-
Notifications
You must be signed in to change notification settings - Fork 30
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #48 from ThePorgs/dev-images
- Loading branch information
Showing
12 changed files
with
1,780 additions
and
3 deletions.
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
Large diffs are not rendered by default.
Oops, something went wrong.
375 changes: 375 additions & 0 deletions
375
source/assets/installed_tools/lists/full_3.1.3_amd64.csv
Large diffs are not rendered by default.
Oops, something went wrong.
367 changes: 367 additions & 0 deletions
367
source/assets/installed_tools/lists/full_3.1.3_arm64.csv
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,45 @@ | ||
| Tool,Link,Description | ||
| asdf,https://github.com/asdf-vm/asdf,Extendable version manager with support for ruby python go etc | ||
| autorecon,https://github.com/Tib3rius/AutoRecon,Multi-threaded network reconnaissance tool which performs automated enumeration of services. | ||
| cloudfail,https://github.com/m0rtem/CloudFail,a reconnaissance tool for identifying misconfigured CloudFront domains. | ||
| crackmapexec,https://github.com/Porchetta-Industries/CrackMapExec,Network scanner. | ||
| CyberChef,https://github.com/gchq/CyberChef/,The Cyber Swiss Army Knife | ||
| droopescan,https://github.com/droope/droopescan,Scan Drupal websites for vulnerabilities. | ||
| drupwn,https://github.com/immunIT/drupwn,Drupal security scanner. | ||
| enum4linux-ng,https://github.com/cddmp/enum4linux-ng,Tool for enumerating information from Windows and Samba systems. | ||
| evilwinrm,https://github.com/Hackplayers/evil-winrm,Tool to connect to a remote Windows system with WinRM. | ||
| eyewitness,https://github.com/FortyNorthSecurity/EyeWitness,a tool to take screenshots of websites / provide some server header info / and identify default credentials if possible. | ||
| fcrackzip,https://github.com/hyc/fcrackzip,Password cracker for zip archives. | ||
| ffuf,https://github.com/ffuf/ffuf,Fast web fuzzer written in Go. | ||
| firefox,https://www.mozilla.org,A web browser | ||
| fzf,https://github.com/junegunn/fzf,🌸 A command-line fuzzy finder | ||
| gf,https://github.com/tomnomnom/gf,A wrapper around grep to avoid typing common patterns | ||
| gittools,https://github.com/internetwache/GitTools,A collection of Git tools including a powerful Dumper for dumping Git repositories. | ||
| hashcat,https://hashcat.net/hashcat,A tool for advanced password recovery | ||
| hydra,https://github.com/vanhauser-thc/thc-hydra,Hydra is a parallelized login cracker which supports numerous protocols to attack. | ||
| impacket,https://github.com/ThePorgs/impacket,Set of tools for working with network protocols (ThePorgs version). | ||
| john,https://github.com/openwall/john,John the Ripper password cracker. | ||
| joomscan,https://github.com/rezasp/joomscan,A tool to enumerate Joomla-based websites | ||
| jwt,https://github.com/ticarpi/jwt_tool,a command-line tool for working with JSON Web Tokens (JWTs) | ||
| mdcat,https://github.com/swsnr/mdcat,Fancy cat for Markdown | ||
| metasploit,https://github.com/rapid7/metasploit-framework,A popular penetration testing framework that includes many exploits and payloads | ||
| neovim,https://neovim.io/,hyperextensible Vim-based text editor | ||
| netexec,https://github.com/Pennyw0rth/NetExec,Network scanner (Crackmapexec updated). | ||
| nmap,https://nmap.org,The Network Mapper - a powerful network discovery and security auditing tool | ||
| nuclei,https://github.com/projectdiscovery/nuclei,A fast and customizable vulnerability scanner that can detect a wide range of issues / including XSS / SQL injection / and misconfigured servers. | ||
| responder,https://github.com/lgandx/Responder,a LLMNR / NBT-NS and MDNS poisoner. | ||
| seclists,https://github.com/danielmiessler/SecLists,A collection of multiple types of lists used during security assessments | ||
| simplyemail,https://github.com/SimplySecurity/SimplyEmail,a scriptable command line tool for sending emails | ||
| smbclient,https://github.com/samba-team/samba,SMBclient is a command-line utility that allows you to access Windows shared resources | ||
| smbmap,https://github.com/ShawnDEvans/smbmap,A tool to enumerate SMB shares and check for null sessions | ||
| sqlmap,https://github.com/sqlmapproject/sqlmap,Sqlmap is an open-source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws | ||
| sslscan,https://github.com/rbsec/sslscan,a tool for testing SSL/TLS encryption on servers | ||
| subfinder,https://github.com/projectdiscovery/subfinder,Tool to find subdomains associated with a domain. | ||
| testssl,https://github.com/drwetter/testssl.sh,a tool for testing SSL/TLS encryption on servers | ||
| theharvester,https://github.com/laramies/theHarvester,Tool for gathering e-mail accounts / subdomain names / virtual host / open ports / banners / and employee names from different public sources | ||
| wafw00f,https://github.com/EnableSecurity/wafw00f,a Python tool that helps to identify and fingerprint web application firewall (WAF) products. | ||
| waybackurls,https://github.com/tomnomnom/waybackurls,Fetch all the URLs that the Wayback Machine knows about for a domain. | ||
| weevely,https://github.com/epinna/weevely3,a webshell designed for post-exploitation purposes that can be extended over the network at runtime. | ||
| weevely,https://github.com/epinna/weevely3,a webshell designed for post-exploitation purposes that can be extended over the network at runtime. | ||
| wpscan,https://github.com/wpscanteam/wpscan,A tool to enumerate WordPress-based websites | ||
| ysoserial,https://github.com/frohoff/ysoserial,A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,45 @@ | ||
| Tool,Link,Description | ||
| asdf,https://github.com/asdf-vm/asdf,Extendable version manager with support for ruby python go etc | ||
| autorecon,https://github.com/Tib3rius/AutoRecon,Multi-threaded network reconnaissance tool which performs automated enumeration of services. | ||
| cloudfail,https://github.com/m0rtem/CloudFail,a reconnaissance tool for identifying misconfigured CloudFront domains. | ||
| crackmapexec,https://github.com/Porchetta-Industries/CrackMapExec,Network scanner. | ||
| CyberChef,https://github.com/gchq/CyberChef/,The Cyber Swiss Army Knife | ||
| droopescan,https://github.com/droope/droopescan,Scan Drupal websites for vulnerabilities. | ||
| drupwn,https://github.com/immunIT/drupwn,Drupal security scanner. | ||
| enum4linux-ng,https://github.com/cddmp/enum4linux-ng,Tool for enumerating information from Windows and Samba systems. | ||
| evilwinrm,https://github.com/Hackplayers/evil-winrm,Tool to connect to a remote Windows system with WinRM. | ||
| eyewitness,https://github.com/FortyNorthSecurity/EyeWitness,a tool to take screenshots of websites / provide some server header info / and identify default credentials if possible. | ||
| fcrackzip,https://github.com/hyc/fcrackzip,Password cracker for zip archives. | ||
| ffuf,https://github.com/ffuf/ffuf,Fast web fuzzer written in Go. | ||
| firefox,https://www.mozilla.org,A web browser | ||
| fzf,https://github.com/junegunn/fzf,🌸 A command-line fuzzy finder | ||
| gf,https://github.com/tomnomnom/gf,A wrapper around grep to avoid typing common patterns | ||
| gittools,https://github.com/internetwache/GitTools,A collection of Git tools including a powerful Dumper for dumping Git repositories. | ||
| hashcat,https://hashcat.net/hashcat,A tool for advanced password recovery | ||
| hydra,https://github.com/vanhauser-thc/thc-hydra,Hydra is a parallelized login cracker which supports numerous protocols to attack. | ||
| impacket,https://github.com/ThePorgs/impacket,Set of tools for working with network protocols (ThePorgs version). | ||
| john,https://github.com/openwall/john,John the Ripper password cracker. | ||
| joomscan,https://github.com/rezasp/joomscan,A tool to enumerate Joomla-based websites | ||
| jwt,https://github.com/ticarpi/jwt_tool,a command-line tool for working with JSON Web Tokens (JWTs) | ||
| mdcat,https://github.com/swsnr/mdcat,Fancy cat for Markdown | ||
| metasploit,https://github.com/rapid7/metasploit-framework,A popular penetration testing framework that includes many exploits and payloads | ||
| neovim,https://neovim.io/,hyperextensible Vim-based text editor | ||
| netexec,https://github.com/Pennyw0rth/NetExec,Network scanner (Crackmapexec updated). | ||
| nmap,https://nmap.org,The Network Mapper - a powerful network discovery and security auditing tool | ||
| nuclei,https://github.com/projectdiscovery/nuclei,A fast and customizable vulnerability scanner that can detect a wide range of issues / including XSS / SQL injection / and misconfigured servers. | ||
| responder,https://github.com/lgandx/Responder,a LLMNR / NBT-NS and MDNS poisoner. | ||
| seclists,https://github.com/danielmiessler/SecLists,A collection of multiple types of lists used during security assessments | ||
| simplyemail,https://github.com/SimplySecurity/SimplyEmail,a scriptable command line tool for sending emails | ||
| smbclient,https://github.com/samba-team/samba,SMBclient is a command-line utility that allows you to access Windows shared resources | ||
| smbmap,https://github.com/ShawnDEvans/smbmap,A tool to enumerate SMB shares and check for null sessions | ||
| sqlmap,https://github.com/sqlmapproject/sqlmap,Sqlmap is an open-source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws | ||
| sslscan,https://github.com/rbsec/sslscan,a tool for testing SSL/TLS encryption on servers | ||
| subfinder,https://github.com/projectdiscovery/subfinder,Tool to find subdomains associated with a domain. | ||
| testssl,https://github.com/drwetter/testssl.sh,a tool for testing SSL/TLS encryption on servers | ||
| theharvester,https://github.com/laramies/theHarvester,Tool for gathering e-mail accounts / subdomain names / virtual host / open ports / banners / and employee names from different public sources | ||
| wafw00f,https://github.com/EnableSecurity/wafw00f,a Python tool that helps to identify and fingerprint web application firewall (WAF) products. | ||
| waybackurls,https://github.com/tomnomnom/waybackurls,Fetch all the URLs that the Wayback Machine knows about for a domain. | ||
| weevely,https://github.com/epinna/weevely3,a webshell designed for post-exploitation purposes that can be extended over the network at runtime. | ||
| weevely,https://github.com/epinna/weevely3,a webshell designed for post-exploitation purposes that can be extended over the network at runtime. | ||
| wpscan,https://github.com/wpscanteam/wpscan,A tool to enumerate WordPress-based websites | ||
| ysoserial,https://github.com/frohoff/ysoserial,A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,66 @@ | ||
| Tool,Link,Description | ||
| arsenal,https://github.com/Orange-Cyberdefense/arsenal,Powerful weapons for penetration testing. | ||
| asdf,https://github.com/asdf-vm/asdf,Extendable version manager with support for ruby python go etc | ||
| assetfinder,https://github.com/tomnomnom/assetfinder,Tool to find subdomains and IP addresses associated with a domain. | ||
| Blackbird,https://github.com/p1ngul1n0/blackbird,An OSINT tool to search fast for accounts by username across 581 sites. | ||
| buster,https://github.com/sham00n/Buster,Advanced OSINT tool | ||
| carbon14,https://github.com/Lazza/carbon14,OSINT tool for estimating when a web page was written. | ||
| Censys,https://github.com/censys/censys-python,An easy-to-use and lightweight API wrapper for Censys APIs | ||
| constellation,https://github.com/constellation-app/Constellation,Find and exploit vulnerabilities in mobile applications. | ||
| CyberChef,https://github.com/gchq/CyberChef/,The Cyber Swiss Army Knife | ||
| dnsenum,https://github.com/fwaeytens/dnsenum,dnsenum is a tool for enumerating DNS information about a domain. | ||
| exifprobe,https://github.com/hfiguiere/exifprobe,Exifprobe is a command-line tool to parse EXIF data from image files. | ||
| exiftool,https://github.com/exiftool/exiftool,ExifTool is a Perl library and command-line tool for reading / writing and editing meta information in image / audio and video files. | ||
| finalrecon,https://github.com/thewhiteh4t/FinalRecon,A web reconnaissance tool that gathers information about web pages | ||
| findomain,https://github.com/findomain/findomain,The fastest and cross-platform subdomain enumerator. | ||
| firefox,https://www.mozilla.org,A web browser | ||
| fzf,https://github.com/junegunn/fzf,🌸 A command-line fuzzy finder | ||
| GeoPincer,https://github.com/tloja/GeoPincer,GeoPincer is a script that leverages OpenStreetMap's Overpass API in order to search for locations. | ||
| gf,https://github.com/tomnomnom/gf,A wrapper around grep to avoid typing common patterns | ||
| githubemail,https://github.com/paulirish/github-email,a command-line tool to retrieve a user's email from Github. | ||
| GoMapEnum,https://github.com/nodauf/GoMapEnum,Nothing new but existing techniques are brought together in one tool. | ||
| goshs,https://github.com/patrickhener/goshs,Goshs is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S with either self-signed certificate or user provided certificate and you can use HTTP basic auth. | ||
| gron,https://github.com/tomnomnom/gron,Make JSON greppable! | ||
| h8mail,https://github.com/khast3x/h8mail,Email OSINT and breach hunting. | ||
| holehe,https://github.com/megadose/holehe,mail osint tool finding out if it is used on websites. | ||
| ignorant,https://github.com/megadose/ignorant,holehe but for phone numbers. | ||
| imagemagick,https://github.com/ImageMagick/ImageMagick,ImageMagick is a free and open-source image manipulation tool used to create / edit / compose / or convert bitmap images. | ||
| ipinfo,https://github.com/ipinfo/cli,Get information about an IP address or hostname. | ||
| linkedin2username,https://github.com/initstring/linkedin2username,Generate a list of LinkedIn usernames from a company name. | ||
| maigret,https://github.com/soxoj/maigret,Collects information about a target email (or domain) from Google and Bing search results | ||
| maltego,https://www.paterva.com/web7/downloads.php,A tool used for open-source intelligence and forensics | ||
| mdcat,https://github.com/swsnr/mdcat,Fancy cat for Markdown | ||
| MurMurHash,https://github.com/QU35T-code/MurMurHash,This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform. | ||
| neovim,https://neovim.io/,hyperextensible Vim-based text editor | ||
| ngrok,https://github.com/inconshreveable/ngrok,Expose a local server behind a NAT or firewall to the internet | ||
| objectwalker,https://github.com/p0dalirius/objectwalker,A python module to explore the object tree to extract paths to interesting objects in memory. | ||
| osrframework,https://github.com/i3visio/osrframework,Include references to a bunch of different applications related to username checking / DNS lookups / information leaks research / deep web search / regular expressions extraction and many others. | ||
| phoneinfoga,https://github.com/sundowndev/PhoneInfoga,Information gathering & OSINT framework for phone numbers. | ||
| photon,https://github.com/s0md3v/Photon,a fast web crawler which extracts URLs / files / intel & endpoints from a target. | ||
| pwndb,https://github.com/davidtavarez/pwndb,A command-line tool for searching the pwndb database of compromised credentials. | ||
| pwnedornot,https://github.com/thewhiteh4t/pwnedOrNot,Check if a password has been leaked in a data breach. | ||
| pymeta,https://github.com/m8sec/pymeta,Google and Bing scraping osint tool | ||
| recon-ng,https://github.com/lanmaster53/recon-ng,External recon tool. | ||
| recondog,https://github.com/s0md3v/ReconDog,a reconnaissance tool for performing information gathering on a target. | ||
| rlwrap,https://github.com/hanslub42/rlwrap,rlwrap is a small utility that wraps input and output streams of executables / making it possible to edit and re-run input history | ||
| rsync,https://packages.debian.org/sid/rsync,File synchronization tool for efficiently copying and updating data between local or remote locations | ||
| searchsploit,https://gitlab.com/exploit-database/exploitdb,A command line search tool for Exploit-DB | ||
| shellerator,https://github.com/ShutdownRepo/Shellerator,a simple command-line tool for generating shellcode | ||
| Sherlock,https://github.com/sherlock-project/sherlock,Hunt down social media accounts by username across social networks. | ||
| simplyemail,https://github.com/SimplySecurity/SimplyEmail,a scriptable command line tool for sending emails | ||
| spiderfoot,https://github.com/smicallef/spiderfoot,A reconnaissance tool that automatically queries over 100 public data sources | ||
| subfinder,https://github.com/projectdiscovery/subfinder,Tool to find subdomains associated with a domain. | ||
| sublist3r,https://github.com/aboul3la/Sublist3r,a Python tool designed to enumerate subdomains of websites. | ||
| theharvester,https://github.com/laramies/theHarvester,Tool for gathering e-mail accounts / subdomain names / virtual host / open ports / banners / and employee names from different public sources | ||
| tig,https://github.com/jonas/tig,Tig is an ncurses-based text-mode interface for git. | ||
| tor,https://github.com/torproject/tor,Anonymity tool that can help protect your privacy and online identity by routing your traffic through a network of servers. | ||
| toutatis,https://github.com/megadose/Toutatis,Toutatis is a tool that allows you to extract information from instagrams accounts such as e-mails / phone numbers and more. | ||
| trevorspray,https://github.com/blacklanternsecurity/TREVORspray,TREVORspray is a modular password sprayer with threading SSH proxying loot modules / and more | ||
| trilium,https://github.com/zadam/trilium,Personal knowledge management system. | ||
| uberfile,https://github.com/ShutdownRepo/Uberfile,Uberfile is a simple command-line tool aimed to help pentesters quickly generate file downloader one-liners in multiple contexts (wget / curl / powershell / certutil...). This project code is based on my other similar project for one-liner reverseshell generation Shellerator. | ||
| waybackurls,https://github.com/tomnomnom/waybackurls,Fetch all the URLs that the Wayback Machine knows about for a domain. | ||
| whatportis,https://github.com/ncrocfer/whatportis,Command-line tool to lookup port information | ||
| whois,https://packages.debian.org/sid/whois,See information about a specific domain name or IP address. | ||
| Yalis,https://github.com/EatonChips/yalis,Yet Another LinkedIn Scraper | ||
| youtubedl,https://github.com/ytdl-org/youtube-dl,Download videos from YouTube and other sites. | ||
| yt-dlp,https://github.com/yt-dlp/yt-dlp,A youtube-dl fork with additional features and fixes |
Oops, something went wrong.