diff --git a/README.md b/README.md index 811017e..61e8ebb 100644 --- a/README.md +++ b/README.md @@ -46,6 +46,12 @@ - they miss and cry for **[Slackware](http://www.slackware.com/)** on production - they love the old admin nix-world +## What is this list? + +This list is a collection of various materials that I use every day in my work. It contain a lot of useful information gathered in one piece. It is intended for everyone and anyone who is or wants to become a Ninja Admin (and not only). + +This is not a final and full version - I update it on an ongoing basis. + ## :ballot_box_with_check: Todo - [ ] Add useful shell functions @@ -88,7 +94,11 @@ for transferring data with URLs.
  :small_orange_diamond: tshark - dump and analyze network traffic (wireshark cli).
  :small_orange_diamond: fierce - a DNS reconnaissance tool for locating non-contiguous IP space.
  :small_orange_diamond: sublist3r - fast subdomains enumeration tool for penetration testers.
+  :small_orange_diamond: amass - the OWASP tool obtains subdomain names by scraping data sources, recursive brute forcing, crawling web archives and more.
  :small_orange_diamond: Nemesis - packet manipulation CLI tool; craft and inject packets of several protocols.
+  :small_orange_diamond: packetfu - a mid-level packet manipulation library for Ruby.
+  :small_orange_diamond: Scapy - packet manipulation library; forge, send, decode, capture packets of a wide number of protocols.
+  :small_orange_diamond: Nipe - script to make Tor Network your default gateway.

##### :black_small_square: SSL @@ -104,6 +114,7 @@ for transferring data with URLs.

  :small_orange_diamond: lynis - battle-tested security tool for systems running Linux, macOS, or Unix-based operating system.
+  :small_orange_diamond: LinEnum - scripted Local Linux Enumeration & Privilege Escalation Checks.

##### :black_small_square: System Diagnostics/Debuggers @@ -131,6 +142,16 @@ for transferring data with URLs.
  :small_orange_diamond: mycli - terminal client for MySQL with autocompletion and syntax highlighting.

+##### :black_small_square: Pentesting + +

+  :small_orange_diamond: Metasploit - tool and framework for pentesting system, web and many more, contains a lot a ready to use exploit.
+  :small_orange_diamond: Burp Suite - tool for testing Web application security, intercepting proxy to replay, inject, scan and fuzz HTTP requests.
+  :small_orange_diamond: OWASP Zed Attack Proxy - intercepting proxy to replay, inject, scan and fuzz HTTP requests.
+  :small_orange_diamond: Nikto2 - web server scanner which performs comprehensive tests against web servers for multiple items.
+  :small_orange_diamond: sqlmap - tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.
+

+ #### Web Tools ##### :black_small_square: SSL @@ -237,11 +258,12 @@ performance of any of your sites from across the globe.
  :small_orange_diamond: The Bash Hackers Wiki - hold documentation of any kind about GNU Bash.

-##### :black_small_square: Unix tutorials +##### :black_small_square: Unix & Network

  :small_orange_diamond: nixCraft - linux and unix tutorials for new and seasoned sysadmin.
  :small_orange_diamond: TecMint - the ideal Linux blog for Sysadmins & Geeks.
+  :small_orange_diamond: Omnisecu - Free Networking, System Administration and Security Tutorials.

##### :black_small_square: Security @@ -250,6 +272,7 @@ performance of any of your sites from across the globe.
  :small_orange_diamond: OWASP - worldwide not-for-profit charitable organization focused on improving the security of software.
  :small_orange_diamond: OWASP ASVS 3.0.1 - OWASP Application Security Verification Standard Project.
  :small_orange_diamond: OWASP ASVS 3.0.1 Web App - simple web app that helps developers understand the ASVS requirements.
+  :small_orange_diamond: Offensive Security - true performance-based penetration testing training for over a decade.
  :small_orange_diamond: Hacking Articles - LRaj Chandel's Security & Hacking Blog.
  :small_orange_diamond: GTFOBins - list of Unix binaries that can be exploited by an attacker to bypass local security restrictions.
  :small_orange_diamond: AWS security tools - make your AWS cloud environment more secure.
@@ -257,6 +280,7 @@ performance of any of your sites from across the globe.
  :small_orange_diamond: PTES - the penetration testing execution standard.
  :small_orange_diamond: ctf-tools - some setup scripts for security research tools.
  :small_orange_diamond: Guifre Ruiz Notes - collection of secuirty, system, network and pentest cheatsheets.
+  :small_orange_diamond: Rawsec's CyberSecurity Inventory - an inventory of tools and resources about CyberSecurity.

##### :black_small_square: Web Apps @@ -293,6 +317,7 @@ performance of any of your sites from across the globe.
  :small_orange_diamond: Linux Security Expert - trainings, howtos, checklists, security tools and more.
  :small_orange_diamond: The Grymoire - collection of useful incantations for wizards, be you computer wizards, magicians, or whatever.
+  :small_orange_diamond: raymii.org - linux/unix sysadmin specializing in building high availability cloud environments.

#### Systems/Services @@ -303,6 +328,8 @@ Linux Security Expert - trainings, howtos, checklists, security tools an   :small_orange_diamond: Slackware - the most "Unix-like" Linux distribution.
  :small_orange_diamond: OpenBSD - multi-platform 4.4BSD-based UNIX-like operating system.
  :small_orange_diamond: HardenedBSD - HardenedBSD aims to implement innovative exploit mitigation and security solutions.
+  :small_orange_diamond: Kali Linux - Linux distribution used for Penetration Testing, Ethical Hacking and network security assessments.
+  :small_orange_diamond: Backbox Linux - penetration test and security assessment oriented Ubuntu-based Linux distribution.

##### :black_small_square: Network @@ -315,6 +342,7 @@ Linux Security Expert - trainings, howtos, checklists, security tools an

  :small_orange_diamond: Varnish HTTP Cache - HTTP accelerator designed for content-heavy dynamic web sites.
+  :small_orange_diamond: Nginx - open source web and reverse proxy server that is similar to Apache, but very light weight.

##### :black_small_square: Security/hardening