[REQUEST] Many good tools for various task

[cegi]

Thanks for the hard work, best pentest repository. I request only good tools that works well, and open-source of course. Took me some time to find the top tools that aren't in the repository, and then select the best of them. Would appreciate it very much if you find some time to add them, it's always easier to "pacman -S" than "git clone" when reinstalling right heh.

---

Defensive Tools

Bash Script to Hide in a network, also change mac : https://github.com/cryptolok/GhostInTheNet Bash Script to Anonymize the IP, use multiple VPN and Proxies, and option to connect to TOR : https://github.com/Hackplayers/4nonimizer

A proxy tool for pentesters to have easier lateral movement : https://github.com/trustedsec/pivoter Shared Host Integrated Password System : https://github.com/trustedsec/SHIPS A reliable method for droppers on an infrastructure in order to ensure established connections to an organization : https://github.com/trustedsec/tap

A unique discrete-event network simulator : https://github.com/shadow/shadow

---

Exploitation Tools

A massive exploiting tool : https://github.com/Screetsec/TheFatRat A method to check egress filtering and identify if ports are allowed. If they are, you can automatically spawn a shell : https://github.com/trustedsec/egressbuster A collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell : https://github.com/Screetsec/BruteSploit Fast and easy create backdoor office exploitation using module metasploit packet , Microsoft Office , Open Office , Macro attack , Buffer Overflow : https://github.com/Screetsec/Microsploit Python backdoor framework : https://github.com/Hadi999/NXcrypt Python script to inject existing Android applications with a Meterpreter payload : https://github.com/sensepost/kwetza A framework for identifying and launching exploits against internal network hosts : https://github.com/mandatoryprogrammer/sonar.js Pentest tool against Windows Environnement : https://github.com/nccgroup/redsnarf

---

Recon Tools

An RTSP stream access tool that comes with its library : https://github.com/EtixLabs/cameradar A tool for recon, mapping and OSINT gathering from public networks : https://github.com/evilsocket/xray A script for advanced discovery of Privileged Accounts - includes Shadow Admins : https://github.com/cyberark/ACLight

---

Network Attacks

Smart traffic sniffing : https://github.com/NytroRST/NetRipper Man-in-the-middle wireless access point inside a docker container : https://github.com/brannondorsey/mitm-router A BLE scanner for "smart" devices hacking : https://github.com/evilsocket/bleah iOS/macOS Remote Administration Tool https://github.com/neoneggplant/EggShell MITM WPA attacks : https://github.com/FluxionNetwork/fluxion Transparent SSL/TLS interception : https://github.com/droe/sslsplit

---

Website Attacks

An open source network stress tool : https://github.com/NewEraCracker/LOIC Automate getting Domain Admin using Empire : https://github.com/byt3bl33d3r/DeathStar

---

Forensics Tools

A network forensic analysis framework : https://github.com/USArmyResearchLab/Dshell

---

Multi Tools

Automate Pentest Tool : https://github.com/Yukinoshita47/Yuki-Chan-The-Auto-Pentest A mass audit toolkit which has wide range service discovery, brute force, SQL injection detection and running custom exploit capabilities : https://github.com/leviathan-framework/leviathan Multi function RAT (Remote Administration Tool) and post-exploitation tool mainly written in python : https://github.com/n1nj4sec/pupy A unified console with an anonymizer that will perform multiples stages of attacks : https://github.com/ruped24/killchain

[noptrix]

thanks @cegi for this list. we will work on this.

[cegi]

@noptrix No problem, you're top notch guys.

[mejimaru]

thank you bro @cegi