Commit Graph

732 Commits

Author SHA1 Message Date
Samar Dhwoj Acharya
44c3c1cb95 Merge pull request #176 from PatrikHudak/master
Add Awesome OSINT reference and some books
2017-08-10 08:36:06 -05:00
Patrik Hudak
d837a509a9 Add Awesome OSINT reference and some books 2017-08-10 10:30:03 +02:00
techgaun
4d77c90cab
remove missing lock picking document 2017-08-07 19:38:24 -05:00
Samar Dhwoj Acharya
052b8faaeb Merge pull request #175 from meitar/pentest-rsrc
Expand acronyms, improve descriptions, add OSSTMM item.
2017-08-07 19:26:59 -05:00
Meitar M
93d8cd0622
Expand acronyms, improve descriptions, add OSSTMM item.
This commit focses on the Penetration Testing Resources section and
provides better descriptions for most of the items therein. It also adds
the OSSTMM version 3 pentest methodology manual, which seems fitting as
it is both listed by OWASP and fits nicely with the PTES and PTF items
already listed.
2017-08-07 17:44:04 -04:00
Samar Dhwoj Acharya
ee2e2be848 Merge pull request #172 from meitar/toc
Fix broken intra-page link in the table of contents.
2017-07-28 16:04:57 -05:00
Samar Dhwoj Acharya
7d8016927e Merge pull request #174 from meitar/chipwhisperer
Add ChipWhisperer, a side-channel attack toolchain, in new section.
2017-07-28 08:00:53 -05:00
Meitar M
919c1e6113
Add ChipWhisperer, a side-channel attack toolchain, in new section. 2017-07-28 04:02:41 -04:00
Samar Dhwoj Acharya
d8ac74231e Merge pull request #173 from meitar/license-svg
Move license to the bottom, replace the PNG with an SVG.
2017-07-23 06:49:35 -05:00
Meitar M
20c7af2267
Move license to the bottom, replace the PNG with an SVG. 2017-07-23 03:31:20 -04:00
Meitar M
c9053f6682
Fix broken intra-page link in the table of contents. 2017-07-21 04:04:29 -04:00
Samar Dhwoj Acharya
017b61d9ba Merge pull request #171 from meitar/sparta
Provide a useful description for SPARTA.
2017-07-19 15:03:53 -05:00
Meitar M
34587c6dac
Provide a useful description for SPARTA.
SPARTA is not really its own tool, it's more like a meta-tool. There are
many "network infrastructure penetration testing tools" on this list,
but what does SPARTA actually do that these other tools don't? The
answer is primarily that SPARTA is a GUI wrapper around arbitrary
command lines with some additional logic to identify results from
well-known tools such as `nmap` and trigger actions based on those
results in other tools. Let's make that clear in the item's description.
2017-07-19 15:58:18 -04:00
Samar Dhwoj Acharya
000b36ecd0 Merge pull request #170 from filinpavel/patch-1
Update README.md
2017-07-18 07:57:55 -05:00
filinpavel
16f3406a0f Update README.md
added pyrebox to RE Tools section
2017-07-18 13:56:58 +07:00
Samar Dhwoj Acharya
4b148568ad Merge pull request #169 from meitar/attifyos
Add AttifyOS, a distro focused on pentesting IoT devices.
2017-07-17 08:16:36 -05:00
Meitar M
222a05baff
Add AttifyOS, a distro focused on pentesting IoT devices. 2017-07-17 04:44:03 -04:00
Samar Dhwoj Acharya
653a227d3e Merge pull request #168 from enaqx/travis-test
default to trusty for travis
2017-07-16 09:44:40 -05:00
Samar Dhwoj Acharya
23bee43ea8 Merge pull request #167 from meitar/unicorn
Add TrustedSec's "Magic Unicorn," a payload generator for Windows.
2017-07-16 09:44:07 -05:00
Meitar M
7e08965e7d
Add TrustedSec's "Magic Unicorn," a payload generator for Windows. 2017-07-16 04:06:18 -04:00
techgaun
d4fa4f0a72
default to trusty 2017-07-15 23:53:27 -05:00
Samar Dhwoj Acharya
d33ead1193 Merge pull request #166 from enaqx/travis-updates
update travis steps to handle dfn subca
2017-07-15 18:35:52 -05:00
techgaun
e7824ca693
update travis steps to handle dfn subca 2017-07-15 18:26:16 -05:00
Samar Dhwoj Acharya
0f33e6394d Merge pull request #163 from meitar/hpi-vdb
Add HPI-VDB, which has a cross-referenced CVE search engine and API.
2017-07-15 18:23:12 -05:00
Samar Dhwoj Acharya
e4ab781511 Merge pull request #165 from meitar/medusa
The name of the Medusa disassembler is just "Medusa."
2017-07-14 18:13:29 -05:00
Meitar M
cb21655e64
The name of the Medusa disassembler is just "Medusa." 2017-07-14 17:00:31 -04:00
Samar Dhwoj Acharya
aa2b5a7698 Merge pull request #164 from paralax/patch-1
spelling fixes
2017-07-14 10:32:06 -05:00
jose nazario
195e2ed79e spelling fixes 2017-07-14 10:13:37 -04:00
Meitar M
72f02c8b6b
Add HPI-VDB, which has a cross-referenced CVE search engine and API. 2017-07-13 14:17:56 -04:00
Samar Dhwoj Acharya
9ff00ba17a Merge pull request #159 from meitar/0xed
Add 0xED, a native macOS hex editor with support for resource forks.
2017-07-13 10:47:51 -05:00
Samar Dhwoj Acharya
6b733bfeeb Merge pull request #160 from meitar/ssl-tls
Move `sslstrip` to Web Exploitation, recategorize SSL as TLS tools.
2017-07-13 10:47:29 -05:00
Samar Dhwoj Acharya
8ab42bb257 Merge pull request #161 from meitar/anonymity-tools
Awesome List style guide compliance pass on the Anonymity Tools section.
2017-07-13 10:46:53 -05:00
Samar Dhwoj Acharya
29acf16652 Merge pull request #162 from meitar/pupy
Add Pupy, a multi-paradigm (scriptable/interactive) cross-platform RAT.
2017-07-13 10:45:16 -05:00
Meitar M
19bfe12cd6
Add Pupy, a multi-paradigm (scriptable/interactive) cross-platform RAT. 2017-07-13 03:45:49 -04:00
Meitar M
a4a1f0ecc6
Awesome List style guide compliance pass on the Anonymity Tools section.
This commit conforms the Anonymity Tools section to the Awesome List
style guide by adding periods and such, plus adds the WEBKAY project to
help defend against identity and privay leaks from mis-configured Web
browsers. It also phrases the Tor project item description more clearly.
2017-07-13 00:20:39 -04:00
Meitar M
bf7a6151a9
Add 0xED, a native macOS hex editor with support for resource forks. 2017-07-12 23:41:23 -04:00
Meitar M
74068f8d34
Move sslstrip to Web Exploitation, recategorize SSL as TLS tools.
This commit updates numerous tools all previously categorized as "SSL"
tools. It updates their descriptions to more accurately describe current
versions by remarking on TLS capabilities, and it does the same with the
section heading. Further, Web-centric exploitation tools related to
SSL/TLS implementations have been moved to the Web Exploitation section,
where they arguably more properly belong, as SSL/TLS implementations may
include application-layer services beyond simply HTTP and "Web" traffic.
2017-07-12 23:32:11 -04:00
Samar Dhwoj Acharya
1c7ee4c923 Merge pull request #158 from meitar/aquatone
Add AQUATONE, "a tool for domain flyovers" that makes a handy report.
2017-07-12 21:48:13 -05:00
Samar Dhwoj Acharya
04e9415204 Merge pull request #157 from meitar/xray
Add XRay, automated network (sub)domain recon and OSINT gathering tool.
2017-07-12 21:47:14 -05:00
Meitar M
6a64b2d78b
Add AQUATONE, "a tool for domain flyovers" that makes a handy report. 2017-07-12 17:02:43 -04:00
Meitar M
0ed418eef0
Add XRay, automated network (sub)domain recon and OSINT gathering tool. 2017-07-12 16:51:11 -04:00
Samar Dhwoj Acharya
6e464e5bb4 Merge pull request #156 from meitar/pret
Better description of PRET through conformity with item link style.
2017-07-12 07:46:51 -05:00
Samar Dhwoj Acharya
77df4413fc Merge pull request #155 from meitar/wireshark-macos
Better description for Wireshark, make clear it is cross-platform.
2017-07-12 07:46:25 -05:00
Samar Dhwoj Acharya
bbffb78c67 Merge branch 'master' into wireshark-macos 2017-07-12 07:46:04 -05:00
Samar Dhwoj Acharya
69ba677983 Merge pull request #154 from meitar/basic-tools
Recategorize "Basic" tools section for clarity and conformity.
2017-07-12 07:43:26 -05:00
Meitar M
e4ac5a1cc1
Better description of PRET through conformity with item link style. 2017-07-12 02:51:49 -04:00
Meitar M
16868763fd
Better description for Wireshark, make clear it is cross-platform. 2017-07-12 02:45:19 -04:00
Meitar M
0e4032c58e
Recategorize "Basic" tools section for clarity and conformity.
This commit removes the "Basic Penetration Testing Tools" section and
moves numerous items listed therein into more appropriate places, based
on existing categories. For instance, BeEF is moved to the Web
Exploitation section, since it is more accurate to describe it as a Web
exploitation tool than a "Basic" tool. The former category is
descriptive while the latter is clearly nondescript.

A new section, "Multi-paradigm Frameworks," has been added for items
that were listed under the removed "Basic" section but that do not
cleanly fit into an existing category. Namely, these are Metasploit,
ExploitPack, and Faraday, which are exceptions simply because they are
so versatile. (Hence the choice of the new section, "Multi-paradigm.")

Additionally, the well-known Armitage GUI for Metasploit was added.

Moreover, Bella was moved to a new section, "macOS Utilities," which
provides parity with the existing Windows Utilities and GNU/Linux
Utilities section. Bella is a post-exploitation agent similar to
redsnarf, which likewise has been moved out of the "Basic" section and
into its more appropriate Windows Utilities section.

Other minor touch ups to various item descriptions were also made.
2017-07-12 02:28:12 -04:00
Samar Dhwoj Acharya
24ee7a47b0 Merge pull request #153 from meitar/binwalk
Add `binwalk`, fast and easy tool for reversing firmware images.
2017-07-11 23:26:38 -05:00
Samar Dhwoj Acharya
3ad1b1186f Merge pull request #152 from meitar/ida-pro-free
IDA Pro and IDA Free are basically the same; combine into one item.
2017-07-11 23:25:56 -05:00