Hacking Tools Repository

Connect With Me

💰 You can help me by Donating

Table of Content

• Android
• Assembly Language
• C Hacking Tools
• Cryptography
• DDos
• Google Dorks
• Hacking Questions
• Malware
• Nmap
• OSINT
• OpenSSL
• Paylods
• Penetration Testing
• Python
• Random Tools
• Ransomeware
• Reverse Engineeering
• Ruby Hacking Tools
• Rust For Hacking
• SQL Injection
• Shodan
• Steganography
• Tor
• Virus
• Vulnerablities
• Worms
• XSS

Android Malware

• 2FA
• Adware
• Android Malicious Samples
• Android Malware
• Android Spy 277 Origin
• Android Trojan
• Android Malicious Games
• Android Legit Apps
• Anubis
• BreakBottlenect
• Comebot
• Dendroid
• L3MONBot
• Ahmyth Android Spy
• GhostPush
• Brazilizan Android Rat
• Candy Corn
• Crypto
• Descarga
• Fake Bankers
• Farseer
• Feabme
• Fraud Financial Apps
• Jssmsers
• Krep Banking Malware
• Malbus
• Mazar Bot
• Motion Detection
• Presistent Malware
• Rootnik Malware
• Rumms.april2016
• Simplocker
• Smack
• towel Root
• Trend Mirco Banking Malware
• TV Remote
• Unclassifed Apk Malware
• Xbot
• Zazdi Botnet

Assembly Language

• ASM Hacking Tools
• Basics of Assembly Language
• • About and History of Assembly Language
• • ARM vs x86-64 Instruction set
• • Von Neumann Architecture
• • Major Elements of Multi-core Computers
• • Computer Components Top-level View
• • Instruction Fetch and Execute Cycle
• • Program flow of control without and with interrupts
• • Bus Interconnection scheme

C Hacking Tools

• Heap Meomory Buffer Overflow Bug
• Port Binding Shellcode
• Socket Descriptor Reuse Shellcode in C
• User Reverse Connection Shellcode
• Attack Using Nonfunction Pointers
• Buffer Overflow Vulnerablities
• Chroot Shellcode
• Exploit
• Stack Overflow Vulnerablities

Cryptography

• Symmetric encryption

• 3DES - Symmetric-key block cipher (or Triple Data Encryption Algorithm (TDEA or Triple DEA), which applies the Data Encryption Standard (DES) cipher algorithm three times to each data block.

• AES - Symmetric-key block cipher algorithm and U.S. government standard for secure and classified data encryption and decryption (also known as Rijndael).

• Blowfish - Symmetric-key block cipher, designed in 1993 by Bruce Schneier. Notable features of the design include key-dependent S-boxes and a highly complex key schedule.

• Asymmetric encryption

• DH - A method of exchanging cryptographic keys securely over a public channel. Unlike RSA, the Diffie-Hellman Key Exchange is not encryption, and is only a way for two parties to agree on a shared secret value. Since the keys generated are completely pseudo-random, DH key exchanges can provide forward secrecy (https://en.wikipedia.org/wiki/Forward_secrecy).

• ECC - Public-key cryptosystems based on the algebraic structure of elliptic curves over finite fields.

• RSA - One of the first practical public-key cryptosystems and is widely used for secure data transmission. In RSA, this asymmetry is based on the practical difficulty of factoring the product of two large prime numbers, the factoring problem.

• Transform Encryption

• Transform Encryption (aka Proxy Re-Encryption) - Transform encryption uses three mathematically related keys: one to encrypt plaintext to a recipient, a second to decrypt the ciphertext, and a third to transform ciphertext encrypted to one recipient so it can be decrypted by a different recipient.

• Hash functions

• MD5 - Widely used hash function producing a 128-bit hash value. MD5 was initially designed to be used as a cryptographic hash function, but it has been found to suffer from extensive vulnerabilities. It can still be used as a checksum to verify data integrity, but only against unintentional corruption.

• SHA1 - Cryptographic hash function designed by the NSA. SHA-1 produces a 160-bit hash value known as a message digest. SHA-1 is no longer considered secure against well-funded opponents.

• SHA2 - Set of hash functions designed by the NSA. SHA-256 and SHA-512 are novel hash functions computed with 32-bit and 64-bit words, respectively. They use different shift amounts and additive constants, but their structures are otherwise virtually identical, differing only in the number of rounds.

• SHA3 - Cryptographic hash function that produces a fixed-size output, typically 224, 256, 384, or 512 bits, from variable-size input data. It is part of the SHA-3 family of cryptographic algorithms designed to resist attacks from quantum computers and offers security properties such as pre-image resistance, second pre-image resistance, and collision resistance.

• Books

• A Graduate Course in Applied Cryptography - The book covers many constructions for different tasks in cryptography.

• An Introduction to Mathematical Cryptography - Introduction to modern cryptography.

• Applied Cryptography: Protocols, Algorithms and Source Code in C - This cryptography classic provides you with a comprehensive survey of modern cryptography.

• Crypto101 - Crypto 101 is an introductory course on cryptography.

• Cryptography Engineering - Learn to build cryptographic protocols that work in the real world.

• Handbook of Applied Cryptography - This book is intended as a reference for professional cryptographers.

• Introduction to Modern Cryptography - Introductory-level treatment of cryptography written from a modern, computer science perspective.

• OpenSSL Cookbook - The book about OpenSSL.

• Practical Cryptography for Developers - Developer-friendly book on modern cryptography (hashes, MAC codes, symmetric and asymmetric ciphers, key exchange, elliptic curves, digital signatures) with lots of code examples.

• Real World Cryptography - This book teaches you applied cryptographic techniques to understand and apply security at every level of your systems and applications.

• Security Engineering - There is an extraordinary textbook written by Ross Anderson, professor of computer security at University of Cambridge.

• Serious Cryptography - A Practical Introduction to Modern Encryption by Jean-Philippe Aumasson.

• The Code Book - This book is a digest of the history of cryptography, covering both ancient times, and newer cryptography methods. There are exercises at the end and the solution of those was rewarded with $10.000.

• The Cryptoparty Handbook - This book provides a comprehensive guide to the various topics of the computer and internet security.

• Understanding Cryptography - Often overlooked, this book is a boon for beginners to the field. It contains plenty of exercises at the end of each chapter, aimed at reinforcing concepts and cementing ideas.

DDos Tools

• DB2AMP
• Heartbleed
• MDNS
• NETBIOS
• NTP
• OVH
• SENTINEL
• SNMP
• SSDP
• SYN
• TS3
• UDP
• XMLRPC
• ACK
• ARME
• CHARGEN
• DNS
• DOMINATE
• DRDOS
• TELNET
• SUDP
• STD
• STCP
• SSYN

Malware Analysis

• Malware Corpora

Malware samples collected for analysis.

• Clean MX - Realtime database of malware and malicious domains.

• Contagio - A collection of recent malware samples and analyses.

• Exploit Database - Exploit and shellcode samples.

• Infosec - CERT-PA - Malware samples collection and analysis.

• InQuest Labs - Evergrowing searchable corpus of malicious Microsoft documents.

• Javascript Mallware Collection - Collection of almost 40.000 javascript malware samples

• Malpedia - A resource providing rapid identification and actionable context for malware investigations.

• Malshare - Large repository of malware actively scrapped from malicious sites.

• Ragpicker - Plugin based malware crawler with pre-analysis and reporting functionalities

• theZoo - Live malware samples for analysts.

• Tracker h3x - Agregator for malware corpus tracker and malicious download sites.

• vduddu malware repo - Collection of various malware files and source code.

• VirusBay - Community-Based malware repository and social network.

• ViruSign - Malware database that detected by many anti malware programs except ClamAV.

• VirusShare - Malware repository, registration required.

• VX Vault - Active collection of malware samples.

• Zeltser's Sources - A list of malware sample sources put together by Lenny Zeltser.

• Zeus Source Code - Source for the Zeus trojan leaked in 2011.

• VX Underground - Massive and growing collection of free malware samples.

• Other Resources

Threat intelligence and IOC resources.

• Autoshun (list) - Snort plugin and blocklist.

• Bambenek Consulting Feeds - OSINT feeds based on malicious DGA algorithms.

• Fidelis Barncat - Extensive malware config database (must request access).

• CI Army (list) - Network security blocklists.

• Critical Stack- Free Intel Market - Free intel aggregator with deduplication featuring 90+ feeds and over 1.2M indicators.

• Cybercrime tracker - Multiple botnet active tracker.

• FireEye IOCs - Indicators of Compromise shared publicly by FireEye.

• FireHOL IP Lists - Analytics for 350+ IP lists with a focus on attacks, malware and abuse. Evolution, Changes History, Country Maps, Age of IPs listed, Retention Policy, Overlaps.

• HoneyDB - Community driven honeypot sensor data collection and aggregation.

• hpfeeds - Honeypot feed protocol.

• Infosec - CERT-PA lists (IPs - Domains - URLs) - Blocklist service.

• InQuest REPdb - Continuous aggregation of IOCs from a variety of open reputation sources.

• InQuest IOCdb - Continuous aggregation of IOCs from a variety of blogs, Github repos, and Twitter.

• Internet Storm Center (DShield) - Diary and searchable incident database, with a web API. (unofficial Python library).

• malc0de - Searchable incident database.

• Malware Domain List - Search and share malicious URLs.

• MetaDefender Threat Intelligence Feed - List of the most looked up file hashes from MetaDefender Cloud.

• OpenIOC - Framework for sharing threat intelligence.

• Proofpoint Threat Intelligence - Rulesets and more. (Formerly Emerging Threats.)

• Ransomware overview - A list of ransomware overview with details, detection and prevention.

• STIX - Structured Threat Information eXpression - Standardized language to represent and share cyber threat information. Related efforts from MITRE:

  • CAPEC - Common Attack Pattern Enumeration and Classification
  • CybOX - Cyber Observables eXpression
  • MAEC - Malware Attribute Enumeration and Characterization
  • TAXII - Trusted Automated eXchange of Indicator Information

• SystemLookup - SystemLookup hosts a collection of lists that provide information on the components of legitimate and potentially unwanted programs.

• ThreatMiner - Data mining portal for threat intelligence, with search.

• threatRECON - Search for indicators, up to 1000 free per month.

• ThreatShare - C2 panel tracker

• Yara rules - Yara rules repository.

• YETI - Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository.

• ZeuS Tracker - ZeuS blocklists.

• Documents and Shellcode

Analyze malicious JS and shellcode from PDFs and Office documents. See also the browser malware section.

• AnalyzePDF - A tool for analyzing PDFs and attempting to determine whether they are malicious.

• box-js - A tool for studying JavaScript malware, featuring JScript/WScript support and ActiveX emulation.

• diStorm - Disassembler for analyzing malicious shellcode.

• InQuest Deep File Inspection - Upload common malware lures for Deep File Inspection and heuristical analysis.

• JS Beautifier - JavaScript unpacking and deobfuscation.

• libemu - Library and tools for x86 shellcode emulation.

• malpdfobj - Deconstruct malicious PDFs into a JSON representation.

• OfficeMalScanner - Scan for malicious traces in MS Office documents.

• olevba - A script for parsing OLE and OpenXML documents and extracting useful information.

• Origami PDF - A tool for analyzing malicious PDFs, and more.

• PDF Tools - pdfid, pdf-parser, and more from Didier Stevens.

• PDF X-Ray Lite - A PDF analysis tool, the backend-free version of PDF X-RAY.

• peepdf - Python tool for exploring possibly malicious PDFs.

• QuickSand - QuickSand is a compact C framework to analyze suspected malware documents to identify exploits in streams of different encodings and to locate and extract embedded executables.

• Spidermonkey Mozilla's JavaScript engine, for debugging malicious JS.

• Network

Analyze network interactions.

• Bro - Protocol analyzer that operates at incredible scale; both file and network protocols.

• BroYara - Use Yara rules from Bro.

• CapTipper - Malicious HTTP traffic explorer.

• chopshop - Protocol analysis and decoding framework.

• CloudShark - Web-based tool for packet analysis and malware traffic detection.

• FakeNet-NG - Next generation dynamic network analysis tool.

• Fiddler - Intercepting web proxy designed for "web debugging."

• Hale - Botnet C&C monitor.

• Haka - An open source security oriented language for describing protocols and applying security policies on (live) captured traffic.

• HTTPReplay - Library for parsing and reading out PCAP files, including TLS streams using TLS Master Secrets (used in Cuckoo Sandbox).

• INetSim - Network service emulation, useful when building a malware lab.

• Laika BOSS - Laika BOSS is a file-centric malware analysis and intrusion detection system.

• Malcolm - Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files) and Zeek logs.

• Malcom - Malware Communications Analyzer.

• Maltrail - A malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails and featuring an reporting and analysis interface.

• mitmproxy - Intercept network traffic on the fly.

• Moloch - IPv4 traffic capturing, indexing and database system.

• NetworkMiner - Network forensic analysis tool, with a free version.

• ngrep - Search through network traffic like grep.

• PcapViz - Network topology and traffic visualizer.

• Python ICAP Yara - An ICAP Server with yara scanner for URL or content.

• Squidmagic - squidmagic is a tool designed to analyze a web-based network traffic to detect central command and control (C&C) servers and malicious sites, using Squid proxy server and Spamhaus.

• Tcpdump - Collect network traffic.

• tcpick - Trach and reassemble TCP streams from network traffic.

• tcpxtract - Extract files from network traffic.

• Wireshark - The network traffic analysis tool.

• Memory Forensics

Tools for dissecting malware in memory images or running systems.

• BlackLight - Windows/MacOS forensics client supporting hiberfil, pagefile, raw memory analysis.

• DAMM - Differential Analysis of Malware in Memory, built on Volatility.

• evolve - Web interface for the Volatility Memory Forensics Framework.

• FindAES - Find AES encryption keys in memory.

• inVtero.net - High speed memory analysis framework developed in .NET supports all Windows x64, includes code integrity and write support.

• Muninn - A script to automate portions of analysis using Volatility, and create a readable report. Orochi - Orochi is an open source framework for collaborative forensic memory dump analysis.

• Rekall - Memory analysis framework, forked from Volatility in 2013.

• TotalRecall - Script based on Volatility for automating various malware analysis tasks.

• VolDiff - Run Volatility on memory images before and after malware execution, and report changes.

• Volatility - Advanced memory forensics framework.

• VolUtility - Web Interface for Volatility Memory Analysis framework.

• WDBGARK - WinDBG Anti-RootKit Extension.

• WinDbg - Live memory inspection and kernel debugging for Windows systems.

• Book List

• Intelligence Driven Incident Response

• Practical Malware Analysis

• Reversing: Secrets of Reverse Engineering

• Practical Reverse Engineering

• Malware Analyst Cookbook

• IDA Pro Book

• Art of Assembly

• The Art of Memory Forensics

• Windows Internals, Part 1 (6th Edition)

• Windows Internals, Part 2 (6th Edition)

• Windows Internals, Part 1 (7th Edition)

• Windows Internals, Part 2 (7th Edition)

• Hacking: The Art of Exploitation

• The Shellcoder's Handbook: Discovering and Exploiting Security Holes

• Rootkits: Subverting the Windows Kernel

• Rootkits and Bootkits

• The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage

• Rootkits: Subverting the Windows Kernel

• The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System

• Learning Malware Analysis

• Sandworm

• CheatSheets/Tables

• IDA Cheat Sheet

• Cheat Sheets

• File Signatures

• APT Groups and Operations

• Ransomware Overview

• Intel Assembler Code Table

• ARM Assembly Cheatsheet

• APTnotes

• PE 101

• PDF 101

• PDF Analysis

• Digital Forensics and Incident Response

• Decoders

• CyberChef

• KevtheHermit RAT Decoders

• Debuggers

• OllyDbg

• Immunity Debugger

• X64dbg

• Rvmi

• WinDBG

• Disassemblers

• IDA Pro

• Binary Ninja

• Radare2

• Cutter

• BinNavi

• Hopper

• medusa

• Disassembler.io

• Ghidra

• Static Analysis Tools

• PEiD

• McAfee FileInsight

• HashMyFiles

• CFF Explorer

• AnalyzePESig

• ByteHist

• Exeinfo

• Scylla

• MASTIFF

• PEframe

• PEscan

• PEstudio

• PE-Bear

• PE-sieve

• Flare-Floss

• PatchDiff2

• PE Insider

• Resource Hacker

• DarunGrim

• Mal Tindex

• Manalyze

• PDBlaster

• ImpFuzzy

• Florentino

• Viper

• Text/Hex Editor Tools

• Notepad++

• 010 Editor

• HxD

• BinText

• Hexinator

• Threat Intelligence

• ThreatMiner

• RiskIQ Community

• PasteBin

• Shodan

• Censys

• DNSdumpster

• URLHaus

• AlienVault OTX

• C2 Tracker

• MISP

• The Hive

• Yeti

• Using ATT&CK for CTI Training

• PasteScraper

OSINT

• Server & Network Tools

• Shodan

• Onyphe

• Censys

• Ivre

• BGPView

• DNSDumpster

• CertStream

• Exploit Observer

• Subdomain Center

• Malcore

• SearchCode

• Internet intelligence

• Criminal IP

• GreyNoise

• Arkham Intelligence

• WhatsMyName

• DeHashed

• WhiteIntel

• ManyPasswords

• DNS History

• Global Terrorism Catalogue

• Public Intelligence

• CINS Army

• Umbrella List

• Malware Bazaar

• War on the Rocks

• IntelligenceX

• Counter Extremism

• MITRE ATT&CK

• Exploit Alert

• Search & Intelligence Tools

• Google

• IntelX

• URLScan

• PublicWWW

• Searchcode

• Grep.app

• Onion Search Engine

• Archive.org

• Spyonweb

• Threat Intelligence Tools

• BinaryEdge

• FOFA

• ZoomEye

• LeakIX

• GreyNoise

• Pulsedive

• ThreatCrowd

• ThreatMiner

• SOC Radar

• Vulnerability & Malware Tools

• Vulners

• VulDB

• CVE Mitre

• Hybrid Analysis

• MalShare

• Email & Communication Tools

• Hunter.io

• Have I Been Pwned

• PassiveTotal

• Wi-Fi & Network Mapping Tools

• WiGLE

• Attack Surface Management Tools

• Netlas

• FullHunt

• BinaryEdge

Penetration Testing

• Subdomain

• subDomainsBrute - A fast sub domain brute tool for pentesters

• ksubdomain - Subdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second

• Sublist3r - Fast subdomains enumeration tool for penetration testers

• OneForAll - OneForAll is a powerful subdomain integration tool

• LayerDomainFinder - a subdomains enumeration tool by Layer

• ct - Collect information tools about the target domain.

• Subfinder - Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.

• Probable_subdomains - Subdomains analysis and generation tool. Reveal the hidden!

  • domains - Generate subdomains and wordlists Online.

• MassDNS - High-performance DNS stub resolver targeting those who seek to resolve a massive amount of domain names in the order of millions or even billions.

• altdns - Altdns takes in words that could be present in subdomains under a domain (such as test, dev, staging) as well as takes in a list of subdomains that you know of.

• dnscan - Fast and lightweight dns bruteforcer with built-in wordlist and zone transfer checks.

• Google Hacking

• GHDB - Google Hack Database

• SearchDiggity - SearchDiggity 3.1 is the primary attack tool of the Google Hacking Diggity Project

• Katana - A Python Tool For google Hacking

• GooFuzz - GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).

• Pagodo - pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching .

• Google-Dorks - Useful Google Dorks for WebSecurity and Bug Bounty

• Github

• GitHacker - A Git source leak exploit tool that restores the entire Git repository, including data from stash, for white-box auditing and analysis of developers' mind.

• GitGraber - gitGraber is a tool developed in Python3 to monitor GitHub to search and find sensitive data in real time for different online services.

• GitMiner - Tool for advanced mining for content on Github.

• Gitrob - Reconnaissance tool for GitHub organizations.

• GitGot Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

• GitDump - A pentesting tool that dumps the source code from .git even when the directory traversal is disabled

• Port Scan

• Nmap | Zenmap - Free and open source utility for network discovery and security auditing

• Masscan - TCP port scanner, spews SYN packets asynchronously

• Ports - Common service ports and exploitations

• Goby - Attack surface mapping

  • Gobyu-POC - The POC of Goby .

• Goscan - Interactive Network Scanner

• NimScan - Fast Port Scanner

• RustScan - The Modern Port Scanner

• TXPortMap - Port Scanner & Banner Identify From TianXiang

• Scaninfo - fast scan for redtools

• SX - Fast, modern, easy-to-use network scanner

• Yujianportscan A Fast Port Scanner GUI Tools Build by VB.NET + IOCP

• Naabu - A fast port scanner written in go with a focus on reliability and simplicity.

• Phishing

• gophish - Open-Source Phishing Toolkit

• AdvPhishing - This is Advance Phishing Tool ! OTP PHISHING

• SocialFish - Educational Phishing Tool & Information Collector

• Zphisher - An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !

• Nexphisher - Advanced Phishing tool for Linux & Termux

• Vulnerability Scanner

• Struts-Scan - Struts2 vulnerability detection and utilization tools

• Nikto - Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items

• W3af - Web application attack and audit framework, the open source web vulnerability scanner

• Openvas - The world's most advanced Open Source vulnerability scanner and manager

  • Openvas Docker

• Archery - Open Source Vulnerability Assessment and Management helps developers and pentesters to perform scans and manage vulnerabilities

• Taipan - Web application vulnerability scanner

• Arachni - Web Application Security Scanner Framework

• Nuclei - Fast and customizable vulnerability scanner based on simple YAML based DSL.

• Xray - A passive-vulnerability-scanner Tool.

• Super-Xray - Web Vulnerability Scanner XRAY GUI Starter

• SiteScan - AllinOne Website Information Gathering Tools for pentest.

• Banli - High-risk asset identification and high-risk vulnerability scanner.

• vscan - Open Source Vulnerability Scanner.

• Wapiti - Web vulnerability scanner written in Python3.

• Scaninfo - fast scan for redtools

• osv-scanner - Vulnerability scanner written in Go which uses the data provided by https://osv.dev

• Afrog - A Vulnerability Scanning Tools For Penetration Testing

• OpalOPC - A vulnerability and misconfiguration scanner for OPC UA applications

• CMS & Framwork Identification

• AngelSword - CMS vulnerability detection framework

• WhatWeb - Next generation web scanner

• Wappalyzer - Cross-platform utility that uncovers the technologies used on websites

• Whatruns - A free browser extension that helps you identify technologies used on any website at the click of a button (Just for chrome)

• WhatCMS - CMS Detection and Exploit Kit based on Whatcms.org API

• CMSeeK - CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs

• EHole - CMS Detection for RedTeam

• ObserverWard - Cross platform community web fingerprint identification tool

  • FingerprintHub - The Database of ObserverWard

• Yunsee - Online website for to find the CMS footprint

• Bugscaner - A simple online fingerprint identification system that supports hundreds of cms source code recognition

• WhatCMS online - CMS Detection and Exploit Kit website Whatcms.org

• TideFinger - Fingerprinter Tool from TideSec Team

• 360finger-p - Fingerprinter Tool from 360 Team

• Web Applications Proxies

• Burpsuite - Burpsuite is a graphical tool for testing Web application security

• ZAP One of the world’s most popular free security tools

• Mitmproxy - An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

• Broxy - An HTTP/HTTPS intercept proxy written in Go.

• Hetty - An HTTP toolkit for security research.

• Proxify - Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation, and replay on the go.

• Web Crawlers & Directory Brute Force

• Dirbrute - Multi-thread WEB directory blasting tool (with dics inside)

• Dirb - DIRB is a Web Content Scanner. It looks for existing (and/or hidden) Web Objects. It basically works by launching a dictionary based attack against a web server and analyzing the responses.

• ffuf - Fast web fuzzer written in Go.

• Dirbuster - DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers.

• Dirsearch - Web path scanner.

• Gobuster Directory/File, DNS and VHost busting tool written in Go.

• WebPathBrute - Web path Bruter.

• wfuzz - Web application fuzzer

• Dirmap - An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.

• YJdirscan - Yujian dirscan Gui Pro

• Docker Scanners

• Fuxi-Scanner - open source network security vulnerability scanner, it comes with multiple functions.

• Xunfeng - The patrol is a rapid emergency response and cruise scanning system for enterprise intranets.

• WebMap - Nmap Web Dashboard and Reporting.

• Pentest-Collaboration-Framework - Opensource, cross-platform and portable toolkit for automating routine processes when carrying out various works for testing!

• Password Attacks

• Hydra - Hydra is a parallelized login cracker which supports numerous protocols to attack

• Medusa - Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer

• Sparta - Network Infrastructure Penetration Testing Tool.

• Hashcat - World's fastest and most advanced password recovery utility

• Patator - Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.

• HackBrowserDat - Decrypt passwords/cookies/history/bookmarks from the browser

• John - John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs.

• crowbar - brute forcing tool that can be used during penetration tests. Supports OpenVPN, RDP (with NLA), ssh and VNC.

• Wordlists

• wordlists - Real-world infosec wordlists, updated regularly

• psudohash - Password list generator that focuses on keywords mutated by commonly used password creation patterns

• wister - A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regarding a specific target.

• Rockyou - wordlists packaging for Kali Linux.

• Weakpass - For any kind of bruteforce find wordlists.

• Wireless Tools

• Fern Wifi cracker - Fern-Wifi-Cracker is designed to be used in testing and discovering flaws in ones own network with the aim of fixing the flaws detected

• EAPHammer - EAPHammer is a toolkit for performing targeted evil twin attacks against WPA2-Enterprise networks.

• Wifite2 - Wifite is designed to use all known methods for retrieving the password of a wireless access point.

• JackIt - Implementation of Bastille's MouseJack exploit. Easy entry point through wireless keyboards and mices during redteam engagement.

• Cross-site Scripting (XSS)

• BeeF - The Browser Exploitation Framework Project

• BlueLotus_XSSReceiver - XSS Receiver platform without SQL

• XSStrike - Most advanced XSS scanner.

• xssor2 - XSS'OR - Hack with JavaScript.

• Xsser-Varbaek - From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras

• Xsser-Epsylon - Cross Site "Scripter" (aka XSSer) is an automatic framework to detect, exploit and report XSS vulnerabilities in web-based applications.

• Xenotix - An advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework

• PwnXSS - PwnXSS: Vulnerability (XSS) scanner exploit

• dalfox - DalFox is an powerful open source XSS scanning tool and parameter analyzer, utility

• ezXSS - ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

• Sql Injection

• Sqlmap - Automatic SQL injection and database takeover tool

• SSQLInjection - SSQLInjection is a SQL injection tool , support Access/MySQL/SQLServer/Oracle/PostgreSQL/DB2/SQLite/Informix Database.

• Jsql-injection - jSQL Injection is a Java application for automatic SQL database injection.

• NoSQLMap - Automated NoSQL database enumeration and web application exploitation tool.

• Sqlmate - A friend of SQLmap which will do what you always expected from SQLmap

• SQLiScanner - Automatic SQL injection with Charles and sqlmap api

• sql-injection-payload-list - SQL Injection Payload List

• Advanced-SQL-Injection-Cheatsheet - A cheat sheet that contains advanced queries for SQL Injection of all types.

• Exploit Framework

• POC-T - Pentest Over Concurrent Toolkit

• Pocsuite3 - pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

• Metasploit - The world’s most used penetration testing framework

• Venom - Shellcode generator/compiler/handler (metasploit)

• Empire - Empire is a PowerShell and Python post-exploitation agent

• Starkiller - Starkiller is a Frontend for PowerShell Empire.

• Koadic - Koadic C3 COM Command & Control - JScript RAT

• Viper - metasploit-framework UI manager Tools

• MSFvenom-gui - gui tool to create normal payload by msfvenom

• MYExploit - A GUI Tools for Scanning OA vulnerabilities

• ronin-exploits - A Ruby micro-framework for writing and running exploits and payloads.

• Sniffing & Spoofing

• WireShark - Wireshark is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems.

• Cain & abel - Cain & Abel is a password recovery tool for Microsoft Operating Systems.

• Responder - Responder is an LLMNR, NBT-NS and MDNS poisoner.

• bettercap - ARP, DNS, NDP and DHCPv6 spoofers for MITM attacks on IPv4 and IPv6 based networks

• EvilFOCA - Evil Foca is a tool for security pentesters and auditors whose purpose it is to test security in IPv4 and IPv6 data networks.

• Shell

• Goshell - Generate reverse shells in command line with Go !

• Print-My-Shell - Python script wrote to automate the process of generating various reverse shells.

• Reverse-shell-generator - Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)

• Girsh - Automatically spawn a reverse shell fully interactive for Linux or Windows victim

• Blueshell - Generate a reverse shells for RedTeam

• Clink - Powerful Bash-style command line editing for cmd.exe

• Natpass - A new RAT Tools, Support Web VNC and Webshell

• Platypus - A modern multiple reverse shell sessions manager written in go

• shells - Script for generating revshells

• Reverse_ssh - SSH based reverse shell

• Hoaxshell - A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.

• Listener

• Netcat - Netcat is a featured networking utility which reads and writes data across network connections, using the TCP/IP protocol.

• Rustcat - Rustcat(rcat) - The modern Port listener and Reverse shell.

• Rlwrap - A readline wrapper.

• Pwncat - Fancy reverse and bind shell handler.

• Powercat - netshell features all in version 2 powershell.

• Socat - Socat is a flexible, multi-purpose relay tool.

• Web Shell

• Chopper

  Tips: The tool comes from the network, no backdoor verification, please choose it on yourself......

Link: https://pan.baidu.com/s/1VnXkoQU-srSllG6JaY0nTA Password: v71d

• AntSword : Document - AntSword is a cross-platform website management toolkit

• CKnife - The cross platform webshell tool in java

  Tips: The tool comes from the network, no backdoor verification, please choose it on yourself......

Link: https://pan.baidu.com/s/1QZrnWU7DUuJhiXl7u1kELw Password: hjrh

• Behinder - dynamic binary encryption webshell management client

• Godzilla - a Java tool to encrypt network traffic

• Skyscorpion - Modified version of Behinder.

• PyShell - Multiplatform Python WebShell.

• Weevely3 - Weaponized web shell.

• Bantam - A PHP backdoor management and generation tool/C2 featuring end to end encrypted payload streaming designed to bypass WAF, IDS, SIEM systems.

• Awsome-Webshells - Collection of reverse shells.

• php-reverse-shell - Simple php reverse shell implemented using binary.

• Webshell_Generate - Generate kind of Webshells bypass AV

• Vulnerability application

• DVWA - Damn Vulnerable Web Application (DVWA)

• WebGoat - WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons

• DSVW - DSVW is a deliberately vulnerable web application written in under 100 lines of code, created for educational purposes

• DVWS - Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn real world web service vulnerabilities

• XVWA - XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security

• BWAPP - A buggy web application whit more than 100 vulnerabilities

• Sqli-lab - SQLI labs to test error based, Blind boolean based, Time based

• HackMe-SQL-Injection-Challenges - Hack your friend's online MMORPG game - specific focus, sql injection opportunities

• XSS-labs - Small set of scripts to practice exploit XSS and CSRF vulnerabilities

• SSRF-lab - Lab for exploring SSRF vulnerabilities

• SSRF_Vulnerable_Lab - This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack

• LFI-labs - Small set of PHP scripts to practice exploiting LFI, RFI and CMD injection vulns

• Commix-testbed - A collection of web pages, vulnerable to command injection flaws

• File-Upload-Lab - Damn Vulnerable File Upload V 1.1

• Upload-labs - A summary of all types of uploading vulnerabilities for you

• XXE-Lab - A XXE vulnerability Demo containing language versions such as PHP, Java, python, C#, etc

• Vulnerable-Flask-App - Erlik2 Vulnerable-Flask-App provided by anil-yelken.

• CTF challenges

• Vulnhub - VulnHub provides materials allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration

• TryHackMe - TryHackMe is a free online platform for learning cyber security, using hands-on exercises and labs, all through your browser!

• Hackthebox - Hack The Box is a massive, online cybersecurity training platform, allowing individuals, companies, universities and all kinds of organizations around the world to level up their hacking skills.

• Root Me - Root Me allows everyone to test and improve their knowledge in computer security and hacking.

• Pentestit - Penetration testing laboratories "Test lab" emulate an IT infrastructure of real companies and are created for a legal pen testing and improving penetration testing skills

• Pentesterlab - Learn Web Penetration Testing: The Right Way

• Cyberseclabs - At CyberSecLabs, we aim to provide secure, high-quality training services that allow information security students the opportunity to safely learn and practice penetration testing skills.

• Web Security Academy - Free, online web security training from the creators of Burp Suite

• Vulnmachines - A place to learn and improve penetration testing/ethical hacking skills for FREE