Tor Tools

• awesome-tor
• Nipe - Script to redirect all traffic from the machine to the Tor network.
• OnionScan - Tool for investigating the Dark Web by finding operational security issues introduced by Tor hidden service operators.
• Tor - Free software and onion routed overlay network that helps you defend against traffic analysis.
• dos-over-tor - Proof of concept denial of service over Tor stress test tool.
• kalitorify - Transparent proxy through Tor for Kali Linux OS.
• Tails - Live operating system aiming to preserve your privacy and anonymity.

• Metadata Anonymization Toolkit (MAT) - Metadata removal tool, supporting a wide range of commonly used file formats, written in Python3.
• What Every Browser Knows About You - Comprehensive detection page to test your own Web browser's configuration for privacy and identity leaks.
• I2P - The Invisible Internet Project.

Tor Tools

• AntiVirus Evasion Tool (AVET) - Post-process exploits containing executable files targeted for Windows machines to avoid being recognized by antivirus software.
• CarbonCopy - Tool that creates a spoofed certificate of any online website and signs an Executable for AV evasion.
• UniByAv - Simple obfuscator that takes raw shellcode and generates Anti-Virus friendly executables by using a brute-forcable, 32-bit XOR key.
• Veil - Generate metasploit payloads that bypass common anti-virus solutions.
• peCloakCapstone - Multi-platform fork of the peCloak.py automated malware antivirus evasion tool.
• Shellter - Dynamic shellcode injection tool, and the first truly dynamic PE infector ever created.

Malware Analysis Books

• awesome-malware-analysis § Books

Tor Tools

• DEF CON Suggested Reading
• Android Hacker's Handbook by Joshua J. Drake et al., 2014
• BTFM: Blue Team Field Manual by Alan J White & Ben Clark, 2017
• Bug Hunter's Diary by Tobias Klein, 2011
• Car Hacker's Handbook by Craig Smith, 2016
• Effective Software Testing, 2021
• Fuzzing: Brute Force Vulnerability Discovery by Michael Sutton et al., 2007
• Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman, 2014
• The Art of Exploitation by Jon Erickson, 2008
• The Art of Network Penetration Testing, 2020
• The Database Hacker's Handbook, David Litchfield et al., 2005
• The Mac Hacker's Handbook by Charlie Miller & Dino Dai Zovi, 2009
• The Mobile Application Hacker's Handbook by Dominic Chell et al., 2015
• iOS Hacker's Handbook by Charlie Miller et al., 2012
• Advanced Persistent Threat Hacking: The Art and Science of Hacking Any Organization by Tyler Wrightson, 2014
• Advanced Penetration Testing by Wil Allsopp, 2017
• Black Hat Python: Python Programming for Hackers and Pentesters by Justin Seitz, 2014
• Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp, 2010
• Penetration Testing: Procedures & Methodologies by EC-Council, 2010
• RTFM: Red Team Field Manual by Ben Clark, 2014
• The Hacker Playbook by Peter Kim, 2014
• Advanced Penetration Testing for Highly-Secured Environments by Lee Allen, 2012

Malware Analysis Books

• HackingThe.cloud
• Cloud Container Attack Tool (CCAT) - Tool for testing security of container environments.
• CloudHunter - Looks for AWS, Azure and Google cloud storage buckets and lists permissions for vulnerable buckets.
• GCPBucketBrute - Script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.

Malware Analysis Books

• Dradis - Open-source reporting and collaboration tool for IT security professionals.
• Hexway Hive - Commercial collaboration, data aggregation, and reporting framework for red teams with a limited free self-hostable option.
• Lair - Reactive attack collaboration framework and web application built with meteor.
• Pentest Collaboration Framework (PCF) - Open source, cross-platform, and portable toolkit for automating routine pentest processes with a team.
• Reconmap - Open-source collaboration platform for InfoSec professionals that streamlines the pentest process.
• RedELK - Track and alarm about Blue Team activities while providing better usability in long term offensive operations.
• Reconmap - Open-source collaboration platform for InfoSec professionals that streamlines the pentest process.

Asia

• HITB - Deep-knowledge security conference held in Malaysia and The Netherlands.
• HITCON - Hacks In Taiwan Conference held in Taiwan.
• SECUINSIDE - Security Conference in Seoul.
• Nullcon - Annual conference in Delhi and Goa, India.

Europe

• 44Con - Annual Security Conference held in London.
• CCC - Annual meeting of the international hacker scene in Germany.
• DeepSec - Security Conference in Vienna, Austria.
• DefCamp - Largest Security Conference in Eastern Europe, held annually in Bucharest, Romania.
• Hack.lu - Annual conference held in Luxembourg.
• SteelCon - Security conference in Sheffield UK.
• Swiss Cyber Storm - Annual security conference in Lucerne, Switzerland.
• HoneyCON - Annual Security Conference in Guadalajara, Spain. Organized by the HoneySEC association.

Malware Analysis Books

• CTFTime.org - Directory of upcoming and archive of past Capture The Flag (CTF) competitions with links to challenge writeups.

North America

• CarolinaCon - Infosec conference, held annually in North Carolina.
• DEF CON - Annual hacker convention in Las Vegas.
• DerbyCon - Annual hacker conference based in Louisville.
• Hackers Next Door - Cybersecurity and social technology conference held in New York City.
• Hackers On Planet Earth (HOPE) - Semi-annual conference held in New York City.
• National Cyber Summit - Annual US security conference and Capture the Flag event, held in Huntsville, Alabama, USA.
• PhreakNIC - Technology conference held annually in middle Tennessee.
• RSA Conference USA - Annual security conference in San Francisco, California, USA.
• ShmooCon - Annual US East coast hacker convention.
• SummerCon - One of the oldest hacker conventions in America, held during Summer.
• AppSecUSA - Annual conference organized by OWASP.
• Black Hat - Annual security conference in Las Vegas.

South America

• Hackers to Hackers Conference (H2HC) - Oldest security research (hacking) conference in Latin America and one of the oldest ones still active in the world.

Zealandia

• CHCon - Christchurch Hacker Con, Only South Island of New Zealand hacker con.

Malware Analysis Books

• CTF Field Guide - Everything you need to win your next CTF competition.
• RsaCtfTool - Decrypt data enciphered using weak RSA keys, and recover private keys from public keys using a variety of automated attacks.
• ctf-tools - Collection of setup scripts to install various security research tools easily and quickly deployable to new machines.
• shellpop - Easily generate sophisticated reverse or bind shell commands to help you save time during penetration tests.
• Ciphey - Automated decryption tool using artificial intelligence and natural language processing.

Zealandia

• DET - Proof of concept to perform data exfiltration using either single or multiple channel(s) at the same time.
• Iodine - Tunnel IPv4 data through a DNS server; useful for exfiltration from networks where Internet access is firewalled, but DNS queries are allowed.
• TrevorC2 - Client/server tool for masking command and control and data exfiltration through a normally browsable website, not typical HTTP POST requests.
• dnscat2 - Tool designed to create an encrypted command and control channel over the DNS protocol, which is an effective tunnel out of almost every network.
• pwnat - Punches holes in firewalls and NATs.
• QueenSono - Client/Server Binaries for data exfiltration with ICMP. Useful in a network where ICMP protocol is less monitored than others (which is a common case).
• tgcd - Simple Unix network utility to extend the accessibility of TCP/IP based network services beyond firewalls.

Zealandia

• H26Forge - Domain-specific infrastructure for analyzing, generating, and manipulating syntactically correct but semantically spec-non-compliant video files.
• Magic Unicorn - Shellcode generator for numerous attack vectors, including Microsoft Office macros, PowerShell, HTML applications (HTA), or `certutil` (using fake certificates).
• Pwntools - Rapid exploit development framework built for use in CTFs.
• Wordpress Exploit Framework - Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems.
• peda - Python Exploit Development Assistance for GDB.

Zealandia

• peepdf - Python tool to explore PDF files in order to find out if the file can be harmful or not.
• Veles - Binary data visualization and analysis tool.
• ExifTool - Platform-independent Perl library plus a command-line application for reading, writing and editing meta information in a wide variety of files.

Zealandia

• Hwacha - Post-exploitation tool to quickly execute payloads via SSH on one or more Linux systems simultaneously.
• Linux Exploit Suggester - Heuristic reporting on potentially viable exploits for a given GNU/Linux system.

Zealandia

• BruteForce Wallet - Find the password of an encrypted wallet file (i.e. `wallet.dat`).
• CeWL - Generates custom wordlists by spidering a target's website and collecting unique words.
• duplicut - Quickly remove duplicates, without changing the order, and without getting OOM on huge wordlists.
• GoCrack - Management Web frontend for distributed password cracking sessions using hashcat (or other supported tools) written in Go.
• hate_crack - Tool for automating cracking methodologies through Hashcat.
• JWT Cracker - Simple HS256 JSON Web Token (JWT) token brute force cracker.
• Rar Crack - RAR bruteforce cracker.

Zealandia

• Bless - High quality, full featured, cross-platform graphical hex editor written in Gtk#.
• Hexinator - World's finest (proprietary, commercial) Hex Editor.
• hexedit - Simple, fast, console-based hex editor.
• wxHexEditor - Free GUI hex editor for GNU/Linux, macOS, and Windows.
• Frhed - Binary file editor for Windows.

Zealandia

• awesome-industrial-control-system-security
• Industrial Exploitation Framework (ISF) - Metasploit-like exploit framework based on routersploit designed to target Industrial Control Systems (ICS), SCADA devices, PLC firmware, and more.
• s7scan - Scanner for enumerating Siemens S7 PLCs on a TCP/IP or LLC network.
• OpalOPC - Commercial OPC UA vulnerability assessment tool, sold by Molemmat.

Intentionally Vulnerable Systems as Docker Containers

• OWASP NodeGoat - `docker-compose build && docker-compose up`.
• Vulnerability as a service: Heartbleed - `docker pull hmlio/vaas-cve-2014-0160`.
• Vulnerability as a service: Shellshock - `docker pull hmlio/vaas-cve-2014-6271`.

Zealandia

• awesome-vulnerable
• Pentest-Ground

Intentionally Vulnerable Systems as Docker Containers

• awesome-lockpicking

Intentionally Vulnerable Systems as Docker Containers

• EvilOSX - Modular RAT that uses numerous evasion and exfiltration techniques out-of-the-box.
• Bella - Pure Python post-exploitation data mining and remote administration tool for macOS.

Intentionally Vulnerable Systems as Docker Containers

• Armitage - Java-based GUI front-end for the Metasploit Framework.
• AutoSploit - Automated mass exploiter, which collects target by employing the Shodan.io API and programmatically chooses Metasploit exploit modules based on the Shodan query.
• Decker - Penetration testing orchestration and automation framework, which allows writing declarative, reusable configurations capable of ingesting variables and using outputs of tools it has run as inputs to others.
• Faraday - Multiuser integrated pentesting environment for red teams performing cooperative penetration tests, security audits, and risk assessments.
• Metasploit - Software for offensive security teams to help verify vulnerabilities and manage security assessments.
• Pupy - Cross-platform (Windows, Linux, macOS, Android) remote administration and post-exploitation tool.

DDoS Tools

• Anevicon - Powerful UDP-based load generator, written in Rust.
• D(HE)ater - D(HE)ater sends forged cryptographic handshake messages to enforce the Diffie-Hellman key exchange.
• HOIC - Updated version of Low Orbit Ion Cannon, has 'boosters' to get around common counter measures.
• Low Orbit Ion Canon (LOIC) - Open source network stress tool written for Windows.
• Memcrashed - DDoS attack tool for sending forged UDP packets to vulnerable Memcached servers obtained using Shodan API.
• SlowLoris - DoS tool that uses low bandwidth on the attacking side.
• UFONet - Abuses OSI layer 7 HTTP to create/manage 'zombies' and to conduct different attacks using; `GET`/`POST`, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.

Intentionally Vulnerable Systems as Docker Containers

• CrackMapExec - Swiss army knife for pentesting networks.
• IKEForce - Command line IPSEC VPN brute forcing tool for Linux that allows group name/ID enumeration and XAUTH brute forcing capabilities.
• Intercepter-NG - Multifunctional network toolkit.
• Legion - Graphical semi-automated discovery and reconnaissance framework based on Python 3 and forked from SPARTA.
• Network-Tools.com - Website offering an interface to numerous basic network utilities like `ping`, `traceroute`, `whois`, and more.
• Ncrack - High-speed network authentication cracking tool built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords.
• Praeda - Automated multi-function printer data harvester for gathering usable data during security assessments.
• Printer Exploitation Toolkit (PRET) - Tool for printer security testing capable of IP and USB connectivity, fuzzing, and exploitation of PostScript, PJL, and PCL printer language features.
• SigPloit - Signaling security testing framework dedicated to telecom security for researching vulnerabilites in the signaling protocols used in mobile (cellular phone) operators.
• THC Hydra - Online password cracking tool with built-in support for many network protocols, including HTTP, SMB, FTP, telnet, ICQ, MySQL, LDAP, IMAP, VNC, and more.
• Tsunami - General purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.
• Zarp - Network attack tool centered around the exploitation of local networks.
• dnstwist - Domain name permutation engine for detecting typo squatting, phishing and corporate espionage.
• dsniff - Collection of tools for network auditing and pentesting.
• pivotsuite - Portable, platform independent and powerful network pivoting toolkit.
• routersploit - Open source exploitation framework similar to Metasploit but dedicated to embedded devices.
• rshijack - TCP connection hijacker, Rust rewrite of `shijack`.

Network Reconnaissance Tools

• ACLight - Script for advanced discovery of sensitive Privileged Accounts - includes Shadow Admins.
• AQUATONE - Subdomain discovery tool utilizing various open sources producing a report that can be used as input to other tools.
• CloudFail - Unmask server IP addresses hidden behind Cloudflare by searching old database records and detecting misconfigured DNS.
• DNSDumpster - Online DNS recon and search service.
• Mass Scan - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
• OWASP Amass - Subdomain enumeration via scraping, web archives, brute forcing, permutations, reverse DNS sweeping, TLS certificates, passive DNS data sources, etc.
• ScanCannon - POSIX-compliant BASH script to quickly enumerate large networks by calling `masscan` to quickly identify open ports and then `nmap` to gain details on the systems/services on those ports.
• XRay - Network (sub)domain discovery and reconnaissance automation tool.
• dnstracer - Determines where a given DNS server gets its information from, and follows the chain of DNS servers.
• fierce - Python3 port of the original `fierce.pl` DNS reconnaissance tool for locating non-contiguous IP space.
• netdiscover - Network address discovery scanner, based on ARP sweeps, developed mainly for those wireless networks without a DHCP server.
• nmap - Free security scanner for network exploration & security audits.
• passivedns-client - Library and query tool for querying several passive DNS providers.
• passivedns - Network sniffer that logs all DNS server replies for use in a passive DNS setup.
• scanless - Utility for using websites to perform port scans on your behalf so as not to reveal your own IP.
• smbmap - Handy SMB enumeration tool.
• subbrute - DNS meta-query spider that enumerates DNS records, and subdomains.
• zmap - Open source network scanner that enables researchers to easily perform Internet-wide network studies.
• RustScan - Lightweight and quick open-source port scanner designed to automatically pipe open ports into Nmap.
• dnsenum - Perl script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack, and then performs reverse look-ups on the results.
• dnsmap - Passive DNS network mapper.
• dnsrecon - DNS enumeration script.

Network Traffic Replay and Editing Tools

• TraceWrangler - Network capture file toolkit that can edit and merge `pcap` or `pcapng` files with batch editing features.
• hping3 - Network tool able to send custom TCP/IP packets.
• pig - GNU/Linux packet crafting tool.
• scapy - Python-based interactive packet manipulation program and library.
• tcpreplay - Suite of free Open Source utilities for editing and replaying previously captured network traffic.
• bittwist - Simple yet powerful libpcap-based Ethernet packet generator useful in simulating networking traffic or scenario, testing firewall, IDS, and IPS, and troubleshooting various network problems.

Protocol Analyzers and Sniffers

• awesome-pcaptools
• Dshell - Network forensic analysis framework.
• Netzob - Reverse engineering, traffic generation and fuzzing of communication protocols.
• Wireshark - Widely-used graphical, cross-platform network protocol analyzer.
• netsniff-ng - Swiss army knife for network sniffing.
• sniffglue - Secure multithreaded packet sniffer.
• Debookee - Simple and powerful network traffic analyzer for macOS.

Proxies and Machine-in-the-Middle (MITM) Tools

• BetterCAP - Modular, portable and easily extensible MITM framework.
• Habu - Python utility implementing a variety of network attacks, such as ARP poisoning, DHCP starvation, and more.
• Lambda-Proxy - Utility for testing SQL Injection vulnerabilities on AWS Lambda serverless functions.
• MITMf - Framework for Man-In-The-Middle attacks.
• Morpheus - Automated ettercap TCP/IP Hijacking tool.
• SSH MITM - Intercept SSH connections with a proxy; all plaintext passwords and sessions are logged to disk.
• dnschef - Highly configurable DNS proxy for pentesters.
• evilgrade - Modular framework to take advantage of poor upgrade implementations by injecting fake updates.
• mallory - HTTP/HTTPS proxy over SSH.