Hacking
Contents
Tools
A computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.
A little tool to play with Windows security
Automatic SQL injection and database takeover tool
Automated NoSQL database enumeration and web application exploitation tool.
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages.
SubFinder is a subdomain discovery tool that discovers valid subdomains for any target using passive online sources.
Scriptable network authentication cracker
Full-featured C2 framework which silently persists on webserver via evil PHP oneliner
A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
Internet scale portscanner.
an extensible key and secret validation tool for auditing active secrets against multiple SaaS vendors
A Linux packet crafting tool
Man-in-the-middle SOCKS Proxy for Java
An SSH/SFTP man-in-the-middle tool that logs interactive sessions and passwords.
A script to make Tor Network your default gateway.
Python Network Hacking Toolkit
Free program for HTTP session hijacking attacks.
A Python tool and library for low level packet creation and manipulation
In-depth subdomain enumeration tool that performs scraping, recursive brute forcing, crawling of web archives, name altering and reverse DNS sweeping
Secure multithreaded packet sniffer
Discover internet-wide misconfigurations, using zgrab2 and others.
Extremely fast port scanner built with Rust, designed to scan all ports in a couple of seconds and utilizes nmap to perform port enumeration in a fraction of the time.
Extensible TCP/UDP proxy with GUI for traffic analysis & modification with SSL/TLS support.
A library and collection of command-line digital forensics tools
NTFS forensic image collector
A tool to analyze multi-byte XOR cipher
Automated decryption tool using artificial intelligence & natural language processing.
Docker Images for Penetration Testing & Security
#docker-container--
#option-3---run-nodegoat-on-docker
Disassemblers and debuggers
An open-source x64/x32 debugger for Windows
A portable reversing framework
Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.
Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API
JVM-based languages
the best decompiler I have used. Is able to decompile apps written in Scala and Kotlin into Java code. JD-GUI and Luyten have failed to do it fully.
one of the best, though a bit slow, hangs on some binaries and not very well maintained.
a decompiler for Android apps. Not related to JAD.
.net-based languages
native code
Other
Execution logging and tracing
Binary files examination and editing
Hex editors
Detects signatures, unpacks archives, visualizes entropy.
a visualizer for statistical properties of blobs.
a DSL for creating parsers in a variety of programming languages. The Web IDE is particularly useful for reverse-engineering.
executable differ.
a DB editor.
a FOSS replacement to Dependency Walker.
General
An exhaustive checklist to assist in the source code security analysis of a node.js web service.
Collection of cheat sheets useful for pentesting
A curated list of movies every hacker & cyberpunk must watch.
OS
tools
A post exploitation framework for powershell and python.
A post exploitation tool that uses iron python to get past powershell restrictions.
A PowerShell post exploitation framework
Framework for Making Environmental Keyed Payloads