Pentesters arsenal tools

   Sandcat Browser – a penetration-oriented browser with plenty of advanced functionality already built in.
   Metasploit – tool and framework for pentesting system, web and many more, contains a lot a ready to use exploit.
   Burp Suite – tool for testing web app security, intercepting proxy to replay, inject, scan and fuzz.
   OWASP Zed Attack Proxy – intercepting proxy to replay, inject, scan and fuzz HTTP requests.
   w3af – is a Web Application Attack and Audit Framework.
   mitmproxy – an interactive TLS-capable intercepting HTTP proxy for penetration testers.
   Nikto2 – web server scanner which performs comprehensive tests against web servers for multiple items.
   sqlmap – tool that automates the process of detecting and exploiting SQL injection flaws.
   Recon-ng – is a full-featured Web Reconnaissance framework written in Python.
   AutoRecon – is a network reconnaissance tool which performs automated enumeration of services.
   Faraday – an Integrated Multiuser Pentest Environment.
   Photon – incredibly fast crawler designed for OSINT.
   XSStrike – most advanced XSS detection suite.
   Sn1per – automated pentest framework for offensive security experts.
   vuls – is an agent-less vulnerability scanner for Linux, FreeBSD, and other.
   tsunami – is a general purpose network security scanner with an extensible plugin system.
   aquatone – a tool for domain flyovers.
   BillCipher – information gathering tool for a website or IP address.
   WhatWaf – detect and bypass web application firewalls and protection systems.
   Corsy – CORS misconfiguration scanner.
   Raccoon – is a high performance offensive security tool for reconnaissance and vulnerability scanning.
   dirhunt – find web directories without bruteforce.
   John The Ripper – is a fast password cracker, currently available for many flavors of Unix, Windows, and other.
   hashcat – world’s fastest and most advanced password recovery utility.
   p0f – is a tool to identify the players behind any incidental TCP/IP communications.
   ssh_scan – a prototype SSH configuration and policy scanner.
   LeakLooker – find open databases – powered by Binaryedge.io
   exploitdb – searchable archive from The Exploit Database.
   getsploit – is a command line utility for searching and downloading exploits.
   ctf-tools – some setup scripts for security research tools.
   pwntools – CTF framework and exploit development library.
   security-tools – collection of small security tools created mostly in Python. CTFs, pentests and so on.
   pentestpackage – is a package of Pentest scripts.
   python-pentest-tools – python tools for penetration testers.
   fuzzdb – dictionary of attack patterns and primitives for black-box application fault injection.
   AFL – is a free software fuzzer maintained by Google.
   AFL++ – is AFL with community patches.
   syzkaller – is an unsupervised, coverage-guided kernel fuzzer.
   pwndbg – exploit development and reverse engineering with GDB made easy.
   GDB PEDA – Python Exploit Development Assistance for GDB.
   IDA – multi-processor disassembler and debugger useful for reverse engineering malware.
   radare2 – framework for reverse-engineering and analyzing binaries.
   routersploit – exploitation framework for embedded devices.
   Ghidra – is a software reverse engineering (SRE) framework.
   Vulnreport – open-source pentesting management and automation platform by Salesforce Product Security.
   Mentalist – is a graphical tool for custom wordlist generation.
   archerysec – vulnerability assessment and management helps to perform scans and manage vulnerabilities.
   Osmedeus – fully automated offensive security tool for reconnaissance and vulnerability scanning.
   beef – the browser exploitation framework project.
   AutoSploit – automated mass exploiter.
   SUDO_KILLER – is a tool to identify and exploit sudo rules’ misconfigurations and vulnerabilities.
   yara – the pattern matching swiss knife.
   mimikatz – a little tool to play with Windows security.
   sherlock – hunt down social media accounts by username across social networks.
   OWASP Threat Dragon – is a tool used to create threat model diagrams and to record possible threats.

 Pentests bookmarks collection

   PTES – the penetration testing execution standard.
   Pentests MindMap – amazing mind map with vulnerable apps and systems.
   WebApps Security Tests MindMap – incredible mind map for WebApps security tests.
   Brute XSS – master the art of Cross Site Scripting.
   XSS cheat sheet – contains many vectors that can help you bypass WAFs and filters.
   Offensive Security Bookmarks – security bookmarks collection, all things that author need to pass OSCP.
   Awesome Pentest Cheat Sheets – collection of the cheat sheets useful for pentesting.
   Awesome Hacking by HackWithGithub – awesome lists for hackers, pentesters and security researchers.
   Awesome Hacking by carpedm20 – a curated list of awesome hacking tutorials, tools and resources.
   Awesome Hacking Resources – collection of hacking/penetration testing resources to make you better.
   Awesome Pentest – collection of awesome penetration testing resources, tools and other shiny things.
   Awesome-Hacking-Tools – is a curated list of awesome Hacking Tools.
   Hacking Cheat Sheet – author hacking and pentesting notes.
   blackhat-arsenal-tools – official Black Hat arsenal security tools repository.
   Penetration Testing and WebApp Cheat Sheets – the complete list of Infosec related cheat sheets.
   Cyber Security Resources – includes thousands of cybersecurity-related references and resources.
   Pentest Bookmarks – there are a LOT of pentesting blogs.
   Cheatsheet-God – Penetration Testing Reference Bank – OSCP/PTP & PTX Cheatsheet.
   ThreatHunter-Playbook – to aid the development of techniques and hypothesis for hunting campaigns.
   Beginner-Network-Pentesting – notes for beginner network pentesting course.
   OSCPRepo – is a list of resources that author have been gathering in preparation for the OSCP.
   PayloadsAllTheThings – a list of useful payloads and bypass for Web Application Security and Pentest/CTF.
   payloads – git all the Payloads! A collection of web attack payloads.
   command-injection-payload-list – command injection payload list.
   Awesome Shodan Search Queries – great search queries to plug into Shodan.
   AwesomeXSS – is a collection of Awesome XSS resources.
   php-webshells – common php webshells.
   Pentesting Tools Cheat Sheet – a quick reference high level overview for typical penetration testing.
   OWASP Cheat Sheet Series – is a collection of high value information on specific application security topics.
   OWASP dependency-check – is an open source solution the OWASP Top 10 2013 entry.
   OWASP ProActive Controls – OWASP Top 10 Proactive Controls 2018.
   PENTESTING-BIBLE – hacking & penetration testing & red team & cyber security resources.
   pentest-wiki – is a free online security knowledge library for pentesters/researchers.
   DEF CON Media Server – great stuff from DEFCON.
   Awesome Malware Analysis – a curated list of awesome malware analysis tools and resources.
   SQL Injection Cheat Sheet – detailed technical stuff about the many different variants of the SQL Injection.
   Entersoft Knowledge Base – great and detailed reference about vulnerabilities.
   HTML5 Security Cheatsheet – a collection of HTML5 related XSS attack vectors.
   XSS String Encoder – for generating XSS code to check your input validation filters against XSS.
   GTFOBins – list of Unix binaries that can be exploited by an attacker to bypass local security restrictions.
   Guifre Ruiz Notes – collection of security, system, network and pentest cheatsheets.
   SSRF Tips – a collection of SSRF Tips.
   shell-storm repo CTF – great archive of CTFs.
   ctf – CTF (Capture The Flag) writeups, code snippets, notes, scripts.
   My-CTF-Web-Challenges – collection of CTF Web challenges.
   MSTG – The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing.
   Internal-Pentest-Playbook – notes on the most common things for an Internal Network Penetration Test.
   KeyHacks – shows quick ways in which API keys leaked by a bug bounty program can be checked.
   securitum/research – various Proof of Concepts of security research performed by Securitum.
   public-pentesting-reports – is a list of public pentest reports released by several consulting security groups.
   awesome-bug-bounty – is a comprehensive curated list of available Bug Bounty.
   bug-bounty-reference – is a list of bug bounty write-ups.
   Awesome-Bugbounty-Writeups – is a curated list of bugbounty writeups.
   Bug bounty writeups – list of bug bounty writeups (2012-2020).
   hackso.me – a great journey into security.

 Backdoors/exploits

   PHP-backdoors – a collection of PHP backdoors. For educational or testing purposes only.

 Wordlists and Weak passwords

   Weakpass – for any kind of bruteforce find wordlists or unleash the power of them all at once!
   Hashes.org – is a free online hash resolving service incorporating many unparalleled techniques.
   SecLists – collection of multiple types of lists used during security assessments, collected in one place.
   Probable-Wordlists – sorted by probability originally created for password generation and testing.
   skullsecurity passwords – password dictionaries and leaked passwords repository.
   Polish PREMIUM Dictionary – official dictionary created by the team on the forum bezpieka.org.* ¹
   statistically-likely-usernames – wordlists for creating statistically likely username lists.

 Bounty platforms

   YesWeHack – bug bounty platform with infosec jobs.
   Openbugbounty – allows any security researcher reporting a vulnerability on any website.
   hackerone – global hacker community to surface the most relevant security issues.
   bugcrowd – crowdsourced cybersecurity for the enterprise.
   Crowdshield – crowdsourced security & bug bounty management.
   Synack – crowdsourced security & bug bounty programs, crowd security intelligence platform, and more.
   Hacktrophy – bug bounty platform.

 Web Training Apps (local installation)

   OWASP-VWAD – comprehensive and well maintained registry of all known vulnerable web applications.
   DVWA – PHP/MySQL web application that is damn vulnerable.
   metasploitable2 – vulnerable web application amongst security researchers.
   metasploitable3 – is a VM that is built from the ground up with a large amount of security vulnerabilities.
   DSVW – is a deliberately vulnerable web application written in under 100 lines of code.
   OWASP Mutillidae II – free, open source, deliberately vulnerable web-application.
   OWASP Juice Shop Project – the most bug-free vulnerable application in existence.
   OWASP Node js Goat Project – OWASP Top 10 security risks apply to web apps developed using Node.js.
   juicy-ctf – run Capture the Flags and Security Trainings with OWASP Juice Shop.
   SecurityShepherd – web and mobile application security training platform.
   Security Ninjas – open source application security training program.
   hackazon – a modern vulnerable web app.
   dvna – damn vulnerable NodeJS application.
   django-DefectDojo – is an open-source application vulnerability correlation and security orchestration tool.
   Google Gruyere – web application exploits and defenses.
   Bodhi – is a playground focused on learning the exploitation of client-side web vulnerabilities.
   Websploit – single vm lab with the purpose of combining several vulnerable appliations in one environment.
   vulhub – pre-built Vulnerable Environments based on docker-compose.
   CloudGoat 2 – the new & improved “Vulnerable by Design” AWS deployment tool.
   secDevLabs – is a laboratory for learning secure web development in a practical manner.
   CORS-vulnerable-Lab – sample vulnerable code and its exploit code.
   RootTheBox – a Game of Hackers (CTF Scoreboard & Game Manager).
   KONTRA – application security training (OWASP Top Web & Api).

 Labs (ethical hacking platforms/trainings/CTFs)

   Offensive Security – true performance-based penetration testing training for over a decade.
   Hack The Box – online platform allowing you to test your penetration testing skills.
   Hacking-Lab – online ethical hacking, computer network and security challenge platform.
   pwnable.kr – non-commercial wargame site which provides various pwn challenges.
   Pwnable.tw – is a wargame site for hackers to test and expand their binary exploiting skills.
   picoCTF – is a free computer security game targeted at middle and high school students.
   CTFlearn – is an online platform built to help ethical hackers learn and practice their cybersecurity knowledge.
   ctftime – CTF archive and a place, where you can get some another CTF-related info.
   Silesia Security Lab – high quality security testing services.
   Practical Pentest Labs – pentest lab, take your Hacking skills to the next level.
   Root Me – the fast, easy, and affordable way to train your hacking skills.
   rozwal.to – a great platform to train your pentesting skills.
   TryHackMe – learning Cyber Security made easy.
   hackxor – is a realistic web application hacking game, designed to help players of all abilities develop their skills.
   Hack Yourself First – it’s full of nasty app sec holes.
   OverTheWire – can help you to learn and practice security concepts in the form of fun-filled games.
   Wizard Labs – is an online Penetration Testing Lab.
   PentesterLab – provides vulnerable systems that can be used to test and understand vulnerabilities.
   RingZer0 – tons of challenges designed to test and improve your hacking skills.
   try2hack – several security-oriented challenges for your entertainment.
   Ubeeri – preconfigured lab environments.
   Pentestit – emulate IT infrastructures of real companies for legal pen testing and improving pentest skills.
   Microcorruption – reversal challenges done in the web interface.
   Crackmes – download crackmes to help improve your reverse engineering skills.
   DomGoat – DOM XSS security learning and practicing platform.
   Stereotyped Challenges – upgrade your web hacking techniques today!
   Vulnhub – allows anyone to gain practical ‘hands-on’ experience in digital security.
   W3Challs – is a penetration testing training platform, which offers various computer challenges.
   RingZer0 CTF – offers you tons of challenges designed to test and improve your hacking skills.
   Hack.me – a platform where you can build, host and share vulnerable web apps for educational purposes.
   HackThis! – discover how hacks, dumps and defacements are performed and secure your website.
   Enigma Group WebApp Training – these challenges cover the exploits listed in the OWASP Top 10 Project.
   Reverse Engineering Challenges – challenges, exercises, problems and tasks – by level, by type, and more.
   0x00sec – the home of the Hacker – Malware, Reverse Engineering, and Computer Science.
   We Chall – there are exist a lots of different challenge types.
   Hacker Gateway – is the go-to place for hackers who want to test their skills.
   Hacker101 – is a free class for web security.
   contained.af – a stupid game for learning about containers, capabilities, and syscalls.
   flAWS challenge! – a series of levels you’ll learn about common mistakes and gotchas when using AWS.
   CyberSec WTF – provides web hacking challenges derived from bounty write-ups.
   CTF Challenge – CTF Web App challenges.
   gCTF – most of the challenges used in the Google CTF 2017.
   Hack This Site – is a free, safe and legal training ground for hackers.
   Attack & Defense – is a browser-based cloud labs.
   Cryptohack – a fun platform for learning modern cryptography.
   Cryptopals – the cryptopals crypto challenges.

 CTF platforms

   fbctf – platform to host Capture the Flag competitions.
   ctfscoreboard – scoreboard for Capture The Flag competitions.

 Other resources

   Bugcrowd University – open source education content for the researcher community.
   OSCPRepo – a list of resources and scripts that I have been gathering in preparation for the OSCP.
   OWASP Top 10: Real-World Examples – test your web apps with real-world examples (two-part series).
   phrack.org – an awesome collection of articles from several respected hackers and other thinkers.
   Practical-Ethical-Hacking-Resources – compilation of resources from TCM’s Udemy Course.

Your daily knowledge and news  ^[TOC]

Your daily knowledge and news  ^[TOC]

 RSS Readers

   Feedly – organize, read and share what matters to you.
   Inoreader – similar to feedly with a support for filtering what you fetch from rss.

 IRC Channels

   #hackerspaces – hackerspace IRC channels.

 Security

   The Hacker News – leading news source dedicated to promoting awareness for security experts and hackers.
   Latest Hacking News – provides the latest hacking news, exploits and vulnerabilities for ethical hackers.
   Security Newsletter – security news as a weekly digest (email notifications).
   Google Online Security Blog – the latest news and insights from Google on security and safety on the Internet.
   Qualys Blog – expert network security guidance and news.
   DARKReading – connecting the Information Security Community.
   Darknet – latest hacking tools, hacker news, cybersecurity best practices, ethical hacking & pen-testing.
   publiclyDisclosed – public disclosure watcher who keeps you up to date about the recently disclosed bugs.
   Reddit – Hacking – a subreddit dedicated to hacking and hackers.
   Packet Storm – information security services, news, files, tools, exploits, advisories and whitepapers.
   Sekurak – about security, penetration tests, vulnerabilities and many others (PL/EN).
   nf.sec – basic aspects and mechanisms of Linux operating system security (PL).

Reference

• https://github.com/cloudcommunity/the-book-of-secret-knowledge