([Table of Contents](#table-of-contents)) # Tools by category #### :male_detective: Information Gathering Information Gathering tools allows you to collect host metadata about services and users. Check informations about a domain, IP address, phone number or an email address. | Tool | Language | Support | Description | | ----------- |-------------------------|----------|----------------| | [Th3inspector](https://github.com/Moham3dRiahi/Th3inspector) | **Perl** | `Linux/Windows/macOS` | All in one tool for Information Gathering written in Perl. | | [Crips](https://github.com/Manisso/Crips) | **Python** | `Linux/Windows/macOS` | IP Tools To quickly get information about IP Address's, Web Pages and DNS records. | | [theHarvester](https://github.com/laramies/theHarvester) | **Python** | `Linux/Windows/macOS` | E-mails, subdomains and names Harvester. | | [Scanless](https://github.com/vesche/scanless) | **Python** | `Linux/Windows/macOS` | Online port scan scraper. | | [CTFR](https://github.com/UnaPibaGeek/ctfr) | **Python** | `Linux/Windows/macOS` | Abusing Certificate Transparency logs for getting HTTPS websites subdomains. | | [Sn1per](https://github.com/1N3/Sn1per) | **bash** | `Linux/macOS` | Automated Pentest Recon Scanner. | | [ReconDog](https://github.com/s0md3v/ReconDog) | **Python** | `Linux/Windows/macOS` | Recon Dog is an all in one tool for all your basic information gathering needs. | | [RED Hawk](https://github.com/Tuhinshubhra/RED_HAWK) | **PHP** | `Linux/Windows/macOS` | All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers. | | [Infoga](https://github.com/m4ll0k/Infoga) | **Python** | `Linux/Windows/macOS` | Email Information Gathering. | | [KnockMail](https://github.com/4w4k3/KnockMail) | **Python** | `Linux/Windows/macOS` | Check if email address exists. | | [Photon](https://github.com/s0md3v/Photon) | **Python** | `Linux/Windows/macOS` | Crawler which is incredibly fast and extracts urls, emails, files, website accounts and much more. | | [Rapidscan](https://github.com/skavngr/rapidscan) | **Python** | `Linux/Windows/macOS` | The Multi-Tool Web Vulnerability Scanner. | | [a2sv](https://github.com/hahwul/a2sv) | **Python** | `Linux/Windows/macOS` | Auto Scanning to SSL Vulnerability. | | [Wfuzz](https://github.com/xmendez/wfuzz) | **Python** | `Linux/Windows/macOS` | Web application fuzzer. | | [Nmap](https://github.com/nmap/nmap) | **C/C++** | `Linux/Windows/macOS` | Scanner ports vulnerability. | | [Dracnmap](https://github.com/Screetsec/Dracnmap) | **Shell** | `Linux/Windows/macOS` | open source program which is using to exploit the network and gathering information with nmap | #### :lock: Password Attacks Crack passwords and create wordlists. | Tool | Language | Support | Description | | ----------- |-------------------------|----------|----------------| | [John the Ripper](https://github.com/magnumripper/JohnTheRipper) | **C** | `Linux/Windows/macOS` | John the Ripper is a fast password cracker. | | [hashcat](https://github.com/hashcat/hashcat) | **C** | `Linux/Windows/macOS` | World's fastest and most advanced password recovery utility. | | [Hydra](https://github.com/vanhauser-thc/thc-hydra) | **C** | `Linux/Windows/macOS` | Parallelized login cracker which supports numerous protocols to attack. | | [ophcrack](https://gitlab.com/objectifsecurite/ophcrack) | **C++** | `Linux/Windows/macOS` | Windows password cracker based on rainbow tables. | | [Ncrack](https://github.com/nmap/ncrack) | **C** | `Linux/Windows/macOS` | High-speed network authentication cracking tool. | | [WGen](https://github.com/agusmakmun/Python-Wordlist-Generator) | **Python** | `Linux/Windows/macOS` | Create awesome wordlists with Python. | | [SSH Auditor](https://github.com/ncsa/ssh-auditor) | **Go** | `Linux/macOS` | The best way to scan for weak ssh passwords on your network. | ###### :memo: Wordlists | Tool | Description | | ----------- |----------------| | [Probable Worlist](https://github.com/berzerk0/Probable-Wordlists) | Wordlists sorted by probability originally created for password generation and testing. | #### :globe_with_meridians: Wireless Testing Used for intrusion detection and wifi attacks. | Tool | Language | Support | Description | | ----------- |-------------------------|----------|----------------| | [Aircrack](https://github.com/aircrack-ng/aircrack-ng) | **C** | `Linux/Windows/macOS` | WiFi security auditing tools suite. | | [bettercap](https://github.com/bettercap/bettercap) | **Go** | `Linux/Windows/macOS/Android` | bettercap is the Swiss army knife for network attacks and monitoring. | | [WiFi Pumpkin](https://github.com/P0cL4bs/WiFi-Pumpkin) | **Python** | `Linux/Windows/macOS/Android` | Framework for Rogue Wi-Fi Access Point Attack. | | [Airgeddon](https://github.com/v1s1t0r1sh3r3/airgeddon) | **Shell** | `Linux/Windows/macOS` | This is a multi-use bash script for Linux systems to audit wireless networks. | | [Airbash](https://github.com/tehw0lf/airbash) | **C** | `Linux/Windows/macOS` | A POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing. | #### :wrench: Exploitation Tools Acesss systems and data with service-oriented exploits. | Tool | Language | Support | Description | | ----------- |-------------------------|----------|----------------| | [SQLmap](https://github.com/sqlmapproject/sqlmap) | **Python** | `Linux/Windows/macOS` | Automatic SQL injection and database takeover tool. | | [XSStrike](https://github.com/UltimateHackers/XSStrike) | **Python** | `Linux/Windows/macOS` | Advanced XSS detection and exploitation suite. | | [Commix](https://github.com/commixproject/commix) | **Python** | `Linux/Windows/macOS` | Automated All-in-One OS command injection and exploitation tool. | #### :busts_in_silhouette: Sniffing & Spoofing Listen to network traffic or fake a network entity. | Tool | Language | Support | Description | | ----------- |-------------------------|----------|----------------| | [Wireshark](https://www.wireshark.org) | **C/C++** | `Linux/Windows/macOS` | Wireshark is a network protocol analyzer. | | [WiFi Pumpkin](https://github.com/P0cL4bs/WiFi-Pumpkin) | **Python** | `Linux/Windows/macOS/Android` | Framework for Rogue Wi-Fi Access Point Attack. | | [Zarp](https://github.com/hatRiot/zarp) | **Python** | `Linux/Windows/macOS` | A free network attack framework. | #### :rocket: Web Hacking Exploit popular CMSs that are hosted online. | Tool | Language | Support | Description | | ----------- |-------------------------|----------|----------------| | [WPScan](https://github.com/wpscanteam/wpscan) | **Ruby** | `Linux/Windows/macOS` | WPScan is a black box WordPress vulnerability scanner. | | [Droopescan](https://github.com/droope/droopescan) | **Python** | `Linux/Windows/macOS` | A plugin-based scanner to identify issues with several CMSs, mainly Drupal & Silverstripe. | | [Joomscan](https://github.com/rezasp/joomscan) | **Perl** | `Linux/Windows/macOS` | Joomla Vulnerability Scanner. | | [Drupwn](https://github.com/immunIT/drupwn) | **Python** | `Linux/Windows/macOS` | Drupal Security Scanner to perform enumerations on Drupal-based web applications. | | [Webpwn3r](https://github.com/zigoo0/webpwn3r) | **Python** | `Linux/Windows/macOS` | Web Applications Security Scanner. | | [CMSeek](https://github.com/Tuhinshubhra/CMSeek) | **Python** | `Linux/Windows/macOS` | CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and 130 other CMSs. | #### :tada: Post Exploitation Exploits for after you have already gained access. | Tool | Language | Support | Description | | ----------- |-------------------------|----------|----------------| | [TheFatRat](https://github.com/Screetsec/TheFatRat) | **Java** | `Linux/Windows/macOS` | Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack, dll. | | [Microsploit](https://github.com/Screetsec/Microsploit) | **Shell** | `Linux/Windows/macOS` | Fast and easy create backdoor office exploitation using module metasploit packet , Microsoft Office , Open Office , Macro attack , Buffer Overflow. | #### :package: Frameworks Frameworks are packs of pen testing tools with custom shell navigation and documentation. | Tool | Language | Support | Description | | ----------- |-------------------------|----------|----------------| | [Operative Framework](https://github.com/graniet/operative-framework) | **Python** | `Linux/Windows/macOS` | Framework based on fingerprint action, this tool is used for get information on a website or a enterprise target with multiple modules. | | [Metasploit](https://github.com/rapid7/metasploit-framework) | **Ruby** | `Linux/Windows/macOS` | A penetration testing framework for ethical hackers. | | [fsociety](https://github.com/Manisso/fsociety) | **Python** | `Linux/Windows/macOS` | fsociety Hacking Tools Pack – A Penetration Testing Framework. | | [cSploit](https://github.com/cSploit/android) | **Java** | `Android` | The most complete and advanced IT security professional toolkit on Android. | | [radare2](https://github.com/radare/radare2) | **C** | `Linux/Windows/macOS/Android` | Unix-like reverse engineering framework and commandline tools. | | [Social Engineer Toolkit](https://github.com/trustedsec/social-engineer-toolkit) | **Python** | `Linux/macOS` | Penetration testing framework designed for social engineering. | | [hate_crack](https://github.com/trustedsec/hate_crack) | **Python** | `Linux/macOS` | A tool for automating cracking methodologies through Hashcat. | | [Wifiphisher](https://github.com/wifiphisher/wifiphisher) | **Python** | `Linux` | The Rogue Access Point Framework. | | [Kickthemout](https://github.com/k4m4/kickthemout) | **Python** | `Linux/macOS` | Kick devices off your network by performing an ARP Spoof attack. | | [Beef](https://github.com/beefproject/beef) | **Javascript** | `Linux/Windows/macOS` | The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. | ([Table of Contents](#table-of-contents)) # Additional resources - [Devbreak on Twitter](https://twitter.com/DevbreakFR) - [The Life of a Security Researcher](https://www.alienvault.com/blogs/security-essentials/the-life-of-a-security-researcher) - [Find an awesome hacking spots in your country](https://github.com/diasdavid/awesome-hacking-spots) - [Awesome-Hacking Lists](https://github.com/Hack-with-Github/Awesome-Hacking/blob/master/README.md) - [Crack Station](http://crackstation.net/) - [Exploit Database](http://www.exploit-db.com/) - [Hackavision](http://www.hackavision.com/) - [Hackmethod](https://www.hackmethod.com/) - [Packet Storm Security](http://packetstormsecurity.org/) - [SecLists](http://seclists.org/) - [SecTools](http://sectools.org/) - [Smash the Stack](http://smashthestack.org/) - [Don't use VPN services](https://gist.github.com/joepie91/5a9909939e6ce7d09e29) - [How to Avoid Becoming a Script Kiddie](https://www.wikihow.com/Avoid-Becoming-a-Script-Kiddie) - [2017 Top 10 Application Security Risks](https://www.owasp.org/index.php/Top_10-2017_Top_10) - [Starting in cybersecurity ?](https://blog.0day.rocks/starting-in-cybersecurity-5b02d827fb54) ## Books / Manuals **Warning :** I haven't read them all so do not consider I am recommanding as I liked them. They just seems to provide useful resources. - [Penetration Testing: A Hands-On Introduction to Hacking](https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641) (2014) - [Kali Linux Revealed](https://www.amazon.com/Kali-Linux-Revealed-Penetration-Distribution/dp/0997615605) - [PDF](https://kali.training/downloads/Kali-Linux-Revealed-1st-edition.pdf) (2017) - [Blue Team Field Manual (BTFM)](https://www.amazon.com/Blue-Team-Field-Manual-BTFM/dp/154101636X) (2017) - [Cybersecurity - Attack and Defense Strategies](https://www.amazon.com/Cybersecurity-Defense-Strategies-Infrastructure-security/dp/1788475291) (2018) - [NMAP Network Scanning : Official Discovery](https://www.amazon.com/Nmap-Network-Scanning-Official-Discovery/dp/0979958717) (2009) - [Social Engineering : The Art of Human Hacking](https://www.amazon.com/Social-Engineering-Art-Human-Hacking/dp/0470639539) (2010) - [Incognito Toolkit: Tools, Apps, and Creative Methods for Remaining Anonymous](https://www.amazon.com/Incognito-Toolkit-Communicating-Publishing-Researching/dp/0985049146) (2013) ## Discussions - [Reddit/HowToHack](https://www.reddit.com/r/HowToHack/) Learn and ask about hacking, security and pen testing. - [Reddit/hacking](https://www.reddit.com/r/hacking) Discuss about hacking and web security. - [ax0nes](https://ax0nes.com/) Hacking, security, and software development forum. - [0Day.rocks on discord](https://discord.gg/WmYzJfD) Discord server about the 0day.rocks blog for technical and general InfoSec/Cyber discussions & latest news. ## Security Advisories - [CVE](http://cve.mitre.org/) - [CWE](http://cwe.mitre.org/) - [NVD](http://web.nvd.nist.gov/) ## Challenges - [Vulnhub](https://www.vulnhub.com/) - Has a lot of VMs to play with. some are beginner friendly, some aren't. - [Itsecgames](http://www.itsecgames.com/) - buggy web app - [Dvwa](http://www.dvwa.co.uk/) - Damn Vulnerable Web Application - [Hackthissite](https://www.hackthissite.org/) - [Hackthis](https://www.hackthis.co.uk/) - [Root-me](https://www.root-me.org/) - [HackTheBox](https://www.hackthebox.eu/) - [Overthewire](http://overthewire.org/wargames/) - [Ctftime](https://ctftime.org/) ([Table of Contents](#table-of-contents)) # License This repository is under MIT license. ([Table of Contents](#table-of-contents))