____ ___ _____ .__
| | \______ _____/ ____\_ __| |
______ ______ | | / ___// __ \ __\ | \ | ______ ______
/_____/ /_____/ | | /\___ \\ ___/| | | | / |__ /_____/ /_____/
|______//____ >\___ >__| |____/|____/
\/ \/
open an issue if a link is dead, thanks
yara;network;https://github.com/plusvic/yara
haka;network;http://www.haka-security.org/
netdiscover;network discover;http://www.tuto-linux.com/tutoriel/netdiscover-scan-furtif-dun-reseau-avec-arp/
nmap;network scanner;https://nmap.org/download.html
vulscan;nmap script;https://github.com/scipag/vulscan
synscan;network scanner;https://packetstormsecurity.com/files/download/62221/synscan-5.0.tar.gz
webappalyzer;CMS identification;https://wappalyzer.com/
builtwith;CMS identification;http://builtwith.com/
nikto;web;https://github.com/sullo/nikto
dirbuster;web;https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project
fibratus;windows kernel;https://github.com/rabbitstack/fibratus
wafw00f;web;https://github.com/EnableSecurity/wafw00f
skipfish;web;https://code.google.com/archive/p/skipfish/
lastaudit;windows;https://lastaudit.wordpress.com/download/
subbrute;dns;https://github.com/TheRook/subbrute
BTA;active directory;https://bitbucket.org/iwseclabs/bta
wafw00f;waf;https://github.com/EnableSecurity/wafw00f
portquiz;network;http://portquiz.net/
massdns;dns;https://github.com/blechschmidt/massdns
dvcs-pillage;git;https://github.com/evilpacket/DVCS-Pillage
dmitry;web;apt-get install dmitry
sslyze;ssl;https://github.com/nabla-c0d3/sslyze
ssltest.sh;ssl;https://github.com/drwetter/testssl.sh/
LHF recon;multiple;https://github.com/blindfuzzy/LHF
pshtt;https;https://github.com/dhs-ncats/pshtt
fuzzdb;liste patern;https://github.com/fuzzdb-project/fuzzdb
sparta;linux;http://sparta.secforce.com/
operative;fingerprinting;https://github.com/graniet/operative-framework
SIPvicious;SIP;https://github.com/EnableSecurity/sipvicious
nmap;port scanner;https://nmap.org/
burp;web;http://portswigger.net/
Burp-Non-HTTP-Extension;web burp extension;https://github.com/summitt/Burp-Non-HTTP-Extension
zap;web;https://github.com/zaproxy/zaproxy/wiki/Downloads
sqlmap;sqli;http://sqlmap.org/
jsql-injection;sqli;https://github.com/ron190/jsql-injection
havij,sqli;http://itsecteam.com/
nessus;server;http://www.tenable.com/products/nessus/select-your-operating-system
metasploit;pentest framework;http://www.rapid7.com/products/metasploit/
sniper;pentest;https://github.com/1N3/Sn1per
BeEF;web;https://github.com/beefproject/beef
aircrack;wifi;http://www.aircrack-ng.org/
airsnort;wifi;http://sourceforge.net/projects/airsnort/
webscarab;fuzzer web;https://github.com/OWASP/OWASP-WebScarab
jBroFuzz;fuzzer web;https://sourceforge.net/projects/jbrofuzz/
wsfuzzer;fuzzer soap;https://sourceforge.net/projects/wsfuzzer/files/
zuff;fuzzer;https://github.com/samhocevar/zzuf/releases
sulley;fuzzer framework;https://github.com/OpenRCE/sulley
protofuzz;fuzzer protocol;https://sourceforge.net/projects/protofuzz/
comraider;fuzzer activex;https://github.com/dzzie/COMRaider
malybuzz;fuzzer network;http://eternal-todo.com/tools/malybuzz-network-fuzzer
peach;fuzzer;http://www.peachfuzzer.com/resources/peachcommunity/
radamsa;fuzzer;https://github.com/aoh/radamsa
xsshunter;web xss;https://github.com/mandatoryprogrammer/xsshunter
xsspy;web;https://github.com/faizann24/XssPy/
kerberom;windows;https://github.com/Fist0urs/kerberom
BruteXSS;xss;https://github.com/shawarkhanethicalhacker/BruteXSS
otori;xee;http://www.beneaththewaves.net/Software/On_The_Outside_Reaching_In.html#Downloads
apktool;apk;http://ibotpeaches.github.io/Apktool/
fiddler;web;https://www.telerik.com/download/fiddler
mimikittenz;win;https://github.com/putterpanda/mimikittenz
choronzon;fuzzer;https://github.com/CENSUS/choronzon
smod;modbus;https://github.com/enddo/smod
vega;web;https://subgraph.com/vega
ridenum;windows;https://github.com/trustedsec/ridenum
vsaudit;VOIP;https://github.com/sanvil/vsaudit
Responder;windows;https://github.com/lgandx/Responder
PowerSploit;windows;https://github.com/PowerShellMafia/PowerSploit
LLMNR;powershell;https://github.com/nbs-system/php-malware-finder
mimipenguin;linux;https://github.com/huntergregal/mimipenguin
getsploit;getsploit;https://github.com/vulnersCom/getsploit
winpayloads;win payloads;https://github.com/nccgroup/winpayloads
CrackMapExec;network scan/AD;https://github.com/byt3bl33d3r/CrackMapExec
nipper;fw;https://www.titania.com/products/nipper-studio
lynis;linux;https://cisofy.com/lynis/
scan-build;c;http://clang-analyzer.llvm.org/scan-build.html
debsecan;debian;http://www.enyo.de/fw/software/debsecan/
lunar;linux;https://github.com/lateralblast/lunar
dockerscan;linux;https://github.com/cr0hn/dockerscan
pingcastle;AD;https://www.pingcastle.com/
hashcat;hash;http://hashcat.net/hashcat/
john;hash;http://www.openwall.com/john/
Durvasav-BfPC;hash;https://github.com/vishnumaiea/Durvasav-BfPC
luckystrike;xlsx;https://github.com/Shellntel/luckystrike
dasmalwerk;malware dl;http://dasmalwerk.eu/
malware-traffic-analysis;db and analys;http://www.malware-traffic-analysis.net
snort;ids;https://www.snort.org/downloads
suricata;ids;https://suricata-ids.org/download/
bro;ids;https://www.bro.org/download/index.html
urlcrazy;dns typo squatting;https://tools.kali.org/information-gathering/urlcrazy
dnstwist;dns typo squatting;https://github.com/elceef/dnstwist
fireaway;ngfw pypass;https://github.com/tcstool/fireaway
gdb;linux;http://www.gnu.org/software/gdb/download/
gdb.init;linux;https://gist.github.com/CocoaBeans/1879270
gdb UI;linux;https://github.com/cs01/gdbgui/
peda;gdb;https://github.com/longld/peda
ida;windows/linux;https://www.hex-rays.com/products/ida/support/download.shtml
radar;windows/linux;http://radare.org/r/down.html
objdump;linux;
ollydbg;windows;http://www.ollydbg.de/
binwalk;firmware;http://binwalk.org/
peid;windows;https://www.aldeid.com/wiki/PEiD
dnSpy;.NET;https://github.com/0xd4d/dnSpy
veles;binary;https://codisec.com/veles/
foremost;linux;
photorec;linux;
hachoir-subfile;linux;apt-get install python-hachoir-subfile
testdisk;;http://www.cgsecurity.org/wiki/TestDisk_FR
RecuperaBit;reconstruct file;https://github.com/Lazza/RecuperaBit
peepdf;pdf;http://eternal-todo.com/tools/peepdf-pdf-analysis-tool
t50;network;https://sourceforge.net/projects/t50/
tcpdump;linux
tshark;linux/win
wireshark;linux/win
netcat/nc;linux
sniffles;generator;https://github.com/petabi/sniffles
dnscat2;tunnel;https://github.com/iagox86/dnscat2
petabi;pcap generator;http://petabi.com/
netsniff-ng;network;https://github.com/netsniff-ng/netsniff-ng
Pcapviz;graff pcap;https://github.com/mateuszk87/PcapViz
iftop;linux stat;iftop
shodan;searchEngine;https://www.shodan.io
censys;searchEngine;https://www.censys.io/
zoomeye;searchEngine;https://www.zoomeye.org/
exploitsearch;exploit;http://www.exploitsearch.net/
exploit-db;exploit;https://www.exploit-db.com/
vulnerabilities,vuln;https://www.seebug.org/
International Journal of Proof-of-Concept or Get The Fuck Out;ebook;https://www.alchemistowl.org/pocorgtfo/
Matroschka;stegano;https://github.com/fgrimme/Matroschka
public-pentesting-reports;report;https://github.com/juliocesarfort/public-pentesting-reports
apkr;android;https://github.com/zerjioang/apkr
genymotion;emulator;https://www.genymotion.com
metasploit-unleashed;free training;https://www.offensive-security.com/metasploit-unleashed
bWapp;web vuln;http://www.itsecgames.com/
building-your-own-pentesting-environment;lab;http://resources.infosecinstitute.com/building-your-own-pentesting-environment/
webgoat;java vuln;https://github.com/webgoat
pwnos;vuln;http://pwnos.com/
pentesterlab;training;https://www.pentesterlab.com/
WordSteal;linux;https://github.com/0x090x0/WordSteal
websec;challenge;https://websec.fr
maltran;malware;https://github.com/MalwareReverseBrasil/maltran
natas;challenge;http://overthewire.org/wargames/natas/
hackthebox;challenge;https://www.hackthebox.eu/en
OSCP-Survival-Guide;oscp;https://github.com/frizb/OSCP-Survival-Guide
Awesome-Hacking-Resources;link;https://github.com/vitalysim/Awesome-Hacking-Resources
tinyshell;php;https://github.com/lawrenceamer/tinyshell
weevely;backdoor php;http://tools.kali.org/maintaining-access/weevely
php-reverse-shell;php reverse;http://pentestmonkey.net/tools/web-shells/php-reverse-shell
pupy;rat;https://github.com/n1nj4sec/pupy
ThunderShell;PS;https://github.com/Mr-Un1k0d3r/ThunderShell
php-web-shell;webshell php list;https://github.com/JohnTroony/php-webshells
king-phisher;fishing;https://github.com/securestate/king-phisher/releases
CeWL;genrator on url;https://github.com/digininja/CeWL
scapy-fakeap;fakeap;https://github.com/rpp0/scapy-fakeap
LANs;mitm;https://github.com/DanMcInerney/LANs.py
MITMf;mitm ++;https://github.com/byt3bl33d3r/MITMf
Lans;mitm;https://github.com/DanMcInerney/LANs.py
wmie;explorer;https://wmie.codeplex.com/
backbox;ISO;https://backbox.org
PlugBot-Plug;;https://github.com/redteamsecurity/PlugBot-Plug
exploitpack;exploit kit;https://exploitpack.com
webservice;*;http://www.ws-attacks.org/Welcome_to_WS-Attacks
regshot;regedit snapshot;https://sourceforge.net/projects/regshot/
luckystrike;xls word;https://www.shellntel.com/blog/2016/9/13/luckystrike-a-database-backed-evil-macro-generator
databases;db;https://www.databases.today/search.php
weakpass;password;http://weakpass.com/
canary;token;https://canarytokens.org
P4wnP1;windows;https://github.com/mame82/P4wnP1
Reptile; linux;https://github.com/f0rb1dd3n/Reptile
mailgun;mail;http://www.mailgun.com/
anonymous;OS;https://www.whonix.org/
owasp test list;pentest;https://www.owasp.org/index.php/Testing_Checklist
nmap (lua) IDE;nmap;http://halcyon-ide.org/
http-screenshot;nmap nse;https://github.com/SpiderLabs/Nmap-Tools/blob/master/NSE/http-screenshot.nse
penbox;pentest framework;https://github.com/x3omdax/PenBox
wireguard;vpn;https://www.wireguard.io/
Serpico;repport pentest;https://github.com/SerpicoProject/Serpico
winfsp;windows;https://github.com/billziss-gh/winfsp
encode;encode;https://encoder.mattiasgeniar.be/index.php
vulnreport;report;http://vulnreport.io/
metame;code mutation;https://github.com/a0rtega/metame
stemjail;jail;https://stemjail.github.io/
pwnmalw;vuln in malware;https://www.pwnmalw.re/
screentogif;record;https://screentogif.codeplex.com/
php-security-pitfalls;test vuln web;https://github.com/joostvanveen/php-security-pitfalls
SEI+CERT+Coding+Standards;code standard;https://www.securecoding.cert.org/confluence/display/seccode/SEI+CERT+Coding+Standards
HTTP-Over-Protocol;tunnel;https://github.com/sakshamsharma/HTTP-Over-Protocol
scans.io;db;https://scans.io/
agarri; nicolas gregoire;http://www.agarri.fr/en/index.html
Linux_Exploit_Suggester;linux;https://github.com/PenturaLabs/Linux_Exploit_Suggester
Windows-Exploit-Suggester;windows;https://github.com/GDSSecurity/Windows-Exploit-Suggester
sandcat;browser;http://www.syhunt.com/sandcat/
dracos-linux;pentest OS;http://www.dracos-linux.org/
OWASP;recommandation;https://github.com/OWASP
Web_Application_Security_Testing_Cheat_Sheet;tests;https://www.owasp.org/index.php/Web_Application_Security_Testing_Cheat_Sheet
cryptomator;chiffrement cloud;https://cryptomator.org/
awesome-pentest;tools;https://github.com/enaqx/awesome-pentest
g0tmi1k;blog;https://blog.g0tmi1k.com
CyberChef; enc dec code decode;https://gchq.github.io/CyberChef/
kakoune;text editor;http://kakoune.org/
Parallel Processing Shell Script;bash;https://github.com/louwrentius/PPSS
cyberprobe;attack monitoring;http://cyberprobe.sourceforge.net/
pushed;phone notification;https://pushed.co
freegeoip;freegeoip;https://freegeoip.net
awesome-malware-analysis;tools;https://github.com/rshipp/awesome-malware-analysis
laverna;notes;https://laverna.cc
Metarouter;network;https://wiki.mikrotik.com/wiki/Manual:Metarouter
ShadowBuster;vuln map;https://github.com/indeedops/ShadowBuster
certbot;cert ssl free;https://certbot.eff.org/
panwdbl;malwareIPdB;http://panwdbl.appspot.com/
conemu;telnet client;https://conemu.github.io/
testconnectivity;mail header;https://testconnectivity.microsoft.com/
hiddent-tear;ransomware code;https://github.com/goliate/hidden-tear
Heap Exploitation;learning;https://heap-exploitation.dhavalkapil.com/
pentest-cheat-sheets;pentest-cheat-sheets;https://github.com/coreb1t/awesome-pentest-cheat-sheets
osquery;survey;https://osquery.io/
postgresql_online_compiler;postgreSQL;http://rextester.com/l/postgresql_online_compiler;
pumascan;.NET analyser vuln;https://www.pumascan.com/
scikit-learn;python machine learning;http://scikit-learn.org
cutycapt;cli screenshot linux;http://cutycapt.sourceforge.net/
php rop gadget;php;https://www.ambionics.io/blog/php-generic-gadget-chains
saucs;alerte CVE;https://www.saucs.com/
wireguard;vpn;https://www.wireguard.com/
atom;text editor;https://atom.io/docs
pbscan;mass port scanner;https://github.com/gvb84/pbscan
Ironsquirrel;Encrypted exploit delivery for browser;https://github.com/MRGEffitas/Ironsquirrel
asciinema;linux cli recorder;https://asciinema.org/
ufw;linux iptables;https://linuxconfig.org/how-to-install-and-use-ufw-firewall-on-linux
phantom;orchestration;https://www.phantom.us/