Popular links for penetration testing, forensics, security, and hacking

Are you still looking for a tool to complete your daily activities, or are you just looking for new tools that you can try to play? No need to worry, because today is your lucky day! Today, I will mention a variety of links, resources and editing tools that can be used for penetration testing, computer forensics, security, and hacking techniques.

toolswatch.org

Toolswatch.org is maintained by NJ Ouchn (@toolswatch) and Maxi Solder (@maxisoler). This is a cool website where you can find the latest version of audit, penetration testing tools. Web Application Security Advisor, system Administrator, network administrator, malware analyst, information security enthusiast, and security specialist. You can also submit tools that promote yourself.

Toolswatch.org is also a project of NJ Ouchn (@toolswatch) and Maxi Solder (@maxisoler) including vfeed® (an open source related and cross-linked vulnerability XML database), DPE (default password enumeration project) , Firecat (Firefox directory Audit extension), as/400 security Assessment Mind Map, Kromcat (Google Chrome directory Audit extension) and SSA (Security System Analyzer 2.0).

Soldierx Tools and Labs

Soldierx.com is known to keep the world's largest public hacker database on the Web (Soldierx HDB), but they also keep their public projects available on the SX Labs page, as well as a collection of their recommended tools, which can be found in https:// Www.soldierx.com/tools found. I suggest you take a look at these three items, Agent steal, penetration test kit, and Wdivulge.

Dirk Loss : the Python tool for penetration testing

If you are a Python programmer and enthusiast, I believe you should consult the Dirk Loss ' s Python Penetration testing tool list. The tools listed on the page are categorized as network, debug and reverse engineering, fuzzing, Web, forensics, malware analysis, PDF, Miscellaneous, and other useful libraries and tools.

According to the author's page: "Some of the more offensive tools (infiltration system framework, Bluetooth Accelerator, Web Application Security vulnerability scanner, war-dialers program, etc.) are excluded because the legal status of these tools is still somewhat unclear in Germany, even after the Supreme Court decision." This list is specifically designed to help white hats, and I now prefer to be safe. "

Holisticinfosec

This is an information security tool written by Russ McRee Blog, a blog that maintains a monthly column in ISSA magazine. I like this blog, it handles different penetration tests, malware analysis, fuzzing, and security tools, including how to use it like a boss.

Www.YouXia.Org

China is a good focus on information and network security blog, usually update not too fast, of course, is not too slow. There will be some content on hacker technology, security hardening, and level protection. Of course, the most important, may regularly test some of the usual rare commercial security products.

sectools.org

Sectools.org is a website maintained by Gordon "Fyodor" Lyon (the author is the founder of the Nmap Security scanner). It contains tool descriptions and top 125 network security tools categorized as anti-malware, application-specific scanners, Web browser–related, password cracking, cryptographic tools, debuggers, firewalls, forensics, fuzzer, generic tools, intrusion detection systems (IDS), packet-based Tools, port scanners, rootkit probes, security-oriented operating systems, packet sniffers, exploit tools, traffic monitoring tools, vulnerability scanners, Web proxy servers, Web vulnerability scanners, and wireless tools.

Edge-security group-projects

Edge-security Group is focused on offensive security, malware intelligence, and mobile security professionals who also maintain their own projects: Theharvester,metagoofil Collectors, Wfuzz (Web application Bruteforcer), proxystrike (passive agent), Webslayer (Wfuzz front end), edge-ssh ssh brute force hack suite, Hosproxy and Geodedge.

Security Tool Files from Packet Storm

Security tool files from Packet storm contains the documents submitted by various safety researchers, penetration testers, programmers, etc. you can submit your own tools via mail them at packetstormsecurity.com

Viaforensics Free Tools

Viaforensics is a company known for its expertise in mobile forensics, and the project requires Santoku Linux, a Linux distribution for mobile security, malware analysis and forensics. In addition to Santoku Linux, they also maintain their own tools and projects. Here you can find: https://viaforensics.com/resources/tools/

Top Digital Forensic Investigation Tools for SysAdmins by GFI

Andrew Zammit Tabona GFI wrote a cool article for the digital Forensic investigation tools for system administrators, about 20 forensic tools. The tools listed in the blog (according to their rankings) are: SAN SIFT, Prodiscover Basic, volatility, the sleuth Kit (+autopsy), ftk Imager, Linux ' DD ', CAINE, O Xygen Forensic Suite 2013 standard, free hex editor, batch extractor, smart Linux, Xplico, Lastactivityview, Digital Forensics framework, Mandiant RedLine, Plainsight, HxD, HELIX3 Free,netsleuth and P2 eXplorer free. For more information about the mentioned tools, see the article.

Free Computer forensics tool by forensic Control

Judicial control has more than 115 free tools, digital forensics analysis; they are called disk mirroring tools, e-mail analysis, general, file and data analysis, MAC OS tools, mobile devices, data analysis Suite, file viewer, network analysis, registry analysis, application analysis, and Abandonware. You can also advise them to list other tools by email [email protected].

CERT Linux Forensic Tools Library

CERT (Computer Emergency Response Team) The Linux Forensics Tool Library is a digital forensics tool that can install or use the CERT Forensics toolkit on demand. The memory card works primarily for Fedora and Centos/rhel Linux distributions.

NirSoft

NirSoft is a NIR Sofer maintained web site that is used by experienced developers using the C + +,. NET Framework, Windows API, and reverse engineering undocumented binary formats and encryption algorithms. His website contains his projects and free software utilities, which are categorized as password recovery tools, network monitoring tools, Internet related tools, MS Outlook tools, command line tools, desktop tools, and free software system tools.

securityxploded Security Tools

Securityxploded is a known and most popular information security research and development organization offering free security software, up-to-date research articles and free training in reverse engineering and malware analysis. They also launched more than 150 free security software. Here are some of their projects, listed by Category:

Password recovery tool:

• Asterisk password Viewer

• Browser Password Dump

Facebook Cipher decryption device

FileZilla Cipher Decryption device

• Google password decryption device

SX Hash Kit

SX Cipher Suite

• Yahoo! Password decryption device

Zip password Unlocking device

Anti-spyware/anti--rootkit tools:

• Advanced Service Manager

• Auto-run file removal

DLL Hijacking Audit

• Encrypted File Scanner update

exe file scanning

• Hide File Lookup

Malpimp

py Mal

• Shell Detection

• Spy BHO Uninstall

• Spyware DLL Offload

Stream Armor

• Virus scanners

Network Security Tools:

• Directory scanners

Facebook Blocking program updates

• Updated Google ad blocker

• Hide Computer

• Instant Blocker updates

IPv6 Disabling updates

LDAP Search

MAC Address scanning program

• Network Database Scanner

• Network sharing monitoring

System Security Tools:

ASLR Process Scanner

• Automatic screen Capture

• Browser History view

DEP Process Scanner

DLL Finder

DLL Magic

DLL Relocation Finder

DLL Removal

• Download hash value verification

• Enable Administrator updates

Exe64bit Detectors

• File Time Changer

• Comparison of hash values

• Hashing Console

• Hash generator

• Hidden CMD Detector

Open source Digital Forensics tools

Open source Digital Forensics (www2.opensourceforensics.org) is a reference site for open source software tools, which are categorized as follows:

Bootable environments--uses a suspicious system to boot to a trusted state.

Data acquisition--uses the collected information from dead or alive suspicious systems.

Volume system--is used to examine the data structure of organized media, such as partition tables and disk labels.

File system--is used to examine a filesystem or disk image and display file contents and other market data.

application--is used to analyze the contents of a file (that is, at the application layer).

network--is used to analyze network packets and traffic. This does not include logs for network devices.

The memory--is used to analyze memory dumps from the computer.

frameworks--is used to build custom tools.

Backbox Linux Team Project

In addition to the Backbox Linux project, the Backbox Linux team has its own projects, which are listed below:

Dsploit--android Network Penetration Kit

pycryptocat--a cryptocat independent client

weevely--generate and manage hard-to-detect PHP Trojans

climber--checking the privilege escalation of the unix/linux system

Netcommander--arp Cheat Tool

fang--a multi-service thread MD5 hack

help page for network security software

In addition to information security articles, help the Web Security Maintenance page, which lists the most popular security software for Windows, Linux, and Mac OS x. The software is divided into Access control, analyzer, anti-spam, antispyware, antivirus, audit, encryption, firewall, monitoring, network, password, portable storage, privacy, programming, scanners, various, and wireless.

UIC R.E. Academy ' s download page

UIC R.E. Academy has a download page that includes a list of tools for reverse engineering and malware analysis, categorized as compilers, Disassembler and debugger, logging and monitoring tools, malware analysis tools, and PE tools.

SecurityFocus Tools

SecurityFocus Tools is known to have an updated vulnerability database and an active mailing list, but, beyond that, they also keep the Resources page and you can submit new tools and beta programs.

ISC Tools

The ISC tools page is where you can find online tools such as Base 64 decoder, EXIF Reader, Ipv6/ipv4 conversion and analysis, website usability check, GDI scan etc. The page is maintained by the SAN Internet Storm Center.

This article has the small Ann Attack and Defense Research Laboratory translation, if has the translation and the editing error please contact the Administrator, we will revise as soon as possible.

Original: http://resources.infosecinstitute.com/top-links-tools-compilation-pentesting-forensics-security-hacking/

Resources:

http://pentestlab.org/blogs-articles-about-pentesting-tools-compilation/

http://securityxploded.com/about.php

Http://www2.opensourceforensics.org/tools

Http://www.backbox.org/projects

Author Profile:

Jay Turla is a security researcher at the Philippine Institute of Information Security and a student of safe programming. He is interested in Linux, penetration testing, and vulnerability assessment. He is a Rootcon (Philippine hacker Conference mania.

Popular links for penetration testing, forensics, security, and hacking