Commit Graph

853 Commits

Author SHA1 Message Date
Samar Dhwoj Acharya
9ff00ba17a Merge pull request #159 from meitar/0xed
Add 0xED, a native macOS hex editor with support for resource forks.
2017-07-13 10:47:51 -05:00
Samar Dhwoj Acharya
6b733bfeeb Merge pull request #160 from meitar/ssl-tls
Move `sslstrip` to Web Exploitation, recategorize SSL as TLS tools.
2017-07-13 10:47:29 -05:00
Samar Dhwoj Acharya
8ab42bb257 Merge pull request #161 from meitar/anonymity-tools
Awesome List style guide compliance pass on the Anonymity Tools section.
2017-07-13 10:46:53 -05:00
Samar Dhwoj Acharya
29acf16652 Merge pull request #162 from meitar/pupy
Add Pupy, a multi-paradigm (scriptable/interactive) cross-platform RAT.
2017-07-13 10:45:16 -05:00
Meitar M
19bfe12cd6
Add Pupy, a multi-paradigm (scriptable/interactive) cross-platform RAT. 2017-07-13 03:45:49 -04:00
Meitar M
a4a1f0ecc6
Awesome List style guide compliance pass on the Anonymity Tools section.
This commit conforms the Anonymity Tools section to the Awesome List
style guide by adding periods and such, plus adds the WEBKAY project to
help defend against identity and privay leaks from mis-configured Web
browsers. It also phrases the Tor project item description more clearly.
2017-07-13 00:20:39 -04:00
Meitar M
bf7a6151a9
Add 0xED, a native macOS hex editor with support for resource forks. 2017-07-12 23:41:23 -04:00
Meitar M
74068f8d34
Move sslstrip to Web Exploitation, recategorize SSL as TLS tools.
This commit updates numerous tools all previously categorized as "SSL"
tools. It updates their descriptions to more accurately describe current
versions by remarking on TLS capabilities, and it does the same with the
section heading. Further, Web-centric exploitation tools related to
SSL/TLS implementations have been moved to the Web Exploitation section,
where they arguably more properly belong, as SSL/TLS implementations may
include application-layer services beyond simply HTTP and "Web" traffic.
2017-07-12 23:32:11 -04:00
Samar Dhwoj Acharya
1c7ee4c923 Merge pull request #158 from meitar/aquatone
Add AQUATONE, "a tool for domain flyovers" that makes a handy report.
2017-07-12 21:48:13 -05:00
Samar Dhwoj Acharya
04e9415204 Merge pull request #157 from meitar/xray
Add XRay, automated network (sub)domain recon and OSINT gathering tool.
2017-07-12 21:47:14 -05:00
Meitar M
6a64b2d78b
Add AQUATONE, "a tool for domain flyovers" that makes a handy report. 2017-07-12 17:02:43 -04:00
Meitar M
0ed418eef0
Add XRay, automated network (sub)domain recon and OSINT gathering tool. 2017-07-12 16:51:11 -04:00
Samar Dhwoj Acharya
6e464e5bb4 Merge pull request #156 from meitar/pret
Better description of PRET through conformity with item link style.
2017-07-12 07:46:51 -05:00
Samar Dhwoj Acharya
77df4413fc Merge pull request #155 from meitar/wireshark-macos
Better description for Wireshark, make clear it is cross-platform.
2017-07-12 07:46:25 -05:00
Samar Dhwoj Acharya
bbffb78c67 Merge branch 'master' into wireshark-macos 2017-07-12 07:46:04 -05:00
Samar Dhwoj Acharya
69ba677983 Merge pull request #154 from meitar/basic-tools
Recategorize "Basic" tools section for clarity and conformity.
2017-07-12 07:43:26 -05:00
Meitar M
e4ac5a1cc1
Better description of PRET through conformity with item link style. 2017-07-12 02:51:49 -04:00
Meitar M
16868763fd
Better description for Wireshark, make clear it is cross-platform. 2017-07-12 02:45:19 -04:00
Meitar M
0e4032c58e
Recategorize "Basic" tools section for clarity and conformity.
This commit removes the "Basic Penetration Testing Tools" section and
moves numerous items listed therein into more appropriate places, based
on existing categories. For instance, BeEF is moved to the Web
Exploitation section, since it is more accurate to describe it as a Web
exploitation tool than a "Basic" tool. The former category is
descriptive while the latter is clearly nondescript.

A new section, "Multi-paradigm Frameworks," has been added for items
that were listed under the removed "Basic" section but that do not
cleanly fit into an existing category. Namely, these are Metasploit,
ExploitPack, and Faraday, which are exceptions simply because they are
so versatile. (Hence the choice of the new section, "Multi-paradigm.")

Additionally, the well-known Armitage GUI for Metasploit was added.

Moreover, Bella was moved to a new section, "macOS Utilities," which
provides parity with the existing Windows Utilities and GNU/Linux
Utilities section. Bella is a post-exploitation agent similar to
redsnarf, which likewise has been moved out of the "Basic" section and
into its more appropriate Windows Utilities section.

Other minor touch ups to various item descriptions were also made.
2017-07-12 02:28:12 -04:00
Samar Dhwoj Acharya
24ee7a47b0 Merge pull request #153 from meitar/binwalk
Add `binwalk`, fast and easy tool for reversing firmware images.
2017-07-11 23:26:38 -05:00
Samar Dhwoj Acharya
3ad1b1186f Merge pull request #152 from meitar/ida-pro-free
IDA Pro and IDA Free are basically the same; combine into one item.
2017-07-11 23:25:56 -05:00
Meitar M
2b2996f5ed
IDA Pro and IDA Free are basically the same; combine into one item. 2017-07-12 00:09:27 -04:00
Meitar M
ed7ebf1848
Add binwalk, fast and easy tool for reversing firmware images. 2017-07-12 00:04:18 -04:00
Samar Dhwoj Acharya
8bb8394e20 Merge pull request #151 from meitar/capitalization
Fix inconsistent capitalization in headings; "utils" -> "utilities."
2017-07-11 08:08:35 -05:00
Meitar M
9749c6382d
Fix inconsistent capitalization in headings; "utils" -> "utilities." 2017-07-11 05:49:24 -04:00
Samar Dhwoj Acharya
756ac14ce1 Merge pull request #150 from meitar/osvdb
Drop link to commercial-only VulnDB based off OSVDB.
2017-07-10 17:34:10 -05:00
Meitar M
32ff359418
Drop link to commercial-only VulnDB based off OSVDB. 2017-07-10 16:17:34 -04:00
Samar Dhwoj Acharya
d39cd608c6 Merge pull request #149 from meitar/compliance
Fix minor typos, capitalization issues, and term consistency.
2017-07-08 19:16:31 -05:00
Samar Dhwoj Acharya
ed132d95be Merge pull request #148 from attritionorg/patch-1
touch-ups and clarifications for the VDB section
2017-07-08 19:13:19 -05:00
Meitar M
9b037a9bbf Fix minor typos, capitalization issues, and term consistency. 2017-07-08 20:03:48 -04:00
Jericho
71d146979c touch-ups and clarifications for the VDB section 2017-07-08 16:45:34 -06:00
Samar Dhwoj Acharya
51949983f7 Merge pull request #145 from meitar/vuln-scanners
Reorganize Vulnerability Scanners section, add subheadings.
2017-07-08 15:01:12 -05:00
Meitar M
3c811415bc Style guide compliance pass focused on Vulnerability Databases section. (#144)
* Add CVE List to Vulnerability Databases section, since it was missing.

* Style guide compliance pass focused on Vulnerability Databases section.

* Whitelist the Inj3ct0r URLs.

The `0day.today` website sits behind an extremely aggressive Cloudflare
anti-bot checker, which causes `awesome-bot` to trigger an HTTP 503
response. This fails the build but is actually normal behavior.

Similarly, the Onion service is inaccessible except over Tor and our
Travis CI configuration does not (yet?) support checking Onion service
links. (Although, perhaps it should be updated to do so in a future PR.)
2017-07-08 13:52:24 -05:00
Samar Dhwoj Acharya
42aa8a29a3 Merge pull request #146 from meitar/fiddler
Add Fiddler, provide more detail on OWASP ZAP.
2017-07-08 13:48:46 -05:00
Samar Dhwoj Acharya
ce9df945f5 Merge pull request #147 from meitar/wafw00f
Add wafw00f, a web application firewall fingerprinter.
2017-07-08 13:48:26 -05:00
Meitar M
522863e27a
Add wafw00f, a web application firewall fingerprinter. 2017-07-08 01:06:39 -04:00
Meitar M
b1b77f40a9
Add Fiddler, provide more detail on OWASP ZAP. 2017-07-08 00:24:33 -04:00
Meitar M
d2825614c3
Reorganize Vulnerability Scanners section, add subheadings.
This commit provides more detail and context for the vulnerability
scanners section. It groups Web Scanners into its own subheading, and
moves scanning tools from the Web Exploitation section into this section
as these tools do not actually focus on *exploiting* websites.

Additionally, Static Analyzers are grouped, two new static analyzers
(cppcheck and FindBugs) have been added, and commercial tools are
appropriately described as such.
2017-07-07 22:18:09 -04:00
Samar Dhwoj Acharya
083fc14dff Merge pull request #143 from meitar/compliance
Further "Awesome List" style guide compliance passes.
2017-07-07 11:07:57 -05:00
Meitar M
6ac7727def
Further "Awesome List" style guide compliance passes.
This commit focuses on terminological consistency, including:

* Use consistent capitalization for abbreviations (OSInt -> OSINT).
* Consistently expand ambiguous phrases (OS -> operating system).
* Settle on standard names (Wi-Fi -> WiFi, etc.) where a mix was used.
* Expand acronyms in item titles when doing so shortens the description.
* Replace descriptions that merely expanded acronyms with actual text.
* Remove duplicate items that have more than one URL (Commix project).
* Do not Title Case description text when description is simply prose.
2017-07-07 01:42:53 -04:00
Meitar M
266aad7120
Remove "A" at beginning of link description. (Missed from before.) 2017-07-06 01:53:54 -04:00
Samar Dhwoj Acharya
061114e5a6 Merge pull request #142 from meitar/contents
Make grammar consistent: "command-line" -> "command line" and so on.
2017-07-06 00:41:46 -05:00
Meitar M
8a2bfb965b
Make grammar consistent: "command-line" -> "command line" and so on.
This commit tidies some minor issues with pull request #141, namely:

* fix style guide compliance from accidental reversion during merge.
* add a period to the last sentence of the introduction paragraph.
* make the table of contents's content match the headings in the doc.
* consistently spell open source without a dashed word ("open-source").
2017-07-06 01:04:08 -04:00
Samar Dhwoj Acharya
8d8e18d27c Merge pull request #141 from meitar/awesome-compliant
First round of making this list awesome compliant, for #86.
2017-07-05 23:49:50 -05:00
Samar Dhwoj Acharya
e2fe7cbef6 Merge branch 'master' into awesome-compliant 2017-07-05 23:47:22 -05:00
Meitar M
b742364f12
Remove duplicated linkback to Awesome List origin (it's a badge now). 2017-07-06 00:41:15 -04:00
Meitar M
7adf2fb0df
Add periods for link descriptions that were missing them. 2017-07-06 00:39:03 -04:00
Samar Dhwoj Acharya
9fb37de33a add sobelow - phoenix framework static analyzer 2017-07-05 23:37:46 -05:00
Meitar M
b40bbe3963
First round of making this list awesome compliant, for #86.
This commit is a first-pass attempt at adhering to the style guide of
the Awesome List contribution guidelines at
https://github.com/sindresorhus/awesome/blob/master/pull_request_template.md

Specificaly, I have:

* added a succinct description of the project/theme at top of README.
* added the awesome badge on the right side of the list heading.
* titled the table of contents `Contents`.
* moved the `CONTRIBUTING.md` file to the expected filesystem path.
* capitalized the first word of link descriptions, when present.
* added trailing periods to link descriptions, when not present.
* removed the "A" and "An" prepositions from link descriptions.
* removed the Travis CI build status badge.
* matched the heading levels to the style guide's recommendations.
2017-07-06 00:29:02 -04:00
Samar Dhwoj Acharya
392b0ed926 Merge pull request #140 from meitar/ctf-tools
Add `ctf-tools`, quick installations of various pentest utils.
2017-07-05 21:49:26 -05:00