Aircrack-ng |
|
Complete suite to assess WiFi network security (replay attacks, deauth, fakeap and packet injection etc) Cracking: WEP and WPA PSK (WPA 1 and 2) |
|
Androguard |
|
Full python tool to play with Android files DEX, ODEX and APK |
|
AperiSolve |
|
Online platform which performs layer analysis on images also uses zsteg, steghide, outguess, exiftool, binwalk, foremost and strings for deeper steganography analysis |
|
Apktool |
|
Reverse engineering Android apk files |
|
Apple Disk Copy |
|
7z x apple-disk-image.dmg |
|
ASCII <3 |
|
man ascii |
|
ASCII ANSI Table |
|
ASCII (American Standard Code for Information Interchange) is a 7-bit character set that contains characters from 0 to 127 |
|
Assetnote |
|
Wordlists that are up to date and effective against the most popular technologies on the internet |
|
Audacity |
|
Audio editor for Windows, Mac or Linux |
|
Autopsy |
|
Autopsy is the premier end-to-end open source digital forensics platform |
|
Beef |
|
The Browser Exploitation Framework Project |
|
Bettercap |
|
Framework to perform MITM (Man in the Middle) attacks |
|
Binary Ninja |
|
A New Type of Reversing Platform |
|
Binutils |
|
This is in most linux distributions default, but still it's important to know the tools. So check out the link! This is etc where strings, objdump is from. |
|
Binwalk |
|
Firmware (and arbitrary file) analysis tool |
|
Binwalk (Extract all) |
|
binwalk --dd='.*' <filename> |
|
Bitcoin explorer |
|
Bitcoin explorer - Block viewer, Transaction viewer, Universal search, Raw transaction interpreter, Raw block interpreter |
|
Boomerang |
|
Decompiler x86 (IA-32 only), PPC, ST20 files like ELF, PE, DOS MZ, DOS/4GW LE, Mach-O to high-level language output C |
|
Burp Suite CE |
|
Web application security testing, intercept, replay, inject |
|
Cardpeek |
|
Cardpeek is a Linux/Windows/Mac OS X tool to read the contents of ISO7816 smart cards. It features a GTK GUI to represent card data in a tree view, and is extendable with a scripting language (LUA) |
|
CFF Explorer |
|
Full support for PE32/64, process viewer, .NET, rebuilder, hex, import adder, signature scanner, signature manager, extension support, scripting, disassembler, dependency walker |
|
Cheat-engine |
|
Cheat Engine. A development environment focused on modding. Wont recommend it due to suspicious addsense usage but a good starting point for editing live memory space on windows. |
|
Check dns intercept |
|
dig +short which.opendns.com txt @208.67.220.220 |
|
Checksec.sh |
|
Checksec is a bash script to check the properties of executables (like PIE, RELRO, Canaries, ASLR, Fortify Source) |
|
CiLocks |
|
Crack Interface lockscreen, Metasploit and More Android/IOS Hacking |
|
Ciphers & Codes |
|
A page dedicated to simple text manipulation tools, which all can be replicated with just paper and pencil |
|
Ciphey |
|
Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes |
|
Clean email list |
|
sed 's/[ ]*$//' < emails.txt | tr 'A-Z' 'a-z' | sort | uniq > emails-scrubbed.txt |
|
Cmd5 |
|
Yet another site to decrypt hashes they also claim to brute force it within 5 days if it's not in their DB? |
|
CMSmap |
|
Python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs |
|
Commix |
|
Commix (short for [comm]and [i]njection e[x]ploiter) is an open source penetration testing tool |
|
CrackStation |
|
Crack known hashes LM, NTLM, md2, md4, md5, md5(md5_hex), md5-half, sha1, sha224, sha256, sha384, sha512, ripeMD160, whirlpool, MySQL 4.1+ |
|
Creddump |
|
Python tool to extract various credentials and secrets from
Windows registry hives |
|
Cross-Site Scripting |
|
Cross-Site Scripting (XSS) - Good cheat sheet over many options |
|
Crt.sh |
|
Certificate enumeration tool |
|
Cryptii |
|
Web app offering modular conversion, encoding and encryption online. Translations are done in the browser without any server interaction. Very handy CTF tool! |
|
CTFCrackTools |
|
China's first CTFTools framework (Use at your own risk hahah) |
|
Ctf_import |
|
Small library that allows you to run basic functions from stripped binaries cross platform |
|
CyberChef |
|
The best online tool for analysing and decoding data |
|
De4js |
|
JavaScript Deobfuscator and Unpacker |
|
Default-passwords 1 |
|
List of default passwords for many vendors. Always use multiple sites to gather default passwords. |
|
Default-passwords 2 |
|
Default Passwords cheatsheet by CIRT |
|
DefaultCreds |
|
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password |
|
Dex2jar |
|
Android decompiler dex and class files from apk |
|
Dirb |
|
DIRB is a Web Content Scanner. It looks for existing (and/or hidden) Web Objects |
|
Dirbuster |
|
DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers |
|
Dirsearch |
|
Web path scanner |
|
Dirstalk |
|
Dirstalk is a multi threaded application designed to brute force paths on web servers |
|
Dirtycow |
|
Dirty COW (CVE-2016-5195) is a privilege escalation vulnerability in the Linux Kernel (Old exploit) 2.6.22 and below |
|
DKScan |
|
Danish frequencies for all known services and bands. This might be outdated and also TXT document. You can refer to their site, this is just a backup. www.dkscan.dk |
|
Dllinjector |
|
Implement various DLL injection techniques
that work across multiple Windows versions |
|
Dns-black-cat |
|
Multi platform toolkit for an interactive DNS shell commands exfiltration |
|
DNSSec Analyzer |
|
Enter a domain name to be tested for dnssec virification |
|
Docker |
|
Docker Engine is the industry’s de facto container runtime that runs on various Linux (CentOS, Debian, Fedora, Oracle Linux, RHEL, SUSE, and Ubuntu) and Windows Server operating systems images |
|
Dsniff |
|
Dsniff is a collection of tools for network auditing and penetration testing |
|
DumpIt |
|
Windows Utility is used to generate a physical memory dump of Windows machines. It works with both x86 (32-bits) and x64 (64-bits) machines. |
|
Dumpzilla |
|
Dumpzilla application is developed in Python 3.x and has as purpose extract all forensic interesting information of Firefox, Iceweasel and Seamonkey browsers to be analyzed. |
|
Dvcs-ripper |
|
Rip web accessible (distributed) version control systems: SVN, GIT, Mercurial/hg, bzr etc. |
|
EML Header Analyzer |
|
E-Mail (EML) Header Analyzer can analyze e-mail header lines and print out the Received lines separately and clearly |
|
ETH-block-by-date |
|
Get Ethereum block number by a given date. Or blocks by a given period duration. Works well with Web3 node js. |
|
Etherblob-explorer |
|
Search and extract blob files on the Ethereum Blockchain network |
|
Ettercap |
|
Ettercap is a comprehensive suite for man in the middle attacks |
|
Exiftool |
|
reading, writing and editing meta information in a wide variety of files |
|
Exploit-db |
|
Exploit Database is a CVE compliant archive of public exploits and corresponding vulnerable software |
|
Extundelete |
|
Utility that can recover deleted files from an ext3 or ext4 partition |
|
FCC Freq Alloc |
|
FCC Online table of Frequency Allocations. This is a PDF. HAndy way to see whats allocated to what in the USA. Only gives an idea of the range not the direct frequency. |
|
Fcrackzip |
|
A braindead program for cracking encrypted ZIP archives |
|
Featherduster |
|
For breaking crypto; It tries to make the process of identifying and exploiting weak cryptosystems as easy as possible |
|
Ffmpeg |
|
A complete, cross-platform solution to analyse, record, convert and stream audio and video |
|
Ffuf |
|
Fast web fuzzer written in Go |
|
File |
|
Attempt to classify any file |
|
Files >500M <1G |
|
find / -type f -size +500M -size -1G |
|
FireEye Redline |
|
Redline, FireEye's premier free endpoint security tool, provides host investigative capabilities to users to find signs of malicious activity through physical raw memory dump and file analysis |
|
Foremost |
|
Finds stuff in binary files and recover it |
|
FTK Imager |
|
Obtaining forensic images of computer data, without making changes to the original evidence. Works with many file systems and virtual image types |
|
GDB |
|
GDB, the GNU Project debugger, allows you to see what is going on `inside' another program while it executes |
|
GEF |
|
GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineers |
|
GHDB |
|
Google Hacking Database (GHDB) is a compendium of Google hacking search terms that have been found to reveal sensitive data exposed by vulnerable servers and web applications |
|
Ghidra |
|
A software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate in support of the Cybersecurity mission |
|
GIMP |
|
The Free & Open Source Image Editor |
|
GNU Radio |
|
GNU Radio is a free & open-source software development toolkit that provides signal processing blocks to implement software radios. (HackRF, BladeRF, USRP, RTL-SDR) |
|
Go-ethereum |
|
Official Go implementation of the Ethereum protocol. Quick way to download block data via geth. |
|
Gobuster |
|
tool used to brute-force URIs, DNS, Virtual Host, Open Amazon S3 buckets |
|
Gobuster dir+session |
|
gobuster dir -u http://<ip_host> -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x php -c PHPSESSID=<session_value> |
|
Gps-sdr-sim |
|
Software-Defined GPS Signal Simulator |
|
Gqrx SDR |
|
Gqrx is an open source software defined radio receiver (SDR) Airspy, Funcube Dongles, rtl-sdr, HackRF and USRP devices |
|
Gqrx-scanner |
|
A frequency scanner for Gqrx Software Defined Radio receiver. Scan ranges, bookmarks, filter on tags as well. Very handy tool to remote control your gqrx software. |
|
Grep |
|
Print lines that match patterns |
|
Grep (PNG offset) |
|
grep -oba PNG <binary file> |
|
Grep ext <3 |
|
grep -r -i --include=\*.{php,cpp,txt} "search string" . |
|
Hackingtool |
|
ALL IN ONE Hacking Tool For Hackers (It's okay and works but i would use it just a yey an option for a tool) |
|
Hashcat |
|
World’s fastest and most advanced password recovery tool. CPU/GPU brute forcing |
|
Hashes.com |
|
Decrypt MD5, SHA1, MySQL, NTLM, SHA256, SHA512 hashes |
|
Hash_extender |
|
Hash length extension attack |
|
Haveibeenpwned |
|
Useful for breach enumeraton |
|
Hetty |
|
Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty community |
|
Hopper |
|
Hopper Disassembler, the reverse engineering tool that lets you disassemble, decompile and debug your applications |
|
Hunter.io |
|
Email enumeration tool |
|
HxD |
|
Fast hex editor which, additionally to raw disk editing and modifying of main memory (RAM), handles files of any size |
|
Hydra |
|
Parallelized login cracker which supports numerous protocols to attack |
|
IDA Pro |
|
A powerful disassembler and a versatile debugger |
|
ILSpy |
|
ILSpy is the open-source .NET assembly browser and decompiler |
|
Imagemagick |
|
Create, edit, compose, or convert digital image |
|
IPED |
|
Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence |
|
Ipleak |
|
Quick way to detect if your VPN is WebRTC or DNS leaking |
|
JD-GUI |
|
Standalone graphical utility that displays Java source codes of “.class” files. Java class files. |
|
John |
|
Enhanced, "jumbo" version of John the Ripper supports hundreds of hash and cipher types |
|
Jpexs |
|
Opensource flash SWF decompiler and editor. Extract resources, convert SWF to FLA |
|
Jsdetox |
|
Javascript malware analysis tool using static analysis / deobfuscation techniques |
|
Jsnice |
|
Online tool to make even obfuscated JavaScript code readable |
|
JStillery |
|
Advanced JS Deobfuscation via Partial Evaluation |
|
Kali Linux |
|
Open-source, Debian-based Linux distribution geared towards various information security tasks, such as Penetration Testing, Security Research, Computer Forensics and Reverse Engineering |
|
Kali Wordlists |
|
These are some of the included wordlists in Kali for easy access |
|
King-phisher |
|
Phishing Campaign Toolkit |
|
Kismet |
|
Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework |
|
Knock |
|
Simple python port knocking client |
|
Krakatau |
|
Java decompiler, assembler, and disassembler |
|
Last 30 changed files |
|
find /search/path -type f -printf '%TY-%Tm-%Td %TT %p\n'|sort|tail -n 30 |
|
LibNFC |
|
NFC tools that you need in order to read many known rfid cards |
|
LinEnum |
|
Best scripted local Linux enumeration & privilege escalation checks |
|
LINQPad |
|
LINQPad is not just for LINQ queries, but any C#/F#/VB expression, statement block or program |
|
Lynis |
|
Security tool for systems running Linux, macOS, or Unix-based system. Performs an extensive health scan of your systems to support system hardening and compliance testing |
|
MalConfScan |
|
Volatility plugin for extracts configuration data of known malware |
|
MalShare |
|
A free Malware repository providing researchers access to samples, malicious feeds, and Yara results |
|
Maltego CE |
|
Comprehensive tool for graphical link analyses (OSINT) that offers real-time data mining and information gathering, as well as the representation of this information on a node-based graph |
|
Malzilla |
|
Explore malicious webpages and view their code with Malzilla |
|
Masscan |
|
Internet-scale port scanner. It can scan the entire Internet in under 5 minutes, transmitting 10 million packets per second, from a single machine |
|
Mdadm |
|
mdadm is used to handle software raids on Linux. You can use this tool to create, build, assemble, rebuild, monitor any raid type on Linux. Dont forget the order of the disks is important when trying to assemble an already created raid array etc. |
|
Mdadm create |
|
mdadm --create /dev/md0 --level=5 --raid-devices=3 /dev/disk2 missing /dev/disk1 |
|
Mdadm loop |
|
losetup loop1 raid-disk1.img |
|
Metasploit |
|
World’s most used penetration testing framework |
|
Metasploit help |
|
Somewhat extensive metasploit cheat sheet |
|
Mfcuk |
|
MiFare Classic Universal toolKit (MFCUK) |
|
Mfoc |
|
Mifare Classic Offline Cracker |
|
Mitre - D3fend |
|
A knowledge graph of cybersecurity countermeasures |
|
Mitre - Groups |
|
Groups are mapped to publicly reported technique use and original references are included. The information provided does not represent all possible technique use by Groups. |
|
Mitre - Software |
|
Software is a generic term for custom or commercial code, operating system utilities, open-source software, or other tools used to conduct behavior modeled in attacks |
|
MP3Stego |
|
Hide information in MP3 files during the compression process |
|
Name-That-Hash |
|
Don't know what type of hash it is? Name That Hash will name that hash type! Identify MD5, SHA256 and 300+ other hashes |
|
Ncat |
|
Ncat is a feature-packed networking utility which reads and writes data across networks from the command line. Ncat was written for the Nmap Project |
|
Nessus Essentials |
|
Vulnerability assessment solution for security practitioners. Scan, detect, report, fix exploits, EOL, Risks etc. Utilizing over 65000 CVEs in it's scans. Free version allow 16 ip's to be scanned as much as you want every 90 days. |
|
Netcat |
|
netcat (often abbreviated to nc) is a computer networking utility for reading from and writing to network connections using TCP or UDP |
|
Netdiscover |
|
Great tool to discover assets on your network active/passive ARP reconnaissance tool |
|
NetworkMiner |
|
Network Forensic Analysis Tool (NFAT) for Windows (but also works in Linux / Mac OS X / FreeBSD) |
|
Nfc-list |
|
nfc-list is part of libnfc and is a basic tool to detect rfid/nfc |
|
Nikto |
|
Nikto is not designed as a stealthy tool. It will test a web server in the quickest time possible, and is obvious in log files or to an IPS/IDS. 6700 potentially dangerous files/programs + more |
|
Nipe |
|
Easy way to make Tor your default Gateway, don't forget DNS leaking is still a thing |
|
Nmap |
|
Network Mapper is a utility for network discovery and security auditing |
|
Nmap (Full scan/info) |
|
nmap -sC -sV -T4 -oA initial <ip or host> |
|
Nmap Cheatsheet |
|
Reference guide for scanning networks with Nmap |
|
One Time Pad |
|
Online tool for playing with one-time pad ciphers |
|
OneGadget |
|
The best tool for finding one gadget RCE in libc.so.6 |
|
Onlinehashcrack |
|
Cloud Password Recovery Services assisting cyber security experts. WPA / Office / iTunes / Archive / PDF / Password / Hashes |
|
Open conn per IP |
|
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n |
|
OpenSSL |
|
OpenSSL is a robust, commercial-grade, full-featured Open Source Toolkit for the Transport Layer Security (TLS) protocol |
|
OpenStego |
|
Free steganography solution, providing both watermarking and hiding |
|
OpenVAS Scanner |
|
OpenVAS is a vulnerability scanner that was developed in response to the commercialization of Nessus |
|
Ophcrack |
|
Free Windows password cracker based on rainbow tables |
|
OP_RETURN - PHP |
|
BTC (Bitcoin) - Simple PHP commands and library for using bitcoin OP_RETURNs. |
|
OP_RETURN - Py |
|
BTC (Bitcoin) - Simple Python commands and library for using bitcoin OP_RETURNs |
|
OSINT Framework |
|
The OSINT Framework is a collection of ways to gather information on specific topics |
|
Outguess |
|
Universal steganographic tool |
|
OWASP Cheat Sheets |
|
OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics |
|
Patchelf |
|
A small utility to modify the dynamic linker and RPATH of ELF executables |
|
PE Explorer |
|
Open, view and edit a variety of different 32-bit Windows executable file types |
|
PHP Obfuscator |
|
Ever needed to obfuscate your php code to either compress it or hide it etc. This is a good online site for that. |
|
PkCrack |
|
Breaking PkZip-encryption ciphers |
|
Pngcheck |
|
Verifies the integrity of PNG, JNG and MNG files, optionally dump almost all of the chunk-level information in human-readable form |
|
Postman |
|
Postman is an API platform for building, testing and using APIs |
|
Pupy |
|
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python |
|
Pwninit |
|
pwninit - automate starting binary exploit challenges. |
|
Pwntools |
|
CTF framework and exploit development library. Written in Python |
|
QEMU |
|
QEmu is a powerful generic and open source machine emulator and virtualizer. Can read raw images, img, iso, vmdk, vdi, vhdx, vpc, vm ware images and qcow + qcow2 + coop |
|
Qemu-img |
|
qemu-img allows you to create, convert and modify images offline. It can handle all image formats supported by QEMU. Raw images, img, iso, vmdk, vdi, vhdx, vpc, vm ware images and qcow + qcow2 + coop. |
|
Qira |
|
Competitor to strace and gdb |
|
Quick web server |
|
python -m SimpleHTTPServer |
|
Quipqiup |
|
An online tool for breaking substitution ciphers or vigenere ciphers (without key) |
|
Raccoon |
|
Offensive Security Tool for Reconnaissance and Information Gathering |
|
Radare2 |
|
A free/libre toolchain for easing several low level tasks like forensics, software reverse engineering, exploiting, debugging, ... |
|
Radio Spectrum |
|
The radio spectrum is the part of the electromagnetic spectrum with frequencies from 30 Hz to 300 GHz. (Wiki page/link) |
|
Rapidtables |
|
RapidTables contains quick reference information and tools from conversion tables to calculations to text, web, electronic conversion tables. Very useful |
|
Recon |
|
Small little RCON suite by me! |
|
Recon-cheatsheet |
|
A okay nice cheatsheet for doing recon, found on DEF CON - 9221 twitter now hosted locally for keepsake :) |
|
Recon-ct |
|
CTRECON - Certificate Transparency Reconnaissance |
|
Recon-ntoo |
|
NTOORECON - Number To Operator Reconnaissance |
|
Reconnoitre |
|
A reconnaissance tool made for the OSCP labs to automate information gathering and service enumeration whilst creating a directory structure to store results, findings and exploits used for each host |
|
Red-kube |
|
Red Kube is a collection of kubectl commands written to evaluate the security posture of Kubernetes clusters from the attacker's perspective |
|
Regex101 |
|
One of the best online regular expression test websites |
|
ReNgine |
|
reNgine is an automated reconnaissance framework for web applications it makes is easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless. |
|
ResourcesExtract |
|
Small utility that scans dll/ocx/exe files and extract all resources (bitmaps, icons, cursors, AVI movies, HTML files, and more...) |
|
Reverse Shell |
|
Payloads All The Things- Reverse Shell Cheatsheet |
|
Reverse Shell #2 |
|
d4t4s3c - Reverse Shell Cheat Sheet |
|
Robtex |
|
Robtex is used for various kinds of research of IP numbers, Domain names, etc |
|
Rootend |
|
A *nix Enumerator & Auto Privilege Escalation tool |
|
RsaCtfTool |
|
RSA multi attacks tool : uncipher data from weak public key and try to recover private key |
|
Rsatool |
|
Calculates RSA (p, q, n, d, e) and RSA-CRT (dP, dQ, qInv) parameters given either two primes (p, q) or modulus and private exponent (n, d) |
|
SDRSharp |
|
SDR software for Airspy and RTL-SDR dongles and HackRF/AirSpy/USRP! The best Windows SDR software out there |
|
Searchcode |
|
Find real life code examples |
|
Searchsploit |
|
Command line search tool for Exploit-DB that also allows you to take a copy of Exploit Database with you, everywhere you go |
|
Security-tools |
|
Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff |
|
See desktop via ssh |
|
xloadimage <(ssh USER@HOSTNAME DISPLAY=:0.0 import -window root png:-) |
|
Shell ruler func |
|
ruler() { for s in '....^....|' '1234567890'; do w=${#s}; str=$( for (( i=1; $i<=$(( ($COLUMNS + $w) / $w )) ; i=$i+1 )); do echo -n $s; done ); str=$( echo $str | cut -c -$COLUMNS) ; echo $str; done; } |
|
Shellbags |
|
Cross-platform, open-source shellbag parser of raw Windows Registry hive |
|
Sherlock |
|
Hunt down social media accounts by username and email across social networks |
|
Shodan |
|
Search Engine for the Internet of Everything. Very cool way to find services or hosts/devices of interest |
|
Sift-workstation |
|
Collection of free and open-source incident response and forensic tools designed to perform detailed digital forensic examinations in a variety of settings. It can match any current incident response and forensic tool suite |
|
SigDigger |
|
Qt-based digital signal analyzer, using Suscan core and Sigutils DSP library for hackrf and other sdr-rtl dongles |
|
SigintOS |
|
SigintOS as the name suggests, SIGINT is an improved Linux distribution for Signal Intelligence. (HackRF, BladeRF, USRP, RTL-SDR) |
|
Silenteye |
|
Cross-platform application design for an easy use of steganography, in this case hiding messages into pictures or sounds (JPEG, BMP, WAVE) |
|
Skipfish |
|
Web application security scanner created by lcamtuf for google |
|
Skullsecurity |
|
Password dictionaries and Leaked passwords |
|
SmartDeblur |
|
Tool for restoring defocused and blurred images |
|
Sniffit |
|
SniffIt is a Distribted Sniffer System, which allows users to capture network traffic from an unique machine using a graphical client application |
|
Snow |
|
Whitespace Steganography Tool |
|
Social-analyzer |
|
API, CLI & Web App for analysing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems) |
|
Spiderfoot |
|
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface. |
|
SQL Injections |
|
Somewhat good SQL injections cheatsheet |
|
Sqlmap |
|
Open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws |
|
Srihash |
|
Generate SRI hashes for your script tags. Protect your web sites |
|
Steganabara |
|
Steganabara is a tool for stegano analysis (steganalysis). Steganabara has now matured and is very effective on visual steganos |
|
Stegbreak |
|
Launches brute-force dictionary attacks on JPG image |
|
Stegdetect |
|
Stegdetect is an automated tool for detecting steganographic content in images |
|
Stegextract |
|
Bash script to extract hidden files and strings from images |
|
Steghide |
|
A steganography program that is able to hide data in various kinds of image- and audio-files (JPEG, BMP, WAV and AU files) |
|
Stego-toolkit |
|
Collection of steganography tools - helps with CTF challenges |
|
Stegseek |
|
Lightning fast steghide cracker that can be used to extract hidden data from files |
|
Strace |
|
strace is a diagnostic, debugging and instructional userspace utility for Linux |
|
Strings |
|
Easy way to find sequences of printable characters in files |
|
Sublist3r |
|
Python tool designed to enumerate subdomains of websites using OSINT |
|
Tcpdump |
|
Powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture |
|
Text Converter |
|
Text Converter converts text to other encodings or other formats. Supported formats include Base64, Quoted-Printable, URL encoding, HTML encoding, various types of text conversion and formatting, as well as hash calculations |
|
TheHarvester |
|
Tool designed to be used in the early stages of penetration test or red team engagement. Use it for open source intelligence (OSINT) gathering (email/asn/dns/users/poeple/services) |
|
Thor |
|
SSH login brute force cracker |
|
Tor Browser |
|
Protect yourself against tracking, surveillance, and censorship. Always have the Tor browser installed, it's just a must :) |
|
TrID |
|
Utility designed to identify file types from their binary signatures |
|
Truecrack |
|
TrueCrack is a brute-force password cracker for TrueCrypt (Copyrigth) volumes (GPU support) |
|
Tshark |
|
World’s foremost and widely-used network protocol analyzer Wireshark (command-line) |
|
Uncompyle2 |
|
A Python 2.7 byte-code decompiler, written in Python 2.7 |
|
Undocker |
|
Go library and command line tool for decomposing docker images. |
|
Unfurl |
|
Unfurl takes a URL and expands ("unfurls") it into a directed graph, extracting every bit of information from the URL and exposing the obscured |
|
Unicode Table |
|
Unicode, formally the Unicode Standard, is an information technology standard for the consistent encoding, representation, and handling of text expressed in most of the world's writing systems |
|
Unshadow |
|
Tool combines the passwd and shadow files so John can use them |
|
UPX |
|
UPX - the Ultimate Packer for eXecutables |
|
URH |
|
Universal Radio Hacker (URH) is a complete suite for wireless protocol investigation with native support for many common Software Defined Radios |
|
URLsniffer |
|
Simple URL sniffer using Python and Scapy |
|
Usbrip |
|
Simple forensics tool with command line interface that lets you keep track of USB device artifacts |
|
V0lt |
|
(outdated) Security CTF, Python style. Making CFT scripting easy in python |
|
Vbox-img |
|
vbox-img allows you to create, convert and modify images offline. It can handle all image formats supported by QEMU. Raw images, img, iso, vmdk, vdi, vhdx, vpc, vm ware images and qcow + qcow2 + coop. |
|
Vigenere |
|
online tool breaks Vigenere ciphers without knowing the key |
|
VIM Cheatsheet |
|
Very nice and cool vIM cheatsheet :) |
|
VIM Cheatsheet 2 |
|
Just another vIM cheatsheet, this one is easier to read on your eyes :) |
|
VirtualBox |
|
VirtualBox is a powerful x86 and AMD64/Intel64 virtualization product for enterprise as well as home use. Can read raw images, img, iso, vmdk, vdi, vhdx, vpc, vm ware images and qemu qcow - qcow2 |
|
VirusTotal |
|
Analyze suspicious files and URLs to detect types of malware, automatically share them with the security community |
|
Volatility |
|
Volatility Framework (python2) - Volatile raw physical memory dump and sample extraction utility framework for volatile storage (RAM) |
|
Volatility3 |
|
Volatility3 (python3) is the world's most widely used framework for extracting digital artifacts from volatile raw physical memory (RAM) dump and samples. The extraction techniques are performed completely independent of the system being investigated |
|
VS Code |
|
This is properly one of the most advanced editors out there today with great OS support and customization |
|
W3af |
|
Web application security scanner which helps developers and penetration testers identify and exploit vulnerabilities in their web applications |
|
W3m <3 |
|
apt install w3m w3m-img w3m-el |
|
Walletexplorer |
|
Bitcoin block explorer with address grouping and wallet labeling |
|
Web3.js |
|
Ethereum JavaScript API. |
|
Web3.py |
|
A python interface for interacting with the Ethereum blockchain and ecosystem. Based on Web3.js |
|
Wfuzz |
|
Wfuzz has been created to facilitate the task in web applications assessments and it is based on a simple concept: it replaces any reference to the FUZZ keyword by the value of a given payload |
|
WhatWeb |
|
Next generation web scanner. WhatWeb recognises web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices |
|
WiFi Airodump |
|
airmon-ng check kill && airodump-ng --band abg --gpsd --manufacturer --uptime --wps --write scan-`date +%s` wlan0 |
|
Wifiphisher |
|
Wifiphisher is a rogue Access Point framework for conducting red team engagements or Wi-Fi security testing |
|
WinDbg |
|
The Windows Debugger (WinDbg) can be used to debug kernel-mode and user-mode code, analyze crash dumps, and examine the CPU registers while the code executes |
|
Wireshark |
|
World’s foremost and widely-used network protocol analyzer |
|
Wireshark filter #1 |
|
frame contains "search for anything" |
|
Wireshark filter #2 |
|
smb || nbns || dcerpc || nbss || dns |
|
Wireshark filter #3 |
|
http.request or ssl.handshake.type == 1 |
|
Wireshark Filters |
|
Wireshark cheatsheet on display filters - part 1 |
|
WL Compendium |
|
WordList-Compendium - Personal compilation of wordlists & dictionaries for everything. Users, passwords, directories, files, vulnerabilities, fuzzing, injections, wordlists of tools, etc. |
|
Wordpress brute #1 |
|
hydra -V -l <wordlist> -p 123 <ip_host> http-post-form '/wp-login.php:log=^USER^&pwd=^PASS^&wp-submit=Log+In:F=Invalid Username' |
|
Wpscan |
|
WordPress security scanner. Written for security professionals and blog maintainers to test the security of their Wordpress |
|
Xocopy |
|
xocopy is a program that can copy executables with execute, but no read permission. It has been tested on FreeBSD and Linux kernels 2.[246].x |
|
Xor-files |
|
xor-files -r broken-disk3.img raid-disk1.img raid-disk2.img |
|
XorFiles |
|
Raid 5 - restore disks from other raid disks via XOR operation. Note this is just a simple xor between two files. |
|
Xortool |
|
XOR analysis, guess the key length or key |
|
XSSer |
|
Cross Site Scripter (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications |
|
Xxxswf |
|
Python script for carving, scanning, compressing, decompressing and analyzing Flash SWF files. The script can be used on an individual SWF, single SWF or multiple SWFs embedded in a file stream. |
|
Yersinia |
|
Attack various protocols on layer 2 |
|
Zmap |
|
An open-source network scanner |
|
Zsteg |
|
Detect stegano-hidden data in PNG & BMP |
|