Open JoshuaFern opened 4 years ago
AkechiShiro
commented
2 years ago Could someone please add https://github.com/epi052/feroxbuster to the list here ?
It is a fuzzing tool written in Rust.
It is already packaged in NixOS 22.05 : https://search.nixos.org/packages?channel=unstable&show=feroxbuster&from=0&size=50&sort=relevance&type=packages&query=feroxbuster
I will also make a PR in AreWeHackersYet so that it gets added to the list.
fabaff
commented
2 years ago We have over 200 new tools which are not on the initial list.
From my point of view it doesn't make sense to start listing tools in retrospective.
I'm tracking the available tools at https://fabaff.github.io/nix-security-box/ and t try to keep the list up-to-date.
azahi
commented
2 years ago I've opened a PR #181336 for Iaito, a radare2 fronted. Requesting reviews.
AkechiShiro
commented
2 years ago Thanks @fabaff, could you please let me know how coild I help you in this list, it's missing feroxbuster I believe.
AkechiShiro
commented
2 years ago Also @azahi, could you see if packaging rizin2 could be close to the same as radare2?
azahi
commented
2 years ago Also @azahi, could you see if packaging rizin2 could be close to the same as radare2?
rizin (w/ Cutter) and radare2 (w/ Iaito) are very different in terms of dependencies and build systems both in the backend and frontend. I don't think it would be possible to somehow unify them.
unrooted
commented
2 years ago Hi, maybe someone will be interested in checking it out: https://github.com/redcode-labs/RedNixOS
bbjubjub2494
commented
2 years ago I have hostapd-mana ready for review #186986
devhell
commented
2 years ago Hi, I've just submitted asn in #187614, in case that's of interest to this collection.
Et7f3
commented
1 year ago Another tools for forensic https://github.com/Velocidex/velociraptor absent of nixpkgs
ca5ua1
commented
1 year ago Responder https://github.com/NixOS/nixpkgs/pull/241754#issuecomment-1721085687:
Samba authentification doesn't get captured while using git version works as it should be
AkechiShiro
commented
1 year ago I added BloodHound (legacy electron app) for AD assessment,
First Reference PR : #164043
I retook that one and fixed a few, stuff, got it merged : #242534
siraben
commented
1 year ago We probably should update the "Are we hackers yet?" to reflect the packaging progress over the last 3 years.
siraben
commented
1 year ago @JJJollyjim would you be willing to transfer ownership of arewehackersyet to Nix Community?
Arcayr
commented
1 year ago update: merged, thanks. :)
the burpsuite in nixpkgs is getting a bit long in the tooth - missing many browser security updates and some features. if anyone with commit privs can merge in https://github.com/NixOS/nixpkgs/pull/251397 i'd be grateful. it has a lot of comments but it's because i've been maintaining it in that pr since version 2023.7.2.
it has an approval from an existing committer, but wasn't merged.
D3vil0p3r
commented
10 months ago I tried to package beef-xss but my new experience on Nix does not allow me to fix some building errors that are caused by the Nix nature. If you are interested to contribute and able to fix it, I opened a ticket issue for it:
D3vil0p3r
commented
10 months ago In the initial post, in Exploitation section, the following packages can be checked because tools exist in Nix repo:
in Information Gathering:
in Passwords
in Web Applications
@JoshuaFern can you please set the related checkboxes as "checked" to keep the list in your first post updated?
i-am-logger
commented
9 months ago AkechiShiro
commented
9 months ago Hey all,
I've forked a new tracker based on the one made by @JJJollyjim, I updated it as best as I could but I could have missed some packages that are under different namespaces (such as python3Packages and so on).
Link to the new tracker : https://akechishiro.github.io/arewehackersyet/index.html
If anyone in the community would like to help make it better, feel free to help !
Feel free to open issues and PRs at : https://github.com/akechishiro/arewehackersyet
JoshuaFern
commented
9 months ago Hey all,
I've forked a new tracker based on the one made by @JJJollyjim, I updated it as best as I could but I could have missed some packages that are under different namespaces (such as python3Packages and so on).
Link to the new tracker : https://akechishiro.github.io/arewehackersyet/index.html
If anyone in the community would like to help make it better, feel free to help !
Feel free to open issues and PRs at : https://github.com/akechishiro/arewehackersyet
I replaced the link in OP with yours, thanks!
Tochiaha
commented
8 months ago 
JayRovacsek
commented
7 months ago Plaso and its dependencies don't seem to be in the above list, while being listed in https://github.com/AkechiShiro/arewehackersyet
I intend to create a new PR related to it; with efforts to date as per: https://github.com/NixOS/nixpkgs/pull/232046 (but more changes that resolve issues such as use of doCheck tracked in my personal configs + hydra: https://github.com/JayRovacsek/nix-config/blob/main/packages/python/plaso/default.nix / https://hydra.rovacsek.com/build/15435)
Are we happy to add it to this issue under forensics?
Edit; if okay to add to the issue; I'm happy to continue efforts or enable someone else to utilise what I'd created to date
AkechiShiro
commented
7 months ago I did upgrade the Kali Linux list tools lists and there were more tools than before, it might explains why both lists are not equivalent anymore @JayRovacsek.
D3vil0p3r
commented
7 months ago A good number of Kali tools is too old and not maintained anymore btw.
AkechiShiro
commented
7 months ago True that is totally correct, some sources also mentioned in the Kali Tools are very old or have 404 errors, I believe you've been trying to fix as best as possible packages or host GitHub repositories in order to at least have the source be stable ? Is that correct ? @D3vil0p3r
D3vil0p3r
commented
7 months ago Currently Im fixing Arch packages about pentesting. When I get good commitment in Nix repo, I will continue also here
emilytrau
commented
7 months ago What support would you require? I'm happy to review related PRs @D3vil0p3r
fabaff
commented
7 months ago Once in a while I go over the list in the first entry here to mark tools which are no longer maintained. There are quite a few now.
The Kali Tool set is their tool set and the one of BlackArch is their set. The same applies for the Fedora Security Lab, ArchStrike, Parrot and the others. All tool sets usually depend on the preferences of the contributors and are likely influenced by their area of expertise, work or need.
To allow newbies to follow a tutorial step-by-step to solve a machine from HTB could still require certain tools which are not available in Nixpkgs and others have. Sure, there are some bits and pieces I would like to have myself in Nixpkgs but this doesn't mean that we have to include all tools other have to provide a good pentesting or security assessment experience, IMHO.
D3vil0p3r
commented
7 months ago What support would you require? I'm happy to review related PRs @D3vil0p3r
Thank you very much. In the next days I will send you the pending PRs. My concern is mostly related to those pentesting tools that need to write in their installation folder (read only in nix store). Look for example setoolkit. It is in Nixpkgs but it cannot be used due to this. For this kind of tools (setoolkit, beef, and so on) we must find a strategy (container, patches, ...).
D3vil0p3r
commented
7 months ago Once in a while I go over the list in the first entry here to mark tools which are no longer maintained. There are quite a few now.
The Kali Tool set is their tool set and the one of BlackArch is their set. The same applies for the Fedora Security Lab, ArchStrike, Parrot and the others. All tool sets usually depend on the preferences of the contributors and are likely influenced by their area of expertise, work or need.
To allow newbies to follow a tutorial step-by-step to solve a machine from HTB could still require certain tools which are not available in Nixpkgs and others have. Sure, there are some bits and pieces I would like to have myself in Nixpkgs but this doesn't mean that we have to include all tools other have to provide a good pentesting or security assessment experience, IMHO.
What about those tools that are not maintained for 15 years but still working well?
D3vil0p3r
commented
7 months ago @emilytrau here PRs I opened time ago (and something today) about pentesting tools. I added also old pentesting tools that are still working: https://github.com/NixOS/nixpkgs/pull/306604 (MERGED) https://github.com/NixOS/nixpkgs/pull/306562 (MERGED) https://github.com/NixOS/nixpkgs/pull/290280 (draft) https://github.com/NixOS/nixpkgs/pull/289850 (draft) https://github.com/NixOS/nixpkgs/pull/289762 (MERGED) https://github.com/NixOS/nixpkgs/pull/289535 https://github.com/NixOS/nixpkgs/pull/289532 (MERGED) https://github.com/NixOS/nixpkgs/pull/289374 (MERGED) https://github.com/NixOS/nixpkgs/pull/288674 (MERGED) https://github.com/NixOS/nixpkgs/pull/288654 (MERGED) https://github.com/NixOS/nixpkgs/pull/288126 (draft) https://github.com/NixOS/nixpkgs/pull/288104 https://github.com/NixOS/nixpkgs/pull/287904 https://github.com/NixOS/nixpkgs/pull/287796 (MERGED) https://github.com/NixOS/nixpkgs/pull/278604 (MERGED) https://github.com/NixOS/nixpkgs/pull/278529 https://github.com/NixOS/nixpkgs/pull/278003 (no idea how to manage this)
shard77
commented
7 months ago What support would you require? I'm happy to review related PRs @D3vil0p3r
Thank you very much. In the next days I will send you the pending PRs. My concern is mostly related to those pentesting tools that need to write in their installation folder (read only in nix store). Look for example setoolkit. It is in Nixpkgs but it cannot be used due to this. For this kind of tools (setoolkit, beef, and so on) we must find a strategy (container, patches, ...).
Volatility3 also has this issue since it's trying to resolve/write/save symbols whenever you'll use it. Would be nice to find a workaround for those type of programs, a tool like Volatilty3 which is widely used in the forensics field needs to be able to function properly. If anyone has an idea about how this issue could be treated, I'd be happy to help for applying patches to already-existing packages.
fabaff
commented
7 months ago What about those tools that are not maintained for 15 years but still working well?
No objections to ship them.
tph5595
commented
5 months ago I would love to help with this effort. Where can I find where help is needed?
shard77
commented
5 months ago I would love to help with this effort. Where can I find where help is needed?
I think it would be a great idea to package some of those tools: https://ericzimmerman.github.io/#!index.md and https://github.com/Yamato-Security/hayabusa
fabaff
commented
5 months ago Where can I find where help is needed?
Some open tasks can be found in the collapsed section which hides a fair amount of comments.
litchipi
commented
5 months ago I wasn't able to use john to crack a yescrypt hash some days ago, apparently it has to rely on the system's libxcrypt integration in order to work.
I tried a bunch of manipulations and overrides, but wasn't able to make it work.
Any idea how we could improve the support ?
CherryKitten
commented
5 months ago I wasn't able to use
johnto crack ayescrypthash some days ago, apparently it has to rely on the system'slibxcryptintegration in order to work. I tried a bunch of manipulations and overrides, but wasn't able to make it work. Any idea how we could improve the support ?
I literally just submitted a PR two days ago to update john to a more recent rolling release, as the nixpkgs version is 5 years old
https://github.com/NixOS/nixpkgs/pull/318620
maybe try building from that PR branch and check if your problem is solved there?
Arcayr
commented
5 months ago just informing everyone that mitm6 is now orphaned, and burpsuite - while not orphaned - has only an inactive maintainer presently. feel free to pick up maintainership of either.
D3vil0p3r
commented
4 months ago @emilytrau can you review the following please? They are still open for long time: https://github.com/NixOS/nixpkgs/pull/278529 https://github.com/NixOS/nixpkgs/pull/287904 https://github.com/NixOS/nixpkgs/pull/288126 https://github.com/NixOS/nixpkgs/pull/289850 https://github.com/NixOS/nixpkgs/pull/290280
D3vil0p3r
commented
1 month ago Hello guys, in order to have more organized pentesting tools in NixOS, I created a module that installs tools based on the set security roles that fit your needs (i.e., Network Specialist, OSINT Specialist, Web Pentester, and so on). I created a PR for it. Can you give a look please? https://github.com/NixOS/nixpkgs/pull/345300
AkechiShiro
commented
2 weeks ago Hello all, as I haven't find much time to update and maintain the tracker, there is a new one made by @pyrox0
Here is the link : https://pyrox0.github.io/arewehackersyet/ Repo : https://github.com/pyrox0/arewehackersyet
Feel free to update the link, mentioned here as I will soon archive my project.
NixOS for Pentesting
This represents an effort to bring Security and Forensics software to NixOS, so that it can become a viable alternative to projects like Kali Linux and BlackArch.
Expect updates here to any progress we may be making. Contributions are welcome.
Exploitation
- [ ][armitage](https://repology.org/project/armitage/information)not maintained - [x][backdoor-factory](https://repology.org/project/backdoor-factory/information)not maintained - [ ] [beef-xss](https://repology.org/project/beef-browser-exploitation/information) - [x][cisco-auditing-tool](https://repology.org/project/cisco-auditing-tool/information)not maintained, no upstream source - [x][cisco-global-exploiter](https://repology.org/project/cisco-global-exploiter/information)not maintained, no upstream source - [x][cisco-ocs](https://repology.org/project/cisco-ocs/information)not maintained - [x] [cisco-torch](https://repology.org/project/cisco-torch/information) not maintained - [x] [commix](https://repology.org/project/commix/information) #177726 @fabaff - [x] [crackle](https://repology.org/project/crackle/information) @fortuneteller2k - [x] [exploitdb](https://repology.org/project/exploitdb/information) @applePrincess - [x][jboss-autopwn](https://repology.org/project/jboss-autopwn/information)not maintained - [x] [linux-exploit-suggester](https://repology.org/project/linux-exploit-suggester/information) #185034 @emilytrau - [ ] [maltego-teeth](https://repology.org/project/maltego-teeth/information) - [x] [metasploit](https://repology.org/project/metasploit/information) @fabaff - [x] [msfpc](https://repology.org/project/msfpc/information) - [x] [routersploit](https://repology.org/project/routersploit/information) #177860 @fabaff - [x] [set](https://repology.org/project/set/information) - [x][shellnoob](https://repology.org/project/shellnoob/information)not maintained - [x] [sqlmap](https://repology.org/project/sqlmap/information) @bennofs - [x] [thc-ipv6](https://repology.org/project/thc-ipv6/information) @ajs124 - [x] [yersinia](https://repology.org/project/yersinia/information)Forensics
- [ ] [autopsy](https://repology.org/project/autopsy/information) - [x] [binwalk-full](https://repology.org/project/python:binwalk-full/information) @k0ral - [x] [bulk-extractor](https://repology.org/project/bulk-extractor/information) - [x] [capstone](https://repology.org/project/capstone/information) @thoughtpolice @risicle - [ ] [cuckoo](https://repology.org/project/cuckoo/information) - [x] [dc3dd](https://repology.org/project/dc3dd/information) - [x] [ddrescue](https://repology.org/project/ddrescue/information) @fpletz @domenkozar - [x] [ddrescueview](https://repology.org/project/ddrescueview/information) @orivej - [ ] [dff](https://repology.org/project/dff/information) - [x] [distorm3](https://repology.org/project/distorm3/information) @fabaff - [x][dumpzilla](https://repology.org/project/dumpzilla/information)not maintained - [x] [ext4magic](https://repology.org/project/ext4magic/information) @rkoe - [x] [extundelete](https://repology.org/project/extundelete/information) @domenkozar - [x] [galleta](https://repology.org/project/galleta/information) - [x] [ghidra](https://repology.org/project/ghidra/information) @roblabla - [ ] [guymager](https://repology.org/project/guymager/information) - [x] [p0f](https://repology.org/project/p0f/information) @thoughtpolice - [x] [pdf-parser](https://repology.org/project/pdf-parser/information) @lightdiscord - [x][pdfid](https://repology.org/project/pdfid/information)not maintained - [x][pdgmail](https://repology.org/project/pdgmail/information)not maintained - [x][peepdf](https://repology.org/project/peepdf/information)not maintained - [x] [regripper](https://repology.org/project/regripper/information) - [x] [sleuthkit](https://repology.org/project/sleuthkit/information) @gfrascadorio @7c6f434c - [x] [volatility](https://repology.org/project/volatility/information) @bosu - [ ] [xplico](https://repology.org/project/xplico/information)Hardware
- [x] [apktool](https://repology.org/project/apktool/information) @offlinehacker - [x] [arduino](https://repology.org/project/arduino/information) @antono @auntieNeo @robberer @bjornfor @bergey - [x] [bytecode-viewer](https://repology.org/project/bytecode-viewer/information) - [x] [dex2jar](https://repology.org/project/dex2jar/information) @makefu - [x] [enjarify](https://repology.org/project/enjarify/information) @SuperSandro2000 - [ ] [sakis3g](https://repology.org/project/sakis3g/information) - [ ] [smali](https://repology.org/project/smali/information)Information Gathering
- [ ] [ace-voip](https://repology.org/project/ace-voip/information) - [x][amap](https://repology.org/project/amap-pentesting/information)not maintained - [x] [arp-scan](https://repology.org/project/arp-scan/information) @bjornfor @mikoim @r-burns - [x][automater](https://repology.org/project/tekdefense-automater/information)not maintained - [ ] [bing-ip2hosts](https://repology.org/project/bing-ip2hosts/information) - [x] [braa](https://repology.org/project/braa/information) - [x][cdpsnarf](https://repology.org/project/cdpsnarf/information)not maintained - [ ] [copy-router-config](https://repology.org/project/copy-router-config/information) - [x][dmitry](https://repology.org/project/dmitry/information)not maintained - [x][dnmap](https://repology.org/project/dnmap/information)not maintained - [x] [dnsenum](https://repology.org/project/dnsenum/information) @c0bw3b - [ ] [dnsmap](https://repology.org/project/dnsmap/information) - [x] [dnsrecon](https://repology.org/project/dnsrecon/information) @c0bw3b @fabaff - [ ] [dotdotpwn](https://repology.org/project/dotdotpwn/information) - [x] [enum4linux](https://repology.org/project/enum4linux/information) @fishi0x01 - [x] [eyewitness](https://repology.org/project/eyewitness/information) -> we have gowitness - [x] [faraday-cli](https://repology.org/project/faraday-cli/information) @fabaff - [x] [fierce](https://repology.org/project/fierce/information) @c0bw3b - [x] [firewalk](https://repology.org/project/firewalk/information) - [ ] [fragroute](https://repology.org/project/fragroute/information) - [ ] [fragrouter](https://repology.org/project/fragrouter/information) - [ ] [golismero](https://repology.org/project/golismero/information) - [ ] [goofile](https://repology.org/project/goofile/information) - [x] [hping](https://repology.org/project/hping/information) - [ ] [ident-user-enum](https://repology.org/project/ident-user-enum/information) - [ ] [lbd](https://repology.org/project/lbd/information) - [x] [masscan](https://repology.org/project/masscan/information) @rnhmjoj - [x][nbtscan-unixwiz](https://repology.org/project/nbtscan-unixwiz/information)not maintained - [x] [nmap](https://repology.org/project/nmap/information) @thoughtpolice @fpletz - [x] [ntopng](https://repology.org/project/ntopng/information) @bjornfor - [ ] [osrframework](https://repology.org/project/osrframework/information) - [ ] [recon-ng](https://repology.org/project/recon-ng/information) - [x] [smbmap](https://repology.org/project/smbmap/information) - [ ] [smtp-user-enum](https://repology.org/project/smtp-user-enum/information) - [x] [sn0int](https://repology.org/project/sn0int/information) @xrelkd - [x][sparta](https://repology.org/project/sparta/information)not maintained - [x][sslcaudit](https://repology.org/project/sslcaudit/information)not maintained - [x] [sslsplit](https://repology.org/project/sslsplit/information) @contrun - [x] [sslstrip](https://repology.org/project/sslstrip/information) #296863 @fabaff - [x] [sslyze](https://repology.org/project/sslyze/information) @veehaitch - [x][sublist3r](https://repology.org/project/sublist3r/information)not maintained - [x] [theharvester](https://repology.org/project/theharvester/information) @c0bw3b @treemo - [x] [testssl](https://repology.org/project/testssl/information) @etu - [x][twofi](https://repology.org/project/twofi/information)not maintained - [x][unicornscan](https://repology.org/project/unicornscan/information)not maintained - [ ] [urlcrazy](https://repology.org/project/urlcrazy/information) - [x] [wireshark](https://repology.org/project/wireshark/information) @bjornfor @fpletz - [ ] [wol-e](https://repology.org/project/wol-e/information)Maintaining Access
- [ ] [cryptcat](https://repology.org/project/cryptcat/information) - [ ] [cymothoa](https://repology.org/project/cymothoa/information) - [ ] [dbd](https://repology.org/project/dbd/information) - [ ] [dns2tcp](https://repology.org/project/dns2tcp/information) - [x] [httptunnel](https://repology.org/project/httptunnel/information) @k0ral - [x][intersect](https://repology.org/project/intersect/information)not maintained - [ ] [nishang](https://repology.org/project/nishang/information) - [ ] [polenum](https://repology.org/project/polenum/information) - [ ] [powersploit](https://repology.org/project/powersploit/information) - [x] [pwnat](https://repology.org/project/pwnat/information) @viric - [ ] [ridenum](https://repology.org/project/ridenum/information) - [ ] [sbd](https://repology.org/project/sbd-netcat/information) - [ ] [shellter](https://repology.org/project/shellter/information) - [ ] [u3-pwn](https://repology.org/project/u3-pwn/information) - [ ] [webshells](https://repology.org/project/webshells/information) - [ ] [weevely](https://repology.org/project/weevely/information) - [ ] [winexe](https://repology.org/project/winexe/information)Passwords
- [x] [brutespray](https://repology.org/project/brutespray/information) @ma27 - [x] [cewl](https://repology.org/project/cewl/information) @elohmeier - [x] [chntpw](https://repology.org/project/chntpw/information) @deepfire - [x] [cmospwd](https://repology.org/project/cmospwd/information) @t4ccer - [x] [creddump](https://repology.org/project/creddump/information) @fishi0x01 - [x] [crowbar](https://repology.org/project/crowbar/information) @Pamplemousse - [x] [crunch](https://repology.org/project/crunch/information) @lnl7 - [x][findmyhash](https://repology.org/project/findmyhash/information)not maintained - [x][gpp-decrypt](https://repology.org/project/gpp-decrypt/information)not maintained - [x] [hash-identifier](https://repology.org/project/hash-identifier/information) @ethancedwards8 - [x] [hashcat](https://repology.org/project/hashcat/information) @kierdavis @zimbatm - [x] [hashcat-utils](https://repology.org/project/hashcat-utils/information) @fadenb - [x] [hcxtools](https://repology.org/project/hcxtools/information) @dywedir - [x] [thc-hydra](https://repology.org/project/thc-hydra/information) @offlinehacker - [x] [john](https://repology.org/project/john/information) @offlinehacker @matthewbauer - [x] [johnny](https://repology.org/project/johnny/information) - [ ] [keimpx](https://repology.org/project/keimpx/information) - [ ] [maskprocessor](https://repology.org/project/maskprocessor/information) - [ ] [multiforcer](https://repology.org/project/multiforcer/information) - [x] [ncrack](https://repology.org/project/ncrack/information) @siraben - [ ] [oclgausscrack](https://repology.org/project/oclgausscrack/information) - [ ] [ophcrack](https://repology.org/project/ophcrack/information) - [ ] [pack](https://repology.org/project/pack/information) - [x] [patator](https://repology.org/project/python:patator/information) @y0no @SuperSandro2000 - [x] [phrasendrescher](https://repology.org/project/phrasendrescher/information) @bjornfor - [ ] [rainbowcrack](https://repology.org/project/rainbowcrack/information) - [ ] [rcracki-mt](https://repology.org/project/rcracki-mt/information) - [ ] [rsmangler](https://repology.org/project/rsmangler/information) - [x] [seclists](https://repology.org/project/seclists/information) - [ ] [sqldict](https://repology.org/project/sqldict/information) - [ ] [statsprocessor](https://repology.org/project/statsprocessor/information) - [ ] [thc-pptp-bruter](https://repology.org/project/thc-pptp-bruter/information) - [x] [truecrack](https://repology.org/project/truecrack/information) @ethancedwards8 - [ ][webscarab](https://repology.org/project/webscarab/information)not maintainedReporting
- [ ] [casefile](https://repology.org/project/casefile/information) - [x] [cherrytree](https://repology.org/project/cherrytree/information) - [x][cutycapt](https://repology.org/project/cutycapt/information)not maintained - [ ] [dradis](https://repology.org/project/dradis/information) - [ ] [magictree](https://repology.org/project/magictree/information) - [ ] [metagoofil](https://repology.org/project/metagoofil/information) - [x][nipper-ng](https://repology.org/project/nipper-ng/information))not maintained - [ ] [pipal](https://repology.org/project/pipal/information) - [x][rdpy](https://repology.org/project/python:rdpy/information)not maintainedSniffing & Spoofing
- [x] [bettercap](https://repology.org/project/bettercap/information) @y0no - [x] [dnschef](https://repology.org/project/dnschef/information) @gfrascadorio - [x] [dsniff](https://repology.org/project/dsniff/information) @symphorien - [x][fiked](https://repology.org/project/fiked/information)not maintained - [x][hamster-sidejack](https://repology.org/project/hamster-sidejack/information)not maintained - [x][hexinject](https://repology.org/project/hexinject/information)not maintained - [x][ismtp](https://repology.org/project/ismtp/information)not maintained - [x][isr-evilgrade](https://repology.org/project/isr-evilgrade/information)not maintained - [x] [mitmproxy](https://repology.org/project/mitmproxy/information) @fpletz @kamilchm - [x][ohrwurm](https://repology.org/project/ohrwurm/information)not maintained - [x][protos-sip](https://repology.org/project/protos-sip/information)not maintained - [x][rebind](https://repology.org/project/rebind/information)not maintained - [x] [responder](https://repology.org/project/responder/information) - [x] [rshijack](https://repology.org/project/rshijack/information) @xrelkd - [x][rtpbreak](https://repology.org/project/rtpbreak/information)not maintained - [x][rtpinsertsound](https://repology.org/project/rtpinsertsound/information)not maintained - [x][rtpmixsound](https://repology.org/project/rtpmixsound/information)not maintained - [x][sctpscan](https://repology.org/project/sctpscan/information)not maintained - [x][siparmyknife](https://repology.org/project/siparmyknife/information)not maintained - [x] [sipp](https://repology.org/project/sipp/information) - [x] [sipvicious](https://repology.org/project/sipvicious/information) @fabaff - [x] [sniffglue](https://repology.org/project/sniffglue/information) @xrelkd - [x][sniffjoke](https://repology.org/project/sniffjoke/information)not maintained - [x][voiphopper](https://repology.org/project/voiphopper/information)not maintained - [x][wifi-honey](https://repology.org/project/wifi-honey/information)not maintained - [x][xspy](https://repology.org/project/xspy/information)not maintainedStress Testing
- [x] [dhcpig](https://repology.org/project/dhcpig/information) @Tochiaha - [ ] [funkload](https://repology.org/project/funkload/information) - [ ] [iaxflood](https://repology.org/project/iaxflood/information) - [ ] [inundator](https://repology.org/project/inundator/information) - [ ] [inviteflood](https://repology.org/project/inviteflood/information) - [ ] [ipv6-toolkit](https://repology.org/project/ipv6-toolkit/information) - [x][mdk3](https://repology.org/project/mdk3/information)not maintained - [x] [reaverwps](https://repology.org/project/reaver-wps/information) @nico202 @volth - [x] [reaverwps-t6x](https://repology.org/project/reaver-t6x/information) @nico202 @volth - [x][rtpflood](https://repology.org/project/rtpflood/information)not maintained - [x] [slowhttptest](https://repology.org/project/slowhttptest/information) @fabaff - [ ] [t50](https://repology.org/project/t50/information) - [ ] [termineter](https://repology.org/project/termineter/information) - [ ] [thc-ssl-dos](https://repology.org/project/thc-ssl-dos/information)Vulnerability Analysis
- [x][bbqsql](https://repology.org/project/bbqsql/information)not maintained - [x][bed](https://repology.org/project/bed-bruteforce-exploit-detector/information)not maintained - [x] [doona](https://repology.org/project/doona/information) @Pamplemousse - [x][hexorbase](https://repology.org/project/hexorbase/information)not maintained, source no longer available - [ ] [jsql-injection](https://repology.org/project/jsql-injection/information) - [x] [lynis](https://repology.org/project/lynis/information) @ryneeverett - [ ] [openvas](https://repology.org/project/openvas/information) - [x][oscanner](https://repology.org/project/oscanner/information)not maintained - [x][powerfuzzer](https://repology.org/project/powerfuzzer/information)not maintained - [x][sfuzz](https://repology.org/project/sfuzz/information)source not available - [x][sidguesser](https://repology.org/project/sidguesser/information)source not available - [x][sqlninja](https://repology.org/project/sqlninja/information)not maintained - [x][sqlsus](https://repology.org/project/sqlsus/information)not maintained - [x][tnscmd10g](https://repology.org/project/tnscmd10g/information)not maintained - [x][unix-privesc-check](https://repology.org/project/unix-privesc-check/information)not maintained - [x] [vulnix](https://repology.org/project/vulnix/information) @ckauhausWeb Applications
- [x] [apache-users](https://repology.org/project/apache-users/information) - [x][arachni](https://repology.org/project/arachni/information)not maintained, superseded by Codename SCNR - [x][blindelephant](https://repology.org/project/blindelephant/information)not maintained, Python 2 - [x] [burpsuite](https://repology.org/project/burpsuite/information) @bennofs - [x] [davtest](https://repology.org/project/davtest/information) - [x][deblaze](https://repology.org/project/deblaze/information)not maintained - [x] [dirb](https://repology.org/project/dirb/information) @bennofs - [x][dirbuster](https://repology.org/project/dirbuster/information)not maintained - [x][fimap](https://repology.org/project/fimap/information)not maintained - [x] [gobuster](https://repology.org/project/gobuster/information) @Pamplemousse - [x][grabber](https://repology.org/project/grabber/information)not maintained - [x] [hurl](https://repology.org/project/hurl-http-requester/information) @eonpatapon - [x] [joomscan](https://repology.org/project/joomscan/information) - [x] [nikto](https://repology.org/project/nikto/information) @SCOTT-HAMILTON - [x] [padbuster](https://repology.org/project/padbuster/information) - [ ] [paros](https://repology.org/project/paros/information) - [x] [parsero](https://repology.org/project/parsero/information) - [x] [plecost](https://repology.org/project/plecost/information) - [x][skipfish](https://repology.org/project/skipfish/information)not maintained - [x][uniscan](https://repology.org/project/uniscan/information)not maintained - [x][w3af](https://repology.org/project/w3af/information)not maintained - [x][webshag](https://repology.org/project/webshag/information)not maintained - [x][webslayer](https://repology.org/project/webslayer/information)not maintained - [x] [websploit](https://repology.org/project/websploit/information) - [x] [wfuzz](https://repology.org/project/wfuzz/information) @Pamplemousse - [x] [whatweb](https://repology.org/project/whatweb/information) @WolfangAukang - [x] [wpscan](https://repology.org/project/wpscan/information) @nyanloutre @manveru - [x] [xsser](https://repology.org/project/xsser/information) - [x] [zap](https://repology.org/project/zaproxy/information) @mogormanWireless
- [x] [aircrack-ng](https://repology.org/project/aircrack-ng/information) - [x] [asleap](https://repology.org/project/asleap/information) @theHedgehog0 - [ ] [bluelog](https://repology.org/project/bluelog/information) - [ ] [bluepot](https://repology.org/project/bluepot/information) - [ ] [blueranger](https://repology.org/project/blueranger/information) - [ ] [bluesnarfer](https://repology.org/project/bluesnarfer/information) - [x] [bully](https://repology.org/project/bully/information) @edwtjo - [x] [cowpatty](https://repology.org/project/cowpatty/information) @nico202 @fabaff - [ ] [eapmd5pass](https://repology.org/project/eapmd5pass/information) - [ ] [fern-wifi-cracker](https://repology.org/project/fern-wifi-cracker/information) - [ ] [freeradius-wpe](https://github.com/brad-anton/freeradius-wpe) - [x][ghost-phisher](https://repology.org/project/ghost-phisher/information)not maintained - [ ][giskismet](https://repology.org/project/giskismet/information)not maintained - [x] [gqrx](https://repology.org/project/gqrx/information) @bjornfor - [x][gr-scan](https://repology.org/project/gr-scan/information)not maintained - [ ] [hostapd-wpe](https://github.com/OpenSecurityResearch/hostapd-wpe) - [x] [kalibrate-hackrf](https://repology.org/project/kalibrate-hackrf/information) @mogorman - [x] [kalibrate-rtl](https://repology.org/project/kalibrate-rtl/information) @bjornfor - [x] [killerbee](https://repology.org/project/killerbee/information) https://github.com/NixOS/nixpkgs/pull/282429 @fabaff - [x] [kismet](https://repology.org/project/kismet/information) - [x] [mfcuk](https://repology.org/project/mfcuk/information) @offlinehacker - [x] [mfoc](https://repology.org/project/mfoc/information) @offlinehacker - [x][mfterm](https://repology.org/project/mfterm/information)not maintained - [x] [multimon-ng](https://repology.org/project/multimon-ng/information) @markuskowa - [x] [pixiewps](https://repology.org/project/pixiewps/information) @nico202 - [x] [pyrit](https://repology.org/project/pyrit/information) @danielfullmer - [x] [redfang](https://repology.org/project/redfang/information) @fortuneteller2k - [x][rtlsdr-scanner](https://repology.org/project/rtlsdr-scanner/information)not maintained - [x][spooftooph](https://repology.org/project/spooftooph/information)not maintained - [ ] [wifiphisher](https://repology.org/project/wifiphisher/information) - [ ] [wifitap](https://repology.org/project/wifitap/information) - [x] [wifite2](https://repology.org/project/wifite2/information) @Lassulus @danielfullmerAlso see: Are We Hackers Yet?
Why?
We live in a digital age where high-tech network attacks are rampant, it's critical to regularly scan for vulnerabilities and undergo penetration testing at least once a year to ensure our security practices are working. The only real way to have solid defensive security is to approach it from the mindset of an offensive attacker.