ch0ic3/Awesome-Hacking-Resources
1
0
Fork 0
mirror of https://github.com/vitalysim/Awesome-Hacking-Resources.git synced 2024-12-18 10:56:12 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
20d3598db0
Awesome-Hacking-Resources/tools.md
Giorgi Mkervalishvili 20d3598db0 Update Awesome Repositories
2017-10-20 00:50:05 +04:00

75 lines
4.2 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Awesome Hacking Tools
**A collection of awesome lists for hackers, pentesters & security researchers.**
A curated list of awesome Hacking Tools. Your contributions are always welcome !
### Awesome Repositories
Repository | Description
---- | ----
[HUNT Proxy Extension](https://github.com/bugcrowd/HUNT) | Identify common parameters vulnerable to certain vulnerability classes (HUNT Scanner, availible for Burp Suite PRO and ZAProxy). Organize testing methodologies (currently avalible only inside of Burp Suite).
[Xerosploit](https://github.com/LionSec/xerosploit) | Efficient and advanced man in the middle framework
### Awesome custom projects / Scripts
Name | Description
---- | ----
### Exploitation tools
Name | Description
---- | ----
[BeEF](http://beefproject.com/) | Browser Exploitation Framework (Beef)
[Core Impact](https://www.coresecurity.com/core-impact) | Core Impact provides vulnerability assessment and penetration security testing throughout your organization.
[Metasploit](https://www.metasploit.com/) | The worlds most used penetration testing framework
### Linux Security Tools
Name | Description
---- | ----
[DefenseMatrix](https://github.com/K4YT3X/DefenseMatrix) | Full security solution for Linux Servers
### Exploit Databases
Name | Description
---- | ----
[0day](http://0day.today/) | Inj3ct0r is the ultimate database of exploits and vulnerabilities and a great resource for vulnerability researchers and security professionals.
[cxsecurity](http://cxsecurity.com/exploit) | Exploit Database
[exploit-db](https://www.exploit-db.com/) | Exploits Database by Offensive Security
[iedb](http://iedb.ir/) | Iranian Exploit DataBase
[rapid7](https://rapid7.com/db) | Vulnerability & Exploit Database - Rapid7
### MITM tools
Name | Description
---- | ----
[BetterCAP](https://www.bettercap.org/) | MITM attacks against a network, manipulate HTTP, HTTPS and TCP traffic in realtime, sniff for credentials and much more.
[Burp Suite](https://portswigger.net/burp) | GUI based tool for testing Web application security.
[Ettercap](https://ettercap.github.io/ettercap/) | Ettercap is a comprehensive suite for man in the middle attacks
[mitmproxy](https://mitmproxy.org/) | An interactive console program that allows traffic flows to be intercepted, inspected, modified and replayed
### SQL Injection
Name | Description
---- | ----
[SQLmap](http://sqlmap.org/) | Automatic SQL injection and database takeover tool
[SQLninja](http://sqlninja.sourceforge.net/) | SQL Server injection & takeover tool
### Search Engine for Penetration Tester
Name | Description
---- | ----
[Censys](https://www.censys.io/) | Censys continually monitors every reachable server and device on the Internet, so you can search for and analyze them in real time
[Shodan](http://shodan.io/) | Shodan is the world's first search engine for Internet-connected devices.
[Zoomeye](https://www.zoomeye.org/) | search engine for cyberspace that lets the user find specific network components(ip, services, etc.)
[Censys](https://www.censys.io/) | Censys continually monitors every reachable server and device on the Internet, so you can search for and analyze them in real time
### Awesome Repositories
Repository | Description
---- | ----
[Xerosploit](https://github.com/LionSec/xerosploit) | Efficient and advanced man in the middle framework
[SecLists](https://github.com/danielmiessler/SecLists) | It is a collection of multiple types of lists used during security assessments
[HUNT Proxy Extension](https://github.com/bugcrowd/HUNT) | Identify common parameters vulnerable to certain vulnerability classes (HUNT Scanner, availible for Burp Suite PRO and ZAProxy). Organize testing methodologies (currently avalible only inside of Burp Suite).
[fuzzdb](https://github.com/fuzzdb-project/fuzzdb) | Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
### Source Code Analysis Tools
Name | Description
---- | ----
[RIPS](https://www.ripstech.com/) | PHP Security Analysis
[Retire.js](http://retirejs.github.io/retire.js/) | detecting the use of JavaScript libraries with known vulnerabilities
[Snyk](https://snyk.io/) | find & fix vulnerabilities in dependencies, supports various languages
[pyup](https://pyup.io/) | Automated Security and Dependency Updates
Reference in New Issue View Git Blame Copy Permalink