pwnd

pwnd.md

Tools

• Metaspoit: Penetration testing software
• BeEF: The Browser Exploitation Framework
• PTF: Penetration Testers Framework
• Bettercap: MITM framework
• Nessus: Vulnerability scanner
• AutoNessus: Auto Nessus
• BDFProxy: Patch Binaries via MITM (BackdoorFactory)
• Xplico: Network Forensic Analysis Tool (eg. parse pcap file)
• Sqlmap: Automatic SQL injection and database takeover tool
• jsql-injection: Java application for automatic SQL database injection
• HoneyProxy: MITM
• Gophish: Open-Source Phishing Framework
• SET: Social-Engineer Toolkit
• USBRubberDucky: USB Rubber Ducky
• USB Wifi Ducky: Upload, save and run keystroke injection payloads with an ESP8266 + ATMEGA32U4
• WHID: WiFi HID Injector for Fun & Profit - An USB Rubberducky On Steroids.
• SimplyEmail: Email recon framework
• WiFI pineapple: WiFI pineapple (mitm)
• makeMyCSRF: makeMyCSRF is a tool that can be used to automate auto-submit HTML form creation
• Weeman: HTTP Server for phishing
• PlugBot: The PlugBot: Hardware Botnet Research Project
• Pwn Phone: Portable pentesting device
• EmPyre: A post-exploitation OS X/Linux agent written in Python 2.7
• Mimikatz: A little tool to play with Windows security (videos)
• Acunetix: Scanner to check for XSS, SQL Injection and other web vulnerabilities
• Burp Suite: The leading toolkit for web application security testing
• Burp NoPE Proxy: Non-HTTP Protocol Extension (NoPE) Proxy and DNS for Burp Suite.
• ntopng: High-speed web-based traffic analysis
• nethogs: Linux 'net top' tool
• jnettop: traffic visualiser
• Lynis: Security auditing tool for Linux, macOS, and UNIX-based systems
• Volatility: An advanced memory forensics framework
• Radare: portable reversing framework
• Android Fallible: Secrets leak in Android apps
• XssPy: Web Application XSS Scanner
• Unicorn: Tool for using a PowerShell downgrade attack and inject shellcode straight into memory
• changeme: A default credential scanner
• Mercure: Tool for security managers who want to train their collaborators to phishing
• catphish: For phishing and corporate espionage
• Security Checklist: The SaaS CTO Security Checklist
• cgPwn: A lightweight VM for hardware hacking, RE (fuzzing, symEx, exploiting etc) and wargaming tasks
• pwlist: Password lists obtained from strangers attempting to log in to my server
• howmanypeoplearearound: Count the number of people around you by monitoring wifi signals
• xss-listener: XSS Listener is a penetration tool for easy to steal data with various XSS
• owasp-mstg: The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering
• KeychainCracker: macOS keychain cracking tool
• Microsploit: Fast and easy create backdoor office exploitation using module metasploit packet
• InjectProc: Process Injection Techniques
• expdevBadChars: Bad Characters highlighter for exploit development
• massExpConsole: Collection of Tools and Exploits with a CLI UI
• getsploit: Command line utility for searching and downloading exploits
• Findsploit: Find exploits in local and online databases instantly
• vulscan: Advanced vulnerability scanning with Nmap NSE
• psychoPATH: a blind webroot file upload & LFI detection tool
• repo-supervisor: Scan your code for security misconfiguration, search for passwords and secrets
• xssor: Hack with Javascript (online tool)
• xray: XRay is a tool for recon, mapping and OSINT gathering from public networks
• Frida: Inject JavaScript to explore native apps on Windows, macOS, Linux, iOS, Android, and QNX
• objection: runtime mobile exploration (based on Frida)
• pwnbox: Docker container with tools for binary reverse engineering and exploitation
• backdoor-apk: shell script that simplifies the process of adding a backdoor to any Android APK file
• Attify OS: Distro for pentesting IoT devices
• Zeus: AWS Auditing & Hardening Tool
• EvilAbigail: Automated Linux evil maid attack (backdoors initrd)
• mitm-router: Man-in-the-middle wireless access point inside a docker container
• Dracnmap: Exploit Network and Gathering Information with Nmap
• RastLeak: Tool To Automatic Leak Information Using Hacking With Engine Searches
• pupy: remote administration and post-exploitation tool (python)
• pwndsh: Post-exploitation framework (bash) (presentation)
• kwetza: Python script to inject existing Android applications with a Meterpreter payload
• zmap: ZMap Internet Scanner
• zgrab: Application layer scanner that operates with ZMap
• OpenVAS: The world's most advanced Open Source vulnerability scanner and manager
• Vulny-Code-Static-Analysis: Basic script to detect vulnerabilities into a PHP source code
• knockpy: Knock Subdomain Scan
• BoopSuite: A Suite of Tools written in Python for wireless auditing and security testing (demo)
• DataSploit: An OSINT Framework to perform various recon techniques
• domain_analyzer: Analyze the security of any domain by finding all the information possible
• Luckystrike: A PowerShell based utility for the creation of malicious Office macro documents (demo)
• sqlcheck: Automatically identify anti-patterns in SQL queries
• SSRF Testing: https://github.com/cujanovic/SSRF-Testing/
• XFLTReaT: Tunnelling Framework (kitploit)
• rudra: Framework for exhaustive analysis of (PCAP and PE) files

Use cases

• https://github.com/eset/malware-ioc: Indicators of Compromises (IOC) of our various investigations

Devices

• Emutag: Mifare ultralight and ntag2x3 emulator
• WiFi deauther OLED V2
• Mobile Hack Gear

Wifi

• bully-vanilla: Bully is a new implementation of the WPS brute force attack
• boxon: Détecteur box vulnérables à la brèche PIN NULL (topic)
• NullWpsPinAuto: Simple bash script intended to exploit the Null Wps Pin breach automatically

Blog / Docs

• The definitive guide to form-based website authentication
• Improved Persistent Login Cookie Best Practice
• Nmap Cheat Sheet
• XSS Cheat Sheet

Training

• HackTheBox
• Hacker House
• Docker Hacking Challenge

Misc

• Collection of CSP bypasses

Other lists

• https://github.com/zbetcheckin/Security_list
• https://github.com/Hack-with-Github/Awesome-Hacking
• https://github.com/enaqx/awesome-pentest
• https://github.com/shieldfy/API-Security-Checklist
• https://github.com/forter/security-101-for-saas-startups
• https://github.com/carpedm20/awesome-hacking
• https://github.com/sobolevn/awesome-cryptography
• https://github.com/secfigo/Awesome-Fuzzing