Awesome Hacking
A collection of awesome lists for hackers, pentesters & security researchers.
Booking Site
DEFCON : https://defcon.org/
EINSTEIN : https://www.dhs.gov/einstein
Black Hat : http://www.blackhat.com/
Kali Linux Revealed Book : Book
Awesome Repositories
Repository | Description |
---|---|
Android Security | Collection of Android security related resources |
AppSec | Resources for learning about application security |
Bug Bounty | List of Bug Bounty Programs and write-ups from the Bug Bounty hunters |
Cheatsheets | Penetration Testing / Security Cheatsheets |
CTF | List of CTF frameworks, libraries, resources and softwares |
Cyber Skills | Curated list of hacking environments where you can train your cyber skills legally and safely |
DevSecOps | List of awesome DevSecOps tools with the help from community experiments and contributions |
Exploit Development | Resources for learning about Exploit Development |
Fuzzing | List of fuzzing resources for learning Fuzzing and initial phases of Exploit Development like root cause analysis |
Hacking | List of awesome Hacking tutorials, tools and resources |
Hacking Resources | Collection of hacking / penetration testing resources to make you better! |
Honeypots | List of honeypot resources |
Incident Response | List of tools for incident response |
Industrial Control System Security | List of resources related to Industrial Control System (ICS) security |
InfoSec | List of awesome infosec courses and training resources |
IoT Hacks | Collection of Hacks in IoT Space |
Malware Analysis | List of awesome malware analysis tools and resources |
OSINT | List of amazingly awesome Open Source Intelligence (OSINT) tools and resources |
OSX and iOS Security | OSX and iOS related security tools |
Pcaptools | Collection of tools developed by researchers in the Computer Science area to process network traces |
Pentest | List of awesome penetration testing resources, tools and other shiny things |
PHP Security | Libraries for generating secure random numbers, encrypting data and scanning for vulnerabilities |
Red Teaming | List of Awesome Red Team / Red Teaming Resources |
Reversing | List of awesome reverse engineering resources |
Sec Talks | List of awesome security talks |
SecLists | Collection of multiple types of lists used during security assessments |
Security | Collection of awesome software, libraries, documents, books, resources and cools stuffs about security |
Social Engineering | List of awesome social engineering resources |
Static Analysis | List of static analysis tools, linters and code quality checkers for various programming languages |
Threat Intelligence | List of Awesome Threat Intelligence resources |
Vehicle Security | List of resources for learning about vehicle security and car hacking |
Vulnerability Research | List of resources about Vulnerability Research |
Web Hacking | List of web application security |
Windows Exploitation | List of awesome Windows Exploitation resources and shiny things |
WiFi Arsenal | Pack of various useful/useless tools for 802.11 hacking |
YARA | List of awesome YARA rules, tools, and people |
Other useful repositories
Repository | Description |
---|---|
Adversarial Machine Learning | Curated list of awesome adversarial machine learning resources |
AI Security | Curated list of AI security resources |
API Security Checklist | Checklist of the most important security countermeasures when designing, testing, and releasing your API |
APT Notes | Various public documents, whitepapers and articles about APT campaigns |
Bug Bounty Reference | List of bug bounty write-up that is categorized by the bug nature |
Cryptography | Cryptography resources and tools |
CTF Tool | List of Capture The Flag (CTF) frameworks, libraries, resources and softwares |
CVE PoC | List of CVE Proof of Concepts (PoCs) |
Detection Lab | Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices |
Forensics | List of awesome forensic analysis tools and resources |
Free Programming Books | Free programming books for developers |
Gray Hacker Resources | Useful for CTFs, wargames, pentesting |
Infosec Getting Started | A collection of resources, documentation, links, etc to help people learn about Infosec |
Infosec Reference | Information Security Reference That Doesn’t Suck |
IOC | Collection of sources of indicators of compromise |
Linux Kernel Exploitation | A bunch of links related to Linux kernel fuzzing and exploitation |
Lockpicking | Resources relating to the security and compromise of locks, safes, and keys. |
Machine Learning for Cyber Security | Curated list of tools and resources related to the use of machine learning for cyber security |
Malware Scripts | Useful scripts related with malware |
Payloads | Collection of web attack payloads |
PayloadsAllTheThings | List of useful payloads and bypass for Web Application Security and Pentest/CTF |
Pentest Cheatsheets | Collection of the cheat sheets useful for pentesting |
Pentest Wiki | A free online security knowledge library for pentesters / researchers |
Probable Wordlists | Wordlists sorted by probability originally created for password generation and testing |
Resource List | Collection of useful GitHub projects loosely categorised |
Reverse Engineering | List of Reverse Engineering articles, books, and papers |
RFSec-ToolKit | Collection of Radio Frequency Communication Protocol Hacktools |
Security Cheatsheets | Collection of cheatsheets for various infosec tools and topics |
Security List | Great security list for fun and profit |
Shell | List of awesome command-line frameworks, toolkits, guides and gizmos to make complete use of shell |
ThreatHunter-Playbook | A Threat hunter’s playbook to aid the development of techniques and hypothesis for hunting campaigns |
Web Security | Curated list of Web Security materials and resources |
Need more ?
Follow Hack with GitHub on your favorite social media to get daily updates on interesting GitHub repositories related to Security.
- Twitter : @HackwithGithub
- Facebook : HackwithGithub
ref : https://github.com/Hack-with-Github/Awesome-Hacking
Documentation
- https://www.owasp.org/ – Open Web Application Security Project
- http://www.pentest-standard.org/ – Penetration Testing Execution Standard
- http://www.binary-auditing.com/ – Dr. Thorsten Schneider’s Binary Auditing
Tools
- http://www.metasploit.com/ – World’s most used penetration testing software
- http://www.arachni-scanner.com/ – Web Application Security Scanner Framework
- https://github.com/sullo/nikto – Nikto web server scanner
- http://www.tenable.com/products/nessus-vulnerability-scanner – Nessus Vulnerability Scanner
- http://www.portswigger.net/burp/intruder.html – Burp Intruder is a tool for automating customized attacks against web apps.
- http://www.openvas.org/ – The world’s most advanced Open Source vulnerability scanner and manager.
- https://github.com/iSECPartners/Scout2 – Security auditing tool for AWS environments
- https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project – Is a multi threaded java application designed to brute force directories and files names on web/application servers.
- https://www.owasp.org/index.php/ZAP – The Zed Attack Proxy is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.
- https://github.com/tecknicaltom/dsniff – dsniff is a collection of tools for network auditing and penetration testing. * https://github.com/WangYihang/Webshell-Sniper – Manage your webshell via terminal. * https://github.com/DanMcInerney/dnsspoof – DNS spoofer. Drops DNS responses from the router and replaces it with the spoofed DNS response
- https://github.com/trustedsec/social-engineer-toolkit – The Social-Engineer Toolkit (SET) repository from TrustedSec
- https://github.com/sqlmapproject/sqlmap – Automatic SQL injection and database takeover tool
- https://github.com/beefproject/beef – The Browser Exploitation Framework Project
- http://w3af.org/ – w3af is a Web Application Attack and Audit Framework
- https://github.com/espreto/wpsploit – WPSploit, Exploiting WordPress With Metasploit * https://github.com/WangYihang/Reverse-Shell-Manager – Reverse shell manager via terminal. * https://github.com/RUB-NDS/WS-Attacker – WS-Attacker is a modular framework for web services penetration testing
- https://github.com/wpscanteam/wpscan – WPScan is a black box WordPress vulnerability scanner
- http://sourceforge.net/projects/paros/ Paros proxy
- https://www.owasp.org/index.php/Category:OWASP_WebScarab_Project Web Scarab proxy
- https://code.google.com/p/skipfish/ Skipfish, an active web application security reconnaissance tool
- http://www.acunetix.com/vulnerability-scanner/ Acunetix Web Vulnerability Scanner
- http://www-03.ibm.com/software/products/en/appscan IBM Security AppScan
- https://www.netsparker.com/web-vulnerability-scanner/ Netsparker web vulnerability scanner
- http://www8.hp.com/us/en/software-solutions/webinspect-dynamic-analysis-dast/index.html HP Web Inspect
- https://github.com/sensepost/wikto Wikto – Nikto for Windows with some extra features
- http://samurai.inguardians.com Samurai Web Testing Framework
- https://code.google.com/p/ratproxy/ Ratproxy
- http://www.websecurify.com Websecurify
- http://sourceforge.net/projects/grendel/ Grendel-scan
- https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project DirBuster
- http://www.edge-security.com/wfuzz.php Wfuzz
- http://wapiti.sourceforge.net wapiti
- https://github.com/neuroo/grabber Grabber
- https://subgraph.com/vega/ Vega
- http://websecuritytool.codeplex.com Watcher passive web scanner
- http://xss.codeplex.com x5s XSS and Unicode transformations security testing assistant
- http://www.beyondsecurity.com/avds AVDS Vulnerability Assessment and Management
- http://www.golismero.com Golismero
- http://www.ikare-monitoring.com IKare
- http://www.nstalker.com N-Stalker X
- https://www.rapid7.com/products/nexpose/index.jsp Nexpose
- http://www.rapid7.com/products/appspider/ App Spider
- http://www.milescan.com ParosPro
- https://www.qualys.com/enterprises/qualysguard/web-application-scanning/ Qualys Web Application Scanning
- http://www.beyondtrust.com/Products/RetinaNetworkSecurityScanner/ Retina
- https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework Xenotix XSS Exploit Framework
- https://github.com/future-architect/vuls Vulnerability scanner for Linux, agentless, written in golang.
- https://github.com/rastating/wordpress-exploit-framework A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems.
- http://www.xss-payloads.com/ XSS Payloads to leverage XSS vulnerabilities, build custom payloads, practice penetration testing skills.
- https://github.com/joaomatosf/jexboss JBoss (and others Java Deserialization Vulnerabilities) verify and EXploitation Tool
- https://github.com/commixproject/commix Automated All-in-One OS command injection and exploitation tool
- https://github.com/pathetiq/BurpSmartBuster A Burp Suite content discovery plugin that add the smart into the Buster!
- https://github.com/GoSecure/csp-auditor Burp and ZAP plugin to analyze CSP headers
- https://github.com/ffleming/timing_attack Perform timing attacks against web applications
- https://github.com/lalithr95/fuzzapi Fuzzapi is a tool used for REST API pentesting
- https://github.com/owtf/owtf Offensive Web Testing Framework (OWTF)
- https://github.com/nccgroup/wssip Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa.
- https://github.com/tijme/angularjs-csti-scanner Automated client-side template injection (sandbox escape/bypass) detection for AngularJS (ACSTIS).
Cheat Sheets
- http://n0p.net/penguicon/php_app_sec/mirror/xss.html – XSS cheatsheet
- https://highon.coffee/blog/lfi-cheat-sheet/ – LFI Cheat Sheet
- https://highon.coffee/blog/reverse-shell-cheat-sheet/ – Reverse Shell Cheat Sheet
- https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/ – SQL Injection Cheat Sheet
- https://www.gracefulsecurity.com/path-traversal-cheat-sheet-windows/ – Path Traversal Cheat Sheet: Windows
Docker images for Penetration Testing
docker pull kalilinux/kali-linux-docker
official Kali Linuxdocker pull owasp/zap2docker-stable
– official OWASP ZAPdocker pull wpscanteam/wpscan
– official WPScandocker pull pandrew/metasploit
– docker-metasploitdocker pull citizenstig/dvwa
– Damn Vulnerable Web Application (DVWA)docker pull wpscanteam/vulnerablewordpress
– Vulnerable WordPress Installationdocker pull hmlio/vaas-cve-2014-6271
– Vulnerability as a service: Shellshockdocker pull hmlio/vaas-cve-2014-0160
– Vulnerability as a service: Heartbleeddocker pull opendns/security-ninjas
– Security Ninjasdocker pull usertaken/archlinux-pentest-lxde
– Arch Linux Penetration Testerdocker pull diogomonica/docker-bench-security
– Docker Bench for Securitydocker pull ismisepaul/securityshepherd
– OWASP Security Shepherddocker pull danmx/docker-owasp-webgoat
– OWASP WebGoat Project docker imagedocker pull citizenstig/nowasp
– OWASP Mutillidae II Web Pen-Test Practice Application
Vulnerabilities
- http://cve.mitre.org/ – Common Vulnerabilities and Exposures. The Standard for Information Security Vulnerability Names
- https://www.exploit-db.com/ – The Exploit Database – ultimate archive of Exploits, Shellcode, and Security Papers.
- http://0day.today/ – Inj3ct0r is the ultimate database of exploits and vulnerabilities and a great resource for vulnerability researchers and security professionals.
- http://osvdb.org/ – OSVDB’s goal is to provide accurate, detailed, current, and unbiased technical security information.
- http://www.securityfocus.com/ – Since its inception in 1999, SecurityFocus has been a mainstay in the security community.
- http://packetstormsecurity.com/ – Global Security Resource
- https://wpvulndb.com/ – WPScan Vulnerability Database
Courses
- https://www.elearnsecurity.com/course/web_application_penetration_testing/ eLearnSecurity Web Application Penetration Testing
- https://www.elearnsecurity.com/course/web_application_penetration_testing_extreme/ eLearnSecurity Web Application Penetration Testing eXtreme
- https://www.offensive-security.com/information-security-training/advanced-web-attack-and-exploitation/ Offensive Security Advanced Web Attacks and Exploitation (live)
- https://www.sans.org/course/web-app-penetration-testing-ethical-hacking Sans SEC542: Web App Penetration Testing and Ethical Hacking
- https://www.sans.org/course/advanced-web-app-penetration-testing-ethical-hacking Sans SEC642: Advanced Web App Penetration Testing and Ethical Hacking * http://opensecuritytraining.info/ – Open Security Training
- http://securitytrainings.net/security-trainings/ – Security Exploded Training
- http://www.cs.fsu.edu/~redwood/OffensiveComputerSecurity/ – FSU – Offensive Computer Security
- http://www.cs.fsu.edu/~lawrence/OffNetSec/ – FSU – Offensive Network Security
- http://www.securitytube.net/ – World’s largest Infosec and Hacking Portal.
Online Hacking Demonstration Sites
- http://testasp.vulnweb.com/ – Acunetix ASP test and demonstration site
- http://testaspnet.vulnweb.com/ – Acunetix ASP.Net test and demonstration site
- http://testphp.vulnweb.com/ – Acunetix PHP test and demonstration site
- http://crackme.cenzic.com/kelev/view/home.php – Crack Me Bank
- http://zero.webappsecurity.com/ – Zero Bank
- http://demo.testfire.net/ – Altoro Mutual
Labs
- http://www.cis.syr.edu/~wedu/seed/all_labs.html – Developing Instructional Laboratories for Computer SEcurity EDucation
- https://www.vulnhub.com/ – Virtual Machines for Localhost Penetration Testing.
- https://pentesterlab.com/ – PentesterLab is an easy and great way to learn penetration testing.
- https://github.com/jerryhoff/WebGoat.NET – This web application is a learning platform about common web security flaws.
- http://www.dvwa.co.uk/ – Damn Vulnerable Web Application (DVWA)
- http://sourceforge.net/projects/lampsecurity/ – LAMPSecurity Training
- https://github.com/Audi-1/sqli-labs – SQLI labs to test error based, Blind boolean based, Time based.
- https://github.com/paralax/lfi-labs – small set of PHP scripts to practice exploiting LFI, RFI and CMD injection vulns
- https://hack.me/ – Build, host and share vulnerable web apps in a sandboxed environment for free
- http://azcwr.org/az-cyber-warfare-ranges – Free live fire Capture the Flag, blue team, red team Cyber Warfare Range for beginners through advanced users. Must use a cell phone to send a text message requesting access to the range.
- https://github.com/adamdoupe/WackoPicko – WackoPicko is a vulnerable web application used to test web application vulnerability scanners.
- https://github.com/rapid7/hackazon – Hackazon is a free, vulnerable test site that is an online storefront built with the same technologies used in today’s rich client and mobile applications.
SSL
- https://www.ssllabs.com/ssltest/index.html – This service performs a deep analysis of the configuration of any SSL web server on the public Internet.
- https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html – Strong SSL Security on nginx
- https://weakdh.org/ – Weak Diffie-Hellman and the Logjam Attack
- https://letsencrypt.org/ – Let’s Encrypt is a new Certificate Authority: It’s free, automated, and open.
- https://filippo.io/Heartbleed/ – A checker (site and tool) for CVE-2014-0160 (Heartbleed).
Security Ruby on Rails
- http://brakemanscanner.org/ – A static analysis security vulnerability scanner for Ruby on Rails applications.
- https://github.com/rubysec/ruby-advisory-db – A database of vulnerable Ruby Gems
- https://github.com/rubysec/bundler-audit – Patch-level verification for Bundler
- https://github.com/hakirisec/hakiri_toolbelt – Hakiri Toolbelt is a command line interface for the Hakiri platform.
- https://hakiri.io/facets – Scan Gemfile.lock for vulnerabilities.
- http://rails-sqli.org/ – This page lists many query methods and options in ActiveRecord which do not sanitize raw SQL arguments and are not intended to be called with unsafe user input.
- https://github.com/0xsauby/yasuo – A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
ref : https://github.com/infoslack/awesome-web-hacking
Awesome Hacking
Awesome hacking is a curated list of hacking tools for hackers, pentesters and security researchers. Its goal is to collect, classify and make awesome tools easy to find by humans, creating a toolset you can checkout and update with one command.
Table of Contents
Code Auditing
Static Analysis
- Brakeman – A static analysis security vulnerability scanner for Ruby on Rails applications.
- ShellCheck – A static analysis tool for shell scripts.
Cryptography
- FeatherDuster – An automated, modular cryptanalysis tool.
- RSATool – Generate private key with knowledge of p and q.
- Xortool – A tool to analyze multi-byte xor cipher.
CTF Tools
- CTFd – CTF in a can. Easily modifiable and has everything you need to run a jeopardy style CTF.
- FBCTF – Platform to host Capture the Flag competitions.
- Mellivora – A CTF engine written in PHP.
- OneGadget – A tool for you easy to find the one gadget RCE in libc.so.6.
- NightShade – A simple security CTF framework.
- OpenCTF – CTF in a box. Minimal setup required.
- Pwntools – CTF framework and exploit development library.
- Scorebot – Platform for CTFs by Legitbs (Defcon).
- V0lt – Security CTF Toolkit.
Docker
- Docker Bench for Security – The Docker Bench for Security checks for all the automatable tests in the CIS Docker 1.6 Benchmark.
docker pull diogomonica/docker-bench-security
- DVWA – Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web application that is damn vulnerable.
docker pull citizenstig/dvwa
- Kali Linux – This Kali Linux Docker image provides a minimal base install of the latest version of the Kali Linux Rolling Distribution.
docker pull kalilinux/kali-linux-docker
- Metasploit – Metasploit Framework penetration testing software (unofficial docker).
docker pull remnux/metasploit
- OWASP Juice Shop – An intentionally insecure webapp for security trainings written entirely in Javascript which encompasses the entire OWASP Top Ten and other severe security flaws.
docker pull bkimminich/juice-shop
- OWASP Mutillidae II – OWASP Mutillidae II Web Pen-Test Practice Application.
docker pull citizenstig/nowasp
- OWASP NodeGoat – An environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
git clone https://github.com/OWASP/NodeGoat.git docker-compose build && docker-compose up
- OWASP Railsgoat – A vulnerable version of Rails that follows the OWASP Top 10.
docker pull owasp/railsgoat
- OWASP Security Shepherd – A web and mobile application security training platform.
docker pull ismisepaul/securityshepherd
- OWASP WebGoat – A deliberately insecure Web Application.
docker pull danmx/docker-owasp-webgoat
- OWASP ZAP – Current stable owasp zed attack proxy release in embedded docker container.
docker pull owasp/zap2docker-stable
- Security Ninjas – An Open Source Application Security Training Program.
docker pull opendns/security-ninjas
- SpamScope – SpamScope (Fast Advanced Spam Analysis Tool) Elasticsearch.
docker pull fmantuano/spamscope-elasticsearch
- Vulnerable WordPress Installation – Vulnerable WordPress Installation.
docker pull wpscanteam/vulnerablewordpress
- Vulnerability as a service: Heartbleed – Vulnerability as a Service: CVE 2014-0160.
docker pull hmlio/vaas-cve-2014-0160
- Vulnerability as a service: Shellshock – Vulnerability as a Service: CVE 2014-6271.
docker pull hmlio/vaas-cve-2014-6271
- WPScan – WPScan is a black box WordPress vulnerability scanner.
docker pull wpscanteam/wpscan
Forensics
File Forensics
- Autopsy – A digital forensics platform and graphical interface to The Sleuth Kit and other digital forensics tools.
- DFF – A Forensics Framework coming with command line and graphical interfaces. DFF can be used to investigate hard drives and volatile memory and create reports about user and system activities.
- Hadoop_framework – A prototype system that uses Hadoop to process hard drive images.
- OSXCollector – A forensic evidence collection & analysis toolkit for OS X.
- Scalpel – An open source data carving tool.
- Shellbags – Investigate NT_USER.dat files.
- Sleuthkit – A library and collection of command line digital forensics tools.
Live Analysis
- OS X Auditor – OS X Auditor is a free Mac OS X computer forensics tool.
Memory Forensics
- Rekall – Memory analysis framework developed by Google.
- Volatility – Extract digital artifacts from volatile memory (RAM) samples.
Mobile
- Android Forensic Toolkit – Allows you to extract SMS records, call history, photos, browsing history, and password from an Android phone.
- Mem – Tool used for dumping memory from Android devices.
Network Forensics
- Dshell – A network forensic analysis framework.
- Passivedns – A network sniffer that logs all DNS server replies for use in a passive DNS setup.
Misc
- HxD – A hex editor which, additionally to raw disk editing and modifying of main memory (RAM), handles files of any size.
- Libfvde <https://github.com/libyal/libfvde> – Library and tools to access FileVault Drive Encryption (FVDE) encrypted volumes.
Intelligence
- VIA4CVE – An aggregator of the known vendor vulnerabilities database to support the expansion of information with CVEs.
Library
C
- Libdnet – Provides a simplified, portable interface to several low-level networking routines, including network address manipulation, kernel arp cache and route table lookup and manipulation, network firewalling, network interface lookup and manipulation, IP tunnelling, and raw IP packet and Ethernet frame transmission.
Java
- Libsignal-service-java – A Java/Android library for communicating with the Signal messaging service.
Python
- Dpkt – Fast, simple packet creation / parsing, with definitions for the basic TCP/IP protocols.
- Pcapy – A Python extension module that interfaces with the libpcap packet capture library. Pcapy enables python scripts to capture packets on the network. Pcapy is highly effective when used in conjunction with a packet-handling package such as Impacket, which is a collection of Python classes for constructing and dissecting network packets.
- PyBFD – Python interface to the GNU Binary File Descriptor (BFD) library.
- Pynids – A python wrapper for libnids, a Network Intrusion Detection System library offering sniffing, IP defragmentation, TCP stream reassembly and TCP port scan detection. Let your own python routines examine network conversations.
- Pypcap – This is a simplified object-oriented Python wrapper for libpcap.
- PyPDF2 – A utility to read and write PDFs with Python.
- Python-ptrace – Python binding of ptrace library.
- RDPY – RDPY is a pure Python implementation of the Microsoft RDP (Remote Desktop Protocol) protocol (client and server side).
- Scapy – A python-based interactive packet manipulation program & library.
Ruby
- Secureheaders – Security related headers all in one gem.
Live CD – Distributions
- Android Tamer – Virtual / Live Platform for Android Security professionals.
- ArchStrike – An Arch Linux repository for security professionals and enthusiasts.
- BackBox – Ubuntu-based distribution for penetration tests and security assessments.
- BlackArch – Arch Linux-based distribution for penetration testers and security researchers.
- BOSSLive – An Indian GNU/Linux distribution developed by CDAC and is customized to suit Indian’s digital environment. It supports most of the Indian languages.
- DEFT Linux – Suite dedicated to incident response and digital forensics.
- Fedora Security Lab – A safe test environment to work on security auditing, forensics, system rescue and teaching security testing methodologies in universities and other organizations.
- Kali – A Linux distribution designed for digital forensics and penetration testing.
- NST – Network Security Toolkit distribution.
- Ophcrack – A free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms.
- Parrot – Security GNU/Linux distribution designed with cloud pentesting and IoT security in mind.
- Pentoo – Security-focused livecd based on Gentoo.
- REMnux – Toolkit for assisting malware analysts with reverse-engineering malicious software.
Malware
Dynamic Analysis
- Androguard – Reverse engineering, Malware and goodware analysis of Android applications.
- Cuckoo Sandbox – An automated dynamic malware analysis system.
- CuckooDroid – Automated Android Malware Analysis with Cuckoo Sandbox.
- DECAF – Short for Dynamic Executable Code Analysis Framework, is a binary analysis platform based on QEMU.
- DroidBox – Dynamic analysis of Android apps.
- Hooker – An opensource project for dynamic analyses of Android applications.
- Jsunpack-n – Emulates browser functionality when visiting a URL.
- Magento-malware-scanner – A collection of rules and samples to detect Magento malware.
- Malzilla – Web pages that contain exploits often use a series of redirects and obfuscated code to make it more difficult for somebody to follow. MalZilla is a useful program for use in exploring malicious pages. It allows you to choose your own user agent and referrer, and has the ability to use proxies. It shows you the full source of webpages and all the HTTP headers. It gives you various decoders to try and deobfuscate javascript aswell.
- ProbeDroid – A dynamic binary instrumentation kit targeting on Android(Lollipop) 5.0 and above.
- PyEMU – Fully scriptable IA-32 emulator, useful for malware analysis.
- WScript Emulator – Emulator/tracer of the Windows Script Host functionality.
Honeypot
- Basic-auth-pot – HTTP Basic Authentication honeyPot.
- Conpot – ICS/SCADA honeypot.
- Cowrie – SSH honeypot, based on Kippo.
- Elastichoney – A Simple Elasticsearch Honeypot.
- ESPot – An Elasticsearch honeypot written in NodeJS, to capture every attempts to exploit CVE-2014-3120.
- Delilah – An Elasticsearch Honeypot written in Python.
- Dionaea – Honeypot designed to trap malware.
- Glastopf – Web Application Honeypot.
- Glutton – All eating honeypot.
- Honeyd – Create a virtual honeynet.
- HoneyPress – python based WordPress honeypot in a docker container.
- HonnyPotter – A WordPress login honeypot for collection and analysis of failed login attempts.
- Maildb – Python Web App to Parse and Track Email and http Pcap Files.
- MHN – Multi-snort and honeypot sensor management, uses a network of VMs, small footprint SNORT installations, stealthy dionaeas, and a centralized server for management.
- Mnemosyne – A normalizer for honeypot data; supports Dionaea.
- MongoDB-HoneyProxy – A honeypot proxy for mongodb. When run, this will proxy and log all traffic to a dummy mongodb server.
- MysqlPot – A mysql honeypot, still very very early stage.
- Nodepot – A nodejs web application honeypot.
- NoSQLPot – The NoSQL Honeypot Framework.
- Phoneyc – Pure Python honeyclient implementation.
- Phpmyadmin_honeypot – A simple and effective phpMyAdmin honeypot.
- Servletpot – Web application Honeypot.
- Shadow Daemon – A modular Web Application Firewall / High-Interaction Honeypot for PHP, Perl & Python apps.
- Smart-honeypot – PHP Script demonstrating a smart honey pot.
- SpamScope – Fast Advanced Spam Analysis Tool.
- Thug – Low interaction honeyclient, for investigating malicious websites.
- Wordpot – A WordPress Honeypot.
- Wp-smart-honeypot – WordPress plugin to reduce comment spam with a smarter honeypot.
Intelligence
- MISP Modules – Modules for expansion services, import and export in MISP.
- Passivedns-client – Provides a library and a query tool for querying several passive DNS providers.
- Rt2jira – Convert RT tickets to JIRA tickets.
Ops
- CapTipper – A python tool to analyze, explore and revive HTTP malicious traffic.
- Google-play-crawler – Google-play-crawler is simply Java tool for searching android applications on GooglePlay, and also downloading them.
- Googleplay-api – An unofficial Python API that let you search, browse and download Android apps from Google Play (formerly Android Market).
- FakeNet-NG – A next generation dynamic network analysis tool for malware analysts and penetration testers. It is open source and designed for the latest versions of Windows.
- Malboxes – Builds malware analysis Windows VMs so that you don’t have to.
- Node-appland – NodeJS tool to download APKs from appland.
- Node-aptoide – NodeJS to download APKs from aptoide.
- Node-google-play – Call Google Play APIs from Node.
Source Code
- Android-malware – Collection of android malware samples.
- Carberp – Carberp leaked source code.
- Fancybear – Fancy Bear Source Code.
- Mirai – Leaked Mirai Source Code for Research/IoC Development Purposes.
- TinyNuke – Zeus-style banking trojan.
- Zeus – Zeus version 2.0.8.9, leaked in 2011.
Static Analysis
- Androwarn – Detect and warn the user about potential malicious behaviours developped by an Android application.
- ApkAnalyser – A static, virtual analysis tool for examining and validating the development work of your Android app.
- APKinspector A powerful GUI tool for analysts to analyze the Android applications.
- Argus-SAF – Argus static analysis framework.
- CFGScanDroid – Control Flow Graph Scanning for Android.
- ConDroid – Symbolic/concolic execution of Android apps.
- DroidLegacy – Static analysis scripts.
- Floss – FireEye Labs Obfuscated String Solver. Automatically extract obfuscated strings from malware.
- FSquaDRA – Fast detection of repackaged Android applications based on the comparison of resource files included into the package.
- Inspeckage – Android Package Inspector – dynamic analysis with api hooks, start unexported activities and more.
- Maldrolyzer – Simple framework to extract “actionable” data from Android malware (C&Cs, phone numbers, etc).
- Peepdf – A Python tool to explore PDF files in order to find out if the file can be harmful or not. The aim of this tool is to provide all the necessary components that a security researcher could need in a PDF analysis without using 3 or 4 tools to make all the tasks.
- PEfile – Read and work with Portable Executable (aka PE) files.
- PEview – A quick and easy way to view the structure and content of 32-bit Portable Executable (PE) and Component Object File Format (COFF) files.
- Pdfminer – A tool for extracting information from PDF documents.
- PScout – Analyzing the Android Permission Specification.
- Smali-CFGs – Smali Control Flow Graph’s.
- SmaliSCA – Smali Static Code Analysis.
- Sysinternals Suite – The Sysinternals Troubleshooting Utilities.
- Yara – Identify and classify malware samples.
Network
Analysis
- Bro – A powerful network analysis framework that is much different from the typical IDS you may know.
- Pytbull – A python based flexible IDS/IPS testing framework.
- Sguil – Sguil (pronounced sgweel) is built by network security analysts for network security analysts. Sguil’s main component is an intuitive GUI that provides access to realtime events, session data, and raw packet captures.
Fake Services
- DNSChef – DNS proxy for Penetration Testers and Malware Analysts.
- DnsRedir – A small DNS server that will respond to certain queries with addresses provided on the command line.
Packet Manipulation
- Pig – A Linux packet crafting tool.
- Yersinia – A network tool designed to take advantage of some weakeness in different network protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems.
Sniffer
- Cloud-pcap – Web PCAP storage and analytics.
- Dnscap – Network capture utility designed specifically for DNS traffic.
- Dripcap – Caffeinated Packet Analyzer.
- Dsniff – A collection of tools for network auditing and pentesting.
- Justniffer – Just A Network TCP Packet Sniffer. Justniffer is a network protocol analyzer that captures network traffic and produces logs in a customized way, can emulate Apache web server log files, track response times and extract all “intercepted” files from the HTTP traffic.
- Moloch – Moloch is a open source large scale full PCAP capturing, indexing and database system.
- Net-creds – Sniffs sensitive data from interface or pcap.
- NetworkMiner – A Network Forensic Analysis Tool (NFAT).
- Netsniff-ng – A Swiss army knife for your daily Linux network plumbing.
- OpenFPC – OpenFPC is a set of scripts that combine to provide a lightweight full-packet network traffic recorder and buffering tool. Its design goal is to allow non-expert users to deploy a distributed network traffic recorder on COTS hardware while integrating into existing alert and log tools.
- PF_RING – PF_RING™ is a Linux kernel module and user-space framework that allows you to process packets at high-rates while providing you a consistent API for packet processing applications.
- WebPcap – A web-based packet analyzer (client/server architecture). Useful for analyzing distributed applications or embedded devices.
- Wireshark – A free and open-source packet analyzer.
Penetration Testing
DoS
- DHCPig – DHCP exhaustion script written in python using scapy network library.
- LOIC – Low Orbit Ion Cannon – An open source network stress tool, written in C#. Based on Praetox’s LOIC project.
- Sockstress – Sockstress (TCP DoS) implementation.
- T50 – The more fast network stress tool.
- Torshammer – Tor’s hammer. Slow post DDOS tool written in python.
- UFONet – Abuses OSI Layer 7-HTTP to create/manage ‘zombies’ and to conduct different attacks using; GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.
Exploiting
- BeEF – The Browser Exploitation Framework Project.
- Commix – Automated All-in-One OS Command Injection and Exploitation Tool.
- DLLInjector – Inject dlls in processes.
- ExploitPack – Graphical tool for penetration testing with a bunch of exploits.
- Evilgrade – The update explotation framework.
- Fathomless – A collection of different programs for network red teaming.
- Linux Exploit Suggester – Linux Exploit Suggester; based on operating system release number.
- Metasploit Framework – Exploitation framework.
- Nessus – Vulnerability, configuration, and compliance assessment.
- Nexpose – Vulnerability Management & Risk Management Software.
- OpenVAS – Open Source vulnerability scanner and manager.
- PowerSploit – A PowerShell Post-Exploitation Framework.
- PSKernel-Primitives – Exploit primitives for PowerShell.
- ROP Gadget – Framework for ROP exploitation.
- Routersploit – Automated penetration testing software for router.
- Rupture – A framework for BREACH and other compression-based crypto attacks.
- Shellsploit – Let’s you generate customized shellcodes, backdoors, injectors for various operating system. And let’s you obfuscation every byte via encoders.
- SPARTA – Network Infrastructure Penetration Testing Tool.
- Spoodle – A mass subdomain + poodle vulnerability scanner.
- Veil Framework – A tool designed to generate metasploit payloads that bypass common anti-virus solutions.
- Vuls – Vulnerability scanner for Linux/FreeBSD, agentless, written in Go.
- Windows Exploit Suggester – Detects potential missing patches on the target.
- Zarp – Network Attack Tool.
Exploits
- Chakra-2016-11 – Proof-of-Concept exploit for Edge bugs (CVE-2016-7200 & CVE-2016-7201).
- MS17-010 – Exploits for MS17-010.
- Ruby-advisory-db – A database of vulnerable Ruby Gems.
- The Exploit Database – The official Exploit Database repository.
- XiphosResearch Exploits – Miscellaneous proof of concept exploit code written at Xiphos Research for testing purposes.
Info Gathering
- Bundler-audit – Patch-level verification for Bundler.
- Dnsenum – A perl script that enumerates DNS information.
- Dnsmap – Passive DNS network mapper.
- Dnsrecon – DNS Enumeration Script.
- Knock – A python tool designed to enumerate subdomains on a target domain through a wordlist.
- IVRE – An open-source framework for network recon. It relies on open-source well-known tools to gather data (network intelligence), stores it in a database, and provides tools to analyze it.
- Operative-framework – This is a framework based on fingerprint action, this tool is used for get information on a website or a enterprise target with multiple modules (Viadeo search,Linkedin search, Reverse email whois, Reverse ip whois, SQL file forensics …).
- Recon-ng – A full-featured Web Reconnaissance framework written in Python.
- SMBMap – A handy SMB enumeration tool.
- SSLMap – TLS/SSL cipher suite scanner.
- Subbrute – A DNS meta-query spider that enumerates DNS records, and subdomains.
- TruffleHog – Searches through git repositories for high entropy strings, digging deep into commit history.
- URLextractor – Information gathering & website reconnaissance.
- Wmap – Information gathering for web hacking.
Fuzzing
- AndroFuzz – A fuzzing utility for Android that focuses on reporting and delivery portions of the fuzzing process.
- Construct – Declarative data structures for python that allow symmetric parsing and building.
- Fusil – A Python library used to write fuzzing programs. It helps to start process with a prepared environment (limit memory, environment variables, redirect stdout, etc.), start network client or server, and create mangled files.
- Fuzzbox – A multi-codec media fuzzing tool.
- Honggfuzz – Security oriented fuzzer with powerful analysis options. Supports evolutionary, feedback-driven fuzzing based on code coverage (sw and hw).
- Melkor-android – An Android port of the melkor ELF fuzzer.
- MFFA – Media Fuzzing Framework for Android.
- Netzob – Netzob is an opensource tool for reverse engineering, traffic generation and fuzzing of communication protocols.
- Python-AFL – American fuzzy lop fork server and instrumentation for pure-Python code.
- Radamsa-android – An Android port of radamsa fuzzer.
- SecLists – A collection of multiple types of lists used during security assessments.
- Sulley – Fuzzer development and fuzz testing framework consisting of multiple extensible components.
- TAOF – The Art of Fuzzing, including ProxyFuzz, a man-in-the-middle non-deterministic network fuzzer.
- Windows IPC Fuzzing Tools – A collection of tools used to attack applications that use Windows Interprocess Communication mechanisms.
- Zulu – A fuzzer designed for rapid prototyping that normally happens on a client engagement where something needs to be fuzzed within tight timescales.
Mobile
- AFE – Android Framework for Exploitation, is a framework for exploiting android based devices.
- AndroBugs – An efficient Android vulnerability scanner that helps developers or hackers find potential security vulnerabilities in Android applications.
- Android-vts – Android Vulnerability Test Suite – In the spirit of open data collection, and with the help of the community, let’s take a pulse on the state of Android security.
- Androl4b – A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis.
- CobraDroid – A custom build of the Android operating system geared specifically for application security analysts and for individuals dealing with mobile malware.
- Drozer – The Leading Security Assessment Framework for Android.
- Idb – A tool to simplify some common tasks for iOS pentesting and research.
- Introspy-iOS – Security profiling for blackbox iOS.
- JAADAS – Joint Advanced Defect assEsment for android applications.
- Mobile Security Framework – An intelligent, all-in-one open source mobile application (Android/iOS/Windows) automated pen-testing framework capable of performing static, dynamic analysis and web API testing.
- QARK – QARK by LinkedIn is for app developers to scan app for security issues.
MITM
- Dnsspoof – DNS spoofer. Drops DNS responses from the router and replaces it with the spoofed DNS response.
- Ettercap – A comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis.
- Bettercap – A powerful, flexible and portable tool created to perform various types of MITM attacks against a network, manipulate HTTP, HTTPS and TCP traffic in realtime, sniff for credentials and much more.
- Mallory – An extensible TCP/UDP man in the middle proxy that is designed to be run as a gateway. Unlike other tools of its kind, Mallory supports modifying non-standard protocols on the fly.
- MITMf – Framework for Man-In-The-Middle attacks.
- Mitmproxy – An interactive, SSL-capable man-in-the-middle proxy for HTTP with a console interface.
- Mitmsocks4j – Man in the Middle SOCKS Proxy for JAVA.
- Nogotofail – An on-path blackbox network traffic security testing tool.
- Responder – A LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
Password Cracking
- BozoCrack – A silly & effective MD5 cracker in Ruby.
- HashCat – World’s fastest and most advanced password recovery utility.
- Hob0Rules – Password cracking rules for Hashcat based on statistics and industry patterns.
- John the Ripper – A fast password cracker.
- THC-Hydra – A very fast network logon cracker which support many different services.
Port Scanning
- Angry IP Scanner – Fast and friendly network scanner.
- Masscan – TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
- Nmap – Free Security Scanner For Network Exploration & Security Audits.
- Zmap – An open-source network scanner that enables researchers to easily perform Internet-wide network studies.
Post Exploitation
- Creddump – Dump windows credentials.
- DET – (extensible) Data Exfiltration Toolkit (DET).
- Dnsteal – DNS Exfiltration tool for stealthily sending files over DNS requests.
- Empire – Empire is a pure PowerShell post-exploitation agent.
- Fireaway – Next Generation Firewall Audit and Bypass Tool.
- Iodine – Lets you tunnel IPv4 data through a DNS server.
- Mallory – HTTP/HTTPS proxy over SSH.
- Mimikatz – A little tool to play with Windows security.
- P0wnedShell – PowerShell Runspace Post Exploitation Toolkit.
- Pwnat – Punches holes in firewalls and NATs allowing any numbers of clients behind NATs to directly connect to a server behind a different NAT.
- Tgcd – A simple Unix network utility to extend the accessibility of TCP/IP based network services beyond firewalls.
- WCE – Windows Credentials Editor (WCE) is a security tool to list logon sessions and add, change, list and delete associated credentials.
Reporting
- Dradis – Colllaboration and reporting for IT Security teams.
- Faraday – Collaborative Penetration Test and Vulnerability Management Platform.
Services
- Sslstrip – A demonstration of the HTTPS stripping attacks.
- Sslstrip2 – SSLStrip version to defeat HSTS.
- SSLyze – SSL configuration scanner.
- Tls_prober – Fingerprint a server’s SSL/TLS implementation.
Training
- Don’t Panic – Training linux bind shell with anti-reverse engineering techniques.
- DVWA – Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web application that is damn vulnerable.
- DVWS – Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication.
- OWASP Juice Shop – An intentionally insecure webapp for security trainings written entirely in Javascript which encompasses the entire OWASP Top Ten and other severe security flaws.
- OWASP NodeGoat – An environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
- OWASP Railsgoat – A vulnerable version of Rails that follows the OWASP Top 10.
- OWASP Security Shepherd – A web and mobile application security training platform.
- OWASP WebGoat – A deliberately insecure Web Application.
- RopeyTasks – Deliberately vulnerable web application.
Web
- Arachni – Web Application Security Scanner Framework.
- BlindElephant – Web Application Fingerprinter.
- Burp Suite – An integrated platform for performing security testing of web applications.
- Cms-explorer – CMS Explorer is designed to reveal the the specific modules, plugins, components and themes that various CMS driven web sites are running.
- Dvcs-ripper – Rip web accessible (distributed) version control systems.
- Fimap – Find, prepare, audit, exploit and even google automatically for LFI/RFI bugs.
- Joomscan – Joomla CMS scanner.
- Kadabra – Automatic LFI Exploiter and Scanner, written in C++ and a couple extern module in Python.
- Kadimus – LFI scan and exploit tool.
- Liffy – LFI exploitation tool.
- Netsparker – Web Application Security Scanner.
- Nikto2 – Web application vulnerability scanner.
- NoSQLMap – Automated Mongo database and NoSQL web application exploitation tool.
- OWASP Xenotix – XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework.
- Paros – A Java based HTTP/HTTPS proxy for assessing web application vulnerability.
- Ratproxy – A semi-automated, largely passive web application security audit tool, optimized for an accurate and sensitive detection, and automatic annotation, of potential problems.
- Scout2 – Security auditing tool for AWS environments.
- Skipfish – An active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes.
- SQLMap – Automatic SQL injection and database takeover tool.
- SQLNinja – SQL Server injection & takeover tool.
- TPLMap – Automatic Server-Side Template Injection Detection and Exploitation Tool.
- Yasuo – A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network.
- W3af – Web application attack and audit framework.
- Wapiti – Web application vulnerability scanner.
- Weevely3 – Weaponized web shell.
- WhatWeb – Website Fingerprinter.
- WordPress Exploit Framework – A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems.
- WPScan – WPScan is a black box WordPress vulnerability scanner.
- WPSploit – Exploiting WordPress With Metasploit.
- WS-Attacker – A modular framework for web services penetration testing.
- Zed Attack Proxy (ZAP) – The OWASP ZAP core project.
Wireless
- Aircrack-ng – An 802.11 WEP and WPA-PSK keys cracking program.
- Kismet – Wireless network detector, sniffer, and IDS.
- LANs.py – Inject code, jam wifi, and spy on wifi users.
- Mass-deauth – A script for 802.11 mass-deauthentication.
- Reaver – Brute force attack against Wifi Protected Setup.
- Wifikill – A python program to kick people off of wifi.
- Wifijammer – Continuously jam all wifi clients/routers.
- Wifite – Automated wireless attack tool.
- Wifiphisher – Automated phishing attacks against Wi-Fi networks.
Security
Endpoint Security
- AIDE – Advanced Intrusion Detection Environment is a file and directory integrity checker.
- Duckhunt – Prevent RubberDucky (or other keystroke injection) attacks.
Privacy
- I2P – The Invisible Internet Project.
- Nipe – A script to make Tor Network your default gateway.
- SecureDrop – Open-source whistleblower submission system that media organizations can use to securely accept documents from and communicate with anonymous sources.
- Tor – The free software for enabling onion routing online anonymity.
Reverse Engineering
- AndBug – A debugger targeting the Android platform’s Dalvik virtual machine intended for reverse engineers and developers.
- Angr – A platform-agnostic binary analysis framework developed by the Computer Security Lab at UC Santa Barbara and their associated CTF team, Shellphish.
- Apk2Gold – Yet another Android decompiler.
- ApkTool – A tool for reverse engineering Android apk files.
- Barf – Binary Analysis and Reverse engineering Framework.
- BinText – A small, very fast and powerful text extractor.
- BinWalk – Analyze, reverse engineer, and extract firmware images.
- Boomerang – Decompile x86 binaries to C.
- Bytecode-viewer – A Java 8 Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More).
- Bytecode_graph – Module designed to modify Python bytecode. Allows instructions to be added or removed from a Python bytecode string.
- Capstone – Lightweight multi-platform, multi-architecture disassembly framework with Python bindings.
- CHIPSEC – Platform Security Assessment Framework.
- Coda – Coredump analyzer.
- Ctf_import – Run basic functions from stripped binaries cross platform.
- Edb – A cross platform x86/x86-64 debugger.
- Dex2jar – Tools to work with android .dex and java .class files.
- Distorm – Powerful Disassembler Library For x86/AMD64.
- DotPeek – A free-of-charge .NET decompiler from JetBrains.
- Enjarify – A tool for translating Dalvik bytecode to equivalent Java bytecode. This allows Java analysis tools to analyze Android applications.
- Fibratus – Tool for exploration and tracing of the Windows kernel.
- Fino – An Android Dynamic Analysis Tool.
- Flare-ida – IDA Pro utilities from FLARE team.
- Frida – Inject JavaScript to explore native apps on Windows, macOS, Linux, iOS, Android, and QNX.
- Gdb-dashboard – Modular visual interface for GDB in Python.
- GEF – Multi-Architecture GDB Enhanced Features for Exploiters & Reverse-Engineers.
- Hopper – A OS X and Linux Disassembler/Decompiler for 32/64 bit Windows/Mac/Linux/iOS executables.
- Idaemu – Is an IDA Pro Plugin, use for emulating code in IDA Pro.
- IDA Free – The freeware version of IDA.
- IDA Patcher – IDA Patcher is a plugin for Hex-Ray’s IDA Pro disassembler designed to enhance IDA’s ability to patch binary files and memory.
- IDA Pomidor – IDA Pomidor is a plugin for Hex-Ray’s IDA Pro disassembler that will help you retain concentration and productivity during long reversing sessions.
- IDA Pro – A Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger.
- IDA Sploiter – IDA Sploiter is a plugin for Hex-Ray’s IDA Pro disassembler designed to enhance IDA’s capabilities as an exploit development and vulnerability research tool.
- IDAPython – An IDA plugin which makes it possible to write scripts for IDA in the Python programming language.
- Immunity Debugger – A powerful new way to write exploits and analyze malware.
- JAD – JAD Java Decompiler.
- Jadx – Decompile Android files.
- JD-GUI – Aims to develop tools in order to decompile and analyze Java 5 “byte code” and the later versions.
- Keystone Engine – A lightweight multi-platform, multi-architecture assembler framework.
- Krakatau – Java decompiler, assembler, and disassembler.
- Manticore – Prototyping tool for dynamic binary analysis, with support for symbolic execution, taint analysis, and binary instrumentation.
- MARA Framework – A Mobile Application Reverse engineering and Analysis Framework.
- Medusa – A disassembler designed to be both modular and interactive.
- Mona.py – PyCommand for Immunity Debugger that replaces and improves on pvefindaddr.
- OllyDbg – An x86 debugger that emphasizes binary code analysis.
- Paimei – Reverse engineering framework, includes PyDBG, PIDA, pGRAPH.
- PEDA – Python Exploit Development Assistance for GDB.
- Plasma – Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.
- Procyon – A modern open-source Java decompiler.
- Pyew – Command line hexadecimal editor and disassembler, mainly to analyze malware.
- Qira – QEMU Interactive Runtime Analyser.
- R2MSDN – R2 plugin to add MSDN documentation URLs and parameter names to imported function calls.
- RABCDAsm – Robust ABC (ActionScript Bytecode) [Dis-]Assembler.
- Radare2 – Opensource, crossplatform reverse engineering framework.
- Redexer – A reengineering tool that manipulates Android app binaries.
- ScratchABit – Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API.
- Simplify – Generic Android Deobfuscator.
- Smali – Smali/baksmali is an assembler/disassembler for the dex format used by dalvik, Android’s Java VM implementation.
- Toolbag – The IDA Toolbag is a plugin providing supplemental functionality to Hex-Rays IDA Pro disassembler.
- Ufgraph – A simple script which parses the output of the uf (un-assemble function) command in windbg and uses graphviz to generate a control flow graph as a PNG/SVG/PDF/GIF (see -of option) and displays it.
- Uncompyle – Decompile Python 2.7 binaries (.pyc).
- Unicorn Engine – A lightweight, multi-platform, multi-architecture CPU emulator framework based on QEMU.
- Voltron – An extensible debugger UI toolkit written in Python. It aims to improve the user experience of various debuggers (LLDB, GDB, VDB and WinDbg) by enabling the attachment of utility views that can retrieve and display data from the debugger host.
- WinDbg – Windows Driver Kit and WinDbg.
- WinHex – A hexadecimal editor, helpful in the realm of computer forensics, data recovery, low-level data processing, and IT security.
- Unlinker – Unlinker is a tool that can rip functions out of Visual C++ compiled binaries and produce Visual C++ COFF object files.
- UPX – The Ultimate Packer for eXecutables.
- X64_dbg – An open-source x64/x32 debugger for windows.
- Xxxswf – A Python script for analyzing Flash files.
- YaCo – An Hex-Rays IDA plugin. When enabled, multiple users can work simultaneously on the same binary. Any modification done by any user is synchronized through git version control.
Social Engineering
Framework
- SET – The Social-Engineer Toolkit from TrustedSec.
Harvester
- Creepy – A geolocation OSINT tool.
- Github-dorks – CLI tool to scan github repos/organizations for potential sensitive information leak.
- Maltego – Proprietary software for open source intelligence and forensics, from Paterva.
- Metagoofil – Metadata harvester.
- TheHarvester – E-mail, subdomain and people names harvester.
- TTSL – Tool to scrape LinkedIn.
Phishing
- Whatsapp-phishing – Proof of principle code for running a phishing attack against the official Whatsapp Web client.
ref : https://github.com/jekil/awesome-hacking
Awesome Hacking Resources
A collection of hacking / penetration testing resources to make you better!
Let’s make it the biggest resource repository for our community.
You are welcome to fork and contribute.
We started a new tools list, come and contribute
Table of Contents
- Learning the Skills
- YouTube Channels
- Sharpening Your Skills
- Reverse Engineering, Buffer Overflow and Exploit Development
- Privilege Escalation
- Network Scanning / Reconnaissance
- Malware Analysis
- Vulnerable Web Application
- Vulnerable OS
- Exploits
- Forums
- Archived Security Conference Videos
- Online Communities
- Online News Sources
- Linux Penetration Testing OS
Learning the Skills
Name | Description |
---|---|
Free interactive labs with White Hat Academy | 32 labs, easy account sign in with github credentials |
Learning Exploitation with Offensive Computer Security 2.0 | blog-style instruction, includes: slides, videos, homework, discussion. No login required. |
Cybrary | coursera style website, lots of user-contributed content, account required, content can be filtered by experience level |
OffensiveComputerSecurity | academic content, full semester course including 27 lecture videos with slides and assign readings |
CS 642: Intro to Computer Security | academic content, full semester course, includes assigned readings, homework and github refs for exploit examples. NO VIDEO LECTURES. |
Free cyber security training | Academic content, 8 full courses with videos from a quirky instructor sam, links to research, defcon materials and other recommended training/learning |
SecurityTube | tube-styled content, “megaprimer” videos covering various topics, no readable content on site. |
Seed Labs | academic content, well organized, featuring lab videos, tasks, needed code files, and recommended readings |
Hak5 | podcast-style videos covering various topics, has a forum, “metasploit-minute” video series could be useful |
OWASP top 10 web security risks | free courseware, requires account |
MIT OCW 6.858 Computer Systems Security | academic content, well organized, full-semester course, includes assigned readings, lectures, videos, required lab files. |
YouTube Channels
Name | Description |
---|---|
OWASP | see OWASP above |
Hak5 | see Hak5 above |
BlackHat | features talks from the BlackHat conferences around the world |
Christiaan008 | hosts a variety of videos on various security topics, disorganized |
Company
0patch by ACROS Security | few videos, very short, specific to 0patch |
Detectify | very short videos, aimed at showing how to use Detictify scanner |
Kaspersky Lab | lots of Kaspersky promos, some hidden cybersecurity gems |
Metasploit | collection of medium length metasploit demos, ~25minutes each, instructional |
OpenNSM | network analysis, lots of TCPDUMP videos, instructional, |
Rapid7 | brief videos, promotional/instructional, ~ 5 minutes |
Securelist | brief videos, interviews discussing various cyber security topics |
Segment Security | promo videos, non-instructional |
SocialEngineerOrg | podcast-style, instructional, lengthy content ~1 hr each |
Sonatype | lots of random videos, a good cluster of DevOps related content, large range of lengths, disorganized |
SophosLabs | lots of brief, news-style content, “7 Deadly IT Sins” segment is of note |
Sourcefire | lots of brief videos covering topics like botnets, DDoS ~5 minutes each |
Station X | handful of brief videos, disorganized, unscheduled content updates |
Synack | random, news-style videos, disorganized, non-instructional |
TippingPoint Zero Day Initiative | very brief videos ~30 sec, somewhat instructional |
Tripwire, Inc. | some tripwire demos, and random news-style videos, non-instructional |
Vincent Yiu | handful of videos from a single hacker, instructional |
nVisium | Some nVisum promos, a handful of instructional series on Rails vulns and web hacking |
ntop | network monitoring, packet analysis, instructional |
Conferences
44contv | information security con based in London, lengthy instructional videos |
BruCON Security Conference | security and hacker conference based in b\Belgium, lots of lengthy instructinoal videos |
BSides Manchester | security and hacker con based in Mancheseter, lots of lengthy videos |
BSidesAugusta | security con based in Augusta, Georgia, lots of lengthy instructional videos |
CarolinaCon | security con based in North Carolina, associated with various 2600 chapters, lots of lengthy instructional content |
Cort Johnson | a handful of lengthy con-style talks from Hack Secure Opensec 2017 |
DevSecCon | lenghty con videos covering DevSecOps, making software more secure |
Garage4Hackers – Information Security | a handful of lengthy videos, About section lacks description |
HACKADAY | lots of random tech content, not strictly infosec, some instructional |
Hack In The Box Security Conference | lengthy con-style instructional talks from an international security con |
Hack in Paris | security con based in paris, features lots of instructional talks, slides can be difficult to see. |
Hacklu | lots of lengthy con-style instructional videos |
Hacktivity | lots of lengthy con-style instructional videos from a con in central/eastern europe |
Hardwear.io | handful of lengthy con-style video, emphasis on hardware hacks |
IEEE Symposium on Security and Privacy | content from the symposium; IEEE is a professional association based in the us, they also publish various journals |
LASCON | lengthy con-style talks from an OWASP con held in Austin, TX |
Marcus Niemietz | lots of instructional content, associated with HACKPRA, an offensive security course from an institute in Germany |
Media.ccc.de | The real official channel of the chaos computer club, operated by the CCC VOC – tons of lengthy con-style vids |
NorthSec | lengthy con-style talks from an applied security conference in Canada |
Pancake Nopcode | channel of Radare2 whiz Sergi “pancake” Alvarez, Reverse Engineering Content |
Psiinon | medium length instructional videos, for the OWASP Zed Attack Proxy |
SJSU Infosec | handful of lengthy instructional videos from San Jose State university Infosec |
Secappdev.org | tons of lengthy instructional lectures on Secure App Development |
Security Fest | medium length con-style talks from a security festival in Sweden |
SecurityTubeCons | an assortment of con-style talks from various cons including BlackHat and Shmoocon |
ToorCon | handful of medium length con videos from con based in San Diego, CA |
USENIX Enigma Conference | medium length “round table discussion with leading experts”, content starts in 2016 |
News
Corey Nachreiner | security newsbites, 2.7K subscribers, 2-3 videos a week, no set schedule |
Error 404 Cyber News | short screen-shot videos with loud metal, no dialog, bi-weekly |
Latest Hacking News | 10K followers, medium length screenshot videos, no recent releases |
Pentester Academy TV | lots of brief videos, very regular posting, up to +8 a week |
SecureNinjaTV | brief news bites, irregular posting, 18K followers |
Troy Hunt | lone youtuber, medium length news videos, 16K followers, regular content |
Samy Kamkar’s Applied Hacking | brief to medium length instructional vids from the creator of PoisonTap for the Raspberry Pi Zero, no recent content, last updated in 2016 |
danooct1 | lots of brief screenshot, how-to vids regarding malware, regular content updates, 186K followerss |
DedSec | lots of brief screenshot how-to vids based in Kali, no recent posts. |
DEFCON Conference | lots of lengthy con-style vids from the iconical DEFCON |
DemmSec | lots of pen testing vids, somewhat irregular uploads, 44K followers |
Don Does 30 | amateur pen-tester posting lots of brief screenshot vids regularly, 9K Followers |
Geeks Fort – KIF | lots of brief screenshot vids, no recent posts |
iExplo1t | lots of screenshot vids aimed at novices, 5.7K Followers, no recent posts |
HACKING TUTORIALS | handful of brief screenshot vids, no recent posts. |
LiveOverflow | Lots of brief-to-medium isntructional vids, covering things like buffer overflwos and exploit writing, regular posts. |
Metasploitation | lots of screenshot vids, little to no dialogue, all about using Metasploit, no recent vids. |
NetSecNow | channel of pentesteruniversity.org, seems to post once a month, screenshot instructional vids |
Open SecurityTraining | lots of lengthy lecture-style vids, no recent posts, but quality info. |
BalCCon – Balkan Computer Congress | Long con-style talks from the Balkan Computer Congress, doesn’t update regularly |
Penetration Testing in Linux | DELETE |
rwbnetsec | lots of medium length instructional videos covering tools from Kali 2.0, no recent posts. |
Security Weekly | regular updates, lengthy podcst-style interview with industry pros |
Seytonic | variety of DIY hacking tutorials, hardware hacks, regular updates |
Shozab Haxor | lots of screenshot style instructional vids, regular updates, windows CLI tutorial |
SSTec Tutorials | lots of brief screenshot vids, regular updates |
Waleed Jutt | lots of brief screenshot vids covering web security and game programming |
webpwnized | lots of brief screenshot vids, some CTF walkthroughs |
JackkTutorials | lots of medium length instructional vids with some AskMe vids from the youtuber |
Zer0Mem0ry | lots of brief c++ security videos, programming intensive |
LionSec | lots of brief screenshot instructional vids, no dialog |
Adrian Crenshaw | lots of lengthy con0style talks |
HackerSploit | regular posts, medium length screenshot vids, with dialog |
Derek Rook – CTF/Boot2root/wargames Walkthrough | lots of lengthy screenshot instructional vids, with |
Sharpening Your Skills
Name | Description |
---|---|
OWASP Security Shepherd | BROKEN AS OF 11/6 |
CTFLearn | an account-based ctf site, where users can go in and solve a range of challenges |
CTFs write-ups | a collection of writeups from various CTFs, organized by |
CTF365 | account based ctf site, awarded by Kaspersky, MIT, T-Mobile |
Pentestit | acocunt based CTF site, users have to install open VPN and get credentials |
Hacksplaining | a clickthrough security informational site, very good for beginners. |
The cryptopals crypto challenges | A bunch of CTF challenges, all focused on cryptography. |
The enigma group | web application security training, account based, video tutorials |
Ringzer0 Team | an account based CTF site, hosting over 272 challenges |
Hack The Box | Pen testing labs hosting over 39 vulnerable machines with two additional added every month |
Over the wire | A CTF that’s based on progressive levels for each lab, the users SSH in, no account recquired |
Backdoor | pen testing labs that have a space for beginners, a practice arena and various competitions, account required |
Vulnhub | site hosts a ton of different vulnerable Virtual Machine images, download and get hacking |
Hack.me | lets you build/host/attack vulnerable web apps |
Hack this site! | an oldy but goodie, account required, users start at low levels and progress in difficulty |
Exploit exercises | hosts 5 fulnerable virtual machines for you to attack, no account required |
PentesterLab | hosts a variety of exercises as well as various “bootcamps” focused on specific activities |
SmashTheStack | hosts various challenges, similar to OverTheWire, users must SSH into the machines and progress in levels |
PicoCTF | CTF hosted by Carnegie Mellon, occurs yearly, account required. |
Shellter Labs | account based infosec labs, they aim at making these activities social |
Pentest Practice | account based Pentest practice, free to sign up, but there’s also a pay-as-you-go feature |
Pentest.training | lots of various labs/VMS for you to try and hack, registry is optional. |
pwnable.kr | Don’t let the cartoon characters fool you, this is a serious CTF site that will teach you a lot, account required |
pwnable.tw | hosts 27 challenges accompanied with writeups, account required |
hackburger.ee | hosts a number of web hacking challenges, account required |
http://noe.systems/ | Korean challenge site, requires an account |
Hacker Gateway | ctfs covering steganography, cryptography, and web challengs, account required |
Solve Me | “yet another challenge”, account required. |
Challenge Land | Ctf site with a twist, no simple sign-up, you have to solve a challengeto even get that far! |
Participating Challenge Sites | aims at creating a universal ranking for CTF participants |
Hacker test | similar to “hackthissite”, no account required. |
Crackmes.de Archive (2011-2015) | a reverse engineering information Repo, started in 2003 |
ROP Emporium | Return Oriented Programming challenges |
Google’s XSS game | XSS challenges, an dpotentially a chance to get paid! |
Reverse Engineering, Buffer Overflow and Exploit Development
Name | Description |
---|---|
Shell storm | Blog style collection with organized info about Rev. Engineering. |
Buffer Overflow Exploitation Megaprimer for Linux | Collection of Linux Rev. Engineering videos |
Reverse Engineering Malware 101 | intro course created by Malware Unicorn, complete with material and two VM’s |
Reverse Engineering Malware 102 | the sequel to RE102 |
Modern Binary Exploitation – CSCI 4968 | RE challenges, you can download the files or download the VM created by RPISEC specifically for challenges, also links to their home page with tons of infosec lectures |
Introductory Intel x86 | 63 days of OS class materials, 29 classes, 24 instructors, no account required |
Binary hacking | 35 “no bullshit” binary videos along with other info |
Shellcode Injection | a blog entry from a grad student at SDS Labs |
Reverse Engineering for Beginners | huge OS textbook, created by Dennis Yurichev |
Exploit tutorials | a series of 9 exploit tutorials,also features a podcast |
Exploit development | links to the forum’s exploit dev posts, quality and post style will vary with each poster |
flAWS challenge | Through a series of levels you’ll learn about common mistakes and gotchas when using Amazon Web Services (AWS). |
Corelan tutorials | detailed tutorial, lots of good information about memory |
Reverse engineering reading list | a github collection of RE tools and books |
Reverse Engineering challenges | collection of challenges from the writer of RE for Beginners |
Reverse Engineering for beginners (GitHub project) | github for the above |
reversing.kr challenges | reverse engineering challenges varying in difficulty |
Analysis and exploitation (unprivileged) | huge collection of RE information, organized by type. |
A Course on Intermediate Level Linux Exploitation | as the title says, this course isn’t for beginners |
Lena’s Reversing for Newbies (Complete) | listing of a lengthy resource by Lena, aimed at being a course |
Megabeets journey into Radare2 | one user’s radare2 tutorials |
Introduction to ARM Assembly Basics | tons of tutorials from infosec pro Azeria, follow her on twitter |
Linux (x86) Exploit Development Series | blog post by sploitfun, has 3 different levels |
Privilege Escalation
Name | Description |
---|---|
Reach the root | discusses a process for linux privilege exploitation |
Basic linux privilege escalation | basic linux exploitation, also covers Windows |
Windows Privilege Escalation | collection of wiki pages covering Windows Privilege escalation |
Privilege escalation for Windows and Linux | covers a couple different exploits for Windows and Linux |
Windows Privilege Escalation Fundamentals | collection of great info/tutorials, option to contribute to the creator through patreon, creator is an OSCP |
RootHelper | a tool that runs various enumeration scripts to check for privilege escalation |
Windows exploits, mostly precompiled. | precompiled windows exploits, could be useful for reverse engineering too |
Unix privesc checker | a script that checks for PE vulnerabilities on a system |
Privilege escalation linux with live example | covers a couple common PE methods in linux |
Windows privilege escalation checker | a list of topics that link to pentestlab.blog, all related to windows privilege escalation |
Linux Privilege Escalation Scripts | a list of PE checking scripts, some may have already been covered |
AutoLocalPrivilegeEscalation | automated scripts that downloads and compiles from exploitdb |
Linux Privilege Escalation Check Script | a simple linux PE check script |
Local Linux Enumeration & Privilege Escalation Cheatsheet | good resources that could be compiled into a script |
4 Ways get linux privilege escalation | shows different examples of PE |
Malware Analysis
Name | Description |
---|---|
Malware traffic analysis | list of traffic analysis exercises |
Malware Analysis – CSCI 4976 | another class from the folks at RPISEC, quality content |
Network Scanning / Reconnaissance
Name | Description |
---|---|
Foot Printing with WhoIS/DNS records | a white paper from SANS |
Google Dorks/Google Hacking | list of commands for google hacks, unleash the power of the world’s biggest search engine |
Vulnerable Web Application
Name | Description |
---|---|
OWASP Hackademic Challenges project | web hacking challenges |
bWAPP | common buggy web app for hacking, great for beginners, lots of documentation |
Damn Vulnerable Web Application (DVWA) | PHP/MySQL web app for testing skills and tools |
WebGoat: A deliberately insecure Web Application | maintained by OWASP and designed to to teach web app security |
OWASP Mutillidae II | another OWASP vulnerable app, lots of documentation. |
OWASP Broken Web Applications Project | hosts a collection of broken web apps |
Damn Small Vulnerable Web | written in less than 100 lines of code, this web app has tons of vulns, great for teaching |
OWASP Juice Shop | covers the OWASP top 10 vulns |
Google Gruyere | host of challenges on this cheesy web app |
Vulnerable OS
Name | Description |
---|---|
Metasploitable2 (Linux) | vulnerable OS, great for practicing hacking |
Metasploitable3 [Installation] | the third installation of this vulnerable OS |
Vulnhub | collection of tons of different vulnerable OS and challenges |
General Test Environment Guidance | white paper from the pros at rapid7 |
Linux Penetration Testing OS
Name | Description |
---|---|
BackBox | open source community project, promoting security in IT enivornments |
BlackArch | Arch Linux based pentesting distro, compatible with Arch installs |
Kali | the infamous pentesting distro from the folks at Offensive Security |
LionSec Linux | pentesting OS based on Ubuntu |
Parrot | Debian includes full portable lab for security, DFIR, and development |
Bugtraq | advanced GNU Linux pen-testing technology |
Android Tamer | Android Tamer is a Virtual / Live Platform for Android Security professionals. |
Exploits
Name | Description |
---|---|
Exploit Database | database of a wide variety exploits, CVE compliant archive |
CXsecurity | Indie cybersecurity info managed by 1 person |
0day.today | Easy to navigate database of exploits |
Snyk Vulnerability DB | detailed info and remediation guidance for known vulns, also allows you to test your code |
Forums
Name | Description |
---|---|
Greysec | hacking and security forum |
Hackforums | posting webstite for hacks/exploits/various discussion |
0x00sec | hacker, malware, computer engineering, Reverse engineering |
Antichat | russian based forum |
EAST Exploit database | exploit DB for commercial exploits written for EAST Pentest Framework |
Archived Security Conference Videos
Name | Description |
---|---|
InfoCon.org | hosts data from hundreds of cons |
Irongeek | Website of Adrien Crenshaw, hosts a ton of info. |
Online Communities
Name | Description |
---|---|
Hack+ | link requires telegram to be used |
MPGH | community of MultiPlayerGameHacking |
Hacktoday | requires an account, covering all kinds of hacking topics |
Online News Sources
Name | Description |
---|---|
Recent Hash Leaks | great place to lookup hashes |
InfoSec | covers all the latest infosec topics |
Threatpost | covers all the latest threats and breaches |
Security Intell | covers all kinds of news, great intelligence resources |
The Hacker News | features a daily stream of hack news, also has an app |
ref : https://github.com/vitalysim/Awesome-Hacking-Resources
Awesome Hacking
A curated list of awesome Hacking. Inspired by awesome-machine-learning
For a list of free hacking books available for download, go here
Table of Contents
System
Tutorials
Tools
- Metasploit A computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.
- mimikatz – A little tool to play with Windows security
Docker Images for Penetration Testing & Security
docker pull kalilinux/kali-linux-docker
official Kali Linuxdocker pull owasp/zap2docker-stable
– official OWASP ZAPdocker pull wpscanteam/wpscan
– official WPScandocker pull pandrew/metasploit
– docker-metasploitdocker pull citizenstig/dvwa
– Damn Vulnerable Web Application (DVWA)docker pull wpscanteam/vulnerablewordpress
– Vulnerable WordPress Installationdocker pull hmlio/vaas-cve-2014-6271
– Vulnerability as a service: Shellshockdocker pull hmlio/vaas-cve-2014-0160
– Vulnerability as a service: Heartbleeddocker pull opendns/security-ninjas
– Security Ninjasdocker pull usertaken/archlinux-pentest-lxde
– Arch Linux Penetration Testerdocker pull diogomonica/docker-bench-security
– Docker Bench for Securitydocker pull ismisepaul/securityshepherd
– OWASP Security Shepherddocker pull danmx/docker-owasp-webgoat
– OWASP WebGoat Project docker imagedocker-compose build && docker-compose up
– OWASP NodeGoatdocker pull citizenstig/nowasp
– OWASP Mutillidae II Web Pen-Test Practice Applicationdocker pull bkimminich/juice-shop
– OWASP Juice Shop
General
- Exploit database – An ultimate archive of exploits and vulnerable software
Reverse Engineering
Tutorials
Tools
- nudge4j – Java tool to let the browser talk to the JVM
- IDA – IDA is a Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger
- OllyDbg – A 32-bit assembler level analysing debugger for Windows
- x64dbg – An open-source x64/x32 debugger for Windows
- dex2jar – Tools to work with Android .dex and Java .class files
- JD-GUI – A standalone graphical utility that displays Java source codes of “.class” files
- procyon – A modern open-source Java decompiler
- androguard – Reverse engineering, malware and goodware analysis of Android applications
- JAD – JAD Java Decompiler (closed-source, unmaintained)
- dotPeek – a free-of-charge .NET decompiler from JetBrains
- ILSpy – an open-source .NET assembly browser and decompiler
- dnSpy – .NET assembly editor, decompiler, and debugger
- de4dot – .NET deobfuscator and unpacker.
- antinet – .NET anti-managed debugger and anti-profiler code
- UPX – the Ultimate Packer for eXecutables
- radare2 – A portable reversing framework
- plasma – Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.
- Hopper – A OS X and Linux Disassembler/Decompiler for 32/64-bit Windows/Mac/Linux/iOS executables.
- ScratchABit – Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API
General
Web
Tools
- sqlmap – Automatic SQL injection and database takeover tool
- tools.web-max.ca – base64 base85 md4,5 hash, sha1 hash encoding/decoding
Network
Tools
- Wireshark – A free and open-source packet analyzer
- NetworkMiner – A Network Forensic Analysis Tool (NFAT)
- tcpdump – A powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture
- Paros – A Java-based HTTP/HTTPS proxy for assessing web application vulnerability
- pig – A Linux packet crafting tool
- ZAP – The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications
- mitmproxy – An interactive, SSL-capable man-in-the-middle proxy for HTTP with a console interface
- mitmsocks4j – Man-in-the-middle SOCKS Proxy for Java
- nmap – Nmap (Network Mapper) is a security scanner
- Aircrack-ng – An 802.11 WEP and WPA-PSK keys cracking program
- Charles Proxy – A cross-platform GUI web debugging proxy to view intercepted HTTP and HTTPS/SSL live traffic
- Nipe – A script to make Tor Network your default gateway.
- Habu – Python Network Hacking Toolkit
- Wifi Jammer – Free program to jam all wifi clients in range
- Firesheep – Free program for HTTP session hijacking attacks.
- Scapy – A Python tool and library for low level packet creation and maniputalion
Forensic
Tools
- Autospy – A digital forensics platform and graphical interface to The Sleuth Kit and other digital forensics tools
- sleuthkit – A library and collection of command-line digital forensics tools
- EnCase – The shared technology within a suite of digital investigations products by Guidance Software
- malzilla – Malware hunting tool
- PEview – A quick and easy way to view the structure and content of 32-bit Portable Executable (PE) and Component Object File Format (COFF) files
- HxD – A hex editor which, additionally to raw disk editing and modifying of main memory (RAM), handles files of any size
- WinHex – A hexadecimal editor, helpful in the realm of computer forensics, data recovery, low-level data processing, and IT security
- BinText – A small, very fast and powerful text extractor that will be of particular interest to programmers
Cryptography
Tools
- xortool – A tool to analyze multi-byte XOR cipher
- John the Ripper – A fast password cracker
- Aircrack – Aircrack is 802.11 WEP and WPA-PSK keys cracking program.
Wargame
System
- OverTheWire – Semtex
- OverTheWire – Vortex
- OverTheWire – Drifter
- pwnable.kr – Provide various pwn challenges regarding system security
- Exploit Exercises – Nebula
- SmashTheStack
Reverse Engineering
- Reversing.kr – This site tests your ability to Cracking & Reverse Code Engineering
- CodeEngn – (Korean)
- simples.kr – (Korean)
- Crackmes.de – The world first and largest community website for crackmes and reversemes.
Web
- Hack This Site! – a free, safe and legal training ground for hackers to test and expand their hacking skills
- Webhacking.kr
- 0xf.at – a website without logins or ads where you can solve password-riddles (so called hackits).
Cryptography
Bug bounty
CTF
Competition
- DEF CON
- CSAW CTF
- hack.lu CTF
- Pliad CTF
- RuCTFe
- Ghost in the Shellcode
- PHD CTF
- SECUINSIDE CTF
- Codegate CTF
- Boston Key Party CTF
General
- Hack+ – An Intelligent network of bots that fetch the latest InfoSec content.
- CTFtime.org – All about CTF (Capture The Flag)
- WeChall
- CTF archives (shell-storm)
- Rookit Arsenal – OS RE and rootkit development
- Pentest Cheat Sheets – Collection of cheat sheets useful for pentesting
- Movies For Hacker – A curated list of movies every hacker & cyberpunk must watch.
OS
Online resources
- Security related Operating Systems @ Rawsec – Complete list of security related operating systems
- Best Linux Penetration Testing Distributions @ CyberPunk – Description of main penetration testing distributions
- Security @ Distrowatch – Website dedicated to talking about, reviewing and keeping up to date with open source operating systems
ETC
- SecTools – Top 125 Network Security Tools
ref : https://github.com/carpedm20/awesome-hacking
Free Security eBooks
A curated list of free Security and Pentesting related E-Books available on the Internet.
DMCA takedown cannot be possible as we are not republishing the books/infringement of code, but we are just hosting the links to 3rd party websites where these books can be downloaded. To know more on DMCA takedown policy here.
The topics include:
- Android & iOS
- Cloud Security
- Defensive Security
- IoT
- Malware Analysis & Forensics
- Network Pentesting
- Offensive Security
- Programming Languages
- Reverse Engineering
- SysAdmin
- Virus Botnet and Malware
- Wireless Network Pentesting
- Misc
Network Pentesting
Defensive Security
Offensive Security
- Backtrack
- Kali Linux
- Hacking
- Advanced SQL Injection Hacking and Guide
- A Beginners Guide To Hacking Computer Systems
- Blind SQL Injection Discovery & Exploitation
- CEH – Hacking Database Secrets and Exploit
- Ethical Hacking Complete E-book for Beginners
- Hackers High School 13 Complete Hacking Ebooks
- Hacking attacks and Examples Test
- Hacking into Computer Systems
- Hackers’ Secrets
- Operating Systems
- Web & WebApp
- 501 Website Hacking Secrets
- Cross Site Scripting and Hacking Websites
- Dangerous Google Hacking Database and Attacks
- Hack any Website, Complete Web App Hacking
- Hacking Website Database and owning systems
- Internet Advanced Denial of Service (DDOS) Attack
- Internet Security Technology and Hacking
- The Web Application Hacker’s Handbook
- Vulnerability Exploit & website Hacking for Dummies
- Web App Hacking (Hackers Handbook)
- XSS, Vulnerability Exploitation & Website Hacking
Programming Languages
Reverse Engineering
Virus Botnet and Malware
Misc
- Computer Hacking – Cyber Laws Harvard
- Ethical Hacking Value and Penetration testing
- Secrets of Super and Professional Hackers
- Ultimate Guide to Social Enginnering attacks
ref : https://github.com/Hack-with-Github/Free-Security-eBooks