Awesome Hacking | Massive Resources & Collection On The Internet – Google Drive Links

-852×349 26.3 KB

Awesome Hacking -An Amazing Project image

A curated list of awesome Hacking.

Table of Contents

  • System
  • Tutorials
  • Tools
  • Docker
  • General
  • Reverse Engineering
  • Tutorials
  • Tools
  • General
  • Web
  • Tools
  • General
  • Network
  • Tools
  • Forensic
  • Tools
  • Cryptography
  • Tools
  • Wargame
  • System
  • Reverse Engineering
  • Web
  • Cryptography
  • Bug bounty
  • CTF
  • Competition
  • General
  • OS
  • Online resources
  • Post exploitation
  • tools
  • ETC

System

Tutorials

Tools

  • Metasploit 4 A computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.
  • mimikatz 1 – A little tool to play with Windows security
  • Hackers tools 2 – Tutorial on tools.

Docker Images for Penetration Testing & Security

General

Reverse Engineering

Tutorials

Tools

Disassemblers and debuggers

  • IDA 1 – IDA is a Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger
  • OllyDbg – A 32-bit assembler level analysing debugger for Windows
  • x64dbg – An open-source x64/x32 debugger for Windows
  • radare2 – A portable reversing framework
  • plasma – Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.
  • ScratchABit – Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API
  • Capstone
  • Ghidra – A software reverse engineering (SRE) suite of tools developed by NSA’s Research Directorate in support of the Cybersecurity mission

Decompilers

  • JVM-based languages
  • Krakatau – the best decompiler I have used. Is able to decompile apps written in Scala and Kotlin into Java code. JD-GUI and Luyten have failed to do it fully.
  • JD-GUI
  • procyon
    • Luyten – one of the best, though a bit slow, hangs on some binaries and not very well maintained.
  • JAD – JAD Java Decompiler (closed-source, unmaintained)
  • JADX – a decompiler for Android apps. Not related to JAD.
  • .net-based languages
    • dotPeek – a free-of-charge .NET decompiler from JetBrains
    • ILSpy – an open-source .NET assembly browser and decompiler
    • dnSpy – .NET assembly editor, decompiler, and debugger
  • native code
  • Python
    • uncompyle6 – decompiler for the over 20 releases and 20 years of CPython.

Deobfuscators

  • de4dot – .NET deobfuscator and unpacker.
  • JS Beautifier
  • JS Nice – a web service guessing JS variables names and types based on the model derived from open source.

Other

  • nudge4j – Java tool to let the browser talk to the JVM
  • dex2jar – Tools to work with Android .dex and Java .class files
  • androguard – Reverse engineering, malware and goodware analysis of Android applications
  • antinet – .NET anti-managed debugger and anti-profiler code
  • UPX – the Ultimate Packer (and unpacker) for eXecutables

Execution logging and tracing

  • Wireshark – A free and open-source packet analyzer
  • tcpdump – A powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture
  • mitmproxy – An interactive, SSL-capable man-in-the-middle proxy for HTTP with a console interface
  • Charles Proxy – A cross-platform GUI web debugging proxy to view intercepted HTTP and HTTPS/SSL live traffic
  • usbmon – USB capture for Linux.
  • USBPcap 1 – USB capture for Windows.
  • dynStruct – structures recovery via dynamic instrumentation.
  • drltrace – shared library calls tracing.

Binary files examination and editing

Hex editors

  • HxD – A hex editor which, additionally to raw disk editing and modifying of main memory (RAM), handles files of any size
  • WinHex 1 – A hexadecimal editor, helpful in the realm of computer forensics, data recovery, low-level data processing, and IT security
  • wxHexEditor
  • Synalize It/Hexinator –

Other

  • Binwalk – Detects signatures, unpacks archives, visualizes entropy.
  • Veles – a visualizer for statistical properties of blobs.
  • Kaitai Struct – a DSL for creating parsers in a variety of programming languages. The Web IDE is particularly useful for reverse-engineering.
  • Protobuf inspector
  • DarunGrim – executable differ.
  • DBeaver – a DB editor.
  • Dependencies – a FOSS replacement to Dependency Walker.
  • PEview – A quick and easy way to view the structure and content of 32-bit Portable Executable (PE) and Component Object File Format (COFF) files
  • BinText – A small, very fast and powerful text extractor that will be of particular interest to programmers.

General

Web

Tools

  • Spyse 2 – Data gathering service that collects web info using OSINT. Provided info: IPv4 hosts, domains/whois, ports/banners/protocols, technologies, OS, AS, maintains huge SSL/TLS DB, and more… All the data is stored in its own database allowing get the data without scanning.
  • sqlmap – Automatic SQL injection and database takeover tool
  • NoSQLMap – Automated NoSQL database enumeration and web application exploitation tool.
  • tools.web-max.ca – base64 base85 md4,5 hash, sha1 hash encoding/decoding
  • VHostScan – A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages.
  • SubFinder – SubFinder is a subdomain discovery tool that discovers valid subdomains for any target using passive online sources.
  • Findsubdomains – A subdomains discovery tool that collects all possible subdomains from open source internet and validates them through various tools to provide accurate results.
  • badtouch – Scriptable network authentication cracker
  • PhpSploit – Full-featured C2 framework which silently persists on webserver via evil PHP oneliner
  • Git-Scanner – A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
  • CSP Scanner – Analyze a site’s Content-Security-Policy (CSP) to find bypasses and missing directives.

General

  • Strong node.js – An exhaustive checklist to assist in the source code security analysis of a node.js web service.

Network

Tools

  • NetworkMiner 2 – A Network Forensic Analysis Tool (NFAT)
  • Paros – A Java-based HTTP/HTTPS proxy for assessing web application vulnerability
  • pig – A Linux packet crafting tool
  • findsubdomains – really fast subdomains scanning service that has much greater opportunities than simple subs finder(works using OSINT).
  • cirt-fuzzer – A simple TCP/UDP protocol fuzzer.
  • ASlookup – a useful tool for exploring autonomous systems and all related info (CIDR, ASN, Org…)
  • ZAP – The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications
  • mitmsocks4j – Man-in-the-middle SOCKS Proxy for Java
  • ssh-mitm – An SSH/SFTP man-in-the-middle tool that logs interactive sessions and passwords.
  • nmap – Nmap (Network Mapper) is a security scanner
  • Aircrack-ng 2 – An 802.11 WEP and WPA-PSK keys cracking program
  • Nipe – A script to make Tor Network your default gateway.
  • Habu 1 – Python Network Hacking Toolkit
  • Wifi Jammer 1 – Free program to jam all wifi clients in range
  • Firesheep – Free program for HTTP session hijacking attacks.
  • Scapy 1 – A Python tool and library for low level packet creation and manipulation
  • Amass – In-depth subdomain enumeration tool that performs scraping, recursive brute forcing, crawling of web archives, name altering and reverse DNS sweeping
  • sniffglue – Secure multithreaded packet sniffer
  • [RustScan][https://github.com/rustscan/rustscan] – Extremely fast port scanner built with Rust, designed to scan all ports in a couple of seconds and utilizes nmap to perform port enumeration in a fraction of the time.

Forensic

Tools

Cryptography

Tools

  • xortool – A tool to analyze multi-byte XOR cipher
  • John the Ripper – A fast password cracker
  • Aircrack 2 – Aircrack is 802.11 WEP and WPA-PSK keys cracking program.
  • Ciphey – Automated decryption tool using artificial intelligence & natural language processing.

Wargame

System

Reverse Engineering

Web

  • Hack This Site! 1 – a free, safe and legal training ground for hackers to test and expand their hacking skills
  • Hack The Box 1 – a free site to perform pentesting in a variety of different systems.
  • Webhacking.kr
  • 0xf.at – a website without logins or ads where you can solve password-riddles (so called hackits).
  • fuzzy.land – Website by an Austrian group. Lots of challenges taken from CTFs they participated in.
  • Gruyere
  • Others

Cryptography

Bug bounty

Bug bounty – Earn Some Money

CTF

Competition

General

OS

Online resources

Post exploitation

tools

  • empire – A post exploitation framework for powershell and python.
  • silenttrinity – A post exploitation tool that uses iron python to get past powershell restrictions.
  • PowerSploit – A PowerShell post exploitation framework
  • ebowla – Framework for Making Environmental Keyed Payloads

ETC

Free Hacking & Security eBooks

A curated list of free Security and Pentesting related E-Books available on the Internet.

Network Pentesting

Defensive Security

Offensive Security

Programming Languages

Reverse Engineering

Virus Botnet and Malware

Misc

Source: GitHub

ENJOY & HAPPY LEARNING! :heart:

DON’T BE CHEAP! LOL (APPRECIATE THE SHARE & HIT LIKE)

Leave a Comment