==================
== Osint Topics ==
==================
OSINT Topics

Hacking Tools

Hacking Tools and Medias

A curated list of Hacking.For a list of free hacking books available for download, go here

System

Tutorials

Tools

  • Metasploit A computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.
  • mimikatz - A little tool to play with Windows security
  • Hackers tools - Tutorial on tools.

Docker Images for Penetration Testing & Security

General

Reverse Engineering

Tutorials

Tools

Disassemblers and debuggers

  • IDA - IDA is a Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger
  • OllyDbg - A 32-bit assembler level analysing debugger for Windows
  • x64dbg - An open-source x64/x32 debugger for Windows
  • radare2 - A portable reversing framework
  • plasma - Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.
  • ScratchABit - Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API
  • Capstone
  • Ghidra - A software reverse engineering (SRE) suite of tools developed by NSA’s Research Directorate in support of the Cybersecurity mission

Decompilers

  • JVM-based languages
  • Krakatau - the best decompiler I have used. Is able to decompile apps written in Scala and Kotlin into Java code. JD-GUI and Luyten have failed to do it fully.
  • JD-GUI
  • procyon
    • Luyten - one of the best, though a bit slow, hangs on some binaries and not very well maintained.
  • JAD - JAD Java Decompiler (closed-source, unmaintained)
  • JADX - a decompiler for Android apps. Not related to JAD.
  • .net-based languages
  • dotPeek - a free-of-charge .NET decompiler from JetBrains
  • ILSpy - an open-source .NET assembly browser and decompiler
  • dnSpy - .NET assembly editor, decompiler, and debugger
  • native code
  • Python
  • uncompyle6 - decompiler for the over 20 releases and 20 years of CPython.

Deobfuscators

  • de4dot - .NET deobfuscator and unpacker.
  • JS Beautifier
  • JS Nice - a web service guessing JS variables names and types based on the model derived from open source.

Other

  • nudge4j - Java tool to let the browser talk to the JVM
  • dex2jar - Tools to work with Android .dex and Java .class files
  • androguard - Reverse engineering, malware and goodware analysis of Android applications
  • antinet - .NET anti-managed debugger and anti-profiler code
  • UPX - the Ultimate Packer (and unpacker) for eXecutables

Execution logging and tracing

  • Wireshark - A free and open-source packet analyzer
  • tcpdump - A powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture
  • mitmproxy - An interactive, SSL-capable man-in-the-middle proxy for HTTP with a console interface
  • Charles Proxy - A cross-platform GUI web debugging proxy to view intercepted HTTP and HTTPS/SSL live traffic
  • usbmon - USB capture for Linux.
  • USBPcap - USB capture for Windows.
  • dynStruct - structures recovery via dynamic instrumentation.
  • drltrace - shared library calls tracing.

Binary files examination and editing

Hex editors

  • HxD - A hex editor which, additionally to raw disk editing and modifying of main memory (RAM), handles files of any size
  • WinHex - A hexadecimal editor, helpful in the realm of computer forensics, data recovery, low-level data processing, and IT security

Other

  • Binwalk - Detects signatures, unpacks archives, visualizes entropy.
  • Veles - a visualizer for statistical properties of blobs.
  • Kaitai Struct - a DSL for creating parsers in a variety of programming languages. The Web IDE is particularly useful for reverse-engineering.
  • Protobuf inspector
  • DarunGrim - executable differ.
  • DBeaver - a DB editor.
  • Dependencies - a FOSS replacement to Dependency Walker.
  • PEview - A quick and easy way to view the structure and content of 32-bit Portable Executable (PE) and Component Object File Format (COFF) files
  • BinText - A small, very fast and powerful text extractor that will be of particular interest to programmers.

General

Web

Tools

  • Spyse - Data gathering service that collects web info using OSINT. Provided info: IPv4 hosts, domains/whois, ports/banners/protocols, technologies, OS, AS, maintains huge SSL/TLS DB, and more… All the data is stored in its own database allowing get the data without scanning.
  • sqlmap - Automatic SQL injection and database takeover tool
  • NoSQLMap - Automated NoSQL database enumeration and web application exploitation tool.
  • tools.web-max.ca - base64 base85 md4,5 hash, sha1 hash encoding/decoding
  • VHostScan - A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages.
  • SubFinder - SubFinder is a subdomain discovery tool that discovers valid subdomains for any target using passive online sources.
  • Findsubdomains - A subdomains discovery tool that collects all possible subdomains from open source internet and validates them through various tools to provide accurate results.
  • badtouch - Scriptable network authentication cracker
  • PhpSploit - Full-featured C2 framework which silently persists on webserver via evil PHP oneliner
  • Git-Scanner - A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
  • CSP Scanner - Analyze a site’s Content-Security-Policy (CSP) to find bypasses and missing directives.
  • Shodan - A web-crawling search engine that lets users search for various types of servers connected to the internet.
  • masscan - Internet scale portscanner.
  • Keyscope - an extensible key and secret validation tool for auditing active secrets against multiple SaaS vendors
  • Decompiler.com - Java, Android, Python, C# online decompiler.

General

  • Strong node.js - An exhaustive checklist to assist in the source code security analysis of a node.js web service.

Network

Tools

  • NetworkMiner - A Network Forensic Analysis Tool (NFAT)
  • Paros - A Java-based HTTP/HTTPS proxy for assessing web application vulnerability
  • pig - A Linux packet crafting tool
  • findsubdomains - really fast subdomains scanning service that has much greater opportunities than simple subs finder(works using OSINT).
  • cirt-fuzzer - A simple TCP/UDP protocol fuzzer.
  • ASlookup - a useful tool for exploring autonomous systems and all related info (CIDR, ASN, Org…)
  • ZAP - The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications
  • mitmsocks4j - Man-in-the-middle SOCKS Proxy for Java
  • ssh-mitm - An SSH/SFTP man-in-the-middle tool that logs interactive sessions and passwords.
  • nmap - Nmap (Network Mapper) is a security scanner
  • Aircrack-ng - An 802.11 WEP and WPA-PSK keys cracking program
  • Nipe - A script to make Tor Network your default gateway.
  • Habu - Python Network Hacking Toolkit
  • Wifi Jammer - Free program to jam all wifi clients in range
  • Firesheep - Free program for HTTP session hijacking attacks.
  • Scapy - A Python tool and library for low level packet creation and manipulation
  • Amass - In-depth subdomain enumeration tool that performs scraping, recursive brute forcing, crawling of web archives, name altering and reverse DNS sweeping
  • sniffglue - Secure multithreaded packet sniffer
  • Netz - Discover internet-wide misconfigurations, using zgrab2 and others.
  • RustScan - Extremely fast port scanner built with Rust, designed to scan all ports in a couple of seconds and utilizes nmap to perform port enumeration in a fraction of the time.
  • PETEP - Extensible TCP/UDP proxy with GUI for traffic analysis & modification with SSL/TLS support.

Forensic

Tools

  • Autopsy - A digital forensics platform and graphical interface to The Sleuth Kit and other digital forensics tools
  • sleuthkit - A library and collection of command-line digital forensics tools
  • EnCase - The shared technology within a suite of digital investigations products by Guidance Software
  • malzilla - Malware hunting tool
  • IPED - Indexador e Processador de Evidências Digitais - Brazilian Federal Police Tool for Forensic Investigation
  • CyLR - NTFS forensic image collector
  • CAINE- CAINE is a Ubuntu-based app that offers a complete forensic environment that provides a graphical interface. This tool can be integrated into existing software tools as a module. It automatically extracts a timeline from RAM.

Cryptography

Tools

  • xortool - A tool to analyze multi-byte XOR cipher
  • John the Ripper - A fast password cracker
  • Aircrack - Aircrack is 802.11 WEP and WPA-PSK keys cracking program.
  • Ciphey - Automated decryption tool using artificial intelligence & natural language processing.

Wargame

System

Reverse Engineering

  • Reversing.kr - This site tests your ability to Cracking & Reverse Code Engineering
  • CodeEngn - (Korean)
  • simples.kr - (Korean)
  • Crackmes.de - The world first and largest community website for crackmes and reversemes.

Web

  • Hack This Site! - a free, safe and legal training ground for hackers to test and expand their hacking skills
  • Hack The Box - a free site to perform pentesting in a variety of different systems.
  • Webhacking.kr
  • 0xf.at - a website without logins or ads where you can solve password-riddles (so called hackits).
  • fuzzy.land - Website by an Austrian group. Lots of challenges taken from CTFs they participated in.
  • Gruyere
  • Others
  • TryHackMe - Hands-on cyber security training through real-world scenarios.

Cryptography

Bug bounty

Bug bounty - Earn Some Money

CTF

Competition

General

OS

Online resources

Post exploitation

tools

  • empire - A post exploitation framework for powershell and python.
  • silenttrinity - A post exploitation tool that uses iron python to get past powershell restrictions.
  • PowerSploit - A PowerShell post exploitation framework
  • ebowla - Framework for Making Environmental Keyed Payloads

ETC