](#network-traffic-replay-and-editing-tools)
* [Proxies and Machine-in-the-Middle (MITM) Tools](#proxies-and-machine-in-the-middle-mitm-tools)
* [Transport Layer Security Tools](#transport-layer-security-tools)
* [Wireless Network Tools](#wireless-network-tools)
* [Network Vulnerability Scanners](#network-vulnerability-scanners)
* [Web Vulnerability Scanners](#web-vulnerability-scanners)
* [Open Sources Intelligence (OSINT)](#open-sources-intelligence-osint)
* [Data broker and search engine services](#data-broker-and-search-engine-services)
* [Dorking tools](#dorking-tools)
* [Email search and analysis tools](#email-search-and-analysis-tools)
* [Metadata harvesting and analysis](#metadata-harvesting-and-analysis)
* [Network device discovery tools](#network-device-discovery-tools)
* [OSINT Online Resources](#osint-online-resources)
* [Source code repository searching tools](#source-code-repository-searching-tools)
* [Web application and resource analysis tools](#web-application-and-resource-analysis-tools)
* [Online Resources](#online-resources)
* [Online Code Samples and Examples](#online-code-samples-and-examples)
* [Online Exploit Development Resources](#online-exploit-development-resources)
* [Online Lock Picking Resources](#online-lock-picking-resources)
* [Online Operating Systems Resources](#online-operating-systems-resources)
* [Online Penetration Testing Resources](#online-penetration-testing-resources)
* [Other Lists Online](#other-lists-online)
* [Penetration Testing Report Templates](#penetration-testing-report-templates)
* [Operating System Distributions](#operating-system-distributions)
* [Periodicals](#periodicals)
* [Physical Access Tools](#physical-access-tools)
* [Privilege Escalation Tools](#privilege-escalation-tools)
* [Password Spraying Tools](#password-spraying-tools)
* [Reverse Engineering](#reverse-engineering)
* [Reverse Engineering Books](#reverse-engineering-books)
* [Reverse Engineering Tools](#reverse-engineering-tools)
* [Security Education Courses](#security-education-courses)
* [Shellcoding Guides and Tutorials](#exploit-development-online-resources)
* [Side-channel Tools](#side-channel-tools)
* [Social Engineering](#social-engineering)
* [Social Engineering Books](#social-engineering-books)
* [Social Engineering Online Resources](#social-engineering-online-resources)
* [Social Engineering Tools](#social-engineering-tools)
* [Static Analyzers](#static-analyzers)
* [Steganography Tools](#steganography-tools)
* [Vulnerability Databases](#vulnerability-databases)
* [Web Exploitation](#web-exploitation)
* [Intercepting Web proxies](#intercepting-web-proxies)
* [Web file inclusion tools](#web-file-inclusion-tools)
* [Web injection tools](#web-injection-tools)
* [Web path discovery and bruteforcing tools](#web-path-discovery-and-bruteforcing-tools)
* [Web shells and C2 frameworks](#web-shells-and-c2-frameworks)
* [Web-accessible source code ripping tools](#web-accessible-source-code-ripping-tools)
* [Web Exploitation Books](#web-exploitation-books)
* [Windows Utilities](#windows-utilities)
- [Awesome Penetration Testing ](#awesome-penetration-testing-)
- [Contents](#contents)
- [Android Utilities](#android-utilities)
- [Anonymity Tools](#anonymity-tools)
- [Tor Tools](#tor-tools)
- [Anti-virus Evasion Tools](#anti-virus-evasion-tools)
- [Books](#books)
- [Malware Analysis Books](#malware-analysis-books)
- [CTF Tools](#ctf-tools)
- [Cloud Platform Attack Tools](#cloud-platform-attack-tools)
- [Collaboration Tools](#collaboration-tools)
- [Conferences and Events](#conferences-and-events)
- [Asia](#asia)
- [Europe](#europe)
- [North America](#north-america)
- [South America](#south-america)
- [Zealandia](#zealandia)
- [Exfiltration Tools](#exfiltration-tools)
- [Exploit Development Tools](#exploit-development-tools)
- [File Format Analysis Tools](#file-format-analysis-tools)
- [GNU/Linux Utilities](#gnulinux-utilities)
- [Hash Cracking Tools](#hash-cracking-tools)
- [Hex Editors](#hex-editors)
- [Industrial Control and SCADA Systems](#industrial-control-and-scada-systems)
- [Intentionally Vulnerable Systems](#intentionally-vulnerable-systems)
- [Intentionally Vulnerable Systems as Docker Containers](#intentionally-vulnerable-systems-as-docker-containers)
- [Lock Picking](#lock-picking)
- [macOS Utilities](#macos-utilities)
- [Multi-paradigm Frameworks](#multi-paradigm-frameworks)
- [Network Tools](#network-tools)
- [DDoS Tools](#ddos-tools)
- [Network Reconnaissance Tools](#network-reconnaissance-tools)
- [Protocol Analyzers and Sniffers](#protocol-analyzers-and-sniffers)
- [Network Traffic Replay and Editing Tools](#network-traffic-replay-and-editing-tools)
- [Proxies and Machine-in-the-Middle (MITM) Tools](#proxies-and-machine-in-the-middle-mitm-tools)
- [Transport Layer Security Tools](#transport-layer-security-tools)
- [Wireless Network Tools](#wireless-network-tools)
- [Network Vulnerability Scanners](#network-vulnerability-scanners)
- [Web Vulnerability Scanners](#web-vulnerability-scanners)
- [Online Resources](#online-resources)
- [Online Operating Systems Resources](#online-operating-systems-resources)
- [Online Penetration Testing Resources](#online-penetration-testing-resources)
- [Other Lists Online](#other-lists-online)
- [Penetration Testing Report Templates](#penetration-testing-report-templates)
- [Open Sources Intelligence (OSINT)](#open-sources-intelligence-osint)
- [Data Broker and Search Engine Services](#data-broker-and-search-engine-services)
- [Dorking tools](#dorking-tools)
- [Email search and analysis tools](#email-search-and-analysis-tools)
- [Metadata harvesting and analysis](#metadata-harvesting-and-analysis)
- [Network device discovery tools](#network-device-discovery-tools)
- [OSINT Online Resources](#osint-online-resources)
- [Source code repository searching tools](#source-code-repository-searching-tools)
- [Web application and resource analysis tools](#web-application-and-resource-analysis-tools)
- [Operating System Distributions](#operating-system-distributions)
- [Periodicals](#periodicals)
- [Physical Access Tools](#physical-access-tools)
- [Privilege Escalation Tools](#privilege-escalation-tools)
- [Password Spraying Tools](#password-spraying-tools)
- [Reverse Engineering](#reverse-engineering)
- [Reverse Engineering Books](#reverse-engineering-books)
- [Reverse Engineering Tools](#reverse-engineering-tools)
- [Security Education Courses](#security-education-courses)
- [Shellcoding Guides and Tutorials](#shellcoding-guides-and-tutorials)
- [Side-channel Tools](#side-channel-tools)
- [Social Engineering](#social-engineering)
- [Social Engineering Books](#social-engineering-books)
- [Social Engineering Online Resources](#social-engineering-online-resources)
- [Social Engineering Tools](#social-engineering-tools)
- [Static Analyzers](#static-analyzers)
- [Steganography Tools](#steganography-tools)
- [Vulnerability Databases](#vulnerability-databases)
- [Web Exploitation](#web-exploitation)
- [Intercepting Web proxies](#intercepting-web-proxies)
- [Web file inclusion tools](#web-file-inclusion-tools)
- [Web injection tools](#web-injection-tools)
- [Web path discovery and bruteforcing tools](#web-path-discovery-and-bruteforcing-tools)
- [Web shells and C2 frameworks](#web-shells-and-c2-frameworks)
- [Web-accessible source code ripping tools](#web-accessible-source-code-ripping-tools)
- [Web Exploitation Books](#web-exploitation-books)
- [Windows Utilities](#windows-utilities)
- [Flipper Zero](#flipper-zero)
- [License](#license)
## Android Utilities
@ -496,6 +497,8 @@ See also *[Intercepting Web proxies](#intercepting-web-proxies)*.
* [joomscan](https://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project) - Joomla vulnerability scanner.
* [skipfish](https://www.kali.org/tools/skipfish/) - Performant and adaptable active web application security reconnaissance tool.
* [w3af](https://github.com/andresriancho/w3af) - Web application attack and audit framework.
* [Pentest-Tools](https://pentest-tools.com/) - Pentest-Tools.com helps security teams run the key steps of a penetration test, easily and without expert hacking skills.
## Online Resources
@ -577,8 +580,10 @@ See also [awesome-osint](https://github.com/jivoi/awesome-osint).
* [recon-ng](https://github.com/lanmaster53/recon-ng) - Full-featured Web Reconnaissance framework written in Python.
* [sn0int](https://github.com/kpcyrd/sn0int) - Semi-automatic OSINT framework and package manager.
* [Facebook Friend List Scraper](https://github.com/narkopolo/fb_friend_list_scraper) - Tool to scrape names and usernames from large friend lists on Facebook, without being rate limited.
* [sherlock](https://github.com/sherlock-project/sherlock) - Hunt down social media accounts by username across social networks
* [phoneinfoga](https://github.com/sundowndev/phoneinfoga) - Information gathering framework for phone numbers
* [twint](https://github.com/twintproject/twint) - An advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a user's followers, following, Tweets and more while evading most API limitations.
* []()
### Data Broker and Search Engine Services
* [Hunter.io](https://hunter.io/) - Data broker providing a Web search interface for discovering the email addresses and other organizational details of a company.
@ -872,7 +877,8 @@ See also *[Proxies and Machine-in-the-Middle (MITM) Tools](#proxies-and-machine-
* [PhpSploit](https://github.com/nil0x42/phpsploit) - Full-featured C2 framework which silently persists on webserver via evil PHP oneliner.
* [SharPyShell](https://github.com/antonioCoco/SharPyShell) - Tiny and obfuscated ASP.NET webshell for C# web applications.
* [weevely3](https://github.com/epinna/weevely3) - Weaponized PHP-based web shell.
* [dystopia-c2](https://github.com/3ct0s/dystopia-c2) - Windows Remote Administration Tool that uses Discord, Telegram and GitHub as C2s
* [Empire](https://github.com/EmpireProject/Empire) - Empire is a PowerShell and Python post-exploitation agent.
### Web-accessible source code ripping tools
* [DVCS Ripper](https://github.com/kost/dvcs-ripper) - Rip web accessible (distributed) version control systems: SVN/GIT/HG/BZR.
@ -911,6 +917,9 @@ See also *[Proxies and Machine-in-the-Middle (MITM) Tools](#proxies-and-machine-
* [wePWNise](https://labs.mwrinfosecurity.com/tools/wepwnise/) - Generates architecture independent VBA code to be used in Office documents or templates and automates bypassing application control and exploit mitigation software.
* [WinPwn](https://github.com/SecureThisShit/WinPwn) - Internal penetration test script to perform local and domain reconnaissance, privilege escalation and exploitation.
## Flipper Zero
* [awesome-flipperzero](https://github.com/djsime1/awesome-flipperzero) - A collection of awesome resources for the Flipper Zero device.
## License
[![CC-BY](https://mirrors.creativecommons.org/presskit/buttons/88x31/svg/by.svg)](https://creativecommons.org/licenses/by/4.0/)