SECURITY TOOLS - ATTACK
Exploits and vulnerabilities
- Offensive Security - house of Kali and Nethunter - 'Try harder'
- Kali (http) - BackTrack's successor
- Kali (https)
- Kali doc
- Kali tools
- Information gathering
- Sniffing and spoofing
- Vulnerability analysis
- Password attacks
- Wireless attacks
- Web apps
- Exploitation tools
- Reverse engineering
- Stress testing
- Hardware hacking
- Maintaining access
- BackTrack - Remote Exploit - including LifeCD images with wireless tools such as AirCrack-ng
BeEF - Browser Exploitation Framework
A penetration testing tool that focuses on the web browser.
Includes scanning of your website for https, tls, ssh...
Mozilla Observatory - Scanners
Tool for testing Web application security, written in Java and developed by PortSwigger Web Security.
- Burp Suite
- HTTP Proxy - web proxy server, sits as a man-in-the-middle between the browser and destination web servers
- Scanner - application vulnerability scanner
- Intruder - for automated attacks on web applications, offers a configurable algorithm
that can generate malicious HTTP requests. Can test and detect SQL injections,
cross-site scripting, parameter manipulation and vulnerabilities susceptible to brute-force attacks
- Spider - for automatically crawling web applications, can be used in conjunction with manual mapping techniques
- Repeater - A simple tool that can be used to manually test an application, can be used to modify requests to the server,
resend them, and observe the results
- Decoder - A tool for transforming encoded data into its canonical form, or for transforming raw data into various encoded
and hashed forms. It is capable of intelligently recognizing several encoding formats using heuristic techniques
- Comparer - for performing a comparison (a visual "diff") between any two items of data
- Extender - allows to load Burp extensions, to extend Burp's functionality using the security
testers own or third-party code (BAppStore)
- Sequencer - analyzing the quality of randomness in data items
- Burp Suite Support
- Burp Suite Documentation
- Burp Suite Documentation - table of contents
- Burp on Github
- Burp support of JWT
- OWASP - a.o. web app testing tools
Owned by Boston, Massachusetts-based security company Rapid7.
Main project is the Metasploit Framework, a tool for developing and executing exploit code against a remote target machine.
Other sub-projects include the Opcode Database, shellcode archive and related research.
People and conferences
- Bethgelab - DE Tubingen
- RobustVision benchmark
- Foolbox - a Python toolbox to create adversarial examples that fool neural networks,
comes with a large collection of adversarial attacks, both gradient-based attacks as well as black-box attacks
- CleverHans - a Python library to benchmark machine learning systems' vulnerability to adversarial examples
Heavy duty - or go TOR or I2P