| Tool |
Beschreibung |
Link |
| ack |
ack is a tool like grep, optimized for programmers. |
https://beyondgrep.com/ |
| apachetop |
Apache top is a curses-based realtime utility to display information from a running copy of Apache. |
http://www.webta.org/projects/apachetop/ |
| Arachni |
Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. |
http://www.arachni-scanner.com |
| bat |
A cat(1) clone with wings. |
https://github.com/sharkdp/bat |
| BeEF |
BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context. |
http://beefproject.com |
| BloodHound |
BloodHound is a single page Javascript web application, built on top of Linkurious, compiled with Electron, with a Neo4j database fed by a PowerShell ingestor. BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment. Attackers can use BloodHound to easily identify highly complex attack paths that would otherwise be impossible to quickly identify. Defenders can use BloodHound to identify and eliminate those same attack paths. Both blue and red teams can use BloodHound to easily gain a deeper understanding of privilege relationships in an Active Directory environment. |
https://github.com/BloodHoundAD/BloodHound |
| Borg Backup |
BorgBackup (short: Borg) is a deduplicating backup program. Optionally, it supports compression and authenticated encryption. |
https://www.borgbackup.org |
| broot |
Get an overview of a directory, even a big one |
https://dystroy.org/broot/ |
| Browserstack |
Instant access to all real mobile and desktop browsers. Say goodbye to your lab of devices and virtual machines. |
https://www.browserstack.com |
| Browsersync |
Time-saving synchronised browser testing. |
https://browsersync.io |
| btop |
Resource monitor. C++ version and continuation of bashtop and bpytop |
https://github.com/aristocratos/btop |
| Bucket Finder |
This is a fairly simple tool to run, all it requires is a wordlist and it will go off and check each word to see if that bucket name exists in the Amazon's S3 system. Any that it finds it will check to see if the bucket is public, private or a redirect. |
https://digi.ninja/projects/bucket_finder.php |
| Burp Proxy |
Burp Proxy is an intercepting proxy server for security testing of web applications. It operates as a man-in-the-middle between your browser and the target application |
https://portswigger.net/burp/proxy.html |
| curl |
curl is a command line tool for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP. |
http://curl.haxx.se |
| Docker |
Docker is the world’s leading software containerization platform |
https://www.docker.com |
| dnsgen |
dnsgen is somewhat like Nominum's dnsperf utility, and indeed shares many of the same command line parameters.Unlike dnsperf, it uses AF_PACKET raw sockets and therefore only runs under Linux. The use of raw sockets allows for the use of a far larger range of source ports and higher performance than using "normal" UDP sockets. The data file is loaded completely into memory on start up so that disk I/O does not affect measurements. For optimal performance dnsgen supports a raw input file mode where the data file contains raw pre-compiled DNS queries. |
https://github.com/isc-projects/dnsgen |
| dnstop |
console tool to analyze DNS traffic |
http://dns.measurement-factory.com/tools/dnstop/ |
| dnstwist |
See what sort of trouble users can get in trying to type your domain name. Find similar-looking domains that adversaries can use to attack you. Can detect typosquatters, phishing attacks, fraud and corporate espionage. Useful as an additional source of targeted threat intelligence. |
https://github.com/elceef/dnstwist |
| Dorks Eye |
Dorks Eye Google Hacking Dork Scraping and Searching Script |
https://github.com/BullsEye0/dorks-eye |
| fd |
A simple, fast and user-friendly alternative to find. |
https://github.com/sharkdp/fd |
| freeradius |
Fast, feature-rich, modular, and scalable RADIUS Server |
http://freeradius.org |
| fwlogwatch |
fwlogwatch produces ipchains, netfilter/iptables, ipfilter, Cisco IOS and Cisco PIX log summary reports in text and HTML form and has a lot of options to find and display relevant patterns in connection attempts. With the data found it can also generate customizable incident reports from a template and send them to abuse contacts at offending sites or CERT coordination centers. Finally, it can also run as daemon and report anomalies or start countermeasures. |
http://fwlogwatch.inside-security.de |
| gawk |
pattern scanning and processing language |
http://www.gnu.org/software/gawk/ |
| getdnsapi |
getdns is a modern asynchronous DNS API. It implements DNS entry points from a design developed and vetted by application developers, in an API specification. The open source C implementation of getdns is developed and maintained in collaboration by NLnet Labs, Sinodun and No Mountain Software. This implementation is licensed under the New BSD License. |
https://getdnsapi.net/ |
| gns3 |
GNS3 is used by hundreds of thousands of network engineers worldwide to emulate, configure, test and troubleshoot virtual and real networks. GNS3 allows you to run a small topology consisting of only a few devices on your laptop, to those that have many devices hosted on multiple servers or even hosted in the cloud. |
http://www.gns3.com |
| grep |
GNU grep, egrep and fgrep |
http://www.gnu.org/software/grep/ |
| grepcidr |
Filter IPv4 and IPv6 addresses matching CIDR patterns |
https://github.com/frohoff/grepcidr |
| gron |
Make JSON greppable! |
https://github.com/tomnomnom/gron |
| hashcat |
advanced password recovery |
https://hashcat.net/hashcat/ |
| hping |
Command-line oriented TCP/IP packet assembler/analyzer |
http://www.hping.org |
| htop |
interactive processes viewer |
http://hisham.hm/htop/ |
| httpbin.org |
A simple HTTP Request & Response Service. |
https://httpbin.org |
| httpie |
HTTPie (pronounced aitch-tee-tee-pie) is a command line HTTP client. Its goal is to make CLI interaction with web services as human-friendly as possible. It provides a simple http command that allows for sending arbitrary HTTP requests using a simple and natural syntax, and displays colorized output. HTTPie can be used for testing, debugging, and generally interacting with HTTP servers. |
https://httpie.org |
| httpscreenshot |
HTTPScreenshot is a tool for grabbing screenshots and HTML of large numbers of websites. The goal is for it to be both thorough and fast which can sometimes oppose each other. |
https://github.com/breenmachine/httpscreenshot |
| idn2 |
Internationalized domain names (IDNA2008) command line tool |
https://www.gnu.org/software/libidn/#libidn2 |
| iftop |
displays bandwidth usage information on an network interface |
http://www.ex-parrot.com/~pdw/iftop/ |
| ipcalc |
parameter calculator for IPv4 addresses |
http://jodies.de/ipcalc |
| iproute |
networking and traffic control tools |
http://www.linux-foundation.org/en/Net:Iproute2 |
| iptstate |
top-like interface to your netfilter connection-tracking table |
http://www.phildev.net/iptstate/ |
| iptraf |
Interactive Colorful IP LAN Monitor |
|
| ipv6calc |
small utility for manipulating IPv6 addresses |
http://www.deepspace6.net/projects/ipv6calc.html |
| Jenkins |
An extensible open source continuous integration server |
https://jenkins-ci.org |
| jq |
jq is a lightweight and flexible command-line JSON processor. |
https://stedolan.github.io/jq/ |
| Knock Subdomain Scan |
Knockpy is a python tool designed to enumerate subdomains on a target domain through a wordlist. It is designed to scan for DNS zone transfer and to try to bypass the wildcard DNS record automatically if it is enabled. Now knockpy supports queries to VirusTotal subdomains, you can setting the API_KEY within the config.json file. |
https://github.com/guelfoweb/knock |
| letsencrypt |
The Let’s Encrypt Client is a fully-featured, extensible client for the Let’s Encrypt CA (or any other CA that speaks the ACME protocol) that can automate the tasks of obtaining certificates and configuring webservers to use them. |
https://letsencrypt.org |
| logtail |
Print log file lines that have not been read |
http://www.logcheck.org/ |
| lsof |
Utility to list open files |
http://people.freebsd.org/~abe/ |
| masscan |
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. |
https://github.com/robertdavidgraham/masscan |
| mc |
Midnight Commander - a powerful file manager |
http://www.midnight-commander.org |
| Metasploit |
The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. |
http://www.metasploit.com |
| mitmproxy |
An interactive console program that allows traffic flows to be intercepted, inspected, modified and replayed. |
https://mitmproxy.org |
| MonoDraw |
Powerful ASCII art editor |
https://monodraw.helftone.com |
| mtr |
Full screen ncurses and X11 traceroute tool |
http://www.bitwizard.nl/mtr/ |
| multitail |
view multiple logfiles windowed on console |
|
| mytop |
Mytop is a console-based tool for monitoring queries and the performance of MySQL. It supports version 3.22.x, 3.23.x, 4.x and 5.x servers. It's written in Perl and support connections using TCP/IP and UNIX sockets. |
http://www.mysqlfanboy.com/mytop/ |
| mutt |
text-based mailreader supporting MIME, GPG, PGP and threading |
http://www.mutt.org/ |
| ncdu |
ncurses disk usage viewer |
http://dev.yorhel.nl/ncdu/ |
| nedi |
NeDi discovers, maps and inventories your network devices and tracks connected endnodes. |
http://nedi.ch |
| nethogs |
Net top tool grouping bandwidth per process |
http://nethogs.sourceforge.net |
| Nessus |
Nessus is a proprietary comprehensive vulnerability scanner which is developed by Tenable Network Security. It is free of charge for personal use in a non-enterprise environment. |
http://www.tenable.com/products/nessus-vulnerability-scanner |
| Netbeans |
Quickly and easily develop desktop, mobile and web applications with Java, JavaScript, HTML5, PHP, C/C++ and more. |
https://netbeans.org |
| ngrok |
ngrok allows you to expose a web server running on your local machine to the internet. Just tell ngrok what port your web server is listening on. |
https://ngrok.com |
| Nikto |
Nikto is a pluggable web server and CGI scanner written in Perl, using rfp's LibWhisker to perform fast security or informational checks. |
http://cirt.net/nikto2 |
| nmon |
nmon is a systems administrator, tuner, benchmark tool. It can display the CPU, memory, network, disks (mini graphs or numbers), file systems, NFS, top processes, resources (Linux version & processors) and on Power micro-partition information. |
http://nmon.sourceforge.net |
| nload |
realtime console network usage monitor |
http://www.roland-riegel.de/nload/ |
| Openrefine |
A free, open source, powerful tool for working with messy data |
https://openrefine.org |
| OpenVAS |
OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. |
http://www.openvas.org/ |
| qsquery |
osquery is an operating system instrumentation framework for Windows, OS X (macOS), Linux, and FreeBSD. The tools make low-level operating system analytics and monitoring both performant and intuitive. |
https://osquery.io/ |
| PHP CodeSniffer |
The most commonly used tool for static analysis of PHP code. It is typically used to detect violations of code formatting standards but also supports software metrics as well as the detection of potential defects. |
http://www.squizlabs.com/php-codesniffer |
| PHP Metrics |
PhpMetrics provides various metrics about PHP projects. |
http://www.phpmetrics.org |
| prettyping |
prettyping is a wrapper around the standard ping tool, making the output prettier, more colorful, more compact, and easier to read. |
https://github.com/denilsonsa/prettyping |
| pwgen |
Automatic Password generation |
|
| ripmime |
ripMIME's primary pupose is to extract attachments out of a MIME encoded email packages. |
http://www.pldaniels.com/ripmime/ |
| Retire.js |
There is a plethora of JavaScript libraries for use on the web and in node.js apps out there. This greatly simplifies, but we need to stay update on security fixes. "Using Components with Known Vulnerabilities" is now a part of the OWASP Top 10 and insecure libraries can pose a huge risk for your webapp. The goal of Retire.js is to help you detect use of version with known vulnerabilities. |
https://retirejs.github.io/retire.js/ |
| rsync |
fast, versatile, remote (and local) file-copying tool |
http://rsync.samba.org/ |
| scapy |
Scapy is a Python program that enables the user to send, sniff and dissect and forge network packets. This capability allows construction of tools that can probe, scan or attack networks. |
http://scapy.readthedocs.io/en/latest/index.html |
| screen |
terminal multiplexer with VT100/ANSI terminal emulation |
http://savannah.gnu.org/projects/screen |
| sed |
The GNU sed stream editor |
http://www.gnu.org/software/sed/ |
| selenium |
Selenium automates browsers. That's it! |
http://www.seleniumhq.org |
| sslscan |
SSLScan is a fast SSL port scanner. SSLScan connects to SSL ports and determines what ciphers are supported, which are the servers prefered ciphers, which SSL protocols are supported and returns the SSL certificate. Client certificates / private key can be configured and output is to text / XML. |
http://www.titania.co.uk |
| sslScrape |
SSLScrape | A scanning tool for scaping hostnames from SSL certificates. |
https://github.com/cheetz/sslScrape |
| SonarQube |
The SonarQube platform offers numerous features to help you make your Continuous Inspection process a success. |
http://www.sonarqube.org |
| SPARTA |
SPARTA is a python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. It allows the tester to save time by having point-and-click access to his toolkit and by displaying all tool output in a convenient way. If little time is spent setting up commands and tools, more time can be spent focusing on analysing results. |
http://sparta.secforce.com |
| speedtest-cli |
Command-line interface for https://speedtest.net bandwidth tests |
https://speedtest.net |
| stubby |
Stubby is an application that acts as a local DNS Privacy stub resolver (using DNS-over-TLS). |
https://github.com/getdnsapi/stubby |
| strace |
System call tracer |
http://sourceforge.net/projects/strace/ |
| Suricata |
Suricata is a network Intrusion Detection System (IDS). It is based on rules (and is fully compatible with snort rules) to detect a variety of attacks / probes by searching packet content. |
http://www.openinfosecfoundation.org/ |
| swaks |
SMTP command-line test tool |
http://www.jetmore.org/john/code/swaks/ |
| tcpdump |
command-line network traffic analyzer |
http://www.tcpdump.org/ |
| testssl.sh |
Tool which checks for the support of TLS/SSL ciphers and flaws |
https://testssl.sh/ |
| tls-interposer |
The TLS Interposer for Linux provides an easy way to upgrade the security of existing SSL/TLS applications based on OpenSSL without having to recompile them or having to switch to newer versions with incompatible configuration or interfaces. TLS Interposer is directed at server applications, but nothing prevents you from using it with client applications. |
https://netfuture.ch/tools/tls-interposer/ |
| Truffle Hog |
Searches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accidentally committed. |
https://github.com/dxa4481/truffleHog |
| tshark |
console version of wireshark |
http://www.wireshark.org |
| vim |
Vi IMproved - enhanced vi editor |
http://www.vim.org/ |
| w3af |
w3af is a Web Application Attack and Audit Framework which aims to identify and exploit all web application vulnerabilities. |
http://w3af.org |
| wapiti |
Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but will scan the web pages of the deployed web applications, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable. |
http://wapiti.sourceforge.net/ |
| wget |
retrieves files from the web |
http://www.gnu.org/software/wget/ |
| whatweb |
WhatWeb identifies websites. It recognises web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. |
http://www.morningstarsecurity.com/research/whatweb |
| whois |
intelligent WHOIS client |
|
| XCA - X Certificate and key management |
This application is intended for creating and managing X.509 certificates, certificate requests, RSA, DSA and EC private keys, Smartcards and CRLs. Everything that is needed for a CA is implemented. All CAs can sign sub-CAs recursively. These certificate chains are shown clearly. For an easy company-wide use there are customiseable templates that can be used for certificate or request generation. All crypto data is stored in an endian-agnostic file format portable across operating systems. |
http://xca.sourceforge.net |
| Xdebug |
Xdebug provides debugging and profiling capabilities for PHP |
https://xdebug.org |
| zmap |
ZMap is an open-source network scanner that enables researchers to easily perform Internet-wide network studies. With a single machine and a well provisioned network uplink, ZMap is capable of performing a complete scan of the IPv4 address space in under 5 minutes, approaching the theoretical limit of ten gigabit Ethernet. |
https://zmap.io |
| zaproxy |
An easy to use integrated penetration testing tool for finding vulnerablities in web applications. |
https://portswigger.net/burp/proxy.html |
Protected by SIEGNETZ.IT GmbH