๐resources
Information Gathering
Domain Names
subDomainsBrute - A fast sub domain brute tool for pentesters
ksubdomain - Subdomain enumeration tool, asynchronous DNS packets, use pcap to scan 1600,000 subdomains in 1 second
Sublist3r - Fast subdomains enumeration tool for penetration testers
OneForAll - ๐ OneForAll is a powerful subdomain integration tool
Google Hacking
GHDB - Google Hack Database
SearchDiggity - SearchDiggity 3.1 is the primary attack tool of the Google Hacking Diggity Project
Katana - A Python Tool For google Hacking
uDork - uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on.
Pagodo - pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching .
Github
GitHacker - ๐ท๏ธ A Git source leak exploit tool that restores the entire Git repository, including data from stash, for white-box auditing and analysis of developers' mind.
GitGraber - gitGraber is a tool developed in Python3 to monitor GitHub to search and find sensitive data in real time for different online services.
GitMiner - Tool for advanced mining for content on Github.
Gitrob - Reconnaissance tool for GitHub organizations.
SVN
svnExploit - Support for SVN source code disclosure of full version and Dump it.
SvnHack - SvnHack is a SVN folder disclosure exploit.
Port Scan
Nmap | Zenmap - Free and open source utility for network discovery and security auditing
Masscan - TCP port scanner, spews SYN packets asynchronously
Ports - Common service ports and exploitations
Goby - Attack surface mapping
Goscan - Interactive Network Scanner
NimScan - ๐ Fast Port Scanner ๐
RustScan - ๐ค The Modern Port Scanner ๐ค
OSINT
theHarvester- E-mails, subdomains and names Harvester - OSINT
SpiderFoot - SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
FOCA - Tool to find metadata and hidden information in the documents.
Amass - In-depth Attack Surface Mapping and Asset Discovery
Censys-subdomain-finder - Perform subdomain enumeration using the certificate transparency logs from Censys.
EmailHarvester - Email addresses harvester
Finalrecon - The Last Web Recon Tool You'll Need.
LittleBrother - Information gathering (OSINT) on a person (EU)
Phishing
gophish - Open-Source Phishing Toolkit
AdvPhishing - This is Advance Phishing Tool ! OTP PHISHING
SocialFish - Educational Phishing Tool & Information Collector
Zphisher - An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !
Nexphisher - Advanced Phishing tool for Linux & Termux
Vulnerability Analysis
Fuzzing
Vulnerability Scanner
Struts-Scan - Struts2 vulnerability detection and utilization tools
Nikto - Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items
W3af - Web application attack and audit framework, the open source web vulnerability scanner
Openvas - The world's most advanced Open Source vulnerability scanner and manager
Archery - Open Source Vulnerability Assessment and Management helps developers and pentesters to perform scans and manage vulnerabilities
Taipan - Web application vulnerability scanner
Arachni - Web Application Security Scanner Framework
Nuclei - Fast and customizable vulnerability scanner based on simple YAML based DSL.
Xray - A passive-vulnerability-scanner Tool.
Web Applications
CMS & Framwork Identification
AngelSword - CMS vulnerability detection framework
WhatWeb - Next generation web scanner
Wappalyzer - Cross-platform utility that uncovers the technologies used on websites
Whatruns - A free browser extension that helps you identify technologies used on any website at the click of a button (Just for chrome)
WhatCMS - CMS Detection and Exploit Kit based on Whatcms.org API
CMSeeK - CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs
Online Tools
Yunsee - Online website for to find the CMS footprint
Bugscaner - A simple online fingerprint identification system that supports hundreds of cms source code recognition
WhatCMS online - CMS Detection and Exploit Kit website Whatcms.org
Tscan - A online tool to get the informathion of website
TideFinger - Fingerprinter Tool from TideSec Team
Web Applications Proxies
Burpsuite - Burpsuite is a graphical tool for testing Web application security
ZAP One of the worldโs most popular free security tools
Mitmproxy - An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
Broxy - An HTTP/HTTPS intercept proxy written in Go.
web browser extension
Hack-Tools - The all-in-one Red Team extension for Web Pentester ๐
Web Crawlers & Directory Brute Force
Dirbrute - Multi-thread WEB directory blasting tool (with dics inside)
Dirbuster - DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers
Docker Scanners
Fuxi-Scanner - open source network security vulnerability scanner, it comes with multiple functions.
Xunfeng - The patrol is a rapid emergency response and cruise scanning system for enterprise intranets
WebMap - Nmap Web Dashboard and Reporting
Database Assessment
Password Attacks
Hydra - Hydra is a parallelized login cracker which supports numerous protocols to attack
Medusa - Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer
Hashcat - World's fastest and most advanced password recovery utility
Patator - Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
HackBrowserDat - Decrypt passwords/cookies/history/bookmarks from the browser
Wireless Attacks
Wireless Tools
Fern Wifi cracker - Fern-Wifi-Cracker is designed to be used in testing and discovering flaws in ones own network with the aim of fixing the flaws detected
Reverse Engineering
Ollydbg - OllyDbg is a 32-bit assembler level analysing debugger for Microsoft Windows
Exploitation Tools
Vulnerability Search
SPLOITUS - Sploitus is ะฐ convenient central place for identifying the newest exploits and finding attacks that exploit known vulnerabilities
SearchSploit - The official Exploit Database repository
Getsploit - Command line utility for searching and downloading exploits
Cross-site Scripting๏ผXSS๏ผ
BeeF - The Browser Exploitation Framework Project
BlueLotus_XSSReceiver - XSS Receiver platform without SQL
xssor2 - XSS'OR - Hack with JavaScript.
Xsser-Varbaek - From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
Xsser-Epsylon - Cross Site "Scripter" (aka XSSer) is an automatic framework to detect, exploit and report XSS vulnerabilities in web-based applications.
Xenotix - An advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework
Sql Injection
Sqlmap - Automatic SQL injection and database takeover tool
Sqlmate - A friend of SQLmap which will do what you always expected from SQLmap
SQLiScanner - Automatic SQL injection with Charles and sqlmap api
Command Injection
Commix - Automated All-in-One OS command injection and exploitation tool
File Include
LFIsuite - Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner
Kadimus - Kadimus is a tool to check sites to lfi vulnerability , and also exploit it
Shellfire - Exploitation shell for exploiting LFI, RFI, and command injection vulnerabilities
LFIter2 - LFIter2 Local File Include (LFI) Tool - Auto File Extractor & Username Bruteforcer
FDsploit - File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
File Upload vulnerability
Fuxploider - File upload vulnerability scanner and exploitation tool
XML External Entity Attack๏ผXXE๏ผ
XXEinjector - Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods
Oxml_xxe - A tool for embedding XXE/XML exploits into different filetypes
Cross-site request forgery ๏ผCSRF๏ผ
Deemon - Deemon is a tool to detect CSRF in web application
Exploit Framework
POC-T - Pentest Over Concurrent Toolkit
Pocsuite - Pocsuite is an open-sourced remote vulnerability testing framework developed by the Knownsec Security Team
Metasploit - The worldโs most used penetration testing framework
Venom - Shellcode generator/compiler/handler (metasploit)
Empire - Empire is a PowerShell and Python post-exploitation agent
Koadic - Koadic C3 COM Command & Control - JScript RAT
Viper - metasploit-framework UI manager Tools
MSFvenom-gui - gui tool to create normal payload by msfvenom
Machine Learning
DeepExploit - Fully automatic penetration test tool using Machine Learning
GyoiThon - GyoiThon is a growing penetration test tool using Machine Learning
Generator - Fully automatically generate numerous injection codes for web application assessment
Automate
AutoSploit - Automated Mass Exploiter
WinPwn - Automation for internal Windows Penetrationtest / AD-Security
Sniffing & Spoofng
WireShark - Wireshark is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems.
Cain & able - Cain & Abel is a password recovery tool for Microsoft Operating Systems.
Maintaining Access
Shell
Goshell - Generate reverse shells in command line with Go !
Print-My-Shell - Python script wrote to automate the process of generating various reverse shells.
Girsh - Automatically spawn a reverse shell fully interactive for Linux or Windows victim
Blueshell - Generate a reverse shells for RedTeam
Clink - Powerful Bash-style command line editing for cmd.exe
Web Shell
Novahot - A webshell framework for penetration testers.
Awsome-Webshells - Collection of reverse shells
PHP
Chopper kind Webshell
Chopper
Tips: The tool comes from the network, no backdoor verification, please choose it on yourself......
Link: https://pan.baidu.com/s/1VnXkoQU-srSllG6JaY0nTA Password: v71d
CKnife - The cross platform webshell tool in java
Tips: The tool comes from the network, no backdoor verification, please choose it on yourself......
Link: https://pan.baidu.com/s/1QZrnWU7DUuJhiXl7u1kELw Password: hjrh
Altman - The cross platform webshell tool in .NET
Behinder - dynamic binary encryption webshell management client
Godzilla - a Java tool to encrypt network traffic
Privilege Escalation Auxiliary
windows-exploit-suggester - This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target
Windows-kernel-exploits - windows-kernel-exploits
linux-exploit-suggester-2 - Next-Generation Linux Kernel Exploit Suggester
Linux-kernel-exploits - linux-kernel-exploits Linux
BeRoot - Privilege Escalation Project - Windows / Linux / Mac
PE-Linux - Linux Privilege Escalation Tool By WazeHell
Portia - Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised.
C2
DeimosC2 - DeimosC2 is a Golang command and control framework for post-exploitation.
Sliver - Implant framework
PHPSploit - Full-featured C2 framework which silently persists on webserver via evil PHP oneliner ๐
Shad0w - A post exploitation framework designed to operate covertly on heavily monitored environments (Win8ใWin10)
Covenant - Covenant is a collaborative .NET C2 framework for red teamers.
Emp3r0r - linux post-exploitation framework made by linux user
Golang Sec Tools
Tips: Golang is a excellent cross platform language for security.
Naabu - A fast port scanner written in go with focus on reliability and simplicity.
ServerScan - A high concurrency network scanning and service detection tool developed by golang.
Reporting & Collaboration
Vulnreport - Open-source pentesting management and automation platform by Salesforce Product Security
Pentest-Collaboration-Framework - Opensource, cross-platform and portable toolkit for automating routine processes when carrying out various works for testing!
Social Engineering
System Services
Code Audit
Cloc - cloc counts blank lines, comment lines, and physical lines of source code in many programming languages
Cobra - Source Code Security Audit
Cobra-W - Cobra for white hat
Graudit - Grep rough audit - source code auditing tool
Rips - A static source code analyser for vulnerabilities in PHP scripts
Port Forwarding & Proxies
EarthWorm - Tool for tunnel
Termite - Tool for tunnel (Version 2)
Frp - A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet
Nps - A lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal.
Goproxy - A high-performance, full-featured, cross platform proxy server
ReGeorg - The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn
Venom - A Multi-hop Proxy for Penetration Testers
Stowaway - ๐ป Stowaway -- Multi-hop Proxy Tool for pentesters
rport - Manage remote systems with ease.
DevSecOps
RootKit
Audit Tools
DevAudit - Open-source, cross-platform, multi-purpose security auditing tool
Cyber Range
Vulnerability application
DVWA - Damn Vulnerable Web Application (DVWA)
WebGoat - WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons
DSVW - DSVW is a deliberately vulnerable web application written in under 100 lines of code, created for educational purposes
DVWS - Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn real world web service vulnerabilities
XVWA - XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security
BWAPP - A buggy web application whit more than 100 vulnerabilities
Sqli-lab - SQLI labs to test error based, Blind boolean based, Time based
HackMe-SQL-Injection-Challenges - Hack your friend's online MMORPG game - specific focus, sql injection opportunities
XSS-labs - Small set of scripts to practice exploit XSS and CSRF vulnerabilities
SSRF-lab - Lab for exploring SSRF vulnerabilities
SSRF_Vulnerable_Lab - This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
LFI-labs - Small set of PHP scripts to practice exploiting LFI, RFI and CMD injection vulns
Commix-testbed - A collection of web pages, vulnerable to command injection flaws
File-Upload-Lab - Damn Vulnerable File Upload V 1.1
Upload-labs - A summary of all types of uploading vulnerabilities for you
XXE-Lab - A XXE vulnerability Demo containing language versions such as PHP, Java, python, C#, etc
Simulation Range
Fopnp - A Network Playground for ใFoundations of Python Network Programmingใ
CyberRange - The Open-Source AWS Cyber Range
Last updated