OP 21 January, 2020 - 06:08 PM
Here are the tools I have used in hacking. These are open source tools that could be chained to work together in bash or any other script. It is good for automation. If you have any other cool tools to share, feel free to write below.
Breached credentials collections:
- 1.4 billion credentials - https://github.com/philipperemy/tensorfl...d-analysis
- Collection 1 - magnet:?xt=urn:btih:b39c603c7e18db8262067c5926e7d5ea5d20e12e&dn=Collection+1 (paste this in your torrent client)
- Collection 2 - 5 - magnet:?xt=urn:btih:d136b1adde531f38311fbf43fb96fc26df1a34cd&dn=Collection+%232-%235+%26+Antipublic (paste this in your torrent client)
- HaveIBeenPwned - https://haveibeenpwned.com/ - validate if email has been breached
Wordlists for enumerations:
- seclists - https://github.com/danielmiessler/SecLists - for most enumerations
- fuzzdb - https://github.com/fuzzdb-project/fuzzdb - for fuzzing directories
- wordlists - https://github.com/xajkep/wordlists
Recon and information gathering:
- theHarvester: https://github.com/laramies/theHarvester - for getting emails
- h8mail - https://github.com/khast3x/h8mail - checking if email appears in breaches
- amass - https://github.com/OWASP/Amass/ - for passive scanning subdomains of target
- subfinder - https://github.com/projectdiscovery/subfinder - another passive scanner for subdomain enumeration
- crt.sh - https://crt.sh/ - getting websited that uses certificates, good for enumerating domains
Port checking:
- masscan - https://github.com/robertdavidgraham/masscan - extremely fast port scanner (not very intrusive, I use this for checking opened ports only, for more detailed scan I use nmap)
- httprobe - https://github.com/tomnomnom/httprobe - checks if given domains have opened web ports (typically 80 or 443)
Brute forcing:
- ffuf - https://github.com/ffuf/ffuf - brute forcing directories
- brutespray - https://github.com/x90skysn3k/brutespray - brute forcing ssh, ftp and other types of protocols from given nmap output
- thc-hydra - https://github.com/vanhauser-thc/thc-hydra - general bruteforcing tool
SQL injections:
- sqliv - https://github.com/the-robot/sqliv - mass scanning web for sql vulnerabilities
- sqlmap - https://github.com/sqlmapproject/sqlmap - dumping databases for vulnerable websites
Other:
wpscan - https://github.com/wpscanteam/wpscan - scanning wordpress websites
mitm6 - https://github.com/fox-it/mitm6 - man in the middle attacks for windows hosts with ipv6
zaproxy - https://github.com/zaproxy/zaproxy - web proxy tool for enumerating web apps
More tools will be included soon! I may include bash scripts combining these tools later.
Breached credentials collections:
- 1.4 billion credentials - https://github.com/philipperemy/tensorfl...d-analysis
- Collection 1 - magnet:?xt=urn:btih:b39c603c7e18db8262067c5926e7d5ea5d20e12e&dn=Collection+1 (paste this in your torrent client)
- Collection 2 - 5 - magnet:?xt=urn:btih:d136b1adde531f38311fbf43fb96fc26df1a34cd&dn=Collection+%232-%235+%26+Antipublic (paste this in your torrent client)
- HaveIBeenPwned - https://haveibeenpwned.com/ - validate if email has been breached
Wordlists for enumerations:
- seclists - https://github.com/danielmiessler/SecLists - for most enumerations
- fuzzdb - https://github.com/fuzzdb-project/fuzzdb - for fuzzing directories
- wordlists - https://github.com/xajkep/wordlists
Recon and information gathering:
- theHarvester: https://github.com/laramies/theHarvester - for getting emails
- h8mail - https://github.com/khast3x/h8mail - checking if email appears in breaches
- amass - https://github.com/OWASP/Amass/ - for passive scanning subdomains of target
- subfinder - https://github.com/projectdiscovery/subfinder - another passive scanner for subdomain enumeration
- crt.sh - https://crt.sh/ - getting websited that uses certificates, good for enumerating domains
Port checking:
- masscan - https://github.com/robertdavidgraham/masscan - extremely fast port scanner (not very intrusive, I use this for checking opened ports only, for more detailed scan I use nmap)
- httprobe - https://github.com/tomnomnom/httprobe - checks if given domains have opened web ports (typically 80 or 443)
Brute forcing:
- ffuf - https://github.com/ffuf/ffuf - brute forcing directories
- brutespray - https://github.com/x90skysn3k/brutespray - brute forcing ssh, ftp and other types of protocols from given nmap output
- thc-hydra - https://github.com/vanhauser-thc/thc-hydra - general bruteforcing tool
SQL injections:
- sqliv - https://github.com/the-robot/sqliv - mass scanning web for sql vulnerabilities
- sqlmap - https://github.com/sqlmapproject/sqlmap - dumping databases for vulnerable websites
Other:
wpscan - https://github.com/wpscanteam/wpscan - scanning wordpress websites
mitm6 - https://github.com/fox-it/mitm6 - man in the middle attacks for windows hosts with ipv6
zaproxy - https://github.com/zaproxy/zaproxy - web proxy tool for enumerating web apps
More tools will be included soon! I may include bash scripts combining these tools later.