Awesome hacker tools list

Awesome hacker list

0x00 Preface

Found on Github, I feel that the form is great, but it is still a little less. I will add excellent dry goods, personal updates of Github and Blog .

English Version

0x01 body

A beautiful hacker must-have form inspired by great machine learning . If you want to contribute to this list (welcome), please give me a pull on github or contact me @carpedm20 for free downloads For a list of hacked books, please click here .

table of Contents

• System aspect
  • Tutorial
  • tool
  • Docker
  • Commonly used
• Reverse aspect
  • Tutorial
  • tool
  • Commonly used
• Web aspect
  • Tutorial
  • tool
• Network aspect
  • Tutorial
  • tool
• Forensics
  • Tutorial
  • tool
• Password aspect
  • Tutorial
  • tool
• Wargame aspect
  • system
  • Reverse Engineering
  • Web
  • The internet
  • Forensics
  • Cryptography
• CTF aspect
  • game
  • Commonly used
• OS security aspects
  • Online resources
• other

System aspect

Tutorial

• Corelan team's Exploit writing tutorial
• Exploit writing tutorial for penetration testers

tool

• Metasploit - A computer security project that provides information about security vulnerabilities and helps with penetration testing and intrusion detection system development.
• Mimikatz - a useful tool for playing Windows security

Docker image for penetration testing and security

• docker pull kalilinux/kali-linux-docker official Kali Linux
• docker pull owasp/zap2docker-stable - official OWASP ZAP
• docker pull wpscanteam/wpscan - official WPScan
• docker pull pandrew/metasploit - docker-metasploit
• docker pull citizenstig/dvwa - Damn Vulnerable Web Application (DVWA)
• docker pull wpscanteam/vulnerablewordpress - Vulnerable WordPress Installation
• docker pull hmlio/vaas-cve-2014-6271 - Vulnerability as a service: Shellshock
• docker pull hmlio/vaas-cve-2014-0160 - Vulnerability as a service: Heartbleed
• docker pull opendns/security-ninjas - Security Ninjas
• docker pull usertaken/archlinux-pentest-lxde - Arch Linux Penetration Tester
• docker pull diogomonica/docker-bench-security - Docker Bench for Security
• docker pull ismisepaul/securityshepherd - OWASP Security Shepherd
• docker pull danmx/docker-owasp-webgoat - OWASP WebGoat Project docker image
• docker-compose build && docker-compose up - OWASP NodeGoat
• docker pull citizenstig/nowasp - OWASP Mutillidae II Web Pen-Test Practice Application
• docker pull bkimminich/juice-shop - OWASP Juice Shop

Commonly used

• Exploit database - the ultimate archive library for exploits and vulnerable software

Reverse aspect

Tutorial

• Reversing newbies
• Malware Analysis Tutorial: Reverse Engineering

tool

• Nudge4j - a Java tool that lets the browser interact with the JVM
• IDA - IDA is a multi-processing disassembly and debugging tool that works on Windows, Linux or Mac OS X
• OllyDbg - Windows 32-bit assembler level debugging tool
• X64dbg - Open source x64/x32 debugging tool on Windows
• Dex2jar - a tool for working with Android .dex and Java .class files
• JD-GUI - a stand-alone graphical utility that displays Java source code ".class" files
• Procyon - modern open source Java decompilation tool
• Androguard - reverse engineering for Android applications, malware analysis tools
• JAD - JAD Java decompile tool (closed source, not updated frequently)
• dotPeek - a free .NET decompiler developed by JetBrains
• ILSpy - Open source set browsing and decompiling .NET program tools
• dnSpy - set editing, decompiling and debugging .NET program tools
• De4dot - crack .NET program tool
• Antinet - a .NET program tool for decompiling and obfuscating code
• UPX - Ultimate Package Executable Tool
• Radale2 - Portable Reverse Engineering Framework Tool
• Plasma - Applies to x86/ARM/MIPS interactive disassembly, generating pseudocode using flower instruction syntax code.
• Hopper - Executable tool for OS X and Linux disassembled/decompiled 32/64 bit Windows/MAC/LINUX/iOS
• ScratchABit - an easy to relocate and attackable interactive disassembly tool using the IDAPython Compatible Plugin API

Commonly used

• Open malware query

Web aspect

tool

• Sqlmap - automatic SQL injection and database intrusion tools
• Tools.web-max.ca - base64, base85 encoding/decoding

Network aspect

tool

• Wireshark - Free and open source traffic packet analysis tool
• NetworkMiner - Network Forensics Analysis Tool
• Tcpdump - a powerful command line traffic package analysis tool with built-in libpcap portable C/C++ library for network traffic capture
• Paros - Java-based HTTP/HTTPS proxy for evaluating web application vulnerability tools
• Pig - fake traffic package tool under Linux
• ZAP - ZAP is an integrated penetration testing tool for discovering vulnerabilities in web applications that are easy to use.
• Mitmproxy - a tool based on HTTP with an interactive control interface and support for SSL intermediate agents
• Mitmsocks4j - Java-based support for intermediate SOCKS proxy tools
• Nmap - Nmap security scanning tool
• Aircrack-ng - used to crack 802.11 WEP and WPA-PSK key tools
• Charles Proxy - A cross-platform graphical user interface web debugging proxy tool for viewing intercepted HTTP and HTTPS/SSL real-time traffic
• Nipe - a script that makes the Tor network the default gateway

Forensics

tool

• Autospy - Digital forensics platform, The Sleuth Kit 's graphical interface, and other digital forensics tools.
• Sleuthkit - collect various command line digital forensics tool libraries
• A set of digital forensics tools using shared technology developed by EnCase - Guidance Software
• Malzilla - malware capture tool
• PEview - Quick and easy viewing of program structure and contents of 32-bit Portable Executable (PE) and Component Object File Format (COFF) files
• HxD - Hex editor that can handle files of any size in addition to the original disk editing and modification of main memory (RAM).
• WinHex - Hex Editor helps computer forensics, data recovery, low-level data processing and IT security.
• BinText - A small but fast powerful text extractor that programmers are particularly interested in.

Password aspect

tool

• Xortool - an analytical multibyte XOR cipher tool
• John the Ripper - Quick Password Cracker
• Aircrack - 802.11 WEP and WPA-PSK key cracking tools

Wargame aspect

system

• OverTheWire - Semtex
• OverTheWire - Vortex
• OverTheWire - Drifter
• Pwnable.kr - provides various pwn challenges about system security
• Exploit Exercises - Nebula
• SmashTheStack

Reverse Engineering

• Reversing.kr
• CodeEngn
• simples.kr
• Crackmes.de

Web

• Hack This Site!
• Webhacking.kr
• 0xf.at

password

• OverTheWire - Krypton

CTF aspect

game

• DEF CON
• CSAW CTF
• hack.lu CTF
• Pliad CTF
• RuCTFe
• Ghost in the Shellcode
• PHD CTF
• SECUINSIDE CTF
• Codegate CTF
• Boston Key Party CTF

Commonly used

• CTFtime.org
• WeChall
• CTF archives (shell-storm)
• Arsenal Rookit
• Pentest Cheat Sheets - dry goods for penetration testing
• Movies For Hacker - a list of movies that every hacker must watch

OS security aspects

Online resources

• Security related Operating Systems @ Rawsec - Complete operating system security form
• Best Linux Penetration Testing Distributions @ CyberPunk - Penetration Test Division Description
• Security @ Distrowatch - A website dedicated to discussing, reviewing and maintaining updated open source operating systems

other

• SecTools - Top 125 Network Security Tools

HackingCrews