Skip to content

tools.md

Latest commit

 

History

History
81 lines (79 loc) · 7.55 KB

tools.md

File metadata and controls

81 lines (79 loc) · 7.55 KB

Not The Hidden Wiki

Other Links (To be segregated in the future)

  • Proxychains - link
  • Proxychains-ng - link
  • SSHuttle - link
  • Chisel - link
  • Ligolo - link
  • RedTeam Tools - link
  • Trickest-Cli - link
  • Phishing Warmer - link
  • EvilGophish: Evilgnx + Gophish - link
  • HiddenEye: Modern Phishing Tool - link
  • Pentest Report Generator - link
  • Sysreptor - link
  • Regex Fuzzing - link
  • RDP MiTM - link
  • PentestGPT - link
  • MSSQL Spider - link
  • Nebula - link
  • Hidden Desktop for Cobalt Strike - link
  • Tunnel all your traffic over websocket protocol - Bypass firewalls/DPI - link
  • Anti Forensics Tool For Red Teamers - link
  • SoftICE-like kernel debugger for Windows 11 - link
  • Pentester's Promiscuous Notebook - link
  • Trickest: workflow orchestration - link
  • n8n: Workflow automation for technical people - link
  • Serveo: Expose local servers to the internet - link
  • ngrok - link
  • amass: A DNS enumeration / attack surface mapping & external assets discovery tool - link
  • autorecon: Multi-threaded network reconnaissance tool which performs automated enumeration of services. - link
  • cloudfail: a reconnaissance tool for identifying misconfigured CloudFront domains. - link
  • crackmapexec: Network scanner. - link
  • dnsx: A tool for DNS reconnaissance that can help identify subdomains and other related domains. - link
  • enum4linux-ng: Tool for enumerating information from Windows and Samba systems. - link
  • enyx: Framework for building offensive security tools. - link
  • fierce: A DNS reconnaissance tool for locating non-contiguous IP space - link
  • findomain: The fastest and cross-platform subdomain enumerator. - link
  • freeipscanner: A simple bash script to enumerate stale ADIDNS entries - link
  • dnschef: Tool for DNS MITM attacks - link
  • KeePwn: KeePwn is a tool that extracts passwords from KeePass 1.x and 2.x databases. - link
  • seclists: A collection of multiple types of lists used during security assessments - link
  • metasploit: A popular penetration testing framework that includes many exploits and payloads - link
  • swaks: Swaks is a featureful flexible scriptable transaction-oriented SMTP test tool. - link
  • strace: debugging utility for Linux - link
  • ssh-audit: ssh-audit is a tool to test SSH server configuration for best practices - link
  • pwncat: A lightweight and versatile netcat alternative - link
  • smtp-user-enum: A tool to enumerate email addresses via SMTP - link
  • sipvicious: Enumeration and MITM tool for SIP devices - link
  • ruler: Outlook Rules exploitation framework. - link
  • gowitness: A website screenshot utility written in Golang. - link
  • mitm6: Tool to conduct a man-in-the-middle attack against IPv6 protocols. - link
  • onesixtyone: SNMP scanner - link
  • semgrep: Static analysis tool that supports multiple languages and can find a variety of vulnerabilities and coding errors. - link
  • pwnedornot: Check if a password has been leaked in a data breach. - link
  • pwndb: A command-line tool for searching the pwndb database of compromised credentials. - link
  • Pantheon: Insecure Camera Parsing and Intelligence - link
  • VirtualMemAllocMon: too for Monitoring VirtualMemAlloc Event via ETW - link
  • List of ngrok alternatives and other ngrok-like tunneling software and services. - link
  • Ready to go Phishing Platform - link
  • Generate unicode domains for IDN Homograph Attack and detect them. - link
  • Malicious Shortcut(.lnk) Generator - link
  • MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange - link
  • BadAssMacros - C# based automated Malicous Macro Generator. - link
  • GoPhish - link
  • HTA encryption tool for RedTeams - link
  • A collection of captive portals for phishing using a WiFi Pineapple - link
  • Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records. - link
  • A great collection of resources to thrive off the land - link
  • Static binary for Linux - link
  • Vulnerable test websites for Vulnerability Scanners - link
  • A collection of bookmarks for penetration testers, bug bounty hunters, malware developers, reverse engineers - link
  • How to launch Command Prompt and powershell from MS Paint - link
  • Webhook.site | Test, process and transform emails and HTTP requests (BURP Collab alternative) - link
  • Simple, private file sharing - link
  • FullHunt: Secure Your Attack Surface - link
  • GrayHatWarfare - link
  • dnstwist: domain name fuzzer, can be used to generate list of looklike domain names for phishing - link
  • Network Port Checker & Scanner Tool - link