Iodine is a DNS tunnel and useful for data exfiltration.
The Network Tools section became very long, so I chunked it up with
subcategories that pertain to the sort of tool. ("Network Tools" is
itself somewhat vague, and multi-paradigm/multi-function tools were
retained in the root of the category.)
Finally, "Defense Evasion Tools" was renamed to "Anti-virus Evasion
Tools" because every utility listed there was actually an AV or
host-based defense evasion tool, which is distinct from the network
evasion tools (exfiltration utilities) already listed in the "Network
Tools" section, above. I believe this clarity will help a reader more
quickly find the specific type of "defense evasion" utility they are
actually looking for.
Added 2 tools to web vulnerability scanning category.
Zoom- an advanced wordpress username enumerator with infinite scanning (much more powerful than the user name enumeration module in wpscan)
Sqlmate- a friend of sqlmap that identifies sqli vulnerabilities based on given dork and website (optional)
Remove line 562 "* [Hack3rCon](http://hack3rcon.org/) - Annual US hacker conference." because the link leads to a domain squatting website rather than an actual hacker conference.
[ACSTIS](https://github.com/tijme/angularjs-csti-scanner) helps you to scan certain web applications for AngularJS Client-Side Template Injection (sometimes referred to as CSTI, sandbox escape or sandbox bypass). It supports scanning a single request but also crawling the entire web application for the AngularJS CSTI vulnerability.
Fluxion - Suite of automated social engineering based WPA attacks.
I found this tool to be useful in gaining WPA/WPA2 credentials without needing to crack the handshake. Automates the process of using social engineering to trick users into giving up their WPA passphrases. Also confirms the correct passphrase was harvested by automatically comparing the passphrase to a captured handshake.
I think this tool fits better in the Wireless Network Tools section rather than the Social Engineering section.
This commit focses on the Penetration Testing Resources section and
provides better descriptions for most of the items therein. It also adds
the OSSTMM version 3 pentest methodology manual, which seems fitting as
it is both listed by OWASP and fits nicely with the PTES and PTF items
already listed.
SPARTA is not really its own tool, it's more like a meta-tool. There are
many "network infrastructure penetration testing tools" on this list,
but what does SPARTA actually do that these other tools don't? The
answer is primarily that SPARTA is a GUI wrapper around arbitrary
command lines with some additional logic to identify results from
well-known tools such as `nmap` and trigger actions based on those
results in other tools. Let's make that clear in the item's description.
This commit conforms the Anonymity Tools section to the Awesome List
style guide by adding periods and such, plus adds the WEBKAY project to
help defend against identity and privay leaks from mis-configured Web
browsers. It also phrases the Tor project item description more clearly.
This commit updates numerous tools all previously categorized as "SSL"
tools. It updates their descriptions to more accurately describe current
versions by remarking on TLS capabilities, and it does the same with the
section heading. Further, Web-centric exploitation tools related to
SSL/TLS implementations have been moved to the Web Exploitation section,
where they arguably more properly belong, as SSL/TLS implementations may
include application-layer services beyond simply HTTP and "Web" traffic.
This commit removes the "Basic Penetration Testing Tools" section and
moves numerous items listed therein into more appropriate places, based
on existing categories. For instance, BeEF is moved to the Web
Exploitation section, since it is more accurate to describe it as a Web
exploitation tool than a "Basic" tool. The former category is
descriptive while the latter is clearly nondescript.
A new section, "Multi-paradigm Frameworks," has been added for items
that were listed under the removed "Basic" section but that do not
cleanly fit into an existing category. Namely, these are Metasploit,
ExploitPack, and Faraday, which are exceptions simply because they are
so versatile. (Hence the choice of the new section, "Multi-paradigm.")
Additionally, the well-known Armitage GUI for Metasploit was added.
Moreover, Bella was moved to a new section, "macOS Utilities," which
provides parity with the existing Windows Utilities and GNU/Linux
Utilities section. Bella is a post-exploitation agent similar to
redsnarf, which likewise has been moved out of the "Basic" section and
into its more appropriate Windows Utilities section.
Other minor touch ups to various item descriptions were also made.
* Add CVE List to Vulnerability Databases section, since it was missing.
* Style guide compliance pass focused on Vulnerability Databases section.
* Whitelist the Inj3ct0r URLs.
The `0day.today` website sits behind an extremely aggressive Cloudflare
anti-bot checker, which causes `awesome-bot` to trigger an HTTP 503
response. This fails the build but is actually normal behavior.
Similarly, the Onion service is inaccessible except over Tor and our
Travis CI configuration does not (yet?) support checking Onion service
links. (Although, perhaps it should be updated to do so in a future PR.)
This commit provides more detail and context for the vulnerability
scanners section. It groups Web Scanners into its own subheading, and
moves scanning tools from the Web Exploitation section into this section
as these tools do not actually focus on *exploiting* websites.
Additionally, Static Analyzers are grouped, two new static analyzers
(cppcheck and FindBugs) have been added, and commercial tools are
appropriately described as such.
This commit focuses on terminological consistency, including:
* Use consistent capitalization for abbreviations (OSInt -> OSINT).
* Consistently expand ambiguous phrases (OS -> operating system).
* Settle on standard names (Wi-Fi -> WiFi, etc.) where a mix was used.
* Expand acronyms in item titles when doing so shortens the description.
* Replace descriptions that merely expanded acronyms with actual text.
* Remove duplicate items that have more than one URL (Commix project).
* Do not Title Case description text when description is simply prose.
This commit tidies some minor issues with pull request #141, namely:
* fix style guide compliance from accidental reversion during merge.
* add a period to the last sentence of the introduction paragraph.
* make the table of contents's content match the headings in the doc.
* consistently spell open source without a dashed word ("open-source").
This commit is a first-pass attempt at adhering to the style guide of
the Awesome List contribution guidelines at
https://github.com/sindresorhus/awesome/blob/master/pull_request_template.md
Specificaly, I have:
* added a succinct description of the project/theme at top of README.
* added the awesome badge on the right side of the list heading.
* titled the table of contents `Contents`.
* moved the `CONTRIBUTING.md` file to the expected filesystem path.
* capitalized the first word of link descriptions, when present.
* added trailing periods to link descriptions, when not present.
* removed the "A" and "An" prepositions from link descriptions.
* removed the Travis CI build status badge.
* matched the heading levels to the style guide's recommendations.
Cugu's `awesome-forensics` because it emphasizes free (gratis) and
open-source tools. It contains numerous tools that are relevant to
pentesting but not directly in scope, such as The Sleuth Kit, etc.
* New section OSINT Resources for link-sites rather than actual tools.
This commit adds a new subsection under "Online Resources" called "OSInt
Resources" and moves a few entries from the "OSInt Tools" section there.
This is done because the OSInt Tools section has grown to expand entries
that are not actually tools, but rather lists/collections of other
tools. These OSINT resources are great, but are distinct from a single,
installable, or otherwise immediately-usable tools.
This commit also adds a new such resource, NetBoomcamp.org's listing of
OSINT tools and custom Web interfaces for some endpoints, like Facebook.
* Fix link to `HackThisSite.org`. (Should be `https://hackthissite.org/`.)
* Fixed a dead link
404 error in Docker subsection regarding the docker-metasploit tool
* Fixed broken metasploit link
Changed docker-metasploit link (and thus author) due to a 404 error in the prior link
* added 'Defcon Suggested Reading' to books section https://www.defcon.org/html/links/book-list.html
* added Defcon Suggested Reading to Books https://www.defcon.org/html/links/book-list.html. Removed sections from old clone version
* re-added removed lines
* spelling fix
* added Vuls Vulnerability Scanner https://github.com/future-architect/vuls
* added Kali Linux Docker Image https://www.kali.org/news/official-kali-linux-docker-images/
* re-added owasp juice docker image
* Added dorkign resources, removed duplicate kali image
Added six new dorking links to OSInt Tools. Removed duplicate Kali docker image I added in previous pull request. Orignal link is better since it sources docker hub instead of Offensive Security
* Added dorkign resources, removed duplicate kali image
Added six new dorking links to OSInt Tools. Removed duplicate Kali docker image added in previous pull request. Orignal link is better since it sources docker hub instead of Offensive Security
* removed swap file
Doesn't seem to be available anymore
https://hub.docker.com/r/usertaken/archlinux-pentest-lxde/
[ldionmarcil:~]$ sudo docker pull usertaken/archlinux-pentest-lxde
Using default tag: latest
Pulling repository docker.io/usertaken/archlinux-pentest-lxde
Error: image usertaken/archlinux-pentest-lxde not found
I add the Parrot distribution. It is similar to Kali, but the display is lighter because it use XFCE with some custom graphics. All tools seems to be there :)
