Commit Graph

760 Commits

Author SHA1 Message Date
Jayson Grace
233d9596e3 Update WebGoat docker entry
Add official WebGoat docker images
- 7.1 (older and best-known by the security community)
- 8.0 (newest release with numerous changes and revisions)
2018-09-10 10:03:20 -07:00
Meitar M
f5d3b0ff04
Fix the Docker for Penetration Testing section: punctuation, etc. 2018-09-06 13:47:24 -04:00
Meitar M
a7e3fdb18e
Fix the Pentesting Report Template.
This commit removes items from the Pentesting Report Template section
that are either not templates or have been removed from the source.
Further, line items are updated to use meaningful descriptions and to
follow the Awesome List style guides (capitalization and punctuation).
2018-09-06 13:44:59 -04:00
Samar Dhwoj Acharya
300ae73467
Merge pull request #248 from sundaysec/patch-2
Added Awesome list
2018-08-23 11:54:09 -05:00
PHILEMON SUNDAY JOEL
5688f8dd1e
Added Awesome list
Android Exploitation and Hacks
2018-08-23 10:17:23 +03:00
Samar Dhwoj Acharya
86b673b941
Merge pull request #246 from meitar/evilosx
Add EvilOSX, a macOS RAT with several out-of-the-box exfil tools.
2018-08-08 16:54:39 -05:00
Samar Dhwoj Acharya
fcfd2d9d14
Merge pull request #247 from meitar/tools
Add several new phishing and anonymity tools:
2018-08-08 16:54:02 -05:00
Meitar M
8b73e1251f
Add several new phishing and anonymity tools:
* SocialFish, a social media phishing framework.
* ShellPhish, a social media site cloner built on SocialFish.
* dos-over-tor, a torifid DoS and stress test tool.
* oregano, a MITM proxy that accepts direct Tor client requests.
2018-08-08 16:01:47 -04:00
Meitar M
306458f22e
Add EvilOSX, a macOS RAT with several out-of-the-box exfil tools. 2018-08-08 15:47:16 -04:00
Samar Dhwoj Acharya
c9c1df653f
Merge pull request #245 from meitar/scomdecrypt
Add SCOMDecrypt, a tool to retrieve and decrypt stored RunAs creds.
2018-08-05 17:47:39 -05:00
Samar Dhwoj Acharya
4c254776ab
Merge pull request #244 from meitar/stegcracker
Add StegCracker, tool that brute forces steganographic data in files.
2018-08-05 17:47:09 -05:00
Meitar M
07e6025a12
Add SCOMDecrypt, a tool to retrieve and decrypt stored RunAs creds. 2018-08-05 17:25:42 -04:00
Meitar M
e3c19c6d98
Add StegCracker, tool that brute forces steganographic data in files. 2018-08-05 17:10:22 -04:00
Samar Dhwoj Acharya
a276857a73
Merge pull request #243 from fheuer/patch-1
Added Btfm book
2018-08-01 20:01:34 -05:00
Florian Heuer
c88b19587d
Added Btfm book 2018-08-01 16:59:22 +02:00
Samar Dhwoj Acharya
16ccc45735
Merge pull request #240 from abhishekbundela/master
Added pentestbox.
2018-07-31 19:48:37 -05:00
Samar Dhwoj Acharya
33dcacdde4
Update README.md 2018-07-31 19:48:15 -05:00
Samar Dhwoj Acharya
c77337ef0e
Merge pull request #241 from meitar/ruler
Add Ruler, a tool to abuse client-side Outlook features to pwn Exchange.
2018-07-31 19:46:06 -05:00
Samar Dhwoj Acharya
35257be346
Merge pull request #242 from meitar/bella
Fix link for Bella, a post-exploitation agent for MacOS.
2018-07-31 19:45:22 -05:00
Meitar M
081241efc6
Fix link for Bella, a post-exploitation agent for MacOS. 2018-07-31 17:17:00 -04:00
Meitar M
f0cba27bf0
Add Ruler, a tool to abuse client-side Outlook features to pwn Exchange. 2018-07-31 16:57:03 -04:00
Abhishek bundela
c14d026566
Added pentestbox. 2018-07-31 18:05:47 +05:30
Samar Dhwoj Acharya
e922b9da06
Merge pull request #239 from sundaysec/patch-2
Added MITMF
2018-07-30 12:51:31 -05:00
Samar Dhwoj Acharya
ecab02ad15
Merge pull request #238 from evyatarmeged/patch-1
Add Raccoon under Web Exploitation category
2018-07-30 12:50:45 -05:00
Samar Dhwoj Acharya
7ae9d0ed32
Merge pull request #235 from meitar/blueteam
New awesome list: "Cybersecurity Blue Team"
2018-07-30 12:50:09 -05:00
PHILEMON SUNDAY JOEL
2a8c4a9a46
Added MITMF
A Framework for Man-In-The-Middle attacks
2018-07-27 16:00:23 +03:00
Evyatar Meged
121e9f8872
Add Raccoon under Web Exploitation category
I've added my new tool, Raccoon, to the Web Exploitation tools list
https://github.com/evyatarmeged/Raccoon
2018-07-25 21:22:55 +03:00
Samar Dhwoj Acharya
ccc3b5182d
Merge pull request #237 from meitar/foca
Add FOCA, an OSINT tool that uses three search engines.
2018-07-25 12:13:10 -05:00
Samar Dhwoj Acharya
f292ec467e
Merge pull request #236 from TheM4hd1/patch-1
Update README.md
2018-07-25 12:01:25 -05:00
Meitar M
60c06a2195
Add FOCA, an OSINT tool that uses three search engines. 2018-07-25 11:17:26 -04:00
Mahdi Makhdumi
a3e481f9a3
Update README.md 2018-07-25 13:42:50 +04:30
Mahdi Makhdumi
bb023efb72
Update README.md 2018-07-25 03:31:34 +04:30
Meitar M
71017d5b2a
New awesome list: "Cybersecurity Blue Team"
This is a companion/sister list to awesome-pentest intended to provide
the same level of quality resources for defenders rather than attackers.
2018-07-24 16:29:17 -04:00
Samar Dhwoj Acharya
d295832e00
Merge pull request #219 from meitar/cnnvd
Add CNNVD to Vulnerability Databases section.
2018-07-24 14:48:59 -05:00
Samar Dhwoj Acharya
8bb617b7d7
Merge pull request #232 from C-Sto/patch-1
Add recursebuster
2018-07-24 14:44:16 -05:00
Samar Dhwoj Acharya
9a2fb6b9c7
Merge pull request #234 from sundaysec/patch-1
Added awesome tools
2018-07-24 14:42:29 -05:00
Samar Dhwoj Acharya
b7397f5035
Merge pull request #233 from meitar/new-tools
Add numerous tools, namely:
2018-07-24 14:39:31 -05:00
PHILEMON SUNDAY JOEL
eb69db65bf
Added awesome tools 2018-07-24 22:01:13 +03:00
Meitar M
9040ae7742
Add numerous tools:
* ScanCannon - `masscan` and `nmap` multiplexer.
* RID_ENUM - null session cycling attack for Windows user enumeration.
* MailSniper - recon toolkit for MS Exchange (OWA/EWS) environments.
* FiercePhish - full-fledged phishing campaign management platform.
* Hunter.io - data broker providing internal company emails.
2018-07-23 15:44:49 -04:00
C_Sto
c7d8034e58
Add recursebuster
https://github.com/c-sto/recursebuster

Content discovery/recursive web directory bruteforcer
2018-07-15 14:50:40 +08:00
Samar Dhwoj Acharya
4149615863
Merge pull request #230 from fheuer/patch-1
Update README.md
2018-05-18 10:21:11 -05:00
Florian Heuer
ceb54f3b7d
Update README.md
Added VaaS SambaCry in Docker for Penetration Testing
2018-05-18 15:50:26 +02:00
Samar Dhwoj Acharya
87d397bb41
Merge pull request #229 from meitar/packettotal
Add PacketTotal near Virus Total, a similar service for PCAP analysis.
2018-05-12 14:52:08 -05:00
Meitar M
12b9636a43
Add PacketTotal near Virus Total, a similar service for PCAP analysis. 2018-05-12 12:22:49 -04:00
Samar Dhwoj Acharya
b29eb6e148
Merge pull request #228 from meitar/hydra
Add THC Hydra, a famous online network protocol password cracker.
2018-05-04 22:34:37 -05:00
Meitar M
fc8b826142
Add THC Hydra, a famous online network protocol password cracker. 2018-05-04 22:52:53 -04:00
Samar Dhwoj Acharya
25eac5cd9b
Merge pull request #222 from alichtman/master
Removed Duplicate Kali Linux Docker Link
2018-04-30 09:13:50 -05:00
Samar Dhwoj Acharya
72bf8cee2c
Merge pull request #227 from meitar/network-tools
Sub-categorize "Network Tools" section, clarify "Defense," add Iodine.
2018-04-30 09:11:48 -05:00
Meitar M
062e214ebf
Sub-categorize "Network Tools" section, clarify "Defense," add Iodine.
Iodine is a DNS tunnel and useful for data exfiltration.

The Network Tools section became very long, so I chunked it up with
subcategories that pertain to the sort of tool. ("Network Tools" is
itself somewhat vague, and multi-paradigm/multi-function tools were
retained in the root of the category.)

Finally, "Defense Evasion Tools" was renamed to "Anti-virus Evasion
Tools" because every utility listed there was actually an AV or
host-based defense evasion tool, which is distinct from the network
evasion tools (exfiltration utilities) already listed in the "Network
Tools" section, above. I believe this clarity will help a reader more
quickly find the specific type of "defense evasion" utility they are
actually looking for.
2018-04-14 15:27:31 -04:00
Meitar M
ee32aff5c3 Add Shellter dynamic shellcode injection tool (anti-virus evasion tool). (#226) 2018-04-12 17:55:18 -05:00