h4cker/new_tools.md
2019-04-25 22:17:20 +00:00

226 lines
38 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Latest Cool Tools
The following are a collection of recently-released pen test tools. I update this list every time that there is a new post and when I find a new one around the Internet. The rest of the repository has hundreds of additional cybersecurity and pen test tools.
----
- [NAXSI - An Open-Source, High Performance, Low Rules Maintenance WAF For NGINX](http://feedproxy.google.com/~r/PentestTools/~3/A8ZGsbVEM_o/naxsi-open-source-high-performance-low.html)
- [Raptor WAF v0.6 - Web Application Firewall using DFA](http://feedproxy.google.com/~r/PentestTools/~3/BA5LLiXZBVI/raptor-waf-v06-web-application-firewall.html)
- [FTPBruter - A FTP Server Brute Forcing Tool](http://feedproxy.google.com/~r/PentestTools/~3/hudxodR8GrU/ftpbruter-ftp-server-brute-forcing-tool.html)
- [Freddy - Automatically Identify Deserialisation Issues In Java And .NET Applications By Using Active And Passive Scans](http://feedproxy.google.com/~r/PentestTools/~3/9_sH_VhkADw/freddy-automatically-identify.html)
- [Findomain - A Tool That Use Certificate Transparency Logs To Find Subdomains](http://feedproxy.google.com/~r/PentestTools/~3/nZr4C2pqs0Q/findomain-tool-that-use-certificate.html)
- [Anevicon - A High-Performant UDP-based Load Generator](http://feedproxy.google.com/~r/PentestTools/~3/5XmXet0TlPs/anevicon-high-performant-udp-based-load.html)
- [Reverie - Automated Pentest Tools Designed For Parrot Linux](http://feedproxy.google.com/~r/PentestTools/~3/I5j5E3B9o2w/reverie-automated-pentest-tools.html)
- [EasySploit - Metasploit Automation (EASIER And FASTER Than EVER)](http://feedproxy.google.com/~r/PentestTools/~3/fAldiqcnlVY/easysploit-metasploit-automation-easier.html)
- [PyWhatCMS - Unofficial WhatCMS API Package](http://feedproxy.google.com/~r/PentestTools/~3/MipV-mhuXs0/pywhatcms-unofficial-whatcms-api-package.html)
- [Kubebot - A Security Testing Slackbot Built With A Kubernetes Backend On The Google Cloud Platform](http://feedproxy.google.com/~r/PentestTools/~3/9kvKVdDoeDg/kubebot-security-testing-slackbot-built.html)
- [drAFL - AFL + DynamoRIO = Fuzzing Binaries With No Source Code On Linux](http://feedproxy.google.com/~r/PentestTools/~3/hOVJOVPf6mg/drafl-afl-dynamorio-fuzzing-binaries.html)
- [Ttyd - Share Your Terminal Over The Web](http://feedproxy.google.com/~r/PentestTools/~3/bMyoKJQqRUI/ttyd-share-your-terminal-over-web.html)
- [mongoBuster - Hunt Open MongoDB Instances](http://feedproxy.google.com/~r/PentestTools/~3/SZ1n92RVaTc/mongobuster-hunt-open-mongodb-instances.html)
- [Parameth - This Tool Can Be Used To Brute Discover GET And POST Parameters](http://feedproxy.google.com/~r/PentestTools/~3/E2J6ATzXZjw/parameth-this-tool-can-be-used-to-brute.html)
- [EfiGuard - Disable PatchGuard And DSE At Boot Time](http://feedproxy.google.com/~r/PentestTools/~3/Er2ka-d-TW4/efiguard-disable-patchguard-and-dse-at.html)
- [fireELF - Fileless Linux Malware Framework](http://feedproxy.google.com/~r/PentestTools/~3/nkiWxHsqM50/fireelf-fileless-linux-malware-framework.html)
- [FLASHMINGO - Automatic Analysis Of SWF Files Based On Some Heuristics](http://feedproxy.google.com/~r/PentestTools/~3/ACw-482_MOc/flashmingo-automatic-analysis-of-swf.html)
- [Platypus - A Modern Multiple Reverse Shell Sessions Manager Written In Go](http://feedproxy.google.com/~r/PentestTools/~3/30pzbSTJjXw/platypus-modern-multiple-reverse-shell.html)
- [SilkETW - Flexible C# Wrapper For ETW (Event Tracing for Windows)](http://feedproxy.google.com/~r/PentestTools/~3/BJmvoNfqSg4/silketw-flexible-c-wrapper-for-etw.html)
- [Instantbox - Get A Clean, Ready-To-Go Linux Box In Seconds](http://feedproxy.google.com/~r/PentestTools/~3/fZlkpiyYgzM/instantbox-get-clean-ready-to-go-linux.html)
- [Pepe - Collect Information About Email Addresses From Pastebin](http://feedproxy.google.com/~r/PentestTools/~3/UWHcybSkf3A/pepe-collect-information-about-email.html)
- [W12Scan - A Simple Asset Discovery Engine For Cybersecurity](http://feedproxy.google.com/~r/PentestTools/~3/8ngOdmcdmkU/w12scan-simple-asset-discovery-engine.html)
- [Instainsane - Multi-threaded Instagram Brute Forcer](http://feedproxy.google.com/~r/PentestTools/~3/n2J8ihzAvxI/instainsane-multi-threaded-instagram.html)
- [Zeebsploit - Web Scanner / Exploitation / Information Gathering](http://feedproxy.google.com/~r/PentestTools/~3/9xaMRbIv1Dk/zeebsploit-web-scanner-exploitation.html)
- [TeleKiller - A Tool Session Hijacking And Stealer Local Passcode Telegram Windows](http://feedproxy.google.com/~r/PentestTools/~3/8Mcn9CeolB8/telekiller-tool-session-hijacking-and.html)
- [pwnedOrNot v1.1.7 - OSINT Tool To Find Passwords For Compromised Email Addresses](http://feedproxy.google.com/~r/PentestTools/~3/zMsIKFBaGtY/pwnedornot-v117-osint-tool-to-find.html)
- [0D1N v2.6 - Web Security Tool To Make Fuzzing At HTTP/S](http://feedproxy.google.com/~r/PentestTools/~3/ioYkysg8i6k/0d1n-v26-web-security-tool-to-make.html)
- [CredsLeaker v3 - Tool to Display A Powershell Credentials Box](http://feedproxy.google.com/~r/PentestTools/~3/9y08bFtnHNg/credsleaker-v3-tool-to-display.html)
- [GodOfWar - Malicious Java WAR Builder With Built-In Payloads](http://feedproxy.google.com/~r/PentestTools/~3/48DUIB_ttEQ/godofwar-malicious-java-war-builder.html)
- [XSStrike v3.1.4 - Most Advanced XSS Detection Suite](http://feedproxy.google.com/~r/PentestTools/~3/_ChCQ9dGpko/xsstrike-v314-most-advanced-xss.html)
- [Chkdfront - Check Domain Fronting](http://feedproxy.google.com/~r/PentestTools/~3/Ob0V8Rj5l6I/chkdfront-check-domain-fronting.html)
- [QRLJacker v2.0 - QRLJacking Exploitation Framework](http://feedproxy.google.com/~r/PentestTools/~3/juZIlVyrDiM/qrljacker-v20-qrljacking-exploitation.html)
- [Zeebsploit - Web Scanner / Exploitation / Information Gathering](http://feedproxy.google.com/~r/PentestTools/~3/RZKskKnsCFU/zeebsploit-web-scanner-exploitation_10.html)
- [Mysql-Magic - Dump Mysql Client Password From Memory](http://feedproxy.google.com/~r/PentestTools/~3/koY9c2YGnzc/mysql-magic-dump-mysql-client-password.html)
- [mXtract v1.2 - Memory Extractor & Analyzer](http://feedproxy.google.com/~r/PentestTools/~3/afNZNO7w4Xk/mxtract-v12-memory-extractor-analyzer.html)
- [DefectDojo v1.5.4 - Application Vulnerability Correlation And Security Orchestration Application](http://feedproxy.google.com/~r/PentestTools/~3/y_c8QTZckgk/defectdojo-v154-application.html)
- [Free Cynet Threat Assessment for Mid-sized and Large Organizations](http://feedproxy.google.com/~r/PentestTools/~3/nSnlxp2L5PU/free-cynet-threat-assessment-for-mid.html)
- [Beagle - An Incident Response And Digital Forensics Tool Which Transforms Security Logs And Data Into Graphs](http://feedproxy.google.com/~r/PentestTools/~3/cEy42c_u1ck/beagle-incident-response-and-digital.html)
- [ISF - Industrial Control System Exploitation Framework](http://feedproxy.google.com/~r/PentestTools/~3/oT_vl-DqvbE/isf-industrial-control-system.html)
- [Pocsuite3 - An Open-Sourced Remote Vulnerability Testing Framework](http://feedproxy.google.com/~r/PentestTools/~3/x6R6agm_yNE/pocsuite3-open-sourced-remote.html)
- [XanXSS - A Simple XSS Finding Tool](http://feedproxy.google.com/~r/PentestTools/~3/l-J2Alp5HZY/xanxss-simple-xss-finding-tool.html)
- [Pyrit - The Famous WPA Precomputed Cracker](http://feedproxy.google.com/~r/PentestTools/~3/V8MTVWRjf0k/pyrit-famous-wpa-precomputed-cracker.html)
- [Faraday v3.7 - Collaborative Penetration Test and Vulnerability Management Platform](http://feedproxy.google.com/~r/PentestTools/~3/oLcdNOwS8pg/faraday-v37-collaborative-penetration.html)
- [PowerShellArsenal - A PowerShell Module Dedicated To Reverse Engineering](http://feedproxy.google.com/~r/PentestTools/~3/dBmXp-b1EI0/powershellarsenal-powershell-module.html)
- [Darksplitz - Exploit Framework](http://feedproxy.google.com/~r/PentestTools/~3/i5XdO5H76m8/darksplitz-exploit-framework.html)
- [CHAOS Framework v3.0 - Generate Payloads And Control Remote Windows Systems](http://feedproxy.google.com/~r/PentestTools/~3/qSMqQNeFOgU/chaos-framework-v20-generate-payloads.html)
- [CHAOS Framework v2.0 - Generate Payloads And Control Remote Windows Systems](http://feedproxy.google.com/~r/PentestTools/~3/qSMqQNeFOgU/chaos-framework-v20-generate-payloads.html)
- [ISeeYou - Bash And Javascript Tool To Find The Exact Location Of The Users During Social Engineering Or Phishing Engagements](http://feedproxy.google.com/~r/PentestTools/~3/kBe1Xfh9iTc/iseeyou-bash-and-javascript-tool-to.html)
- [Instainsane - Multi-threaded Instagram Brute Forcer](http://feedproxy.google.com/~r/PentestTools/~3/n2J8ihzAvxI/instainsane-multi-threaded-instagram.html)
- [Evillimiter - Limits Bandwidth Of Devices On The Same Network](http://feedproxy.google.com/~r/PentestTools/~3/L71rmvqXuTY/evillimiter-limits-bandwidth-of-devices.html)
- [Osmedeus - Fully Automated Offensive Security Tool For Reconnaissance And Vulnerability Scanning](http://feedproxy.google.com/~r/PentestTools/~3/DCeXRDXo4J0/osmedeus-fully-automated-offensive.html)
- [Mimikatz v2.2.0 - A Post-Exploitation Tool to Extract Plaintexts Passwords, Hash, PIN Code from Memory](http://feedproxy.google.com/~r/PentestTools/~3/m-Z8svy5Mbg/mimikatz-v220-post-exploitation-tool-to.html)
- [Commando VM - The First of Its Kind Windows Offensive Distribution](http://feedproxy.google.com/~r/PentestTools/~3/7vdMiUOLgeU/commando-vm-first-of-its-kind-windows.html)
- [IDArling - Collaborative Reverse Engineering Plugin For IDA Pro & Hex-Rays](http://feedproxy.google.com/~r/PentestTools/~3/iENP1YvFAOE/idarling-collaborative-reverse.html)
- [Wireshark Cheatsheet](http://feedproxy.google.com/~r/PentestTools/~3/I1DdQx4THpA/wireshark-cheatsheet.html)
- [FFM (Freedom Fighting Mode) - Open Source Hacking Harness](http://feedproxy.google.com/~r/PentestTools/~3/0T8msrFGIbE/ffm-freedom-fighting-mode-open-source.html)
- [Just-Metadata - Tool That Gathers And Analyzes Metadata About IP Addresses](http://feedproxy.google.com/~r/PentestTools/~3/woImI_1gz9Y/just-metadata-tool-that-gathers-and.html)
- [phpMussel - PHP-based Anti-Virus Anti-Trojan Anti-Malware Solution](http://feedproxy.google.com/~r/PentestTools/~3/GyXiM5XXkzc/phpmussel-php-based-anti-virus-anti.html)
- [WinPwn - Automation For Internal Windows Penetrationtest](http://feedproxy.google.com/~r/PentestTools/~3/9lPHNu1cvU8/winpwn-automation-for-internal-windows.html)
- [Reconerator - C# Targeted Attack Reconnaissance Tools](http://feedproxy.google.com/~r/PentestTools/~3/ijyKtK7r7jk/reconerator-c-targeted-attack.html)
- [Mutiny Fuzzing Framework - Network Fuzzer That Operates By Replaying PCAPs Through A Mutational Fuzzer](http://feedproxy.google.com/~r/PentestTools/~3/2MWStTlswIE/mutiny-fuzzing-framework-network-fuzzer.html)
- [Flightsim - A Utility To Generate Malicious Network Traffic And Evaluate Controls](http://feedproxy.google.com/~r/PentestTools/~3/iP4qxku8k_8/flightsim-utility-to-generate-malicious.html)
- [LAPSToolkit - Tool To Audit And Attack LAPS Environments](http://feedproxy.google.com/~r/PentestTools/~3/0JNW5bf6UGc/lapstoolkit-tool-to-audit-and-attack.html)
- [Xori - An Automation-Ready Disassembly And Static Analysis Library For PE32, 32+ And Shellcode](http://feedproxy.google.com/~r/PentestTools/~3/4m8ecBSKkZc/xori-automation-ready-disassembly-and.html)
- [H2T - Scans A Website And Suggests Security Headers To Apply](http://feedproxy.google.com/~r/PentestTools/~3/LaZLa7zlv9k/h2t-scans-website-and-suggests-security.html)
- [Got-Responded - A Simple Tool To Detect NBT-NS And LLMNR Spoofing](http://feedproxy.google.com/~r/PentestTools/~3/JiuGZeJ1OoU/got-responded-simple-tool-to-detect-nbt.html)
- [WPScan v3.4.5 - Black Box WordPress Vulnerability Scanner](http://feedproxy.google.com/~r/PentestTools/~3/36ioKYj1ExE/wpscan-v345-black-box-wordpress.html)
- [Androwarn - Yet Another Static Code Analyzer For Malicious Android Applications](http://feedproxy.google.com/~r/PentestTools/~3/CXJc4Zacvso/androwarn-yet-another-static-code.html)
- [FIR - Fast Incident Response](http://feedproxy.google.com/~r/PentestTools/~3/ppBJPOSeiE4/fir-fast-incident-response.html)
- [Webtech - Identify Technologies Used On Websites](http://feedproxy.google.com/~r/PentestTools/~3/bguM2uPOwiU/webtech-identify-technologies-used-on.html)
- [Lynis 2.7.3 - Security Auditing Tool for Unix/Linux Systems](http://feedproxy.google.com/~r/PentestTools/~3/SfDf5sliFYA/lynis-273-security-auditing-tool-for.html)
- [SMS-Stack - Framework to provided TPC/IP based characteristics to the GSM Short Message Service](http://feedproxy.google.com/~r/PentestTools/~3/9hceL_jtpCY/sms-stack-framework-to-provided-tpcip.html)
- [Xerxes - DoS Tool Enhanced](http://feedproxy.google.com/~r/PentestTools/~3/FKQz_c3NmhA/xerxes-dos-tool-enhanced.html)
- [mXtract - Memory Extractor & Analyzer](http://feedproxy.google.com/~r/PentestTools/~3/klmJCxzlVRA/mxtract-memory-extractor-analyzer.html)
- [RapidRepoPull - Tool To Quickly Pull And Install Repos From A List](http://feedproxy.google.com/~r/PentestTools/~3/eSN79pCheoQ/rapidrepopull-tool-to-quickly-pull-and.html)
- [Goscan - Interactive Network Scanner](http://feedproxy.google.com/~r/PentestTools/~3/QvZdo-L3mC8/goscan-interactive-network-scanner.html)
- [Remot3d v2.0 - Tool Created For Large Pentesters As Well As Just For The Pleasure Of Defacers To Control Server By Backdoors](http://feedproxy.google.com/~r/PentestTools/~3/yLlm2OQbWtE/remot3d-v20-tool-created-for-large.html)
- [Dnsdmpstr - Unofficial API & Client For Dnsdumpster.Com And Hackertarget.Com](http://feedproxy.google.com/~r/PentestTools/~3/cJrHa_dhIkQ/dnsdmpstr-unofficial-api-client-for.html)
- [Freevulnsearch - Free And Open NMAP NSE Script To Query Vulnerabilities Via The cve-search.org API](http://feedproxy.google.com/~r/PentestTools/~3/hRdoLgffwbs/freevulnsearch-free-and-open-nmap-nse.html)
- [Armory - A Tool Meant To Take In A Lot Of External And Discovery Data From A Lot Of Tools, Add It To A Database And Correlate All Of Related Information](http://feedproxy.google.com/~r/PentestTools/~3/Dxhfc9Rx4sk/armory-tool-meant-to-take-in-lot-of.html)
- [DOGE - Darknet Osint Graph Explorer](http://feedproxy.google.com/~r/PentestTools/~3/Ugv1-a3xlrQ/doge-darknet-osint-graph-explorer.html)
- [Mad-Metasploit - Metasploit Custom Modules, Plugins & Resource Scripts](http://feedproxy.google.com/~r/PentestTools/~3/D8ExNN2Y8Rs/mad-metasploit-metasploit-custom.html)
- [Metaforge - An OSINT Metadata Analyzing Tool That Filters Through Tags And Creates Reports](http://feedproxy.google.com/~r/PentestTools/~3/sRAY17Dl5eQ/metaforge-osint-metadata-analyzing-tool.html)
- [Hashboy-Tool - A Hash Query Tool](http://feedproxy.google.com/~r/PentestTools/~3/WF_Ut4LqVas/hashboy-tool-hash-query-tool.html)
- [CarbonCopy - A Tool Which Creates A Spoofed Certificate Of Any Online Website And Signs An Executable For AV Evasion](http://feedproxy.google.com/~r/PentestTools/~3/696PzvX73MM/carboncopy-tool-which-creates-spoofed.html)
- [Karma - Search of Emails and Passwords on Pwndb](http://feedproxy.google.com/~r/PentestTools/~3/Z2_HhIVSkSU/karma-search-of-emails-and-passwords-on.html)
- [Arjun v1.3 - HTTP Parameter Discovery Suite](http://feedproxy.google.com/~r/PentestTools/~3/zWZXsOUSOfk/arjun-v13-http-parameter-discovery-suite.html)
- [SocialFish v2 - Educational Phishing Tool & Information Collector](http://feedproxy.google.com/~r/PentestTools/~3/UIciopFruGI/socialfish-v2-educational-phishing-tool.html)
- [DNS-Shell - An Interactive Shell Over DNS Channel](http://feedproxy.google.com/~r/PentestTools/~3/-RbwR0s6j4w/dns-shell-interactive-shell-over-dns.html)
- [Decker - Declarative Penetration Testing Orchestration Framework](http://feedproxy.google.com/~r/PentestTools/~3/v-JzhQO-i2Q/decker-declarative-penetration-testing.html)
- [PFQ - Functional Network Framework For Multi-Core Architectures](http://feedproxy.google.com/~r/PentestTools/~3/lHrferXOPnc/pfq-functional-network-framework-for.html)
- [Hostintel - A Modular Python Application To Collect Intelligence For Malicious Hosts](http://feedproxy.google.com/~r/PentestTools/~3/MPHA1vA45o0/hostintel-modular-python-application-to.html)
- [IoT-Home-Guard - A Tool For Malicious Behavior Detection In IoT Devices](http://feedproxy.google.com/~r/PentestTools/~3/00rK4kMhDhs/iot-home-guard-tool-for-malicious.html)
- [Acunetix Web Application Vulnerability Report 2019](http://feedproxy.google.com/~r/PentestTools/~3/pkuHKauhESU/acunetix-web-application-vulnerability.html)
- [Kage - Graphical User Interface For Metasploit Meterpreter And Session Handler](http://feedproxy.google.com/~r/PentestTools/~3/tRooyJ9gO2o/kage-graphical-user-interface-for.html)
- [rootOS - macOS Root Helper](http://feedproxy.google.com/~r/PentestTools/~3/DYTj2i_s_Hs/rootos-macos-root-helper.html)
- [Vuls - Vulnerability Scanner For Linux/FreeBSD, Agentless, Written In Go](http://feedproxy.google.com/~r/PentestTools/~3/LeiEkChMh4Y/vuls-vulnerability-scanner-for.html)
- [Reverse Shell Cheat Sheet](http://feedproxy.google.com/~r/PentestTools/~3/Ygxu7rgH7jo/reverse-shell-cheat-sheet.html)
- [AutoRDPwn v4.8 - The Shadow Attack Framework](http://feedproxy.google.com/~r/PentestTools/~3/jFXs4Lm9-_8/autordpwn-v48-shadow-attack-framework.html)
- [Cat-Nip - Automated Basic Pentest Tool (Designed For Kali Linux)](http://feedproxy.google.com/~r/PentestTools/~3/8By2_tKKSAQ/cat-nip-automated-basic-pentest-tool.html)
- [Goca Scanner - FOCA fork written in Go](http://feedproxy.google.com/~r/PentestTools/~3/fyg9c9PUyTc/goca-scanner-foca-fork-written-in-go.html)
- [Chomp Scan - A Scripted Pipeline Of Tools To Streamline The Bug Bounty/Penetration Test Reconnaissance Phase](http://feedproxy.google.com/~r/PentestTools/~3/tYTe2G8JkeM/chomp-scan-scripted-pipeline-of-tools.html)
- [Turbinia - Automation And Scaling Of Digital Forensics Tools](http://feedproxy.google.com/~r/PentestTools/~3/fVMVv8I43F4/turbinia-automation-and-scaling-of.html)
- [Ghidra - Software Reverse Engineering Framework](http://feedproxy.google.com/~r/PentestTools/~3/3UcCac0PJA4/ghidra-software-reverse-engineering.html)
- [Legion - An Easy-To-Use, Super-Extensible And Semi-Automated Network Penetration Testing Tool That Aids In Discovery, Reconnaissance And Exploitation Of Information Systems](http://feedproxy.google.com/~r/PentestTools/~3/jDSvXwEafjY/legion-easy-to-use-super-extensible-and.html)
- [Reload.sh - Reinstall, Restore And Wipe Your System Via SSH, Without Rebooting](http://feedproxy.google.com/~r/PentestTools/~3/FFaKm01Nscg/reloadsh-reinstall-restore-and-wipe.html)
- [UserLAnd - The Easiest Way To Run A Linux Distribution or Application on Android](http://feedproxy.google.com/~r/PentestTools/~3/Z6GCKCBT-sI/userland-easiest-way-to-run-linux.html)
- [Cuteit v0.2.1 - IP Obfuscator Made To Make A Malicious Ip A Bit Cuter](http://feedproxy.google.com/~r/PentestTools/~3/SmoBE9chyxU/cuteit-v021-ip-obfuscator-made-to-make.html)
- [Rpi-Hunter - Automate Discovering And Dropping Payloads On LAN Raspberry Pi's Via SSH](http://feedproxy.google.com/~r/PentestTools/~3/cPYvAMXfbJo/rpi-hunter-automate-discovering-and.html)
- [CMSeeK v1.1.1 - CMS Detection And Exploitation Suite (Scan WordPress, Joomla, Drupal And 150 Other CMSs)](http://feedproxy.google.com/~r/PentestTools/~3/8EDnhSxC2Hw/cmseek-v111-cms-detection-and.html)
- [Faraday v3.6 - Collaborative Penetration Test and Vulnerability Management Platform](http://feedproxy.google.com/~r/PentestTools/~3/xuC5gpNVqec/faraday-v36-collaborative-penetration.html)
- [Phantom Evasion - Python AV Evasion Tool Capable To Generate FUD Executable Even With The Most Common 32 Bit Metasploit Payload (Exe/Elf/Dmg/Apk)](http://feedproxy.google.com/~r/PentestTools/~3/u2lYO11vEuc/phantom-evasion-python-av-evasion-tool.html)
- [Strelka - Scanning Files At Scale With Python And ZeroMQ](http://feedproxy.google.com/~r/PentestTools/~3/J5e-Il60yXg/strelka-scanning-files-at-scale-with.html)
- [Imago Forensics - Imago Is A Python Tool That Extract Digital Evidences From Images](http://feedproxy.google.com/~r/PentestTools/~3/JzmwiCsLTtY/imago-forensics-imago-is-python-tool.html)
- [VSHG - Hardware resistance & enhanced security for GnuPG](http://feedproxy.google.com/~r/PentestTools/~3/6L_0uMuwloY/vshg-hardware-resistance-enhanced.html)
- [Angr - A Powerful And User-Friendly Binary Analysis Platform](http://feedproxy.google.com/~r/PentestTools/~3/d91K9L2OVN8/angr-powerful-and-user-friendly-binary.html)
- [Ntopng - Web-based Traffic And Security Network Traffic Monitoring](http://feedproxy.google.com/~r/PentestTools/~3/3TSYk971DW0/ntopng-web-based-traffic-and-security.html)
- [HT-WPS Breaker - High Touch WPS Breaker](http://feedproxy.google.com/~r/PentestTools/~3/ELDL0kdTbPo/ht-wps-breaker-high-touch-wps-breaker.html)
- [Ophcrack - A Windows Password Cracker Based On Rainbow Tables](http://feedproxy.google.com/~r/PentestTools/~3/24cbWRaWa8k/ophcrack-windows-password-cracker-based.html)
- [Metasploit Cheat Sheet](http://feedproxy.google.com/~r/PentestTools/~3/o__OH665w5U/metasploit-cheat-sheet.html)
- [SALT - SLUB ALlocator Tracer For The Linux Kernel](http://feedproxy.google.com/~r/PentestTools/~3/841MbWBL0_8/salt-slub-allocator-tracer-for-linux.html)
- [Command Injection Payload List](http://feedproxy.google.com/~r/PentestTools/~3/YXW6UlJA36g/command-injection-payload-list.html)
- [Reko - A General Purpose Binary Decompiler](http://feedproxy.google.com/~r/PentestTools/~3/nwLk-LG8bbo/reko-general-purpose-binary-decompiler.html)
- [Iptables Essentials - Common Firewall Rules And Commands](http://feedproxy.google.com/~r/PentestTools/~3/QxQzNFl9P6o/iptables-essentials-common-firewall.html)
- [HexRaysCodeXplorer - Hex-Rays Decompiler Plugin For Better Code Navigation](http://feedproxy.google.com/~r/PentestTools/~3/nViFOGTghjU/hexrayscodexplorer-hex-rays-decompiler.html)
- [PHP Security Check List](http://feedproxy.google.com/~r/PentestTools/~3/Fz-b3ysARp4/php-security-check-list.html)
- [OSFClone - Open Source Utility To Create And Clone Forensic Disk Images](http://feedproxy.google.com/~r/PentestTools/~3/MtkDht4BEQY/osfclone-open-source-utility-to-create.html)
- [Cheat Engine - A Development Environment Focused On Modding](http://feedproxy.google.com/~r/PentestTools/~3/hmyT4ewgMO8/cheat-engine-development-environment.html)
- [BeEF - The Browser Exploitation Framework Project](http://feedproxy.google.com/~r/PentestTools/~3/W1UXPoIIVbg/beef-browser-exploitation-framework.html)
- [Eraser - Secure Erase Files from Hard Drives on Windows](http://feedproxy.google.com/~r/PentestTools/~3/94Y32zmk1ws/eraser-secure-erase-files-from-hard.html)
- [SecLists - A Collection Of Multiple Types Of Lists Used During Security Assessments, Collected In One Place (Usernames, Passwords, URLs, Sensitive Data Patterns, Fuzzing Payloads, Web Shells, And Many More)](http://feedproxy.google.com/~r/PentestTools/~3/oN0YzDUFStg/seclists-collection-of-multiple-types.html)
- [GameGuardian - Android Game Hack/Alteration Tool](http://feedproxy.google.com/~r/PentestTools/~3/6ReYL4igg7Q/gameguardian-android-game.html)
- [OSINT-SPY - Search using OSINT (Open Source Intelligence)](http://feedproxy.google.com/~r/PentestTools/~3/-x63Tn8Ij2w/osint-spy-search-using-osint-open.html)
- [Maltego CE - An Interactive Data Mining Tool That Renders Directed Graphs For Link Analysis](http://feedproxy.google.com/~r/PentestTools/~3/up3tM_gz8JE/maltego-ce-interactive-data-mining-tool.html)
- [BoNeSi - The DDoS Botnet Simulator](http://feedproxy.google.com/~r/PentestTools/~3/C0CY4Q1tSyk/bonesi-ddos-botnet-simulator.html)
- [HoneyPy - A Low To Medium Interaction Honeypot](http://feedproxy.google.com/~r/PentestTools/~3/Tb-oc6uz-nw/honeypy-low-to-medium-interaction.html)
- [Egress-Assess - Tool Used To Test Egress Data Detection Capabilities](http://feedproxy.google.com/~r/PentestTools/~3/rKdOLuFB10w/egress-assess-tool-used-to-test-egress.html)
- [Fibratus - Tool For Exploration And Tracing Of The Windows Kernel](http://feedproxy.google.com/~r/PentestTools/~3/_sRsUUcl2vU/fibratus-tool-for-exploration-and.html)
- [TROMMEL - Sift Through Embedded Device Files To Identify Potential Vulnerable Indicators](http://feedproxy.google.com/~r/PentestTools/~3/UW_LBgpwYX4/trommel-sift-through-embedded-device.html)
- [DCOMrade - Powershell Script For Enumerating Vulnerable DCOM Applications](http://feedproxy.google.com/~r/PentestTools/~3/xaHJPu0lHk0/dcomrade-powershell-script-for.html)
- [Ponce - IDA Plugin For Symbolic Execution Just One-Click Away!](http://feedproxy.google.com/~r/PentestTools/~3/rD4UX2khHlQ/ponce-ida-plugin-for-symbolic-execution.html)
- [Kaboom - Automatic Pentest](http://feedproxy.google.com/~r/PentestTools/~3/dpBcPFYIccU/kaboom-automatic-pentest.html)
- [SSRFmap - Automatic SSRF Fuzzer And Exploitation Tool](http://feedproxy.google.com/~r/PentestTools/~3/sNJOEPAhpEU/ssrfmap-automatic-ssrf-fuzzer-and.html)
- [Pompem - Exploit and Vulnerability Finder](http://feedproxy.google.com/~r/PentestTools/~3/_sGYDk1y8f4/pompem-exploit-and-vulnerability-finder.html)
- [Lazygit - Simple Terminal UI For Git Commands](http://feedproxy.google.com/~r/PentestTools/~3/rs7BxUhTWmY/lazygit-simple-terminal-ui-for-git.html)
- [Up (Ultimate Plumber) - Tool For Writing Linux Pipes With Instant Live Preview](http://feedproxy.google.com/~r/PentestTools/~3/lQ3o3CxxgNU/up-ultimate-plumber-tool-for-writing.html)
- [CDF - Crypto Differential Fuzzing](http://feedproxy.google.com/~r/PentestTools/~3/QWrOPl4RtZg/cdf-crypto-differential-fuzzing.html)
- [Justniffer - Network TCP Packet Sniffer](http://feedproxy.google.com/~r/PentestTools/~3/ZeOTT8XrMaE/justniffer-network-tcp-packet-sniffer.html)
- [UEFI Firmware Parser - Parse BIOS/Intel ME/UEFI Firmware Related Structures: Volumes, FileSystems, Files, Etc](http://feedproxy.google.com/~r/PentestTools/~3/vrw7ce1SeJ0/uefi-firmware-parser-parse-biosintel.html)
- [PF_RING - High-Speed Packet Capture, Filtering And Analysis](http://feedproxy.google.com/~r/PentestTools/~3/JHNjKGg4NWI/pfring-high-speed-packet-capture.html)
- [Pftriage - Python Tool And Library To Help Analyze Files During Malware Triage And Analysis](http://feedproxy.google.com/~r/PentestTools/~3/ZjjYohz9GbE/pftriage-python-tool-and-library-to.html)
- [nDPI - Open Source Deep Packet Inspection Software Toolkit](http://feedproxy.google.com/~r/PentestTools/~3/Ehj6aq0lpFg/ndpi-open-source-deep-packet-inspection.html)
- [Hontel - Telnet Honeypot](http://feedproxy.google.com/~r/PentestTools/~3/7Qv62zGn_mo/hontel-telnet-honeypot.html)
- [Volatility Workbench - A GUI For Volatility Memory Forensics](http://feedproxy.google.com/~r/PentestTools/~3/OzWarBRi5YU/volatility-workbench-gui-for-volatility.html)
- [HTTrack Website Copier - Web Crawler And Offline Browser](http://feedproxy.google.com/~r/PentestTools/~3/-iUl75kJzG4/httrack-website-copier-web-crawler-and.html)
- [OSFMount - Mount Disk Images & Create RAM Drives](http://feedproxy.google.com/~r/PentestTools/~3/b1UlY7C2tko/osfmount-mount-disk-images-create-ram.html)
- [Process Hacker - A Free, Powerful, Multi-Purpose Tool That Helps You Monitor System Resources, Debug Software And Detect Malware](http://feedproxy.google.com/~r/PentestTools/~3/nL_bfHHeQgA/process-hacker-free-powerful-multi.html)
- [CANalyzat0r - Security Analysis Toolkit For Proprietary Car Protocols](http://feedproxy.google.com/~r/PentestTools/~3/KPeA8qxDNEk/canalyzat0r-security-analysis-toolkit.html)
- [DFIRTrack - The Incident Response Tracking Application](http://feedproxy.google.com/~r/PentestTools/~3/vHFBZOQWsMA/dfirtrack-incident-response-tracking.html)
- [Goscan - Interactive Network Scanner](http://feedproxy.google.com/~r/PentestTools/~3/uz1Ra9_76sE/goscan-interactive-network-scanner.html)
- [RedELK - Easy Deployable Tool For Red Teams Used For Tracking And Alarming About Blue Team Activities As Well As Better Usability In Long Term Operations](http://feedproxy.google.com/~r/PentestTools/~3/v3TIGlliuHU/redelk-easy-deployable-tool-for-red.html)
- [Fnord - Pattern Extractor For Obfuscated Code](http://feedproxy.google.com/~r/PentestTools/~3/kM2-_TEV7fY/fnord-pattern-extractor-for-obfuscated.html)
- [Bincat - Binary Code Static Analyser, With IDA Integration](http://feedproxy.google.com/~r/PentestTools/~3/M4xJHHI1nlw/bincat-binary-code-static-analyser-with.html)
- [Bscan - An Asynchronous Target Enumeration Tool](http://feedproxy.google.com/~r/PentestTools/~3/nmAEkhGVeYk/bscan-asynchronous-target-enumeration.html)
- [Modlishka - An Open Source Phishing Tool With 2FA Authentication](http://feedproxy.google.com/~r/PentestTools/~3/Z2CV9SS3UmA/modlishka-open-source-phishing-tool.html)
- [Fwknop - Single Packet Authorization & Port Knocking](http://feedproxy.google.com/~r/PentestTools/~3/Ty69-sAkBMw/fwknop-single-packet-authorization-port.html)
- [Netsniff-Ng - A Swiss Army Knife For Your Daily Linux Network Plumbing](http://feedproxy.google.com/~r/PentestTools/~3/i86oZPByzMQ/netsniff-ng-swiss-army-knife-for-your.html)
- [Electronegativity - Tool To Identify Misconfigurations And Security Anti-Patterns In Electron Applications](http://feedproxy.google.com/~r/PentestTools/~3/zp7KJ0Mg0-A/electronegativity-tool-to-identify.html)
- [LOLBAS - Living Off The Land Binaries And Scripts (LOLBins And LOLScripts)](http://feedproxy.google.com/~r/PentestTools/~3/jRBNy3dl0p4/lolbas-living-off-land-binaries-and.html)
- [XIP - Tool To Generate A List Of IP Addresses By Applying A Set Of Transformations Used To Bypass Security Measures E.G. Blacklist Filtering, WAF, Etc.](http://feedproxy.google.com/~r/PentestTools/~3/7I5CFPFXxWo/xip-tool-to-generate-list-of-ip.html)
- [Stenographer - A Packet Capture Solution Which Aims To Quickly Spool All Packets To Disk, Then Provide Simple, Fast Access To Subsets Of Those Packets](http://feedproxy.google.com/~r/PentestTools/~3/jbklI8CeJpA/stenographer-packet-capture-solution.html)
- [Fierce - Semi-Lightweight Scanner That Helps Locate Non-Contiguous IP Space And Hostnames Against Specified Domains](http://feedproxy.google.com/~r/PentestTools/~3/X8Fc7tY8OFI/fierce-semi-lightweight-scanner-that.html)
- [Bolt - CSRF Scanning Suite](http://feedproxy.google.com/~r/PentestTools/~3/vu2sbgER-jY/bolt-csrf-scanning-suite.html)
- [Pwndb - Search For Creadentials Leaked On Pwndb](http://feedproxy.google.com/~r/PentestTools/~3/StIgYaSXjQ8/pwndb-search-for-creadentials-leaked-on.html)
- [Pown Recon - A Powerful Target Reconnaissance Framework Powered By Graph Theory](http://feedproxy.google.com/~r/PentestTools/~3/P1jfEtHTWpY/pown-recon-powerful-target.html)
- [Uncle Spufus - A Tool That Automates Mac Address Spoofing](http://feedproxy.google.com/~r/PentestTools/~3/MtP954n5vhQ/uncle-spufus-tool-that-automates-mac.html)
- [CIRTKit - Tools For The Computer Incident Response Team](http://feedproxy.google.com/~r/PentestTools/~3/w0zubUkg6ms/cirtkit-tools-for-computer-incident.html)
- [ADAPT - Tool That Performs Automated Penetration Testing For WebApps](http://feedproxy.google.com/~r/PentestTools/~3/c3ObjGg1ce8/adapt-tool-that-performs-automated.html)
- [Scanner-Cli - A Project Security/Vulnerability/Risk Scanning Tool](http://feedproxy.google.com/~r/PentestTools/~3/JoL8_BBnrhQ/scanner-cli-project-securityvulnerabili.html)
- [Sn0Int - Semi-automatic OSINT Framework And Package Manager](http://feedproxy.google.com/~r/PentestTools/~3/K08LwvEQi2o/sn0int-semi-automatic-osint-framework.html)
- [FTW - Framework For Testing WAFs](http://feedproxy.google.com/~r/PentestTools/~3/vosO_nniiiI/ftw-framework-for-testing-wafs.html)
- [identYwaf - Blind WAF Identification Tool](http://feedproxy.google.com/~r/PentestTools/~3/UgxDsRiPrIY/identywaf-blind-waf-identification-tool.html)
- [Sh00T - A Testing Environment for Manual Security Testers](http://feedproxy.google.com/~r/PentestTools/~3/9c76MO4aIn0/sh00t-testing-environment-for-manual.html)
- [WiGLE - Wifi Wardriving (Nethugging Client For Android)](http://feedproxy.google.com/~r/PentestTools/~3/gDQEZOV06DY/wigle-wifi-wardriving-nethugging-client.html)
- [LeakLooker - Find Open Databases With Shodan](http://feedproxy.google.com/~r/PentestTools/~3/IenFsQWmHbY/leaklooker-find-open-databases-with.html)
- [SecureTea Project - The Purpose Of This Application Is To Warn The User (Via Various Communication Mechanisms) Whenever Their Laptop Accessed](http://feedproxy.google.com/~r/PentestTools/~3/BUlZL0iZhGQ/securetea-project-purpose-of-this.html)
- [ProcDump - A Linux Version Of The ProcDump Sysinternals Tool](http://feedproxy.google.com/~r/PentestTools/~3/tkcqiIG2iUQ/procdump-linux-version-of-procdump.html)
- [Parrot Security 4.5 - Security GNU/Linux Distribution Designed with Cloud Pentesting and IoT Security in Mind](http://feedproxy.google.com/~r/PentestTools/~3/xXnhQTKJewU/parrot-security-45-security-gnulinux.html)
- [Jok3R - Network And Web Pentest Framework](http://feedproxy.google.com/~r/PentestTools/~3/dhiTfm3fEdk/jok3r-network-and-web-pentest-framework.html)
- [Beebug - A Tool For Checking Exploitability](http://feedproxy.google.com/~r/PentestTools/~3/lAJoFUTmlNs/beebug-tool-for-checking-exploitability.html)
- [Conpot - An Open Industrial Control Honeypot](http://feedproxy.google.com/~r/PentestTools/~3/Khos5GRsxrw/conpot-open-industrial-control-honeypot.html)
- [WPintel - Chrome Extension Designed For WordPress Vulnerability Scanning And Information Gathering](http://feedproxy.google.com/~r/PentestTools/~3/NYfoNh5N9zM/wpintel-chrome-extension-designed-for.html)
- [Malice - VirusTotal Wanna Be (Now With 100% More Hipster)](http://feedproxy.google.com/~r/PentestTools/~3/MYaRxSE3IIE/malice-virustotal-wanna-be-now-with-100.html)
- [Htcap - A Web Application Scanner Able To Crawl Single Page Application (SPA) In A Recursive Manner By Intercepting Ajax Calls And DOM Changes](http://feedproxy.google.com/~r/PentestTools/~3/aJgXuqnKFus/htcap-web-application-scanner-able-to.html)
- [Remot3d - An Simple Exploit for PHP Language](http://feedproxy.google.com/~r/PentestTools/~3/MfRDXGlJowM/remot3d-simple-exploit-for-php-language.html)
- [Tyton - Linux Kernel-Mode Rootkit Hunter for 4.4.0-31+](http://feedproxy.google.com/~r/PentestTools/~3/-SpNjyLloZM/tyton-linux-kernel-mode-rootkit-hunter.html)
- [Crashcast-Exploit - This Tool Allows You Mass Play Any YouTube Video With Chromecasts Obtained From Shodan.io](http://feedproxy.google.com/~r/PentestTools/~3/xeXSGXnN_xA/crashcast-exploit-this-tool-allows-you.html)
- [Tool-X - A Kali Linux Hacking Tool Installer](http://feedproxy.google.com/~r/PentestTools/~3/JqzGZm7j4JQ/tool-x-kali-linux-hacking-tool-installer.html)
- [SQLMap v1.3 - Automatic SQL Injection And Database Takeover Tool](http://feedproxy.google.com/~r/PentestTools/~3/RNZTk3qTooc/sqlmap-v13-automatic-sql-injection-and.html)
- [Stretcher - Tool Designed To Help Identify Open Elasticsearch Servers That Are Exposing Sensitive Information](http://feedproxy.google.com/~r/PentestTools/~3/PdXu9zuRDIg/stretcher-tool-designed-to-help.html)
- [Aztarna - A Footprinting Tool For Robots](http://feedproxy.google.com/~r/PentestTools/~3/Q9CYfShlqRA/aztarna-footprinting-tool-for-robots.html)
- [Hediye - Hash Generator & Cracker Online Offline](http://feedproxy.google.com/~r/PentestTools/~3/p0oO5qBUFoI/hediye-hash-generator-cracker-online.html)
- [Killcast - Manipulate Chromecast Devices In Your Network](http://feedproxy.google.com/~r/PentestTools/~3/rMCHdNb3sTI/killcast-manipulate-chromecast-devices.html)
- [bypass-firewalls-by-DNS-history - Firewall Bypass Script Based On DNS History Records](http://feedproxy.google.com/~r/PentestTools/~3/4GvtphGIZmM/bypass-firewalls-by-dns-history.html)
- [WiFi-Pumpkin v0.8.7 - Framework for Rogue Wi-Fi Access Point Attack](http://feedproxy.google.com/~r/PentestTools/~3/HogR4BTI3tM/wifi-pumpkin-v087-framework-for-rogue.html)
- [H8Mail - Email OSINT And Password Breach Hunting](http://feedproxy.google.com/~r/PentestTools/~3/u6x3-7n6oMI/h8mail-email-osint-and-password-breach.html)
- [Kube-Hunter - Hunt For Security Weaknesses In Kubernetes Clusters](http://feedproxy.google.com/~r/PentestTools/~3/Dr1bT8peAAc/kube-hunter-hunt-for-security.html)
- [Metasploit 5.0 - The Worlds Most Used Penetration Testing Framework](http://feedproxy.google.com/~r/PentestTools/~3/WdwaF60VaxA/metasploit-50-worlds-most-used.html)
- [Interlace - Easily Turn Single Threaded Command Line Applications Into Fast, Multi Threaded Ones With CIDR And Glob Support](http://feedproxy.google.com/~r/PentestTools/~3/WogS-qr4dno/interlace-easily-turn-single-threaded.html)
- [Twifo-Cli - Get User Information Of A Twitter User](http://feedproxy.google.com/~r/PentestTools/~3/Sbc3gunRkBE/twifo-cli-get-user-information-of.html)
- [Sitadel - Web Application Security Scanner](http://feedproxy.google.com/~r/PentestTools/~3/zfPWuXefLsw/sitadel-web-application-security-scanner.html)
- [Pe-Sieve - Recognizes And Dumps A Variety Of Potentially Malicious Implants (Replaced/Injected PEs, Shellcodes, Hooks, In-Memory Patches)](http://feedproxy.google.com/~r/PentestTools/~3/MV1mlXFmkpg/pe-sieve-recognizes-and-dumps-variety.html)
- [Malboxes - Builds Malware Analysis Windows VMs So That You Don'T Have To](http://feedproxy.google.com/~r/PentestTools/~3/sZXmRx1pB7E/malboxes-builds-malware-analysis.html)
- [Snyk - CLI And Build-Time Tool To Find & Fix Known Vulnerabilities In Open-Source Dependencies](http://feedproxy.google.com/~r/PentestTools/~3/elMWRHLI054/snyk-cli-and-build-time-tool-to-find.html)
- [Shed - .NET Runtime Inspector](http://feedproxy.google.com/~r/PentestTools/~3/byWGTLrRRMA/shed-net-runtime-inspector.html)
- [Stardox - Github Stargazers Information Gathering Tool](http://feedproxy.google.com/~r/PentestTools/~3/kAWqztoZ97E/stardox-github-stargazers-information.html)
- [Commix v2.7 - Automated All-in-One OS Command Injection And Exploitation Tool](http://feedproxy.google.com/~r/PentestTools/~3/mjOk7rQhp2Y/commix-v27-automated-all-in-one-os.html)
- [AutoSploit v3.0 - Automated Mass Exploiter](http://feedproxy.google.com/~r/PentestTools/~3/nDoUfG2uHQg/autosploit-v30-automated-mass-exploiter.html)
- [Faraday v3.5 - Collaborative Penetration Test and Vulnerability Management Platform](http://feedproxy.google.com/~r/PentestTools/~3/Fq1vFkcIIFI/faraday-v35-collaborative-penetration.html)
- [Recaf - A Modern Java Bytecode Editor](http://feedproxy.google.com/~r/PentestTools/~3/mAzq3GzpHIg/recaf-modern-java-bytecode-editor.html)
- [dnSpy - .NET Debugger And Assembly Editor](http://feedproxy.google.com/~r/PentestTools/~3/JZaPW594CQE/dnspy-net-debugger-and-assembly-editor.html)