开源工具目录集1.0版
本帖最后由 梦幻的彼岸 于 2019-8-8 16:07 编辑更新日期:2019年8月8日
未方便伙伴们学习,节省一些搜索工具的时间,特在网络上收集开源工具分类后编辑本贴。
注意:
本开源工具目录仅限于安全研究与学习使用,用户使用本工具所造成的所有后果,由用户承担全部法律及连带责任!本站以及帖子编辑者不承担任何法律及连带责任。
http://www.cnhonkerarmy.com/static/image/hrline/1.gif
网络安全法:
https://baike.so.com/doc/7873640-24838970.html
http://www.cnhonkerarmy.com/static/image/hrline/3.gif
非技术讨论,你的回帖会被删除,望周知、理解。
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
反汇编工具:
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
x64dbg: https://github.com/x64dbg/x64dbg
http://www.cnhonkerarmy.com/static/image/hrline/line6.png屏幕捕获工具:
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
ScreenToGif:https://github.com/NickeManarin/ScreenToGif
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
资源下载工具:
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
baiduCDP:https://github.com/cool2528/baiduCDPhttp://www.cnhonkerarmy.com/static/image/hrline/line6.png
密码修改器:
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
http://www.cdslow.org.ru/en/ntpwedit/
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
漏洞扫描工具:
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
Sqlmap: https://github.com/sqlmapproject/sqlmap
巡风:https://github.com/ysrc/xunfeng
whatweb:https://github.com/urbanadventurer/WhatWeb
gixy:https://github.com/yandex/gixy
arachni:https://github.com/Arachni/arachni
subdomainsbrute:https://github.com/lijiejie/subDomainsBrute
wydomain:https://github.com/ring04h/wydomain
googlessldomainfinder:https://github.com/We5ter/GSDF
sqliscanner:https://github.com/0xbug/SQLiScanner
dsss:https://github.com/stamparm/DSSS
bbscan:https://github.com/lijiejie/BBScan
githack:https://github.com/lijiejie/GitHack
htpwdscan:https://github.com/lijiejie/htpwdScan
wyportmap:https://github.com/ring04h/wyportmap
nstproxy:https://github.com/ibey0nd/NSTProxy
srcms:https://github.com/martinzhou2015/SRCMS
insigth:https://github.com/creditease-sec/insight
dnslog:https://github.com/BugScanTeam/DNSLog
pocsuite:https://github.com/knownsec/Pocsuite
regeorg:https://github.com/sensepost/reGeorg
驭龙 HIDS:https://github.com/ysrc/yulong-hids
dirsearch:https://github.com/maurosoria/dirsearch
cmspoc:https://github.com/CHYbeta/cmsPoc
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
数据库漏洞扫描类
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
https://github.com/0xbug/SQLiScanner
https://github.com/stamparm/DSSS
https://github.com/LoRexxar/Feigong
https://github.com/youngyangyang04/NoSQLAttack
https://github.com/Neohapsis/bbqsql
https://github.com/NetSPI/PowerUpSQL
http://www.cnhonkerarmy.com/static/image/hrline/1.gif
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
弱口令或信息泄漏扫描类
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
https://github.com/lijiejie/htpwdScan
https://github.com/lijiejie/BBScan
https://github.com/lijiejie/GitHack
https://github.com/wilson9x1/fenghuangscanner_v3
https://github.com/ysrc/F-Scrack
https://github.com/Mebus/cupp
https://github.com/RicterZ/genpAss
https://github.com/netxfly/crack_ssh
http://www.cnhonkerarmy.com/static/image/hrline/1.gif
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
中间件扫描、指纹识别类
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
https://github.com/ring04h/wyportmap
https://github.com/ring04h/weakfilescan
https://github.com/EnableSecurity/wafw00f
https://github.com/rbsec/sslscan
https://github.com/urbanadventurer/whatweb
https://github.com/tanjiti/FingerPrint
https://github.com/nanshihui/Scan-T
https://github.com/OffensivePython/Nscan
https://github.com/ywolf/F-NAScan
https://github.com/ywolf/F-MiddlewareScan
https://github.com/maurosoria/dirsearch
https://github.com/x0day/bannerscan
https://github.com/RASSec/RASscan
https://github.com/3xp10it/bypass_waf
https://github.com/3xp10it/mytools/blob/master/xcdn.py
https://github.com/Xyntax/BingC
https://github.com/Xyntax/DirBrute
https://github.com/zer0h/httpscan
https://github.com/lietdai/doom
http://www.cnhonkerarmy.com/static/image/hrline/1.gif
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
木马后门收集工具:
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
https://github.com/tennc/webshell
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
渗透以及web攻击脚本:
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
https://github.com/brianwrf/hackUtils
web渗透小工具大合集:https://github.com/rootphantomer/hack_tools_for_me
XSS数据接收平台
https://github.com/firesunCN/BlueLotus_XSSReceiver
XSS与CSRF工具:
https://github.com/evilcos/xssor
Short for command injection exploiter,web向命令注入检测工具
https://github.com/stasinopoulos/commix
数据库注入工具:
https://github.com/sqlmapproject/sqlmap
Web代理,通过加载sqlmap api进行sqli实时检测:
https://github.com/zt2/sqli-hunter
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
网站管理软件
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
新版中国菜刀:
https://github.com/Chora10/Cknife
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
EXP:
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
.git文件夹泄露漏洞
https://github.com/lijiejie/GitHack
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
POC
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
ExploitDB官方git版本
https://github.com/offensive-security/exploit-database
php漏洞代码分析
https://github.com/80vul/phpcodz
Simple test for CVE-2016-2107
https://github.com/FiloSottile/CVE-2016-2107
CVE-2015-7547 POC
https://github.com/fjserna/CVE-2015-7547
JAVA反序列化POC生成工具
https://github.com/frohoff/ysoserial
JAVA反序列化EXP
https://github.com/foxglovesec/JavaUnserializeExploits
Jenkins CommonCollections EXP
https://github.com/CaledoniaProject/jenkins-cli-exploit
CVE-2015-2426 EXP
https://github.com/vlad902/hacking-team-windows-kernel-lpe
use docker to show web attack
https://github.com/hxer/vulnappdiscuz ml RCE 漏洞检测工具
https://github.com/theLSA/discuz-ml-rce
http://www.cnhonkerarmy.com/static/image/hrline/1.gif
浏览器攻击框架:
https://github.com/beefproject/beef
自动化绕过WAF脚本
https://github.com/khalilbijjou/WAFNinja
http命令行客户端,可以从命令行构造发送各种http请求(类似于Curl):
https://github.com/jkbrzt/httpie
浏览器调试利器:
https://github.com/firebug/firebug
一款开源WAF
https://github.com/SpiderLabs/ModSecurity
windows域渗透工具:
windows渗透神器
https://github.com/gentilkiwi/mimikatz
Powershell渗透库合集:
https://github.com/PowerShellMafia/PowerSploit
Powershell tools合集:
https://github.com/clymb3r/PowerShell
Fuzz
Web向Fuzz工具:
https://github.com/xmendez/wfuzz
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
HTTP暴力破解,撞库攻击脚本
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
https://github.com/lijiejie/htpwdScan
漏洞利用及攻击框架:
msf:https://github.com/rapid7/metasploit-framework
Poc调用框架,可加载Pocsuite,Tangscan,Beebeeto等;
https://github.com/erevus-cn/pocscan
Pocsuite:
https://github.com/knownsec/Pocsuite
Beebeeto:
https://github.com/n0tr00t/Beebeeto-framework
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
php7缓存覆写漏洞Demo及相关工具
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
https://github.com/GoSecure/php7-opcache-override
XcodeGhost木马样本
https://github.com/XcodeGhostSource/XcodeGhost
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
中间人攻击框架工具
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
https://github.com/secretsquirrel/the-backdoor-factory
https://github.com/secretsquirrel/BDFProxy
https://github.com/byt3bl33d3r/MITMf
Inject code, jam wifi, and spy on wifi users
https://github.com/DanMcInerney/LANs.py
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
可扩展的中间人代理工具
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
https://github.com/intrepidusgroup/mallory
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
wifi钓鱼
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
https://github.com/sophron/wifiphisher
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
密码破解工具
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
https://github.com/shinnok/johnny
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
本地存储的各类密码提取工具
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
https://github.com/AlessandroZ/LaZagne
http://www.cnhonkerarmy.com/static/image/hrline/1.gif
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
子域名枚举工具:
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
https://github.com/lijiejie/subDomainsBrute
https://github.com/ring04h/wydomain
https://github.com/le4f/dnsmaper
https://github.com/0xbug/orangescan
https://github.com/TheRook/subbrute
https://github.com/We5ter/GoogleSSLdomainFinder
https://github.com/mandatoryprogrammer/cloudflare_enum
https://github.com/18F/domain-scan
注意:
本开源工具目录仅限于安全研究与学习使用,用户使用本工具所造成的所有后果,由用户承担全部法律及连带责任!本站以及帖子编辑者不承担任何法律及连带责任。
http://www.cnhonkerarmy.com/static/image/hrline/line6.png
http://www.cnhonkerarmy.com/static/image/hrline/1.gif
网络安全法:
https://baike.so.com/doc/7873640-24838970.html
版主 辛苦收集,支持一个。 牛犇.......我要是全学会了,该何去何从? 感谢分享,您辛苦了。 表哥,优秀,收集辛苦 不错啊,支持了。。 楼主辛苦了,继续总结。 学习了,谢谢 感谢发布原创作品,PYG有你更精彩! PYG有你更精彩!