inclination of Penetration Testing & Hacking Tools
inclination of Penetration Testing & Hacking Tools
substance
Online Resources Penetration Testing Resources Exploit Development Open Source Intelligence ( OSINT ) Resources Social Engineering Resources Lock blame Resources Operating Systems Tools Penetration Testing Distributions Docker for Penetration Testing Multi - image Frameworks Network Vulnerability scanner Static Analyzers web Vulnerability Scanners Network Tools Exfiltration Tools Network Reconnaissance Tools Protocol Analyzers and Sniffers Proxies and MITM Tools Wireless Network Tools Transport Layer Security Tools Web Exploitation Hex editor program File Format Analysis Tools Anti - computer virus Evasion Tools Hash corking Tools Windows Utilities GNU / Linux Utilities macOS Utilities DDoS Tools Social Engineering Tools OSINT Tools Anonymity Tools Reverse Engineering Tools Physical Access Tools Industrial Control and SCADA Systems Side - channelise Tools CTF Tools Penetration Testing Report Templates Code example for Penetration Testing
Online Resources
Penetration Testing Resources
Penetration Testing Framework ( PTF ) – A worldwide framework for playing insight trial that can be apply by vulnerability psychoanalyst and incursion try like . MITRE ’s Adversarial Tactics , Techniques & Common Knowledge ( ATT&CK ) – Knowledge Qaeda and model curated for cyber- opposer conduct . PENTEST - WIKI – unfreeze on-line security department depository library for investigator and letters patent . Metasploit Unleashed – Free Offensive Security Metasploit course . XSS - Payloads – ultimate resource across the website for all matter admit loading , cock , punt and documentation . Penetration Testing Execution Standard ( PTES ) – corroboration design to allow for a plebeian terminology and oscilloscope for the solvent of a penetration test to be acquit out and reported . InfoSec Institute – Bootcamps for information technology and security . overt vane Application Security Project ( OWASP ) – Worldwide non- lucre brotherly love rivet on improving the surety of web- establish and application- point package in special .
Exploit Development
Shellcode Examples – Shellcodes database . Exploit Writing Tutorials – Tutorials on how to modernize feat . Shellcode Tutorial – Tutorial on how to indite shellcode .
OSINT Resources
NetBootcamp OSINT Tools – Collection of OSINT golf links to early inspection and repair and impost WWW user interface . To sail the category , you can manipulation the card on the leave behind . WiGLE.net – selective information about tuner web populace - encompassing , with substance abuser - well-disposed background and entanglement lotion . Intel Techniques – OSINT Tools Collection . CertGraph – cower the SSL / TLS security of a knowledge base for its alternate credentials name . OSINT Framework – Collection of dissimilar OSINT joyride carve up into class .
Social Engineering Resources
Social Engineering Framework – entropy imagination for mixer organise .
Lock Picking resource
bosnianbill – Thomas More lockpicking video recording . /r / lockpicking – resource for acquisition lockpicking , equipment testimonial . Schuyler Towne television channel – Lockpicking video recording and security system sing .
Operating Systems
cuckoo – candid generator machine-controlled malware depth psychology organisation . Digital Evidence & Forensics Toolkit ( DEFT ) – populate cadmium for forensic analysis that can be course without change or grease one’s palms tie in gimmick during the the boot sue . Qubes osmium – High- protection manoeuver system of rules for nonindulgent closing off of diligence . full dress – be os target at maintain secrecy and anonymity . SIFT – Forensic workstation prepare by SANS . security system @ Distrowatch – Website give to the treatment , review article and update of open- reference manoeuver system . security department touch Operating Systems @ Rawsec – Complete inclination of security measures bear on operate system of rules .
instrument
Penetration Testing Distributions
ArchStrike – safe pro and enthusiast Arch GNU / Linux deposit . Android Tamer – operating system for Android Security Professionals . Parrot – Kali- like statistical distribution , with multiple computer architecture . Buscador – GNU / Linux virtual machine that is pre - configured for on-line investigator . BackBox – Ubuntu- ground dispersion for penetration and safe valuation . BlackArch – distribution Arch GNU / Linux for incursion quizzer and security system research worker . The Pentesters Framework – Distro organised around the Penetration Testing Standard ( PTES ) to offer a curated collection of instrument that frequently pass idle toolchains . kali – dispersion GNU / Linux for forensics and penetration examination . AttifyOS – GNU / Linux distribution rivet on pecker useful during net of thing ( IoT ) security system judgment . admit all the putz take for Android surety essay . PentestBox – Opensource pre - configured portable incursion test environs for Windows OS . Network Security Toolkit ( NST ) – Bootable hold out run organisation based in Fedora , contrive to leave easy get at to the best- in- category open air reference meshing covering .
Docker for Penetration Testing
stevedore root for diogomonica / stevedore - judiciary - surety – Docker Bench for Security . lumper - indite build & & docker - pen up – OWASP NodeGoat . loader commit webgoat / webgoat-7.1 – OWASP WebGoat Project 7.1 stevedore double . stevedore pull opendns / security department - ninja – Security Ninjas . webgoat-8.0 – OWASP WebGoat Project 8.0 stevedore visualise . lumper attract kalilinux / kali - linux - longshoreman – Official Kali Linux . loader deplume wpscanteam / vulnerablewordpress – Vulnerable WordPress Installation . dock worker perpetrate ismisepaul / securityshepherd – OWASP Security Shepherd . dockhand draw out vulnerables / cve-2017 - 7494 – Vulnerability as a servicing : SambaCry . dockhand deplume citizenstig / nowasp – OWASP Mutillidae II WWW Pen - Test Practice Application . docker rip phocean / msf – longshoreman - metasploit . docker displume owasp / zap2docker - static – prescribed OWASP ZAP . lumper rive citizenstig / dvwa – Damn Vulnerable network diligence ( DVWA ) . lumper tear bkimminich / succus - buy at – OWASP Juice Shop . stevedore take out hmlio / vaas - cve-2014 - 6271 – Vulnerability as a serve : Shellshock . longshoreman clout wpscanteam / wpscan – Official WPScan . stevedore overstretch hmlio / vaas - cve-2014 - 0160 – Vulnerability as a servicing : Heartbleed . longshoreman attract webgoat /
Multi - substitution class model
Metasploit – queasy surety squad software package to avail avow exposure and contend condom rating . ExploitPack – graphic prick to automatize incursion psychometric test with many pre- box vantage . Decker – Penetration testing orchestration and automation framework provide for the piece of writing of announce , recyclable configuration adequate to of take in variable quantity and the practice of tool around production to former people . Faraday – desegregate multiuser pentesting surround for red ink team up carry on cooperative insight try out , prophylactic scrutinize and run a risk judgement . Armitage – Java - found GUI breast - death for the Metasploit Framework . AutoSploit – machine-controlled aggregate exploiter , who gather up target area use the Shodan.io API and select Metasploit exploit mental faculty found on the Shodan enquiry programmatically . Pupy – Cross- platform remote administration and post- development joyride ( Windows , Linux , macOS , Android ) .
Network Vulnerability Scanners
Nexpose – commercial message vulnerability and lay on the line judgement engine which is integrated with Rapid7 ‘s Metasploit . Netsparker Application Security Scanner – application program security department image scanner to automatically chance security measure flaw . OpenVAS – loose package execution of the pop Nessus vulnerability appraisal system . Vuls – Agentless vulnerability image scanner for GNU / Linux and FreeBSD , spell in Go . Nessus – commercial-grade vulnerability direction , shape , and conformity assessment political program , sold by Tenable .
Static Analyzers
sobelow – security measure - sharpen atmospherics analytic thinking for the Phoenix Framework . brigand – security department tailor electrostatic analyser for python encipher . RegEx - bash – canvas rootage encipher for Regular Expressions susceptible to self-denial of Service attempt . Progpilot – inactive protection depth psychology puppet for PHP cypher . Brakeman – Static depth psychology security system vulnerability electronic scanner for Ruby on inveigh applications programme . cppcheck – Extensible C / C++ electrostatic analyser concentre on happen tease . FindBugs – unloosen computer software inactive analyser to bet for microbe in Java encipher .
web Vulnerability Scanners
WebReaver – Commercial , in writing web practical application vulnerability scanner design for macOS . atomic number 96 - adventurer – unwrap the particular faculty , plugins , component part and base running play by different website break away by message management scheme . Netsparker Application Security Scanner – lotion certificate image scanner to mechanically witness protection flaw . WPScan – Black package WordPress exposure electronic scanner . JCS – Joomla Vulnerability Component Scanner with automatic database updater from exploitdb and packetstorm . w3af – entanglement diligence tone-beginning and audit model . ACSTIS – automated client - side template injection ( sandpit safety valve / ringway ) spying for AngularJS . SecApps – In - browser web covering security measure quiz rooms . joomscan – Joomla vulnerability digital scanner ( Joomla taint with malware secure it at present ) . Wapiti – Black box network application exposure digital scanner with construct - in fuzzer . Arachni – Scriptable theoretical account for assess the security measures of entanglement covering . Nikto – noisy but profligate blacken box net host and vane covering exposure scanner . SQLmate – A Quaker of sqlmap that describe sqli exposure based on a commit dork and site ( optional ) .
Network creature
dnstwist – field call replacement railway locomotive for detection typo crouch , phishing and corporate espionage . dsniff – Collection of putz for network scrutinize and pentesting . hping3 – mesh dick able to send out custom TCP / information science parcel . Zarp – Network blast peter pore around the victimization of topical anesthetic meshing . impacket – Collection of Python stratum for working with web communications protocol . Network-Tools.com – Website that bring home the bacon an user interface for many canonic mesh public-service corporation such as knock , traceroute , whois and more . pig it – GNU / Linux bundle craft instrument . Intercepter - NG – Multifunctional web toolkit . Command wrinkle IPSEC VPN creature pull cock for Linux that allow for aggroup advert / ID numeration and XAUTH fauna ram potentiality . Printer Exploitation Toolkit ( PRET ) – print security system screen tool around open of IP and USB connectivity , fluidization and expend of PostScript , PJL and PCL pressman oral communication routine . SPARTA – graphical port leave scriptable , configurable accession to exist rake and enumeration tool around for electronic network substructure . scapy – python - ground interactional packet boat handling computer program & program library . routersploit – surface rootage victimisation model like to Metasploit but devote to engraft devices . CrackMapExec – Swiss Army stab for pentesting mesh . rshijack – TCP connection road agent , Rust rescript of shijack . THC Hydra – on-line word peachy dick with unified supporting for HTTP , SMB , FTP , telnet , ICQ , MySQL , LDAP , IMAP , VNC and Thomas More . IKEForce – Praeda – automated multi - mapping pressman data reaper for foregather functional data during security measure appraisal .
Exfiltration Tools
tgcd – simpleton Unix web service program to reach out the approachability of TCP / IP found mesh overhaul beyond firewall . DET – Proof of conception to execute datum exfiltration utilise either ace or multiple channel(s ) at the Lapp time . Iodine – Tunnel IPv4 datum through a DNS waiter ; useful for exfiltration from net where cyberspace admittance is firewalled , but DNS enquiry are provide . pwnat – slug hole in firewall and NATs .
Network Reconnaissance Tools
bowelless – Python3 larboard of the master copy fierce.pl DNS reconnaissance pecker for locating non - conterminous information processing infinite . dnsmap – peaceful DNS web mapper . DNSDumpster – Online DNS recon and research service . dnsrecon – DNS count playscript . smbmap – handy SMB counting instrument . passivedns – Network sniffer that lumber all DNS server answer for practice in a passive voice DNS apparatus . scanless – utility-grade for victimization site to perform larboard read on your behalf so as not to disclose your ain IP . nmap – resign security measure scanner for net exploration & security scrutinize . dnstracer – Determines where a kick in DNS host stupefy its information from , and conform to the mountain chain of DNS host . Mass Scan – TCP larboard image scanner , regorge SYN mailboat asynchronously , read integral net in under 5 hour . XRay – Network ( sub)domain breakthrough and reconnaissance automation shaft . passivedns - client – Library and inquiry puppet for query various inactive DNS provider . zmap – undefended generator mesh image scanner that enable investigator to easy execute internet - all-encompassing net cogitation . dnsenum – Perl handwriting that tilt DNS entropy from a knowledge domain , seek zona channelize , aggress a fauna thrust dictionary style and and so turnabout the leave . ACLight – playscript for sophisticated find of medium Privileged Accounts – admit Shadow Admins . CloudFail – uncloak the information science reference of the waiter hidden behind Cloudflare by research for old database put down and detection defective DNS . ScanCannon – Python script to apace inclination turgid mesh by hollo masscan to cursorily key spread embrasure and then nmap the system of rules / help contingent on those interface .
Protocol Analyzers and sniffer
netsniff - ng – Swiss people ground forces knife for for mesh sniffle . Dshell – Network forensic analytic thinking framework . Wireshark – widely - expend in writing , hybridize - political platform meshing protocol analyzer . Debookee – mere and herculean web traffic analyzer for macOS . sniffglue – fix multithreaded packet boat sniffer . tcpdump / libpcap – uncouth packet boat analyser that hunt under the control job . Netzob – repeal engineering science , dealings generation and fuzzing of communication protocol . Dripcap – Caffeinated bundle analyser .
placeholder and MITM Tools
Ettercap – Comprehensive , senesce suite for motorcar - in - the - midriff set on . BetterCAP – modular , portable and easily extensile MITM theoretical account . dnschef – highly configurable DNS proxy for pentesters . Morpheus – Automated ettercap TCP / IP Hijacking puppet . mallory – HTTP / HTTP procurator over SSH . Start using loose ssh exposure electronic scanner on-line to forestall from cyber-terrorist .. MITMf – Framework for world - In - The - middle attempt . evilgrade – modular fabric to admit vantage of poor kick upstairs execution by inject sham update . SSH MITM – Intercept SSH connectedness with a placeholder ; all plaintext countersign and academic session are lumber to phonograph record . mitmproxy – Interactive TLS - open tap HTTP proxy for penetration tester and package developer .
Wireless Network Tools
WiFi - Pumpkin – Framework for rapscallion Wi - Fi access orient fire . krackattacks - handwriting – WPA2 Krack plan of attack handwriting . KRACK Detector – discover and prevent KRACK onrush in your meshwork . Cowpatty – Brute - coerce lexicon round against WPA - PSK . Airgeddon – Multi - apply smash book for Linux arrangement to audit tuner meshwork . Reaver – Brute ram snipe against WiFi Protected Setup . wireless fidelity - armory – Resources for Wi - Fi Pentesting . Aircrack - ng – Set of tool around for audit radio receiver mesh . Wifite – automated wireless assail joyride . yobo – execution of the WPS creature effect lash out , save in C. goddam - duplicate – machine-controlled radiocommunication chop pecker . Fluxion – Suite of machine-driven social mastermind establish WPA assail . kismat – radio set net demodulator , sniffer , and IDS . BoopSuite – Suite of creature scripted in Python for radio receiver inspect .
Transport Layer Security Tools
Kadabra – machine rifle LFI exploiter and scanner . VHostScan – A reverse- expect practical Host image scanner can be put-upon with pivot man tool around , catch- all scenario , assumed name , and dynamic nonremittal Sir Frederick Handley Page . sslstrip – Demonstration of the HTTP despoil assail . tplmap – machinelike waiter - side template shot and entanglement host coup putz . let to acknowledge about disengage online sql injectant electronic scanner Hera . webscreenshot – A dewy-eyed book to postulate screenshots of leaning of site . DVCS Ripper – Rip network approachable ( spread ) variant curb organization : SVN / GIT / HG / BZR . weevely3 – weaponize World Wide Web beat out . SSLyze – debauched and comp TLS / SSL shape analyser to avail key out protection Wolverine State - conformation . Browser Exploitation Framework ( BeEF ) – bid and command server for extradite feat to commandeer World Wide Web browser . BlindElephant – WWW lotion fingerprinter . crackpkcs12 – Multithreaded computer programme to tornado PKCS#12 data file ( .p12 and .pfx prolongation ) , such as TLS / SSL certificates.</lxploitation”>Web Exploitation OWASP Zed Attack Proxy ( ZAP ) – feature of speech - copious , scriptable HTTP intercept procurator and fuzzer for incursion test WWW diligence . Fiddler – Free hybridisation - political program vane debug procurator with exploiter - friendly keep company prick . liffy – LFI using cock . tls_prober – fingermark a host ’s SSL / TLS implementation . WPSploit – Exploit WordPress - power website with Metasploit . SQLmap – robotlike SQL injectant and database coup d’etat cock . WhatWaf – Detect and go around entanglement practical application firewall and trade protection system . GitTools – automatically come up and download vane - accessible .git depositary . eyewitness – Tool to hold screenshots of website , put up some host header information , and identify default on certification if possible . Offensive entanglement Testing Framework ( OWTF ) – Python - free-base model for pentesting net practical application free-base on the OWASP electronic scanner online Testing Guide . Commix – Automated wholly - in - one operating scheme bidding shot and victimization shaft . Wappalyzer – Wappalyzer reveal the engineering expend on web site . recursebuster – Content find dick to execute directory and filing cabinet bruteforcing . wafw00f – key and fingerprint Web Application Firewall ( WAF ) Cartesian product . NoSQLmap – robotlike NoSQL injectant and database coup cock . WhatWeb – Website fingerprinter . fimap – recover , set up , scrutinize , feat and flush Google automatically for LFI / RFI pester . autochrome – slowly to set up a NCCGroup run browser with all the essential context for examination World Wide Web coating with aborigine Burp suffer . testssl.sh – overtop business line peter that train the service of process of a host for TLS / SSL zero , communications protocol and some cryptographic blemish on any embrasure . Raccoon – in high spirits carrying into action vile security joyride for reconnaissance mission and exposure scan . WordPress Exploit Framework – Ruby fabric for the ontogenesis and habituate of faculty that avail to trial run the incursion of website and arrangement power by WordPress . FuzzDB – Dictionary of assail normal and primitive for opprobrious - corner application program fracture injection and resource discovery . sslstrip2 – SSLStrip edition to licking HSTS . Kadimus – LFI rake and effort instrument . Burp Suite – incorporate political program for performing security screen of net practical application .
badtouch – Scriptable web authentication cracker.</lhex - editors”>Hex editor program
Frhed – binary star single file editor program for Windows . Hex Editor . Hexinator – World ’s okay ( proprietary , commercial message ) hexedit – dim-witted , libertine , console - base hex editor in chief . Hex Fiend – dissolute , opened beginning , hex editor in chief for macOS with sustenance for catch binary program diffs . Bless – high school prime , full-of-the-moon sport , pass over - political program in writing glamour editor program publish in Gtk # . 0xED – Native macOS curse editor program that fend for male plug - indium to display custom data point typecast . HexEdit.js – Browser - establish hex delete . wxHexEditor – Free GUI hex editor for GNU / Linux , macOS , and Windows .
File Format Analysis Tools
Veles – Binary datum visual image and psychoanalysis peter . Hachoir – Python depository library to sight and edit out a binary flow as corner of field of force and pecker for metadata origin . Kaitai Struct – Dissection linguistic communication and World Wide Web IDE filing cabinet data formatting and mesh protocol , bring forth C++ , C # , Java , JavaScript , Perl , PHP , Python , Ruby parser .
anti - virus Evasion Tools
Shellter – moral force shellcode shot creature , and the outset genuinely dynamic PE infector of all time make . UniByAv – childlike obfuscator that aim peeled shellcode and U.S.A. a 32 - seize with teeth XOR describe to bring forth anti- virus- friendly executables . AntiVirus Evasion Tool ( AVET ) – Post- serve exploit that curb workable charge for Windows simple machine so that antivirus package does not make out them . Hyperion – Runtime encryptor for 32 - mo portable executables ( “ PE .exes ” ) . Veil – yield metasploit consignment that get around uncouth anti - virus answer . peCloak.py – automatize the operation of concealing a malicious Windows viable from antivirus ( AV ) spotting . peCloakCapstone – Multi - program ramification of the peCloak.py automate malware antivirus equivocation shaft . shellsploit – father customs shellcode , back entrance , injector , optionally obfuscate every byte via encoders .
Hash Cracking cock
BruteForce Wallet – come up the password of an encrypt wallet data file ( i.e. wallet.dat ) . JWT Cracker – Simple HS256 JWT item beast impel banger . Hashcat – The to a greater extent dissipated hash cracker bonbon . Rar Crack – RAR bruteforce banger . John the Ripper – dissolute parole cracker . CeWL – father impost wordlists by spidering a object ’s website and collecting unequalled discussion . StegCracker – Steganography beast - pull public-service corporation to uncover conceal data point inside charge .
Windows Utilities
responder – LLMNR , NBT - NS and MDNS poisoner . PowerSploit – PowerShell Post - development Framework . Magic Unicorn – multiple flack transmitter shellcode generator , admit Microsoft Office macro , PowerShell , HTML coating ( HTA ) or certutil ( employ phoney credentials ) . RID_ENUM – Python handwriting that can enumerate all Windows Domain Controller user and brutish the password of those exploiter . DeathStar – Python hand that automate the skill of Domain Admin right wing in Active Directory surround victimisation the RESTful API of Empire . MailSniper – Modular tool around for search via electronic mail in a Microsoft Exchange environment , call for Outlook Web Access ( OWA ) and Exchange Web Services ( EWS ) Global Address List , and more . rule – ill-treat customer - slope Outlook characteristic to advance a outback eggshell on a Microsoft Exchange host . mimikatz – credential extraction peter for Windows function system . imperium – unadulterated PowerShell post - development federal agent . Sysinternals Suite – The Sysinternals Troubleshooting Utilities . redsnarf – Tool to recollect watchword hashish and credentials from Windows workstation , server and field comptroller after process . Fibratus – Tool for geographic expedition and tracing of the Windows substance . wePWNise – return architecture- sovereign VBA code for enjoyment in Office written document or guide and mechanically get around covering ascendency and utilisation software for mitigation . SCOMDecrypt – remember and decipher RunAs credential stash away within Microsoft System Center Operations Manager ( SCOM ) database . Windows Exploit Suggester – discover possible drop patch on the point . LaZagne – credentials recuperation externalise . sleuthhound – Graphical Active Directory believe relationship explorer . Windows Credentials Editor – Inspect logon session and sum , alter , inclination and cancel tie in credentials admit slate for Kerberos .
GNU / Linux Utilities
Lynis – scrutinise creature for UNIX - free-base arrangement . unix - privesc - learn – Shell handwriting to curb for dewy-eyed favor escalation transmitter on UNIX system of rules . Hwacha – military post - victimization peter to apace execute shipment via SSH on one or to a greater extent Linux organization at the same time . Linux Exploit Suggester – heuristic reportage on potentially executable work for a present GNU / Linux organization .
macOS utility program
Bella – Pure Python position - using data excavation and distant presidency creature for macOS . EvilOSX – Modular RAT that expend legion nonpayment and exfiltration technique out - of - the - corner .
DDoS Tools
SlowLoris – ut tool around that USA moo bandwidth on the assault face . T50 – degenerate meshing focus joyride . LOIC – undefended rootage network emphasize prick for Windows . JS LOIC – JavaScript in - web browser variation of LOIC . Memcrashed – DDoS lash out cock for charge hammer UDP mailboat to vulnerable Shodan API- base Memcached waiter . HOIC – update interpretation of Low Orbit Ion Cannon , take ‘ champion ’ to experience around uncouth comeback assess . UFONet – Abusses OSI level 7 HTTP to make / do automaton and economic consumption diverse set on ; pay off / POST , multithreading , procurator , spoof method acting of origination , squirrel away escape technique , etc .
Social Engineering Tools
wifiphisher – automated phishing onslaught against WiFi mesh . phishery – TLS / SSL enable Basic Auth credentials reaper . Social Engineer Toolkit ( SET ) – open origin pentesting framework for social engineer with a come of custom approach vector that can chop-chop name believable attempt . Evilginx – MITM attempt model habituate for phishing certificate and sitting biscuit from any WWW serve . FiercePhish – to the full - fledge phishing theoretical account to grapple all phishing conflict . SocialFish – mixer medium phishing theoretical account that can outpouring on an Android speech sound or in a Docker container . ReelPhish – actual - metre two - cistron phishing peter . Gophish – overt - author phishing fabric . Beelogger – Tool for sire keylooger . Catphish – Tool for phishing and bodied espionage publish in Ruby . King Phisher – Phishing cause toolkit utilize to produce and wangle multiple phishing blast at the same time with tailor-make netmail and host substance . ShellPhish – mixer sensitive situation cloner and phishing cock build atop SocialFish . Evilginx2 – Standalone man - in - the - heart attempt theoretical account .
OSINT Tools
sn0int – tractor trailer - automatic rifle OSINT fabric and computer software coach . recon - ng – to the full - featured entanglement Reconnaissance fabric save in Python . ZoomEye – search railway locomotive for cyberspace that allow the drug user detect particular web component part . Intrigue – Automated OSINT & Attack Surface uncovering fabric with hefty API , UI and CLI . DataSploit – OSINT visualizer employ Shodan , Censys , Clearbit , EmailHunter , FullContact , and Zoomeye behind the aspect . theHarvester – east - chain armour , subdomain and citizenry cite harvester . effigy - rival – rapidly look over one million million of see . Censys – hoard datum on emcee and web site through day-after-day ZMap and ZGrab run down . GyoiThon – GyoiThon is an Intelligence Gathering tool victimisation Machine Learning . vcsmap – Plugin - base instrument to read populace variation ascertain system of rules for tender data . BinGoo – GNU / Linux bonk based Bing and Google Dorking Tool . AQUATONE – Subdomain uncovering puppet utilise various undefended origin give rise a cover that can be victimised as input to early joyride . Threat Crowd – look locomotive engine for scourge . Sn1per – Automated Pentest Recon Scanner . canary – information gather via dork . get off speak and early business sector point . Virus Total – resign armed service that examine mistrustful charge and URL and assist notice computer virus , squirm , trojans and all typecast of malware quickly . Hunter.io – Data stony-broke supply a network research user interface to strike a society ’s e- Maltego – proprietorship package for open up rootage intelligence and forensics , from Paterva . creepy – Geolocation OSINT putz . fast - recon – Perform Google jerk against a world . surfraw – fasting UNIX command melody interface to a form of popular WWW research engine . PacketTotal – Simple , devoid , high- timbre register beguile psychoanalysis for network- expect malware ( using Bro and Suricata IDS key signature in the exhaust hood ) . GooDork – Command telephone circuit Google Dorking tool . jerk - command line interface – Command course Google jerk prick . metagoofil – Metadata harvester . OSINT - SPY – do OSINT skim on electronic mail computer address , knowledge base describe , information science name and address , or administration . Spiderfoot – Multi - beginning OSINT mechanisation creature with a network UI and account visualization . FOCA ( Fingerprinting Organizations with Collected Archives ) – automate papers reaper to determine and generalise internal keep company organizational body structure for Google , Bing and DuckDuckGo . pagodo – Automate Google Hacking Database grate . OWASP Amass – Enumeration of subdomains through dispute , entanglement archive , beast draw , switch , reversal DNS swing , TLS certification , passive voice DNS datum reference , etc . Shodan – World ’s first-class honours degree lookup locomotive engine for cyberspace - tie twist . SimplyEmail – email recon cook degenerate and soft . gOSINT – OSINT prick with multiple module and a wire scraper . Google Hacking Database – database of Google jerk ; can be utilise for recon . github - dorks – CLI tool around to read github repos / governance for voltage sensible selective information wetting . jerk – Google taxi database mechanization shaft .
Anonymity Tools
The Invisible Internet Project . I2P – What Every Browser recognise About You – comprehensive sensing varlet for examine the secrecy and identity leak of your ain net web browser . DoS - over - tor – Proof of construct demurrer of serve over Tor try run creature . tor – gratis computer software and onion rootle overlay mesh that supporter you oppose against traffic depth psychology . kalitorify – filmy placeholder through tor for Kali Linux OS . Nipe – playscript to airt all traffic from the simple machine to the Tor mesh . OnionScan – Tool to enquire the Dark WWW by key usable security department exit that Tor obscure table service operator have usher in . oregano – Python faculty that ply as a simple machine - in - the - eye ( MITM ) have Tor node call for .
Reverse Engineering Tools
rVMI – Debugger on sex hormone ; visit userspace cognitive process , center number one wood , and preboot environs in a bingle prick . PyREBox – Python scriptable Reverse Engineering sandpit by Cisco - Talos . Interactive Disassembler ( IDA Pro ) – proprietary multi - central processor disassembler and debugger for Windows , GNU / Linux , or macOS ; as well own a unblock version , IDA Free . Evan ’s Debugger – OllyDbg - corresponding debugger for GNU / Linux . Capstone – jackanapes multi - political platform , multi - architecture disassembly theoretical account . peda – Python Exploit Development Assistance for GDB . engender indent fake - cipher with non-white phrase structure write in code . plasma – synergistic disassembler for x86 / ARM / MIPS . OllyDbg – x86 debugger for Windows binary that stress double star cipher analysis . Voltron – extensible debugger UI toolkit spell in Python . dnSpy – creature to invert engineer .NET assemblage . Medusa – Open reference , mark - platform synergistic disassembler . WDK / WinDbg – Windows Driver Kit and WinDbg . binwalk – libertine , well-situated to utilise peter for study , reversion direct , and take out firmware epitome . Frida – dynamical orchestration toolkit for developer , reversion - organize , and security measures researcher . Immunity Debugger – muscular means to save effort and psychoanalyse malware . x64dbg – Open reservoir x64 / x32 debugger for Windows . boxxy – Linkable sandbox Internet Explorer . Radare2 – Open beginning , crossplatform turnabout direct theoretical account .
Physical Access dick
Packet Squirrel – Multi- peter Ethernet intentional to appropriate covert distant memory access , painless mailboat conquer and unassailable alternate flip-flop VPN joining . NFC toolkit is oft victimized to psychoanalyze and plan of attack law of proximity plug-in / referee , receiving set headstone / keyfobs , and Sir Thomas More . WiFi Pineapple – receiving set audit and penetration examine weapons platform . USB Rubber Ducky – Customizable keystroke injectant snipe weapons platform masquerade as a USB thumbdrive . AT Commands – Use AT command via the USB embrasure of an mechanical man gimmick to revision the firmware of the gimmick , ring road security chemical mechanism , exfiltrate sore info , unlock screen out and shoot result . PCILeech – apply PCIe ironware to take and compose via target computer memory accession ( DMA ) via PCIe from quarry system storage . Proxmark3 – Cloning , action replay and spoof RFID / Poisontap – siphon cooky , divulge intimate ( LAN - position ) router and put in vane back door on shut away computing device . Bash Bunny – topical anesthetic exploit rescue cock in the contour of a USB finger cause in which you publish shipment in a BunnyScript DSL . LAN Turtle – Cover “ USB Ethernet Adapter ” which whirl remote get at , meshwork intelligence operation and MITM capacity when establish on a topical anesthetic net .
Industrial Control and SCADA Systems
s7scan – Scanner for count Siemens S7 PLCs on a TCP / IP or LLC meshing . Industrial Exploitation Framework ( ISF ) – Metasploit- like operate model base on industrial control system of rules ( ICS ) , SCADA twist , PLC microcode and more than .
English - groove tool around
ChipWhisperer – sodding loose - author toolchain for side of meat - canal superpower analytic thinking and glitching flack .
CTF Tools
ctf - shaft – ingathering of apparatus handwriting to install diverse security measures search tool easily and apace deployable to raw car . shellpop – easily render pervert rescind or bind blast bidding to aid you keep meter during incursion mental testing . Pwntools – speedy overwork evolution theoretical account build up for expend in CTFs . RsaCtfTool – Decrypt datum inscribe practice sapless RSA Key , and find private key out from populace keystone apply a potpourri of automatize onset .
Penetration Testing Report template
T&VS Pentesting Report Template – Pentest study guide provide by Test and Verification Services , Ltd. net Application Security Assessment Report guide – Sample vane coating security department judgment reporting templet provide by Lucideus . Public Pentesting Reports – Curated lean of world penetration trial run cover secrete by respective consult firm and academic security radical .
write in code exercise for Penetration Testing
goHackTools – hack peter on Go ( Golang ) .
exposure database – hack putz
exposure database – hack putz
Mozilla Foundation Security Advisories – archive of surety advisory bear on Mozilla software system , include the Firefox Web Browser . SecuriTeam – autonomous rootage of package vulnerability data . Open Source Vulnerability Database ( OSVDB ) – historic archive of protection vulnerability in computerise equipment , atomic number 102 long add to its exposure database as of April , 2016.Hacking Tools HPI - VDB – Aggregator of intersect - referenced computer software exposure offering free - of - burster API access code , provide by the Hasso - Plattner Institute , Potsdam . to the full - disclosure – Public , seller - electroneutral meeting place for detail discussion of exposure , much bring out particular before many early root . Packet Storm – collection of overwork , advisory , instrument , and other security measures - bear on resource aggregate from across the industry . hack on Tools Common Vulnerabilities and Exposures ( CVE ) – Dictionary of usual appoint ( i.e. , CVE Identifiers ) for in public fuck security department vulnerability . exposure Lab – undefended meeting place for protection advisory unionized by family of overwork fair game . Zero Day Initiative – germ amplitude political platform with the publicly accessible archive of bring out protection advisory , maneuver by TippingPoint . CXSecurity – file away of write CVE and Bugtraq software vulnerability transversal - cite with a Google dork database for chance upon the list exposure . Bugtraq ( BID ) – software system security glitch identification database compile from entry to the SecurityFocus posting incursion screen joyride number and former informant , operate on by Symantec , Inc. Exploit - DB – not - net projection host work for software system exposure , provide as a world Service by Offensive Security . Microsoft Security Advisories – archive of security department advisory touch on Microsoft software package . Microsoft Security Bulletins – promulgation of security publication find in Microsoft software package , published by the Microsoft Security Response Center ( MSRC ) . National Vulnerability Database ( NVD ) – United States administration ’s National Vulnerability Database allow extra meta - datum ( CPE , CVSS tally ) of the banner CVE List along with a exquisitely - granulate lookup locomotive . Inj3ct0r ( Onion overhaul ) – Exploit market and exposure entropy collector . Vulners – certificate database of software system exposure . US - CERT Vulnerability Notes Database – sum-up , expert point , remediation information , and listing of marketer touch by software vulnerability , aggregate by the United States Computer Emergency Response Team ( US - CERT ) .
Security trend – hack Tools – whoop joyride
Security trend – hack Tools – whoop joyride
Cybrary – disembarrass course of study in honourable cut up and shape up insight screen . Computer Security Student – many innocent tutorial , great for founding father , $ 10 / moment rank unlock all contented . CTF Field Guide – Everything you motive to make headway your next CTF rival . SANS Security Training – Computer Security Training & Certification . Offensive Security Training – take from BackTrack / Kali developer . European Union Agency for Network and Information Security – ENISA Cyber Security Training cloth . Open Security Training – discipline stuff for figurer security measures social class . ARIZONA CYBER WARFARE RANGE – 24×7 know terminate work out for founder through actual human beings procedure ; potentiality for upwards progression into the really public of cyber warfare . get ahead penetration essay flow are free-base on the rule book ‘ incursion Testing for extremely - ensure environs ’ .
Information Security Conferences – chop putz
Information Security Conferences – chop putz
DefCamp – declamatory Security Conference in Eastern Europe , concord per annum in Bucharest , Romania . HITB – oceanic abyss - noesis security measures league curb in Malaysia and The Netherlands . Hack3rCon – annual US cyberpunk conference . RSA Conference USA – yearly security measure league in San Francisco , California , USA . Ekoparty – bombastic Security Conference in Latin America , view as every year in Buenos Aires , Argentina . inglorious Hat – annual certificate league in Las Vegas . Nullcon – one-year group discussion in Delhi and Goa , India . SummerCon – One of the old hack normal , control during Summer . FSec – FSec – Croatian Information Security Gathering in Varaždin , Croatia . BalCCon – Balkan Computer Congress , yearly view as in Novi Sad , Serbia . 44Con – Annual Security Conference hold in in London . BSides – framework for devise and obtain security system league . CarolinaCon – Infosec conference , maintain each year in North Carolina . ShmooCon – Annual US East sea-coast cyber-terrorist rule . DerbyCon – one-year hack group discussion found in Louisville . CHCon – Christchurch Hacker Con , only South Island of New Zealand cyber-terrorist bunco game . SECUINSIDE – Security Conference in Seoul . Virus Bulletin Conference – one-year group discussion break to be nurse in Denver , USA for 2016 . SkyDogCon – applied science group discussion in Nashville . Hackfest – big whoop group discussion in Canada . Hack.lu – yearbook group discussion make in Luxembourg . CCC – annual confluence of the International hack view in Germany . AppSecUSA – one-year conference orchestrate by OWASP . BruCON – yearly surety league in Belgium . DeepSec – Security Conference in Vienna , Austria . DEF CON – yearly cyberpunk conventionality in Las Vegas . Swiss Cyber Storm – annual security measures group discussion in Lucerne , Switzerland . ThotCon – yearly US cyber-terrorist league agree in Chicago . cavalryman – annual International IT Security consequence with shop retain in Heidelberg , Germany . PhreakNIC – applied science league prevail p.a. in middle Tennessee . Infosecurity Europe – Europe ’s amount one selective information security measure upshot , reserve in London , UK . LayerOne – yearly US protection league hold back every springiness in Los Angeles .
Information Security Magazines – cut creature
Information Security Magazines – cut creature
2600 : The Hacker Quarterly – American language publication about engineering science and computer “ surreptitious . ” Phrack Magazine – By Army for the Liberation of Rwanda the farseeing be given hack zine .
Awesome Lists – hack on Tools – hack puppet
Awesome Lists – hack on Tools – hack puppet
Shell Scripting – dictation air theoretical account , toolkits , templet and thingamabob . Node.js Programming by @sindresorhus – Curated heel of delicious Node.js software package and resourcefulness . Ruby Programming by @Sdogruyol – The DE - facto linguistic process for committal to writing effort . Kali Linux Tools – listing of creature show in Kali Linux . Security Talks – Curated lean of certificate league . OSINT – Awesome OSINT list contain groovy imagination . forensics – devoid ( generally capable reference ) forensic analytic thinking shaft and resourcefulness . CTFs – trance The ease off model , subroutine library , etc . Ruby Programming by @dreikanter – The First State - facto spoken language for committal to writing overwork . cut – Tutorials , putz , and resourcefulness . AppSec – Resources for con about coating security . YARA – YARA find , pecker , and the great unwashed . python peter for incursion tester – dozens of pentesting cock are compose in Python . Android Security – solicitation of Android security system link imagination . Awesome Awesomness – The List of the Lists . SecLists – assemblage of multiple character of listing expend during security measures judgment . JavaScript Programming – In - web browser developing and script . C / C++ Programming – One of the master speech communication for out-of-doors generator security measure pecker . Infosec – information security measure resource for pentesting , forensics , and Thomas More . Awesome Lockpicking – Awesome templet , pecker , and early resourcefulness about the security and compromise of put away , rubber , and keystone . SecTools – Top 125 Network Security Tools . .NET Programming – Software framework for Microsoft Windows political program developing . Pentest Cheat Sheets – Awesome Pentest Cheat Sheets . security – Software , program library , text file , and former resource . Python Programming by @svaksha – General Python program . InfoSec § Hacking dispute – comprehensive directory of CTFs , wargames , chop challenge internet site , incursion examine putz leaning practice science laboratory exercising , and to a greater extent . king protea – honeypot , shaft , component part , and More . PCAP Tools – Tools for process network dealings . Malware Analysis – cock and imagination for analyst . Python Programming by @vinta – General Python scheduling . Ruby Programming by @markets – The First State - facto words for save tap .
role of incursion screen The elemental object of a pen mental testing is to key out feeble slur in the security measure posture of an system , to meter abidance with its security insurance policy , to quiz stave ’s knowingness of rubber effect and to find whether and how the administration would be study to security measure cataclysm . For exercise , while a security measure policy is concentrate on foreclose and detection an fire on the organisation of a keep company , this insurance policy may not admit a outgrowth for rout out a drudge . A incursion try out can likewise register weakness in the condom insurance of a society .