The Ultimate Windows Utility
- https://christitus.com/windows-tool/
Privacy Settings for windows
Windows 11 Installer:
- Create Windows 11 Installation Media
- https://www.microsoft.com/en-us/software-download/windows11
- To perform unattended installations of both Windows 10 and Windows 11, including 24H2.
- https://schneegans.de/windows/unattend-generator/
- https://youtu.be/VapEEf4k7Eo?si=TPbr4zc1lk5YiQuk
**************************************************************************************
Finding Information everywhere:- Public resources - Websites, directories, email, job sites, Social
websites.
Google Hacking database:
- https://www.exploit-db.com/google-hacking-database
HTTrack Website Copier
Montastic is free for open source software
- https://www.montastic.com/
StatusOK
Monitor your Website and APIs from your computer. Get notified
through Slack or E-mail when your server is down or response time
is more than expected.
- https://github.com/sanathp/statusok
https://www.shodan.io/
Shodan is the world's first search engine for Internet-connected
devices.
Email Header look up
Metagoofil is an information gathering tool designed for
extracting metadata of public documents
- https://www.kali.org/tools/metagoofil/
FOCA (Fingerprinting Organizations with Collected Archives)
- https://github.com/ElevenPaths/FOCA
theHarvester : Use it for open source intelligence (OSINT)
gathering to help determine a company's external threat landscape
on the internet.
https://github.com/laramies/theHarvester
- https://www.kali.org/tools/theharvester/
DMARC, which stands for “Domain-based Message Authentication,
Reporting & Conformance”, is an email authentication, policy,
and reporting protocol.
The Anti Hacker Alliance™ fights against Hackers
- https://anti-hacker-alliance.com/
tracert google.com
pathping google.com
Network Tools: The Trusted Free Online
- https://network-tools.com/
dig Command in Linux
- https://www.geeksforgeeks.org/dig-command-in-linux-with-examples/
- https://toolbox.googleapps.com/apps/main/
- https://dnsdumpster.com/
- https://who.is/
ip logger : can track geo location using ip logger URL
https://iplogger.org/
SSDP: Simple Service Discovery Protocol
https://www.spiceworks.com/free-network-monitoring-management-software/
NetworkMiner is an open source Network Forensic Analysis Tool
(NFAT) for Windows (but also works in Linux / Mac OS X /
FreeBSD).
https://www.netresec.com/?page=NetworkMiner
FING App :
https://www.fing.com/products/fing-app
Nikto :
Nikto is a free software command-line vulnerability scanner that
scans webservers for dangerous files/CGIs, outdated server
software and other problems.
https://www.kali.org/tools/nikto/
TOR flow network
https://torflow.uncharted.software/
SSH tunnels:
-
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html
- https://www.putty.org/
NETSCAN
- https://www.mitec.cz/netscan.html
- https://www.softperfect.com/products/networkscanner/
- https://www.ireasoning.com/mibbrowser.shtml
zaproxy
- https://www.kali.org/tools/zaproxy/
gobuster
- https://www.kali.org/tools/gobuster/
NetScanTools Basic Edition
- https://www.netscantools.com/nstbasicmain.html
LDAP
- https://sourceforge.net/projects/ldapadmin/
NIST SP 800-30, Page 78
- https://www.nist.gov/privacy-framework/nist-sp-800-30
NIST: Common Vulnerability Scoring System Calculator [CVSS]
- https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator
Learn Vulnerability scan from Web
- https://www.hacker101.com/start-here
- https://ctf.hacker101.com/auth/login
- https://www.hackerone.com/
Commando VM:
-
https://www.mandiant.com/resources/commando-vm-windows-offensive-distribution
- Github link:-
- https://github.com/mandiant/commando-vm
Yersinia attack Tool:
- https://www.kali.org/tools/yersinia/
Use with Wireshark
- https://dev.maxmind.com/geoip/geolite2-free-geolocation-data?lang=en
- https://www.nagios.org/
- https://www.tenable.com/products/nessus
- https://www.gfi.com/
- https://sectools.org/
L0phtCrack 7.2.0 has been released as an open source project
https://gitlab.com/l0phtcrack/l0phtcrack/-/releases
Ophcrack is a free Windows password cracker based on rainbow
tables.
- https://ophcrack.sourceforge.io/
John the Ripper
Cain and Abel
Secure Hash Algorithms used for hashing the passwords
Rainbow crack:-
- http://project-rainbowcrack.com/
Create the Hash format for password
- https://www.fileformat.info/tool/hash.htm
Online Reverse Hash Lookup
- http://reverse-hash-lookup.online-domain-tools.com/
- http://www.md5.cz/
Password Resetting Tool:
- https://trinityhome.org/
- https://www.password-changer.com/index.html
simda bot free ip scanner
- https://checkip.kaspersky.com/
Reference: Transcriptase–Light: A Polymorphic Virus Construction
Kit
-
https://scholarworks.sjsu.edu/cgi/viewcontent.cgi?article=1513&context=etd_projects
OASIS OPEN:
- https://www.oasis-open.org/
Some enterprise products as examples
- https://www.sonicwall.com/products/firewalls/
Reverse Engineering Malware
-
https://zeltser.com/mastering-4-stages-of-malware-analysis/
- https://cuckoosandbox.org/
malware-traffic-analysis
A source for packet capture (pcap) files and malware samples
https://www.malware-traffic-analysis.net/
Sniffing Tool and Technique's
Tools
- Android Software - tPacketCapture
- https://www.taosoftware.co.jp/en/android/packetcapture/
Linux Tools
Windows - WhoFi
- https://whofi.com/agents/windows/
The Social-Engineer Toolkit (SET) - TrustedSec
- https://www.trustedsec.com/
Spamhaus
https://www.spamhaus.org/statistics/spammers/
Digital Attack Map
- https://www.digitalattackmap.com/
Project Shield
Project Shield, created by Google Cloud and Jigsaw and powered
by Google Cloud Armor, provides free unlimited protection
against DDoS attacks, a type of digital attack used to censor
information by taking websites offline
- https://projectshield.withgoogle.com/landing
Repose
is an open-source, RESTful, middleware platform that
transparently integrates with your existing infrastructure.
Repose provides highly scalable and extensible solutions to API
processing tasks such as authentication, rate limiting, API
validation, HTTP request logging, and much more.
- https://repose.atlassian.net/wiki/spaces/REPOSE/overview
Websocketd
- http://websocketd.com/
- https://github.com/joewalnes/websocketd
Cookie hijacking
- Tampermonkey:-
- https://www.tampermonkey.net/
- https://chrome.google.com/webstore/detail/tampermonkey/dhdgffkkebhmkfjojejmpbldmpobfkfo?hl=en
Subterfuge-Framework /Framework for Man-In-The-Middle
attacks
- https://github.com/Subterfuge-Framework/Subterfuge
Acrylic Wi-Fi Home – WiFi Scanner
- https://www.acrylicwifi.com/en/wlan-wifi-wireless-network-software-tools/wlan-scanner-acrylic-wifi-free/
Windows DNS Log Analyser
- https://support.moonpoint.com/reviews/software/windows/network/dns/WDLA/
Networking using GN3
- GNS3 : https://www.gns3.com/
Suricata
Suricata is the leading independent open source threat detection
engine. By combining intrusion detection (IDS), intrusion
prevention (IPS), network security monitoring (NSM) and PCAP
processing, Suricata can quickly identify, stop, and assess even
the most sophisticated attacks.
Security Onion
Security Onion Solutions, LLC is the creator and maintainer of
Security Onion, a free and open platform for threat hunting,
network security monitoring, and log management. Security Onion
includes best-of-breed free and open tools including Suricata,
Zeek, Wazuh, the Elastic Stack and many others.
- https://securityonionsolutions.com/
Tools
- http://websocketd.com/
- Google QUIC
- burpsuite | Kali Linux Tools
- https://www.kali.org/tools/burpsuite/
Testing vulnerable website
- http://zero.webappsecurity.com/
OWASP WebGoat - Learn the hack - Stop the attack
- https://owasp.org/www-project-webgoat/
Fingerprinting
Web Security Dojo
A free open-source self-contained training environment for Web
Application Security penetration testing. Tools + Targets = Dojo
- https://www.mavensecurity.com/resources/web-security-dojo
How to scrape sitemap: Site map
-
https://chromewebstore.google.com/detail/sitemap-explorer/jamphegminpokpnalkjiecfoobdnlmfb?pli=1
- https://www.seowl.co/sitemap-extractor/
- https://robhammond.uk/tools/xml-extract
- https://www.xml-sitemaps.com/
-
https://www.mariolambertucci.com/how-to-extract-urls-from-sitemaps/
Comments
Post a Comment