mirror of
https://github.com/The-Art-of-Hacking/h4cker.git
synced 2024-10-01 01:25:43 -04:00
23 KiB
23 KiB
Latest Cool Tools
The following are a collection of recently-released pen test tools. I update this list every time that there is a new post and when I find a new one around the Internet. The rest of the repository has hundreds of additional cybersecurity and pen test tools.
- VulnWhisperer - Create Actionable Data From Your Vulnerability Scans
- Dockernymous - A Script Used To Create A Whonix Like Gateway/Workstation Environment With Docker Containers
- HiddenEye - Modern Phishing Tool With Advanced Functionality (Android-Support-Available)
- SUDO_KILLER - A Tool To Identify And Exploit Sudo Rules Misconfigurations And Vulnerabilities Within Sudo
- Hvazard - Remove Short Passwords & Duplicates, Change Lowercase To Uppercase & Reverse, Combine Wordlists!
- GitGot - Semi-automated, Feedback-Driven Tool To Rapidly Search Through Troves Of Public Data On GitHub For Sensitive Secrets
- Git-Hound - Find Exposed Keys Across GitHub Using Code Search Keywords
- Parrot Security 4.7 - Security GNU/Linux Distribution Designed with Cloud Pentesting and IoT Security in Mind
- Kali NetHunter App Store - The New Android Store Dedicated to Free Security Apps
- Userrecon v1.1.0 - Recognition Usernames In 187 Social Networks
- Brute_Force - BruteForce Gmail, Hotmail, Twitter, Facebook & Netflix
- Detect It Easy - Program For Determining Types Of Files For Windows, Linux And MacOS
- Shellsum - A Defense Tool - Detect Web Shells In Local Directories Via Md5Sum
- RedGhost v2.0 - Linux Post Exploitation Framework Designed To Assist Red Teams In Gaining Persistence, Reconnaissance And Leaving No Trace
- UACME - Defeating Windows User Account Control
- JShielder v2.4 - Hardening Script For Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark G
- Project iKy v2.0.0 - Tool That Collects Information From An Email And Shows Results In A Nice Visual Interface
- Passpie - Multiplatform Command-Line Password Manager
- PasteHunter - Scanning Pastebin With Yara Rules
- Pown-Duct - Essential Tool For Finding Blind Injection Attacks
- Dwarf - Full Featured Multi Arch/Os Debugger Built On Top Of PyQt5 And Frida
- Ghostfuscator - The Python Password-Protected Obfuscator Using AES Encryption
- Objection v1.6.6 - Runtime Mobile Exploration
- Commando VM v1.3 - The First Full Windows-based Penetration Testing Virtual Machine Distribution
- Findomain - A Cross-Platform Tool That Use Certificate Transparency Logs To Find Subdomains
- Echidna - Ethereum Fuzz Testing Framework
- Cloud Security Audit - A Command Line Security Audit Tool For Amazon Web Services
- WinObjEx64 - Windows Object Explorer 64-Bit
- Regipy - An OS Independent Python Library For Parsing Offline Registry Hives
- Rifiuti2 - Windows Recycle Bin Analyser
- Linux-Smart-Enumeration - Linux Enumeration Tool For Pentesting And CTFs With Verbosity Levels
- Whonix v15 - Anonymous Operating System
- SneakyEXE - Embedding "UAC-Bypassing" Function Into Your Custom Payload
- NetSet - Operational Security Utility And Automator
- DarkScrape - OSINT Tool For Scraping Dark Websites
- Youzer - Fake User Generator For Active Directory Environments
- Rock-ON - An All In One Recon Tool That Will Just Get A Single Entry Of The Domain Name And Do All Of The Work Alone
- Wesng - Windows Exploit Suggester
- Fbchecker - Facebook Mass Account Checker
- Slackor - A Golang Implant That Uses Slack As A Command And Control Server
- Hash-Identifier - Software To Identify The Different Types Of Hashes Used To Encrypt Data And Especially Passwords
- MIG - Distributed And Real Time Digital Forensics At The Speed Of The Cloud
- Icebox - Virtual Machine Introspection, Tracing & Debugging
- SQLMap v1.3.7 - Automatic SQL Injection And Database Takeover Tool
- Sherlock - Find Usernames Across Social Networks
- 0xsp-Mongoose - Privilege Escalation Enumeration Toolkit (ELF 64/32), Fast, Intelligent Enumeration With Web API Integration
- Lst2X64Dbg - Extract labels from IDA .lst or Ghidra .csv file and export x64dbg database
- Spyse.Py - Python API Wrapper And Command-Line Client For The Tools Hosted On Spyse.Com
- PTF v2.3 - The Penetration Testers Framework Is A Way For Modular Support For Up-To-Date Tools
- Scapy - The Python-based Interactive Packet Manipulation Program & Library
- TwitterShadowBan - Twitter Shadowban Tests
- PivotSuite - A Network Pivoting Toolkit
- Lynis 2.7.5 - Security Auditing Tool for Unix/Linux Systems
- Project iKy - Tool That Collects Information From An Email And Shows Results In A Nice Visual Interface
- Getwin - FUD Win32 Payload Generator And Listener
- Seccubus - Easy Automated Vulnerability Scanning, Reporting And Analysis
- Terminus - A Terminal For A More Modern Age
- Quarantyne - Modern Web Firewall: Stop Account Takeovers, Weak Passwords, Cloud IPs, DoS Attacks, Disposable Emails
- Prithvi - Report Generation Tool
- Kippo - SSH Honeypot
- Konan - Advanced Web Application Dir Scanner
- Seth - Perform A MitM Attack And Extract Clear Text Credentials From RDP Connections
- Rdpscan - A Quick Scanner For The CVE-2019-0708 "BlueKeep" Vulnerability
- DNSlivery - Easy Files And Payloads Delivery Over DNS
- GhostSquadHackers - Encrypt/Encode Your Javascript Code
- BackBox Linux 6.0 - Ubuntu-based Linux Distribution Penetration Test and Security Assessment
- URLextractor - Information Gathering and Website Reconnaissance
- MozDef - Mozilla Enterprise Defense Platform
- Sliver - Implant Framework
- Simplify - Generic Android Deobfuscator
- BoomER - Framework For Exploiting Local Vulnerabilities
- WhatBreach - OSINT Tool To Find Breached Emails And Databases
- BlueGhost - A Network Tool Designed To Assist Blue Teams In Banning Attackers From Linux Servers
- Vxscan - Comprehensive Scanning Tool
- RedGhost - Linux Post Exploitation Framework Designed To Gain Persistence And Reconnaissance And Leave No Trace
- One-Lin3r v2.0 - Gives You One-Liners That Aids In Penetration Testing Operations, Privilege Escalation And More
- Tourmaline - Telegram Bot Framework For Crystal
- VulnX v1.7 - An Intelligent Bot Auto Shell Injector That Detect Vulnerabilities In Multiple Types Of CMS
- Cryptr - A Simple Shell Utility For Encrypting And Decrypting Files Using OpenSSL
- Amass - In-depth DNS Enumeration And Network Mapping
- Userrecon-Py - Find Usernames In Social Networks
- Metabigor - Command Line Search Engines Without Any API Key
- autoPwn - Automate Repetitive Tasks For Fuzzing
- Finshir - A Coroutines-Driven Low And Slow Traffic Sender, Written In Rust
- Facebash - Facebook Brute Forcer In Shellscript Using TOR
- Vthunting - A Tiny Script Used To Generate Report About VirusTotal Hunting And Send It By Email, Slack Or Telegram
- Python-Iocextract - Advanced Indicator Of Compromise (IOC) Extractor
- PcapXray v2.5 - A Network Forensics Tool To Visualize A Packet Capture Offline As A Network Diagram
- ANDRAX v3 - The First And Unique Penetration Testing Platform For Android Smartphones
- Vulners Scanner for Android - Passive Vulnerability Scanning Based On Software Version Fingerprint
- ripVT - Virus Total API Maltego Transform Set For Canari
- ReverseTCPShell - PowerShell ReverseTCP Shell, Client & Server
- GhostDelivery - This Tool Creates A Obfuscated .vbs Script To Download A Payload Hosted On A Server To %TEMP% Directory, Execute Payload And Gain Persistence
- H8Mail v2.0 - Email OSINT And Password Breach Hunting
- PhoneSploit v1.2 - Using Open Adb Ports We Can Exploit A Andriod Device
- Zydra - File Password Recovery Tool And Linux Shadow File Cracker
- Recsech - Tool For Doing Footprinting And Reconnaissance On The Target Web
- LiveHiddenCamera - Library Which Record Live Video And Audio From Android Device Without Displaying A Preview
- Shellphish - Phishing Tool For 18 Social Media (Instagram, Facebook, Snapchat, Github, Twitter...)
- TOR Router - A Tool That Allow You To Make TOR Your Default Gateway And Send All Internet Connections Under TOR
- Userrecon - Find Usernames Across Over 75 Social Networks
- WhatWeb v0.5.0 - Next Generation Web Scanner
- Faraday v3.8 - Collaborative Penetration Test and Vulnerability Management Platform
- RecScanSec - Reconnaisance Scanner Security
- Crashcast-Exploit - This Tool Allows You Mass Play Any YouTube Video With Chromecasts Obtained From Shodan.io
- Tool-X - A Kali Linux Hacking Tool Installer
- SQLMap v1.3 - Automatic SQL Injection And Database Takeover Tool
- Stretcher - Tool Designed To Help Identify Open Elasticsearch Servers That Are Exposing Sensitive Information
- Aztarna - A Footprinting Tool For Robots
- Hediye - Hash Generator & Cracker Online Offline
- Killcast - Manipulate Chromecast Devices In Your Network
- bypass-firewalls-by-DNS-history - Firewall Bypass Script Based On DNS History Records
- WiFi-Pumpkin v0.8.7 - Framework for Rogue Wi-Fi Access Point Attack
- H8Mail - Email OSINT And Password Breach Hunting
- Kube-Hunter - Hunt For Security Weaknesses In Kubernetes Clusters
- Metasploit 5.0 - The World’s Most Used Penetration Testing Framework
- Interlace - Easily Turn Single Threaded Command Line Applications Into Fast, Multi Threaded Ones With CIDR And Glob Support
- Twifo-Cli - Get User Information Of A Twitter User
- Sitadel - Web Application Security Scanner
- Pe-Sieve - Recognizes And Dumps A Variety Of Potentially Malicious Implants (Replaced/Injected PEs, Shellcodes, Hooks, In-Memory Patches)
- Malboxes - Builds Malware Analysis Windows VMs So That You Don'T Have To
- Snyk - CLI And Build-Time Tool To Find & Fix Known Vulnerabilities In Open-Source Dependencies
- Shed - .NET Runtime Inspector
- Stardox - Github Stargazers Information Gathering Tool
- Commix v2.7 - Automated All-in-One OS Command Injection And Exploitation Tool
- AutoSploit v3.0 - Automated Mass Exploiter
- Faraday v3.5 - Collaborative Penetration Test and Vulnerability Management Platform
- Recaf - A Modern Java Bytecode Editor
- dnSpy - .NET Debugger And Assembly Editor