Total Pageviews

Saturday 15 April 2017

awesome hacking

A curated list of awesome Hacking tutorials, tools and resources.

For a list of free hacking books available for download, go here

Table of Contents

System

Tutorials

Tools

  • Metasploit A computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.
  • mimikatz - A little tool to play with Windows security

Docker Images for Penetration Testing & Security

General

Reverse Engineering

Tutorials

Tools

  • [nudge4j] (https://github.com/lorenzoongithub/nudge4j) - Java tool to let the browser talk to the JVM
  • IDA - IDA is a Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger
  • OllyDbg - A 32-bit assembler level analysing debugger for Windows
  • x64dbg - An open-source x64/x32 debugger for Windows
  • dex2jar - Tools to work with Android .dex and Java .class files
  • JD-GUI - A standalone graphical utility that displays Java source codes of “.class” files
  • procyon - A modern open-source Java decompiler
  • androguard - Reverse engineering, malware and goodware analysis of Android applications
  • JAD - JAD Java Decompiler (closed-source, unmaintained)
  • dotPeek - a free-of-charge .NET decompiler from JetBrains
  • ILSpy - an open-source .NET assembly browser and decompiler
  • dnSpy - .NET assembly editor, decompiler, and debugger
  • de4dot - .NET deobfuscator and unpacker.
  • antinet - .NET anti-managed debugger and anti-profiler code
  • UPX - the Ultimate Packer for eXecutables
  • radare2 - A portable reversing framework
  • plasma - Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.
  • Hopper - A OS X and Linux Disassembler/Decompiler for 32/64-bit Windows/Mac/Linux/iOS executables.
  • ScratchABit - Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API

General

Web

Tools

  • sqlmap - Automatic SQL injection and database takeover tool
  • tools.web-max.ca - base64 base85 md4,5 hash, sha1 hash encoding/decoding

Network

Tools

  • Wireshark - A free and open-source packet analyzer
  • NetworkMiner - A Network Forensic Analysis Tool (NFAT)
  • tcpdump - A powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture
  • Paros - A Java-based HTTP/HTTPS proxy for assessing web application vulnerability
  • pig - A Linux packet crafting tool
  • ZAP - The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications
  • mitmproxy - An interactive, SSL-capable man-in-the-middle proxy for HTTP with a console interface
  • mitmsocks4j - Man-in-the-middle SOCKS Proxy for Java
  • nmap - Nmap (Network Mapper) is a security scanner
  • Aircrack-ng - An 802.11 WEP and WPA-PSK keys cracking program
  • Charles Proxy - A cross-platform GUI web debugging proxy to view intercepted HTTP and HTTPS/SSL live traffic
  • Nipe - A script to make Tor Network your default gateway.

Forensic

Tools

  • Autospy - A digital forensics platform and graphical interface to The Sleuth Kit and other digital forensics tools
  • sleuthkit - A library and collection of command-line digital forensics tools
  • EnCase - The shared technology within a suite of digital investigations products by Guidance Software
  • malzilla - Malware hunting tool
  • PEview - A quick and easy way to view the structure and content of 32-bit Portable Executable (PE) and Component Object File Format (COFF) files
  • HxD - A hex editor which, additionally to raw disk editing and modifying of main memory (RAM), handles files of any size
  • WinHex - A hexadecimal editor, helpful in the realm of computer forensics, data recovery, low-level data processing, and IT security
  • BinText - A small, very fast and powerful text extractor that will be of particular interest to programmers

Cryptography

Tools

  • xortool - A tool to analyze multi-byte XOR cipher
  • John the Ripper - A fast password cracker
  • Aircrack - Aircrack is 802.11 WEP and WPA-PSK keys cracking program.

Wargame

System

Reverse Engineering

  • Reversing.kr - This site tests your ability to Cracking & Reverse Code Engineering
  • CodeEngn - (Korean)
  • simples.kr - (Korean)
  • Crackmes.de - The world first and largest community website for crackmes and reversemes.

Web

  • Hack This Site! - a free, safe and legal training ground for hackers to test and expand their hacking skills
  • Webhacking.kr
  • 0xf.at - a website without logins or ads where you can solve password-riddles (so called hackits).

Cryptography

CTF

Competition

General

OS

Online resources

ETC

  • SecTools - Top 125 Network Security Tools
from https://github.com/carpedm20/awesome-hacking
-----------

A collection of various awesome lists for hackers.

Awesome Hacking

A collection of awesome lists for hackers, pentesters & security researchers.
Your contributions are always welcome !

Awesome Repositories

Repository Description
Android Security Collection of Android security related resources
AppSec Resources for learning about application security
Bug Bounty List of Bug Bounty Programs and write-ups from the Bug Bounty hunters
Cheatsheets Penetration Testing / Security Cheatsheets
CTF List of CTF frameworks, libraries, resources and softwares
Cyber Skills Curated list of hacking environments where you can train your cyber skills legally and safely
DevSecOps List of awesome DevSecOps tools with the help from community experiments and contributions
Exploit Development Resources for learning about Exploit Development
Fuzzing List of fuzzing resources for learning Fuzzing and initial phases of Exploit Development like root cause analysis
Hacking List of awesome Hacking tutorials, tools and resources
Honeypots List of honeypot resources
Incident Response List of tools for incident response
Industrial Control System Security List of resources related to Industrial Control System (ICS) security
InfoSec List of awesome infosec courses and training resources
IoT Hacks Collection of Hacks in IoT Space
Malware Analysis List of awesome malware analysis tools and resources
OSINT List of amazingly awesome Open Source Intelligence (OSINT) tools and resources
OSX and iOS Security OSX and iOS related security tools
Pcaptools Collection of tools developed by researchers in the Computer Science area to process network traces
Pentest List of awesome penetration testing resources, tools and other shiny things
PHP Security Libraries for generating secure random numbers, encrypting data and scanning for vulnerabilities
Reversing List of awesome reverse engineering resources
Sec Talks List of awesome security talks
SecLists Collection of multiple types of lists used during security assessments
Security Collection of awesome software, libraries, documents, books, resources and cools stuffs about security
Static Analysis List of static analysis tools, linters and code quality checkers for various programming languages
Threat Intelligence List of Awesome Threat Intelligence resources
Vehicle Security List of resources for learning about vehicle security and car hacking
Web Hacking List of web application security
Windows Exploitation List of awesome Windows Exploitation resources and shiny things
WiFi Arsenal Pack of various useful/useless tools for 802.11 hacking

Other useful repositories

Repository Description
APT Notes Various public documents, whitepapers and articles about APT campaigns
Bug Bounty Reference List of bug bounty write-up that is categorized by the bug nature
CTF Tool List of Capture The Flag (CTF) frameworks, libraries, resources and softwares
Forensics List of awesome forensic analysis tools and resources
Free Programming Books Free programming books for developers
Gray Hacker Resources Useful for CTFs, wargames, pentesting
Infosec Getting Started A collection of resources, documentation, links, etc to help people learn about Infosec
Infosec Reference Information Security Reference That Doesn't Suck
IOC Collection of sources of indicators of compromise
Linux Kernel Exploitation A bunch of links related to Linux kernel fuzzing and exploitation
Machine Learning for Cyber Security Curated list of tools and resources related to the use of machine learning for cyber security
Malware Scripts Useful scripts related with malware
PayloadsAllTheThings List of useful payloads and bypass for Web Application Security and Pentest/CTF
Pentest Cheatsheets Collection of the cheat sheets useful for pentesting
Pentest Wiki A free online security knowledge library for pentesters / researchers
Resource List Collection of useful GitHub projects loosely categorised
Reverse Engineering List of Reverse Engineering articles, books, and papers
RFSec-ToolKit Collection of Radio Frequency Communication Protocol Hacktools
Security Cheatsheets Collection of cheatsheets for various infosec tools and topics
Security List Great security list for fun and profit
Shell List of awesome command-line frameworks, toolkits, guides and gizmos to make complete use of shell

from https://github.com/Hack-with-Github/Awesome-Hacking

No comments:

Post a Comment