Skip to content

Commit

Permalink
data: update tools list.
Browse files Browse the repository at this point in the history
  • Loading branch information
noptrix committed Jun 4, 2022
1 parent 84abf5a commit 68696c4
Show file tree
Hide file tree
Showing 25 changed files with 209 additions and 209 deletions.
8 changes: 4 additions & 4 deletions data/automation
Original file line number Diff line number Diff line change
Expand Up @@ -3,17 +3,17 @@ automato|33.0561b59|Should help with automating some of the user-focused enumera
autonessus|24.7933022|This script communicates with the Nessus API in an attempt to help with automating scans.|https://github.com/redteamsecurity/AutoNessus
autonse|25.7c87f4c|Massive NSE (Nmap Scripting Engine) AutoSploit and AutoScanner.|https://github.com/m4ll0k/AutoNSE
autopwn|190.fc80cef|Specify targets and run sets of tools against them.|https://github.com/nccgroup/autopwn
autorecon|254.fec09fb|A multi-threaded network reconnaissance tool which performs automated enumeration of services.|https://github.com/Tib3rius/AutoRecon
autorecon|257.f724be8|A multi-threaded network reconnaissance tool which performs automated enumeration of services.|https://github.com/Tib3rius/AutoRecon
awsbucketdump|82.4684670|A tool to quickly enumerate AWS S3 buckets to look for loot.|https://github.com/jordanpotti/AWSBucketDump
bashfuscator|338.7487348|Fully configurable and extendable Bash obfuscation framework.|https://github.com/Bashfuscator/Bashfuscator
blueranger|1.0|A simple Bash script which uses Link Quality to locate Bluetooth device radios.|http://www.hackfromacave.com/projects/blueranger.html
bopscrk|72.34fb3fd|Tool to generate smart wordlists, eg. based on lyrics.|https://github.com/R3nt0n/bopscrk
brutespray|195.20f36bd|Brute-Forcing from Nmap output - Automatically attempts default creds on found services.|https://github.com/x90skysn3k/brutespray
brutex|107.3f43505|Automatically brute force all services running on a target.|https://github.com/1N3/BruteX
byepass|213.8cbfd9b|Automates password cracking tasks using optimized dictionaries and mangling rules.|https://github.com/webpwnized/byepass
cewl|136.2b6e370|A custom word list generator.|http://www.digininja.org/projects/cewl.php
cewl|138.ddda1c0|A custom word list generator.|http://www.digininja.org/projects/cewl.php
cheat-sh|6|The only cheat sheet you need.|https://cheat.sh
checksec|2.5.0|Tool designed to test which standard Linux OS and PaX security features are being used|https://github.com/slimm609/checksec.sh
checksec|2.6.0|Tool designed to test which standard Linux OS and PaX security features are being used|https://github.com/slimm609/checksec.sh
cisco-snmp-enumeration|10.ad06f57|Automated Cisco SNMP Enumeration, Brute Force, Configuration Download and Password Cracking.|https://github.com/nccgroup/cisco-snmp-enumeration
clusterd|143.d190b2c|Automates the fingerprinting, reconnaissance, and exploitation phases of an application server attack.|https://github.com/hatRiot/clusterd
codeql|2.8.1|The CLI tool for GitHub CodeQL|https://github.com/codeql
Expand Down Expand Up @@ -61,7 +61,7 @@ nfspy|1.0|A Python library for automating the falsification of NFS credentials w
nfsshell|19980519|Userland NFS command tool.|http://www.paramecium.org/~leendert/
nosqlattack|98.a5b0329|Python tool to automate exploit MongoDB server IP on Internet anddisclose the database data by MongoDB default configuration weaknesses and injection attacks.|https://github.com/youngyangyang04/NoSQLAttack
nullscan|1.0.1|A modular framework designed to chain and automate security tests.|http://www.nullsecurity.net/tools/automation.html
openscap|1.3.6.r37.g39e96abd4|Open Source Security Compliance Solution.|https://www.open-scap.org/
openscap|1.3.6.r42.g72dd8ba0f|Open Source Security Compliance Solution.|https://www.open-scap.org/
panoptic|185.df35a6c|A tool that automates the process of search and retrieval of content for common log and config files through LFI vulnerability.|https://github.com/lightos/Panoptic
pastejacker|12.ed9f153|Hacking systems with the automation of PasteJacking attacks.|https://github.com/D4Vinci/PasteJacker
pasv-agrsv|57.6bb54f7|Passive recon / OSINT automation script.|https://github.com/isaudits/pasv-agrsv
Expand Down
6 changes: 3 additions & 3 deletions data/binary
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ klee|2.1|A symbolic virtual machine built on top of the LLVM compiler infrastruc
leena|2.5119f56|Symbolic execution engine for JavaScript|https://github.com/mmicu/leena
loadlibrary|104.c40033b|Porting Windows Dynamic Link Libraries to Linux.|https://github.com/taviso/loadlibrary
ltrace|0.7.3|Tracks runtime library calls in dynamically linked programs|https://www.ltrace.org/
manticore|0.2.4.r343.g9e11bc9a|Symbolic execution tool.|https://github.com/trailofbits/manticore
manticore|0.2.4.r346.gdc998800|Symbolic execution tool.|https://github.com/trailofbits/manticore
metame|14.8d583a0|A simple metamorphic code engine for arbitrary executables.|https://github.com/a0rtega/metame
objdump2shellcode|28.c2d6120|A tool I have found incredibly useful whenever creating custom shellcode.|https://github.com/wetw0rk/objdump2shellcode
oledump|0.0.63|Analyze OLE files (Compound File Binary Format). These files contain streams of data. This tool allows you to analyze these streams.|http://blog.didierstevens.com/programs/oledump-py/
Expand All @@ -46,7 +46,7 @@ packerid|1.4|Script which uses a PEiD database to identify which packer (if any)
patchkit|37.95dc699|Powerful binary patching from Python.|https://github.com/lunixbochs/patchkit
pixd|7.873db72|Colourful visualization tool for binary files.|https://github.com/FireyFly/pixd
powerstager|14.0149dc9|A payload stager using PowerShell.|https://github.com/z0noxz/powerstager
procdump|53.7ae6126|Generate coredumps based off performance triggers.|https://github.com/Microsoft/ProcDump-for-Linux
procdump|54.569883d|Generate coredumps based off performance triggers.|https://github.com/Microsoft/ProcDump-for-Linux
proctal|482.67bf7e8|Provides a command line interface and a C library to manipulate the address space of a running program on Linux.|https://github.com/daniel-araujo/proctal
python-oletools|0.60|Tools to analyze Microsoft OLE2 files.|https://pypi.org/project/oletools/
python2-oletools|0.60|Tools to analyze Microsoft OLE2 files.|https://pypi.org/project/oletools/
Expand All @@ -59,7 +59,7 @@ soot|3.4.0|A Java Bytecode Analysis and Transformation Framework.|http://www.sab
strace|5.17|A diagnostic, debugging and instructional userspace tracer|https://strace.io/
stringsifter|29.3cb284a|Machine learning tool that automatically ranks strings based on their relevance for malware analysis.|https://github.com/fireeye/stringsifter
swftools|0.9.2|A collection of SWF manipulation and creation utilities.|http://www.swftools.org/
triton|3713.243026c9|A Dynamic Binary Analysis (DBA) framework.|https://github.com/JonathanSalwan/Triton
triton|3756.c82b6eb0|A Dynamic Binary Analysis (DBA) framework.|https://github.com/JonathanSalwan/Triton
upx|3.96|Extendable, high-performance executable packer for several executable formats|https://github.com/upx/upx
valgrind|3.19.0|Tool to help find memory-management problems in programs|http://valgrind.org/
veles|637.e65de5a|New open source tool for binary data analysis.|https://codisec.com/veles/
Expand Down
2 changes: 1 addition & 1 deletion data/bluetooth
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ btlejack|84.4e3014f|Bluetooth Low Energy Swiss-army knife.|https://github.com/vi
btproxy-mitm|71.cd1c906|Man in the Middle analysis tool for Bluetooth.|https://github.com/conorpp/btproxy
btscanner|2.1|Bluetooth device scanner.|http://www.pentest.co.uk
carwhisperer|0.2|Intends to sensibilise manufacturers of carkits and other Bluetooth appliances without display and keyboard for the possible security threat evolving from the use of standard passkeys.|http://trifinite.org/trifinite_stuff_carwhisperer.html
ghettotooth|1.0|Ghettodriving for bluetooth|http://www.oldskoolphreak.com/tfiles/ghettotooth.txt
ghettotooth|1.0|Ghettodriving for bluetooth.|http://www.oldskoolphreak.com/tfiles/ghettotooth.txt
hidattack|0.1|HID Attack (attacking HID host implementations)|http://mulliner.org/bluetooth/hidattack.php
obexstress|0.1|Script for testing remote OBEX service for some potential vulnerabilities.|http://bluetooth-pentest.narod.ru/
redfang|2.5|Finds non-discoverable Bluetooth devices by brute-forcing the last six bytes of the devices' Bluetooth addresses and calling read_remote_name().|http://packetstormsecurity.com/files/31864/redfang.2.5.tar.gz.html
Expand Down
8 changes: 4 additions & 4 deletions data/code-audit
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
bof-detector|19.e08367d|A simple detector of BOF vulnerabilities by source-code-level check.|https://github.com/st9140927/BOF_Detector
brakeman|3801.c6237463e|A static analysis security vulnerability scanner for Ruby on Rails applications.|https://brakemanscanner.org/
brakeman|3805.26735dd99|A static analysis security vulnerability scanner for Ruby on Rails applications.|https://brakemanscanner.org/
cflow|1.7|A C program flow analyzer.|http://www.gnu.org/software/cflow/
cppcheck|2.8|A tool for static C/C++ code analysis|http://cppcheck.sourceforge.net/
cpptest|2.0.0|A portable and powerful, yet simple, unit testing framework for handling automated tests in C++.|https://github.com/cpptest/cpptest/releases
detect-secrets|v1.2.0.r21.ge8426a4|An enterprise friendly way of detecting and preventing secrets in code.|https://github.com/Yelp/detect-secrets
detect-secrets|v1.2.0.r23.g3c8ee74|An enterprise friendly way of detecting and preventing secrets in code.|https://github.com/Yelp/detect-secrets
devaudit|803.ca0a68e|An open-source, cross-platform, multi-purpose security auditing tool targeted at developers and teams.|https://github.com/sonatype-nexus-community/DevAudit
dscanner|0.12.1|Swiss-army knife for D source code|https://github.com/dlang-community/D-Scanner
flawfinder|2.0.19|Searches through source code for potential security flaws|https://dwheeler.com/flawfinder/
Expand All @@ -12,14 +12,14 @@ local-php-security-checker|v2.0.3.r0.g5a963b3|A command line tool that checks yo
mosca|112.7d33611|Static analysis tool to find bugs like a grep unix command.|https://github.com/CoolerVoid/Mosca
njsscan|0.3.1|A static application testing (SAST) tool that can find insecure code patterns in your node.js applications.|https://pypi.org/project/njsscan/#files
pfff|0.29|Tools and APIs for code analysis, visualization and transformation|https://github.com/facebook/pfff
phpstan|7600.c84e0d402|PHP Static Analysis Tool - discover bugs in your code without running it.|https://github.com/phpstan/phpstan
phpstan|7702.22e755948|PHP Static Analysis Tool - discover bugs in your code without running it.|https://github.com/phpstan/phpstan
pscan|1.3|A limited problem scanner for C source files|http://deployingradius.com/pscan/
rats|6.4ba54ce|A rough auditing tool for security in source code files.|https://github.com/andrew-d/rough-auditing-tool-for-security
shellcheck|0.8.0|Shell script analysis tool|https://www.shellcheck.net
slither|2555.fba37f2c|Solidity static analysis framework written in Python 3.|https://github.com/crytic/slither
snyk|1.878.0|CLI and build-time tool to find and fix known vulnerabilities in open-source dependencies.|https://github.com/snyk/snyk
splint|3.1.2.git20180129|A tool for statically checking C programs for security vulnerabilities and coding mistakes|https://repo.or.cz/splint-patched.git
spotbugs|16787.68e7dca67|A tool for static analysis to look for bugs in Java code.|https://github.com/spotbugs/spotbugs
spotbugs|16788.7ba0e74fa|A tool for static analysis to look for bugs in Java code.|https://github.com/spotbugs/spotbugs
stoq|769.8bfc78b|An open source framework for enterprise level automated analysis.|https://github.com/PUNCH-Cyber/stoq
tell-me-your-secrets|v.2.4.0.r1.gd7d2e74|Find secrets on any machine from over 120 Different Signatures.|https://github.com/valayDave/tell-me-your-secrets
trufflehog|213.e9ac138|Searches through git repositories for high entropy strings, digging deep into commit history.|https://github.com/dxa4481/truffleHog
Expand Down
4 changes: 2 additions & 2 deletions data/cracker
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ skul|27.7bd83f1|A PoC to bruteforce the Cryptsetup implementation of Linux Unifi
smbbf|0.9.1|SMB password bruteforcer.|http://packetstormsecurity.com/files/25381/smbbf.9.1.tar.gz.html
snmp-brute|19.830bb0a|SNMP brute force, enumeration, CISCO config downloader and password cracking script.|https://github.com/SECFORCE/SNMP-Brute
speedpwn|8.3dd2793|An active WPA/2 Bruteforcer, original created to prove weak standard key generation in different ISP labeled routers without a client is connected.|https://gitorious.org/speedpwn/
spray365|31.8a339b7|Makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach.|https://github.com/MarkoH17/Spray365
spray365|40.342fbf0|Makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach.|https://github.com/MarkoH17/Spray365
spraycharles|192.5a76852|Low and slow password spraying tool, designed to spray on an interval over a long period of time.|https://github.com/Tw1sm/spraycharles
sqlpat|1.0.1|This tool should be used to audit the strength of Microsoft SQL Server passwords offline.|http://www.cqure.net/wp/sqlpat/
ssh-privkey-crack|0.4|A SSH private key cracker.|https://code.google.com/p/lusas/
Expand All @@ -152,7 +152,7 @@ tftp-bruteforce|0.1|A fast TFTP filename bruteforcer written in perl.|http://www
thc-keyfinder|1.0|Finds crypto keys, encrypted data and compressed data in files by analyzing the entropy of parts of the file.|https://www.thc.org/releases.php
thc-pptp-bruter|0.1.4|A brute force program that works against pptp vpn endpoints (tcp port 1723).|http://www.thc.org
thc-smartbrute|1.0|This tool finds undocumented and secret commands implemented in a smartcard.|https://www.thc.org/thc-smartbrute/
trevorspray|108.a9d765b|A modular password sprayer with threading, clever proxying, loot modules, and more!|https://github.com/blacklanternsecurity/TREVORspray
trevorspray|109.f128ffe|A modular password sprayer with threading, clever proxying, loot modules, and more!|https://github.com/blacklanternsecurity/TREVORspray
truecrack|35|Password cracking for truecrypt(c) volumes.|http://code.google.com/p/truecrack/
tweetshell|21.47a415c|Multi-thread Twitter BruteForcer in Shell Script.|https://github.com/thelinuxchoice/tweetshell
ufo-wardriving|4|Allows you to test the security of wireless networks by detecting their passwords based on the router model.|http://www.ufo-wardriving.com/
Expand Down
2 changes: 1 addition & 1 deletion data/crypto
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ ssdeep|2.14.1|A program for computing context triggered piecewise hashes|https:/
sslyze|5.0.3|Python tool for analyzing the configuration of SSL servers and for identifying misconfigurations.|https://github.com/nabla-c0d3/sslyze
testssl.sh|3.0.7|Testing TLS/SSL encryption|https://github.com/drwetter/testssl.sh
tls-attacker|5759.973f490a3|A Java-based framework for analyzing TLS libraries.|https://github.com/RUB-NDS/TLS-Attacker
tls-map|v2.1.0.r7.g08bbd0b|CLI & library for TLS cipher suites manipulation.|https://noraj.github.io/tls-map/
tls-map|v2.1.0.r9.g52c4704|CLI & library for TLS cipher suites manipulation.|https://noraj.github.io/tls-map/
tlsenum|78.787c88b|A command line tool to enumerate TLS cipher-suites supported by a server.|https://github.com/Ayrx/tlsenum
tlsfuzzer|1382.0f7c53e|SSL and TLS protocol test suite and fuzzer.|https://github.com/tomato42/tlsfuzzer
tlspretense|v0.6.2.r22.g0a5faf4|SSL/TLS client testing framework.|https://github.com/iSECPartners/tlspretense
Expand Down
6 changes: 3 additions & 3 deletions data/debugger
Original file line number Diff line number Diff line change
Expand Up @@ -3,14 +3,14 @@ electric-fence|2.2.5|A malloc(3) debugger that uses virtual memory hardware to d
gdb|12.1|The GNU Debugger|https://www.gnu.org/software/gdb/
gdb-common|12.1|The GNU Debugger|https://www.gnu.org/software/gdb/
gdbgui|429.799d340|Browser-based gdb frontend using Flask and JavaScript to visually debug C, C++, Go, or Rust.|https://github.com/cs01/gdbgui
gef|2259.e50af77|Multi-Architecture GDB Enhanced Features for Exploiters & Reverse-Engineers.|https://github.com/hugsy/gef
gef|2260.7f45550|Multi-Architecture GDB Enhanced Features for Exploiters & Reverse-Engineers.|https://github.com/hugsy/gef
heaptrace|2.2.8.2.r19.g6f66cad|Helps visualize heap operations for pwn and debugging.|https://github.com/Arinerron/heaptrace
lldb|13.0.1|Next generation, high-performance debugger|https://lldb.llvm.org/
ollydbg|201g|A 32-bit assembler-level analysing debugger.|http://www.ollydbg.de
peda|1.2|Python Exploit Development Assistance for GDB|https://github.com/longld/peda
pwndbg|2022.01.05|Makes debugging with GDB suck less|https://github.com/pwndbg/pwndbg
rr|6000.c95a2d5e|A Record and Replay Framework.|https://github.com/mozilla/rr
rr|6009.68fe9b74|A Record and Replay Framework.|https://github.com/mozilla/rr
saleae-logic|2.3.47|Debug happy.|https://www.saleae.com/downloads
shellnoob|35.72cf498|A toolkit that eases the writing and debugging of shellcode.|https://github.com/reyammer/shellnoob
vivisect|1699.c1765319|A Python based static analysis and reverse engineering framework.|http://visi.kenshoto.com/
vivisect|1701.b8565c50|A Python based static analysis and reverse engineering framework.|http://visi.kenshoto.com/
voltron|627.d9fef0b|UI for GDB, LLDB and Vivisect's VDB.|https://github.com/snare/voltron
2 changes: 1 addition & 1 deletion data/decompiler
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ cafebabe|0.1.2|Java bytecode editor & decompiler.|https://grax.info/
cfr|152|Another Java decompiler.|http://www.benf.org/other/cfr/
fernflower|485.e19aab6|An analytical decompiler for Java.|https://github.com/fesh0r/fernflower
gadgetinspector|6.ac7832d|A byte code analyzer for finding deserialization gadget chains in Java applications.|https://github.com/JackOfMostTrades/gadgetinspector
jadx|1.4.0|Command line and GUI tools to produce Java source code from Android Dex and APK files|https://github.com/skylot/jadx
jadx|1.4.1|Command line and GUI tools to produce Java source code from Android Dex and APK files|https://github.com/skylot/jadx
jd-cli|1.2.0|Command line Java Decompiler.|https://github.com/kwart/jd-cli
jd-gui|1.6.6|A standalone graphical utility that displays Java source codes of .class files.|https://github.com/java-decompiler/jd-gui
jpexs-decompiler|15.1.0|JPEXS Free Flash Decompiler.|https://github.com/jindrapetrik/jpexs-decompiler
Expand Down
Loading

0 comments on commit 68696c4

Please sign in to comment.