mirror of
https://github.com/vitalysim/Awesome-Hacking-Resources.git
synced 2024-12-18 02:46:24 +00:00
commit
c286ebf4d0
55
tools.md
55
tools.md
@ -4,13 +4,35 @@
|
||||
|
||||
A curated list of awesome Hacking Tools. Your contributions are always welcome !
|
||||
|
||||
### Awesome Repositories
|
||||
Repository | Description
|
||||
---- | ----
|
||||
[HUNT Proxy Extension](https://github.com/bugcrowd/HUNT) | Identify common parameters vulnerable to certain vulnerability classes (HUNT Scanner, availible for Burp Suite PRO and ZAProxy). Organize testing methodologies (currently avalible only inside of Burp Suite).
|
||||
[Xerosploit](https://github.com/LionSec/xerosploit) | Efficient and advanced man in the middle framework
|
||||
|
||||
### Awesome custom projects / Scripts
|
||||
Name | Description
|
||||
---- | ----
|
||||
|
||||
### Exploitation tools
|
||||
Name | Description
|
||||
---- | ----
|
||||
[BeEF](http://beefproject.com/) | Browser Exploitation Framework (Beef)
|
||||
[Core Impact](https://www.coresecurity.com/core-impact) | Core Impact provides vulnerability assessment and penetration security testing throughout your organization.
|
||||
[Metasploit](https://www.metasploit.com/) | The world’s most used penetration testing framework
|
||||
|
||||
### Linux Security Tools
|
||||
Name | Description
|
||||
---- | ----
|
||||
[DefenseMatrix](https://github.com/K4YT3X/DefenseMatrix) | Full security solution for Linux Servers
|
||||
|
||||
### MITM tools
|
||||
Name | Description
|
||||
---- | ----
|
||||
[Burp Suite](https://portswigger.net/burp) | GUI based tool for testing Web application security.
|
||||
[mitmproxy](https://mitmproxy.org/) | An interactive console program that allows traffic flows to be intercepted, inspected, modified and replayed
|
||||
[Ettercap](https://ettercap.github.io/ettercap/) | Ettercap is a comprehensive suite for man in the middle attacks
|
||||
[BetterCAP](https://www.bettercap.org/) | MITM attacks against a network, manipulate HTTP, HTTPS and TCP traffic in realtime, sniff for credentials and much more.
|
||||
[Burp Suite](https://portswigger.net/burp) | GUI based tool for testing Web application security.
|
||||
[Ettercap](https://ettercap.github.io/ettercap/) | Ettercap is a comprehensive suite for man in the middle attacks
|
||||
[mitmproxy](https://mitmproxy.org/) | An interactive console program that allows traffic flows to be intercepted, inspected, modified and replayed
|
||||
|
||||
### SQL Injection
|
||||
Name | Description
|
||||
@ -18,29 +40,10 @@ Name | Description
|
||||
[SQLmap](http://sqlmap.org/) | Automatic SQL injection and database takeover tool
|
||||
[SQLninja](http://sqlninja.sourceforge.net/) | SQL Server injection & takeover tool
|
||||
|
||||
### Source Code Analysis Tools
|
||||
Name | Description
|
||||
---- | ----
|
||||
[Retire.js](http://retirejs.github.io/retire.js/) | detecting the use of JavaScript libraries with known vulnerabilities
|
||||
[pyup](https://pyup.io/) | Automated Security and Dependency Updates
|
||||
[RIPS](https://www.ripstech.com/) | PHP Security Analysis
|
||||
[Snyk](https://snyk.io/) | find & fix vulnerabilities in dependencies, supports various languages
|
||||
|
||||
### Linux Security Tools
|
||||
Name | Description
|
||||
---- | ----
|
||||
[DefenseMatrix](https://github.com/K4YT3X/DefenseMatrix) | Full security solution for Linux Servers
|
||||
|
||||
### Exploitation tools
|
||||
Name | Description
|
||||
---- | ----
|
||||
[Metasploit](https://www.metasploit.com/) | The world’s most used penetration testing framework
|
||||
[BeEF](http://beefproject.com/) | Browser Exploitation Framework (Beef)
|
||||
[Core Impact](https://www.coresecurity.com/core-impact) | Core Impact provides vulnerability assessment and penetration security testing throughout your organization.
|
||||
|
||||
### Search Engine for Penetration Tester
|
||||
Name | Description
|
||||
---- | ----
|
||||
[Censys](https://www.censys.io/) | Censys continually monitors every reachable server and device on the Internet, so you can search for and analyze them in real time
|
||||
[Shodan](http://shodan.io/) | Shodan is the world's first search engine for Internet-connected devices.
|
||||
[Zoomeye](https://www.zoomeye.org/) | search engine for cyberspace that lets the user find specific network components(ip, services, etc.)
|
||||
[Censys](https://www.censys.io/) | Censys continually monitors every reachable server and device on the Internet, so you can search for and analyze them in real time
|
||||
@ -52,6 +55,10 @@ Repository | Description
|
||||
[Xerosploit](https://github.com/LionSec/xerosploit) | Efficient and advanced man in the middle framework
|
||||
[HUNT Proxy Extension](https://github.com/bugcrowd/HUNT) | Identify common parameters vulnerable to certain vulnerability classes (HUNT Scanner, availible for Burp Suite PRO and ZAProxy). Organize testing methodologies (currently avalible only inside of Burp Suite).
|
||||
|
||||
### Awesome custom projects / Scripts
|
||||
### Source Code Analysis Tools
|
||||
Name | Description
|
||||
---- | ----
|
||||
[RIPS](https://www.ripstech.com/) | PHP Security Analysis
|
||||
[Retire.js](http://retirejs.github.io/retire.js/) | detecting the use of JavaScript libraries with known vulnerabilities
|
||||
[Snyk](https://snyk.io/) | find & fix vulnerabilities in dependencies, supports various languages
|
||||
[pyup](https://pyup.io/) | Automated Security and Dependency Updates
|
||||
|
Loading…
Reference in New Issue
Block a user