Samar Dhwoj Acharya
c77337ef0e
Merge pull request #241 from meitar/ruler
...
Add Ruler, a tool to abuse client-side Outlook features to pwn Exchange.
2018-07-31 19:46:06 -05:00
Meitar M
081241efc6
Fix link for Bella, a post-exploitation agent for MacOS.
2018-07-31 17:17:00 -04:00
Meitar M
f0cba27bf0
Add Ruler, a tool to abuse client-side Outlook features to pwn Exchange.
2018-07-31 16:57:03 -04:00
Abhishek bundela
c14d026566
Added pentestbox.
2018-07-31 18:05:47 +05:30
Samar Dhwoj Acharya
e922b9da06
Merge pull request #239 from sundaysec/patch-2
...
Added MITMF
2018-07-30 12:51:31 -05:00
Samar Dhwoj Acharya
ecab02ad15
Merge pull request #238 from evyatarmeged/patch-1
...
Add Raccoon under Web Exploitation category
2018-07-30 12:50:45 -05:00
Samar Dhwoj Acharya
7ae9d0ed32
Merge pull request #235 from meitar/blueteam
...
New awesome list: "Cybersecurity Blue Team"
2018-07-30 12:50:09 -05:00
PHILEMON SUNDAY JOEL
2a8c4a9a46
Added MITMF
...
A Framework for Man-In-The-Middle attacks
2018-07-27 16:00:23 +03:00
Evyatar Meged
121e9f8872
Add Raccoon under Web Exploitation category
...
I've added my new tool, Raccoon, to the Web Exploitation tools list
https://github.com/evyatarmeged/Raccoon
2018-07-25 21:22:55 +03:00
Samar Dhwoj Acharya
ccc3b5182d
Merge pull request #237 from meitar/foca
...
Add FOCA, an OSINT tool that uses three search engines.
2018-07-25 12:13:10 -05:00
Meitar M
60c06a2195
Add FOCA, an OSINT tool that uses three search engines.
2018-07-25 11:17:26 -04:00
Mahdi Makhdumi
a3e481f9a3
Update README.md
2018-07-25 13:42:50 +04:30
Mahdi Makhdumi
bb023efb72
Update README.md
2018-07-25 03:31:34 +04:30
Meitar M
71017d5b2a
New awesome list: "Cybersecurity Blue Team"
...
This is a companion/sister list to awesome-pentest intended to provide
the same level of quality resources for defenders rather than attackers.
2018-07-24 16:29:17 -04:00
Samar Dhwoj Acharya
d295832e00
Merge pull request #219 from meitar/cnnvd
...
Add CNNVD to Vulnerability Databases section.
2018-07-24 14:48:59 -05:00
Samar Dhwoj Acharya
8bb617b7d7
Merge pull request #232 from C-Sto/patch-1
...
Add recursebuster
2018-07-24 14:44:16 -05:00
Samar Dhwoj Acharya
9a2fb6b9c7
Merge pull request #234 from sundaysec/patch-1
...
Added awesome tools
2018-07-24 14:42:29 -05:00
PHILEMON SUNDAY JOEL
eb69db65bf
Added awesome tools
2018-07-24 22:01:13 +03:00
Meitar M
9040ae7742
Add numerous tools:
...
* ScanCannon - `masscan` and `nmap` multiplexer.
* RID_ENUM - null session cycling attack for Windows user enumeration.
* MailSniper - recon toolkit for MS Exchange (OWA/EWS) environments.
* FiercePhish - full-fledged phishing campaign management platform.
* Hunter.io - data broker providing internal company emails.
2018-07-23 15:44:49 -04:00
C_Sto
c7d8034e58
Add recursebuster
...
https://github.com/c-sto/recursebuster
Content discovery/recursive web directory bruteforcer
2018-07-15 14:50:40 +08:00
Florian Heuer
ceb54f3b7d
Update README.md
...
Added VaaS SambaCry in Docker for Penetration Testing
2018-05-18 15:50:26 +02:00
Meitar M
12b9636a43
Add PacketTotal near Virus Total, a similar service for PCAP analysis.
2018-05-12 12:22:49 -04:00
Meitar M
fc8b826142
Add THC Hydra, a famous online network protocol password cracker.
2018-05-04 22:52:53 -04:00
Samar Dhwoj Acharya
25eac5cd9b
Merge pull request #222 from alichtman/master
...
Removed Duplicate Kali Linux Docker Link
2018-04-30 09:13:50 -05:00
Meitar M
062e214ebf
Sub-categorize "Network Tools" section, clarify "Defense," add Iodine.
...
Iodine is a DNS tunnel and useful for data exfiltration.
The Network Tools section became very long, so I chunked it up with
subcategories that pertain to the sort of tool. ("Network Tools" is
itself somewhat vague, and multi-paradigm/multi-function tools were
retained in the root of the category.)
Finally, "Defense Evasion Tools" was renamed to "Anti-virus Evasion
Tools" because every utility listed there was actually an AV or
host-based defense evasion tool, which is distinct from the network
evasion tools (exfiltration utilities) already listed in the "Network
Tools" section, above. I believe this clarity will help a reader more
quickly find the specific type of "defense evasion" utility they are
actually looking for.
2018-04-14 15:27:31 -04:00
Meitar M
ee32aff5c3
Add Shellter dynamic shellcode injection tool (anti-virus evasion tool). ( #226 )
2018-04-12 17:55:18 -05:00
Meitar M
0929ede5d4
Add PCILeech, a Direct Memory Access attack tool. ( #225 )
2018-04-04 13:58:10 -05:00
Jeff Foley
46dacfca0a
Amass being added to the OSINT category ( #224 )
...
* added Amass to the OSINT section of the list
* updated the Amass entry within the OSINT category #223
2018-04-03 22:15:30 -05:00
alichtman
137e8649a0
removed duplicate Kali Linux docker command + link
2018-03-30 02:27:02 -05:00
Emily Ann
9eb26c04ff
Updated
...
Added 2 tools to web vulnerability scanning category.
Zoom- an advanced wordpress username enumerator with infinite scanning (much more powerful than the user name enumeration module in wpscan)
Sqlmate- a friend of sqlmap that identifies sqli vulnerabilities based on given dork and website (optional)
2018-03-24 12:36:03 -07:00
Meitar M
ddfc8ae7fb
Add Memcrashed DRDoS (Distributed Reflection Denial of Service) attack tool.
2018-03-22 14:20:34 -04:00
Meitar M
dd8ef7a41c
Add CNNVD to Vulnerability Databases section.
2018-03-15 14:43:55 -04:00
Meitar M
3f44886460
Add AutoSploit, automated mass exploit tool.
2018-02-07 12:33:08 -05:00
Samar Dhwoj Acharya
6d5730f286
Update README.md
2018-01-19 17:26:53 -06:00
Nhoya
c3b318062a
Added gOSINT
2018-01-17 20:58:14 +01:00
Samar Dhwoj Acharya
69050dae22
Merge pull request #211 from eric-therond/master
...
Add Progpilot
2018-01-10 22:17:30 -06:00
Samar Dhwoj Acharya
8d2c7a381a
Update README.md
2018-01-10 22:17:13 -06:00
Samar Dhwoj Acharya
ddde98e77f
Merge pull request #214 from meitar/crackpkcs12
...
Add crackpkcs12, a fast and multithreaded program to crack p12 (TLS) certs.
2018-01-10 22:16:44 -06:00
Samar Dhwoj Acharya
8b6377be1c
Merge pull request #212 from meitar/dnstwist
...
Add dnstwist.
2018-01-10 22:16:20 -06:00
Meitar M
06aea06df5
Add crackpkcs12, a fast and multithreaded program to crack p12 (TLS) certs.
2018-01-10 20:51:06 -05:00
Meitar M
66cf701dd0
Add Hex Fiend.
2018-01-10 20:46:34 -05:00
Meitar M
e358a12bc8
Add dnstwist.
...
This commit also conforms several other Network Tools line items to the
Awesome List style guide (remove the introductory "A" preposition).
2018-01-08 12:52:27 -05:00
forgesecurity
43b703abc3
Add Progpilot
2017-12-16 14:54:29 +01:00
Seth
728f8bed4a
Remove Dead Link From List- "Hack3rcon"
...
Remove line 562 "* [Hack3rCon](http://hack3rcon.org/ ) - Annual US hacker conference." because the link leads to a domain squatting website rather than an actual hacker conference.
2017-12-14 19:45:41 -05:00
Nick Raienko
d924f889f4
Various updates
2017-12-11 08:28:19 +02:00
Samar Dhwoj Acharya
3b0d0cba72
fix formatting
2017-11-28 10:57:00 -06:00
Asaf Hecht
a1a1644ed4
Adding ACLight tool
...
Adding ACLight tool - A script for advanced discovery of sensitive Privileged Accounts - includes Shadow Admins
2017-11-28 15:31:11 +02:00
Samar Dhwoj Acharya
6e9599f57c
Merge pull request #199 from DzasterAbz/patch-3
...
Added Beelogger
2017-11-19 22:40:44 -06:00
techgaun
f30958f5b2
fix wappalyzer link
2017-11-19 22:33:45 -06:00
techgaun
5ff68d4970
add various tools suggested on #204 and fix link for sobelow
...
closes #204
2017-11-19 22:31:45 -06:00
Meitar M
02becfc3a1
Add MITRE's ATT&CK, a superbly organized wiki of attack techniques.
2017-11-01 00:11:37 -04:00
Meitar M
4a3bf603c4
Add WiGLE.net, a huge OSINT database about wireless and Wi-Fi networks.
2017-10-31 00:20:22 -04:00
Jonathan Cran
a19f14ac88
Add intrigue to OSINT tools
2017-10-28 20:06:23 -07:00
Sai Abhiram
d9d72f8da1
Added Beelogger
2017-10-26 07:23:44 -04:00
Tijme Gommers
70057403e4
Added ACSTIS to Web Scanners
...
[ACSTIS](https://github.com/tijme/angularjs-csti-scanner ) helps you to scan certain web applications for AngularJS Client-Side Template Injection (sometimes referred to as CSTI, sandbox escape or sandbox bypass). It supports scanning a single request but also crawling the entire web application for the AngularJS CSTI vulnerability.
2017-10-25 16:54:52 +02:00
Michael
ba7909d764
Added NoSQL Map and VHostScan
2017-10-24 16:44:28 +10:00
Ryan Shipp
0ba0f8fc4f
Add awesome-yara to related lists
2017-10-17 15:16:51 -05:00
Meitar M
3b590db063
Add FireEye's new rVMI dynamic malware analysis tool.
2017-09-19 04:31:36 -04:00
Meitar M
c1030eeb07
Descriptions should have periods at the end for style guide compliance.
2017-09-19 04:31:13 -04:00
phocean
30a4d54e65
Update README.md
2017-09-15 09:45:32 +02:00
Rick Daalhuizen
1897b67ef9
Added New Hash Cracking Tools
...
jwt-cracker: https://github.com/lmammino/jwt-cracker
rar-crack: https://github.com/ziman/rarcrack
bruteforce-wallet: https://github.com/glv2/bruteforce-wallet
2017-09-08 16:02:55 +02:00
Nick Raienko
d118a65d32
Put back netsparker header
2017-09-07 15:03:46 +03:00
Samar Dhwoj Acharya
c4d1da3874
Update README.md
2017-09-01 12:49:36 -05:00
sheimo
4943d9908c
Update README.md
...
Added a Penetration Testing Report section with links to them respectively.
2017-08-31 16:58:30 -05:00
Devin Calado
0e03ccb91b
Added Fluxion to Wireless Network Tools
...
Fluxion - Suite of automated social engineering based WPA attacks.
I found this tool to be useful in gaining WPA/WPA2 credentials without needing to crack the handshake. Automates the process of using social engineering to trick users into giving up their WPA passphrases. Also confirms the correct passphrase was harvested by automatically comparing the passphrase to a captured handshake.
I think this tool fits better in the Wireless Network Tools section rather than the Social Engineering section.
2017-08-30 15:44:32 -07:00
Samar Dhwoj Acharya
bb4c3c8c28
Merge pull request #183 from meitar/onionscan
...
Add OnionScan; tool for finding opsec/netsec issues in Onions.
2017-08-22 21:03:49 -05:00
Meitar M
6adbd8cb80
Add Proxmark hardware/software toolkit for RFID/NFC pentests.
2017-08-22 19:25:11 -04:00
Meitar M
fb5274e1f7
Add OnionScan; tool for finding opsec/netsec issues in Onions.
2017-08-22 18:15:15 -04:00
Meitar M
b352f07525
Add UniByAv, fix typo in Hyperion runtime encryptor.
2017-08-17 16:14:40 -04:00
Samar Dhwoj Acharya
407722478a
Update README.md
2017-08-17 10:41:51 -05:00
Samar Dhwoj Acharya
c655eb7a21
Merge pull request #179 from meitar/av-evasion
...
Add new section "Defense Evasion Tools" with a bunch of relevant tools.
2017-08-17 10:39:49 -05:00
Samar Dhwoj Acharya
e4566021fd
Merge pull request #180 from meitar/tools-not-resources
...
Fixes for miscategorized items.
2017-08-17 10:38:34 -05:00
Meitar M
7909070e79
Better description for Windows Credentials Editor.
2017-08-17 09:23:33 -04:00
Meitar M
ef65ac1e97
Add Capstone, a multi-platform disassembler.
2017-08-17 09:22:09 -04:00
Meitar M
0b2d9f8cd8
Move Voltron to Tools subsection.
...
Also remove shellsploit, which now links to an empty repository.
2017-08-17 09:21:00 -04:00
Meitar M
7c2a99c219
Add new section "Defense Evasion Tools" with a bunch of relevant tools.
2017-08-17 09:16:31 -04:00
Samar Dhwoj Acharya
e01e2b27ac
Merge pull request #177 from meitar/compliance
...
Move "Awesome OSINT" item into the Awesome Lists section, add a period.
2017-08-10 19:42:01 -05:00
Meitar M
286d0c7c42
Add BetterCAP (and its older cousin, Ettercap) to Network Tools.
2017-08-10 17:56:44 -04:00
Meitar M
7c1f8448ff
Move "Awesome OSINT" item into the Awesome Lists section, add a period.
2017-08-10 17:52:30 -04:00
Patrik Hudak
d837a509a9
Add Awesome OSINT reference and some books
2017-08-10 10:30:03 +02:00
techgaun
4d77c90cab
remove missing lock picking document
2017-08-07 19:38:24 -05:00
Meitar M
93d8cd0622
Expand acronyms, improve descriptions, add OSSTMM item.
...
This commit focses on the Penetration Testing Resources section and
provides better descriptions for most of the items therein. It also adds
the OSSTMM version 3 pentest methodology manual, which seems fitting as
it is both listed by OWASP and fits nicely with the PTES and PTF items
already listed.
2017-08-07 17:44:04 -04:00
Samar Dhwoj Acharya
ee2e2be848
Merge pull request #172 from meitar/toc
...
Fix broken intra-page link in the table of contents.
2017-07-28 16:04:57 -05:00
Meitar M
919c1e6113
Add ChipWhisperer, a side-channel attack toolchain, in new section.
2017-07-28 04:02:41 -04:00
Meitar M
20c7af2267
Move license to the bottom, replace the PNG with an SVG.
2017-07-23 03:31:20 -04:00
Meitar M
c9053f6682
Fix broken intra-page link in the table of contents.
2017-07-21 04:04:29 -04:00
Meitar M
34587c6dac
Provide a useful description for SPARTA.
...
SPARTA is not really its own tool, it's more like a meta-tool. There are
many "network infrastructure penetration testing tools" on this list,
but what does SPARTA actually do that these other tools don't? The
answer is primarily that SPARTA is a GUI wrapper around arbitrary
command lines with some additional logic to identify results from
well-known tools such as `nmap` and trigger actions based on those
results in other tools. Let's make that clear in the item's description.
2017-07-19 15:58:18 -04:00
filinpavel
16f3406a0f
Update README.md
...
added pyrebox to RE Tools section
2017-07-18 13:56:58 +07:00
Meitar M
222a05baff
Add AttifyOS, a distro focused on pentesting IoT devices.
2017-07-17 04:44:03 -04:00
Meitar M
7e08965e7d
Add TrustedSec's "Magic Unicorn," a payload generator for Windows.
2017-07-16 04:06:18 -04:00
Samar Dhwoj Acharya
0f33e6394d
Merge pull request #163 from meitar/hpi-vdb
...
Add HPI-VDB, which has a cross-referenced CVE search engine and API.
2017-07-15 18:23:12 -05:00
Meitar M
cb21655e64
The name of the Medusa disassembler is just "Medusa."
2017-07-14 17:00:31 -04:00
jose nazario
195e2ed79e
spelling fixes
2017-07-14 10:13:37 -04:00
Meitar M
72f02c8b6b
Add HPI-VDB, which has a cross-referenced CVE search engine and API.
2017-07-13 14:17:56 -04:00
Samar Dhwoj Acharya
9ff00ba17a
Merge pull request #159 from meitar/0xed
...
Add 0xED, a native macOS hex editor with support for resource forks.
2017-07-13 10:47:51 -05:00
Samar Dhwoj Acharya
6b733bfeeb
Merge pull request #160 from meitar/ssl-tls
...
Move `sslstrip` to Web Exploitation, recategorize SSL as TLS tools.
2017-07-13 10:47:29 -05:00
Samar Dhwoj Acharya
8ab42bb257
Merge pull request #161 from meitar/anonymity-tools
...
Awesome List style guide compliance pass on the Anonymity Tools section.
2017-07-13 10:46:53 -05:00
Meitar M
19bfe12cd6
Add Pupy, a multi-paradigm (scriptable/interactive) cross-platform RAT.
2017-07-13 03:45:49 -04:00
Meitar M
a4a1f0ecc6
Awesome List style guide compliance pass on the Anonymity Tools section.
...
This commit conforms the Anonymity Tools section to the Awesome List
style guide by adding periods and such, plus adds the WEBKAY project to
help defend against identity and privay leaks from mis-configured Web
browsers. It also phrases the Tor project item description more clearly.
2017-07-13 00:20:39 -04:00
Meitar M
bf7a6151a9
Add 0xED, a native macOS hex editor with support for resource forks.
2017-07-12 23:41:23 -04:00