Saltar al contenido
Portada » Blog – Laprovittera Carlos » hacking Tools

hacking Tools

Esta lista está en constante cambio. una recopilación propia y de varias fuentes. Al final del articulo cito a las personas que hicieron esto posible.

Red Team

RECONOCIMIENTO:

– RustScan ==> https://lnkd.in/ebvRfBNy
– Amass ==> https://lnkd.in/e7V569N5
– CloudEnum ==> https://lnkd.in/ePHDeGZv
– Recon-NG ==> https://lnkd.in/edwaXFjS
– AttackSurfaceMapper ==> https://lnkd.in/ebbcj6Rm
– DNSDumpster ==> https://dnsdumpster.com/

·Nmap: https://nmap.org
·sqlmap: https://sqlmap.org
·OpenVAS: https://www.openvas.org
·Nikto: https://lnkd.in/dZz5gzZT
·Shodan: https://www.shodan.io
·Crt.shhttps://crt.sh

INITIAL ACCESS:

– SprayingToolKit ==> https://lnkd.in/eBSAPz5z
– o365Recon ==> https://lnkd.in/eJwCx-Ga
– GadgetToJScript ==> https://lnkd.in/egPQBBXJ
– ThreatCheck ==> https://lnkd.in/eHvSPakR
– Freeze ==> https://lnkd.in/eNUh3zCi

DELIVERY:

– o365AttackToolKit ==> https://lnkd.in/etCCYi8y
– EvilGinx2 ==> https://lnkd.in/eRDPvwUg
– GoPhish ==> https://lnkd.in/ea26dfNg
– PwnAuth ==> https://lnkd.in/eqecM7de
– Modlishka ==> https://lnkd.in/eds-dR5C

COMMAND AND CONTROL:

– PoshC2 ==> https://lnkd.in/eqSJUDji
– Sliver ==> https://lnkd.in/ewN9Nday
– SILENTTRINITY ==> https://lnkd.in/eeZGbYMs
– Empire ==> https://lnkd.in/egAPa8gY
– AzureC2Relay ==> https://lnkd.in/efmh2t3g

·Pupy: https://lnkd.in/dQqHe8wy
·Cobalt Strike: https://lnkd.in/dw9hQtWQ

CREDENTIAL DUMPING:

– MimiKatz ==> https://lnkd.in/etEGfvJK
– HekaTomb ==> https://lnkd.in/eJx5Ugu5
– SharpLAPS ==> https://lnkd.in/eA28n9FT
– Net-GPPPassword ==> https://lnkd.in/e3CTez5A
– PyPyKatz ==> https://lnkd.in/eeb5b6Tz

·Dumpert: https://lnkd.in/dH66FJj4
·Lazagne: https://lnkd.in/di8zz_47
·forkatz: https://lnkd.in/de-jtbjY
·Pypykatz: https://lnkd.in/dkKequy6
·nanodump: https://lnkd.in/dCHhtH3x

PRIVILEGE ESCALATION:

– SharpUp ==> https://lnkd.in/etR2Pe_n
– MultiPotato ==> https://lnkd.in/eq53PXcJ
– PEASS ==> https://lnkd.in/eWA66akh
– Watson ==> https://lnkd.in/eZfYMSMX

·BloodHound: https://lnkd.in/ddxtanZV
·BeRoot: https://lnkd.in/drybarmR

DEFENSE EVASION:

– EDRSandBlast ==> https://lnkd.in/e8g8zYFT
– SPAWN – Cobalt Strike BOF ==> https://lnkd.in/e223PbqZ
– NetLoader ==> https://lnkd.in/ef5wCD4y
– KillDefenderBOF ==> https://lnkd.in/eVd54HUp

PERSISTENCE:

– SharPyShell ==> https://lnkd.in/eXm8h8Bj
– SharpStay ==> https://lnkd.in/erRbeFMj
– SharpEventPersist ==> https://lnkd.in/e_kJFNiB
– Hoaxshell ==> https://github.com/t3l3machus/hoaxshell

LATERAL MOVEMENT:

– SCShell ==> https://lnkd.in/e256fC8B
– MoveKit ==> https://lnkd.in/eR-NUu_U
– ImPacket ==> https://lnkd.in/euG4hTTs

EXFILTRATION:

– SharpExfiltrate ==> https://lnkd.in/eGC4BKRN
– DNSExfiltrator ==> https://lnkd.in/epJ-s6gp
– Egress-Assess ==> https://lnkd.in/eXGFPQRJ

PHISHING
·Gophish: https://getgophish.com
·King Phisher: https://lnkd.in/dtpMD8XZ
·EvilURL: https://lnkd.in/du82nxhD

OSINT
·Maltego: https://www.maltego.com
·Spiderfoot: https://www.spiderfoot.net
·OSINT Framework: https://osintframework.com

Blue Team

NETWORK:

– SELKS ==> https://lnkd.in/ehAHv7y4
– CrowdSec ==> https://www.crowdsec.net/
– Suricata ==> https://suricata.io/
– OSSEC ==> https://lnkd.in/gnDBFAuu
– PiHole ==> https://pi-hole.net/
– AdGuardHome ==> https://lnkd.in/grqdJD2
– NextDNS ==> https://nextdns.io/fr
·pfSense: https://www.pfsense.org
·Arkime: https://arkime.com

SIEM/EDR/XDR/MDR:

– Wazuh ==> https://wazuh.com/
– GrayLog ==> https://www.graylog.org/ | https://lnkd.in/geMhgi9p
– IBM QRadar ==> https://www.ibm.com/qradar
– Splunk Security Essential ==> https://lnkd.in/gCgPCgUk
– OpenEDR ==> https://www.openedr.com/
– TehTris EDR ==> https://lnkd.in/guY687GW
– SecurityOnion-Solutions ==> https://lnkd.in/gqrj7kGd

·OSSIM: https://lnkd.in/dXegU3-5
·LogRhythm: https://logrhythm.com
·Cortex XDR: https://lnkd.in/devusd8T
·Cynet 360: https://lnkd.in/dZTXUwBE
·FortiEDR: https://lnkd.in/daTMkVxb

AUDIT/AD:

– PingCastle ==> https://lnkd.in/gwujBCpm
– Purple Knight ==> https://lnkd.in/eeqznxX8
– PowerHuntShares ==> https://lnkd.in/ehDisjyQ

DFIR/FORENSIC:

– Snort ==> https://www.snort.org/
– NetworkMiner ==> https://lnkd.in/e5qJb2bS
– Zeek ==> https://zeek.org/
– Brim ==> https://www.brimdata.io/
– Wireshark ==> https://www.wireshark.org/
– Sysinternals ==> https://lnkd.in/gCW23y_s
– OSQuery ==> https://osquery.io/
– PeStudio ==> https://www.winitor.com/
– Volatility ==> https://lnkd.in/g2q-wYRR

CTI/THREAT INTELLIGENCE/OSINT:

– Posh – VirusTotal ==> https://lnkd.in/gdwrS-nB
– Teleport ==> https://goteleport.com/
– VirusTotal ==> https://lnkd.in/e9543GK2
– OpenCTI ==> https://lnkd.in/e6XPYbGq
– Manuka ==> https://lnkd.in/gYCrDUqK
– PhishTool ==> https://www.phishtool.com/
– MISP ==> https://lnkd.in/eD2wpfRH
– Shodan ==> https://www.shodan.io/
– DNSDumpster ==> https://dnsdumpster.com/
– Awesome Osint ==> https://lnkd.in/e3WEXf2D
– Yara ==> https://lnkd.in/eQAR6ivH
– OpenCVE ==> https://lnkd.in/eG94zWWW
– Fast Incident Response ==> https://lnkd.in/gpZYCFS6
– criminalip ==> https://www.criminalip.io/

OS ANALYSIS
·Helk: https://lnkd.in/di4rQuNb
·Volatility: https://lnkd.in/dBr4yVYa
·RegRipper: https://lnkd.in/dq2hTNQw
·OSSEC: https://www.ossec.net
·osquery: https://osquery.io

INCIDENT MANAGMENT
·TheHive: https://lnkd.in/dkR-d4JB
·GRR Rapid Response: https://lnkd.in/d42-6faP

HONEYPOTS
·Kippo: https://lnkd.in/d2ypa3j4
·Cowrie: https://lnkd.in/dAR68JQt
·Dockpot: https://lnkd.in/dgn7MpQg
·HonSSH: https://lnkd.in/dMKptyHz

THREAT INTELLIGENCE
·Misp: https://lnkd.in/dkcbKsTN
·MSTICPy: https://lnkd.in/dBjgWVqY

10 Herramientas para pentesting en Active Directory

Repositorios

Para termux: https://github.com/mishakorzik/AllHackingTools

Esta es una recopilación de herramientas que fue creada a partir de listas de estos autores

Deja una respuesta

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *