Awesome-Mirrors/awesome-pentest
1
0
Fork 0
mirror of https://github.com/enaqx/awesome-pentest.git synced 2024-12-23 14:19:23 -05:00
Code Issues Packages Projects Releases Wiki Activity
854 Commits 1 Branch 0 Tags 7.8 MiB
9e631fc84e
Commit Graph

619 Commits

Author SHA1 Message Date
0xACAB
992226b743
Merge pull request #410 from fabacab/issue-406 
Closes #406: Add Pentest Collaboration Framework (PCF).
 2021-03-14 14:13:22 -04:00
fabacab
2defa8281c
Closes #406: Add Pentest Collaboration Framework (PCF). 2021-03-14 13:42:04 -04:00
fabacab
e7e4ba0a6d
Add more Web categories. 2021-03-14 13:36:24 -04:00
fabacab
5ff19fe3ec
Add categories for Web Exploitation megacategory. 2021-03-14 13:22:12 -04:00
fabacab
5566085e47
Remove peCloak.py as its host now consistently returns HTTP 500 error. 2021-02-06 08:28:27 -05:00
fabacab
a274d4d88c
Remove 0xED as it now 404's on the official site. 2021-02-06 08:28:07 -05:00
fabacab
d826fb1105
Add kube-hunter, a Kubernetes pentesting utility. 2021-02-06 08:10:14 -05:00
fabacab
beb5b1c4a0
Add OSV, a vuln DB with an API for open source software. 2021-02-06 08:07:22 -05:00
fabacab
dfad0798dc
Closes #402: Recognize H2HC by adding it to Conferences section. 2020-12-15 15:51:58 -05:00
fabacab
f620cfd8dd
Add Depix, tool for reversing heavily pixelated text. 2020-12-08 20:04:47 -05:00
fabacab
411e8798c6
Add new privesc subsection, "Password Spraying" with two new tools. 2020-12-06 15:28:04 -05:00
fabacab
66d53c73f2
Add Awesome Malware list to "Other Lists Online." 
This list is an important piece of the full pentest puzzle. While this
list focuses primarily on the pre-exploitation and exploitation phases
of a penetration test, the Awesome Malware list focuses on
post-exploitation tools and resources, which are needed to make any
meaningful use of success with the tools listed on this list.
 2020-12-06 14:49:15 -05:00
Samar Dhwoj Acharya
e002beb00a
Merge pull request #392 from horsicq/master 
Added Detect It Easy(DiE)
 2020-10-21 21:33:31 -05:00
Samar Dhwoj Acharya
a9bcdf4362
Merge pull request #386 from nil0x42/patch-1 
Add `phpsploit` (C2 framework via PHP oneliner)
 2020-10-21 21:28:26 -05:00
duraki
1fc3c18716
Remove deadlink 
Remove dead link from the README.
 2020-10-21 09:40:19 +02:00
Peter Thaleikis
a11ff0b299
Removing double "for" 2020-10-09 19:02:44 +04:00
fabacab
fa379c6bfc
Add StegOnline, an open-source port of StegSolve with a Web GUI. 2020-10-03 15:29:17 -04:00
fabacab
c18963b9fc
Add angr, a binary analysis platform useful for reverse engineering. 2020-10-03 15:28:56 -04:00
Hors
770f5f46a7
Added Detect It Easy(DiE) 2020-10-02 21:01:55 +02:00
Santiago Lizardo
4b4946c30a Add Reconmap under the Multi-paradigm frameworks section 2020-09-19 09:47:46 +01:00
nil0x42
5c66c6525b
Add phpsploit (C2 framework via PHP oneliner) 
Add phpsploit tool (https://github.com/nil0x42/phpsploit):
Full-featured C2 framework which silently persists on webserver via evil PHP oneliner

PhpSploit is a well-known advanced & stealth PHP webshell for persistence & privesc
 2020-08-26 13:20:46 +00:00
fabacab
ae81c42491
Fix RustScan so it is actually a link, fix Ciphey's description. 2020-08-23 15:58:25 -04:00
fabacab
f721f8c96f
Remove broken (unresponsive, invalid TLS cert) links. 2020-08-23 15:52:19 -04:00
fabacab
49cfdff19e
Fix redirecting links to Microsoft resources. 2020-08-23 15:43:07 -04:00
fabacab
c420b16390
Remove now-obsolete heading. 2020-08-23 15:37:15 -04:00
fabacab
11a21c2050
Consolidate Books sections, offload tangentially related topics. 2020-08-23 15:31:40 -04:00
fabacab
1eff0b8c08
Consolidate generic "OSINT Tools" section, fix ToC. 2020-08-23 15:17:01 -04:00
fabacab
52a8310da9
Collect shellcoding topics. 2020-08-23 15:17:01 -04:00
fabacab
384290ae8a
Consolidate various OSINT sections. 2020-08-23 15:17:01 -04:00
fabacab
685c7c91a4
Fix link for Paterva's Maltego tool; its new homepage is maltego.com. 2020-08-23 15:17:01 -04:00
fabacab
7b154ef4b2
Consoldiate sections, remove redundancies in Docker sections. 
This commit consolidates the Social Engineering resources into a new
dedicated category for SE topics. It also replaces the Docker Containers
section entirely by removing redundant tools and creating a new
"Intentionally Vulnerable Systems" section in which Docker containers of
such setups are now placed. The thinking here is that it should not be
our responsibility to separately track Docker containers for attack
tools independently of the tool itself; we should only list the tool
itself and users can find a Docker image that packages it if they want.

This commit also continues the topical consolidation by moving books
about specifically Web exploitation techniques into a new subsection of
the pre-existing Web Exploitation section.
 2020-08-23 15:17:01 -04:00
fabacab
2d67eb6528
Move privesc section to appropriate place, consolidate RE resources. 2020-08-23 15:17:01 -04:00
fabacab
3424cd0dce
Remove ShellPhish, it errors 404 and is unmaintained since 2018. 2020-08-23 15:17:00 -04:00
fabacab
43f8367e52
Fix more minor issues, also replace lock picking refs with other list. 
This commit removes the various areas of the list containing information
about Lock Picking and replaces them with a single top-level section
that refers interested readers to the dedicated Awesome Lockpicking list
because that list contains all the information we had, and more.
 2020-08-23 15:17:00 -04:00
fabacab
a4b46e319a
Reorganize some sprawling categories, fix a ToC link, heading levels. 
This commit fixes several minor issues including the heading levels for
sections such as RE tools, and fixes a broken link to the Online Social
Engineering Resources section, and correctly alphabetizing sections.

It also begins the process of culling the rather uncatgorized "other
lists elsewhere" section by inserting "see also" links to those other
lists in the appropriate section of this Awesome List, as is standard
Awesome List practice.

Additionally, this commit reorganizes several tools into clearer
categories by creating subcategories (for Tor tools, for instance) or
moving subcategories to their own top-level categories (exfil tools).
 2020-08-23 15:17:00 -04:00
fabacab
d5bc3fcc83
New section for privesc tools, remove trailing whitespace. 2020-08-23 15:17:00 -04:00
nil0x42
bd4e52fab6 Add duplicut, C Tool to remove duplicates, without changing the order, and without getting OOM on huge wordlists. 
duplicut is a C tool, highly optimized for a single task:
Removing duplicate entries from a wordlist, without changing the order, and without getting OOM on huge wordlists whose size exceeds available memory.

It's trivial to remove duplicates by sorting, but duplicut is the only tool capable of removing them without changing the order, to assist the creation of statictically optimized wordlists for password cracking purposes.
 2020-08-23 15:09:52 -04:00
Samar Dhwoj Acharya
aabcdb14fe
Merge pull request #382 from brandonskerritt/master 
Add Ciphey
 2020-08-23 09:47:43 -05:00
Samar Dhwoj Acharya
cbed3521aa
update description to be more accurate 2020-08-23 09:27:23 -05:00
smackhack
e43bea4cc4
Add RustScan 2020-08-04 16:29:19 -07:00
Brandon
641d7af6d6
Add Ciphey 
https://github.com/Ciphey/Ciphey
 2020-08-04 23:24:16 +01:00
fabacab
29347c4a99
Add Google's Tsunami security scanner to Network Tools list. 2020-07-15 18:05:16 -04:00
Philip Barwikowski
86f8df1b6f
Update link to shellphish 
Shellphish should either be removed or the link updated as the original repository is not available anymore
 2020-07-08 14:59:01 +02:00
fabacab
918ed510f0
Add Inveigh, a modern PowerShell/C# version of Responder. 2020-05-14 19:31:12 -04:00
Meitar M
a30bb4d017
Add Rubeus, a Kerberos ticket cracker for Windows environments. 2020-05-14 17:05:32 -04:00
Shao Qi Xu
05aa966c20 Update Asia Conferences and Event 2020-05-07 10:43:51 +08:00
Meitar M
44c7ee9961
Alphabetize and tweak description for LFISuite. 2020-05-04 14:29:37 -04:00
socketz
3f5f2edefb
Modified Kadabra to LFISuite 
It's very old but the author points to LFISuite
 2020-05-04 12:07:49 +02:00
Joep van Gassel
a35c6218e6
Update README.md 
wrong URL for kali docker
 2020-04-23 07:41:29 +02:00
Meitar M
37c63af3a5
Add TRRespass fuzzer, a DRAM side-channel (rowhammer) fuzzer suite. 2020-04-20 15:04:23 -04:00
Meitar M
4c52d39bd1
Remove in-browser LOIC link (site no longer exists), fix LOIC line item. 2020-04-06 17:09:48 -04:00
0xACAB
8f4e5dabba
Merge pull request #363 from meitar/fridax 
Rephrase Fridax, alphabetize.
 2020-04-06 17:08:11 -04:00
0xACAB
f64f87ac08
Merge pull request #362 from meitar/ghsa 
Add GitHub Security Advisories database.
 2020-04-06 17:07:47 -04:00
Meitar M
129823c510
Rephrase Fridax, alphabetize. 2020-04-06 17:04:31 -04:00
Meitar M
987a0e6d9a
Add GitHub Security Advisories database. 2020-04-06 16:57:45 -04:00
Tijme Gommers
6c5abf2344
Add Fridax to the Reverse Engineering Tools. 
https://github.com/NorthwaveNL/fridax
 2020-04-06 12:59:01 +02:00
0xACAB
64e7782611
Merge pull request #359 from meitar/gocrack 
Add GoCrack, Web frontend for distributed hashcat cracking jobs.
 2020-04-05 14:50:31 -04:00
0xACAB
40d117028c
Add GoCrack, Web frontend for distributed hashcat cracking jobs. 2020-04-04 11:53:31 -04:00
Meitar M
772a0ed63c
Add Tavis Ormandy's Windows ctftool exploration/exploit tool. 2020-03-24 22:24:31 -04:00
Meitar M
9a79d68079
Remove deprected Evilginx, leave only its successor, Evilginx2. 2020-03-18 21:31:13 -04:00
Samar Dhwoj Acharya
3886a7ba2c
Merge pull request #355 from meitar/ncrack 
Add Ncrack, an `nmap`-like authentication cracking tool.
 2020-03-17 20:31:47 -05:00
Meitar M
b89cf272ca
Closes #288: Props to @lMaxTl. 
This is a new commit in the interests in speed and brevity; the original
PR contained numerous extranneous commits. I asked the original
submitter to clean it a little bit, but they never responded, and now
their commit history requires quite a bit of conflict resolution before
it will merge cleanly. I'm taking the initiative to re-do their work in
a single, new commit just to have it done.
 2020-03-16 19:40:06 -04:00
Meitar M
ba368240e5
Add Ncrack, an nmap-like authentication cracking tool. 2020-03-16 19:27:59 -04:00
Meitar M
f1d061e61d
OWASP ZAP has a new homepage; update its URL on this list. 2020-03-15 18:36:47 -04:00
Meitar M
9e17d5bff1
Remove DWF; the project ended due to lack of community involvement. 2020-03-13 20:20:19 -04:00
Meitar M
90b5156caa
Add PSKracker, a fast WPA/WPA2/WPS cracking tool for pentesters. 2020-03-13 20:14:42 -04:00
Meitar M
312d7019d7
Add Snyk's vuln DB. 2020-02-27 13:50:03 -05:00
Meitar M
60ff773d44
Closes #345: Use original repository for RsaCtfTool. 2020-02-26 15:58:10 -05:00
Meitar M
92a965fd4c
Add Postenum, a simple privesc suggester for GNU/Linux. 2020-02-23 19:10:27 -05:00
Meitar M
d90ab4440d
Add SGX-Step, a framework for attacking secure enclaves via side channels. 2020-02-20 03:07:37 -05:00
Meitar M
f7178b07d3
Add Thunderclap, an open source DMA and IOMMU auditing platform. 2020-02-10 14:27:44 -05:00
Meitar M
53bd2a5815
Remove numerous whitelisted URLs since they now redirect safely. 2020-01-26 21:34:44 -05:00
Meitar M
b5a6fba17b
Fix HTTP 404 Not Found errors, remove Intel Techniques tools. 
The Intel Techniques online tools collection no longer exists and has
been removed by the author.
 2020-01-26 21:13:32 -05:00
Meitar M
0ccb2304fd
Add subbrute, move AQUATONE and OWASP Amass to net recon section. 
Both AQUATONE and OWASP Amass are not actually direct network device
discovery tools, but OSINT and DNS-specific mass querying tools. A
domain (or subdomain) is not technicall a network device, and thus I
feel like these tools were mis-categorized by being grouped with actual
network device discovery search engines like Shodan.
 2020-01-26 20:56:34 -05:00
Meitar M
b9829cf461
Move Dradis, Lair to Collaboration Tools section. Remove KarmaHostage. 2020-01-16 15:07:16 -05:00
Quinten De Swaef
3890acf0af
Update README.md 2020-01-15 16:03:52 +01:00
Samar Dhwoj Acharya
deda18c6dd
Merge pull request #333 from Dormidera/patch-1 
conference: add honeycon.eu
 2019-11-26 13:45:32 -06:00
Meitar M
8631ba01b2
Remove old, unmaintained tools shellsploit and Dripcap. 2019-11-26 12:06:42 -05:00
Meitar M
14c03986d8
Add Skiptracer, OSINT scraping framework that avoids data-for-pay needs. 2019-11-26 11:28:33 -05:00
1024Megas
3ea7fac64d
Update README.md 2019-11-25 14:34:06 +01:00
Meitar M
33aa9686ac
Start categorization of OSINT tools list. 2019-11-07 22:45:04 -05:00
Meitar M
4a722fbf64
Add two anonymity and two file format tools. 2019-11-06 13:58:59 -05:00
Meitar M
131b5eef40
Link to conference homepages instead of past year's events. 2019-11-03 23:28:08 -05:00
Meitar M
ff9ab7b5de
Subcategorize "Conferences" section by continent. 2019-11-03 23:18:04 -05:00
Meitar M
a7abf275c4
Fix typo in hacker con name. 2019-11-03 15:48:37 -05:00
Samar Dhwoj Acharya
8de54d12cb
Merge pull request #326 from meitar/hacker-cons 
Add two NYC-based hacker cons.
 2019-11-03 14:46:29 -06:00
Meitar M
36a30d3738
Add two NYC-based hacker cons. 2019-11-03 15:43:27 -05:00
Meitar M
7533e7dde8 Merge branch 'yar' of https://github.com/aubrel/awesome-pentest into aubrel-yar 2019-11-03 15:37:31 -05:00
aubrel
c04c853ae3
Added Yar, an OSINT tool. 2019-11-03 09:23:40 -05:00
Samar Dhwoj Acharya
e8db1b5ff4
Merge pull request #321 from hangmansROP/patch-1 
Add AWS Tool Arsenal
 2019-11-03 00:28:13 -05:00
Samar Dhwoj Acharya
7e836fbfe6
Merge pull request #322 from jimender2/jimender2-patch-1-Cyber-Summit 
Add National Cyber Summit Conference to the Conference List
 2019-11-03 00:27:34 -05:00
Samar Dhwoj Acharya
95cd5cbd9c
Merge pull request #323 from ducksecops/patch-1 
Update README.md
 2019-11-03 00:26:30 -05:00
Meitar M
c6e1712b67
Update link for dos-over-tor tool. 2019-11-02 22:28:37 -04:00
Meitar M
05a5198fa2
Add SIET, tool for manipulating insecure Cisco Smart Install switches. 2019-11-02 22:20:03 -04:00
ducksecops
9e86c5e764
Update README.md 
Co-Authored-By: Samar Dhwoj Acharya <coolsamar207@gmail.com>
 2019-10-31 23:53:00 +00:00
ducksecops
7f7a7748c7
Update README.md 
Co-Authored-By: Samar Dhwoj Acharya <coolsamar207@gmail.com>
 2019-10-31 23:52:43 +00:00
ducksecops
e93ae412de
Update README.md 
Added steelcon to list of conference for UK readers and also the excellent collection of sessions recorded by cooper at a range of different security conferences.
 2019-10-29 23:06:48 +00:00
Jonathan Meredith
43e2c99ad8
Add National Cyber Summit Conference to the List 2019-10-17 19:34:53 -04:00
hangmansROP
694b0b698d
Add AWS Tool Arsenal 
Recommend this list of AWS tools for offensive and defensive teams.
 2019-10-17 20:36:30 +01:00
Meitar M
f9a63461b1
Fix URL for CarolinaCon. 2019-10-12 23:21:53 -04:00