Skip to content

hydr0nium/security_reference

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

59 Commits
exploitation
exploitation
 
 
forensic
forensic
 
 
misc
misc
 
 
stego
stego
 
 
README.md
README.md
 
 
todo.md
todo.md
 
 
tricks.md
tricks.md
 
 

Repository files navigation

Security References

References for various tools or resources for playing CTF's or conducting pentests

Contents:

Reversing

  • ghidra | Reverse Engineering Framework
  • gdb | Gnu Debugger for binaries
  • radare2 | Dynamic Binary Analysis
  • Imhex | Hex Editor especially for Reversing
  • strings | Extract all strings from a file

Pwn

  • metasploit | Exploit Toolkit
  • searchsploit / exploitdb | Let's you search exploit db in the command line

Web

  • sqlmap | Exploit tool for sql injection.
  • gobuster | Path / Folder enumeration in URL's
  • Burp Suite (Free Community Edition) | Web Proxy
  • Zap | Web Proxy
  • CeWL | Custom Wordlist Generator
  • ffuf | Enumeration Tool for URL's

Network

  • hydra | Bruteforce Tool
  • Wireshark | Network Packet Analyzer / Listener
  • Netcat | Commandlinetool to interact with services
  • Swaks | Tool to interact with SMTP
  • nmap | classic port scanner
  • plink.exe | can be used to port forward on windows machines
  • chisel | network pivoting tool
  • evil-winrm | Tool to interact with Windows WinRM

Stego

  • perl-image-exiftool | Tool to view metadata of images
  • foremost | Let's you extract hidden data from a file
  • imagemagick | Similar to exiftool. Let's you view image meta data
  • stegextract | Extracts hidden information in images
  • stegsolve | Similar to stegextract, extract hidden information in images
  • stegoveritas | Tool for stego does a lot
  • binwalk | Extracting Files in another File
  • Aperi Solve | Website that does A TON of stego stuff

Misc

  • imgclip | Extracts text from image
  • tldr | Better man pages / short intro to the command and examples
  • sqsh | Client for MSSQL
  • beam | OpenVPN File Manager
  • john (John The Ripper) | Password Cracker
  • hashcat | Password Cracker
  • hashid | Hash Identifier
  • pspy | Process monitor without root priv
  • jq | sed,awk,grep for json data
  • Default Creds Cheat Sheet | Commandline Tool for looking up default creds for services

Forensics

OSINT

General Resources

  • Webhooks | Web-based application to capture incoming requests
  • Debuggex | Reggex Viewer
  • ngrok | Tool for hosting a local port to the outside (still need to check to out)
  • Impacket | Network Toolkit in Python
  • PowerSploit | Powershell Tools for Pentesting
  • Bloodhound | Analyze Active Directory Data
  • bloodhound-python | Collects information remotely for bloodhound

Tricks & Tips

To see some useful tricks and tips see tips.md

About

Reference sheet for security related tools

Topics

pentesting ctf ctf-tools security-tools pentesting-tools

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published