zaidmermam/PentestDictionary

A list of useful resources for pentesting, Bug Bounty, CTF and similars.

📌PENTEST DICTIONARY📌

A list of great resources for pentesting and similars.

Always try to search in internet for potential vulnerabilities, default credentials and things you don't know about.

If you want I will create a file for installing my system in a automatized way (zsh, bspwm, kitty, and more)

If you think my repository has been interesting please give me a star.

LISTS OF TOOLS

I will keep updated the project with new tools or changes.

• More Resources
• Fuzzing
• Scanning
• Network Exploitation
• Web Scanners
• Active Directory
• Bypassing
• Web Hacking
• Privilege Escalation
• Pivoting
• Payloads-Frameworks
• Famous Vulns
• HashCracking
• Wi-Fi
• Buffer Overflow
• Social Engineering
• OSINT
• Bluethooth
• Extra
• Captcha-ByPassing-Lab
• Browser Add-ons

---

⭕ DISCOVERY / FUZZING:

• wfuzz
• gobuster
• dirbuster
• dirb
• feroxbuster
• ffuz
• sublist3r

⭕ SCANNING / RECOGNIZEMENT:

• nmap
• masscan
• smbmap
• enum4linux
• rpcclient
• Bingoo (for dorking searching and exploitation)
• WhatWaf (useful to discover the exactly WAF of a server)
• whatw00f
• snmpwalk

⭕ NETWORK EXPLOITATION:

• crackmapexec
• Rubeus
• netcat
• nishang
• dig

⭕ WEB / CMS SCANNERS:

• WhatWeb (for identifying technologies on a webpage)
• wpscan (the best wordpress scanner)
• WPSeku
• joomscan

⭕ ACTIVE DIRECTORY / WINDOWS:

• mimikatz
• kerbrute
• impacket
• ldapdomaindump
• Responder
• evil-winrm
• ConPtyShell
• BloodHound
• ldapsearch
• neo4j
• SharpHound
• PowerSploit

⭕ BYPASSING RESTRICTIONS:

• PSByPassCLM (for bypassing ConstrainedLanguage)
• AppLocker
• Chimera
• Ebowla (not supported but useful)
• PowerShdll
• Chankro
• PHP_disabled_functions
• Phantom-Evasion (for bypassing antivirus)

⭕ WEB HACKING:

• Burp Suite (for intercepting web requests)
• sqlmap
• NoSQLMap
• kiterunner
• xsshunter

⭕ PRIVILEGE ESCALATION:

• PEASS-ng (the best system enumeration tool)
• LinEnum
• Windows-Exploit-Suggester
• GTFOBins (binaries exploitations)
• juicy-potato (for abusing SeImpersonatePrivilege)
• pspy (for capturing running processes)
• JAWS
• BeRoot

⭕ PIVOTING:

• socat
• proxychains (for establishing connections with proxys)
• chisel (used for port forwarding)
• Precompiled-Binaries
• reGeorg (used for port forwarding throught a uploaded file)
• proxify

⭕ PAYLOADS / AUTOMATED EXPLOITATION:

• searchsploit
• metasploit (Not allowed in the OSCP)
• merlin
• Graffiti
• legion
• SILENTTRINITY
• Covenant
• msfvenom (the best shellcode/exploit generator)
• bin-sploits
• One-Lin3r (a framework with a useful list of one-liners)

⭕ FAMOUS VULNS:

• eternal-blue
• heartbleed
• dirtycow
• shellshock
• Log4j
• Dirty-Pipe
• Pwnkit

⭕ CRYPTOGRAPHY / HASH CRACKING:

• john (And john variants like ssh2john or zip2john...)
• hashcat
• CyberChef (for resolving a lot of crypto CFTs)
• hash-identifier
• HashID
• Crackstation (a huge list of rainbow tables with precomputed hashes)
• NameThatHash (for identifying unknown hashes)
• quipqiup

⭕ WI-FI:

• aircrack-ng (the well known aircrack suite)
• Wireshark (for intercepting wifi and bluethooth packets)
• wifite2
• macchanger
• bettercap
• Pyrit
• hcxtools
• Evil-Trust (for the evil twin attack)
• wifiphiser
• routersploit

⭕ DEBUGGING / BUFFER OVERFLOW:

• brakeman
• radare2 (for debugging in the terminal)
• gdb
• gef (It's a gdb extension)
• peda
• ghydra (a debugging framework developed by the NSA)
• ropper (for searching gadgets)
• InmunityDebugger
• badchars
• x64dbg
• mona
• apktool (for debugging apk files)
• dotPeek

⭕ SOCIAL ENGINEERING:

• gophish (the best tool for creating templates and campaigns)
• SET
• urlcrazy
• theHarvester
• CredSniper
• BeEF
• goclone
• Mythic-Macro-Generator
• KnockMail
• evilginx2
• Amass

⭕ OSINT:

• Maltego
• Shodan (The famous IoT browser)
• recon-ng
• WayBack Machine (A big list of websites, databases, and more)
• OSINT Framework
• email2phonenumber
• Ahria
• PhoneInfoga
• Ashok
• TinEye

⭕ BLUETHOOTH:

• spooftooph
• bettercap
• hcitool
• esptool
• wireshark

⭕ EXTRAS:

• CommandoVM (a totaly offensive windows machine)
• GitTools
• DDexec
• odat
• Ghostpack
• exiftool (used to view the metadata of a file)
• cewl (for creating dictionaries based on a webpage)
• rlwrap
• phpsploit
• rootkit
• onesixtyone (for bruteforcing SNMP string)
• Honeypot
• HomePWN (an IoT device pwner)
• Gopherus
• Stego-Toolkit
• PRET (for printer exploitation)
• deserialization-Log4j
• jwt_tool
• RsaCtfTool
• dronesploit
• Reptile (A linux rootkit)
• SprayingToolkit (used for password spraying)

⭕ USEFUL BROWSER ADD-ONS:

• FoxyProxy
• Wappalyzer (for web scanning)
• EasyXSS
• Authenticator
• DarkReader
• Anonymox
• Keepass

📝 REFERENCES:

• Reverse-Shells
• PayloadsAllTheThings
• VirusTotal
• Wrappers
• ExploitDB
• HackTricks
• Buffer-Overflow
• Wifi-Cheat-Sheet
• CVE
• AppLockerByPass
• SecLists
• My-Setup
• HackingDream
• Vulnhub
• PHP-Webshell
• MalwareSourceCode
• Reverse Shell Generator
• Pivoting-Cheat-Sheet
• HackTheBox-Writeups
• ViewDns
• Linux-Functions
• Spanish-Pentesting
• English-Pentesting

---

⚪ Created by D3Ext