Skip to content

This document was designed to be a useful and informational asset reference

Notifications You must be signed in to change notification settings

superzerosec/tools-list

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
 
 
 
 

Repository files navigation

tools-list

Summary

This document was designed to be a useful and informational asset reference

Table of Contents


Browser

  • Custom Firefox Browser & Add-Ons: Add on custom browser extension for Firefox
  • Custom Chrome Browser & Extensions: Add on custom browser extension for Chrome
  • Tor Browser: Specific browser to access TOR networks to protect your privacy and anonymity

Recon

  • Amass: In-depth attack surface mapping and asset discovery for domain name server and its associate
  • EmailHarvester: Retrieve Domain email addresses from Search Engines
  • EyeWitness: Designed to take screenshots of websites, RDP services, and open VNC servers, provide some server header info, and identify default credentials if possible
  • Google Earth Pro:
  • HTTrack Cloner: Downloader for World Wide Web site from the Internet to a local directory
  • InstaLooter: Downloader for picture or video associated from an Instagram profile, without any API access
  • KeePassXC: A password manager that allow to creates and stores passwords in one location
  • LinkedInt: Gather profile data and emphasis in network connections
  • Maltego: Graphical link analyses that makes data-driven investigations easy and efficient
  • Metagoofil: Information gathering tool designed for extracting metadata of public documents (pdf,doc,xls,ppt,docx,pptx,xlsx) belonging to a target company
  • MediaInfo: Convenient unified display of the most relevant technical and tag data for video and audio files
  • Metadata Anylisation Toolkit:
  • Photon: Relatively fast crawler designed for automating OSINT with a simple interface and tons of customization options
  • ReconDog: All in one tool for all your basic information gathering needs
  • Recon-NG: Full-featured web reconnaissance framework with independent modules, database interaction and built in convenience functions
  • SkipTracer: OSINT webscraping framework to compile passive information on a target
  • SocialMapper: OSINT tool that uses facial recognition to correlate social media profiles across different sites on a large scale
  • Spiderfoot: Automate a process of gathering intelligence about a given target, which may be an IP address, domain name, hostname, network subnet, ASN, e-mail address or person's name
  • StegoSuite: Take advantage of steganography to hide information in image files
  • SubBrute: Literaly fastest and most accurate subdomain enumeration tool
  • Sublist3r: Enumerates subdomains using many search engines such as Google, Yahoo, Bing, Baidu, Ask, Netcraft, Virustotal, ThreatCrowd, DNSdumpster and ReverseDNS.
  • theHarvester: Gathers emails, names, subdomains, IPs, and URLs using multiple public data sources
  • Tinfoleak: Tools for OSINT and SOCMINT (Social Media Intelligence) disciplines, that automates the extraction of information on Twitter and facilitates subsequent analysis for the generation of intelligence
  • Twint: An advanced Twitter scraping tool written in Python that allows for scraping Tweets from Twitter profiles without using Twitter's API
  • Twitter Exporter:
  • VeraCrypt: To create a virtual encrypted disk within a file or encrypt a partition or the entire storage device with pre-boot authentication

Forensic

  • BleachBit: System cleaner for antiforensics, security and protect privacy
  • ExifTool: A platform-independent command-line application for reading, writing, and editing Meta information that is contained by image, audio and video files
  • Ghiro: Fully automated tool designed to run forensics analysis over a massive amount of images, just using an user friendly and fancy web application

Multimedia

  • VLC: Multimedia player and framework
  • Custom Video Manipulation Utilities: Video manipulation software, for editing such as Audacity and Handbrake
  • Custom Video Download Utility: Video download such as Clipgrabd, Jdownloader, YMate, Videograbber
  • GIMP: High quality photo manipulation and framework for scripted image manipulation

Productivity

  • Kleopatra: A certificate manager that allows for the management of all certificates in one tool
  • Knock Pages:
  • LibreOffice: Personal productivity suite that gives six feature rich applications all your document production, data processing needs and etc

Macro

  • MaliciousMacroMSBuild: Generates Malicious Macro and Execute Powershell or Shellcode via MSBuild Application Whitelisting Bypass
  • EvilClippy: A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows

Command and Control

  • PoshC2: a proxy aware C2 framework written completely in PowerShell to aid penetration testers with red teaming, post-exploitation and lateral movement
  • Quasar: Fast and light-weight remote administration tool coded in C#. Providing high stability and an easy-to-use user interface, Quasar is the perfect remote administration solution for you
  • Pupy: Cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

  • Demiguise: A HTA encryption tool for RedTeams

About

This document was designed to be a useful and informational asset reference

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published