Top Links of Tools Compilation for Pentesting, Forensics, Security, and Hacking
Are you still looking for a suite of tools that may complete your day-to-day activities, or are you just looking for new tools that you can try or play with? No need to worry, because today is your lucky day! Today, I will be mentioning links, resources, and websites that have compilations of various tools that can be used for penetration testing, computer forensics, security, and hacking.
ToolsWatch.org is maintained by NJ OUCHN (@toolswatch) and Maxi Soler (@maxisoler). It's a cool website where you can find up-to-date releases of tools that are used by auditors, penetration testers, web application security consultants, system administrators, network administrators, malware analysts, infosec enthusiasts, and security experts. You can also submit your very own tool for promotion.
ToolsWatch.org is also the home of the projects made by NJ OUCHN (@toolswatch) and Maxi Soler (@maxisoler), including vFeed® (an open source correlated and cross-linked vulnerability XML database), DPE (the Default Password Enumeration Project), FireCAT (Firefox Catalog of Auditing exTension), AS/400 Security Assessment Mindmap, KromCAT (Google Chrome Catalog of Auditing exTensions), and SSA (Security System Analyzer 2.0).
SOLDIERX Tools and Labs
Soldierx.com is known for maintaining the world's largest public hacker database on the net (SOLDIERX HDB) but they also maintains their own public projects, which can be found on the SX Labs page, and their recommended tools collection, which can be found at https://www.soldierx.com/tools. I suggest you take a look at these three projects; Agent Steal, Pentesters Toolkit, and wdivulge.
Dirk Loss: Python Tools for Penetration Testers
If you are a Python programmer and enthusiast, then I believe that you should check out Dirk Loss's list of Python tools for penetration testers. Tools listed on the page are categorized as network, debugging and reverse engineering, fuzzing, web, forensics, malware analysis, PDF, miscellaneous, and other useful libraries and tools.
According to the author of the page: "Some of the more aggressive tools (pentest frameworks, Bluetooth smashers, web application vulnerability scanners, war-dialers, etc.) are left out, because the legal situation of these tools is still a bit unclear in Germany—even after the decision of the highest court. This list is clearly meant to help white hats, and for now I prefer to err on the safe side."
This is an information security and tools review blog maintained by Russ McRee, who writes toolsmith, a monthly column in the ISSA Journal. What I like about this blog is that it tackles different penetration testing, malware analysis, fuzzing, and security tools, including how to use it like a boss.
SecTools.Org is a website maintained by Gordon "Fyodor" Lyon (the author and father of the Nmap Security Scanner). It contains tools descriptions and the top 125 network security tools, which are categorized as antimalware, application-specific scanners, web browser–related, password crackers, encryption tools, debuggers, firewalls, forensics, fuzzers, general-purpose tools, intrusion detection systems (ids), packet crafting tools, port scanners, rootkit detectors, security-oriented operating systems, packet sniffers, vulnerability exploitation tools, traffic monitoring tools, vulnerability scanners, web proxies, web vulnerability scanners, and wireless tools.
Edge-Security is a group of security professionals who focus on offensive security, malware intelligence, and mobile security. They also maintain their own projects: theHarvester, Metagoofil collector, Wfuzz (webapp bruteforcer), ProxyStrike (active proxy), WebSlayer (Wfuzz frontend), Edge-ssh SSH bruteforcing suite, Hosproxy, and geodedge.
The security tool files page from Packet Storm contains files submitted by various security researchers, penetration testers, programmers, etc. You can submit your very own tool for promotion too by emailing them at submissions [at] packetstormsecurity.com.
viaForensics Free Tools
viaForensics is the company known for their expertise in mobile forensics and the project called Santoku Linux, a Linux distro for mobile security, malware analysis, and forensics. They are also maintaining their very own tools and projects aside from Santoku Linux, which can be found here: https://viaforensics.com/resources/tools/
Andrew Zammit Tabona of GFI has written a cool article about 20 digital forensic investigation tools for system administrators. The tools (arranged according to their rankings) listed in the blog are; SANS SIFT, ProDiscover Basic, Volatility, The Sleuth Kit (+Autopsy), FTK Imager, Linux 'dd', CAINE, Oxygen Forensic Suite 2013 Standard, Free Hex Editor Neo, Bulk Extractor, DEFT Linux, Xplico, LastActivityView, Digital Forensic Framework, Mandiant RedLine, PlainSight, HxD, HELIX3 Free, NetSleuth, and P2 eXplorer Free. For more information about the tools mentioned, just refer to the article.
Forensic Control has a list of over 115 free tools for digital forensics analysis; they are categorized as disk imaging tools, email analysis, general, file and data analysis, Mac OS tools, mobile devices, data analysis suites, file viewers, internet analysis, registry analysis, application analysis, and abandonware. You can also suggest other tools for their list by contacting or emailing firstname.lastname@example.org.
The CERT (Community Emergency Response Team) Linux Forensics Tools Repository is a collection of digital forensic tools that can be installed as needed or all at once using the CERT-Forensics-Tools meta package. The repository works primarily for Fedora and Centos/RHEL Linux distributions.
NirSoft is a website maintained by Nir Sofer, an experienced developer with extensive knowledge in C++, .NET Framework, Windows API, and Reverse Engineering of undocumented binary formats and encryption algorithms. His website contains his projects and freeware utilities, categorized as password recovery utilities, network monitoring tools, internet related utilities, MS-Outlook tools, command-line utilities, desktop utilities, and freeware system tools.
SecurityXploded is a known and popular infosec research and development organization offering free security softwares, the latest research articles, and free training on reverse engineering and malware analysis. They have also released more than 150 free security softwares. Here are some of their projects, listed by category:
Password Recovery Tools
- Asterisk Password Spy
- Browser Password Dump
- Facebook Password Decryptor
- Filezilla Password Decryptor
- Google Password Decryptor
- SX Hash Suite
- SX Password Suite
- Yahoo Password Decryptor
- Zip Password Unlocker
- Advanced Win Service Manager
- Autorun File Remover
- Dll Hijack Auditor
- Encrypted File Scanner Updated
- Exe Scan
- Hidden File Finder
- Py Mal
- Shell Detect
- Spy BHO Remover
- Spy DLL Remover
- Stream Armor
- Virus Total Scanner
Network Security Tools
- Directory Scanner
- Facebook Blocker Updated
- Google Ad Blocker Updated
- Hide Computer
- Instant You Tube Blocker Updated
- IPv6 Disable Updated
- LDAP Search
- MAC Address Scanner
- Net Database Scanner
- Net Share Monitor
System Security Tools
- ASLR Process Scanner
- Auto Screen Capture
- Browser History Spy
- DEP Process Scanner
- DLL Finder
- DLL Magic
- DLL Relocation Finder
- DLL Remover
- Download Hash Verifier
- Enable Admin Updated
- Exe64bit Detector
- File Time Changer
- Hash Compare
- Hash Console
- Hash Generator
- Hidden Cmd Detector
Open Source Digital Forensics (www2.opensourceforensics.org) is a reference site for open source software where the tools are categorized into the following:
Bootable Environments—Use to boot a suspect system into a trusted state.
Data Acquisition—Use to collect data from a dead or live suspect system.
Volume System—Use to examine the data structures that organize media, such as partition tables and disk labels.
File System—Use to examine a file system or disk image and show the file content and other meta data.
Application—Use to analyze the contents of a file (i.e., at the application layer).
Network—Use to analyze network packets and traffic. This does not include logs from network devices.
Memory—Use to analyze memory dumps from computers.
Frameworks—Use to build custom tools.
Aside from the BackBox Linux project, the BackBox Linux Team also has its very own projects, which are listed below:
dSploit—an Android network penetration suite
pyCryptocat—a Cryptocat standalone client
Weevely—generate and manage hardly detectable PHP trojans
Climber—Check UNIX/Linux systems for privilege escalation
NetCommander—arp spoofing tool
Fang—a multi-service threaded MD5 cracker
Aside from information security articles, Help Net Security also maintains a page that lists popular security softwares for Windows, Linux, and Mac OS X. The softwares are categorized into access control, analyzers, antispam, antispyware, antivirus, auditing, encryptions, firewalls, monitoring, networking, passwords, portable storage, privacy, programming, scanners, various, and wireless.
UIC R.E. Academy has a downloads page that includes a list of useful tools for reverse engineering and malware analysis, which are categorized as compilers, disassemblers and debuggers, logging and monitoring tools, malware analysis tools, and PE yools.
SecurityFocus is known to have an updated vulnerability database and an active mailing list but, aside from that, they also maintain a resource page where you can submit new tools and beta programs.
The ISC Tools page is where you can find online tools such as Base 64 Decoder, EXIF Reader, IPv6 / IPv4 Conversion and Analysis, Site Availability Check, GDI Scan, etc. The page is maintained by the SANS Internet Storm Center.
Would you like to test your skills further with a CTF challenge? Check this out: