diff --git a/tools.md b/tools.md index a426266..8270af4 100644 --- a/tools.md +++ b/tools.md @@ -4,13 +4,35 @@ A curated list of awesome Hacking Tools. Your contributions are always welcome ! +### Awesome Repositories +Repository | Description +---- | ---- +[HUNT Proxy Extension](https://github.com/bugcrowd/HUNT) | Identify common parameters vulnerable to certain vulnerability classes (HUNT Scanner, availible for Burp Suite PRO and ZAProxy). Organize testing methodologies (currently avalible only inside of Burp Suite). +[Xerosploit](https://github.com/LionSec/xerosploit) | Efficient and advanced man in the middle framework + +### Awesome custom projects / Scripts +Name | Description +---- | ---- + +### Exploitation tools +Name | Description +---- | ---- +[BeEF](http://beefproject.com/) | Browser Exploitation Framework (Beef) +[Core Impact](https://www.coresecurity.com/core-impact) | Core Impact provides vulnerability assessment and penetration security testing throughout your organization. +[Metasploit](https://www.metasploit.com/) | The world’s most used penetration testing framework + +### Linux Security Tools +Name | Description +---- | ---- +[DefenseMatrix](https://github.com/K4YT3X/DefenseMatrix) | Full security solution for Linux Servers + ### MITM tools Name | Description ---- | ---- -[Burp Suite](https://portswigger.net/burp) | GUI based tool for testing Web application security. -[mitmproxy](https://mitmproxy.org/) | An interactive console program that allows traffic flows to be intercepted, inspected, modified and replayed -[Ettercap](https://ettercap.github.io/ettercap/) | Ettercap is a comprehensive suite for man in the middle attacks [BetterCAP](https://www.bettercap.org/) | MITM attacks against a network, manipulate HTTP, HTTPS and TCP traffic in realtime, sniff for credentials and much more. +[Burp Suite](https://portswigger.net/burp) | GUI based tool for testing Web application security. +[Ettercap](https://ettercap.github.io/ettercap/) | Ettercap is a comprehensive suite for man in the middle attacks +[mitmproxy](https://mitmproxy.org/) | An interactive console program that allows traffic flows to be intercepted, inspected, modified and replayed ### SQL Injection Name | Description @@ -18,39 +40,18 @@ Name | Description [SQLmap](http://sqlmap.org/) | Automatic SQL injection and database takeover tool [SQLninja](http://sqlninja.sourceforge.net/) | SQL Server injection & takeover tool -### Source Code Analysis Tools -Name | Description ----- | ---- -[Retire.js](http://retirejs.github.io/retire.js/) | detecting the use of JavaScript libraries with known vulnerabilities -[pyup](https://pyup.io/) | Automated Security and Dependency Updates -[RIPS](https://www.ripstech.com/) | PHP Security Analysis -[Snyk](https://snyk.io/) | find & fix vulnerabilities in dependencies, supports various languages - -### Linux Security Tools -Name | Description ----- | ---- -[DefenseMatrix](https://github.com/K4YT3X/DefenseMatrix) | Full security solution for Linux Servers - -### Exploitation tools -Name | Description ----- | ---- -[Metasploit](https://www.metasploit.com/) | The world’s most used penetration testing framework -[BeEF](http://beefproject.com/) | Browser Exploitation Framework (Beef) -[Core Impact](https://www.coresecurity.com/core-impact) | Core Impact provides vulnerability assessment and penetration security testing throughout your organization. - ### Search Engine for Penetration Tester Name | Description ---- | ---- +[Censys](https://www.censys.io/) | Censys continually monitors every reachable server and device on the Internet, so you can search for and analyze them in real time [Shodan](http://shodan.io/) | Shodan is the world's first search engine for Internet-connected devices. [Zoomeye](https://www.zoomeye.org/) | search engine for cyberspace that lets the user find specific network components(ip, services, etc.) -[Censys](https://www.censys.io/) | Censys continually monitors every reachable server and device on the Internet, so you can search for and analyze them in real time +[vulners](https://vulners.com/landing)| Complete Vulnerability DataBase & Security Scanner -### Awesome Repositories -Repository | Description ----- | ---- -[Xerosploit](https://github.com/LionSec/xerosploit) | Efficient and advanced man in the middle framework -[HUNT Proxy Extension](https://github.com/bugcrowd/HUNT) | Identify common parameters vulnerable to certain vulnerability classes (HUNT Scanner, availible for Burp Suite PRO and ZAProxy). Organize testing methodologies (currently avalible only inside of Burp Suite). - -### Awesome custom projects / Scripts +### Source Code Analysis Tools Name | Description ---- | ---- +[RIPS](https://www.ripstech.com/) | PHP Security Analysis +[Retire.js](http://retirejs.github.io/retire.js/) | detecting the use of JavaScript libraries with known vulnerabilities +[Snyk](https://snyk.io/) | find & fix vulnerabilities in dependencies, supports various languages +[pyup](https://pyup.io/) | Automated Security and Dependency Updates