Awesome : Hacking

Awesome Hacking

Awesome Hacking

A collection of awesome lists for hackers, pentesters & security researchers.

Booking Site

DEFCON : https://defcon.org/

EINSTEIN : https://www.dhs.gov/einstein

Black Hat : http://www.blackhat.com/

Kali Linux Revealed Book : Book

Awesome Repositories

Repository Description
Android Security Collection of Android security related resources
AppSec Resources for learning about application security
Bug Bounty List of Bug Bounty Programs and write-ups from the Bug Bounty hunters
Cheatsheets Penetration Testing / Security Cheatsheets
CTF List of CTF frameworks, libraries, resources and softwares
Cyber Skills Curated list of hacking environments where you can train your cyber skills legally and safely
DevSecOps List of awesome DevSecOps tools with the help from community experiments and contributions
Exploit Development Resources for learning about Exploit Development
Fuzzing List of fuzzing resources for learning Fuzzing and initial phases of Exploit Development like root cause analysis
Hacking List of awesome Hacking tutorials, tools and resources
Hacking Resources Collection of hacking / penetration testing resources to make you better!
Honeypots List of honeypot resources
Incident Response List of tools for incident response
Industrial Control System Security List of resources related to Industrial Control System (ICS) security
InfoSec List of awesome infosec courses and training resources
IoT Hacks Collection of Hacks in IoT Space
Malware Analysis List of awesome malware analysis tools and resources
OSINT List of amazingly awesome Open Source Intelligence (OSINT) tools and resources
OSX and iOS Security OSX and iOS related security tools
Pcaptools Collection of tools developed by researchers in the Computer Science area to process network traces
Pentest List of awesome penetration testing resources, tools and other shiny things
PHP Security Libraries for generating secure random numbers, encrypting data and scanning for vulnerabilities
Red Teaming List of Awesome Red Team / Red Teaming Resources
Reversing List of awesome reverse engineering resources
Sec Talks List of awesome security talks
SecLists Collection of multiple types of lists used during security assessments
Security Collection of awesome software, libraries, documents, books, resources and cools stuffs about security
Social Engineering List of awesome social engineering resources
Static Analysis List of static analysis tools, linters and code quality checkers for various programming languages
Threat Intelligence List of Awesome Threat Intelligence resources
Vehicle Security List of resources for learning about vehicle security and car hacking
Vulnerability Research List of resources about Vulnerability Research
Web Hacking List of web application security
Windows Exploitation List of awesome Windows Exploitation resources and shiny things
WiFi Arsenal Pack of various useful/useless tools for 802.11 hacking
YARA List of awesome YARA rules, tools, and people

Other useful repositories

Repository Description
Adversarial Machine Learning Curated list of awesome adversarial machine learning resources
AI Security Curated list of AI security resources
API Security Checklist Checklist of the most important security countermeasures when designing, testing, and releasing your API
APT Notes Various public documents, whitepapers and articles about APT campaigns
Bug Bounty Reference List of bug bounty write-up that is categorized by the bug nature
Cryptography Cryptography resources and tools
CTF Tool List of Capture The Flag (CTF) frameworks, libraries, resources and softwares
CVE PoC List of CVE Proof of Concepts (PoCs)
Detection Lab Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices
Forensics List of awesome forensic analysis tools and resources
Free Programming Books Free programming books for developers
Gray Hacker Resources Useful for CTFs, wargames, pentesting
Infosec Getting Started A collection of resources, documentation, links, etc to help people learn about Infosec
Infosec Reference Information Security Reference That Doesn’t Suck
IOC Collection of sources of indicators of compromise
Linux Kernel Exploitation A bunch of links related to Linux kernel fuzzing and exploitation
Lockpicking Resources relating to the security and compromise of locks, safes, and keys.
Machine Learning for Cyber Security Curated list of tools and resources related to the use of machine learning for cyber security
Malware Scripts Useful scripts related with malware
Payloads Collection of web attack payloads
PayloadsAllTheThings List of useful payloads and bypass for Web Application Security and Pentest/CTF
Pentest Cheatsheets Collection of the cheat sheets useful for pentesting
Pentest Wiki A free online security knowledge library for pentesters / researchers
Probable Wordlists Wordlists sorted by probability originally created for password generation and testing
Resource List Collection of useful GitHub projects loosely categorised
Reverse Engineering List of Reverse Engineering articles, books, and papers
RFSec-ToolKit Collection of Radio Frequency Communication Protocol Hacktools
Security Cheatsheets Collection of cheatsheets for various infosec tools and topics
Security List Great security list for fun and profit
Shell List of awesome command-line frameworks, toolkits, guides and gizmos to make complete use of shell
ThreatHunter-Playbook A Threat hunter’s playbook to aid the development of techniques and hypothesis for hunting campaigns
Web Security Curated list of Web Security materials and resources

Need more ?

Follow Hack with GitHub on your favorite social media to get daily updates on interesting GitHub repositories related to Security.

ref : https://github.com/Hack-with-Github/Awesome-Hacking


Documentation

Tools

Cheat Sheets

Docker images for Penetration Testing

Vulnerabilities

Courses

Online Hacking Demonstration Sites

Labs

SSL

Security Ruby on Rails

ref : https://github.com/infoslack/awesome-web-hacking


Awesome Hacking

Awesome hacking is a curated list of hacking tools for hackers, pentesters and security researchers. Its goal is to collect, classify and make awesome tools easy to find by humans, creating a toolset you can checkout and update with one command.

Code Auditing

Static Analysis

  • Brakeman – A static analysis security vulnerability scanner for Ruby on Rails applications.
  • ShellCheck – A static analysis tool for shell scripts.

Cryptography

  • FeatherDuster – An automated, modular cryptanalysis tool.
  • RSATool – Generate private key with knowledge of p and q.
  • Xortool – A tool to analyze multi-byte xor cipher.

CTF Tools

  • CTFd – CTF in a can. Easily modifiable and has everything you need to run a jeopardy style CTF.
  • FBCTF – Platform to host Capture the Flag competitions.
  • Mellivora – A CTF engine written in PHP.
  • OneGadget – A tool for you easy to find the one gadget RCE in libc.so.6.
  • NightShade – A simple security CTF framework.
  • OpenCTF – CTF in a box. Minimal setup required.
  • Pwntools – CTF framework and exploit development library.
  • Scorebot – Platform for CTFs by Legitbs (Defcon).
  • V0lt – Security CTF Toolkit.

Docker

  • Docker Bench for Security – The Docker Bench for Security checks for all the automatable tests in the CIS Docker 1.6 Benchmark.

    docker pull diogomonica/docker-bench-security

  • DVWA – Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web application that is damn vulnerable.

    docker pull citizenstig/dvwa

  • Kali Linux – This Kali Linux Docker image provides a minimal base install of the latest version of the Kali Linux Rolling Distribution.

    docker pull kalilinux/kali-linux-docker

  • Metasploit – Metasploit Framework penetration testing software (unofficial docker).

    docker pull remnux/metasploit

  • OWASP Juice Shop – An intentionally insecure webapp for security trainings written entirely in Javascript which encompasses the entire OWASP Top Ten and other severe security flaws.

    docker pull bkimminich/juice-shop

  • OWASP Mutillidae II – OWASP Mutillidae II Web Pen-Test Practice Application.

    docker pull citizenstig/nowasp

  • OWASP NodeGoat – An environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

    git clone https://github.com/OWASP/NodeGoat.git docker-compose build && docker-compose up

  • OWASP Railsgoat – A vulnerable version of Rails that follows the OWASP Top 10.

    docker pull owasp/railsgoat

  • OWASP Security Shepherd – A web and mobile application security training platform.

    docker pull ismisepaul/securityshepherd

  • OWASP WebGoat – A deliberately insecure Web Application.

    docker pull danmx/docker-owasp-webgoat

  • OWASP ZAP – Current stable owasp zed attack proxy release in embedded docker container.

    docker pull owasp/zap2docker-stable

  • Security Ninjas – An Open Source Application Security Training Program.

    docker pull opendns/security-ninjas

  • SpamScope – SpamScope (Fast Advanced Spam Analysis Tool) Elasticsearch.

    docker pull fmantuano/spamscope-elasticsearch

  • Vulnerable WordPress Installation – Vulnerable WordPress Installation.

    docker pull wpscanteam/vulnerablewordpress

  • Vulnerability as a service: Heartbleed – Vulnerability as a Service: CVE 2014-0160.

    docker pull hmlio/vaas-cve-2014-0160

  • Vulnerability as a service: Shellshock – Vulnerability as a Service: CVE 2014-6271.

    docker pull hmlio/vaas-cve-2014-6271

  • WPScan – WPScan is a black box WordPress vulnerability scanner.

    docker pull wpscanteam/wpscan

Forensics

File Forensics

  • Autopsy – A digital forensics platform and graphical interface to The Sleuth Kit and other digital forensics tools.
  • DFF – A Forensics Framework coming with command line and graphical interfaces. DFF can be used to investigate hard drives and volatile memory and create reports about user and system activities.
  • Hadoop_framework – A prototype system that uses Hadoop to process hard drive images.
  • OSXCollector – A forensic evidence collection & analysis toolkit for OS X.
  • Scalpel – An open source data carving tool.
  • Shellbags – Investigate NT_USER.dat files.
  • Sleuthkit – A library and collection of command line digital forensics tools.

Live Analysis

  • OS X Auditor – OS X Auditor is a free Mac OS X computer forensics tool.

Memory Forensics

  • Rekall – Memory analysis framework developed by Google.
  • Volatility – Extract digital artifacts from volatile memory (RAM) samples.

Mobile

  • Android Forensic Toolkit – Allows you to extract SMS records, call history, photos, browsing history, and password from an Android phone.
  • Mem – Tool used for dumping memory from Android devices.

Network Forensics

  • Dshell – A network forensic analysis framework.
  • Passivedns – A network sniffer that logs all DNS server replies for use in a passive DNS setup.

Misc

  • HxD – A hex editor which, additionally to raw disk editing and modifying of main memory (RAM), handles files of any size.
  • Libfvde <https://github.com/libyal/libfvde> – Library and tools to access FileVault Drive Encryption (FVDE) encrypted volumes.

Intelligence

  • VIA4CVE – An aggregator of the known vendor vulnerabilities database to support the expansion of information with CVEs.

Library

C

  • Libdnet – Provides a simplified, portable interface to several low-level networking routines, including network address manipulation, kernel arp cache and route table lookup and manipulation, network firewalling, network interface lookup and manipulation, IP tunnelling, and raw IP packet and Ethernet frame transmission.

Java

Python

  • Dpkt – Fast, simple packet creation / parsing, with definitions for the basic TCP/IP protocols.
  • Pcapy – A Python extension module that interfaces with the libpcap packet capture library. Pcapy enables python scripts to capture packets on the network. Pcapy is highly effective when used in conjunction with a packet-handling package such as Impacket, which is a collection of Python classes for constructing and dissecting network packets.
  • PyBFD – Python interface to the GNU Binary File Descriptor (BFD) library.
  • Pynids – A python wrapper for libnids, a Network Intrusion Detection System library offering sniffing, IP defragmentation, TCP stream reassembly and TCP port scan detection. Let your own python routines examine network conversations.
  • Pypcap – This is a simplified object-oriented Python wrapper for libpcap.
  • PyPDF2 – A utility to read and write PDFs with Python.
  • Python-ptrace – Python binding of ptrace library.
  • RDPY – RDPY is a pure Python implementation of the Microsoft RDP (Remote Desktop Protocol) protocol (client and server side).
  • Scapy – A python-based interactive packet manipulation program & library.

Ruby

Live CD – Distributions

  • Android Tamer – Virtual / Live Platform for Android Security professionals.
  • ArchStrike – An Arch Linux repository for security professionals and enthusiasts.
  • BackBox – Ubuntu-based distribution for penetration tests and security assessments.
  • BlackArch – Arch Linux-based distribution for penetration testers and security researchers.
  • BOSSLive – An Indian GNU/Linux distribution developed by CDAC and is customized to suit Indian’s digital environment. It supports most of the Indian languages.
  • DEFT Linux – Suite dedicated to incident response and digital forensics.
  • Fedora Security Lab – A safe test environment to work on security auditing, forensics, system rescue and teaching security testing methodologies in universities and other organizations.
  • Kali – A Linux distribution designed for digital forensics and penetration testing.
  • NST – Network Security Toolkit distribution.
  • Ophcrack – A free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms.
  • Parrot – Security GNU/Linux distribution designed with cloud pentesting and IoT security in mind.
  • Pentoo – Security-focused livecd based on Gentoo.
  • REMnux – Toolkit for assisting malware analysts with reverse-engineering malicious software.

Malware

Dynamic Analysis

  • Androguard – Reverse engineering, Malware and goodware analysis of Android applications.
  • Cuckoo Sandbox – An automated dynamic malware analysis system.
  • CuckooDroid – Automated Android Malware Analysis with Cuckoo Sandbox.
  • DECAF – Short for Dynamic Executable Code Analysis Framework, is a binary analysis platform based on QEMU.
  • DroidBox – Dynamic analysis of Android apps.
  • Hooker – An opensource project for dynamic analyses of Android applications.
  • Jsunpack-n – Emulates browser functionality when visiting a URL.
  • Magento-malware-scanner – A collection of rules and samples to detect Magento malware.
  • Malzilla – Web pages that contain exploits often use a series of redirects and obfuscated code to make it more difficult for somebody to follow. MalZilla is a useful program for use in exploring malicious pages. It allows you to choose your own user agent and referrer, and has the ability to use proxies. It shows you the full source of webpages and all the HTTP headers. It gives you various decoders to try and deobfuscate javascript aswell.
  • ProbeDroid – A dynamic binary instrumentation kit targeting on Android(Lollipop) 5.0 and above.
  • PyEMU – Fully scriptable IA-32 emulator, useful for malware analysis.
  • WScript Emulator – Emulator/tracer of the Windows Script Host functionality.

Honeypot

  • Basic-auth-pot – HTTP Basic Authentication honeyPot.
  • Conpot – ICS/SCADA honeypot.
  • Cowrie – SSH honeypot, based on Kippo.
  • Elastichoney – A Simple Elasticsearch Honeypot.
  • ESPot – An Elasticsearch honeypot written in NodeJS, to capture every attempts to exploit CVE-2014-3120.
  • Delilah – An Elasticsearch Honeypot written in Python.
  • Dionaea – Honeypot designed to trap malware.
  • Glastopf – Web Application Honeypot.
  • Glutton – All eating honeypot.
  • Honeyd – Create a virtual honeynet.
  • HoneyPress – python based WordPress honeypot in a docker container.
  • HonnyPotter – A WordPress login honeypot for collection and analysis of failed login attempts.
  • Maildb – Python Web App to Parse and Track Email and http Pcap Files.
  • MHN – Multi-snort and honeypot sensor management, uses a network of VMs, small footprint SNORT installations, stealthy dionaeas, and a centralized server for management.
  • Mnemosyne – A normalizer for honeypot data; supports Dionaea.
  • MongoDB-HoneyProxy – A honeypot proxy for mongodb. When run, this will proxy and log all traffic to a dummy mongodb server.
  • MysqlPot – A mysql honeypot, still very very early stage.
  • Nodepot – A nodejs web application honeypot.
  • NoSQLPot – The NoSQL Honeypot Framework.
  • Phoneyc – Pure Python honeyclient implementation.
  • Phpmyadmin_honeypot – A simple and effective phpMyAdmin honeypot.
  • Servletpot – Web application Honeypot.
  • Shadow Daemon – A modular Web Application Firewall / High-Interaction Honeypot for PHP, Perl & Python apps.
  • Smart-honeypot – PHP Script demonstrating a smart honey pot.
  • SpamScope – Fast Advanced Spam Analysis Tool.
  • Thug – Low interaction honeyclient, for investigating malicious websites.
  • Wordpot – A WordPress Honeypot.
  • Wp-smart-honeypot – WordPress plugin to reduce comment spam with a smarter honeypot.

Intelligence

  • MISP Modules – Modules for expansion services, import and export in MISP.
  • Passivedns-client – Provides a library and a query tool for querying several passive DNS providers.
  • Rt2jira – Convert RT tickets to JIRA tickets.

Ops

  • CapTipper – A python tool to analyze, explore and revive HTTP malicious traffic.
  • Google-play-crawler – Google-play-crawler is simply Java tool for searching android applications on GooglePlay, and also downloading them.
  • Googleplay-api – An unofficial Python API that let you search, browse and download Android apps from Google Play (formerly Android Market).
  • FakeNet-NG – A next generation dynamic network analysis tool for malware analysts and penetration testers. It is open source and designed for the latest versions of Windows.
  • Malboxes – Builds malware analysis Windows VMs so that you don’t have to.
  • Node-appland – NodeJS tool to download APKs from appland.
  • Node-aptoide – NodeJS to download APKs from aptoide.
  • Node-google-play – Call Google Play APIs from Node.

Source Code

  • Android-malware – Collection of android malware samples.
  • Carberp – Carberp leaked source code.
  • Fancybear – Fancy Bear Source Code.
  • Mirai – Leaked Mirai Source Code for Research/IoC Development Purposes.
  • TinyNuke – Zeus-style banking trojan.
  • Zeus – Zeus version 2.0.8.9, leaked in 2011.

Static Analysis

  • Androwarn – Detect and warn the user about potential malicious behaviours developped by an Android application.
  • ApkAnalyser – A static, virtual analysis tool for examining and validating the development work of your Android app.
  • APKinspector A powerful GUI tool for analysts to analyze the Android applications.
  • Argus-SAF – Argus static analysis framework.
  • CFGScanDroid – Control Flow Graph Scanning for Android.
  • ConDroid – Symbolic/concolic execution of Android apps.
  • DroidLegacy – Static analysis scripts.
  • Floss – FireEye Labs Obfuscated String Solver. Automatically extract obfuscated strings from malware.
  • FSquaDRA – Fast detection of repackaged Android applications based on the comparison of resource files included into the package.
  • Inspeckage – Android Package Inspector – dynamic analysis with api hooks, start unexported activities and more.
  • Maldrolyzer – Simple framework to extract “actionable” data from Android malware (C&Cs, phone numbers, etc).
  • Peepdf – A Python tool to explore PDF files in order to find out if the file can be harmful or not. The aim of this tool is to provide all the necessary components that a security researcher could need in a PDF analysis without using 3 or 4 tools to make all the tasks.
  • PEfile – Read and work with Portable Executable (aka PE) files.
  • PEview – A quick and easy way to view the structure and content of 32-bit Portable Executable (PE) and Component Object File Format (COFF) files.
  • Pdfminer – A tool for extracting information from PDF documents.
  • PScout – Analyzing the Android Permission Specification.
  • Smali-CFGs – Smali Control Flow Graph’s.
  • SmaliSCA – Smali Static Code Analysis.
  • Sysinternals Suite – The Sysinternals Troubleshooting Utilities.
  • Yara – Identify and classify malware samples.

Network

Analysis

  • Bro – A powerful network analysis framework that is much different from the typical IDS you may know.
  • Pytbull – A python based flexible IDS/IPS testing framework.
  • Sguil – Sguil (pronounced sgweel) is built by network security analysts for network security analysts. Sguil’s main component is an intuitive GUI that provides access to realtime events, session data, and raw packet captures.

Fake Services

  • DNSChef – DNS proxy for Penetration Testers and Malware Analysts.
  • DnsRedir – A small DNS server that will respond to certain queries with addresses provided on the command line.

Packet Manipulation

  • Pig – A Linux packet crafting tool.
  • Yersinia – A network tool designed to take advantage of some weakeness in different network protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems.

Sniffer

  • Cloud-pcap – Web PCAP storage and analytics.
  • Dnscap – Network capture utility designed specifically for DNS traffic.
  • Dripcap – Caffeinated Packet Analyzer.
  • Dsniff – A collection of tools for network auditing and pentesting.
  • Justniffer – Just A Network TCP Packet Sniffer. Justniffer is a network protocol analyzer that captures network traffic and produces logs in a customized way, can emulate Apache web server log files, track response times and extract all “intercepted” files from the HTTP traffic.
  • Moloch – Moloch is a open source large scale full PCAP capturing, indexing and database system.
  • Net-creds – Sniffs sensitive data from interface or pcap.
  • NetworkMiner – A Network Forensic Analysis Tool (NFAT).
  • Netsniff-ng – A Swiss army knife for your daily Linux network plumbing.
  • OpenFPC – OpenFPC is a set of scripts that combine to provide a lightweight full-packet network traffic recorder and buffering tool. Its design goal is to allow non-expert users to deploy a distributed network traffic recorder on COTS hardware while integrating into existing alert and log tools.
  • PF_RING – PF_RING™ is a Linux kernel module and user-space framework that allows you to process packets at high-rates while providing you a consistent API for packet processing applications.
  • WebPcap – A web-based packet analyzer (client/server architecture). Useful for analyzing distributed applications or embedded devices.
  • Wireshark – A free and open-source packet analyzer.

Penetration Testing

DoS

  • DHCPig – DHCP exhaustion script written in python using scapy network library.
  • LOIC – Low Orbit Ion Cannon – An open source network stress tool, written in C#. Based on Praetox’s LOIC project.
  • Sockstress – Sockstress (TCP DoS) implementation.
  • T50 – The more fast network stress tool.
  • Torshammer – Tor’s hammer. Slow post DDOS tool written in python.
  • UFONet – Abuses OSI Layer 7-HTTP to create/manage ‘zombies’ and to conduct different attacks using; GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.

Exploiting

  • BeEF – The Browser Exploitation Framework Project.
  • Commix – Automated All-in-One OS Command Injection and Exploitation Tool.
  • DLLInjector – Inject dlls in processes.
  • ExploitPack – Graphical tool for penetration testing with a bunch of exploits.
  • Evilgrade – The update explotation framework.
  • Fathomless – A collection of different programs for network red teaming.
  • Linux Exploit Suggester – Linux Exploit Suggester; based on operating system release number.
  • Metasploit Framework – Exploitation framework.
  • Nessus – Vulnerability, configuration, and compliance assessment.
  • Nexpose – Vulnerability Management & Risk Management Software.
  • OpenVAS – Open Source vulnerability scanner and manager.
  • PowerSploit – A PowerShell Post-Exploitation Framework.
  • PSKernel-Primitives – Exploit primitives for PowerShell.
  • ROP Gadget – Framework for ROP exploitation.
  • Routersploit – Automated penetration testing software for router.
  • Rupture – A framework for BREACH and other compression-based crypto attacks.
  • Shellsploit – Let’s you generate customized shellcodes, backdoors, injectors for various operating system. And let’s you obfuscation every byte via encoders.
  • SPARTA – Network Infrastructure Penetration Testing Tool.
  • Spoodle – A mass subdomain + poodle vulnerability scanner.
  • Veil Framework – A tool designed to generate metasploit payloads that bypass common anti-virus solutions.
  • Vuls – Vulnerability scanner for Linux/FreeBSD, agentless, written in Go.
  • Windows Exploit Suggester – Detects potential missing patches on the target.
  • Zarp – Network Attack Tool.

Exploits

Info Gathering

  • Bundler-audit – Patch-level verification for Bundler.
  • Dnsenum – A perl script that enumerates DNS information.
  • Dnsmap – Passive DNS network mapper.
  • Dnsrecon – DNS Enumeration Script.
  • Knock – A python tool designed to enumerate subdomains on a target domain through a wordlist.
  • IVRE – An open-source framework for network recon. It relies on open-source well-known tools to gather data (network intelligence), stores it in a database, and provides tools to analyze it.
  • Operative-framework – This is a framework based on fingerprint action, this tool is used for get information on a website or a enterprise target with multiple modules (Viadeo search,Linkedin search, Reverse email whois, Reverse ip whois, SQL file forensics …).
  • Recon-ng – A full-featured Web Reconnaissance framework written in Python.
  • SMBMap – A handy SMB enumeration tool.
  • SSLMap – TLS/SSL cipher suite scanner.
  • Subbrute – A DNS meta-query spider that enumerates DNS records, and subdomains.
  • TruffleHog – Searches through git repositories for high entropy strings, digging deep into commit history.
  • URLextractor – Information gathering & website reconnaissance.
  • Wmap – Information gathering for web hacking.

Fuzzing

  • AndroFuzz – A fuzzing utility for Android that focuses on reporting and delivery portions of the fuzzing process.
  • Construct – Declarative data structures for python that allow symmetric parsing and building.
  • Fusil – A Python library used to write fuzzing programs. It helps to start process with a prepared environment (limit memory, environment variables, redirect stdout, etc.), start network client or server, and create mangled files.
  • Fuzzbox – A multi-codec media fuzzing tool.
  • Honggfuzz – Security oriented fuzzer with powerful analysis options. Supports evolutionary, feedback-driven fuzzing based on code coverage (sw and hw).
  • Melkor-android – An Android port of the melkor ELF fuzzer.
  • MFFA – Media Fuzzing Framework for Android.
  • Netzob – Netzob is an opensource tool for reverse engineering, traffic generation and fuzzing of communication protocols.
  • Python-AFL – American fuzzy lop fork server and instrumentation for pure-Python code.
  • Radamsa-android – An Android port of radamsa fuzzer.
  • SecLists – A collection of multiple types of lists used during security assessments.
  • Sulley – Fuzzer development and fuzz testing framework consisting of multiple extensible components.
  • TAOF – The Art of Fuzzing, including ProxyFuzz, a man-in-the-middle non-deterministic network fuzzer.
  • Windows IPC Fuzzing Tools – A collection of tools used to attack applications that use Windows Interprocess Communication mechanisms.
  • Zulu – A fuzzer designed for rapid prototyping that normally happens on a client engagement where something needs to be fuzzed within tight timescales.

Mobile

  • AFE – Android Framework for Exploitation, is a framework for exploiting android based devices.
  • AndroBugs – An efficient Android vulnerability scanner that helps developers or hackers find potential security vulnerabilities in Android applications.
  • Android-vts – Android Vulnerability Test Suite – In the spirit of open data collection, and with the help of the community, let’s take a pulse on the state of Android security.
  • Androl4b – A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis.
  • CobraDroid – A custom build of the Android operating system geared specifically for application security analysts and for individuals dealing with mobile malware.
  • Drozer – The Leading Security Assessment Framework for Android.
  • Idb – A tool to simplify some common tasks for iOS pentesting and research.
  • Introspy-iOS – Security profiling for blackbox iOS.
  • JAADAS – Joint Advanced Defect assEsment for android applications.
  • Mobile Security Framework – An intelligent, all-in-one open source mobile application (Android/iOS/Windows) automated pen-testing framework capable of performing static, dynamic analysis and web API testing.
  • QARK – QARK by LinkedIn is for app developers to scan app for security issues.

MITM

  • Dnsspoof – DNS spoofer. Drops DNS responses from the router and replaces it with the spoofed DNS response.
  • Ettercap – A comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis.
  • Bettercap – A powerful, flexible and portable tool created to perform various types of MITM attacks against a network, manipulate HTTP, HTTPS and TCP traffic in realtime, sniff for credentials and much more.
  • Mallory – An extensible TCP/UDP man in the middle proxy that is designed to be run as a gateway. Unlike other tools of its kind, Mallory supports modifying non-standard protocols on the fly.
  • MITMf – Framework for Man-In-The-Middle attacks.
  • Mitmproxy – An interactive, SSL-capable man-in-the-middle proxy for HTTP with a console interface.
  • Mitmsocks4j – Man in the Middle SOCKS Proxy for JAVA.
  • Nogotofail – An on-path blackbox network traffic security testing tool.
  • Responder – A LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

Password Cracking

  • BozoCrack – A silly & effective MD5 cracker in Ruby.
  • HashCat – World’s fastest and most advanced password recovery utility.
  • Hob0Rules – Password cracking rules for Hashcat based on statistics and industry patterns.
  • John the Ripper – A fast password cracker.
  • THC-Hydra – A very fast network logon cracker which support many different services.

Port Scanning

  • Angry IP Scanner – Fast and friendly network scanner.
  • Masscan – TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
  • Nmap – Free Security Scanner For Network Exploration & Security Audits.
  • Zmap – An open-source network scanner that enables researchers to easily perform Internet-wide network studies.

Post Exploitation

  • Creddump – Dump windows credentials.
  • DET – (extensible) Data Exfiltration Toolkit (DET).
  • Dnsteal – DNS Exfiltration tool for stealthily sending files over DNS requests.
  • Empire – Empire is a pure PowerShell post-exploitation agent.
  • Fireaway – Next Generation Firewall Audit and Bypass Tool.
  • Iodine – Lets you tunnel IPv4 data through a DNS server.
  • Mallory – HTTP/HTTPS proxy over SSH.
  • Mimikatz – A little tool to play with Windows security.
  • P0wnedShell – PowerShell Runspace Post Exploitation Toolkit.
  • Pwnat – Punches holes in firewalls and NATs allowing any numbers of clients behind NATs to directly connect to a server behind a different NAT.
  • Tgcd – A simple Unix network utility to extend the accessibility of TCP/IP based network services beyond firewalls.
  • WCE – Windows Credentials Editor (WCE) is a security tool to list logon sessions and add, change, list and delete associated credentials.

Reporting

  • Dradis – Colllaboration and reporting for IT Security teams.
  • Faraday – Collaborative Penetration Test and Vulnerability Management Platform.

Services

  • Sslstrip – A demonstration of the HTTPS stripping attacks.
  • Sslstrip2 – SSLStrip version to defeat HSTS.
  • SSLyze – SSL configuration scanner.
  • Tls_prober – Fingerprint a server’s SSL/TLS implementation.

Training

  • Don’t Panic – Training linux bind shell with anti-reverse engineering techniques.
  • DVWA – Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web application that is damn vulnerable.
  • DVWS – Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication.
  • OWASP Juice Shop – An intentionally insecure webapp for security trainings written entirely in Javascript which encompasses the entire OWASP Top Ten and other severe security flaws.
  • OWASP NodeGoat – An environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
  • OWASP Railsgoat – A vulnerable version of Rails that follows the OWASP Top 10.
  • OWASP Security Shepherd – A web and mobile application security training platform.
  • OWASP WebGoat – A deliberately insecure Web Application.
  • RopeyTasks – Deliberately vulnerable web application.

Web

  • Arachni – Web Application Security Scanner Framework.
  • BlindElephant – Web Application Fingerprinter.
  • Burp Suite – An integrated platform for performing security testing of web applications.
  • Cms-explorer – CMS Explorer is designed to reveal the the specific modules, plugins, components and themes that various CMS driven web sites are running.
  • Dvcs-ripper – Rip web accessible (distributed) version control systems.
  • Fimap – Find, prepare, audit, exploit and even google automatically for LFI/RFI bugs.
  • Joomscan – Joomla CMS scanner.
  • Kadabra – Automatic LFI Exploiter and Scanner, written in C++ and a couple extern module in Python.
  • Kadimus – LFI scan and exploit tool.
  • Liffy – LFI exploitation tool.
  • Netsparker – Web Application Security Scanner.
  • Nikto2 – Web application vulnerability scanner.
  • NoSQLMap – Automated Mongo database and NoSQL web application exploitation tool.
  • OWASP Xenotix – XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework.
  • Paros – A Java based HTTP/HTTPS proxy for assessing web application vulnerability.
  • Ratproxy – A semi-automated, largely passive web application security audit tool, optimized for an accurate and sensitive detection, and automatic annotation, of potential problems.
  • Scout2 – Security auditing tool for AWS environments.
  • Skipfish – An active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes.
  • SQLMap – Automatic SQL injection and database takeover tool.
  • SQLNinja – SQL Server injection & takeover tool.
  • TPLMap – Automatic Server-Side Template Injection Detection and Exploitation Tool.
  • Yasuo – A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network.
  • W3af – Web application attack and audit framework.
  • Wapiti – Web application vulnerability scanner.
  • Weevely3 – Weaponized web shell.
  • WhatWeb – Website Fingerprinter.
  • WordPress Exploit Framework – A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems.
  • WPScan – WPScan is a black box WordPress vulnerability scanner.
  • WPSploit – Exploiting WordPress With Metasploit.
  • WS-Attacker – A modular framework for web services penetration testing.
  • Zed Attack Proxy (ZAP) – The OWASP ZAP core project.

Wireless

  • Aircrack-ng – An 802.11 WEP and WPA-PSK keys cracking program.
  • Kismet – Wireless network detector, sniffer, and IDS.
  • LANs.py – Inject code, jam wifi, and spy on wifi users.
  • Mass-deauth – A script for 802.11 mass-deauthentication.
  • Reaver – Brute force attack against Wifi Protected Setup.
  • Wifikill – A python program to kick people off of wifi.
  • Wifijammer – Continuously jam all wifi clients/routers.
  • Wifite – Automated wireless attack tool.
  • Wifiphisher – Automated phishing attacks against Wi-Fi networks.

Security

Endpoint Security

  • AIDE – Advanced Intrusion Detection Environment is a file and directory integrity checker.
  • Duckhunt – Prevent RubberDucky (or other keystroke injection) attacks.

Privacy

  • I2P – The Invisible Internet Project.
  • Nipe – A script to make Tor Network your default gateway.
  • SecureDrop – Open-source whistleblower submission system that media organizations can use to securely accept documents from and communicate with anonymous sources.
  • Tor – The free software for enabling onion routing online anonymity.

Reverse Engineering

  • AndBug – A debugger targeting the Android platform’s Dalvik virtual machine intended for reverse engineers and developers.
  • Angr – A platform-agnostic binary analysis framework developed by the Computer Security Lab at UC Santa Barbara and their associated CTF team, Shellphish.
  • Apk2Gold – Yet another Android decompiler.
  • ApkTool – A tool for reverse engineering Android apk files.
  • Barf – Binary Analysis and Reverse engineering Framework.
  • BinText – A small, very fast and powerful text extractor.
  • BinWalk – Analyze, reverse engineer, and extract firmware images.
  • Boomerang – Decompile x86 binaries to C.
  • Bytecode-viewer – A Java 8 Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More).
  • Bytecode_graph – Module designed to modify Python bytecode. Allows instructions to be added or removed from a Python bytecode string.
  • Capstone – Lightweight multi-platform, multi-architecture disassembly framework with Python bindings.
  • CHIPSEC – Platform Security Assessment Framework.
  • Coda – Coredump analyzer.
  • Ctf_import – Run basic functions from stripped binaries cross platform.
  • Edb – A cross platform x86/x86-64 debugger.
  • Dex2jar – Tools to work with android .dex and java .class files.
  • Distorm – Powerful Disassembler Library For x86/AMD64.
  • DotPeek – A free-of-charge .NET decompiler from JetBrains.
  • Enjarify – A tool for translating Dalvik bytecode to equivalent Java bytecode. This allows Java analysis tools to analyze Android applications.
  • Fibratus – Tool for exploration and tracing of the Windows kernel.
  • Fino – An Android Dynamic Analysis Tool.
  • Flare-ida – IDA Pro utilities from FLARE team.
  • Frida – Inject JavaScript to explore native apps on Windows, macOS, Linux, iOS, Android, and QNX.
  • Gdb-dashboard – Modular visual interface for GDB in Python.
  • GEF – Multi-Architecture GDB Enhanced Features for Exploiters & Reverse-Engineers.
  • Hopper – A OS X and Linux Disassembler/Decompiler for 32/64 bit Windows/Mac/Linux/iOS executables.
  • Idaemu – Is an IDA Pro Plugin, use for emulating code in IDA Pro.
  • IDA Free – The freeware version of IDA.
  • IDA Patcher – IDA Patcher is a plugin for Hex-Ray’s IDA Pro disassembler designed to enhance IDA’s ability to patch binary files and memory.
  • IDA Pomidor – IDA Pomidor is a plugin for Hex-Ray’s IDA Pro disassembler that will help you retain concentration and productivity during long reversing sessions.
  • IDA Pro – A Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger.
  • IDA Sploiter – IDA Sploiter is a plugin for Hex-Ray’s IDA Pro disassembler designed to enhance IDA’s capabilities as an exploit development and vulnerability research tool.
  • IDAPython – An IDA plugin which makes it possible to write scripts for IDA in the Python programming language.
  • Immunity Debugger – A powerful new way to write exploits and analyze malware.
  • JAD – JAD Java Decompiler.
  • Jadx – Decompile Android files.
  • JD-GUI – Aims to develop tools in order to decompile and analyze Java 5 “byte code” and the later versions.
  • Keystone Engine – A lightweight multi-platform, multi-architecture assembler framework.
  • Krakatau – Java decompiler, assembler, and disassembler.
  • Manticore – Prototyping tool for dynamic binary analysis, with support for symbolic execution, taint analysis, and binary instrumentation.
  • MARA Framework – A Mobile Application Reverse engineering and Analysis Framework.
  • Medusa – A disassembler designed to be both modular and interactive.
  • Mona.py – PyCommand for Immunity Debugger that replaces and improves on pvefindaddr.
  • OllyDbg – An x86 debugger that emphasizes binary code analysis.
  • Paimei – Reverse engineering framework, includes PyDBG, PIDA, pGRAPH.
  • PEDA – Python Exploit Development Assistance for GDB.
  • Plasma – Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.
  • Procyon – A modern open-source Java decompiler.
  • Pyew – Command line hexadecimal editor and disassembler, mainly to analyze malware.
  • Qira – QEMU Interactive Runtime Analyser.
  • R2MSDN – R2 plugin to add MSDN documentation URLs and parameter names to imported function calls.
  • RABCDAsm – Robust ABC (ActionScript Bytecode) [Dis-]Assembler.
  • Radare2 – Opensource, crossplatform reverse engineering framework.
  • Redexer – A reengineering tool that manipulates Android app binaries.
  • ScratchABit – Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API.
  • Simplify – Generic Android Deobfuscator.
  • Smali – Smali/baksmali is an assembler/disassembler for the dex format used by dalvik, Android’s Java VM implementation.
  • Toolbag – The IDA Toolbag is a plugin providing supplemental functionality to Hex-Rays IDA Pro disassembler.
  • Ufgraph – A simple script which parses the output of the uf (un-assemble function) command in windbg and uses graphviz to generate a control flow graph as a PNG/SVG/PDF/GIF (see -of option) and displays it.
  • Uncompyle – Decompile Python 2.7 binaries (.pyc).
  • Unicorn Engine – A lightweight, multi-platform, multi-architecture CPU emulator framework based on QEMU.
  • Voltron – An extensible debugger UI toolkit written in Python. It aims to improve the user experience of various debuggers (LLDB, GDB, VDB and WinDbg) by enabling the attachment of utility views that can retrieve and display data from the debugger host.
  • WinDbg – Windows Driver Kit and WinDbg.
  • WinHex – A hexadecimal editor, helpful in the realm of computer forensics, data recovery, low-level data processing, and IT security.
  • Unlinker – Unlinker is a tool that can rip functions out of Visual C++ compiled binaries and produce Visual C++ COFF object files.
  • UPX – The Ultimate Packer for eXecutables.
  • X64_dbg – An open-source x64/x32 debugger for windows.
  • Xxxswf – A Python script for analyzing Flash files.
  • YaCo – An Hex-Rays IDA plugin. When enabled, multiple users can work simultaneously on the same binary. Any modification done by any user is synchronized through git version control.

Social Engineering

Framework

  • SET – The Social-Engineer Toolkit from TrustedSec.

Harvester

  • Creepy – A geolocation OSINT tool.
  • Github-dorks – CLI tool to scan github repos/organizations for potential sensitive information leak.
  • Maltego – Proprietary software for open source intelligence and forensics, from Paterva.
  • Metagoofil – Metadata harvester.
  • TheHarvester – E-mail, subdomain and people names harvester.
  • TTSL – Tool to scrape LinkedIn.

Phishing

  • Whatsapp-phishing – Proof of principle code for running a phishing attack against the official Whatsapp Web client.

ref : https://github.com/jekil/awesome-hacking


Awesome Hacking Resources

A collection of hacking / penetration testing resources to make you better!

Let’s make it the biggest resource repository for our community.

You are welcome to fork and contribute.

We started a new tools list, come and contribute

Table of Contents

Learning the Skills

Name Description
Free interactive labs with White Hat Academy 32 labs, easy account sign in with github credentials
Learning Exploitation with Offensive Computer Security 2.0 blog-style instruction, includes: slides, videos, homework, discussion. No login required.
Cybrary coursera style website, lots of user-contributed content, account required, content can be filtered by experience level
OffensiveComputerSecurity academic content, full semester course including 27 lecture videos with slides and assign readings
CS 642: Intro to Computer Security academic content, full semester course, includes assigned readings, homework and github refs for exploit examples. NO VIDEO LECTURES.
Free cyber security training Academic content, 8 full courses with videos from a quirky instructor sam, links to research, defcon materials and other recommended training/learning
SecurityTube tube-styled content, “megaprimer” videos covering various topics, no readable content on site.
Seed Labs academic content, well organized, featuring lab videos, tasks, needed code files, and recommended readings
Hak5 podcast-style videos covering various topics, has a forum, “metasploit-minute” video series could be useful
OWASP top 10 web security risks free courseware, requires account
MIT OCW 6.858 Computer Systems Security academic content, well organized, full-semester course, includes assigned readings, lectures, videos, required lab files.

YouTube Channels

Name Description
OWASP see OWASP above
Hak5 see Hak5 above
BlackHat features talks from the BlackHat conferences around the world
Christiaan008 hosts a variety of videos on various security topics, disorganized

Company

0patch by ACROS Security few videos, very short, specific to 0patch
Detectify very short videos, aimed at showing how to use Detictify scanner
Kaspersky Lab lots of Kaspersky promos, some hidden cybersecurity gems
Metasploit collection of medium length metasploit demos, ~25minutes each, instructional
OpenNSM network analysis, lots of TCPDUMP videos, instructional,
Rapid7 brief videos, promotional/instructional, ~ 5 minutes
Securelist brief videos, interviews discussing various cyber security topics
Segment Security promo videos, non-instructional
SocialEngineerOrg podcast-style, instructional, lengthy content ~1 hr each
Sonatype lots of random videos, a good cluster of DevOps related content, large range of lengths, disorganized
SophosLabs lots of brief, news-style content, “7 Deadly IT Sins” segment is of note
Sourcefire lots of brief videos covering topics like botnets, DDoS ~5 minutes each
Station X handful of brief videos, disorganized, unscheduled content updates
Synack random, news-style videos, disorganized, non-instructional
TippingPoint Zero Day Initiative very brief videos ~30 sec, somewhat instructional
Tripwire, Inc. some tripwire demos, and random news-style videos, non-instructional
Vincent Yiu handful of videos from a single hacker, instructional
nVisium Some nVisum promos, a handful of instructional series on Rails vulns and web hacking
ntop network monitoring, packet analysis, instructional

Conferences

44contv information security con based in London, lengthy instructional videos
BruCON Security Conference security and hacker conference based in b\Belgium, lots of lengthy instructinoal videos
BSides Manchester security and hacker con based in Mancheseter, lots of lengthy videos
BSidesAugusta security con based in Augusta, Georgia, lots of lengthy instructional videos
CarolinaCon security con based in North Carolina, associated with various 2600 chapters, lots of lengthy instructional content
Cort Johnson a handful of lengthy con-style talks from Hack Secure Opensec 2017
DevSecCon lenghty con videos covering DevSecOps, making software more secure
Garage4Hackers – Information Security a handful of lengthy videos, About section lacks description
HACKADAY lots of random tech content, not strictly infosec, some instructional
Hack In The Box Security Conference lengthy con-style instructional talks from an international security con
Hack in Paris security con based in paris, features lots of instructional talks, slides can be difficult to see.
Hacklu lots of lengthy con-style instructional videos
Hacktivity lots of lengthy con-style instructional videos from a con in central/eastern europe
Hardwear.io handful of lengthy con-style video, emphasis on hardware hacks
IEEE Symposium on Security and Privacy content from the symposium; IEEE is a professional association based in the us, they also publish various journals
LASCON lengthy con-style talks from an OWASP con held in Austin, TX
Marcus Niemietz lots of instructional content, associated with HACKPRA, an offensive security course from an institute in Germany
Media.ccc.de The real official channel of the chaos computer club, operated by the CCC VOC – tons of lengthy con-style vids
NorthSec lengthy con-style talks from an applied security conference in Canada
Pancake Nopcode channel of Radare2 whiz Sergi “pancake” Alvarez, Reverse Engineering Content
Psiinon medium length instructional videos, for the OWASP Zed Attack Proxy
SJSU Infosec handful of lengthy instructional videos from San Jose State university Infosec
Secappdev.org tons of lengthy instructional lectures on Secure App Development
Security Fest medium length con-style talks from a security festival in Sweden
SecurityTubeCons an assortment of con-style talks from various cons including BlackHat and Shmoocon
ToorCon handful of medium length con videos from con based in San Diego, CA
USENIX Enigma Conference medium length “round table discussion with leading experts”, content starts in 2016

News

Corey Nachreiner security newsbites, 2.7K subscribers, 2-3 videos a week, no set schedule
Error 404 Cyber News short screen-shot videos with loud metal, no dialog, bi-weekly
Latest Hacking News 10K followers, medium length screenshot videos, no recent releases
Pentester Academy TV lots of brief videos, very regular posting, up to +8 a week
SecureNinjaTV brief news bites, irregular posting, 18K followers
Troy Hunt lone youtuber, medium length news videos, 16K followers, regular content
Samy Kamkar’s Applied Hacking brief to medium length instructional vids from the creator of PoisonTap for the Raspberry Pi Zero, no recent content, last updated in 2016
danooct1 lots of brief screenshot, how-to vids regarding malware, regular content updates, 186K followerss
DedSec lots of brief screenshot how-to vids based in Kali, no recent posts.
DEFCON Conference lots of lengthy con-style vids from the iconical DEFCON
DemmSec lots of pen testing vids, somewhat irregular uploads, 44K followers
Don Does 30 amateur pen-tester posting lots of brief screenshot vids regularly, 9K Followers
Geeks Fort – KIF lots of brief screenshot vids, no recent posts
iExplo1t lots of screenshot vids aimed at novices, 5.7K Followers, no recent posts
HACKING TUTORIALS handful of brief screenshot vids, no recent posts.
LiveOverflow Lots of brief-to-medium isntructional vids, covering things like buffer overflwos and exploit writing, regular posts.
Metasploitation lots of screenshot vids, little to no dialogue, all about using Metasploit, no recent vids.
NetSecNow channel of pentesteruniversity.org, seems to post once a month, screenshot instructional vids
Open SecurityTraining lots of lengthy lecture-style vids, no recent posts, but quality info.
BalCCon – Balkan Computer Congress Long con-style talks from the Balkan Computer Congress, doesn’t update regularly
Penetration Testing in Linux DELETE
rwbnetsec lots of medium length instructional videos covering tools from Kali 2.0, no recent posts.
Security Weekly regular updates, lengthy podcst-style interview with industry pros
Seytonic variety of DIY hacking tutorials, hardware hacks, regular updates
Shozab Haxor lots of screenshot style instructional vids, regular updates, windows CLI tutorial
SSTec Tutorials lots of brief screenshot vids, regular updates
Waleed Jutt lots of brief screenshot vids covering web security and game programming
webpwnized lots of brief screenshot vids, some CTF walkthroughs
JackkTutorials lots of medium length instructional vids with some AskMe vids from the youtuber
Zer0Mem0ry lots of brief c++ security videos, programming intensive
LionSec lots of brief screenshot instructional vids, no dialog
Adrian Crenshaw lots of lengthy con0style talks
HackerSploit regular posts, medium length screenshot vids, with dialog
Derek Rook – CTF/Boot2root/wargames Walkthrough lots of lengthy screenshot instructional vids, with

Sharpening Your Skills

Name Description
OWASP Security Shepherd BROKEN AS OF 11/6
CTFLearn an account-based ctf site, where users can go in and solve a range of challenges
CTFs write-ups a collection of writeups from various CTFs, organized by
CTF365 account based ctf site, awarded by Kaspersky, MIT, T-Mobile
Pentestit acocunt based CTF site, users have to install open VPN and get credentials
Hacksplaining a clickthrough security informational site, very good for beginners.
The cryptopals crypto challenges A bunch of CTF challenges, all focused on cryptography.
The enigma group web application security training, account based, video tutorials
Ringzer0 Team an account based CTF site, hosting over 272 challenges
Hack The Box Pen testing labs hosting over 39 vulnerable machines with two additional added every month
Over the wire A CTF that’s based on progressive levels for each lab, the users SSH in, no account recquired
Backdoor pen testing labs that have a space for beginners, a practice arena and various competitions, account required
Vulnhub site hosts a ton of different vulnerable Virtual Machine images, download and get hacking
Hack.me lets you build/host/attack vulnerable web apps
Hack this site! an oldy but goodie, account required, users start at low levels and progress in difficulty
Exploit exercises hosts 5 fulnerable virtual machines for you to attack, no account required
PentesterLab hosts a variety of exercises as well as various “bootcamps” focused on specific activities
SmashTheStack hosts various challenges, similar to OverTheWire, users must SSH into the machines and progress in levels
PicoCTF CTF hosted by Carnegie Mellon, occurs yearly, account required.
Shellter Labs account based infosec labs, they aim at making these activities social
Pentest Practice account based Pentest practice, free to sign up, but there’s also a pay-as-you-go feature
Pentest.training lots of various labs/VMS for you to try and hack, registry is optional.
pwnable.kr Don’t let the cartoon characters fool you, this is a serious CTF site that will teach you a lot, account required
pwnable.tw hosts 27 challenges accompanied with writeups, account required
hackburger.ee hosts a number of web hacking challenges, account required
http://noe.systems/ Korean challenge site, requires an account
Hacker Gateway ctfs covering steganography, cryptography, and web challengs, account required
Solve Me “yet another challenge”, account required.
Challenge Land Ctf site with a twist, no simple sign-up, you have to solve a challengeto even get that far!
Participating Challenge Sites aims at creating a universal ranking for CTF participants
Hacker test similar to “hackthissite”, no account required.
Crackmes.de Archive (2011-2015) a reverse engineering information Repo, started in 2003
ROP Emporium Return Oriented Programming challenges
Google’s XSS game XSS challenges, an dpotentially a chance to get paid!

Reverse Engineering, Buffer Overflow and Exploit Development

Name Description
Shell storm Blog style collection with organized info about Rev. Engineering.
Buffer Overflow Exploitation Megaprimer for Linux Collection of Linux Rev. Engineering videos
Reverse Engineering Malware 101 intro course created by Malware Unicorn, complete with material and two VM’s
Reverse Engineering Malware 102 the sequel to RE102
Modern Binary Exploitation – CSCI 4968 RE challenges, you can download the files or download the VM created by RPISEC specifically for challenges, also links to their home page with tons of infosec lectures
Introductory Intel x86 63 days of OS class materials, 29 classes, 24 instructors, no account required
Binary hacking 35 “no bullshit” binary videos along with other info
Shellcode Injection a blog entry from a grad student at SDS Labs
Reverse Engineering for Beginners huge OS textbook, created by Dennis Yurichev
Exploit tutorials a series of 9 exploit tutorials,also features a podcast
Exploit development links to the forum’s exploit dev posts, quality and post style will vary with each poster
flAWS challenge Through a series of levels you’ll learn about common mistakes and gotchas when using Amazon Web Services (AWS).
Corelan tutorials detailed tutorial, lots of good information about memory
Reverse engineering reading list a github collection of RE tools and books
Reverse Engineering challenges collection of challenges from the writer of RE for Beginners
Reverse Engineering for beginners (GitHub project) github for the above
reversing.kr challenges reverse engineering challenges varying in difficulty
Analysis and exploitation (unprivileged) huge collection of RE information, organized by type.
A Course on Intermediate Level Linux Exploitation as the title says, this course isn’t for beginners
Lena’s Reversing for Newbies (Complete) listing of a lengthy resource by Lena, aimed at being a course
Megabeets journey into Radare2 one user’s radare2 tutorials
Introduction to ARM Assembly Basics tons of tutorials from infosec pro Azeria, follow her on twitter
Linux (x86) Exploit Development Series blog post by sploitfun, has 3 different levels

Privilege Escalation

Name Description
Reach the root discusses a process for linux privilege exploitation
Basic linux privilege escalation basic linux exploitation, also covers Windows
Windows Privilege Escalation collection of wiki pages covering Windows Privilege escalation
Privilege escalation for Windows and Linux covers a couple different exploits for Windows and Linux
Windows Privilege Escalation Fundamentals collection of great info/tutorials, option to contribute to the creator through patreon, creator is an OSCP
RootHelper a tool that runs various enumeration scripts to check for privilege escalation
Windows exploits, mostly precompiled. precompiled windows exploits, could be useful for reverse engineering too
Unix privesc checker a script that checks for PE vulnerabilities on a system
Privilege escalation linux with live example covers a couple common PE methods in linux
Windows privilege escalation checker a list of topics that link to pentestlab.blog, all related to windows privilege escalation
Linux Privilege Escalation Scripts a list of PE checking scripts, some may have already been covered
AutoLocalPrivilegeEscalation automated scripts that downloads and compiles from exploitdb
Linux Privilege Escalation Check Script a simple linux PE check script
Local Linux Enumeration & Privilege Escalation Cheatsheet good resources that could be compiled into a script
4 Ways get linux privilege escalation shows different examples of PE

Malware Analysis

Name Description
Malware traffic analysis list of traffic analysis exercises
Malware Analysis – CSCI 4976 another class from the folks at RPISEC, quality content

Network Scanning / Reconnaissance

Name Description
Foot Printing with WhoIS/DNS records a white paper from SANS
Google Dorks/Google Hacking list of commands for google hacks, unleash the power of the world’s biggest search engine

Vulnerable Web Application

Name Description
OWASP Hackademic Challenges project web hacking challenges
bWAPP common buggy web app for hacking, great for beginners, lots of documentation
Damn Vulnerable Web Application (DVWA) PHP/MySQL web app for testing skills and tools
WebGoat: A deliberately insecure Web Application maintained by OWASP and designed to to teach web app security
OWASP Mutillidae II another OWASP vulnerable app, lots of documentation.
OWASP Broken Web Applications Project hosts a collection of broken web apps
Damn Small Vulnerable Web written in less than 100 lines of code, this web app has tons of vulns, great for teaching
OWASP Juice Shop covers the OWASP top 10 vulns
Google Gruyere host of challenges on this cheesy web app

Vulnerable OS

Name Description
Metasploitable2 (Linux) vulnerable OS, great for practicing hacking
Metasploitable3 [Installation] the third installation of this vulnerable OS
Vulnhub collection of tons of different vulnerable OS and challenges
General Test Environment Guidance white paper from the pros at rapid7

Linux Penetration Testing OS

Name Description
BackBox open source community project, promoting security in IT enivornments
BlackArch Arch Linux based pentesting distro, compatible with Arch installs
Kali the infamous pentesting distro from the folks at Offensive Security
LionSec Linux pentesting OS based on Ubuntu
Parrot Debian includes full portable lab for security, DFIR, and development
Bugtraq advanced GNU Linux pen-testing technology
Android Tamer Android Tamer is a Virtual / Live Platform for Android Security professionals.

Exploits

Name Description
Exploit Database database of a wide variety exploits, CVE compliant archive
CXsecurity Indie cybersecurity info managed by 1 person
0day.today Easy to navigate database of exploits
Snyk Vulnerability DB detailed info and remediation guidance for known vulns, also allows you to test your code

Forums

Name Description
Greysec hacking and security forum
Hackforums posting webstite for hacks/exploits/various discussion
0x00sec hacker, malware, computer engineering, Reverse engineering
Antichat russian based forum
EAST Exploit database exploit DB for commercial exploits written for EAST Pentest Framework

Archived Security Conference Videos

Name Description
InfoCon.org hosts data from hundreds of cons
Irongeek Website of Adrien Crenshaw, hosts a ton of info.

Online Communities

Name Description
Hack+ link requires telegram to be used
MPGH community of MultiPlayerGameHacking
Hacktoday requires an account, covering all kinds of hacking topics

Online News Sources

Name Description
Recent Hash Leaks great place to lookup hashes
InfoSec covers all the latest infosec topics
Threatpost covers all the latest threats and breaches
Security Intell covers all kinds of news, great intelligence resources
The Hacker News features a daily stream of hack news, also has an app

ref : https://github.com/vitalysim/Awesome-Hacking-Resources


Awesome Hacking

A curated list of awesome Hacking. Inspired by awesome-machine-learning

For a list of free hacking books available for download, go here

Table of Contents

System

Tutorials

Tools

  • Metasploit A computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.
  • mimikatz – A little tool to play with Windows security

Docker Images for Penetration Testing & Security

General

Reverse Engineering

Tutorials

Tools

  • nudge4j – Java tool to let the browser talk to the JVM
  • IDA – IDA is a Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger
  • OllyDbg – A 32-bit assembler level analysing debugger for Windows
  • x64dbg – An open-source x64/x32 debugger for Windows
  • dex2jar – Tools to work with Android .dex and Java .class files
  • JD-GUI – A standalone graphical utility that displays Java source codes of “.class” files
  • procyon – A modern open-source Java decompiler
  • androguard – Reverse engineering, malware and goodware analysis of Android applications
  • JAD – JAD Java Decompiler (closed-source, unmaintained)
  • dotPeek – a free-of-charge .NET decompiler from JetBrains
  • ILSpy – an open-source .NET assembly browser and decompiler
  • dnSpy – .NET assembly editor, decompiler, and debugger
  • de4dot – .NET deobfuscator and unpacker.
  • antinet – .NET anti-managed debugger and anti-profiler code
  • UPX – the Ultimate Packer for eXecutables
  • radare2 – A portable reversing framework
  • plasma – Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.
  • Hopper – A OS X and Linux Disassembler/Decompiler for 32/64-bit Windows/Mac/Linux/iOS executables.
  • ScratchABit – Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API

General

Web

Tools

  • sqlmap – Automatic SQL injection and database takeover tool
  • tools.web-max.ca – base64 base85 md4,5 hash, sha1 hash encoding/decoding

Network

Tools

  • Wireshark – A free and open-source packet analyzer
  • NetworkMiner – A Network Forensic Analysis Tool (NFAT)
  • tcpdump – A powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture
  • Paros – A Java-based HTTP/HTTPS proxy for assessing web application vulnerability
  • pig – A Linux packet crafting tool
  • ZAP – The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications
  • mitmproxy – An interactive, SSL-capable man-in-the-middle proxy for HTTP with a console interface
  • mitmsocks4j – Man-in-the-middle SOCKS Proxy for Java
  • nmap – Nmap (Network Mapper) is a security scanner
  • Aircrack-ng – An 802.11 WEP and WPA-PSK keys cracking program
  • Charles Proxy – A cross-platform GUI web debugging proxy to view intercepted HTTP and HTTPS/SSL live traffic
  • Nipe – A script to make Tor Network your default gateway.
  • Habu – Python Network Hacking Toolkit
  • Wifi Jammer – Free program to jam all wifi clients in range
  • Firesheep – Free program for HTTP session hijacking attacks.
  • Scapy – A Python tool and library for low level packet creation and maniputalion

Forensic

Tools

  • Autospy – A digital forensics platform and graphical interface to The Sleuth Kit and other digital forensics tools
  • sleuthkit – A library and collection of command-line digital forensics tools
  • EnCase – The shared technology within a suite of digital investigations products by Guidance Software
  • malzilla – Malware hunting tool
  • PEview – A quick and easy way to view the structure and content of 32-bit Portable Executable (PE) and Component Object File Format (COFF) files
  • HxD – A hex editor which, additionally to raw disk editing and modifying of main memory (RAM), handles files of any size
  • WinHex – A hexadecimal editor, helpful in the realm of computer forensics, data recovery, low-level data processing, and IT security
  • BinText – A small, very fast and powerful text extractor that will be of particular interest to programmers

Cryptography

Tools

  • xortool – A tool to analyze multi-byte XOR cipher
  • John the Ripper – A fast password cracker
  • Aircrack – Aircrack is 802.11 WEP and WPA-PSK keys cracking program.

Wargame

System

Reverse Engineering

  • Reversing.kr – This site tests your ability to Cracking & Reverse Code Engineering
  • CodeEngn – (Korean)
  • simples.kr – (Korean)
  • Crackmes.de – The world first and largest community website for crackmes and reversemes.

Web

  • Hack This Site! – a free, safe and legal training ground for hackers to test and expand their hacking skills
  • Webhacking.kr
  • 0xf.at – a website without logins or ads where you can solve password-riddles (so called hackits).

Cryptography

Bug bounty

CTF

Competition

General

OS

Online resources

ETC

  • SecTools – Top 125 Network Security Tools

ref : https://github.com/carpedm20/awesome-hacking


Free Security eBooks

A curated list of free Security and Pentesting related E-Books available on the Internet.

DMCA takedown cannot be possible as we are not republishing the books/infringement of code, but we are just hosting the links to 3rd party websites where these books can be downloaded. To know more on DMCA takedown policy here.

The topics include:


Network Pentesting

Defensive Security


Offensive Security


Programming Languages


Reverse Engineering


Virus Botnet and Malware


Misc

ref : https://github.com/Hack-with-Github/Free-Security-eBooks

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s