chousensha/cyber-support-base

Collection of bookmarked tools for security, red teaming, blue teaming, pentesting and other

cyber-support-base

Collection of bookmarked tools for security, red teaming, blue teaming, pentesting and other

Cracking

• CrackStation
• HashKiller
• MD5 conversion and MD5 reverse lookup
• VNC Password Decrypter
• Hashes.org

Conversion

• SNEAK: Snarkles.Net Encryption Assortment Kit
• String decoder & encoder
• IP Address Converter

Crypto

• Cipher Tools
• SSL & TLS Security Testing
• PadBuster - Automated script for performing Padding Oracle attacks
• Let’s Encrypt
• SSLScrape

Automation

• hacker-scripts
• The Penetration Testers Framework

Safety checks

• have i been pwned?
• SpyCloud

Post Exploitation

• memorpy - Python library using ctypes to search/edit windows/linux/OSX/SunOS programs memory
• LinEnum - Scripted Local Linux Enumeration & Privilege Escalation Checks
• Windows-Exploit-Suggester
• SessionGopher - extract session info from WinSCP, PuTTY, SuperPuTTY, FileZilla, and RDP
• Sherlock - PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities
• Pupy - opensource, cross-platform RAT and post-exploitation tool
• UACME - Defeat UAC
• p0wnedShell - PowerShell Runspace Post Exploitation Toolkit
• mimikittenz - powershell tool for extracting juicy info from memory
• Privilege Escalation & Post-Exploitation
• GimmeCreds - quickly dump all credz from known locations
• Lanmaster Linux built-in shells
• Python PTY backdoors
• FuzzySecurity Windows Privilege Escalation Fundamentals
• GTFOBins
• Living Off The Land Binaries And Scripts

Miscellaneous toolkits

• Shellntel scripts
• Shadow Broker

Stealth

• Cryptocat
• Panopticlick - browser tracking tests
• DNS leak test
• privacytools.io
• StartPage Search Engine
• Advanced Privacy and Anonymity Using VMs, VPN’s, Tor
• VBad - VBA Obfuscation Tools combined with an MS office document generator
• GreatSCT - AV / whitelist bypass
• Ebowla - Framework for Making Environmental Keyed Payloads
• sshuttle: where transparent proxy meets VPN meets ssh

Hardening

• Hardentools - utility that disables a number of risky Windows features

DFIR / Blue Team

• FireEye Free Security Software
• Windows-Prefetch-Parser
• GRR Rapid Response: remote live forensics for incident response
• DumpsterFire Toolset - "Security Incidents In A Box!"
• DNS Blacklists
• LogonTracer
• Threat Hunting Reconnaissance Toolkit
• NotRuler - detect Ruler usage
• DetectionLab - Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices
• Request Tracker for Incident Response
• Cybersponse
• JPCERT Tool Analysis Result Sheet
• Rekall Memory Forensic Framework
• Kansa - A Powershell incident response framework
• EventID - Windows Event Log Analysis
• SysmonSearch
• Awesome Threat Detection and Hunting
• Digital Forensics Magic Number
• SwiftOnSecurity sysmon-config
• sysmon-modular
• awesome incident response
• windows events samples associated to specific attack and post-exploitation techniques

Windows security

• Active Directory Security
• ADRecon
• JAWS - Just Another Windows (Enum) Script
• WINspect - Powershell-based Windows Security Auditing Toolbox
• icebreaker - get plaintext AD creds from internal network while outside AD env
• RedSnarf - pen-testing / red-teaming tool for Windows environments
• Spray
• Domain Password Audit Tool for Pentesters
• PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server

Web Security

• Gobuster
• Knock Subdomain Scan
• Cross-Site Content (Data) Hijacking (XSCH) PoC Project
• Sublist3r
• shellfire - Exploitation shell for exploiting LFI, RFI, and command injection vulnerabilities
• b374k shell
• Flashbang
• firepwd - decrypt Mozilla protected passwords
• OWASP Skanda - SSRF Exploitation Framework
• JS Beautifier
• httpscreenshot
• Aquatone - A Tool for Domain Flyovers
• dirsearch
• parameth - This tool can be used to brute discover GET and POST parameters
• LinkFinder - A python script that finds endpoints in JavaScript files
• Firefox-Security-Toolkit
• Sparty - MS Sharepoint and Frontpage Auditing Tool
• WPSeku - Wordpress Security Scanner
• RAWR - Rapid Assessment of Web Resources
• Certificate Transparency Monitoring
• Qualys SSL Labs
• Mozilla Observatory
• Built With
• What CMS?
• Domain Hunter
• Drupwn
• EyeWitness
• SubBrute
• tko-subs
• XSS Payloads
• NoSQL injection payloads
• Tplmap - Server-Side Template Injection
• WPForce - Wordpress Attack Suite
• Weevely - Weaponized web shell
• zseano tutorials
• droopescan - plugin-based scanner for several CMS's
• Online JavaScript beautifier
• XSStrike - Advanced XSS Detection Suite
• Offensive Web Testing Framework (OWTF)
• Joomlavs - black box Joomla vulnerability scanner
• OWASP XSSER
• DOM XSS Scanner
• WhatWeb - Next generation web scanner
• GoLismero - The Web Knife
• Awesome XSS stuff
• ysoserial - A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization
• SubFinder is a subdomain discovery tool that discovers valid subdomains for websites

Cloud Security

• Bucket Finder
• S3Scanner - Scan for open S3 buckets and dump
• Nimbostratus - Tools for fingerprinting and exploiting Amazon cloud infrastructures

Reverse Engineering and Exploitation

• GDB exploitable plugin
• ILSpy - .NET Decompiler
• GDB dashboard
• PEDA - Python Exploit Development Assistance for GDB
• TWindbg - PEDA-like debugger UI for WinDbg
• Cuckoo Sandbox
• x64dbg
• ROPgadget
• GDB Enhanced Features
• Corelan blog

Malware analysis

• MultiAV scanner
• File Signatures
• File Signature Database
• SystemLookup filename lookup
• Malware Domain List

Information lists

• SecLists
• Default passwords
• WPS Flaw Vulnerable Devices
• RouterPasswords
• CIRT.net default passwords

OSINT

• Reverse Image Search
• WolframAlpha
• Shodan
• Censys
• Search Engine Colossus
• IP Address Locator
• IP address location
• MX Toolbox
• DNSgoodies
• IPv4info
• Hurricane Electric BGP Toolkit
• DNSlytics
• Domaintools whois
• Gitrob
• GitHarvester
• GitMiner
• Gitleaks
• Truffle Hog
• Intel Techniques Tools
• LinkedInt: A LinkedIn scraper for reconnaissance during adversary simulation
• Robtex
• Kloth.net Online Tools and Services
• FOCA
• OSINT Flowcharts
• Wigle Wireless Network Mapper
• Censys subdomain finder
• Domain Dossier
• OSINT Team
• OSINT Framework
• Danger-zone - Correlate data between domains, IPs and email addresses, present it as a graph and store everything into Elasticsearch and JSON files
• SpiderFoot - OSINT automation
• intoDNS - checks the health and configuration and provides DNS report and mail servers report
• https://w3dt.net/ - www tools
• OnlineDomainTools

Recon

• ReconScan - Network reconnaissance and vulnerability assessment tools
• Discover scripts
• Reconnoitre

Exploits & payloads

• Tater - PowerShell implementation of the Hot Potato Windows Privilege Escalation exploit
• PayloadsAllTheThings - A list of useful payloads and bypass for Web Application Security and Pentest/CT
• Potato Privilege Escalation on Windows 7,8,10, Server 2008, Server 2012
• Rhino Security Labs exploits
• luckystrike - PowerShell based utility for the creation of malicious Office macro documents
• CACTUSTORCH: Payload Generation for Adversary Simulations

Reporting

• Serpico - SimplE RePort wrIting and CollaboratiOn tool
• Vulnreport - Pentesting management and automation platform
• nmap-bootstrap-xsl

Offensive security / Red Team

• Nishang - PowerShell for penetration testing and offensive security
• Python tools for penetration testers
• CrackMapExec - A swiss army knife for pentesting networks
• TrustedSec tools
• fuzzbunch
• A Red Teamer's guide to pivoting
• byt3bl33d3r tools
• dafthack tools
• Ruler - A tool to abuse Exchange services
• Impacket - collection of Python classes for working with network protocols
• GoFetch - automatically exercise an attack plan generated by BloodHound
• Responder
• MDSec Research tools
• EQGRP Lost in Translation
• Red team Arsenal
• RouterSploit
• WarBerryPi - Tactical Exploitation
• Atomic Red Team
• RTFM
• MITRE™ ATT&CK tools
• Unicorn - PowerShell downgrade attack and inject shellcode straight into memory
• net-creds - Sniffs sensitive data from interface or pcap
• Awesome Red Teaming
• Red Teaming/Adversary Simulation Toolkit
• Active Directory Kill Chain Attack & Defense
• Merlin - cross-platform post-exploitation HTTP/2 C&C server and agent
• ODAT: Oracle Database Attacking Tool
• redteam-plan
• Red-Team-Infrastructure-Wiki
• Bizploit - SAP penetration testing

Linux security

• mimipenguin - dump the login password from the current linux user
• linux-exploit-suggester

Social engineering

• ReelPhish
• evilginx2 - MITM framework
• CredSniper - phishing framework
• Gophish
• King Phisher - Phishing Campaign Toolkit
• Phishing Frenzy - Ruby on Rails Phishing Framework
• Domain Hunter - Checks expired domains for categorization/reputation

Wireless

• eaphammer - Targeted evil twin attacks against WPA2-Enterprise

CTF

• IppSec

Browser add-ons

• Nimbus Capture
• Full Web Page Screenshots

Application Security

• Gauntlt - ruggedization framework that enables security testing that is usable by devs, ops and security
• OWASP Dependency Check
• RetireJS - scanner detecting the use of JavaScript libraries with known vulnerabilities
• devsecops-reference-architectures
• awesome-devsecops
• awesome-static-analysis
• grep rough audit - source code auditing tool
• tracy - A tool designed to assist with finding all sinks and sources of a web application

Mobile security

• Drozer - The Leading Security Assessment Framework for Android