Nombre | URL | SO | Description | Video | tags |
---|---|---|---|---|---|
Firepwd | https://github.com/lclevy/firepwd | firefox | This tool can be used to crack firefox master password | firefox, passwords, explorer | |
seclist | https://github.com/danielmiessler/SecLists.git | dictionary, web scanner, fuzzing | |||
ffuf | https://github.com/ffuf/ffuf | ## know how gathering subdomains
ffuf -u "https://FUZZ.fullledcolor.es" -w SecLists/Discovery/Web-Content/raft-large-words.txt ## know how gathering directories ffuf -u "https://fullledcolor.es/FUZZ" -w SecLists/Discovery/Web-Content/raft-large-words.txt ## know how gathering files php ffuf -u "https://fullledcolor.es/FUZZ" -w SecLists/Discovery/Web-Content/raft-large-words.txt -e .php ## know how gathering files php not show 404 ffuf -u "https://fullledcolor.es/FUZZ" -w SecLists/Discovery/Web-Content/raft-large-words.txt -e .php -fc 404 | dictionary, web scanner, fuzzing | ||
Burp Suite Professional | https://portswigger.net/burp/pro | windows,linux | Toolkit to automate, find and assist web vulnerability discovery and exploitation | request, response, http, querys, intercept | |
sqlmap | https://sqlmap.org/ | Automatic SQL injection and database takeover tool | sql injection, databases | ||
Frida | https://frida.re/ | Dynamic instrumentation toolkit to intercept and debug software that is closed-source or locked down | intercept, debug | ||
APKLab | https://github.com/APKLab/APKLab | Set of scripts and tools to perform Reverse Engineering on Android applications | reverse engineering, android | ||
mimikatz | https://github.com/ParrotSec/mimikatz | windows | ## know how mimikatz windows ## know how windows enumeration mimikatz ## knnow how enumeration windows mimiktaz Windows x32/x64 program to extract passwords, hash, PINs, and Kerberos tickets from memory | windows, passwords, hash, pin, kerberos | |
Rubeus | https://github.com/GhostPack/Rubeus | windows | Toolset for raw Kerberos interaction and abuses | kerberos | |
Metasploit | https://www.metasploit.com/ | windows,linux | Framework to help launching and developing exploits and offensive tasks | framework | |
Ghidra | https://ghidra-sre.org/ | linux | Software Reverse Engineering (SRE) suite of tools developed by NSA's Research Directorate | reverse engineering | |
John the Ripper | https://www.openwall.com/john/ | Password recovery tool | passwords, hash | ||
hashcat | https://hashcat.net/hashcat/ | Fast, efficient and versatile hacking tool that assists offline brute-force attacks | passwords, hash, bruteforce | ||
Wireshark | https://www.wireshark.org/ | network | Network protocol analyzer | man in the middle, network analyzer | |
Aircrack-ng | https://www.aircrack-ng.org/ | network | Suite of tools to assess WiFi network security | wifi, scanner | |
ngrok | https://ngrok.com/ | Cross-platform application that exposes local server ports to the Internet | ports | ||
Covenant | https://github.com/cobbr/Covenant | .NET command and control framework | framework, control | ||
Nmap | https://nmap.org/ | Utility for network discovery and security auditing | ports, scanner | ||
Vega | https://subgraph.com/vega/ | Web security scanner and web security testing platform that helps validate SQLi, XSS, etc. | web scanner | ||
x64dbg | https://x64dbg.com/ | windows | Open-source x64/x32 debugger for Windows | debugger | |
WinDbg | windows | Windows default debugger that we use for kernel debugging | debugger | ||
hacktools firefox | https://addons.mozilla.org/en-US/firefox/addon/hacktools/ | firefox | web addons | ||
Hacktools chrome | https://chrome.google.com/webstore/detail/hack-tools/cmbndhnoonmghfofefkcccljbkdpamhi | chrome | web addons | ||
Obsidian editor | https://obsidian.md/ | editor | |||
convert ip for evading waff | https://www.silisoftware.com/tools/ipconverter.php?convert_from=216.58.215.78 | dwords, 16bits, 8bits, waf, evasion | |||
hackvector.co.ku | https://hackvertor.co.uk/public# | multi tools evasion waf | dwords, 16bits, 8bits, waf, evasion | ||
aaencode | https://utf-8.jp/public/aaencode.html | aaencode tools javascript evasion | dwords, 16bits, 8bits, waf, evasion | ||
jjencode | https://utf-8.jp/public/jjencode.html | jjencode tools javascript evasion | javascript, evasion | ||
jsfuck | http://www.jsfuck.com/ | jsfuck tools javascript evasion | javascript, evasion | ||
js compresor evading waf | http://dean.edwards.name/packer/ | js compresor evading waf | javascript, evasion, waf, compresor | ||
js yui compresor evading waf | http://yui.github.io/yuicompressor/ | js yui compresor evading waf | javascript, evasion, waf, compresor | ||
OpenVAS | https://www.openvas.org/ | Full-featured vulnerability scanner | web scanner, vulnerability scanner | ||
dalfox | https://github.com/hahwul/dalfox | xss | xss | ||
xsscrapy | https://github.com/DanMcInerney/xsscrapy | xss | xss | ||
xsser | https://github.com/epsylon/xsser | xss | xss | ||
brutexss | https://github.com/rajeshmajumdar/BruteXSS | xss | xss | ||
xssstrike | https://github.com/s0md3v/XSStrike | xss | xss | ||
BeEF | https://beefproject.com/ | The Browser Exploitation Framework, a penetration testing tool that focuses on the web browser | xss, framework, web scanner | ||
GNU Wget | https://www.gnu.org/software/wget/ | phising, clone website | |||
Beef web cloning | https://github.com/AbertayHackers/BeEF | phising, clone website | |||
Set social engineer toolkit site cloner | phising, clone website | ||||
urlcrazy | https://github.com/urbanadventurer/urlcrazy | to get similar domains. | domains, phising | ||
sql injection cheat sheet | https://portswigger.net/web-security/sql-injection/cheat-sheet | web | Portswigger sql injection cheat sheet | cheat sheet, sql injection, web | |
subinACL | https://windows-resource-kit-tools-subinacl-exe.software.informer.com/ | windows | unquoted privilege escalation windows | privilege escalation, windows | |
powersploit powerup.ps1 | https://github.com/PowerShellMafia/PowerSploit/blob/master/Privesc/PowerUp.ps1 | windows | unquoted privilege escalation windows | privilege escalation, windows | |
Winpeas | https://github.com/carlospolop/PEASS-ng/tree/master/winPEAS | windows | unquoted privilege escalation windows | privilege escalation, windows | |
Methodology unquoted privilege escalation windows | https://www.hackingarticles.in/windows-privilege-escalation-unquoted-service-path/ | windows | Methodology unquoted privilege escalation windows | privilege escalation, windows | |
AlwaysInstallElevated | https://www.hackingarticles.in/windows-privilege-escalation-alwaysinstallelevated/ | windows | AlwaysInstallElevated | privilege escalation, windows | |
SeBackupPrivilege | https |
Tools hackingRiskoo2023-01-02T09:50:08+00:00