1.5 KiB
1.5 KiB
Tools & Kits 🧰
A curated kit for red/blue/purple work. Opinionated, lightweight, and actually maintained.
Recon & Discovery
- Nmap — nmap.org
- Wireshark — wireshark.org
- Shodan — shodan.io
- Censys — censys.io
- Subfinder — github.com/projectdiscovery/subfinder
Web App Testing
- Burp Suite — portswigger.net/burp
- OWASP ZAP — owasp.org/www-project-zap/
- SecLists — github.com/danielmiessler/SecLists
- fuzzdb — github.com/fuzzdb-project/fuzzdb
Exploitation Frameworks
- Metasploit — metasploit.com
- BeEF — beefproject.com
Reverse Engineering / Binary
- radare2 — github.com/radareorg/radare2
- Ghidra — ghidra-sre.org
- BinNavi — github.com/google/binnavi
MITM / Phishing
- BetterCAP — bettercap.org
- mitmproxy — mitmproxy.org
- Evilginx — github.com/kgretzky/evilginx
Privilege Escalation Helpers
- LinEnum — github.com/rebootuser/LinEnum
- linux-exploit-suggester — github.com/mzet-/linux-exploit-suggester
- BeRoot — github.com/AlessandroZ/BeRoot
Malware & Forensics
- malice — github.com/maliceio/malice
- linux-explorer — github.com/intezer/linux-explorer
Wordlists & CTI
- SecLists — (again, because you’ll forget)
- Exploit-DB — exploit-db.com
- Rapid7 DB — rapid7.com/db
Got a better tool? Add it under the right section, alphabetically. If it’s niche, add a one-liner why it’s worth anyone’s time.