A list of great hacker's essentials and a list of hacker's Essentials
0x00 Preface
As found on Github, I think the form is great, but it is still a little less. In the future, I will add excellent dry goods and personal Github and Blog updates.
English Version
0x01 text
A beautiful essential form for hackers, inspired by amazing machine learning. If you want to contribute to this list (welcome), please give me a pull on github or contact me @ carpedm20, for a list of free hacker books available for download, click here.
Directory
- System
- Tutorial
- Tools
- Docker
- Common
- Reverse
- Web
- Network
- Forensics
- Password
- Wargame
- System
- Reverse Engineering
- Web
- Network
- Forensics
- Cryptography
- CTF
- OS Security
- Others
System tutorial
- Corelan team's Exploit writing tutorial
- Exploit writing tutorial developed for Penetration Tester
Tools
- Metasploit-a computer security project that provides information about security vulnerabilities and helps with penetration testing and intrusion detection system development.
- Mimikatz-a useful tool for playing Windows Security
Docker images for penetration testing and security
- docker pull kalilinux/kali-linux-docker official Kali Linux
- docker pull owasp/zap2docker-stable - official OWASP ZAP
- docker pull wpscanteam/wpscan - official WPScan
- docker pull pandrew/metasploit - docker-metasploit
- docker pull citizenstig/dvwa - Damn Vulnerable Web Application (DVWA)
- docker pull wpscanteam/vulnerablewordpress - Vulnerable WordPress Installation
- docker pull hmlio/vaas-cve-2014-6271 - Vulnerability as a service: Shellshock
- docker pull hmlio/vaas-cve-2014-0160 - Vulnerability as a service: Heartbleed
- docker pull opendns/security-ninjas - Security Ninjas
- docker pull usertaken/archlinux-pentest-lxde - Arch Linux Penetration Tester
- docker pull diogomonica/docker-bench-security - Docker Bench for Security
- docker pull ismisepaul/securityshepherd - OWASP Security Shepherd
- docker pull danmx/docker-owasp-webgoat - OWASP WebGoat Project docker image
- docker-compose build && docker-compose up - OWASP NodeGoat
- docker pull citizenstig/nowasp - OWASP Mutillidae II Web Pen-Test Practice Application
- docker pull bkimminich/juice-shop - OWASP Juice Shop
Common
- Exploit database-the ultimate archive library for vulnerability exploitation and Vulnerable Software
Reverse tutorial
- Beginner in reversing
- Malware analysis Tutorial: Reverse Engineering
Tools
- Nudge4j-Java tool that allows the browser to interact with JVM
- IDA-IDA is a multi-process disassembly and debugging tool that can work on Windows, Linux, or Mac OS X.
- OllyDbg-Windows 32-bit Assembler-level debugging tool
- X64dbg-open-source x64/x32 debugging tool on Windows
- Dex2jar-a tool used to process Android. dex and Java. class files
- JD-GUI-independent graphical utility that displays the Java source code ". class" File
- Procyon-modern open-source Java decompilation Tool
- Androguard-reverse engineering and malware analysis tools for Android applications
- JAD-JAD Java decompilation tool (closed source, not often updated)
- Free. NET decompilation tool developed by dotPeek-JetBrains
- ILSpy-open-source set browsing and decompilation. NET Program tools
- DnSpy-set editing, decompilation, and debugging. NET Program tools
- De4dot-crack. NET program tool
- Antinet-A. NET program tool for decompilation and obfuscation of code
- UPX-Ultimate encapsulated Executable File Tool
- Radare2-portable Reverse Engineering Framework tool
- Plasma-applicable to x86, ARM, and MIPS interactive disassembly. It uses the syntax code of the instructions to generate pseudocode.
- Hopper-executable file tool for OS X and Linux disassembly/decompilation of 32/64-bit Windows/MAC/LINUX/iOS
- ScratchABit-use the IDAPython compatible plug-in API to easily locate and attack-able interactive disassembly tools
Common
Web tools
- Sqlmap-Automatic SQL injection and database intrusion tools
- Tools. web-max.ca-base64, base85 encoding/Decoding
Network Tools
- Wireshark-free open-source traffic package analysis tool
- NetworkMiner-network forensics analysis tool
- Tcpdump-a powerful command line traffic package analysis tool. Its built-in libpcap is a portable C/C ++ library for network traffic capture.
- Paros-Java-based HTTP/HTTPS proxy used to evaluate Web application vulnerability tools
- Pig-counterfeit traffic package tool in Linux
- ZAP-ZAP is an easy-to-use integrated penetration testing tool for discovering vulnerabilities in Web applications.
- Mitmproxy-tools with interactive control interface and support for SSL intermediate proxy Based on HTTP
- Mitmsocks4j-supports intermediate SOCKS proxy Tools Based on Java
- Nmap-Nmap security scanning tool
- Aircrack-ng-used to crack 802.11 WEP and WPA-PSK key tools
- Charles Proxy-cross-platform graphical user interface Web debugging Proxy tool used to view intercepted HTTP and HTTPS/SSL real-time traffic
- Nipe-script for making Tor network the Default Gateway
Forensics tools
- Autospy-digital forensics platform, The Sleuth Kit graphical interface, also contains other digital forensics tools.
- Sleuthkit-collect various command line digital forensics tool Libraries
- EnCase-Guidance Software developed a set of digital forensics tools using the Sharing Technology
- Malzilla-Malware arrest Tool
- PEview-quick and easy viewing of program structure and content of 32-bit executable files (PE) and component object file formats (COFF)
- The HxD-hexadecimal editor can process files of any size in addition to the original disk editing and modification of the primary storage (RAM.
- The WinHex-hexadecimal editor is used in computer forensics, data recovery, low-level data processing, and IT security.
- BinText-a small, fast, and powerful Text Extraction Tool that programmers are particularly interested in.
Password tools
- Xortool-a tool for analyzing Multi-byte XOR passwords
- John the Ripper-quick password cracking tool
- Aircrack-802.11 WEP and WPA-PSK key cracking tools
Wargame Systems
- OverTheWire-Semtex
- OverTheWire-Vortex
- OverTheWire-Drifter
- Pwnable. kr-various pwn challenges related to system security
- Exploit Exercises-Nebula
- SmashTheStack
Reverse Engineering
- Reversing. kr
- CodeEngn
- Simples. kr
- Crackmes.de
Web
- Hack This Site!
- Webhacking. kr
- 0xf.
Password
CTF Competition
- DEF CON
- CSAW CTF
- Hack. lu CTF
- Pliad CTF
- RuCTFe
- Ghost in the Shellcode
- PHD CTF
- SECUINSIDE CTF
- Codegate CTF
- Boston Key Party CTF
Common
- CTFtime.org
- WeChall
- CTF archives (shell-storm)
- Rookit Arsenal
- Pentest Cheat Sheets-penetration testing
- Movies For Hacker-List of Movies that each Hacker must watch
Online OS security resources
- Security related Operating Systems @ Rawsec-complete Operating System Security Form
- Best Linux Penetration Testing Distributions @ CyberPunk-Description of the division of labor in Penetration Testing
- Security @ Distrowatch-A website dedicated to discussing, reviewing, and maintaining an updated open-source operating system
Others
- SecTools-top 125 network security tools