Commit Graph

514 Commits

Author SHA1 Message Date
Samar Dhwoj Acharya
16ccc45735
Merge pull request #240 from abhishekbundela/master
Added pentestbox.
2018-07-31 19:48:37 -05:00
Samar Dhwoj Acharya
33dcacdde4
Update README.md 2018-07-31 19:48:15 -05:00
Samar Dhwoj Acharya
c77337ef0e
Merge pull request #241 from meitar/ruler
Add Ruler, a tool to abuse client-side Outlook features to pwn Exchange.
2018-07-31 19:46:06 -05:00
Meitar M
081241efc6
Fix link for Bella, a post-exploitation agent for MacOS. 2018-07-31 17:17:00 -04:00
Meitar M
f0cba27bf0
Add Ruler, a tool to abuse client-side Outlook features to pwn Exchange. 2018-07-31 16:57:03 -04:00
Abhishek bundela
c14d026566
Added pentestbox. 2018-07-31 18:05:47 +05:30
Samar Dhwoj Acharya
e922b9da06
Merge pull request #239 from sundaysec/patch-2
Added MITMF
2018-07-30 12:51:31 -05:00
Samar Dhwoj Acharya
ecab02ad15
Merge pull request #238 from evyatarmeged/patch-1
Add Raccoon under Web Exploitation category
2018-07-30 12:50:45 -05:00
Samar Dhwoj Acharya
7ae9d0ed32
Merge pull request #235 from meitar/blueteam
New awesome list: "Cybersecurity Blue Team"
2018-07-30 12:50:09 -05:00
PHILEMON SUNDAY JOEL
2a8c4a9a46
Added MITMF
A Framework for Man-In-The-Middle attacks
2018-07-27 16:00:23 +03:00
Evyatar Meged
121e9f8872
Add Raccoon under Web Exploitation category
I've added my new tool, Raccoon, to the Web Exploitation tools list
https://github.com/evyatarmeged/Raccoon
2018-07-25 21:22:55 +03:00
Samar Dhwoj Acharya
ccc3b5182d
Merge pull request #237 from meitar/foca
Add FOCA, an OSINT tool that uses three search engines.
2018-07-25 12:13:10 -05:00
Meitar M
60c06a2195
Add FOCA, an OSINT tool that uses three search engines. 2018-07-25 11:17:26 -04:00
Mahdi Makhdumi
a3e481f9a3
Update README.md 2018-07-25 13:42:50 +04:30
Mahdi Makhdumi
bb023efb72
Update README.md 2018-07-25 03:31:34 +04:30
Meitar M
71017d5b2a
New awesome list: "Cybersecurity Blue Team"
This is a companion/sister list to awesome-pentest intended to provide
the same level of quality resources for defenders rather than attackers.
2018-07-24 16:29:17 -04:00
Samar Dhwoj Acharya
d295832e00
Merge pull request #219 from meitar/cnnvd
Add CNNVD to Vulnerability Databases section.
2018-07-24 14:48:59 -05:00
Samar Dhwoj Acharya
8bb617b7d7
Merge pull request #232 from C-Sto/patch-1
Add recursebuster
2018-07-24 14:44:16 -05:00
Samar Dhwoj Acharya
9a2fb6b9c7
Merge pull request #234 from sundaysec/patch-1
Added awesome tools
2018-07-24 14:42:29 -05:00
PHILEMON SUNDAY JOEL
eb69db65bf
Added awesome tools 2018-07-24 22:01:13 +03:00
Meitar M
9040ae7742
Add numerous tools:
* ScanCannon - `masscan` and `nmap` multiplexer.
* RID_ENUM - null session cycling attack for Windows user enumeration.
* MailSniper - recon toolkit for MS Exchange (OWA/EWS) environments.
* FiercePhish - full-fledged phishing campaign management platform.
* Hunter.io - data broker providing internal company emails.
2018-07-23 15:44:49 -04:00
C_Sto
c7d8034e58
Add recursebuster
https://github.com/c-sto/recursebuster

Content discovery/recursive web directory bruteforcer
2018-07-15 14:50:40 +08:00
Florian Heuer
ceb54f3b7d
Update README.md
Added VaaS SambaCry in Docker for Penetration Testing
2018-05-18 15:50:26 +02:00
Meitar M
12b9636a43
Add PacketTotal near Virus Total, a similar service for PCAP analysis. 2018-05-12 12:22:49 -04:00
Meitar M
fc8b826142
Add THC Hydra, a famous online network protocol password cracker. 2018-05-04 22:52:53 -04:00
Samar Dhwoj Acharya
25eac5cd9b
Merge pull request #222 from alichtman/master
Removed Duplicate Kali Linux Docker Link
2018-04-30 09:13:50 -05:00
Meitar M
062e214ebf
Sub-categorize "Network Tools" section, clarify "Defense," add Iodine.
Iodine is a DNS tunnel and useful for data exfiltration.

The Network Tools section became very long, so I chunked it up with
subcategories that pertain to the sort of tool. ("Network Tools" is
itself somewhat vague, and multi-paradigm/multi-function tools were
retained in the root of the category.)

Finally, "Defense Evasion Tools" was renamed to "Anti-virus Evasion
Tools" because every utility listed there was actually an AV or
host-based defense evasion tool, which is distinct from the network
evasion tools (exfiltration utilities) already listed in the "Network
Tools" section, above. I believe this clarity will help a reader more
quickly find the specific type of "defense evasion" utility they are
actually looking for.
2018-04-14 15:27:31 -04:00
Meitar M
ee32aff5c3 Add Shellter dynamic shellcode injection tool (anti-virus evasion tool). (#226) 2018-04-12 17:55:18 -05:00
Meitar M
0929ede5d4 Add PCILeech, a Direct Memory Access attack tool. (#225) 2018-04-04 13:58:10 -05:00
Jeff Foley
46dacfca0a Amass being added to the OSINT category (#224)
* added Amass to the OSINT section of the list

* updated the Amass entry within the OSINT category #223
2018-04-03 22:15:30 -05:00
alichtman
137e8649a0
removed duplicate Kali Linux docker command + link 2018-03-30 02:27:02 -05:00
Emily Ann
9eb26c04ff
Updated
Added 2 tools to web vulnerability scanning category. 
Zoom- an advanced wordpress username enumerator with infinite scanning (much more powerful than the user name enumeration module in wpscan)
Sqlmate- a friend of sqlmap that identifies sqli vulnerabilities based on given dork and website (optional)
2018-03-24 12:36:03 -07:00
Meitar M
ddfc8ae7fb
Add Memcrashed DRDoS (Distributed Reflection Denial of Service) attack tool. 2018-03-22 14:20:34 -04:00
Meitar M
dd8ef7a41c
Add CNNVD to Vulnerability Databases section. 2018-03-15 14:43:55 -04:00
Meitar M
3f44886460
Add AutoSploit, automated mass exploit tool. 2018-02-07 12:33:08 -05:00
Samar Dhwoj Acharya
6d5730f286
Update README.md 2018-01-19 17:26:53 -06:00
Nhoya
c3b318062a
Added gOSINT 2018-01-17 20:58:14 +01:00
Samar Dhwoj Acharya
69050dae22
Merge pull request #211 from eric-therond/master
Add Progpilot
2018-01-10 22:17:30 -06:00
Samar Dhwoj Acharya
8d2c7a381a
Update README.md 2018-01-10 22:17:13 -06:00
Samar Dhwoj Acharya
ddde98e77f
Merge pull request #214 from meitar/crackpkcs12
Add crackpkcs12, a fast and multithreaded program to crack p12 (TLS) certs.
2018-01-10 22:16:44 -06:00
Samar Dhwoj Acharya
8b6377be1c
Merge pull request #212 from meitar/dnstwist
Add dnstwist.
2018-01-10 22:16:20 -06:00
Meitar M
06aea06df5
Add crackpkcs12, a fast and multithreaded program to crack p12 (TLS) certs. 2018-01-10 20:51:06 -05:00
Meitar M
66cf701dd0
Add Hex Fiend. 2018-01-10 20:46:34 -05:00
Meitar M
e358a12bc8
Add dnstwist.
This commit also conforms several other Network Tools line items to the
Awesome List style guide (remove the introductory "A" preposition).
2018-01-08 12:52:27 -05:00
forgesecurity
43b703abc3 Add Progpilot 2017-12-16 14:54:29 +01:00
Seth
728f8bed4a
Remove Dead Link From List- "Hack3rcon"
Remove line 562 "* [Hack3rCon](http://hack3rcon.org/) - Annual US hacker conference." because the link leads to a domain squatting website rather than an actual hacker conference.
2017-12-14 19:45:41 -05:00
Nick Raienko
d924f889f4 Various updates 2017-12-11 08:28:19 +02:00
Samar Dhwoj Acharya
3b0d0cba72
fix formatting 2017-11-28 10:57:00 -06:00
Asaf Hecht
a1a1644ed4
Adding ACLight tool
Adding ACLight tool - A script for advanced discovery of sensitive Privileged Accounts - includes Shadow Admins
2017-11-28 15:31:11 +02:00
Samar Dhwoj Acharya
6e9599f57c
Merge pull request #199 from DzasterAbz/patch-3
Added Beelogger
2017-11-19 22:40:44 -06:00
techgaun
f30958f5b2
fix wappalyzer link 2017-11-19 22:33:45 -06:00
techgaun
5ff68d4970
add various tools suggested on #204 and fix link for sobelow
closes #204
2017-11-19 22:31:45 -06:00
Meitar M
02becfc3a1
Add MITRE's ATT&CK, a superbly organized wiki of attack techniques. 2017-11-01 00:11:37 -04:00
Meitar M
4a3bf603c4
Add WiGLE.net, a huge OSINT database about wireless and Wi-Fi networks. 2017-10-31 00:20:22 -04:00
Jonathan Cran
a19f14ac88
Add intrigue to OSINT tools 2017-10-28 20:06:23 -07:00
Sai Abhiram
d9d72f8da1 Added Beelogger 2017-10-26 07:23:44 -04:00
Tijme Gommers
70057403e4 Added ACSTIS to Web Scanners
[ACSTIS](https://github.com/tijme/angularjs-csti-scanner) helps you to scan certain web applications for AngularJS Client-Side Template Injection (sometimes referred to as CSTI, sandbox escape or sandbox bypass). It supports scanning a single request but also crawling the entire web application for the AngularJS CSTI vulnerability.
2017-10-25 16:54:52 +02:00
Michael
ba7909d764 Added NoSQL Map and VHostScan 2017-10-24 16:44:28 +10:00
Ryan Shipp
0ba0f8fc4f Add awesome-yara to related lists 2017-10-17 15:16:51 -05:00
Meitar M
3b590db063
Add FireEye's new rVMI dynamic malware analysis tool. 2017-09-19 04:31:36 -04:00
Meitar M
c1030eeb07
Descriptions should have periods at the end for style guide compliance. 2017-09-19 04:31:13 -04:00
phocean
30a4d54e65 Update README.md 2017-09-15 09:45:32 +02:00
Rick Daalhuizen
1897b67ef9 Added New Hash Cracking Tools
jwt-cracker: https://github.com/lmammino/jwt-cracker
rar-crack: https://github.com/ziman/rarcrack
bruteforce-wallet: https://github.com/glv2/bruteforce-wallet
2017-09-08 16:02:55 +02:00
Nick Raienko
d118a65d32 Put back netsparker header 2017-09-07 15:03:46 +03:00
Samar Dhwoj Acharya
c4d1da3874 Update README.md 2017-09-01 12:49:36 -05:00
sheimo
4943d9908c Update README.md
Added a Penetration Testing Report section with links to them respectively.
2017-08-31 16:58:30 -05:00
Devin Calado
0e03ccb91b Added Fluxion to Wireless Network Tools
Fluxion - Suite of automated social engineering based WPA attacks.  

I found this tool to be useful in gaining WPA/WPA2 credentials without needing to crack the handshake.  Automates the process of using social engineering to trick users into giving up their WPA passphrases.  Also confirms the correct passphrase was harvested by automatically comparing the passphrase to a captured handshake. 

I think this tool fits better in the Wireless Network Tools section rather than the Social Engineering section.
2017-08-30 15:44:32 -07:00
Samar Dhwoj Acharya
bb4c3c8c28 Merge pull request #183 from meitar/onionscan
Add OnionScan; tool for finding opsec/netsec issues in Onions.
2017-08-22 21:03:49 -05:00
Meitar M
6adbd8cb80
Add Proxmark hardware/software toolkit for RFID/NFC pentests. 2017-08-22 19:25:11 -04:00
Meitar M
fb5274e1f7
Add OnionScan; tool for finding opsec/netsec issues in Onions. 2017-08-22 18:15:15 -04:00
Meitar M
b352f07525
Add UniByAv, fix typo in Hyperion runtime encryptor. 2017-08-17 16:14:40 -04:00
Samar Dhwoj Acharya
407722478a Update README.md 2017-08-17 10:41:51 -05:00
Samar Dhwoj Acharya
c655eb7a21 Merge pull request #179 from meitar/av-evasion
Add new section "Defense Evasion Tools" with a bunch of relevant tools.
2017-08-17 10:39:49 -05:00
Samar Dhwoj Acharya
e4566021fd Merge pull request #180 from meitar/tools-not-resources
Fixes for miscategorized items.
2017-08-17 10:38:34 -05:00
Meitar M
7909070e79
Better description for Windows Credentials Editor. 2017-08-17 09:23:33 -04:00
Meitar M
ef65ac1e97
Add Capstone, a multi-platform disassembler. 2017-08-17 09:22:09 -04:00
Meitar M
0b2d9f8cd8
Move Voltron to Tools subsection.
Also remove shellsploit, which now links to an empty repository.
2017-08-17 09:21:00 -04:00
Meitar M
7c2a99c219
Add new section "Defense Evasion Tools" with a bunch of relevant tools. 2017-08-17 09:16:31 -04:00
Samar Dhwoj Acharya
e01e2b27ac Merge pull request #177 from meitar/compliance
Move "Awesome OSINT" item into the Awesome Lists section, add a period.
2017-08-10 19:42:01 -05:00
Meitar M
286d0c7c42
Add BetterCAP (and its older cousin, Ettercap) to Network Tools. 2017-08-10 17:56:44 -04:00
Meitar M
7c1f8448ff
Move "Awesome OSINT" item into the Awesome Lists section, add a period. 2017-08-10 17:52:30 -04:00
Patrik Hudak
d837a509a9 Add Awesome OSINT reference and some books 2017-08-10 10:30:03 +02:00
techgaun
4d77c90cab
remove missing lock picking document 2017-08-07 19:38:24 -05:00
Meitar M
93d8cd0622
Expand acronyms, improve descriptions, add OSSTMM item.
This commit focses on the Penetration Testing Resources section and
provides better descriptions for most of the items therein. It also adds
the OSSTMM version 3 pentest methodology manual, which seems fitting as
it is both listed by OWASP and fits nicely with the PTES and PTF items
already listed.
2017-08-07 17:44:04 -04:00
Samar Dhwoj Acharya
ee2e2be848 Merge pull request #172 from meitar/toc
Fix broken intra-page link in the table of contents.
2017-07-28 16:04:57 -05:00
Meitar M
919c1e6113
Add ChipWhisperer, a side-channel attack toolchain, in new section. 2017-07-28 04:02:41 -04:00
Meitar M
20c7af2267
Move license to the bottom, replace the PNG with an SVG. 2017-07-23 03:31:20 -04:00
Meitar M
c9053f6682
Fix broken intra-page link in the table of contents. 2017-07-21 04:04:29 -04:00
Meitar M
34587c6dac
Provide a useful description for SPARTA.
SPARTA is not really its own tool, it's more like a meta-tool. There are
many "network infrastructure penetration testing tools" on this list,
but what does SPARTA actually do that these other tools don't? The
answer is primarily that SPARTA is a GUI wrapper around arbitrary
command lines with some additional logic to identify results from
well-known tools such as `nmap` and trigger actions based on those
results in other tools. Let's make that clear in the item's description.
2017-07-19 15:58:18 -04:00
filinpavel
16f3406a0f Update README.md
added pyrebox to RE Tools section
2017-07-18 13:56:58 +07:00
Meitar M
222a05baff
Add AttifyOS, a distro focused on pentesting IoT devices. 2017-07-17 04:44:03 -04:00
Meitar M
7e08965e7d
Add TrustedSec's "Magic Unicorn," a payload generator for Windows. 2017-07-16 04:06:18 -04:00
Samar Dhwoj Acharya
0f33e6394d Merge pull request #163 from meitar/hpi-vdb
Add HPI-VDB, which has a cross-referenced CVE search engine and API.
2017-07-15 18:23:12 -05:00
Meitar M
cb21655e64
The name of the Medusa disassembler is just "Medusa." 2017-07-14 17:00:31 -04:00
jose nazario
195e2ed79e spelling fixes 2017-07-14 10:13:37 -04:00
Meitar M
72f02c8b6b
Add HPI-VDB, which has a cross-referenced CVE search engine and API. 2017-07-13 14:17:56 -04:00
Samar Dhwoj Acharya
9ff00ba17a Merge pull request #159 from meitar/0xed
Add 0xED, a native macOS hex editor with support for resource forks.
2017-07-13 10:47:51 -05:00
Samar Dhwoj Acharya
6b733bfeeb Merge pull request #160 from meitar/ssl-tls
Move `sslstrip` to Web Exploitation, recategorize SSL as TLS tools.
2017-07-13 10:47:29 -05:00
Samar Dhwoj Acharya
8ab42bb257 Merge pull request #161 from meitar/anonymity-tools
Awesome List style guide compliance pass on the Anonymity Tools section.
2017-07-13 10:46:53 -05:00
Meitar M
19bfe12cd6
Add Pupy, a multi-paradigm (scriptable/interactive) cross-platform RAT. 2017-07-13 03:45:49 -04:00
Meitar M
a4a1f0ecc6
Awesome List style guide compliance pass on the Anonymity Tools section.
This commit conforms the Anonymity Tools section to the Awesome List
style guide by adding periods and such, plus adds the WEBKAY project to
help defend against identity and privay leaks from mis-configured Web
browsers. It also phrases the Tor project item description more clearly.
2017-07-13 00:20:39 -04:00
Meitar M
bf7a6151a9
Add 0xED, a native macOS hex editor with support for resource forks. 2017-07-12 23:41:23 -04:00
Meitar M
74068f8d34
Move sslstrip to Web Exploitation, recategorize SSL as TLS tools.
This commit updates numerous tools all previously categorized as "SSL"
tools. It updates their descriptions to more accurately describe current
versions by remarking on TLS capabilities, and it does the same with the
section heading. Further, Web-centric exploitation tools related to
SSL/TLS implementations have been moved to the Web Exploitation section,
where they arguably more properly belong, as SSL/TLS implementations may
include application-layer services beyond simply HTTP and "Web" traffic.
2017-07-12 23:32:11 -04:00
Samar Dhwoj Acharya
1c7ee4c923 Merge pull request #158 from meitar/aquatone
Add AQUATONE, "a tool for domain flyovers" that makes a handy report.
2017-07-12 21:48:13 -05:00
Meitar M
6a64b2d78b
Add AQUATONE, "a tool for domain flyovers" that makes a handy report. 2017-07-12 17:02:43 -04:00
Meitar M
0ed418eef0
Add XRay, automated network (sub)domain recon and OSINT gathering tool. 2017-07-12 16:51:11 -04:00
Samar Dhwoj Acharya
6e464e5bb4 Merge pull request #156 from meitar/pret
Better description of PRET through conformity with item link style.
2017-07-12 07:46:51 -05:00
Samar Dhwoj Acharya
bbffb78c67 Merge branch 'master' into wireshark-macos 2017-07-12 07:46:04 -05:00
Samar Dhwoj Acharya
69ba677983 Merge pull request #154 from meitar/basic-tools
Recategorize "Basic" tools section for clarity and conformity.
2017-07-12 07:43:26 -05:00
Meitar M
e4ac5a1cc1
Better description of PRET through conformity with item link style. 2017-07-12 02:51:49 -04:00
Meitar M
16868763fd
Better description for Wireshark, make clear it is cross-platform. 2017-07-12 02:45:19 -04:00
Meitar M
0e4032c58e
Recategorize "Basic" tools section for clarity and conformity.
This commit removes the "Basic Penetration Testing Tools" section and
moves numerous items listed therein into more appropriate places, based
on existing categories. For instance, BeEF is moved to the Web
Exploitation section, since it is more accurate to describe it as a Web
exploitation tool than a "Basic" tool. The former category is
descriptive while the latter is clearly nondescript.

A new section, "Multi-paradigm Frameworks," has been added for items
that were listed under the removed "Basic" section but that do not
cleanly fit into an existing category. Namely, these are Metasploit,
ExploitPack, and Faraday, which are exceptions simply because they are
so versatile. (Hence the choice of the new section, "Multi-paradigm.")

Additionally, the well-known Armitage GUI for Metasploit was added.

Moreover, Bella was moved to a new section, "macOS Utilities," which
provides parity with the existing Windows Utilities and GNU/Linux
Utilities section. Bella is a post-exploitation agent similar to
redsnarf, which likewise has been moved out of the "Basic" section and
into its more appropriate Windows Utilities section.

Other minor touch ups to various item descriptions were also made.
2017-07-12 02:28:12 -04:00
Samar Dhwoj Acharya
24ee7a47b0 Merge pull request #153 from meitar/binwalk
Add `binwalk`, fast and easy tool for reversing firmware images.
2017-07-11 23:26:38 -05:00
Meitar M
2b2996f5ed
IDA Pro and IDA Free are basically the same; combine into one item. 2017-07-12 00:09:27 -04:00
Meitar M
ed7ebf1848
Add binwalk, fast and easy tool for reversing firmware images. 2017-07-12 00:04:18 -04:00
Meitar M
9749c6382d
Fix inconsistent capitalization in headings; "utils" -> "utilities." 2017-07-11 05:49:24 -04:00
Meitar M
32ff359418
Drop link to commercial-only VulnDB based off OSVDB. 2017-07-10 16:17:34 -04:00
Samar Dhwoj Acharya
d39cd608c6 Merge pull request #149 from meitar/compliance
Fix minor typos, capitalization issues, and term consistency.
2017-07-08 19:16:31 -05:00
Meitar M
9b037a9bbf Fix minor typos, capitalization issues, and term consistency. 2017-07-08 20:03:48 -04:00
Jericho
71d146979c touch-ups and clarifications for the VDB section 2017-07-08 16:45:34 -06:00
Samar Dhwoj Acharya
51949983f7 Merge pull request #145 from meitar/vuln-scanners
Reorganize Vulnerability Scanners section, add subheadings.
2017-07-08 15:01:12 -05:00
Meitar M
3c811415bc Style guide compliance pass focused on Vulnerability Databases section. (#144)
* Add CVE List to Vulnerability Databases section, since it was missing.

* Style guide compliance pass focused on Vulnerability Databases section.

* Whitelist the Inj3ct0r URLs.

The `0day.today` website sits behind an extremely aggressive Cloudflare
anti-bot checker, which causes `awesome-bot` to trigger an HTTP 503
response. This fails the build but is actually normal behavior.

Similarly, the Onion service is inaccessible except over Tor and our
Travis CI configuration does not (yet?) support checking Onion service
links. (Although, perhaps it should be updated to do so in a future PR.)
2017-07-08 13:52:24 -05:00
Samar Dhwoj Acharya
42aa8a29a3 Merge pull request #146 from meitar/fiddler
Add Fiddler, provide more detail on OWASP ZAP.
2017-07-08 13:48:46 -05:00
Meitar M
522863e27a
Add wafw00f, a web application firewall fingerprinter. 2017-07-08 01:06:39 -04:00
Meitar M
b1b77f40a9
Add Fiddler, provide more detail on OWASP ZAP. 2017-07-08 00:24:33 -04:00
Meitar M
d2825614c3
Reorganize Vulnerability Scanners section, add subheadings.
This commit provides more detail and context for the vulnerability
scanners section. It groups Web Scanners into its own subheading, and
moves scanning tools from the Web Exploitation section into this section
as these tools do not actually focus on *exploiting* websites.

Additionally, Static Analyzers are grouped, two new static analyzers
(cppcheck and FindBugs) have been added, and commercial tools are
appropriately described as such.
2017-07-07 22:18:09 -04:00
Meitar M
6ac7727def
Further "Awesome List" style guide compliance passes.
This commit focuses on terminological consistency, including:

* Use consistent capitalization for abbreviations (OSInt -> OSINT).
* Consistently expand ambiguous phrases (OS -> operating system).
* Settle on standard names (Wi-Fi -> WiFi, etc.) where a mix was used.
* Expand acronyms in item titles when doing so shortens the description.
* Replace descriptions that merely expanded acronyms with actual text.
* Remove duplicate items that have more than one URL (Commix project).
* Do not Title Case description text when description is simply prose.
2017-07-07 01:42:53 -04:00
Meitar M
266aad7120
Remove "A" at beginning of link description. (Missed from before.) 2017-07-06 01:53:54 -04:00
Meitar M
8a2bfb965b
Make grammar consistent: "command-line" -> "command line" and so on.
This commit tidies some minor issues with pull request #141, namely:

* fix style guide compliance from accidental reversion during merge.
* add a period to the last sentence of the introduction paragraph.
* make the table of contents's content match the headings in the doc.
* consistently spell open source without a dashed word ("open-source").
2017-07-06 01:04:08 -04:00
Samar Dhwoj Acharya
e2fe7cbef6 Merge branch 'master' into awesome-compliant 2017-07-05 23:47:22 -05:00
Meitar M
b742364f12
Remove duplicated linkback to Awesome List origin (it's a badge now). 2017-07-06 00:41:15 -04:00
Meitar M
7adf2fb0df
Add periods for link descriptions that were missing them. 2017-07-06 00:39:03 -04:00
Samar Dhwoj Acharya
9fb37de33a add sobelow - phoenix framework static analyzer 2017-07-05 23:37:46 -05:00
Meitar M
b40bbe3963
First round of making this list awesome compliant, for #86.
This commit is a first-pass attempt at adhering to the style guide of
the Awesome List contribution guidelines at
https://github.com/sindresorhus/awesome/blob/master/pull_request_template.md

Specificaly, I have:

* added a succinct description of the project/theme at top of README.
* added the awesome badge on the right side of the list heading.
* titled the table of contents `Contents`.
* moved the `CONTRIBUTING.md` file to the expected filesystem path.
* capitalized the first word of link descriptions, when present.
* added trailing periods to link descriptions, when not present.
* removed the "A" and "An" prepositions from link descriptions.
* removed the Travis CI build status badge.
* matched the heading levels to the style guide's recommendations.
2017-07-06 00:29:02 -04:00
Meitar M
0765f513d0
Add ctf-tools, quick installations of various pentest utils. 2017-07-05 21:51:54 -04:00
Sachin S. Kamath
e265e3bf4d Add OWTF to list of tools 2017-07-04 10:30:59 +05:30
Duncan Ogilvie
b667e06b81 x64_dbg -> x64dbg 2017-07-03 08:36:05 +02:00
Samar Dhwoj Acharya
38e34cdb1a add brakeman 2017-07-03 01:09:02 -05:00
Meitar M
065df08263
Add WiFi Pineapple to Physical Access Tools section. 2017-07-02 14:18:45 -04:00
Meitar M
132b1f79ad
Add Frhed. (The hex editor section is sort of lacking right now.) 2017-07-01 20:29:37 -04:00
Meitar Moscovitz
b1dd90ffd4
Add Catphish, a tool for phishing and corporate espionage. 2017-06-19 18:04:16 -04:00
Meitar Moscovitz
d46db068f9
Add another (new) Awesome List (awesome-lockpicking). 2017-06-18 17:34:17 -04:00
Meitar Moscovitz
65442ada5b
Add CloudFail, a utility to find IPs hidden behind Cloudflare proxies. 2017-06-18 13:32:26 -04:00
Meitar Moscovitz
ef2da9ddb5
Add scanless, a port scanning "proxy" multiplexing CLI utility. 2017-06-10 00:17:12 -04:00
Samar Dhwoj Acharya
f102f3020d update broken links 2017-06-04 01:42:59 -05:00
Meitar Moscovitz
c6faba670e
Add "Awesome Forensics" list by @Cugu.
Cugu's `awesome-forensics` because it emphasizes free (gratis) and
open-source tools. It contains numerous tools that are relevant to
pentesting but not directly in scope, such as The Sleuth Kit, etc.
2017-06-04 02:06:35 -04:00
Meitar Moscovitz
e09e827958
Add Praeda, a multi-function peripheral/printer data harvesting tool. 2017-05-23 02:12:15 -04:00
Samar Dhwoj Acharya
958913f3e8 update link for bella 2017-05-17 10:58:35 -05:00
Meitar Moscovitz
b18e4b2c52
Add SSH MITM. (The tool is an early release, but remarkably useful.) 2017-05-17 06:05:15 -04:00
Meitar Moscovitz
30fb77dc73
Add morpheus, a framework for automating complex ettercap filters. 2017-04-29 22:36:50 -04:00
Meitar Moscovitz
2a702ed329
Add Evilginx, recategorize wifiphisher under Social Engineering. 2017-04-27 08:17:27 -04:00
Meitar Moscovitz
abdab93bb7
Closes #123: Propose "Practice CTFs" link to already-existing resource. 2017-04-18 14:54:20 -04:00
Meitar Moscovitz
0e5987d22f
Add "Physical Access Tools" section with three example tools. 2017-04-14 19:10:36 -04:00
Meitar M
4479282832 Fix redsnarf link, remove duplicate Empire entry, recategorize ZAP. (#124) 2017-04-14 10:25:22 -05:00
Meitar M
94c4671eac Group OSINT collections (rather than tools) in their own section, add a new collection, fix link for HackThisSite.org. (#122)
* New section OSINT Resources for link-sites rather than actual tools.

This commit adds a new subsection under "Online Resources" called "OSInt
Resources" and moves a few entries from the "OSInt Tools" section there.
This is done because the OSInt Tools section has grown to expand entries
that are not actually tools, but rather lists/collections of other
tools. These OSINT resources are great, but are distinct from a single,
installable, or otherwise immediately-usable tools.

This commit also adds a new such resource, NetBoomcamp.org's listing of
OSINT tools and custom Web interfaces for some endpoints, like Facebook.

* Fix link to `HackThisSite.org`. (Should be `https://hackthissite.org/`.)
2017-04-13 19:20:24 -05:00
tarrenj
4464ded0e7 Additions (#121)
* Update README.md

Adds recon-ng to OSINT tools

* Update README.md

Adds zmap to Network Tools

* Revert "Update README.md"

This reverts commit 51dad977b2.

* Update README.md

Adds several things, moves Burp to Web Exploitation, removes LOIC

* Update README.md

Removes duplicate recon-ng entry in OSInt Tools.

* Update README.md

Adds more DoS tools

* Update README.md

Replaces LOIC at contributor request
2017-04-06 18:24:35 -05:00
Samar Dhwoj Acharya
62c302dce7 Merge branch 'master' into patch-1 2017-04-06 17:23:29 -05:00
tarrenj
97cd0e8556 Update README.md (#119)
* Update README.md

Adds recon-ng to OSINT tools

* Update README.md

Adds zmap to Network Tools

* Revert "Update README.md"

This reverts commit 51dad977b2.
2017-04-06 17:06:15 -05:00
Meitar M
4d4cb89049 Retitle "Crackers" to "Hash Cracking Tools" and add CeWL project. (#118) 2017-04-03 16:35:54 -05:00
Evan Lewis
c82c159160 Fixed broken metasploit link (#117)
* Fixed a dead link

404 error in Docker subsection regarding the docker-metasploit tool

* Fixed broken metasploit link

Changed docker-metasploit link (and thus author) due to a 404 error in the prior link
2017-03-13 23:25:26 -05:00
Meitar Moscovitz
bec64da1a5
Add Buscador, a Linux VM pre-configured for online investigators. 2017-03-13 21:59:15 -04:00
Meitar Moscovitz
67fedb4d30
CTF section: Add RsaCtfTool, improve description of Pwntools. 2017-03-11 02:01:03 -05:00
Meitar Moscovitz
502d1088a7
Add King Phisher, a phishing campaign toolkit and C2 interface. 2017-03-11 01:06:39 -05:00
Meitar Moscovitz
e3ba0632c5
Add wePWNise, Python tool to automate Windows/Office exploit mitigation. 2017-03-11 00:37:00 -05:00
pathetiq
3ddaa51f49 add hackfest conference 2017-03-10 10:11:27 -05:00
mnakamura1337
3bf62af601 Added "File Format Analysis Tools" section (+3 tools) 2017-03-03 09:52:59 +09:00
Meitar Moscovitz
6a14942a4e
Add tplmap, an automated SSTI exploitation tool in the style of SQLmap 2017-02-22 15:01:20 -05:00
Samar Dhwoj Acharya
964675a96f update appsecusa link 2017-02-20 12:38:33 -06:00
Meitar Moscovitz
f023bbfbcf
Add DataSploit. 2017-02-20 09:40:27 -05:00
SDGoodwin
88b6363b64 add OSINT-Framework to OSInt List (#107)
* add OSINT-Framework to OSInt List

adding OSINT-Framework (http://osintframework.com/) to OSInt List

* Update README.md
2017-02-17 16:21:23 -06:00
Alexandre ZANNI
41fa05e848 add OS online ressources (#102)
* add OS online ressources

* add distrowatch

* correct chcon deadlink for travis
2017-02-17 10:55:54 -06:00
coreb1t
7a6fdbf512 Awesome Pentest Cheat Sheets Added 2017-02-17 11:25:29 +01:00
coreb1t
952a3ad357 README.md - Commix Tool added 2017-02-17 11:16:52 +01:00
Samar Dhwoj Acharya
fbeb5542e1 Merge pull request #105 from meitar/master
Add GitTools, used for finding exposed source code for static analysis.
2017-02-16 10:24:07 -06:00
Meitar Moscovitz
6731cee4b2
Add GitTools, used for finding exposed source code for static analysis. 2017-02-16 01:39:01 -05:00
mnakamura1337
04a988c12f "Web exploitation" capitalization fix 2017-02-16 15:06:48 +09:00
Herman Slatman
3375b5e88b Add Bella for Mac OS 2017-02-11 22:00:27 +01:00
Samar Dhwoj Acharya
e2d8e1ea73
remove no longer working md5crack site closes #100 2017-02-11 11:01:19 -06:00
Emily
6af514de34 updated with a nice number of goodies
updated w some goodies; wpsploit, wordpress-exploit-framework, some OSITs, a DDoS tool... Enjoy!
2017-02-05 23:44:35 -07:00
Samar Dhwoj Acharya
dfbcc92c04 update link of exploitpack to github repo 2017-02-03 18:53:00 -06:00
Meitar M
b2df579401 Add PRET, a useful Python-based printer exploitation toolkit (#98) 2017-02-03 16:31:09 -06:00
Samar Dhwoj Acharya
b1ae5c113b remove unnecessary link 2017-02-01 20:33:58 -06:00
Emily
aeb0748c89 Update readme (#97)
I added the site XSS-payloads to 'Online Resources', 'Penetration Testing Resources'. It's a super dope site!
2017-02-01 20:32:50 -06:00
allthroughthenight
a7849331d8 Added dorking resources, removed duplicate Docker Kali (#96)
* added 'Defcon Suggested Reading' to books section https://www.defcon.org/html/links/book-list.html

* added Defcon Suggested Reading to Books https://www.defcon.org/html/links/book-list.html. Removed sections from old clone version

* re-added removed lines

* spelling fix

* added Vuls Vulnerability Scanner https://github.com/future-architect/vuls

* added Kali Linux Docker Image https://www.kali.org/news/official-kali-linux-docker-images/

* re-added owasp juice docker image

* Added dorkign resources, removed duplicate kali image

Added six new dorking links to OSInt Tools. Removed duplicate Kali docker image I added in previous pull request. Orignal link is better since it sources docker hub instead of Offensive Security

* Added dorkign resources, removed duplicate kali image

Added six new dorking links to OSInt Tools. Removed duplicate Kali docker image added in previous pull request. Orignal link is better since it sources docker hub instead of Offensive Security

* removed swap file
2017-01-31 10:42:49 -06:00
allthroughthenight
d345a9de35 Added Kali Linux Docker Image (#95) 2017-01-30 19:30:45 -06:00
allthroughthenight
3db9dabfb9 added Vuls Vulnerability Scanner (#94)
* added 'Defcon Suggested Reading' to books section https://www.defcon.org/html/links/book-list.html

* added Defcon Suggested Reading to Books https://www.defcon.org/html/links/book-list.html. Removed sections from old clone version

* re-added removed lines

* spelling fix

* added Vuls Vulnerability Scanner https://github.com/future-architect/vuls
2017-01-29 23:53:13 -06:00
Samar Dhwoj Acharya
b4ee5cced5 update wireshark book link and remove invalid link 2017-01-29 00:32:57 -06:00
allthroughthenight
df39b4d7f9 Added 'Defcon Suggested Reading' to books section https://www.defcon.org/html/links/book-list.html (#93)
* added 'Defcon Suggested Reading' to books section https://www.defcon.org/html/links/book-list.html

* added Defcon Suggested Reading to Books https://www.defcon.org/html/links/book-list.html. Removed sections from old clone version

* re-added removed lines

* spelling fix
2017-01-29 00:21:39 -06:00
Constandinos
83963337e7 Added Fedora Security Labs in pentest distributions 2017-01-11 11:13:26 +02:00
Meitar Moscovitz
3e48af9f9d
Add Bloodhound, a graphical AD trust relationship explorer. 2016-12-31 10:26:30 -05:00
Björn Kimminich
cb410ad88a Add OWASP Juice Shop
to list of Docker images for Pentesters
2016-12-27 09:49:03 +01:00
Samar Dhwoj Acharya
002aab1200 Merge branch 'master' into patch-1 2016-12-26 23:26:13 -06:00
Samar Dhwoj Acharya
4ad6d72622 Merge pull request #80 from filinpavel/patch-1
added link to vulners security database
2016-12-26 15:07:26 -06:00
Samar Dhwoj Acharya
ca3664eeff Merge pull request #84 from filinpavel/patch-2
Update README.md
2016-12-26 15:03:05 -06:00
Samar Dhwoj Acharya
b51a71af91 Merge pull request #89 from binarymist/conferences-upstream
Added CHCon to conferences.
2016-12-26 14:48:55 -06:00
Samar Dhwoj Acharya
e51200ca07 Merge pull request #88 from binarymist/docker-upstream
Added NodeGoat docker image.
2016-12-26 14:47:43 -06:00
Samar Dhwoj Acharya
3728ee0d16 add category on toc 2016-12-26 14:46:03 -06:00
Kim Carter
d70f6a28cc Added CHCon to conferences. 2016-12-26 17:42:29 +13:00
Kim Carter
d695106b08 Added NodeGoat docker image. 2016-12-26 16:27:52 +13:00
Kim Carter
4b7b30cb3f Added Holistic Info-Sec for Web Developers. 2016-12-26 16:19:34 +13:00