Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

awesome-pentest

https://github.com/r3p3r/awesome-pentest

Last synced: 5 days ago
JSON representation

Books
Tools
- DDoS Tools
  - JS LOIC - JavaScript in-browser version of LOIC.
  - JS LOIC - JavaScript in-browser version of LOIC.
  - HOIC - Updated version of Low Orbit Ion Cannon, has 'boosters' to get around common counter measures.
  - T50 - Faster network stress tool.
  - JS LOIC - JavaScript in-browser version of LOIC.
  - JS LOIC - JavaScript in-browser version of LOIC.
  - JS LOIC - JavaScript in-browser version of LOIC.
  - JS LOIC - JavaScript in-browser version of LOIC.
  - JS LOIC - JavaScript in-browser version of LOIC.
  - JS LOIC - JavaScript in-browser version of LOIC.
  - JS LOIC - JavaScript in-browser version of LOIC.
  - JS LOIC - JavaScript in-browser version of LOIC.
  - JS LOIC - JavaScript in-browser version of LOIC.
  - JS LOIC - JavaScript in-browser version of LOIC.
  - JS LOIC - JavaScript in-browser version of LOIC.
  - JS LOIC - JavaScript in-browser version of LOIC.
  - JS LOIC - JavaScript in-browser version of LOIC.
  - JS LOIC - JavaScript in-browser version of LOIC.
  - JS LOIC - JavaScript in-browser version of LOIC.
  - JS LOIC - JavaScript in-browser version of LOIC.
  - JS LOIC - JavaScript in-browser version of LOIC.
  - JS LOIC - JavaScript in-browser version of LOIC.
- Penetration Testing Distributions
  - Kali - GNU/Linux distribution designed for digital forensics and penetration testing.
  - ArchStrike - Arch GNU/Linux repository for security professionals and enthusiasts.
  - BlackArch - Arch GNU/Linux-based distribution for penetration testers and security researchers.
  - Parrot - Distribution similar to Kali, with multiple architecture.
  - Buscador - GNU/Linux virtual machine that is pre-configured for online investigators.
- Docker for Penetration Testing
- Multi-paradigm Frameworks
  - Metasploit - Software for offensive security teams to help verify vulnerabilities and manage security assessments.
  - Armitage - Java-based GUI front-end for the Metasploit Framework.
  - ExploitPack - Graphical tool for automating penetration tests that ships with many pre-packaged exploits.
- Network Vulnerability Scanners
  - Nexpose - Commercial vulnerability and risk management assessment engine that integrates with Metasploit, sold by Rapid7.
  - Nikto - Noisy but fast black box web server and web application vulnerability scanner.
  - SecApps - In-browser web application security testing suite.
  - WebReaver - Commercial, graphical web application vulnerability scanner designed for macOS.
  - WPScan - Black box WordPress vulnerability scanner.
  - cms-explorer - Reveal the specific modules, plugins, components and themes that various websites powered by content management systems are running.
- Network Tools
  - zmap - Open source network scanner that enables researchers to easily perform Internet-wide network studies.
  - nmap - Free security scanner for network exploration & security audits.
  - Wireshark - Widely-used graphical, cross-platform network protocol analyzer.
  - Intercepter-NG - Multifunctional network toolkit.
  - DNSDumpster - Online DNS recon and search service.
  - dnstracer - Determines where a given DNS server gets its information from, and follows the chain of DNS servers.
  - dsniff - Collection of tools for network auditing and pentesting.
  - Dripcap - Caffeinated packet analyzer.
  - Praeda - Automated multi-function printer data harvester for gathering usable data during security assessments.
  - BetterCAP - Modular, portable and easily extensible MITM framework.
  - SPARTA - Graphical interface offering scriptable, configurable access to existing network infrastructure scanning and enumeration tools.
  - Debookee - Simple and powerful network traffic analyzer for macOS.
- Wireless Network Tools
  - Aircrack-ng - Set of tools for auditing wireless networks.
  - Kismet - Wireless network detector, sniffer, and IDS.
  - Reaver - Brute force attack against WiFi Protected Setup.
- Web Exploitation
  - OWASP Zed Attack Proxy (ZAP) - Feature-rich, scriptable HTTP intercepting proxy and fuzzer for penetration testing web applications.
  - Fiddler - Free cross-platform web debugging proxy with user-friendly companion tools.
  - autochrome - Easy to install a test browser with all the appropriate setting needed for web application testing with native Burp support, from NCCGroup.
  - Wappalyzer - Wappalyzer uncovers the technologies used on websites.
  - sslstrip - Demonstration of the HTTPS stripping attacks.
  - NoSQLmap - Automatic NoSQL injection and database takeover tool.
  - EyeWitness - Tool to take screenshots of websites, provide some server header info, and identify default credentials if possible.
- Hex Editors
  - Hexinator - World's finest (proprietary, commercial) Hex Editor.
  - 0xED - Native macOS hex editor that supports plug-ins to display custom data types.
- File Format Analysis Tools
  - Kaitai Struct - File formats and network protocols dissection language and web IDE, generating parsers in C++, C#, Java, JavaScript, Perl, PHP, Python, Ruby.
  - Veles - Binary data visualization and analysis tool.
  - Hachoir - Python library to view and edit a binary stream as tree of fields and tools for metadata extraction.
- Defense Evasion Tools
  - Veil - Generate metasploit payloads that bypass common anti-virus solutions.
  - shellsploit - Generates custom shellcode, backdoors, injectors, optionally obfuscates every byte via encoders.
  - peCloak.py - Automates the process of hiding a malicious Windows executable from antivirus (AV) detection.
  - UniByAv - Simple obfuscator that takes raw shellcode and generates Anti-Virus friendly executables by using a brute-forcable, 32-bit XOR key.
- Hash Cracking Tools
  - CeWL - Generates custom wordlists by spidering a target's website and collecting unique words.
  - Rar Crack - RAR bruteforce cracker.
- Windows Utilities
  - Empire - Pure PowerShell post-exploitation agent.
  - wePWNise - Generates architecture independent VBA code to be used in Office documents or templates and automates bypassing application control and exploit mitigation software.
- macOS Utilities
  - Bella - Pure Python post-exploitation data mining and remote administration tool for macOS.
- OSINT Tools
  - Google-dorks - Common Google dorks and others you probably don't know.
  - Shodan - World's first search engine for Internet-connected devices.
  - recon-ng - Full-featured Web Reconnaissance framework written in Python.
  - Threat Crowd - Search engine for threats.
  - ZoomEye - Search engine for cyberspace that lets the user find specific network components.
  - Censys - Collects data on hosts and websites through daily ZMap and ZGrab scans.
  - Maltego - Proprietary software for open source intelligence and forensics, from Paterva.
- Anonymity Tools
  - Tor - Free software and onion routed overlay network that helps you defend against traffic analysis.
  - OnionScan - Tool for investigating the Dark Web by finding operational security issues introduced by Tor hidden service operators.
- Reverse Engineering Tools
  - Interactive Disassembler (IDA Pro) - Proprietary multi-processor disassembler and debugger for Windows, GNU/Linux, or macOS; also has a free version, [IDA Free](https://www.hex-rays.com/products/ida/support/download_freeware.shtml).
  - OllyDbg - x86 debugger for Windows binaries that emphasizes binary code analysis.
  - Immunity Debugger - Powerful way to write exploits and analyze malware.
  - Capstone - Lightweight multi-platform, multi-architecture disassembly framework.
- Physical Access Tools
  - Poisontap - Siphons cookies, exposes internal (LAN-side) router and installs web backdoor on locked computers.
  - Proxmark3 - RFID/NFC cloning, replay, and spoofing toolkit often used for analyzing and attacking proximity cards/readers, wireless keys/keyfobs, and more.
- Penetration Testing Report Templates
  - Pentesting Report Template - testandverification.com template.
  - Pentesting Report Template - hitachi-systems-security.com template.
  - Pentesting Report Template - crest-approved.org templage.
  - Pentesting Report Template - pcisecuritystandards.org template.
Awesome Lists
- Defcon Suggested Reading
  - InfoSec § Hacking challenges - Comprehensive directory of CTFs, wargames, hacking challenge websites, pentest practice lab exercises, and more.
  - C/C++ Programming - One of the main language for open source security tools.
  - .NET Programming - Software framework for Microsoft Windows platform development.
  - Shell Scripting - Command line frameworks, toolkits, guides and gizmos.
  - Ruby Programming by @markets - The de-facto language for writing exploits.
  - JavaScript Programming - In-browser development and scripting.
  - Python Programming by @vinta - General Python programming.
  - Android Security - Collection of Android security related resources.
  - Awesome Awesomness - The List of the Lists.
  - AppSec - Resources for learning about application security.
  - CTFs - Capture The Flag frameworks, libraries, etc.
  - Hacking - Tutorials, tools, and resources.
  - Honeypots - Honeypots, tools, components, and more.
  - Malware Analysis - Tools and resources for analysts.
  - PCAP Tools - Tools for processing network traffic.
  - Security - Software, libraries, documents, and other resources.
  - ![CC-BY
  - Creative Commons Attribution 4.0 International License
Online Resources
- Penetration Testing Resources
  - Penetration Testing Framework (PTF) - Outline for performing penetration tests compiled as a general framework usable by vulnerability analysts and penetration testers alike.
  - XSS-Payloads - Ultimate resource for all things cross-site including payloads, tools, games and documentation.
  - MITRE's Adversarial Tactics, Techniques & Common Knowledge (ATT&CK) - Curated knowledge base and model for cyber adversary behavior.
  - XSS-Payloads - Ultimate resource for all things cross-site including payloads, tools, games and documentation.
  - XSS-Payloads - Ultimate resource for all things cross-site including payloads, tools, games and documentation.
  - XSS-Payloads - Ultimate resource for all things cross-site including payloads, tools, games and documentation.
  - XSS-Payloads - Ultimate resource for all things cross-site including payloads, tools, games and documentation.
  - XSS-Payloads - Ultimate resource for all things cross-site including payloads, tools, games and documentation.
  - XSS-Payloads - Ultimate resource for all things cross-site including payloads, tools, games and documentation.
  - XSS-Payloads - Ultimate resource for all things cross-site including payloads, tools, games and documentation.
- Exploit Development
  - Shellcode Examples - Shellcodes database.
  - Exploit Writing Tutorials - Tutorials on how to develop exploits.
- OSINT Resources
  - Intel Techniques - Collection of OSINT tools. Menu on the left can be used to navigate through the categories.
  - NetBootcamp OSINT Tools - Collection of OSINT links and custom Web interfaces to other services such as [Facebook Graph Search](http://netbootcamp.org/facebook.html) and [various paste sites](http://netbootcamp.org/pastesearch.html).
  - WiGLE.net - Information about wireless networks world-wide, with user-friendly desktop and web applications.
- Lock Picking Resources
  - /r/lockpicking - Resources for learning lockpicking, equipment recommendations.
- Operating Systems
  - Security related Operating Systems @ Rawsec - Complete list of security related operating systems.
  - Digital Evidence & Forensics Toolkit (DEFT) - Live CD for forensic analysis runnable without tampering or corrupting connected devices where the boot process takes place.
Vulnerability Databases
- Defcon Suggested Reading
  - Common Vulnerabilities and Exposures (CVE) - Dictionary of common names (i.e., CVE Identifiers) for publicly known security vulnerabilities.
  - National Vulnerability Database (NVD) - United States government's National Vulnerability Database provides additional meta-data (CPE, CVSS scoring) of the standard CVE List along with a fine-grained search engine.
  - US-CERT Vulnerability Notes Database - Summaries, technical details, remediation information, and lists of vendors affected by software vulnerabilities, aggregated by the United States Computer Emergency Response Team (US-CERT).
  - Bugtraq (BID) - Software security bug identification database compiled from submissions to the SecurityFocus mailing list and other sources, operated by Symantec, Inc.
  - Exploit-DB - Non-profit project hosting exploits for software vulnerabilities, provided as a public service by Offensive Security.
  - CXSecurity - Archive of published CVE and Bugtraq software vulnerabilities cross-referenced with a Google dork database for discovering the listed vulnerability.
  - Vulnerability Lab - Open forum for security advisories organized by category of exploit target.
  - Vulners - Security database of software vulnerabilities.
  - Inj3ct0r - Exploit marketplace and vulnerability information aggregator.
  - Open Source Vulnerability Database (OSVDB) - Historical archive of security vulnerabilities in computerized equipment, no longer adding to its vulnerability database as of April, 2016.
  - HPI-VDB - Aggregator of cross-referenced software vulnerabilities offering free-of-charge API access, provided by the Hasso-Plattner Institute, Potsdam.
Security Courses
- Defcon Suggested Reading
  - Offensive Security Training - Training from BackTrack/Kali developers.
  - Computer Security Student - Many free tutorials, great for beginners, $10/mo membership unlocks all content.
Information Security Conferences
- Defcon Suggested Reading
  - CCC - Annual meeting of the international hacker scene in Germany.
  - DerbyCon - Annual hacker conference based in Louisville.
  - PhreakNIC - Technology conference held annually in middle Tennessee.
  - CHCon - Christchurch Hacker Con, Only South Island of New Zealand hacker con.
  - Hack.lu - Annual conference held in Luxembourg.
  - HITB - Deep-knowledge security conference held in Malaysia and The Netherlands.
  - DeepSec - Security Conference in Vienna, Austria.
  - SECUINSIDE - Security Conference in [Seoul](https://en.wikipedia.org/wiki/Seoul).
  - AppSecUSA - Annual conference organized by OWASP.
  - RSA Conference USA - Annual security conference in San Francisco, California, USA.
  - Swiss Cyber Storm - Annual security conference in Lucerne, Switzerland.
  - 44Con - Annual Security Conference held in London.
  - DEF CON - Annual hacker convention in Las Vegas.
  - Virus Bulletin Conference - Annual conference going to be held in Denver, USA for 2016.
Information Security Magazines
- Defcon Suggested Reading
  - 2600: The Hacker Quarterly - American publication about technology and computer "underground."
  - Phrack Magazine - By far the longest running hacker zine.

Programming Languages

Python 3 JavaScript 1 PHP 1 Ruby 1 Shell 1

Ecosyste.ms: Awesome

awesome-pentest

Books

Penetration Testing Books

Hackers Handbook Series

Defensive Development

Network Analysis Books

Reverse Engineering Books

Malware Analysis Books

Social Engineering Books

Lock Picking Books

Defcon Suggested Reading

Windows Books

Tools

DDoS Tools

Penetration Testing Distributions

Docker for Penetration Testing

Multi-paradigm Frameworks

Network Vulnerability Scanners

Network Tools

Wireless Network Tools

Web Exploitation

Hex Editors

File Format Analysis Tools

Defense Evasion Tools

Hash Cracking Tools

Windows Utilities

macOS Utilities

OSINT Tools

Anonymity Tools

Reverse Engineering Tools

Physical Access Tools

Penetration Testing Report Templates

Awesome Lists

Defcon Suggested Reading

Online Resources

Penetration Testing Resources

Exploit Development

OSINT Resources

Lock Picking Resources

Operating Systems

Vulnerability Databases

Defcon Suggested Reading

Security Courses

Defcon Suggested Reading

Information Security Conferences

Defcon Suggested Reading

Information Security Magazines

Defcon Suggested Reading