Collection of penetration testing tools
.exe
s").See also DEF CON Suggested Reading.
docker pull citizenstig/dvwa
.docker pull bkimminich/juice-shop
.docker pull citizenstig/nowasp
.docker-compose build && docker-compose up
.docker pull ismisepaul/securityshepherd
.docker pull webgoat/webgoat-7.1
.docker pull webgoat/webgoat-8.0
.docker pull hmlio/vaas-cve-2014-0160
.docker pull vulnerables/cve-2017-7494
.docker pull hmlio/vaas-cve-2014-6271
.docker pull wpscanteam/vulnerablewordpress
.docker pull diogomonica/docker-bench-security
.docker pull kalilinux/kali-linux-docker
.docker pull owasp/zap2docker-stable
.docker pull wpscanteam/wpscan
.docker pull opendns/security-ninjas
.docker pull phocean/msf
.wallet.dat
).See also awesome-industrial-control-system-security.
ping
, traceroute
, whois
, and more.shijack
.GET
/POST
, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.masscan
to quickly identify open ports and then nmap
to gain details on the systems/services on those ports.fierce.pl
DNS reconnaissance tool for locating non-contiguous IP space..p12
and .pfx
extensions), such as TLS/SSL certificates.sqlmap
that identifies SQLi vulnerabilities based on a given dork and (optional) website.See also awesome-reversing.
.git
repositories.certutil
(using fake certificates).(https://creativecommons.org/licenses/by/4.0/)
This work is licensed under a Creative Commons Attribution 4.0 International License.