2018-04-02 12:22:02 +00:00
# Hacker Roadmap
2018-04-02 12:29:48 +00:00
This repository is a summary of hacking tools to practice ethical hacking, pen testing and web security. Most of these tools are UNIX compatible and MIT licensed.
2018-04-02 12:22:02 +00:00
## Tools by category
2018-04-02 12:29:48 +00:00
#### :male_detective: Information Gathering
2018-04-02 12:22:02 +00:00
Information Gathering tools allows you to collect host metadata about services and users. Check informations about a domain, IP address, phone number or an email address.
2018-04-02 13:37:46 +00:00
- [Th3inspector ](https://github.com/Moham3dRiahi/Th3inspector ) **Perl** | `Linux/Windows/MacOS` | All in one tool for Information Gathering written in Perl.
- [Crips ](https://github.com/Manisso/Crips ) **Python** | `Linux/Android` | IP Tools To quickly get information about IP Address's, Web Pages and DNS records.
2018-04-02 12:22:02 +00:00
2018-04-02 12:29:48 +00:00
#### :lock: Password Attacks
2018-04-02 12:22:02 +00:00
Crack passwords and create wordlists.
...
2018-04-02 12:29:48 +00:00
#### :globe_with_meridians: Wireless Testing
2018-04-02 12:22:02 +00:00
Used for intrusion detection and wifi attacks.
2018-04-02 14:13:56 +00:00
- [Aircrack ](https://github.com/aircrack-ng/aircrack-ng ) **C** | `Linux/Windows/MacOS` | WiFi security auditing tools suite.
2018-04-02 12:22:02 +00:00
2018-04-02 12:29:48 +00:00
#### :wrench: Exploitation Tools
2018-04-02 12:22:02 +00:00
Acesss systems and data with service-oriented exploits.
2018-04-02 13:40:18 +00:00
- [SQLmap ](https://github.com/sqlmapproject/sqlmap ) **Python** | `Linux/Windows/MacOS` | Automatic SQL injection and database takeover tool.
2018-04-02 13:37:46 +00:00
- [XSStrike ](https://github.com/UltimateHackers/XSStrike ) **Python** | `Linux/Windows/MacOS` | Advanced XSS detection and exploitation suite.
2018-04-02 12:22:02 +00:00
2018-04-02 12:29:48 +00:00
#### :busts_in_silhouette: Sniffing & Spoofing
2018-04-02 12:22:02 +00:00
Listen to network traffic or fake a network entity.
...
2018-04-02 12:29:48 +00:00
#### :rocket: Web Hacking
2018-04-02 12:22:02 +00:00
Exploit popular CMSs that are hosted online.
2018-04-02 14:15:27 +00:00
- [WPScan ](https://github.com/wpscanteam/wpscan ) **Ruby** | `Linux/Windows/MacOS` | WPScan is a black box WordPress vulnerability scanner.
2018-04-02 14:20:34 +00:00
- [Droopescan ](https://github.com/droope/droopescan ) **Python** | `Linux/Windows/MacOS` | A plugin-based scanner to identify issues with several CMSs, mainly Drupal & Silverstripe.
- [Joomscan ](https://github.com/rezasp/joomscan ) **Perl** | `Linux/Windows/MacOS` | Joomla Vulnerability Scanner.
2018-04-02 12:22:02 +00:00
2018-04-02 12:29:48 +00:00
#### :zap: Private Web Hacking
2018-04-02 12:22:02 +00:00
Access files and databases.
...
2018-04-02 12:29:48 +00:00
#### :tada: Post Exploitation
2018-04-02 12:22:02 +00:00
Exploits for after you have already gained access.
...
2018-04-02 13:05:39 +00:00
#### :package: Frameworks
2018-04-02 12:22:02 +00:00
2018-04-02 12:31:00 +00:00
Frameworks are packs of pen testing tools with custom shell navigation and documentation.
2018-04-02 12:22:02 +00:00
2018-04-02 14:05:12 +00:00
- [Metasploit ](https://github.com/rapid7/metasploit-framework ) **Ruby** | `Linux/Windows/MacOS` | A penetration testing framework for ethical hackers.
- [fsociety ](https://github.com/Manisso/fsociety ) **Python** | fsociety Hacking Tools Pack – A Penetration Testing Framework.
2018-04-02 14:13:56 +00:00
- [cSploit ](https://github.com/cSploit/android ) **Java** | `Android` | The most complete and advanced IT security professional toolkit on Android.