A collection of awesome penetration testing resources, tools and other shiny things
Go to file
Nick Raienko 635ad76563 Fix typo
2014-08-05 00:05:04 +03:00
README.md Fix typo 2014-08-05 00:05:04 +03:00

Awesome Penetration Testing

A collection of awesome penetration testing resources, tools, confs, books, magazines and other shiny things.

Resources

Penetration Testing

Social Engineering

Tools

Penetration Testing

  • Kali - A Linux distribution designed for digital forensics and penetration testing.
  • Metasploit - World's most used penetration testing software.

Vulnerability Scanners

  • Nexpose - Vulnerability Management & Risk Management Software.
  • Nessus - Vulnerability, configuration, and compliance assessment.
  • OpenVAS - Open Source vulnerability scanner and manager.
  • w3af - Web application attack and audit framework.

Networks tools

  • nmap - Free Security Scanner For Network Exploration & Security Audits.
  • tcpdump/libpcap - A common packet analyzer that runs under the command line.
  • Wireshark - A network protocol analyzer for Unix and Windows.
  • Network Tools - Different network tools: pink, lookup, whois, etc.

Hex editors

Windows utils

DDoS

  • LOIC - An open source network stress tool for Windows.
  • JS LOIC - JavaScript in-browser version of LOIC.

Social Engineering

  • SET - The Social-Engineer Toolkit from TrustedSec

Anonimity

  • Tor - The free software for enabling onion routing online anonymity.
  • I2P - The Invisible Internet Project

Reverse Engineering

  • IDA Pro - A Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger.
  • WDK/WinDbg - Windows Driver Kit and WinDbg.
  • OllyDbg - An x86 debugger that emphasizes binary code analysis

Conferences

  • DEF CON - An annual hacker convention in Las Vegas.
  • Black Hat - An annual security conference in Las Vegas.
  • BSides - A framework for organising and holding security conferences.
  • CCC - An annual meeting of the international hacker scene in Germany.
  • DerbyCon - An annual hacker conference based in Louisville.
  • PhreakNIC - A technology conference held annually in middle Tennessee.
  • ShmooCon - An annual US east coast hacker convention.
  • CarolinaCon - An infosec conference, held annually in North Carolina.
  • HOPE - A conference series sponsored by the hacker magazine 2600.
  • SummerCon - One of the oldest hacker conventions, held during Summer.
  • Hack.lu - An annual conference held in Luxembourg.
  • HITB - Deep-knowledge security conference held in Malaysia and The Netherlands.
  • Troopers - Annual international IT Security event with workshops held in Heidelberg, Germany.
  • Hack3rCon - An annual US hacker conference.
  • ThotCon - An annual US hacker conference held in Chicago.
  • LayerOne - An annual US security conerence held every spring in Los Angeles.
  • DeepSec - Security Conference in Vienna, Austria.
  • SkyDogCon - A technology conference in Nashville.

Books

Penetration Testing

Hacker's Handbook series

Network Analysis

Reverse Engineering

Malware Analysis

Windows

Social Engineering

Magazines

  • 2600: The Hacker Quarterly - An American publication about technology and computer "underground".
  • Hakin9 - A Polish online, weekly publication on IT Security.

Contribution

Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕)

License

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.