starting the vm (will provision the box the first time its run)
$ vagrant up
connecting to the vm
$ vagrant ssh
stopping the vm
$ vagrant halt
- Binjitsu
- Pwndbg
- Radare2
- Firmware tools (fmk / qemu)
- angr
- ROPGadget
- decompile - Add API key to
host-share/decompile-api
- qira
- binwalk
- apktool
Category | Tool | Description |
---|---|---|
binary | checksec | Check binary hardening settings. |
binary | elfkickers | A set of utilities for working with ELF files. |
binary | evilize | Tool to create MD5 colliding binaries |
binary | xrop | Gadget finder. |
forensics | exetractor | Unpacker for packed Python executables. Supports PyInstaller and py2exe. |
forensics | pdf-parser | Tool for digging in PDF files |
forensics | peepdf | Powerful Python tool to analyze PDF documents. |
forensics | scrdec18 | A decoder for encoded Windows Scripts. |
forensics | testdisk | Testdisk and photorec for file recovery. |
crypto | cribdrag | Interactive crib dragging tool (for crypto). |
crypto | foresight | A tool for predicting the output of random number generators. To run, launch "foresee". |
crypto | featherduster | An automated, modular cryptanalysis tool. |
crypto | hashpump-partialhash | Hashpump, supporting partially-unknown hashes. |
crypto | hash-identifier | Simple hash algorithm identifier. |
crypto | littleblackbox | Database of private SSL/SSH keys for embedded devices. |
crypto | msieve | Msieve is a C library implementing a suite of algorithms to factor large integers. |
crypto | pemcrack | SSL PEM file cracker. |
crypto | pkcrack | PkZip encryption cracker. |
crypto | python-paddingoracle | Padding oracle attack automation. |
crypto | reveng | CRC finder. |
crypto | sslsplit | SSL/TLS MITM. |
crypto | xortool | XOR analysis tool. |
crypto | yafu | Automated integer factorization. |
web | burpsuite | Web proxy to do naughty web stuff. |
web | commix | Command injection and exploitation tool. |
web | dirb | Web path scanner. |
web | dirsearch | Web path scanner. |
web | mitmproxy | CLI Web proxy and python library. |
web | sqlmap | SQL injection automation engine. |
web | subbrute | A DNS meta-query spider that enumerates DNS records, and subdomains. |
Category | Tool | Description |
---|---|---|
bruteforcers | John The Jumbo | Community enhanced version of John the Ripper |
bruteforcers | Ophcrack | Windows password cracker based on rainbow tables. |
forensics | Aircrack-Ng | Crack 802.11 WEP and WPA-PSK keys |
forensics | Bkhive and Samdump2 | Dump SYSTEM and SAM files |
networking | Masscan | Mass IP port scanner, TCP port scanner |
networking | Nmap | open source utility for network discovery and security auditing |
networking | Zmap | an open-source network scanner |
reversing | Uncompyle | Decompile Python 2.7 binaries (.pyc) |
steganography | Exif | Shows EXIF information in JPEG files |
steganography | Exiv2 | Image metadata manipulation tool |
steganography | ImageMagick | Tool for manipulating images |
steganography | Outguess | Universal steganographic tool |
steganography | Pngtools | For various analysis related to PNGs |
steganography | Stegbreak | Launches brute-force dictionary attacks on JPG image |
steganography | Steghide | Hide data in various kind of images |
web | XSSer | Automated XSS testor |