{"id":13464735,"url":"https://github.com/eugenekolo/sec-tools","last_synced_at":"2025-03-25T11:32:11.249Z","repository":{"id":46136870,"uuid":"50085926","full_name":"eugenekolo/sec-tools","owner":"eugenekolo","description":"A set of security related tools","archived":false,"fork":false,"pushed_at":"2021-03-08T06:51:12.000Z","size":5401,"stargazers_count":648,"open_issues_count":8,"forks_count":140,"subscribers_count":24,"default_branch":"master","last_synced_at":"2024-10-29T17:55:04.193Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"HTML","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/eugenekolo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-01-21T06:02:24.000Z","updated_at":"2024-10-14T19:58:22.000Z","dependencies_parsed_at":"2022-09-14T20:51:09.915Z","dependency_job_id":null,"html_url":"https://github.com/eugenekolo/sec-tools","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eugenekolo%2Fsec-tools","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eugenekolo%2Fsec-tools/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eugenekolo%2Fsec-tools/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eugenekolo%2Fsec-tools/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/eugenekolo","download_url":"https://codeload.github.com/eugenekolo/sec-tools/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245454182,"owners_count":20617989,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-31T14:00:49.476Z","updated_at":"2025-03-25T11:32:06.684Z","avatar_url":"https://github.com/eugenekolo.png","language":"HTML","funding_links":[],"categories":["HTML","\u003ca id=\"a4ee2f4d4a944b54b2246c72c037cd2e\"\u003e\u003c/a\u003e收集\u0026\u0026集合","\u003ca id=\"8c5a692b5d26527ef346687e047c5c21\"\u003e\u003c/a\u003e收集","\u003ca id=\"e97d183e67fa3f530e7d0e7e8c33ee62\"\u003e\u003c/a\u003e未分类","CTFs"],"sub_categories":["\u003ca id=\"e97d183e67fa3f530e7d0e7e8c33ee62\"\u003e\u003c/a\u003e未分类","\u003ca id=\"f110da0bf67359d3abc62b27d717e55e\"\u003e\u003c/a\u003e新添加的","CTFs tools"],"readme":"# sec-tools [![Build Status](https://travis-ci.org/eugenekolo/sec-tools.svg?branch=master)](https://travis-ci.org/eugenekolo/sec-tools) ![Amazing](https://img.shields.io/badge/amazing-100%-ff33dd.svg)\n\n**NO LONGER MAINTAINED**\n\nCurated collection of tools for security research, CTFs, and fun, that I enjoy. Similar to zardus's ctf-tools, but with a more general focus on security.\n\nInstallers for the following tools are included:\n\n| Category | Tool | Description |\n|----------|------|-------------|\n| binary | [apktool](https://ibotpeaches.github.io/Apktool/) | Disassemble, examine, and re-pack Android APKs | \u003c!--test--\u003e\n| binary | [binwalk](https://github.com/devttys0/binwalk.git) | Firmware (and arbitrary file) analysis tool. | \u003c!--test--\u003e\n| binary | [checksec](https://github.com/slimm609/checksec.sh) | Check binary hardening settings. | \u003c!--test--\u003e\n| binary | [dex2jar](https://github.com/pxb1988/dex2jar) | Tools to work with android .dex files | \u003c!--test--\u003e\n| binary | [hxd](https://mh-nexus.de/en/hxd/) | A simple hex editor. Ran through `wine`. (Uses wine.) | \u003c!--uses-wine--\u003e\n| binary | [idafree](https://www.hex-rays.com/products/ida/support/download_freeware.shtml) | The most popular interactive disassembler, free edition. (Uses wine.) | \u003c!--uses-wine--\u003e\n| binary | [jdgui](http://jd.benow.ca/) | A graphical Java Decompiler. (Uses wine.) | \u003c!--uses-wine--\u003e\n| binary | [peda](https://github.com/longld/peda) | Enhanced environment for gdb. | \u003c!--test--\u003e\n| binary | [preeny](https://github.com/zardus/preeny) | A collection of helpful preloads (compiled for many architectures!). | \u003c!--test--\u003e\n| binary | [qemu](http://qemu.org) | Latest version of qemu! | \u003c!--takes-too-long--\u003e\n| binary | [qira](http://qira.me) | Parallel, timeless debugger. Go back and forth in time. | \u003c!--test--\u003e\n| binary | [radare2](http://www.radare.org/) | Some crazy thing crowell likes. | \u003c!--test--\u003e\n| binary | [ropgadget](https://github.com/JonathanSalwan/ROPgadget) | Search ROP gadgets, autocreate a ropchain, and fetch gadgets from a bin. | \u003c!--test--\u003e\n| binary | [upx](http://upx.sourceforge.net/) | A free and popular packer/unpacker. | \u003c!--test--\u003e\n| crypto | [aeskeyfind](https://citp.princeton.edu/research/memory/code/) | Find AES keys in a memory dump. | \u003c!--test--\u003e\n| crypto | [cribdrag](https://github.com/SpiderLabs/cribdrag) | Interactive crib dragging tool (for crypto). | \u003c!--test--\u003e\n| crypto | [evilize](http://www.mathstat.dal.ca/~selinger/md5collision/) | Tool to create MD5 colliding binaries | \u003c!--test--\u003e\n| crypto | [foresight](https://github.com/ALSchwalm/foresight) | A tool for predicting the output of random number generators. To run, launch \"foresee\". | \u003c!--test--\u003e\n| crypto | [hashid](https://code.google.com/p/hash-identifier/source/checkout) | Simple hash algorithm identifier. | \u003c!--test--\u003e\n| crypto | [msieve](https://sourceforge.net/projects/msieve/) | Factor primes, such as for RSA. | \u003c!--test--\u003e\n| crypto | [padbuster](https://github.com/GDSSecurity/PadBuster) | Automated script for performing Padding Oracle attacks | \u003c!--test--\u003e\n| crypto | [pkcrack](https://www.unix-ag.uni-kl.de/~conrad/krypto/pkcrack.html) | PkZip encryption cracker. | \u003c!--test--\u003e\n| crypto | [python-paddingoracle](https://github.com/mwielgoszewski/python-paddingoracle) | Padding oracle attack automation. | \u003c!--test--\u003e\n| crypto | [ssh_decoder](https://github.com/jjyg/ssh_decoder) | A tool for decoding ssh traffic. | \u003c!--test--\u003e\n| crypto | [yafu](https://sourceforge.net/projects/yafu/) | Fast prime factorization. | \u003c!--test--\u003e\n| crypto | [xortool](https://github.com/hellman/xortool) | XOR analysis tool. | \u003c!--test--\u003e\n| fuzzers | [afl](http://lcamtuf.coredump.cx/afl/) | State-of-the-art fuzzer. | \u003c!--test--\u003e\n| fuzzers | [pathgrind](https://github.com/codelion/pathgrind) | Path based fuzzer. | \u003c!--test--\u003e\n| stego | [ElectronicColoringBook](https://doegox.github.io/ElectronicColoringBook/) | Colorize data file according to repetitive chunks. | \u003c!--test--\u003e\n| stego | [exiftool](http://www.sno.phy.queensu.ca/~phil/exiftool/) | Examine EXIF/meta data of files. | \u003c!--test--\u003e\n| stego | [lsbsteg](https://github.com/RobinDavid/LSB-Steganography) | stego files into images using the Least Significant Bit. | \u003c!--test--\u003e\n| stego | [poppler](http://poppler.freedesktop.org/) | A suite of tools to help take apart and work with PDF files | \u003c!--test--\u003e\n| stego | [steganabara](http://www.caesum.com/handbook/stego.htm) | Another image steganography solver. | \u003c!--test--\u003e\n| stego | [stegdetect](http://www.outguess.org/) | Steganography detection/breaking tool. | \u003c!--broken--\u003e\n| stego | [stegsolve](http://www.caesum.com/handbook/stego.htm) | Image steganography solver. | \u003c!--test--\u003e\n| tools | [brakeman](http://brakemanscanner.org/) | Ruby-on-rails static-analysis security scanner. | \u003c!--test--\u003e\n| tools | [bruteforce](http://github.com/eugenekolo/sec-tools) | A simple starter script for bruteforcing | \u003c!--test--\u003e\n| tools | [entropy](http://github.com/eugenekolo/sec-tools) | A simple tool to test entropy of a file | \u003c!--test--\u003e\n| tools | [extundelete](http://extundelete.sourceforge.net/) | Recover deleted files from an ext3 or ext4 partition. | \u003c!--test--\u003e\n| tools | [pngtools](http://www.stillhq.com/pngtools/) | Dump info on a PNG file. | \u003c!--test--\u003e\n| tools | [pyunpack](https://github.com/kholia/exetractor-clone) | Unpacker for packed Python executables | \u003c!--test--\u003e\n| tools | [shoe](http://github.com/eugenekolo/sec-tools) | A simple tool to assist with TCP remote communication | \u003c!--test--\u003e\n| tools | [swftools](http://www.swftools.org/) | Tools for reading, creating, and working with swf files. | \u003c!--test--\u003e\n| tools | [wordlist](https://github.com/eugenekolo/win-sec-tools/releases/download/v1.0/wordlist.txt.gz) | A huge wordlist to use for cracking or whatever. | \u003c!--test--\u003e\n| web | [burpsuite](http://portswigger.net/burp) | Web proxy to do naughty web stuff. | \u003c!--test--\u003e\n| web | [dirsearch](https://github.com/maurosoria/dirs3arch) | Web path scanner. | \u003c!--test--\u003e\n| web | [hashpump](https://github.com/bwall/HashPump) | A tool for exploiting hash extension vulnerabilities. | \u003c!--test--\u003e\n| web | [mitmproxy](http://mitmproxy.org/) | A programmable and interactive HTTP proxy useful | \u003c!--test--\u003e\n| web | [net-creds](https://github.com/DanMcInerney/net-creds) | Sniffs sensitive data from interface or pcap | \u003c!--test--\u003e\n| web | [sqlmap](http://sqlmap.org/) | SQL injection automation engine. | \u003c!--test--\u003e\n\n## Usage ❤️‍❤️‍\nTo use, do:\n\n```bash\n# download and set up\ngit clone https://github.com/eugenekolo/sec-tools.git\n./sec-tools/sec-tools setup \u0026\u0026 source ~/.bashrc\n\n# list the available category/tools\nsec-tools list\n\n# install whatever \u003ccategory/tool-name\u003e\nsec-tools install binary/apktool\n\n# use the tool - your path is automatically configured\napktool --version\n```\n\n## Virtualization and Containers\nReady to launch, will install every tool for you. Grab a :coffee: while making these.\n### Docker ![Docker Badge](https://img.shields.io/badge/container-docker-blue.svg)\n```\ngit clone https://github.com/eugenekolo/sec-tools.git\ndocker build -t sec-tools .\ndocker run -it sec-tools\n```\n\n### Vagrant ![Vagrant Badge](https://img.shields.io/badge/container-vagrant-orange.svg)\n```\nwget https://raw.githubusercontent.com/eugenekolo/sec-tools/master/Vagrantfile\nvagrant up\nvagrant ssh\n```\n\n## Adding Tools\nTo add a tool (say, named *toolname*), do the following:\n\n1. Decide what category it falls under. You probably shouldn't create a new one.\n2. Create a `category\\toolname` directory.\n3. Create an `install-ctf.sh` script. It's a simple bash script, look at already made ones for example.\n\n## License :star2::star2:\nThe individual tools are all licensed under their own licenses.\nAs for sec-tools itself, it is \"starware\".\nIf you find it useful, star it on github (https://github.com/eugenekolo/sec-tools).\n\n## Acknowledgements\nBuilt upon [ctf-tools](https://github.com/zardus/ctf-tools). Be sure to check them out.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feugenekolo%2Fsec-tools","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Feugenekolo%2Fsec-tools","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feugenekolo%2Fsec-tools/lists"}