The purpose of this repository is to act as an archive of tools built on my own or forked from other repositories.
- Application security repositoriy consits all web & mobile security assessment checklists and cheatsheets to be used by security analysts & consultants on their client's application.
- Credit: (https://github.com/iamthefrogy/Application-Security)
- Important web application secure code review assessment keywords cheatsheet
- Web application security assessment checklist
- Credit: (https://github.com/iamthefrogy/Application-Security)
- Android application security assessment checklist
- This is the official Github Repository of the OWASP Mobile Security Testing Guide (MSTG). The MSTG is a comprehensive manual for testing the security of mobile apps. It describes technical processes for verifying the controls listed in the OWASP Mobile Application Verification Standard (MASVS). The MSTG is meant to provide a baseline set of test cases for black-box and white-box security tests, and to help ensure completeness and consistency of the tests.
- Credit: (https://github.com/OWASP/owasp-mstg)
- A curated list of hacks in IoT space so that researchers and industrial products can address the security vulnerabilities.
- Credit: (https://github.com/nebgnahz/awesome-iot-hacks)
-
Audio Files (
.wav,.flac, etc..)- MATLAB code for Least Significant Bit
- Sonic Visualiser... to easily view the spectrogram of an audio file
-
Steganography
stegsolve.jar- Steghide
- Hipshot ... Python module to get long-exposure image from a video
-
Reversing/Disassembly
- IDA Pro
- Hopper ... we have this bought and downabled in
misc - Easy Python Decompiler
- ShowMyCode ... to decrypt a java .class file
radarefile... to simply find out "what the heck is this thing?"- PE Tools ... can dump memory from a Windows
.exe, determine compiler, etc. - PEiD ... determine what packer was used for a Windows
.exe
-
Network/Packet Sniffing
-
PDF Files
-
Exploit/Shellcode
-
Web Applications
-
PHP
phpdc.phpr... to decodebcompilercompiled PHP code.
-
Windows Binaries
-
Encryption
-
Metadata
-
Password Cracking
-
Forensics
scalpelforemostvinetto... for examining Thumbs.db filesaeskeyfindrsakeyfind- Volatility ... for memory files like
.vmssor.vdi - Autopsy ... for disk image files like
.img binwalk
-
Host Based Forensics
ewfmount.. encase/expert witness formatmount... to mount a driveumount... to unmount a drivemmls... Display the partition layout of a volume system (partition tables)Gpart... if the image is corrupt, can it be fixed?- [
f-response][f-response] ...
-
Reconnaissance
- HTTrack ... to scrape entire websites
- theHarvester ... to detect and scrape e-mail addresses
- Netcraft ... to grab hosting info on a website
- Nikto ... to find vulnerabilities in web applications
-
Legend
- [G]: Github/Git repository # Note, this flag automatically imply the [O] flag
- [S]: Software (Imply that it's not always 100% free and that it's not open source or restrictive license)
- [F]: Freeware (Free software, does'nt necessarily means that it's opensource)
- [I]: Website
- [P]: Plugin for chrome
- [R]: Plugin for firefox
- [C]: CLI tool
- [O]: Open source
- [M]: Misceallenous
- [L]: Reverse Flag: is set only when Linux compatible
- [W]: Reverse Flag: is set only when Windows compatible
-
Binary
- [I] https://malwr.com/: online binary analysis
- [I] https://retdec.com/: online decompiler for c/c++ binaries
- [I] http://www.javadecompilers.com/: java decompiler online
- [S|W] Reflector: assembly browser for .NET
- [F|O|W] Simple Assembly Explorer: another .NET disassembler
- [F|O|W] de4dot: .NET deobfuscator
- [S] IDA: debugger
- [F|O] OllyDbg: debugger
- [F|O|W] x64dbg: debugger
- [C|O|L] gdb: Gnu debugger for linux
- [M] peda: python plugin for gdb
- [C|O|L] [strace/ltrace]: system call tracers / dynamic call tracers (librairies)
- [G] dex2jar: apk unpacker (android package)
- [S] dede: delphi decompiler
- [S] Pin: dynamic binary instrumentation framework
- [G] Pintool: binary password finder for ctf using pin
- [O|L] checksec: check binary protections
- [F] DiE: binary packer detection
- [G] Qira: timeless debugger with web interface by geohot
- [G|C] ROPGadget: tool for rop chaining
- [G|C] plasma: interactive disassembler in pseudo-C with colored syntax
- [O|C|L] XOCopy: copy memory of execute only ELF binaries
- [G|C] Shellsploit: shellcode generator framework
- [G|C] radare2: analyzer, disassembler, debugger
- [G] Bokken: Python-GTK GUI for radare2
- [G|C] libformatstr: python lib to make string format exploits
- [G] pwntools: Python framework to quickly develop exploits
- [G] binjitsu: fork of pwntools
- [G|C] fixenv: Script to align stack withtout ASLR and gdb,strace,ltrace
- [O|W] cheatengine: memory scanner and other usefull things
- [G] Voltron: Great UI Debugger
- [G] Z3: Z3 is a theorem prover
- [G] angr: binary analysis, allows value-set analysis
- [G] rop-tool: another helpful tool for ROP
- [G] villoc: visualize heap chunks on linux
- [O|C] valgrind: binary analysis allowing to spot read/write errors on memory operations
- [S|W] apimonitor: inspect process calls and trace them
- [F|W] PEiD: identify which packer has been used on PE binaries
- [F|W] ImpREC: reconstruct IAT table for unpacked binaries
- [O|C] Flawfinder: static source code analyzer for C/C++ which report possible security weakness
- [G|C] afl: fuzzer
-
Forensic
- [C|O] volatility: forensic tool to analyse memory dump from windows/linux
- [C|O] Autopsy/Sleuth: analyse hard drives and smartphones
- [C|O] Foremost: file recovery after deletion or format
- [G|C] BinWalk: find files into file
- [S] dff: complete forensic gui analyser with lots of automation
- [G|C] origami: pdf forensic analysis with optional GUI
- [F|W] MFTDump: dump/copy $MFT file on windows
- [G|C] AppCompatCacheParser: dump shimcache entries from Registry (can use offline registry)
- [F|W] [RegistryExplorer: GUI to explore registry with search options and possibility to use offline register
-
Cryptography
- [C|G] xortool: find xor key/key length from xor text/binary
- [C|G] cribdrag: interactive crib dragging on xored text
- [C|G] hash_extender: hash extension forger
- [C|G] hash-identifier: hash identifier
- [C|G] PadBuster: break CBC encryption using an oracle
- [C|G] lsb-toolkit: extract bit from images for steganography
- [C|O] john: hash cracker (bruteforce + dico attacks)
- [F|O] hashcat: hash bruteforce cracker that support GPU
- [C|G] rsatool: calculates RSA (p, q, n, d, e) and RSA-CRT (dP, dQ, qInv) parameters given either two primes (p, q) or modulus and private exponent (n, d)
- [I] http://quipqiup.com/: basic cryptography solver
- [G|C] python-paddingoracle: python tool to exploit padding oracle
-
Web
- [F|O] DirBuster: bruteforce/dictionnary attack on webserver to find hidden directories
- [I] http://pkav.net/XSS2.png: XSS spreadsheet
- [C|O] sqlmap: sql injection
- [S] Burp suite: request tool analysis/forge request
- [S|W] fiddler: HTTP web proxy
- [I] http://requestb.in/: get a temporary page to receive GET/POST request
- [I] http://en.42.meup.org/ : Temporary web hosting
- [I] https://zerobin.net/: anonymous encrypted pastebin
- [I] http://pastebin.com/: paste code/text with coloration
- [I] http://portquiz.net/: test outgoing ports
- [I] http://botscout.com/: check if an IP is flagged as spam/bot
- [P|R] HackBar: xss/sql tests
- [R] TamperData: modify and tamper HTTP requests
- [R] Advanced Cookie Manager: Edit cookie
- [R] Modify Headers: Edit HTTP headers
- [R] HTTP Requester: Edit HTTP requests
- [R] FlagFox: Info about current website
- [R] Live HTTP Headers: View Headers
- [P] ModHeader: edit HTTP requests
- [G] Nikto2: web server scanner
- [P] EditThisCookie: edit cookie, can lock cookie
- [I] https://dnsdumpster.com/: free domain research tools, find subdomains
- [I] https://pentest-tools.com/home: subdomain bruteforce not 100% free
- [G] Hydra: remote password cracker
-
Network
- [C|O] Netcat: network tool, can listen or connect using TCP/UDP
- [C|O] nmap: network tool to scan ports and discover services
- [C|O] Scapy: powerful interactive packet manipulation program
- [C|O] Aircrack: wi-fi injection/monitoring/cracking
- [S|O] Wireshark: network packet analyzer
- [S|W] NetworkMiner: sniffer/pcap analyzer, pretty good for files and see what's going on with HTTP traffic
- [C|O] Hexinject: Packer injector and sniffer. Allows to modify packets on the fly
-
Steganography
-
Misc
- [F|O|W] Cuckoo: interactive sandbox malware analysis
- [F|O|W] Photorec: recover erased file
- [C|O] QEMU: machine emulator and virtualizer
- [C|S] metasploit: Generate payload and browser exploits
- [C|O] binutils: tons of CLI tools
- [S] vmware: virtualization products
- [I] https://regex101.com/: javascript/python/php regex online
- [I] http://rubular.com/: ruby regex online
- [M|O] kali: hacking linux OS
- [I] https://www.exploit-db.com/: exploits database
- [G|C] AutoLocalPrivilegeEscalation: bash script to get root if possible
- [C|O] sshpass: pass ssh password without typing it (highly insecure)
- [C|O] virt-what: simple bash script to detect virtualization environment
- [W|O] ProcessHacker: Extended taskmanager
- [G]: english-words: simple english wordlist
-
Sec/Tools list
- [W] pax0r: another huge list of tools
- [G] SecLists: SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments
- [G] ctf-tools: list of tools similar to this one
- [I] http://resources.infosecinstitute.com/tools-of-trade-and-resources-to-prepare-in-a-hacker-ctf-competition-or-challenge/
- [G] https://github.com/Hack-with-Github/Awesome-Hacking: awesome list related to hacking
-
Programming
- [I] http://www.tutorialspoint.com/: online programmation on most languages
- [I] https://gcc.godbolt.org/: check disassembly code produced with different versions of gcc
