| Nombre | URL | SO | Description | Video | tags |
|---|---|---|---|---|---|
| Firepwd | https://github.com/lclevy/firepwd | firefox | This tool can be used to crack firefox master password | firefox, passwords, explorer | |
| seclist | https://github.com/danielmiessler/SecLists.git | dictionary, web scanner, fuzzing | |||
| ffuf | https://github.com/ffuf/ffuf | ## know how gathering subdomains
ffuf -u "https://FUZZ.fullledcolor.es" -w SecLists/Discovery/Web-Content/raft-large-words.txt ## know how gathering directories ffuf -u "https://fullledcolor.es/FUZZ" -w SecLists/Discovery/Web-Content/raft-large-words.txt ## know how gathering files php ffuf -u "https://fullledcolor.es/FUZZ" -w SecLists/Discovery/Web-Content/raft-large-words.txt -e .php ## know how gathering files php not show 404 ffuf -u "https://fullledcolor.es/FUZZ" -w SecLists/Discovery/Web-Content/raft-large-words.txt -e .php -fc 404 | dictionary, web scanner, fuzzing | ||
| Burp Suite Professional | https://portswigger.net/burp/pro | windows,linux | Toolkit to automate, find and assist web vulnerability discovery and exploitation | request, response, http, querys, intercept | |
| sqlmap | https://sqlmap.org/ | Automatic SQL injection and database takeover tool | sql injection, databases | ||
| Frida | https://frida.re/ | Dynamic instrumentation toolkit to intercept and debug software that is closed-source or locked down | intercept, debug | ||
| APKLab | https://github.com/APKLab/APKLab | Set of scripts and tools to perform Reverse Engineering on Android applications | reverse engineering, android | ||
| mimikatz | https://github.com/ParrotSec/mimikatz | windows | ## know how mimikatz windows ## know how windows enumeration mimikatz ## knnow how enumeration windows mimiktaz Windows x32/x64 program to extract passwords, hash, PINs, and Kerberos tickets from memory | windows, passwords, hash, pin, kerberos | |
| Rubeus | https://github.com/GhostPack/Rubeus | windows | Toolset for raw Kerberos interaction and abuses | kerberos | |
| Metasploit | https://www.metasploit.com/ | windows,linux | Framework to help launching and developing exploits and offensive tasks | framework | |
| Ghidra | https://ghidra-sre.org/ | linux | Software Reverse Engineering (SRE) suite of tools developed by NSA's Research Directorate | reverse engineering | |
| John the Ripper | https://www.openwall.com/john/ | Password recovery tool | passwords, hash | ||
| hashcat | https://hashcat.net/hashcat/ | Fast, efficient and versatile hacking tool that assists offline brute-force attacks | passwords, hash, bruteforce | ||
| Wireshark | https://www.wireshark.org/ | network | Network protocol analyzer | man in the middle, network analyzer | |
| Aircrack-ng | https://www.aircrack-ng.org/ | network | Suite of tools to assess WiFi network security | wifi, scanner | |
| ngrok | https://ngrok.com/ | Cross-platform application that exposes local server ports to the Internet | ports | ||
| Covenant | https://github.com/cobbr/Covenant | .NET command and control framework | framework, control | ||
| Nmap | https://nmap.org/ | Utility for network discovery and security auditing | ports, scanner | ||
| Vega | https://subgraph.com/vega/ | Web security scanner and web security testing platform that helps validate SQLi, XSS, etc. | web scanner | ||
| x64dbg | https://x64dbg.com/ | windows | Open-source x64/x32 debugger for Windows | debugger | |
| WinDbg | windows | Windows default debugger that we use for kernel debugging | debugger | ||
| hacktools firefox | https://addons.mozilla.org/en-US/firefox/addon/hacktools/ | firefox | web addons | ||
| Hacktools chrome | https://chrome.google.com/webstore/detail/hack-tools/cmbndhnoonmghfofefkcccljbkdpamhi | chrome | web addons | ||
| Obsidian editor | https://obsidian.md/ | editor | |||
| convert ip for evading waff | https://www.silisoftware.com/tools/ipconverter.php?convert_from=216.58.215.78 | dwords, 16bits, 8bits, waf, evasion | |||
| hackvector.co.ku | https://hackvertor.co.uk/public# | multi tools evasion waf | dwords, 16bits, 8bits, waf, evasion | ||
| aaencode | https://utf-8.jp/public/aaencode.html | aaencode tools javascript evasion | dwords, 16bits, 8bits, waf, evasion | ||
| jjencode | https://utf-8.jp/public/jjencode.html | jjencode tools javascript evasion | javascript, evasion | ||
| jsfuck | http://www.jsfuck.com/ | jsfuck tools javascript evasion | javascript, evasion | ||
| js compresor evading waf | http://dean.edwards.name/packer/ | js compresor evading waf | javascript, evasion, waf, compresor | ||
| js yui compresor evading waf | http://yui.github.io/yuicompressor/ | js yui compresor evading waf | javascript, evasion, waf, compresor | ||
| OpenVAS | https://www.openvas.org/ | Full-featured vulnerability scanner | web scanner, vulnerability scanner | ||
| dalfox | https://github.com/hahwul/dalfox | xss | xss | ||
| xsscrapy | https://github.com/DanMcInerney/xsscrapy | xss | xss | ||
| xsser | https://github.com/epsylon/xsser | xss | xss | ||
| brutexss | https://github.com/rajeshmajumdar/BruteXSS | xss | xss | ||
| xssstrike | https://github.com/s0md3v/XSStrike | xss | xss | ||
| BeEF | https://beefproject.com/ | The Browser Exploitation Framework, a penetration testing tool that focuses on the web browser | xss, framework, web scanner | ||
| GNU Wget | https://www.gnu.org/software/wget/ | phising, clone website | |||
| Beef web cloning | https://github.com/AbertayHackers/BeEF | phising, clone website | |||
| Set social engineer toolkit site cloner | phising, clone website | ||||
| urlcrazy | https://github.com/urbanadventurer/urlcrazy | to get similar domains. | domains, phising | ||
| sql injection cheat sheet | https://portswigger.net/web-security/sql-injection/cheat-sheet | web | Portswigger sql injection cheat sheet | cheat sheet, sql injection, web | |
| subinACL | https://windows-resource-kit-tools-subinacl-exe.software.informer.com/ | windows | unquoted privilege escalation windows | privilege escalation, windows | |
| powersploit powerup.ps1 | https://github.com/PowerShellMafia/PowerSploit/blob/master/Privesc/PowerUp.ps1 | windows | unquoted privilege escalation windows | privilege escalation, windows | |
| Winpeas | https://github.com/carlospolop/PEASS-ng/tree/master/winPEAS | windows | unquoted privilege escalation windows | privilege escalation, windows | |
| Methodology unquoted privilege escalation windows | https://www.hackingarticles.in/windows-privilege-escalation-unquoted-service-path/ | windows | Methodology unquoted privilege escalation windows | privilege escalation, windows | |
| AlwaysInstallElevated | https://www.hackingarticles.in/windows-privilege-escalation-alwaysinstallelevated/ | windows | AlwaysInstallElevated | privilege escalation, windows | |
| SeBackupPrivilege | https |
Tools hackingRiskoo2023-01-02T09:50:08+00:00