hacking Tools

Esta lista está en constante cambio. una recopilación propia y de varias fuentes. Al final del articulo cito a las personas que hicieron esto posible.

Red Team

RECONOCIMIENTO:

– RustScan ==> https://lnkd.in/ebvRfBNy
– Amass ==> https://lnkd.in/e7V569N5
– CloudEnum ==> https://lnkd.in/ePHDeGZv
– Recon-NG ==> https://lnkd.in/edwaXFjS
– AttackSurfaceMapper ==> https://lnkd.in/ebbcj6Rm
– DNSDumpster ==> https://dnsdumpster.com/

·Nmap: https://nmap.org
·sqlmap: https://sqlmap.org
·OpenVAS: https://www.openvas.org
·Nikto: https://lnkd.in/dZz5gzZT
·Shodan: https://www.shodan.io
·Crt.sh: https://crt.sh

INITIAL ACCESS:

– SprayingToolKit ==> https://lnkd.in/eBSAPz5z
– o365Recon ==> https://lnkd.in/eJwCx-Ga
– GadgetToJScript ==> https://lnkd.in/egPQBBXJ
– ThreatCheck ==> https://lnkd.in/eHvSPakR
– Freeze ==> https://lnkd.in/eNUh3zCi

DELIVERY:

– o365AttackToolKit ==> https://lnkd.in/etCCYi8y
– EvilGinx2 ==> https://lnkd.in/eRDPvwUg
– GoPhish ==> https://lnkd.in/ea26dfNg
– PwnAuth ==> https://lnkd.in/eqecM7de
– Modlishka ==> https://lnkd.in/eds-dR5C

COMMAND AND CONTROL:

– PoshC2 ==> https://lnkd.in/eqSJUDji
– Sliver ==> https://lnkd.in/ewN9Nday
– SILENTTRINITY ==> https://lnkd.in/eeZGbYMs
– Empire ==> https://lnkd.in/egAPa8gY
– AzureC2Relay ==> https://lnkd.in/efmh2t3g

·Pupy: https://lnkd.in/dQqHe8wy
·Cobalt Strike: https://lnkd.in/dw9hQtWQ

CREDENTIAL DUMPING:

– MimiKatz ==> https://lnkd.in/etEGfvJK
– HekaTomb ==> https://lnkd.in/eJx5Ugu5
– SharpLAPS ==> https://lnkd.in/eA28n9FT
– Net-GPPPassword ==> https://lnkd.in/e3CTez5A
– PyPyKatz ==> https://lnkd.in/eeb5b6Tz

·Dumpert: https://lnkd.in/dH66FJj4
·Lazagne: https://lnkd.in/di8zz_47
·forkatz: https://lnkd.in/de-jtbjY
·Pypykatz: https://lnkd.in/dkKequy6
·nanodump: https://lnkd.in/dCHhtH3x

PRIVILEGE ESCALATION:

– SharpUp ==> https://lnkd.in/etR2Pe_n
– MultiPotato ==> https://lnkd.in/eq53PXcJ
– PEASS ==> https://lnkd.in/eWA66akh
– Watson ==> https://lnkd.in/eZfYMSMX

·BloodHound: https://lnkd.in/ddxtanZV
·BeRoot: https://lnkd.in/drybarmR

DEFENSE EVASION:

– EDRSandBlast ==> https://lnkd.in/e8g8zYFT
– SPAWN – Cobalt Strike BOF ==> https://lnkd.in/e223PbqZ
– NetLoader ==> https://lnkd.in/ef5wCD4y
– KillDefenderBOF ==> https://lnkd.in/eVd54HUp

PERSISTENCE:

– SharPyShell ==> https://lnkd.in/eXm8h8Bj
– SharpStay ==> https://lnkd.in/erRbeFMj
– SharpEventPersist ==> https://lnkd.in/e_kJFNiB
– Hoaxshell ==> https://github.com/t3l3machus/hoaxshell

LATERAL MOVEMENT:

– SCShell ==> https://lnkd.in/e256fC8B
– MoveKit ==> https://lnkd.in/eR-NUu_U
– ImPacket ==> https://lnkd.in/euG4hTTs

EXFILTRATION:

– SharpExfiltrate ==> https://lnkd.in/eGC4BKRN
– DNSExfiltrator ==> https://lnkd.in/epJ-s6gp
– Egress-Assess ==> https://lnkd.in/eXGFPQRJ

PHISHING
·Gophish: https://getgophish.com
·King Phisher: https://lnkd.in/dtpMD8XZ
·EvilURL: https://lnkd.in/du82nxhD

OSINT
·Maltego: https://www.maltego.com
·Spiderfoot: https://www.spiderfoot.net
·OSINT Framework: https://osintframework.com

Blue Team

NETWORK:

– SELKS ==> https://lnkd.in/ehAHv7y4
– CrowdSec ==> https://www.crowdsec.net/
– Suricata ==> https://suricata.io/
– OSSEC ==> https://lnkd.in/gnDBFAuu
– PiHole ==> https://pi-hole.net/
– AdGuardHome ==> https://lnkd.in/grqdJD2
– NextDNS ==> https://nextdns.io/fr
·pfSense: https://www.pfsense.org
·Arkime: https://arkime.com

SIEM/EDR/XDR/MDR:

– Wazuh ==> https://wazuh.com/
– GrayLog ==> https://www.graylog.org/ | https://lnkd.in/geMhgi9p
– IBM QRadar ==> https://www.ibm.com/qradar
– Splunk Security Essential ==> https://lnkd.in/gCgPCgUk
– OpenEDR ==> https://www.openedr.com/
– TehTris EDR ==> https://lnkd.in/guY687GW
– SecurityOnion-Solutions ==> https://lnkd.in/gqrj7kGd

·OSSIM: https://lnkd.in/dXegU3-5
·LogRhythm: https://logrhythm.com
·Cortex XDR: https://lnkd.in/devusd8T
·Cynet 360: https://lnkd.in/dZTXUwBE
·FortiEDR: https://lnkd.in/daTMkVxb

AUDIT/AD:

– PingCastle ==> https://lnkd.in/gwujBCpm
– Purple Knight ==> https://lnkd.in/eeqznxX8
– PowerHuntShares ==> https://lnkd.in/ehDisjyQ

DFIR/FORENSIC:

– Snort ==> https://www.snort.org/
– NetworkMiner ==> https://lnkd.in/e5qJb2bS
– Zeek ==> https://zeek.org/
– Brim ==> https://www.brimdata.io/
– Wireshark ==> https://www.wireshark.org/
– Sysinternals ==> https://lnkd.in/gCW23y_s
– OSQuery ==> https://osquery.io/
– PeStudio ==> https://www.winitor.com/
– Volatility ==> https://lnkd.in/g2q-wYRR

CTI/THREAT INTELLIGENCE/OSINT:

– Posh – VirusTotal ==> https://lnkd.in/gdwrS-nB
– Teleport ==> https://goteleport.com/
– VirusTotal ==> https://lnkd.in/e9543GK2
– OpenCTI ==> https://lnkd.in/e6XPYbGq
– Manuka ==> https://lnkd.in/gYCrDUqK
– PhishTool ==> https://www.phishtool.com/
– MISP ==> https://lnkd.in/eD2wpfRH
– Shodan ==> https://www.shodan.io/
– DNSDumpster ==> https://dnsdumpster.com/
– Awesome Osint ==> https://lnkd.in/e3WEXf2D
– Yara ==> https://lnkd.in/eQAR6ivH
– OpenCVE ==> https://lnkd.in/eG94zWWW
– Fast Incident Response ==> https://lnkd.in/gpZYCFS6
– criminalip ==> https://www.criminalip.io/

OS ANALYSIS
·Helk: https://lnkd.in/di4rQuNb
·Volatility: https://lnkd.in/dBr4yVYa
·RegRipper: https://lnkd.in/dq2hTNQw
·OSSEC: https://www.ossec.net
·osquery: https://osquery.io

INCIDENT MANAGMENT
·TheHive: https://lnkd.in/dkR-d4JB
·GRR Rapid Response: https://lnkd.in/d42-6faP

HONEYPOTS
·Kippo: https://lnkd.in/d2ypa3j4
·Cowrie: https://lnkd.in/dAR68JQt
·Dockpot: https://lnkd.in/dgn7MpQg
·HonSSH: https://lnkd.in/dMKptyHz

THREAT INTELLIGENCE
·Misp: https://lnkd.in/dkcbKsTN
·MSTICPy: https://lnkd.in/dBjgWVqY

10 Herramientas para pentesting en Active Directory

• 1. Evil-WinRM https://github.com/Hackplayers/evil-winrm
• 2. GhostPack https://github.com/GhostPack
• 3. CrackMapExec https://github.com/Porchetta-Industries/CrackMapExec
• 4. ADReaper https://github.com/AidenPearce369/ADReaper
• 5. Certify y Certipy https://github.com/GhostPack/Certify https://github.com/ly4k/Certipy
• 6. BloodHound y SilentHound https://github.com/BloodHoundAD/BloodHound https://github.com/layer8secure/SilentHound
• 7. PingCastle https://pingcastle.com
• 8. Impacket https://github.com/fortra/impacket
• 9. WinPEAS https://github.com/carlospolop/PEASS-ng/tree/master/winPEAS
• 10. Mimikatz https://github.com/gentilkiwi/mimikatz

Repositorios

• 1 https://github.com/d0nkeys/redteam
• 2 https://github.com/r0eXpeR/redteam_vul
• 3 https://github.com/nccgroup/demiguise
• 4 https://github.com/mantvydasb/RedTeaming-Tactics-and-Techniques
• 5 https://github.com/Threekiii/Awesome-Redteam
• 6 https://github.com/bigb0sss/RedTeam-OffensiveSecurity
• 7 https://github.com/fengjixuchui/RedTeamer
• 8 https://github.com/lengjibo/RedTeamTools
• 9 https://github.com/jeansgit/RedTeam
• 10 https://github.com/Mr-xn/RedTeam_BlueTeam_HW
• 11 https://github.com/mabangde/pentesttools
• 12 https://github.com/we1h0/redteam-tips
• 13 https://github.com/Mel0day/RedTeam-BCS
• 14 https://github.com/Mr-Un1k0d3r/RedTeamPowershellScripts
• 15 https://github.com/QAX-A-Team/BrowserGhost
• 16 https://github.com/kurogai/100-redteam-projects
• 17 https://github.com/biggerduck/RedTeamNotes
• 18 https://github.com/magoo/redteam-plan
• 19 https://github.com/foobarto/redteam-notebook
• 20 https://github.com/blackarrowsec/redteam-research
• 21 https://github.com/Mr-Un1k0d3r/RedTeamCSharpScripts
• 22 https://github.com/RistBS/Awesome-RedTeam-Cheatsheet
• 23 https://github.com/XTeam-Wing/RedTeaming2020
• 24 https://github.com/Mr-Un1k0d3r/RedTeamCCode
• 25 https://github.com/signorrayan/RedTeam_toolkit
• 26 https://github.com/J0hnbX/RedTeam-Resources
• 27 https://github.com/praetorian-inc/PortBender
• 28 https://github.com/FunnyWolf/Viper
• 29 https://github.com/r0eXpeR/redteam-tools
• 30 https://github.com/RootUp/RedTeam
• 31 https://github.com/obscuritylabs/HastySeries
• 32 https://github.com/sectool/redteam-hardware-toolkit
• 33 https://github.com/b1n4ry4rms/RedTeam-Pentest-Cheatsheets
• 34 https://github.com/zer0yu/Awesome-CobaltStrike
• 35 https://github.com/zhutougg/RedteamStandard
• 36 https://github.com/0xJs/RedTeaming_CheatSheet
• 37 https://github.com/ihebski/A-Red-Teamer-diaries
• 38 https://github.com/taielab/Taie-RedTeam-OS
• 39 https://github.com/r0eXpeR/RedTeamAttack
• 40 https://github.com/Lucifer1993/PoCHub
• 41 https://github.com/praetorian-inc/trident
• 42 https://github.com/d30sa1/RootKits-List-Download
• 43 https://github.com/Mr-Un1k0d3r/RedTeamScripts
• 44 https://github.com/phra/PEzor
• 45 https://github.com/rosonsec/RedTeam
• 46 https://github.com/Inf0secRabbit/BadAssMacros
• 47 https://github.com/slimdaddy/RedTeam
• 48 https://github.com/mvelazc0/defcon27_csharp_workshop
• 49 https://github.com/wsummerhill/CobaltStrike_RedTeam_CheatSheet
• 50 https://github.com/DavidProbinsky/RedTeam-Physical-Tools
• 51 https://github.com/WazeHell/sam-the-admin
• 52 https://github.com/yeyintminthuhtut/Awesome-Red-Teaming
• 53 https://github.com/zer0yu/RedTeam_CheetSheets
• 54 https://github.com/PhilKeeble/AWS-RedTeam-ADLab
• 55 https://github.com/sysdream/chashell
• 56 https://github.com/angels520/redteamT00ls
• 57 https://github.com/redteaminfra/redteam-infra
• 58 https://github.com/pwn1sher/frostbyte
• 59 https://github.com/CC11001100/idea-project-fish-exploit
• 60 https://github.com/LOLBAS-Project/LOLBAS
• 61 https://github.com/esp0xdeadbeef/cheat.sheets
• 62 https://github.com/SecurityRiskAdvisors/RedTeamSIEM
• 63 https://github.com/anthonysecurity/redteam_toolkit
• 64 https://github.com/bneg/RedTeam-Automation
• 65 https://github.com/nshalabi/ATTACK-Tools
• 66 https://github.com/sysdream/hershell
• 67 https://github.com/lotapp/ADSec-and-RedTeam
• 68 https://github.com/sh4d3s/RedTeamCheatsheet
• 69 https://github.com/QAX-A-Team/LuWu
• 70 https://github.com/chrismaddalena/RedTeamMemory
• 71 https://github.com/qsecure-labs/overlord
• 72 https://github.com/emmaunel/DiscordGo
• 73 https://github.com/CnHack3r/Goby_PoC_RedTeam
• 74 https://github.com/knight0x07/ImpulsiveDLLHijack
• 75 https://github.com/phink-team/Cobaltstrike-MS17-010
• 76 https://github.com/redteamwiki/redteamwiki
• 77 https://github.com/lengjibo/FourEye
• 78 https://github.com/eksperience/KnockOutlook
• 79 https://github.com/NyDubh3/CuiRi
• 80 https://github.com/cfalta/MicrosoftWontFixList
• 81 https://github.com/wgpsec/fofa_viewer
• 82 https://github.com/brimstone/go-shellcode
• 83 https://github.com/mgeeky/cobalt-arsenal
• 84 https://github.com/TheSecureTux/redteam-k8spwn
• 85 https://github.com/Dviros/redboard
• 86 https://github.com/0x09AL/DNS-Persist
• 87 https://github.com/piiperxyz/AniYa
• 88 https://github.com/micahjmartin/RedTeamDeploy
• 89 https://github.com/api0cradle/UltimateAppLockerByPassList
• 90 https://github.com/api0cradle/LOLBAS
• 91 https://github.com/veo/vshell
• 92 https://github.com/samratashok/nishang
• 93 https://github.com/gloxec/CrossC2
• 94 https://github.com/jwx0539/hackingLibrary
• 95 https://github.com/EnginDemirbilek/NorthStarC2
• 96 https://github.com/DamonMohammadbagher/Some_Pentesters_SecurityResearchers_RedTeamers
• 97 https://github.com/laramies/theHarvester
• 98 https://github.com/PeiQi0/PeiQi-WIKI-Book
• 99 https://github.com/zer0yu/CyberSecurityRSS
• 100 https://github.com/kgretzky/pwndrop
• 101 https://github.com/redcanaryco/atomic-red-team
• 102 https://github.com/infosecn1nja/Red-Teaming-Toolkit
• 103 https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki
• 104 https://github.com/shr3ddersec/Shr3dKit
• 105 https://github.com/BankSecurity/Red_Team
• 106 https://github.com/mandiant/red_team_tool_countermeasures
• 107 https://github.com/netbiosX/Checklists
• 108 https://github.com/its-a-feature/Mythic
• 109 https://github.com/outflanknl/RedELK
• 110 https://github.com/cobbr/Covenant
• 111 https://github.com/LasCC/Hack-Tools
• 112 https://github.com/khast3x/Redcloud
• 113 https://github.com/threatexpress/red-team-scripts
• 114 https://github.com/hudunkey/Red-Team-links
• 115 https://github.com/trickster0/OffensiveRust
• 116 https://github.com/securethelogs/RedRabbit
• 117 https://github.com/backlogs/redmine_backlogs
• 118 https://github.com/vysecurity/RedTips
• 119 https://github.com/rootsecdev/Azure-Red-Team
• 120 https://github.com/DataDog/stratus-red-team
• 121 https://github.com/facebookarchive/WEASEL
• 122 https://github.com/WebBreacher/offensiveinterview
• 123 https://github.com/cisagov/RedEye
• 124 https://github.com/Coalfire-Research/Red-Baron
• 125 https://github.com/propervillain/moistpetal
• 126 https://github.com/Al1ex/Red-Team
• 127 https://github.com/CyberSecurityUP/Awesome-Red-Team-Operations
• 128 https://github.com/ahmedkhlief/Ninja
• 129 https://github.com/nccgroup/redsnarf
• 130 https://github.com/wikiZ/RedGuard
• 131 https://github.com/marcosValle/awesome-windows-red-team
• 132 https://github.com/KCarretto/Arsenal
• 133 https://github.com/bitsadmin/nopowershell
• 134 https://github.com/lightspin-tech/red-kube
• 135 https://github.com/mantvydasb/Red-Team-Infrastructure-Automation
• 136 https://github.com/Mr-Un1k0d3r/MaliciousClickOnceGenerator
• 137 https://github.com/aadityapurani/NodeJS-Red-Team-Cheat-Sheet
• 138 https://github.com/Marshall-Hallenbeck/red_team_attack_lab
• 139 https://github.com/RoseSecurity/Red-Teaming-TTPs
• 140 https://github.com/hassan0x/ReconHunter
• 141 https://github.com/netbiosX/Checklists
• 142 https://github.com/yadox666/The-Hackers-Hardware-Toolkit
• 143 https://github.com/Agahlot/RTFM
• 144 https://github.com/Trusted-AI/adversarial-robustness-toolbox
• 145 https://github.com/michaelweber/Macrome
• 146 https://github.com/nettitude/PoshC2
• 147 https://github.com/morph3/Windows-Red-Team-Cheat-Sheet
• 148 https://github.com/mgeeky/RedWarden
• 149 https://github.com/chr0n1k/AH2021Workshop
• 150 https://github.com/h3ll0clar1c3/CRTO
• 151 https://github.com/Bashfuscator/Bashfuscator
• 152 https://github.com/0xMrNiko/Awesome-Red-Teaming
• 153 https://github.com/ihebski/DefaultCreds-cheat-sheet
• 154 https://github.com/redcanaryco/invoke-atomicredteam
• 155 https://github.com/Azure/Stormspotter
• 156 https://github.com/dutchcoders/ares
• 157 https://github.com/CredDefense/CredDefense
• 158 https://github.com/d4rk007/RedGhost
• 159 https://github.com/ihamburglar/Redboto
• 160 https://github.com/edoardottt/awesome-hacker-search-engines
• 161 https://github.com/ztgrace/pwnboard
• 162 https://github.com/QAX-A-Team/openssh-7.6p1-patch
• 163 https://github.com/CyberSecurityUP/Red-Team-Management
• 164 https://github.com/tonghuaroot/Awesome-macOS-Red-Teaming
• 165 https://github.com/ring0lab/catphish
• 166 https://github.com/0x727/AggressorScripts_0x727
• 167 https://github.com/arkhitech/redmine_mentions
• 168 https://github.com/ryanmrestivo/red-team

Para termux: https://github.com/mishakorzik/AllHackingTools

Esta es una recopilación de herramientas que fue creada a partir de listas de estos autores

• https://www.linkedin.com/in/laurent-minne/
• https://www.linkedin.com/in/adastra1/
• https://www.linkedin.com/in/patriblasco/