mirror of
https://github.com/The-Art-of-Hacking/h4cker.git
synced 2024-12-23 05:16:09 +00:00
18 KiB
18 KiB
Latest Cool Tools
The following are a collection of recently-released pen test tools. I update this list every time that there is a new post and when I find a new one around the Internet. The rest of the repository has hundreds of additional cybersecurity and pen test tools.
- HT-WPS Breaker - High Touch WPS Breaker
- Ophcrack - A Windows Password Cracker Based On Rainbow Tables
- Metasploit Cheat Sheet
- SALT - SLUB ALlocator Tracer For The Linux Kernel
- Command Injection Payload List
- Reko - A General Purpose Binary Decompiler
- Iptables Essentials - Common Firewall Rules And Commands
- HexRaysCodeXplorer - Hex-Rays Decompiler Plugin For Better Code Navigation
- PHP Security Check List
- OSFClone - Open Source Utility To Create And Clone Forensic Disk Images
- Cheat Engine - A Development Environment Focused On Modding
- BeEF - The Browser Exploitation Framework Project
- Eraser - Secure Erase Files from Hard Drives on Windows
- SecLists - A Collection Of Multiple Types Of Lists Used During Security Assessments, Collected In One Place (Usernames, Passwords, URLs, Sensitive Data Patterns, Fuzzing Payloads, Web Shells, And Many More)
- GameGuardian - Android Game Hack/Alteration Tool
- OSINT-SPY - Search using OSINT (Open Source Intelligence)
- Maltego CE - An Interactive Data Mining Tool That Renders Directed Graphs For Link Analysis
- BoNeSi - The DDoS Botnet Simulator
- HoneyPy - A Low To Medium Interaction Honeypot
- Egress-Assess - Tool Used To Test Egress Data Detection Capabilities
- Fibratus - Tool For Exploration And Tracing Of The Windows Kernel
- TROMMEL - Sift Through Embedded Device Files To Identify Potential Vulnerable Indicators
- DCOMrade - Powershell Script For Enumerating Vulnerable DCOM Applications
- Ponce - IDA Plugin For Symbolic Execution Just One-Click Away!
- Kaboom - Automatic Pentest
- SSRFmap - Automatic SSRF Fuzzer And Exploitation Tool
- Pompem - Exploit and Vulnerability Finder
- Lazygit - Simple Terminal UI For Git Commands
- Up (Ultimate Plumber) - Tool For Writing Linux Pipes With Instant Live Preview
- CDF - Crypto Differential Fuzzing
- Justniffer - Network TCP Packet Sniffer
- UEFI Firmware Parser - Parse BIOS/Intel ME/UEFI Firmware Related Structures: Volumes, FileSystems, Files, Etc
- PF_RING - High-Speed Packet Capture, Filtering And Analysis
- Pftriage - Python Tool And Library To Help Analyze Files During Malware Triage And Analysis
- nDPI - Open Source Deep Packet Inspection Software Toolkit
- Hontel - Telnet Honeypot
- Volatility Workbench - A GUI For Volatility Memory Forensics
- HTTrack Website Copier - Web Crawler And Offline Browser
- OSFMount - Mount Disk Images & Create RAM Drives
- Process Hacker - A Free, Powerful, Multi-Purpose Tool That Helps You Monitor System Resources, Debug Software And Detect Malware
- CANalyzat0r - Security Analysis Toolkit For Proprietary Car Protocols
- DFIRTrack - The Incident Response Tracking Application
- Goscan - Interactive Network Scanner
- RedELK - Easy Deployable Tool For Red Teams Used For Tracking And Alarming About Blue Team Activities As Well As Better Usability In Long Term Operations
- Fnord - Pattern Extractor For Obfuscated Code
- Bincat - Binary Code Static Analyser, With IDA Integration
- Bscan - An Asynchronous Target Enumeration Tool
- Modlishka - An Open Source Phishing Tool With 2FA Authentication
- Fwknop - Single Packet Authorization & Port Knocking
- Netsniff-Ng - A Swiss Army Knife For Your Daily Linux Network Plumbing
- Electronegativity - Tool To Identify Misconfigurations And Security Anti-Patterns In Electron Applications
- LOLBAS - Living Off The Land Binaries And Scripts (LOLBins And LOLScripts)
- XIP - Tool To Generate A List Of IP Addresses By Applying A Set Of Transformations Used To Bypass Security Measures E.G. Blacklist Filtering, WAF, Etc.
- Stenographer - A Packet Capture Solution Which Aims To Quickly Spool All Packets To Disk, Then Provide Simple, Fast Access To Subsets Of Those Packets
- Fierce - Semi-Lightweight Scanner That Helps Locate Non-Contiguous IP Space And Hostnames Against Specified Domains
- Bolt - CSRF Scanning Suite
- Pwndb - Search For Creadentials Leaked On Pwndb
- Pown Recon - A Powerful Target Reconnaissance Framework Powered By Graph Theory
- Uncle Spufus - A Tool That Automates Mac Address Spoofing
- CIRTKit - Tools For The Computer Incident Response Team
- ADAPT - Tool That Performs Automated Penetration Testing For WebApps
- Scanner-Cli - A Project Security/Vulnerability/Risk Scanning Tool
- Sn0Int - Semi-automatic OSINT Framework And Package Manager
- FTW - Framework For Testing WAFs
- identYwaf - Blind WAF Identification Tool
- Sh00T - A Testing Environment for Manual Security Testers
- WiGLE - Wifi Wardriving (Nethugging Client For Android)
- LeakLooker - Find Open Databases With Shodan
- SecureTea Project - The Purpose Of This Application Is To Warn The User (Via Various Communication Mechanisms) Whenever Their Laptop Accessed
- ProcDump - A Linux Version Of The ProcDump Sysinternals Tool
- Parrot Security 4.5 - Security GNU/Linux Distribution Designed with Cloud Pentesting and IoT Security in Mind
- Jok3R - Network And Web Pentest Framework
- Beebug - A Tool For Checking Exploitability
- Conpot - An Open Industrial Control Honeypot
- WPintel - Chrome Extension Designed For WordPress Vulnerability Scanning And Information Gathering
- Malice - VirusTotal Wanna Be (Now With 100% More Hipster)
- Htcap - A Web Application Scanner Able To Crawl Single Page Application (SPA) In A Recursive Manner By Intercepting Ajax Calls And DOM Changes
- Remot3d - An Simple Exploit for PHP Language
- Tyton - Linux Kernel-Mode Rootkit Hunter for 4.4.0-31+
- Crashcast-Exploit - This Tool Allows You Mass Play Any YouTube Video With Chromecasts Obtained From Shodan.io
- Tool-X - A Kali Linux Hacking Tool Installer
- SQLMap v1.3 - Automatic SQL Injection And Database Takeover Tool
- Stretcher - Tool Designed To Help Identify Open Elasticsearch Servers That Are Exposing Sensitive Information
- Aztarna - A Footprinting Tool For Robots
- Hediye - Hash Generator & Cracker Online Offline
- Killcast - Manipulate Chromecast Devices In Your Network
- bypass-firewalls-by-DNS-history - Firewall Bypass Script Based On DNS History Records
- WiFi-Pumpkin v0.8.7 - Framework for Rogue Wi-Fi Access Point Attack
- H8Mail - Email OSINT And Password Breach Hunting
- Kube-Hunter - Hunt For Security Weaknesses In Kubernetes Clusters
- Metasploit 5.0 - The World’s Most Used Penetration Testing Framework
- Interlace - Easily Turn Single Threaded Command Line Applications Into Fast, Multi Threaded Ones With CIDR And Glob Support
- Twifo-Cli - Get User Information Of A Twitter User
- Sitadel - Web Application Security Scanner
- Pe-Sieve - Recognizes And Dumps A Variety Of Potentially Malicious Implants (Replaced/Injected PEs, Shellcodes, Hooks, In-Memory Patches)
- Malboxes - Builds Malware Analysis Windows VMs So That You Don'T Have To
- Snyk - CLI And Build-Time Tool To Find & Fix Known Vulnerabilities In Open-Source Dependencies
- Shed - .NET Runtime Inspector
- Stardox - Github Stargazers Information Gathering Tool
- Commix v2.7 - Automated All-in-One OS Command Injection And Exploitation Tool
- AutoSploit v3.0 - Automated Mass Exploiter
- Faraday v3.5 - Collaborative Penetration Test and Vulnerability Management Platform
- Recaf - A Modern Java Bytecode Editor
- dnSpy - .NET Debugger And Assembly Editor