hacker-roadmap/README.md

66 lines
2.7 KiB
Markdown
Raw Normal View History

2018-04-02 12:22:02 +00:00
# Hacker Roadmap
2018-04-02 12:29:48 +00:00
This repository is a summary of hacking tools to practice ethical hacking, pen testing and web security. Most of these tools are UNIX compatible and MIT licensed.
2018-04-02 12:22:02 +00:00
## Tools by category
2018-04-02 12:29:48 +00:00
#### :male_detective: Information Gathering
2018-04-02 12:22:02 +00:00
Information Gathering tools allows you to collect host metadata about services and users. Check informations about a domain, IP address, phone number or an email address.
2018-04-02 13:37:46 +00:00
- [Th3inspector](https://github.com/Moham3dRiahi/Th3inspector) **Perl** | `Linux/Windows/MacOS` | All in one tool for Information Gathering written in Perl.
- [Crips](https://github.com/Manisso/Crips) **Python** | `Linux/Android` | IP Tools To quickly get information about IP Address's, Web Pages and DNS records.
2018-04-02 12:22:02 +00:00
2018-04-02 12:29:48 +00:00
#### :lock: Password Attacks
2018-04-02 12:22:02 +00:00
Crack passwords and create wordlists.
...
2018-04-02 12:29:48 +00:00
#### :globe_with_meridians: Wireless Testing
2018-04-02 12:22:02 +00:00
Used for intrusion detection and wifi attacks.
2018-04-02 14:13:56 +00:00
- [Aircrack](https://github.com/aircrack-ng/aircrack-ng) **C** | `Linux/Windows/MacOS` | WiFi security auditing tools suite.
2018-04-02 12:22:02 +00:00
2018-04-02 12:29:48 +00:00
#### :wrench: Exploitation Tools
2018-04-02 12:22:02 +00:00
Acesss systems and data with service-oriented exploits.
2018-04-02 13:40:18 +00:00
- [SQLmap](https://github.com/sqlmapproject/sqlmap) **Python** | `Linux/Windows/MacOS` | Automatic SQL injection and database takeover tool.
2018-04-02 13:37:46 +00:00
- [XSStrike](https://github.com/UltimateHackers/XSStrike) **Python** | `Linux/Windows/MacOS` | Advanced XSS detection and exploitation suite.
2018-04-02 12:22:02 +00:00
2018-04-02 12:29:48 +00:00
#### :busts_in_silhouette: Sniffing & Spoofing
2018-04-02 12:22:02 +00:00
Listen to network traffic or fake a network entity.
...
2018-04-02 12:29:48 +00:00
#### :rocket: Web Hacking
2018-04-02 12:22:02 +00:00
Exploit popular CMSs that are hosted online.
2018-04-02 14:15:27 +00:00
- [WPScan](https://github.com/wpscanteam/wpscan) **Ruby** | `Linux/Windows/MacOS` | WPScan is a black box WordPress vulnerability scanner.
2018-04-02 14:20:34 +00:00
- [Droopescan](https://github.com/droope/droopescan) **Python** | `Linux/Windows/MacOS` | A plugin-based scanner to identify issues with several CMSs, mainly Drupal & Silverstripe.
- [Joomscan](https://github.com/rezasp/joomscan) **Perl** | `Linux/Windows/MacOS` | Joomla Vulnerability Scanner.
2018-04-02 12:22:02 +00:00
2018-04-02 12:29:48 +00:00
#### :zap: Private Web Hacking
2018-04-02 12:22:02 +00:00
Access files and databases.
...
2018-04-02 12:29:48 +00:00
#### :tada: Post Exploitation
2018-04-02 12:22:02 +00:00
Exploits for after you have already gained access.
...
2018-04-02 13:05:39 +00:00
#### :package: Frameworks
2018-04-02 12:22:02 +00:00
2018-04-02 12:31:00 +00:00
Frameworks are packs of pen testing tools with custom shell navigation and documentation.
2018-04-02 12:22:02 +00:00
2018-04-02 14:05:12 +00:00
- [Metasploit](https://github.com/rapid7/metasploit-framework) **Ruby** | `Linux/Windows/MacOS` | A penetration testing framework for ethical hackers.
2018-04-02 14:30:11 +00:00
- [fsociety](https://github.com/Manisso/fsociety) **Python** | `Linux/Windows/MacOS` | fsociety Hacking Tools Pack A Penetration Testing Framework.
2018-04-02 14:13:56 +00:00
- [cSploit](https://github.com/cSploit/android) **Java** | `Android` | The most complete and advanced IT security professional toolkit on Android.