Skip to content

Latest commit

 

History

History
78 lines (52 loc) · 5.88 KB

CyberSecurity-Stuff.md

File metadata and controls

78 lines (52 loc) · 5.88 KB
Raw

Op Indexer/Collection

CyberSecurity Tools

CLI based

  • Zydra - Password Recovery Tool or BruteForce password cracking tool. It can use to recover password of rar,zip and pdf file.

Wordlist

Scanner

  • MobSF (Mobile Security Framwork) - Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis... (read more)

Browser Extensions

  • Hack Tool | FireFox | Chrome - The all-in-one Red Team extension for Web Pentester 🛠. HackTools, is a web extension facilitating your web application penetration tests, it includes cheat sheets as well as all the tools used during a test such as XSS payloads, Reverse shells and much more.

Website based

  • CyberChef | Github - CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser.

    credit : TryHackMe Advent of Cyber 4 Task 12(Day 7)

  • GTFOBins ⭐ - GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems.

  • LOLBAS ⭐ - Similar to GTFOBins but for window

  • Rev Shell ⭐ | Github Repo - Online Reverse Shell generator with a ton of functionality. -- (Great for CTFs)

Misc 😓

  • PHP Reverse Shell Script Page - This .php file can use on website which allow access to uploaded file,i.e. website allow .php file upload and allow to accept it eg. https://example.com/uploads/reverse_shell.php

    Expain : Uploaded file intend to be load as image or get download file in client pc,but .php will get treated as server php page and get executed. It happens if not extension validation is happen when asking for image only upload or preventing .php file to execute from upload folder

  • ProjectDiscovery | Community - Open-Source CyberSec company aim to develop security tools (builds tools to detect and remediate vulnerabilities across your modern tech stack.)

Vulnerable VM for practice (or just VM based stuff...)

  • CommandoVM - a fully customizable, Windows-based security distribution for penetration testing and red teaming.
  • FlareVM - a collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a virtual machine (VM). FLARE VM was designed to solve the problem of reverse engineering tool curation and relies on two main technologies: Chocolatey and Boxstarter. Chocolatey is a Windows-based Nuget package management system, where a "package" is essentially a ZIP file containing PowerShell installation scripts that download and configure a specific tool. Boxstarter leverages Chocolatey packages to automate the installation of software and create repeatable, scripted Windows environments.
  • TraceLabs OSINT VM | See It In Action - The Trace Labs team created a specialized OSINT VM specifically to bring together the most effective OSINT tools and customized scripts we saw being used during our Search Party CTF’s. Inspired by the infamous Buscador VM, the Trace Labs OSINT VM was built in a similar way, to enable OSINT investigators participating in the Trace Labs Search Party CTF’s a quick way to get started and have access to the most popular OSINT tools and scripts all neatly packaged under one roof.

Search engine for hackers/pentesters