Commit Graph

309 Commits

Author SHA1 Message Date
Meitar M
0ed418eef0
Add XRay, automated network (sub)domain recon and OSINT gathering tool. 2017-07-12 16:51:11 -04:00
Samar Dhwoj Acharya
6e464e5bb4 Merge pull request #156 from meitar/pret
Better description of PRET through conformity with item link style.
2017-07-12 07:46:51 -05:00
Samar Dhwoj Acharya
bbffb78c67 Merge branch 'master' into wireshark-macos 2017-07-12 07:46:04 -05:00
Samar Dhwoj Acharya
69ba677983 Merge pull request #154 from meitar/basic-tools
Recategorize "Basic" tools section for clarity and conformity.
2017-07-12 07:43:26 -05:00
Meitar M
e4ac5a1cc1
Better description of PRET through conformity with item link style. 2017-07-12 02:51:49 -04:00
Meitar M
16868763fd
Better description for Wireshark, make clear it is cross-platform. 2017-07-12 02:45:19 -04:00
Meitar M
0e4032c58e
Recategorize "Basic" tools section for clarity and conformity.
This commit removes the "Basic Penetration Testing Tools" section and
moves numerous items listed therein into more appropriate places, based
on existing categories. For instance, BeEF is moved to the Web
Exploitation section, since it is more accurate to describe it as a Web
exploitation tool than a "Basic" tool. The former category is
descriptive while the latter is clearly nondescript.

A new section, "Multi-paradigm Frameworks," has been added for items
that were listed under the removed "Basic" section but that do not
cleanly fit into an existing category. Namely, these are Metasploit,
ExploitPack, and Faraday, which are exceptions simply because they are
so versatile. (Hence the choice of the new section, "Multi-paradigm.")

Additionally, the well-known Armitage GUI for Metasploit was added.

Moreover, Bella was moved to a new section, "macOS Utilities," which
provides parity with the existing Windows Utilities and GNU/Linux
Utilities section. Bella is a post-exploitation agent similar to
redsnarf, which likewise has been moved out of the "Basic" section and
into its more appropriate Windows Utilities section.

Other minor touch ups to various item descriptions were also made.
2017-07-12 02:28:12 -04:00
Samar Dhwoj Acharya
24ee7a47b0 Merge pull request #153 from meitar/binwalk
Add `binwalk`, fast and easy tool for reversing firmware images.
2017-07-11 23:26:38 -05:00
Meitar M
2b2996f5ed
IDA Pro and IDA Free are basically the same; combine into one item. 2017-07-12 00:09:27 -04:00
Meitar M
ed7ebf1848
Add binwalk, fast and easy tool for reversing firmware images. 2017-07-12 00:04:18 -04:00
Meitar M
9749c6382d
Fix inconsistent capitalization in headings; "utils" -> "utilities." 2017-07-11 05:49:24 -04:00
Meitar M
32ff359418
Drop link to commercial-only VulnDB based off OSVDB. 2017-07-10 16:17:34 -04:00
Samar Dhwoj Acharya
d39cd608c6 Merge pull request #149 from meitar/compliance
Fix minor typos, capitalization issues, and term consistency.
2017-07-08 19:16:31 -05:00
Meitar M
9b037a9bbf Fix minor typos, capitalization issues, and term consistency. 2017-07-08 20:03:48 -04:00
Jericho
71d146979c touch-ups and clarifications for the VDB section 2017-07-08 16:45:34 -06:00
Samar Dhwoj Acharya
51949983f7 Merge pull request #145 from meitar/vuln-scanners
Reorganize Vulnerability Scanners section, add subheadings.
2017-07-08 15:01:12 -05:00
Meitar M
3c811415bc Style guide compliance pass focused on Vulnerability Databases section. (#144)
* Add CVE List to Vulnerability Databases section, since it was missing.

* Style guide compliance pass focused on Vulnerability Databases section.

* Whitelist the Inj3ct0r URLs.

The `0day.today` website sits behind an extremely aggressive Cloudflare
anti-bot checker, which causes `awesome-bot` to trigger an HTTP 503
response. This fails the build but is actually normal behavior.

Similarly, the Onion service is inaccessible except over Tor and our
Travis CI configuration does not (yet?) support checking Onion service
links. (Although, perhaps it should be updated to do so in a future PR.)
2017-07-08 13:52:24 -05:00
Samar Dhwoj Acharya
42aa8a29a3 Merge pull request #146 from meitar/fiddler
Add Fiddler, provide more detail on OWASP ZAP.
2017-07-08 13:48:46 -05:00
Meitar M
522863e27a
Add wafw00f, a web application firewall fingerprinter. 2017-07-08 01:06:39 -04:00
Meitar M
b1b77f40a9
Add Fiddler, provide more detail on OWASP ZAP. 2017-07-08 00:24:33 -04:00
Meitar M
d2825614c3
Reorganize Vulnerability Scanners section, add subheadings.
This commit provides more detail and context for the vulnerability
scanners section. It groups Web Scanners into its own subheading, and
moves scanning tools from the Web Exploitation section into this section
as these tools do not actually focus on *exploiting* websites.

Additionally, Static Analyzers are grouped, two new static analyzers
(cppcheck and FindBugs) have been added, and commercial tools are
appropriately described as such.
2017-07-07 22:18:09 -04:00
Meitar M
6ac7727def
Further "Awesome List" style guide compliance passes.
This commit focuses on terminological consistency, including:

* Use consistent capitalization for abbreviations (OSInt -> OSINT).
* Consistently expand ambiguous phrases (OS -> operating system).
* Settle on standard names (Wi-Fi -> WiFi, etc.) where a mix was used.
* Expand acronyms in item titles when doing so shortens the description.
* Replace descriptions that merely expanded acronyms with actual text.
* Remove duplicate items that have more than one URL (Commix project).
* Do not Title Case description text when description is simply prose.
2017-07-07 01:42:53 -04:00
Meitar M
266aad7120
Remove "A" at beginning of link description. (Missed from before.) 2017-07-06 01:53:54 -04:00
Meitar M
8a2bfb965b
Make grammar consistent: "command-line" -> "command line" and so on.
This commit tidies some minor issues with pull request #141, namely:

* fix style guide compliance from accidental reversion during merge.
* add a period to the last sentence of the introduction paragraph.
* make the table of contents's content match the headings in the doc.
* consistently spell open source without a dashed word ("open-source").
2017-07-06 01:04:08 -04:00
Samar Dhwoj Acharya
e2fe7cbef6 Merge branch 'master' into awesome-compliant 2017-07-05 23:47:22 -05:00
Meitar M
b742364f12
Remove duplicated linkback to Awesome List origin (it's a badge now). 2017-07-06 00:41:15 -04:00
Meitar M
7adf2fb0df
Add periods for link descriptions that were missing them. 2017-07-06 00:39:03 -04:00
Samar Dhwoj Acharya
9fb37de33a add sobelow - phoenix framework static analyzer 2017-07-05 23:37:46 -05:00
Meitar M
b40bbe3963
First round of making this list awesome compliant, for #86.
This commit is a first-pass attempt at adhering to the style guide of
the Awesome List contribution guidelines at
https://github.com/sindresorhus/awesome/blob/master/pull_request_template.md

Specificaly, I have:

* added a succinct description of the project/theme at top of README.
* added the awesome badge on the right side of the list heading.
* titled the table of contents `Contents`.
* moved the `CONTRIBUTING.md` file to the expected filesystem path.
* capitalized the first word of link descriptions, when present.
* added trailing periods to link descriptions, when not present.
* removed the "A" and "An" prepositions from link descriptions.
* removed the Travis CI build status badge.
* matched the heading levels to the style guide's recommendations.
2017-07-06 00:29:02 -04:00
Meitar M
0765f513d0
Add ctf-tools, quick installations of various pentest utils. 2017-07-05 21:51:54 -04:00
Sachin S. Kamath
e265e3bf4d Add OWTF to list of tools 2017-07-04 10:30:59 +05:30
Duncan Ogilvie
b667e06b81 x64_dbg -> x64dbg 2017-07-03 08:36:05 +02:00
Samar Dhwoj Acharya
38e34cdb1a add brakeman 2017-07-03 01:09:02 -05:00
Meitar M
065df08263
Add WiFi Pineapple to Physical Access Tools section. 2017-07-02 14:18:45 -04:00
Meitar M
132b1f79ad
Add Frhed. (The hex editor section is sort of lacking right now.) 2017-07-01 20:29:37 -04:00
Meitar Moscovitz
b1dd90ffd4
Add Catphish, a tool for phishing and corporate espionage. 2017-06-19 18:04:16 -04:00
Meitar Moscovitz
d46db068f9
Add another (new) Awesome List (awesome-lockpicking). 2017-06-18 17:34:17 -04:00
Meitar Moscovitz
65442ada5b
Add CloudFail, a utility to find IPs hidden behind Cloudflare proxies. 2017-06-18 13:32:26 -04:00
Meitar Moscovitz
ef2da9ddb5
Add scanless, a port scanning "proxy" multiplexing CLI utility. 2017-06-10 00:17:12 -04:00
Samar Dhwoj Acharya
f102f3020d update broken links 2017-06-04 01:42:59 -05:00
Meitar Moscovitz
c6faba670e
Add "Awesome Forensics" list by @Cugu.
Cugu's `awesome-forensics` because it emphasizes free (gratis) and
open-source tools. It contains numerous tools that are relevant to
pentesting but not directly in scope, such as The Sleuth Kit, etc.
2017-06-04 02:06:35 -04:00
Meitar Moscovitz
e09e827958
Add Praeda, a multi-function peripheral/printer data harvesting tool. 2017-05-23 02:12:15 -04:00
Samar Dhwoj Acharya
958913f3e8 update link for bella 2017-05-17 10:58:35 -05:00
Meitar Moscovitz
b18e4b2c52
Add SSH MITM. (The tool is an early release, but remarkably useful.) 2017-05-17 06:05:15 -04:00
Meitar Moscovitz
30fb77dc73
Add morpheus, a framework for automating complex ettercap filters. 2017-04-29 22:36:50 -04:00
Meitar Moscovitz
2a702ed329
Add Evilginx, recategorize wifiphisher under Social Engineering. 2017-04-27 08:17:27 -04:00
Meitar Moscovitz
abdab93bb7
Closes #123: Propose "Practice CTFs" link to already-existing resource. 2017-04-18 14:54:20 -04:00
Meitar Moscovitz
0e5987d22f
Add "Physical Access Tools" section with three example tools. 2017-04-14 19:10:36 -04:00
Meitar M
4479282832 Fix redsnarf link, remove duplicate Empire entry, recategorize ZAP. (#124) 2017-04-14 10:25:22 -05:00
Meitar M
94c4671eac Group OSINT collections (rather than tools) in their own section, add a new collection, fix link for HackThisSite.org. (#122)
* New section OSINT Resources for link-sites rather than actual tools.

This commit adds a new subsection under "Online Resources" called "OSInt
Resources" and moves a few entries from the "OSInt Tools" section there.
This is done because the OSInt Tools section has grown to expand entries
that are not actually tools, but rather lists/collections of other
tools. These OSINT resources are great, but are distinct from a single,
installable, or otherwise immediately-usable tools.

This commit also adds a new such resource, NetBoomcamp.org's listing of
OSINT tools and custom Web interfaces for some endpoints, like Facebook.

* Fix link to `HackThisSite.org`. (Should be `https://hackthissite.org/`.)
2017-04-13 19:20:24 -05:00
tarrenj
4464ded0e7 Additions (#121)
* Update README.md

Adds recon-ng to OSINT tools

* Update README.md

Adds zmap to Network Tools

* Revert "Update README.md"

This reverts commit 51dad977b2.

* Update README.md

Adds several things, moves Burp to Web Exploitation, removes LOIC

* Update README.md

Removes duplicate recon-ng entry in OSInt Tools.

* Update README.md

Adds more DoS tools

* Update README.md

Replaces LOIC at contributor request
2017-04-06 18:24:35 -05:00
Samar Dhwoj Acharya
62c302dce7 Merge branch 'master' into patch-1 2017-04-06 17:23:29 -05:00
tarrenj
97cd0e8556 Update README.md (#119)
* Update README.md

Adds recon-ng to OSINT tools

* Update README.md

Adds zmap to Network Tools

* Revert "Update README.md"

This reverts commit 51dad977b2.
2017-04-06 17:06:15 -05:00
Meitar M
4d4cb89049 Retitle "Crackers" to "Hash Cracking Tools" and add CeWL project. (#118) 2017-04-03 16:35:54 -05:00
Evan Lewis
c82c159160 Fixed broken metasploit link (#117)
* Fixed a dead link

404 error in Docker subsection regarding the docker-metasploit tool

* Fixed broken metasploit link

Changed docker-metasploit link (and thus author) due to a 404 error in the prior link
2017-03-13 23:25:26 -05:00
Meitar Moscovitz
bec64da1a5
Add Buscador, a Linux VM pre-configured for online investigators. 2017-03-13 21:59:15 -04:00
Meitar Moscovitz
67fedb4d30
CTF section: Add RsaCtfTool, improve description of Pwntools. 2017-03-11 02:01:03 -05:00
Meitar Moscovitz
502d1088a7
Add King Phisher, a phishing campaign toolkit and C2 interface. 2017-03-11 01:06:39 -05:00
Meitar Moscovitz
e3ba0632c5
Add wePWNise, Python tool to automate Windows/Office exploit mitigation. 2017-03-11 00:37:00 -05:00
pathetiq
3ddaa51f49 add hackfest conference 2017-03-10 10:11:27 -05:00
mnakamura1337
3bf62af601 Added "File Format Analysis Tools" section (+3 tools) 2017-03-03 09:52:59 +09:00
Meitar Moscovitz
6a14942a4e
Add tplmap, an automated SSTI exploitation tool in the style of SQLmap 2017-02-22 15:01:20 -05:00
Samar Dhwoj Acharya
964675a96f update appsecusa link 2017-02-20 12:38:33 -06:00
Meitar Moscovitz
f023bbfbcf
Add DataSploit. 2017-02-20 09:40:27 -05:00
SDGoodwin
88b6363b64 add OSINT-Framework to OSInt List (#107)
* add OSINT-Framework to OSInt List

adding OSINT-Framework (http://osintframework.com/) to OSInt List

* Update README.md
2017-02-17 16:21:23 -06:00
Alexandre ZANNI
41fa05e848 add OS online ressources (#102)
* add OS online ressources

* add distrowatch

* correct chcon deadlink for travis
2017-02-17 10:55:54 -06:00
coreb1t
7a6fdbf512 Awesome Pentest Cheat Sheets Added 2017-02-17 11:25:29 +01:00
coreb1t
952a3ad357 README.md - Commix Tool added 2017-02-17 11:16:52 +01:00
Samar Dhwoj Acharya
fbeb5542e1 Merge pull request #105 from meitar/master
Add GitTools, used for finding exposed source code for static analysis.
2017-02-16 10:24:07 -06:00
Meitar Moscovitz
6731cee4b2
Add GitTools, used for finding exposed source code for static analysis. 2017-02-16 01:39:01 -05:00
mnakamura1337
04a988c12f "Web exploitation" capitalization fix 2017-02-16 15:06:48 +09:00
Herman Slatman
3375b5e88b Add Bella for Mac OS 2017-02-11 22:00:27 +01:00
Samar Dhwoj Acharya
e2d8e1ea73
remove no longer working md5crack site closes #100 2017-02-11 11:01:19 -06:00
Emily
6af514de34 updated with a nice number of goodies
updated w some goodies; wpsploit, wordpress-exploit-framework, some OSITs, a DDoS tool... Enjoy!
2017-02-05 23:44:35 -07:00
Samar Dhwoj Acharya
dfbcc92c04 update link of exploitpack to github repo 2017-02-03 18:53:00 -06:00
Meitar M
b2df579401 Add PRET, a useful Python-based printer exploitation toolkit (#98) 2017-02-03 16:31:09 -06:00
Samar Dhwoj Acharya
b1ae5c113b remove unnecessary link 2017-02-01 20:33:58 -06:00
Emily
aeb0748c89 Update readme (#97)
I added the site XSS-payloads to 'Online Resources', 'Penetration Testing Resources'. It's a super dope site!
2017-02-01 20:32:50 -06:00
allthroughthenight
a7849331d8 Added dorking resources, removed duplicate Docker Kali (#96)
* added 'Defcon Suggested Reading' to books section https://www.defcon.org/html/links/book-list.html

* added Defcon Suggested Reading to Books https://www.defcon.org/html/links/book-list.html. Removed sections from old clone version

* re-added removed lines

* spelling fix

* added Vuls Vulnerability Scanner https://github.com/future-architect/vuls

* added Kali Linux Docker Image https://www.kali.org/news/official-kali-linux-docker-images/

* re-added owasp juice docker image

* Added dorkign resources, removed duplicate kali image

Added six new dorking links to OSInt Tools. Removed duplicate Kali docker image I added in previous pull request. Orignal link is better since it sources docker hub instead of Offensive Security

* Added dorkign resources, removed duplicate kali image

Added six new dorking links to OSInt Tools. Removed duplicate Kali docker image added in previous pull request. Orignal link is better since it sources docker hub instead of Offensive Security

* removed swap file
2017-01-31 10:42:49 -06:00
allthroughthenight
d345a9de35 Added Kali Linux Docker Image (#95) 2017-01-30 19:30:45 -06:00
allthroughthenight
3db9dabfb9 added Vuls Vulnerability Scanner (#94)
* added 'Defcon Suggested Reading' to books section https://www.defcon.org/html/links/book-list.html

* added Defcon Suggested Reading to Books https://www.defcon.org/html/links/book-list.html. Removed sections from old clone version

* re-added removed lines

* spelling fix

* added Vuls Vulnerability Scanner https://github.com/future-architect/vuls
2017-01-29 23:53:13 -06:00
Samar Dhwoj Acharya
b4ee5cced5 update wireshark book link and remove invalid link 2017-01-29 00:32:57 -06:00
allthroughthenight
df39b4d7f9 Added 'Defcon Suggested Reading' to books section https://www.defcon.org/html/links/book-list.html (#93)
* added 'Defcon Suggested Reading' to books section https://www.defcon.org/html/links/book-list.html

* added Defcon Suggested Reading to Books https://www.defcon.org/html/links/book-list.html. Removed sections from old clone version

* re-added removed lines

* spelling fix
2017-01-29 00:21:39 -06:00
Constandinos
83963337e7 Added Fedora Security Labs in pentest distributions 2017-01-11 11:13:26 +02:00
Meitar Moscovitz
3e48af9f9d
Add Bloodhound, a graphical AD trust relationship explorer. 2016-12-31 10:26:30 -05:00
Björn Kimminich
cb410ad88a Add OWASP Juice Shop
to list of Docker images for Pentesters
2016-12-27 09:49:03 +01:00
Samar Dhwoj Acharya
002aab1200 Merge branch 'master' into patch-1 2016-12-26 23:26:13 -06:00
Samar Dhwoj Acharya
4ad6d72622 Merge pull request #80 from filinpavel/patch-1
added link to vulners security database
2016-12-26 15:07:26 -06:00
Samar Dhwoj Acharya
ca3664eeff Merge pull request #84 from filinpavel/patch-2
Update README.md
2016-12-26 15:03:05 -06:00
Samar Dhwoj Acharya
b51a71af91 Merge pull request #89 from binarymist/conferences-upstream
Added CHCon to conferences.
2016-12-26 14:48:55 -06:00
Samar Dhwoj Acharya
e51200ca07 Merge pull request #88 from binarymist/docker-upstream
Added NodeGoat docker image.
2016-12-26 14:47:43 -06:00
Samar Dhwoj Acharya
3728ee0d16 add category on toc 2016-12-26 14:46:03 -06:00
Kim Carter
d70f6a28cc Added CHCon to conferences. 2016-12-26 17:42:29 +13:00
Kim Carter
d695106b08 Added NodeGoat docker image. 2016-12-26 16:27:52 +13:00
Kim Carter
4b7b30cb3f Added Holistic Info-Sec for Web Developers. 2016-12-26 16:19:34 +13:00
filinpavel
9071bfa7c4 Update README.md
added dnSpy to Reverse Engineering Tools section
2016-12-08 11:19:32 +07:00
filinpavel
f8fcd21a00 Update README.md
added ENISA Cyber Security Training material to Secutity Courses
2016-12-07 12:51:07 +07:00
Emily
f4af181f58 Update README.md
some additions I thought would fit well
2016-12-03 02:34:38 -07:00
Meitar Moscovitz
ee2252886d
Add Spiderfoot to OSINT section. 2016-11-26 22:05:29 -05:00
filinpavel
b47cf55677 added link to vulners security database 2016-11-23 16:45:34 +07:00