Pentesters arsenal tools

  🔸 Sandcat Browser – a penetration-oriented browser with plenty of advanced functionality already built in.
  🔸 Metasploit – tool and framework for pentesting system, web and many more, contains a lot a ready to use exploit.
  🔸 Burp Suite – tool for testing web app security, intercepting proxy to replay, inject, scan and fuzz.
  🔸 OWASP Zed Attack Proxy – intercepting proxy to replay, inject, scan and fuzz HTTP requests.
  🔸 w3af – is a Web Application Attack and Audit Framework.
  🔸 mitmproxy – an interactive TLS-capable intercepting HTTP proxy for penetration testers.
  🔸 Nikto2 – web server scanner which performs comprehensive tests against web servers for multiple items.
  🔸 sqlmap – tool that automates the process of detecting and exploiting SQL injection flaws.
  🔸 Recon-ng – is a full-featured Web Reconnaissance framework written in Python.
  🔸 AutoRecon – is a network reconnaissance tool which performs automated enumeration of services.
  🔸 Faraday – an Integrated Multiuser Pentest Environment.
  🔸 Photon – incredibly fast crawler designed for OSINT.
  🔸 XSStrike – most advanced XSS detection suite.
  🔸 Sn1per – automated pentest framework for offensive security experts.
  🔸 vuls – is an agent-less vulnerability scanner for Linux, FreeBSD, and other.
  🔸 tsunami – is a general purpose network security scanner with an extensible plugin system.
  🔸 aquatone – a tool for domain flyovers.
  🔸 BillCipher – information gathering tool for a website or IP address.
  🔸 WhatWaf – detect and bypass web application firewalls and protection systems.
  🔸 Corsy – CORS misconfiguration scanner.
  🔸 Raccoon – is a high performance offensive security tool for reconnaissance and vulnerability scanning.
  🔸 dirhunt – find web directories without bruteforce.
  🔸 John The Ripper – is a fast password cracker, currently available for many flavors of Unix, Windows, and other.
  🔸 hashcat – world’s fastest and most advanced password recovery utility.
  🔸 p0f – is a tool to identify the players behind any incidental TCP/IP communications.
  🔸 ssh_scan – a prototype SSH configuration and policy scanner.
  🔸 LeakLooker – find open databases – powered by Binaryedge.io
  🔸 exploitdb – searchable archive from The Exploit Database.
  🔸 getsploit – is a command line utility for searching and downloading exploits.
  🔸 ctf-tools – some setup scripts for security research tools.
  🔸 pwntools – CTF framework and exploit development library.
  🔸 security-tools – collection of small security tools created mostly in Python. CTFs, pentests and so on.
  🔸 pentestpackage – is a package of Pentest scripts.
  🔸 python-pentest-tools – python tools for penetration testers.
  🔸 fuzzdb – dictionary of attack patterns and primitives for black-box application fault injection.
  🔸 AFL – is a free software fuzzer maintained by Google.
  🔸 AFL++ – is AFL with community patches.
  🔸 syzkaller – is an unsupervised, coverage-guided kernel fuzzer.
  🔸 pwndbg – exploit development and reverse engineering with GDB made easy.
  🔸 GDB PEDA – Python Exploit Development Assistance for GDB.
  🔸 IDA – multi-processor disassembler and debugger useful for reverse engineering malware.
  🔸 radare2 – framework for reverse-engineering and analyzing binaries.
  🔸 routersploit – exploitation framework for embedded devices.
  🔸 Ghidra – is a software reverse engineering (SRE) framework.
  🔸 Vulnreport – open-source pentesting management and automation platform by Salesforce Product Security.
  🔸 Mentalist – is a graphical tool for custom wordlist generation.
  🔸 archerysec – vulnerability assessment and management helps to perform scans and manage vulnerabilities.
  🔸 Osmedeus – fully automated offensive security tool for reconnaissance and vulnerability scanning.
  🔸 beef – the browser exploitation framework project.
  🔸 AutoSploit – automated mass exploiter.
  🔸 SUDO_KILLER – is a tool to identify and exploit sudo rules’ misconfigurations and vulnerabilities.
  🔸 yara – the pattern matching swiss knife.
  🔸 mimikatz – a little tool to play with Windows security.
  🔸 sherlock – hunt down social media accounts by username across social networks.
  🔸 OWASP Threat Dragon – is a tool used to create threat model diagrams and to record possible threats.

▪️ Pentests bookmarks collection

  🔸 PTES – the penetration testing execution standard.
  🔸 Pentests MindMap – amazing mind map with vulnerable apps and systems.
  🔸 WebApps Security Tests MindMap – incredible mind map for WebApps security tests.
  🔸 Brute XSS – master the art of Cross Site Scripting.
  🔸 XSS cheat sheet – contains many vectors that can help you bypass WAFs and filters.
  🔸 Offensive Security Bookmarks – security bookmarks collection, all things that author need to pass OSCP.
  🔸 Awesome Pentest Cheat Sheets – collection of the cheat sheets useful for pentesting.
  🔸 Awesome Hacking by HackWithGithub – awesome lists for hackers, pentesters and security researchers.
  🔸 Awesome Hacking by carpedm20 – a curated list of awesome hacking tutorials, tools and resources.
  🔸 Awesome Hacking Resources – collection of hacking/penetration testing resources to make you better.
  🔸 Awesome Pentest – collection of awesome penetration testing resources, tools and other shiny things.
  🔸 Awesome-Hacking-Tools – is a curated list of awesome Hacking Tools.
  🔸 Hacking Cheat Sheet – author hacking and pentesting notes.
  🔸 blackhat-arsenal-tools – official Black Hat arsenal security tools repository.
  🔸 Penetration Testing and WebApp Cheat Sheets – the complete list of Infosec related cheat sheets.
  🔸 Cyber Security Resources – includes thousands of cybersecurity-related references and resources.
  🔸 Pentest Bookmarks – there are a LOT of pentesting blogs.
  🔸 Cheatsheet-God – Penetration Testing Reference Bank – OSCP/PTP & PTX Cheatsheet.
  🔸 ThreatHunter-Playbook – to aid the development of techniques and hypothesis for hunting campaigns.
  🔸 Beginner-Network-Pentesting – notes for beginner network pentesting course.
  🔸 OSCPRepo – is a list of resources that author have been gathering in preparation for the OSCP.
  🔸 PayloadsAllTheThings – a list of useful payloads and bypass for Web Application Security and Pentest/CTF.
  🔸 payloads – git all the Payloads! A collection of web attack payloads.
  🔸 command-injection-payload-list – command injection payload list.
  🔸 Awesome Shodan Search Queries – great search queries to plug into Shodan.
  🔸 AwesomeXSS – is a collection of Awesome XSS resources.
  🔸 php-webshells – common php webshells.
  🔸 Pentesting Tools Cheat Sheet – a quick reference high level overview for typical penetration testing.
  🔸 OWASP Cheat Sheet Series – is a collection of high value information on specific application security topics.
  🔸 OWASP dependency-check – is an open source solution the OWASP Top 10 2013 entry.
  🔸 OWASP ProActive Controls – OWASP Top 10 Proactive Controls 2018.
  🔸 PENTESTING-BIBLE – hacking & penetration testing & red team & cyber security resources.
  🔸 pentest-wiki – is a free online security knowledge library for pentesters/researchers.
  🔸 DEF CON Media Server – great stuff from DEFCON.
  🔸 Awesome Malware Analysis – a curated list of awesome malware analysis tools and resources.
  🔸 SQL Injection Cheat Sheet – detailed technical stuff about the many different variants of the SQL Injection.
  🔸 Entersoft Knowledge Base – great and detailed reference about vulnerabilities.
  🔸 HTML5 Security Cheatsheet – a collection of HTML5 related XSS attack vectors.
  🔸 XSS String Encoder – for generating XSS code to check your input validation filters against XSS.
  🔸 GTFOBins – list of Unix binaries that can be exploited by an attacker to bypass local security restrictions.
  🔸 Guifre Ruiz Notes – collection of security, system, network and pentest cheatsheets.
  🔸 SSRF Tips – a collection of SSRF Tips.
  🔸 shell-storm repo CTF – great archive of CTFs.
  🔸 ctf – CTF (Capture The Flag) writeups, code snippets, notes, scripts.
  🔸 My-CTF-Web-Challenges – collection of CTF Web challenges.
  🔸 MSTG – The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing.
  🔸 Internal-Pentest-Playbook – notes on the most common things for an Internal Network Penetration Test.
  🔸 KeyHacks – shows quick ways in which API keys leaked by a bug bounty program can be checked.
  🔸 securitum/research – various Proof of Concepts of security research performed by Securitum.
  🔸 public-pentesting-reports – is a list of public pentest reports released by several consulting security groups.
  🔸 awesome-bug-bounty – is a comprehensive curated list of available Bug Bounty.
  🔸 bug-bounty-reference – is a list of bug bounty write-ups.
  🔸 Awesome-Bugbounty-Writeups – is a curated list of bugbounty writeups.
  🔸 Bug bounty writeups – list of bug bounty writeups (2012-2020).
  🔸 hackso.me – a great journey into security.

▪️ Backdoors/exploits

  🔸 PHP-backdoors – a collection of PHP backdoors. For educational or testing purposes only.

▪️ Wordlists and Weak passwords

  🔸 Weakpass – for any kind of bruteforce find wordlists or unleash the power of them all at once!
  🔸 Hashes.org – is a free online hash resolving service incorporating many unparalleled techniques.
  🔸 SecLists – collection of multiple types of lists used during security assessments, collected in one place.
  🔸 Probable-Wordlists – sorted by probability originally created for password generation and testing.
  🔸 skullsecurity passwords – password dictionaries and leaked passwords repository.
  🔸 Polish PREMIUM Dictionary – official dictionary created by the team on the forum bezpieka.org.* ¹
  🔸 statistically-likely-usernames – wordlists for creating statistically likely username lists.

▪️ Bounty platforms

  🔸 YesWeHack – bug bounty platform with infosec jobs.
  🔸 Openbugbounty – allows any security researcher reporting a vulnerability on any website.
  🔸 hackerone – global hacker community to surface the most relevant security issues.
  🔸 bugcrowd – crowdsourced cybersecurity for the enterprise.
  🔸 Crowdshield – crowdsourced security & bug bounty management.
  🔸 Synack – crowdsourced security & bug bounty programs, crowd security intelligence platform, and more.
  🔸 Hacktrophy – bug bounty platform.

▪️ Web Training Apps (local installation)

  🔸 OWASP-VWAD – comprehensive and well maintained registry of all known vulnerable web applications.
  🔸 DVWA – PHP/MySQL web application that is damn vulnerable.
  🔸 metasploitable2 – vulnerable web application amongst security researchers.
  🔸 metasploitable3 – is a VM that is built from the ground up with a large amount of security vulnerabilities.
  🔸 DSVW – is a deliberately vulnerable web application written in under 100 lines of code.
  🔸 OWASP Mutillidae II – free, open source, deliberately vulnerable web-application.
  🔸 OWASP Juice Shop Project – the most bug-free vulnerable application in existence.
  🔸 OWASP Node js Goat Project – OWASP Top 10 security risks apply to web apps developed using Node.js.
  🔸 juicy-ctf – run Capture the Flags and Security Trainings with OWASP Juice Shop.
  🔸 SecurityShepherd – web and mobile application security training platform.
  🔸 Security Ninjas – open source application security training program.
  🔸 hackazon – a modern vulnerable web app.
  🔸 dvna – damn vulnerable NodeJS application.
  🔸 django-DefectDojo – is an open-source application vulnerability correlation and security orchestration tool.
  🔸 Google Gruyere – web application exploits and defenses.
  🔸 Bodhi – is a playground focused on learning the exploitation of client-side web vulnerabilities.
  🔸 Websploit – single vm lab with the purpose of combining several vulnerable appliations in one environment.
  🔸 vulhub – pre-built Vulnerable Environments based on docker-compose.
  🔸 CloudGoat 2 – the new & improved “Vulnerable by Design” AWS deployment tool.
  🔸 secDevLabs – is a laboratory for learning secure web development in a practical manner.
  🔸 CORS-vulnerable-Lab – sample vulnerable code and its exploit code.
  🔸 RootTheBox – a Game of Hackers (CTF Scoreboard & Game Manager).
  🔸 KONTRA – application security training (OWASP Top Web & Api).

▪️ Labs (ethical hacking platforms/trainings/CTFs)

  🔸 Offensive Security – true performance-based penetration testing training for over a decade.
  🔸 Hack The Box – online platform allowing you to test your penetration testing skills.
  🔸 Hacking-Lab – online ethical hacking, computer network and security challenge platform.
  🔸 pwnable.kr – non-commercial wargame site which provides various pwn challenges.
  🔸 Pwnable.tw – is a wargame site for hackers to test and expand their binary exploiting skills.
  🔸 picoCTF – is a free computer security game targeted at middle and high school students.
  🔸 CTFlearn – is an online platform built to help ethical hackers learn and practice their cybersecurity knowledge.
  🔸 ctftime – CTF archive and a place, where you can get some another CTF-related info.
  🔸 Silesia Security Lab – high quality security testing services.
  🔸 Practical Pentest Labs – pentest lab, take your Hacking skills to the next level.
  🔸 Root Me – the fast, easy, and affordable way to train your hacking skills.
  🔸 rozwal.to – a great platform to train your pentesting skills.
  🔸 TryHackMe – learning Cyber Security made easy.
  🔸 hackxor – is a realistic web application hacking game, designed to help players of all abilities develop their skills.
  🔸 Hack Yourself First – it’s full of nasty app sec holes.
  🔸 OverTheWire – can help you to learn and practice security concepts in the form of fun-filled games.
  🔸 Wizard Labs – is an online Penetration Testing Lab.
  🔸 PentesterLab – provides vulnerable systems that can be used to test and understand vulnerabilities.
  🔸 RingZer0 – tons of challenges designed to test and improve your hacking skills.
  🔸 try2hack – several security-oriented challenges for your entertainment.
  🔸 Ubeeri – preconfigured lab environments.
  🔸 Pentestit – emulate IT infrastructures of real companies for legal pen testing and improving pentest skills.
  🔸 Microcorruption – reversal challenges done in the web interface.
  🔸 Crackmes – download crackmes to help improve your reverse engineering skills.
  🔸 DomGoat – DOM XSS security learning and practicing platform.
  🔸 Stereotyped Challenges – upgrade your web hacking techniques today!
  🔸 Vulnhub – allows anyone to gain practical ‘hands-on’ experience in digital security.
  🔸 W3Challs – is a penetration testing training platform, which offers various computer challenges.
  🔸 RingZer0 CTF – offers you tons of challenges designed to test and improve your hacking skills.
  🔸 Hack.me – a platform where you can build, host and share vulnerable web apps for educational purposes.
  🔸 HackThis! – discover how hacks, dumps and defacements are performed and secure your website.
  🔸 Enigma Group WebApp Training – these challenges cover the exploits listed in the OWASP Top 10 Project.
  🔸 Reverse Engineering Challenges – challenges, exercises, problems and tasks – by level, by type, and more.
  🔸 0x00sec – the home of the Hacker – Malware, Reverse Engineering, and Computer Science.
  🔸 We Chall – there are exist a lots of different challenge types.
  🔸 Hacker Gateway – is the go-to place for hackers who want to test their skills.
  🔸 Hacker101 – is a free class for web security.
  🔸 contained.af – a stupid game for learning about containers, capabilities, and syscalls.
  🔸 flAWS challenge! – a series of levels you’ll learn about common mistakes and gotchas when using AWS.
  🔸 CyberSec WTF – provides web hacking challenges derived from bounty write-ups.
  🔸 CTF Challenge – CTF Web App challenges.
  🔸 gCTF – most of the challenges used in the Google CTF 2017.
  🔸 Hack This Site – is a free, safe and legal training ground for hackers.
  🔸 Attack & Defense – is a browser-based cloud labs.
  🔸 Cryptohack – a fun platform for learning modern cryptography.
  🔸 Cryptopals – the cryptopals crypto challenges.

▪️ CTF platforms

  🔸 fbctf – platform to host Capture the Flag competitions.
  🔸 ctfscoreboard – scoreboard for Capture The Flag competitions.

▪️ Other resources

  🔸 Bugcrowd University – open source education content for the researcher community.
  🔸 OSCPRepo – a list of resources and scripts that I have been gathering in preparation for the OSCP.
  🔸 OWASP Top 10: Real-World Examples – test your web apps with real-world examples (two-part series).
  🔸 phrack.org – an awesome collection of articles from several respected hackers and other thinkers.
  🔸 Practical-Ethical-Hacking-Resources – compilation of resources from TCM’s Udemy Course.

Your daily knowledge and news  ^[TOC]

Your daily knowledge and news  ^[TOC]

▪️ RSS Readers

  🔸 Feedly – organize, read and share what matters to you.
  🔸 Inoreader – similar to feedly with a support for filtering what you fetch from rss.

▪️ IRC Channels

  🔸 #hackerspaces – hackerspace IRC channels.

▪️ Security

  🔸 The Hacker News – leading news source dedicated to promoting awareness for security experts and hackers.
  🔸 Latest Hacking News – provides the latest hacking news, exploits and vulnerabilities for ethical hackers.
  🔸 Security Newsletter – security news as a weekly digest (email notifications).
  🔸 Google Online Security Blog – the latest news and insights from Google on security and safety on the Internet.
  🔸 Qualys Blog – expert network security guidance and news.
  🔸 DARKReading – connecting the Information Security Community.
  🔸 Darknet – latest hacking tools, hacker news, cybersecurity best practices, ethical hacking & pen-testing.
  🔸 publiclyDisclosed – public disclosure watcher who keeps you up to date about the recently disclosed bugs.
  🔸 Reddit – Hacking – a subreddit dedicated to hacking and hackers.
  🔸 Packet Storm – information security services, news, files, tools, exploits, advisories and whitepapers.
  🔸 Sekurak – about security, penetration tests, vulnerabilities and many others (PL/EN).
  🔸 nf.sec – basic aspects and mechanisms of Linux operating system security (PL).

Reference

• https://github.com/cloudcommunity/the-book-of-secret-knowledge