Merge branch 'master' into patch-5

This commit is contained in:
VS 2017-10-19 22:20:17 +03:00 committed by GitHub
commit 006315077b

View File

@ -4,27 +4,22 @@
A curated list of awesome Hacking Tools. Your contributions are always welcome ! A curated list of awesome Hacking Tools. Your contributions are always welcome !
### MITM tools ### Awesome Repositories
Name | Description Repository | Description
---- | ---- ---- | ----
[Burp Suite](https://portswigger.net/burp) | GUI based tool for testing Web application security. [HUNT Proxy Extension](https://github.com/bugcrowd/HUNT) | Identify common parameters vulnerable to certain vulnerability classes (HUNT Scanner, availible for Burp Suite PRO and ZAProxy). Organize testing methodologies (currently avalible only inside of Burp Suite).
[mitmproxy](https://mitmproxy.org/) | An interactive console program that allows traffic flows to be intercepted, inspected, modified and replayed [Xerosploit](https://github.com/LionSec/xerosploit) | Efficient and advanced man in the middle framework
[Ettercap](https://ettercap.github.io/ettercap/) | Ettercap is a comprehensive suite for man in the middle attacks
[BetterCAP](https://www.bettercap.org/) | MITM attacks against a network, manipulate HTTP, HTTPS and TCP traffic in realtime, sniff for credentials and much more.
### SQL Injection ### Awesome custom projects / Scripts
Name | Description Name | Description
---- | ---- ---- | ----
[SQLmap](http://sqlmap.org/) | Automatic SQL injection and database takeover tool
[SQLninja](http://sqlninja.sourceforge.net/) | SQL Server injection & takeover tool
### Source Code Analysis Tools ### Exploitation tools
Name | Description Name | Description
---- | ---- ---- | ----
[Retire.js](http://retirejs.github.io/retire.js/) | detecting the use of JavaScript libraries with known vulnerabilities [BeEF](http://beefproject.com/) | Browser Exploitation Framework (Beef)
[pyup](https://pyup.io/) | Automated Security and Dependency Updates [Core Impact](https://www.coresecurity.com/core-impact) | Core Impact provides vulnerability assessment and penetration security testing throughout your organization.
[RIPS](https://www.ripstech.com/) | PHP Security Analysis [Metasploit](https://www.metasploit.com/) | The worlds most used penetration testing framework
[Snyk](https://snyk.io/) | find & fix vulnerabilities in dependencies, supports various languages
### Linux Security Tools ### Linux Security Tools
Name | Description Name | Description
@ -40,16 +35,24 @@ Name | Description
[iedb](http://iedb.ir/) | Iranian Exploit DataBase [iedb](http://iedb.ir/) | Iranian Exploit DataBase
[rapid7](https://rapid7.com/db) | Vulnerability & Exploit Database - Rapid7 [rapid7](https://rapid7.com/db) | Vulnerability & Exploit Database - Rapid7
### Exploitation tools ### MITM tools
Name | Description Name | Description
---- | ---- ---- | ----
[Metasploit](https://www.metasploit.com/) | The worlds most used penetration testing framework [BetterCAP](https://www.bettercap.org/) | MITM attacks against a network, manipulate HTTP, HTTPS and TCP traffic in realtime, sniff for credentials and much more.
[BeEF](http://beefproject.com/) | Browser Exploitation Framework (Beef) [Burp Suite](https://portswigger.net/burp) | GUI based tool for testing Web application security.
[Core Impact](https://www.coresecurity.com/core-impact) | Core Impact provides vulnerability assessment and penetration security testing throughout your organization. [Ettercap](https://ettercap.github.io/ettercap/) | Ettercap is a comprehensive suite for man in the middle attacks
[mitmproxy](https://mitmproxy.org/) | An interactive console program that allows traffic flows to be intercepted, inspected, modified and replayed
### SQL Injection
Name | Description
---- | ----
[SQLmap](http://sqlmap.org/) | Automatic SQL injection and database takeover tool
[SQLninja](http://sqlninja.sourceforge.net/) | SQL Server injection & takeover tool
### Search Engine for Penetration Tester ### Search Engine for Penetration Tester
Name | Description Name | Description
---- | ---- ---- | ----
[Censys](https://www.censys.io/) | Censys continually monitors every reachable server and device on the Internet, so you can search for and analyze them in real time
[Shodan](http://shodan.io/) | Shodan is the world's first search engine for Internet-connected devices. [Shodan](http://shodan.io/) | Shodan is the world's first search engine for Internet-connected devices.
[Zoomeye](https://www.zoomeye.org/) | search engine for cyberspace that lets the user find specific network components(ip, services, etc.) [Zoomeye](https://www.zoomeye.org/) | search engine for cyberspace that lets the user find specific network components(ip, services, etc.)
[Censys](https://www.censys.io/) | Censys continually monitors every reachable server and device on the Internet, so you can search for and analyze them in real time [Censys](https://www.censys.io/) | Censys continually monitors every reachable server and device on the Internet, so you can search for and analyze them in real time
@ -60,6 +63,10 @@ Repository | Description
[Xerosploit](https://github.com/LionSec/xerosploit) | Efficient and advanced man in the middle framework [Xerosploit](https://github.com/LionSec/xerosploit) | Efficient and advanced man in the middle framework
[HUNT Proxy Extension](https://github.com/bugcrowd/HUNT) | Identify common parameters vulnerable to certain vulnerability classes (HUNT Scanner, availible for Burp Suite PRO and ZAProxy). Organize testing methodologies (currently avalible only inside of Burp Suite). [HUNT Proxy Extension](https://github.com/bugcrowd/HUNT) | Identify common parameters vulnerable to certain vulnerability classes (HUNT Scanner, availible for Burp Suite PRO and ZAProxy). Organize testing methodologies (currently avalible only inside of Burp Suite).
### Awesome custom projects / Scripts ### Source Code Analysis Tools
Name | Description Name | Description
---- | ---- ---- | ----
[RIPS](https://www.ripstech.com/) | PHP Security Analysis
[Retire.js](http://retirejs.github.io/retire.js/) | detecting the use of JavaScript libraries with known vulnerabilities
[Snyk](https://snyk.io/) | find & fix vulnerabilities in dependencies, supports various languages
[pyup](https://pyup.io/) | Automated Security and Dependency Updates