Hack Tools
Docker Images
- https://hub.docker.com/r/szalek/pentest-tools/
- https://hub.docker.com/r/kalilinux/kali-linux-docker/
Kali Linux
VirtualBox
Linux
Tails Linux
Shodan
Burp Suite Scanner
OWASP Zed Attack Proxy Project
dirb & gobuster
searchsploit
- https://www.exploit-db.com/searchsploit/#installlinux
- searchsploit -u
- searchsploit -h
- searchsploit ProFTPD
- searchsploit afd windows local
(Subdomain Enumeration) Sublist3r
(Subdomain Enumeration) knock
(Subdomain Enumeration) brutesubs
(Subdomain Enumeration)
- https://blog.appsecco.com/a-penetration-testers-guide-to-sub-domain-enumeration-7d842d5570f6
- https://gist.github.com/yamakira/2a36d3ae077558ac446e4a89143c69ab
- Google dorks
- VirusTotal
- DNSdumpster
- Sublist3r
- Certificate Transparency
- dnsrecon.py
- altdns.py
- Finding Autonomous System
- Zone transfer
- ldns-walk
nmap
- nmap -sSV -Pn 127.0.0.1
nslookup
- nslookup example.com
sqlmap
- http://sqlmap.org/
- sqlmap -u {URL}.php?username=adrian --dbs
- sqlmap -u {URL}.php?username=adrian -D {DB_NAME}--tables
- sqlmap -u {URL}.php?username=adrian -T {TABLE-NAME} --columns
- sqlmap -u {URL}.php?username=adrian -T {TABLE_NAME} --dump
nikto
- https://cirt.net/Nikto2
- nikto -host {URL}/ -output /tmp/test.html
- nikto -host {URL}/ -output /tmp/test.csv
whois
- whois --help
- whois www.{URL}
dnsenum
- https://github.com/fwaeytens/dnsenum
- dnsenum --help
- dnsenum {URL}
digbit
- digbit {URL}
sn1per
knock
- http://www.kitploit.com/2017/08/knockpy-enumerate-subdomain-scanner.html
- https://github.com/guelfoweb/knock
- knockpy {URL}
webcomment
- https://github.com/szalek/webcomment/tree/master
- webcomment -m url -t http://www.blog.btbw.pl
haveibeenpwned
- api form https://haveibeenpwned.com
- https://github.com/szalek/haveibeenpwned
- haveibeenpwned emails.txt
- haveibeenpwned test@example.com
- haveibeenpwned noexist@btbw.pl
paskto
- http://www.kitploit.com/2017/11/paskto-passive-web-scanner.html
- https://github.com/cloudtracer/paskto
- https://github.com/szalek/paskto (Fork)
- paskto --help
shred
- https://www.hackers-arise.com/single-post/2017/10/17/Mr-Robot-Hacks-Season-3-How-Elliot-Covered-his-Tracks
- shred -f -n 3 test.txt
netdiscover
- sudo apt install netdiscover
- sudo netdiscover -r 192.168.0.1/24
DAVtest (Kali Linux)
- https://tools.kali.org/web-applications/davtest
- davtest --url blog.michalszalkowski.com
EyeWitness
WAFW00F
- wafw00f {URL}