A collection of awesome penetration testing resources, tools and other shiny things
Go to file
2014-08-05 02:51:27 +03:00
README.md Add sectools list 2014-08-05 02:51:27 +03:00

Awesome Penetration Testing

A collection of awesome penetration testing resources, tools, books, , confs, magazines and other shiny things.

Online Resources

Penetration Testing Resources

Social Engineering Resources

Tools

Penetration Testing Tools

  • Kali - A Linux distribution designed for digital forensics and penetration testing.
  • Metasploit - World's most used penetration testing software.
  • Burp - An integrated platform for performing security testing of web applications.

Vulnerability Scanners

  • Nexpose - Vulnerability Management & Risk Management Software.
  • Nessus - Vulnerability, configuration, and compliance assessment.
  • OpenVAS - Open Source vulnerability scanner and manager.
  • w3af - Web application attack and audit framework.

Networks Tools

  • nmap - Free Security Scanner For Network Exploration & Security Audits.
  • tcpdump/libpcap - A common packet analyzer that runs under the command line.
  • Wireshark - A network protocol analyzer for Unix and Windows.
  • Network Tools - Different network tools: pink, lookup, whois, etc.

Hex Editors

Windows Utils

DDoS Tools

  • LOIC - An open source network stress tool for Windows.
  • JS LOIC - JavaScript in-browser version of LOIC.

Social Engineering Tools

  • SET - The Social-Engineer Toolkit from TrustedSec

Anonimity Tools

  • Tor - The free software for enabling onion routing online anonymity.
  • I2P - The Invisible Internet Project

Reverse Engineering Tools

  • IDA Pro - A Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger.
  • WDK/WinDbg - Windows Driver Kit and WinDbg.
  • OllyDbg - An x86 debugger that emphasizes binary code analysis

Books

Penetration Testing Books

Hackers Handbook Series

Network Analysis Books

Reverse Engineering Books

Malware Analysis Books

Windows Books

Social Engineering Books

Lock Picking

Information Security Conferences

  • DEF CON - An annual hacker convention in Las Vegas.
  • Black Hat - An annual security conference in Las Vegas.
  • BSides - A framework for organising and holding security conferences.
  • CCC - An annual meeting of the international hacker scene in Germany.
  • DerbyCon - An annual hacker conference based in Louisville.
  • PhreakNIC - A technology conference held annually in middle Tennessee.
  • ShmooCon - An annual US east coast hacker convention.
  • CarolinaCon - An infosec conference, held annually in North Carolina.
  • HOPE - A conference series sponsored by the hacker magazine 2600.
  • SummerCon - One of the oldest hacker conventions, held during Summer.
  • Hack.lu - An annual conference held in Luxembourg.
  • HITB - Deep-knowledge security conference held in Malaysia and The Netherlands.
  • Troopers - Annual international IT Security event with workshops held in Heidelberg, Germany.
  • Hack3rCon - An annual US hacker conference.
  • ThotCon - An annual US hacker conference held in Chicago.
  • LayerOne - An annual US security conerence held every spring in Los Angeles.
  • DeepSec - Security Conference in Vienna, Austria.
  • SkyDogCon - A technology conference in Nashville.

Information Security Magazines

  • 2600: The Hacker Quarterly - An American publication about technology and computer "underground".
  • Hakin9 - A Polish online, weekly publication on IT Security.

Awesome Lists

Contribution

Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕)

License

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.