渗透测试|逆向|exploits|隐私保护|压测|无线攻击工具

渗透测试|逆向|exploits|隐私保护|压测|无线攻击工具

VIP工具

Acunetix (AWVS13)
Hotspot Shield
AppSpider 7
L0phtCrack 7 (Win64)
Asoftis IP Changer
Metasploit Console
Maltego xl
Avira Phantom VPN
Metasploit Web UI.url
Betternet
Micro Focus Fortify Audit Workbench
BlackBullet 2.1.6
Micro Focus Fortify Custom Rules Editor
BlackBullet 2.5.1
Micro Focus Fortify Scan Wizard
BurpSuite
Micro Focus Fortify-rule-dencrypt
CCProxy
Nessus Pro
Charles Proxy
Netsparker
Checkmarx Audit
Nipper Studio
Checkmarx Portal.url
OpenBullet
ChrisPC Anonymous Proxy Pro
Proxifier
Core Impact 20.1.6201
ProxyCap
Elcomsoft Wireless Security Auditor
ReadyAPI
ExploitPack 14.0
WebCruiserWVS
Freedome
WebInspect 20.1.0
Gather Proxy
binaryninja
HCL AppScan Standard
cobaltstrike4.2

防病毒免杀工具

AVIATOR_x64
PSAttack
AVIator- Antivirus Evasion Project
PowerLessShell
CheckPlease
PowerShdll
DefenderCheck
PowerShell Armoury-Evading anti-virus
DotNetToJScript
StarFighters
Invoke-CradleCrafter
SysWhispers-AV-EDR evasion
Invoke-DOSfuscation
demiguise
Invoke-Obfuscation
nps
Invoke-Phant0m
pafishmacro
Macro Pack-Automatize Obfuscation & Generation of MS Office
tvasion - Anti virus evasion
PSAmsi
xencrypt-Anti-virus evasion Tool

exploits

ADAPE
PrivExchange
Access Metasploit Web UI.urlPrivescCheck Win -Privilege Escalation Enumeration
BSQLGUI
Privilege-Escalation-Awesome-Scripts-Suite
BetterBackdoor-create & Control a backdoor
ROADtools - Azure AD Exploration Framework
CVE-2019-1040-Scanner
ROADtools-GUI - Azure AD Exploration Framework
Chisel - Fast TCP tunnel over HTTP
RedTeam CSharp Scripts
Core Impact
RedTeam Powershell Scripts
CrackMapExecWin
Red_Team - Useful Scripts
CredsLeaker-credentials stealer
ReverseTCPShell- PowerShell ReverseTCP Shell
DAMP
RottenPotatoNG
DSSS-sql-injection
SQLmap
Dumpert
Sharp-Suite
Evil-Winrm-Ultimate WinRM shell for pentesting
SharpClipHistory
EvilClippy
SharpExchangePriv
EvilURL- Generate unicode domains
SharpExec
Eviloffice
SharpSploit
Exchange-AD-Privesc
Shellerator-bind-reverse shell Generater
ExploitMyUnion
Shuriken-XSS
ExploitPack 14.0
SpoolSample
GadgetToJScript
UACME
Generate-Macro
VBscan
GhostPackWebCruiserWVS
Goby - Attack surface mapping
WinScanX GUI
Invoke-ACLPwn
Windows Exploit Suggester
Invoke-DCOM
XSS-Loader Tools
Invoke-GoFetch
XSSpwn
Invoke-PSImage
XSSsniper
Invoke-PowerThIEf
XSStrike
Jalesc-Linux Privileges Escalating 
hjsplit
Metasploitimpacket-examples-windows
Metasploit Console
jsql-injection-GUI
Meterpeter-C2 Powershell Command & Control Framework
juicy-potato
MicroBurst - PowerShell Toolkit for Attacking Azure
kali-windows-binaries
Nessus Pro.urllsassy-Extract credentials from lsass remotely
NetshHelperBeacon
luckystrike
Nikto
metatwin
NoSQLMap
mimikatz
Orca
nc
PSReflect
nc64
Pivotsuite - Network Pivoting Toolkit
nishang
PowerLurk
pattern_create
PowerPriv
pattern_offset
PowerSharpPack-Usefull offensive CSharp Projects
ruler
PowerShell-Suite
subdomain-bruteforcer(SubBrute)
PowerSploit
vssown
PowerUpSQL
vulcan
PowerZure- Assessing Azure security
wePWNise

移动安全工具

APK Easy Tool
Frida-kill
appmon
APK Editor Studio
Frida-ls-devices
dex2jar
Android Debug Bridge (adb)
Frida-ps
dex2smali
Apkid
Frida-trace
frida-objection
Apktool
Frida
frida-pygmentize
BurpSuite
GDA-android-reversing-Tool
jadx-gui
Bytecode-Viewer
Mobile Security Framework (MobSF)
luyten
DB Browser for SQLite
Multi-Drive
vulnerable apk
Drozer
Nox
Frida-discover
OWASP ZAP Proxy

网络攻击

Bettercap
Jumpstart
RouterScan
ettercapNG
BeyondTrustDiscoveryTool
MultiRelay
RunFinger-Python
nc
Cain
Nessus Pro.url        
SSH Scan
nc64
Dumpper
NetworkMiner
SSL-Strip
netscan
Evil FOCA
Nirsoft Launcher
SnmpWalk
snmptest
FindSQLSrv-Python
Nsauditor
Waircut
sslyze
Goby - Attack surface mapping
Responder-Python
WinScanX GUI
Icmp-Redirect-Python
Responder
Wireshark

密码攻击

ADFSpray - MS Password Spray Attack 
KeeThief
ASREPRoast
Kraken-Password crack RAR ZIP 7z
BlackBullet 2.1.6
L0phtCrack 7 (Win64)
BlackBullet 2.5.1
LAPSToolkit
BruteXMLRPC
MSOLSpray - A Password Spraying Tool
Bruter
MailSniper
Cain
Md5Cracker
CeWL-Creating Custom Wordlists
OpenBullet
Check-LocalAdminHash
Password Recovery
CredNinja
Patator - Brute-force
Crunch
RiskySPN
DSInternals
SessionGopher
DomainPasswordSpray
Smtp-Cracker
Fast-RDP-Bruteforce
WinScanX GUI
Get-LAPSPasswords
WinScanX-CL
Go-jwt-cracker
XBruteForcer (CMS)
Hash-Buster- Online Crack hashes
XMLrpc-bruteforcer
Hash-identifier
cap2hccap
Hashcat CLI
cap2hccapx
Hashcat GUI
jwtcat - Cracking JSON Web Token
IMAP Bruteforce 
mimikatz.x64
Internal-Monologue
mimikatz.x86
Inveigh
mimikittenz
Invoke-TheHash
pydictor-dictionary builder for brute-force
John the Ripper                            
rainbowcrack-cl
John the Ripper GUI
rcrack-gui
KeeFarce
thc-hydra-BruteForce

逆向工程

APK Easy Tool
Extractor            
Unpacker     
ollydbg
Apktool
IDA Pro 32
binaryninja
dnSpy-x86
windbgx64
Binwalk
IDA Pro 64
de4dot-net35-x64
dnSpy
windbgx86
Bytecode-Viewer
ResourceHacker
de4dot-net35
jadx-gui
x32dbg
Trial-Reset
de4dot-net45-x64
luyten
x64dbgAPK Easy Tool
Extractor            
Unpacker     
ollydbg
Apktool
IDA Pro 32
binaryninja
dnSpy-x86
windbgx64
Binwalk
IDA Pro 64
de4dot-net35-x64
dnSpy
windbgx86
Bytecode-Viewer
ResourceHacker
de4dot-net35
jadx-gui
x32dbg
Trial-Reset
de4dot-net45-x64
luyten
x64dbg
 
- Dotnet
AntiTampRem
DotNET Tracer x64
ExtremeDumper x64
StringDecryptor
AntiTamperKiller
DotNET Tracer x86
Kripto v1.0 Deobfuscator
Universal_Fixer
ConfuserEx AntiDump Fixer
ExtremeDumper x32
MegaDumper
Universal_Fixer_NoFuser3
 
- Extractor
InnoExtractor
InstallShield mini Extractor
LFS Setup Extractor
UniExtract
lessmsi-gui
 
- Unpacker
Armageddon
EnigmaVBUnpacker
RL!dePeCompact 2.x
UntElock 0.98+
Aspack
Exe2Aut v0.11
UPXEasyGUI
upx_unpacker
De4dot
MART!K UnPacker
Unpacker_PECompactAPK Easy Tool
Extractor            
Unpacker     
ollydbg
Apktool
IDA Pro 32
binaryninja
dnSpy-x86
windbgx64
Binwalk
IDA Pro 64
de4dot-net35-x64
dnSpy
windbgx86
Bytecode-Viewer
ResourceHacker
de4dot-net35
jadx-gui
x32dbg
Trial-Reset
de4dot-net45-x64
luyten
x64dbg

Web应用程序攻击

Acunetix
Recurse Buster
AppSpider 7
SPartan-Sharepoint fingerprinting and attack Tool
Aquatone
SQLMap-GUI
Arjun
SQLi-Hunter-SQLMAP API wrapper
Atlas-Quick SQLMap Tamper Suggester
SQLmap
Atscan
SSL-Scan
BSQLGUI
SSRFmap-SSRF Scanner
BruteXMLRPC
Scrawlr
BruteXSS
See-SURF- find potential SSRF parameters
BurpSuite
Shuriken-XSS
CMSeeK- CMS Detection and Exploitation suite
SleuthQL
Cansina - Web Content Discovery
Spaghetti
Commix
TestSSL.sh
Corsy-CORS Misconfiguration Scanner
VBscan
DSSS-sql-injection
WAScan
Dalfox - XSS Scanning
WPScan-WordPress Vulnerability Scanner
DirBuster
Wapiti-Web Vulnerability Scanner
Dirble- WebSite Directory Scanning
WebCruiserWVS
Dirsearch- Web path scanner
WebInspect 20.1.0
Droopescan
Weblogic-Scanner
ExploitMyUnion
WhatWAF
Eyewitness
WhatWeb
Findom-XSS
Wordpress Exploit Framework
FireFox-Pentesting
XBruteForcer (CMS)
Fuxploider-File upload scanner and exploitation
XMLrpc-bruteforcer
Golismero
XSS-Freak
Gowitness-Web screenshot utility
XSS-Loader Tools
HCL AppScan Standard
XSSfork - XSS Vulnerability Scan
Havij
XSSpwn
IIS-ShortName-Scanner
XSSsniper
IIS-Shortname-Scan (Python)
XSStrike
Joomscan
XSpear-XSS Scanning
Link JS Find - Extract URL Websites
dotdotpwn - Directory Traversal Fuzzer
LinkFinder
ffuf - Fuzz Faster
Netsparker
httprecon
Nikto
identYwaf
NoSQLMap
jsql-injection-GUI
Nuclei - Web Scanner based on templates
jwtcat - Cracking JSON Web Token
OWASP ZAP Proxy
pentest-tools
Quick-SQL
sslyze
R3con1z3r-Web information gathering
wafw00f
ReadyAPI 2.8.2
wfuzz

漏洞分析

AD Control Paths
SSL-Scan
BSQLGUI
Searchsploit
DSSS-sql-injection
Shuriken-XSS
Droopescan
SleuthQL
Egress-Assess
Spaghetti
ExploitMyUnion
TestSSL.sh
Golismero
VBscan
Grouper2
WAScan
Joomscan
WebCruiserWVS
Nessus Pro
Weblogic-Scanner
Nikto
WinScanX GUI
NoSQLMap
WinScanX-CL
NtdsAudit
XSS-Freak
OWASP Mutillidae- Vulnerable web-application
XSS-Loader Tools
OWASP ZAP Proxy
XSSpwn
PowerSharpPack-Usefull offensive CSharp Projects
XSSsniper
PwnedPasswordsNTLM
XSStrike
SMBGhost-CVE-2020-0796
XSpear-XSS Scanning
SQLMap-GUI
bWAPP- vulnerable web-application
SQLmap
jsql-injection-GUI
SSH Scan
zBang

恶意软件分析

Autoruns
KillSwitch
Task Explorer x64
dnSpy
Binwalk
LockHunter
Task Explorer
exeinfope
Comodo Cleaning Essentials
Microsoft Sysinternals
UPXEasyGUI
exiftool
CrowdInspect
PE Detective
UniExtract
loki-upgrader
CrowdInspect64
PPEE
VirusTotal Uploader 2.2
loki
Detect It Easy
Process Hacker 2
Volatility-CL
ollydbg
FLOSS
ProcessActivityView
VolatilityWorkbench-gui
pdbripper
FolderChangesView
ProcessHacker
Winja (VirusTotal Uploader)
pestudio
HijackCleaner64
Regshot-x64-ANSI
Wireshark
peview
ILProtectorUnpacker
Regshot-x64-Unicode
apateDNS
windump
IREC-1.9.16
RunPEDetector32
dnSpy-x86

密码字典

Payload-List
PayloadsAllTheThings
Probable-Wordlists
RobotsDisallowed
SecLists
fuzzdb

代理和隐私保护工具

Asoftis IP Changer
Freedome
Proxifier
Tor Browser
Avira Phantom VPN
Gather Proxy
Proxy-Scraper
W10Privacy
Betternet
Hotspot Shield
ProxyCap
WPD
ChrisPC Anonymous Proxy Pro
OOSU10
Simple DnsCrypt
YogaDNS

实用工具

Active Presenter - Screen Recoreder
HTTP File Server (HFS)
ShareX
AnyDesk
HeidiSQL
Simple DnsCrypt
Bandizip
HostsFileEditor
Start Tor Browser
Boxstarter Shell
HxD
Task Explorer x64
CCleaner
IObit Uninstaller
Task Explorer
CFF Explorer
KeePass 2
ThemeTool
Charles Proxy
KeepNote
Tor Browser
Chrome -with XSS Auditor disabled
KeepPass
Wireshark
Chrome
MarkdownEdit
YogaDNS
CyberChef
Microsoft Edge
hjsplit
DB Browser for SQLite
Neo4j_start.bat               
neo4j-community
Docker Desktop
Neo4j_stop.bat               
ngrok- reverse proxy
Driver Booster 7
NetworkMiner
notepad++
Email extractor
Nirsoft Launcher
peview
FLOSS
OpenVPN GUI
services
Fiddler
PE Detective
shellcode_launcher
FireFox-Pentesting
ProcessHacker
vlc
Firefox
RunAsDate
uTorrent
Google Chrome
ScreenToGif
Greenshot
Search Everything
Essential NetTools
NetLimiter 4

无线攻击

Airbase-ng
Airventriloquist-ng
Kstats
WifiInfoView.exe
Aircrack-ng-GUI
Besside-ng
Makeivs-ng
WirelessNetView.exe
Aircrack-ng
Bettercap
Packetforge-ng
Wireshark
Airdecap-ng
Buddy-ng
RouterScan
Wpaclean
Airdecloak-ng
Cain
SSL-Strip
ettercapNG
Aireplay-ng
Dumpper
Tkiptun-ng
ivstools
Airodump-ng
Easside-ng
WNetWatcher.exe          
wifi-perfiles
Airolib-ng
Elcomsoft Wireless Security Auditor
Waircut
Airserv-ng
Evil FOCA
Wesside-ng
Airtun-ng
Jumpstart
WifiChannelMonitor

压力测试工具

DDos-Attack (Python)
Slowloris HTTP DoS IPv6
DDos-Attackv1 (Python)
Slowloris HTTP DoS
HostDown- DDos Attack
THC-SSL-Dos
Impulse Denial-of-service ToolKit
TheDoomsday- Test DOS sustainablity
Perl Flood Script (DDoS)
WhatWAF
Priv8-ddos
identYwaf
Saddam-DDoS Amplification Tool
wafw00f

GitHub:github.com/IvanVoronov/0day