Parrot – Distribution similar to Kali, with multiple architecture.
Buscador – GNU/Linux virtual machine that is pre-configured for online investigators.
Fedora Security Lab – Provides a safe test environment to work on security auditing, forensics, system rescue and teaching security testing methodologies.
The Pentesters Framework – Distro organized around the Penetration Testing Execution Standard (PTES), providing a curated collection of utilities that eliminates often unused toolchains.
dnschef – Highly configurable DNS proxy for pentesters.
DNSDumpster – Online DNS recon and search service.
CloudFail – Unmask server IP addresses hidden behind Cloudflare by searching old database records and detecting misconfigured DNS.
dnsenum – Perl script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack, and then performs reverse look-ups on the results.
tls_prober – Fingerprint a server’s SSL/TLS implementation.
Web exploitation
OWASP Zed Attack Proxy (ZAP) – Feature-rich, scriptable HTTP intercepting proxy and fuzzer for penetration testing web applications.
Fiddler – Free cross-platform web debugging proxy with user-friendly companion tools.
Burp Suite – Integrated platform for performing security testing of web applications.
autochrome – Easy to install a test browser with all the appropriate setting needed for web application testing with native Burp support, from NCCGroup.
WordPress Exploit Framework – Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems.
WPSploit – Exploit WordPress-powered websites with Metasploit.
SQLmap – Automatic SQL injection and database takeover tool.
tplmap – Automatic server-side template injection and Web server takeover tool.
Kaitai Struct – File formats and network protocols dissection language and web IDE, generating parsers in C++, C#, Java, JavaScript, Perl, PHP, Python, Ruby.
Veles – Binary data visualization and analysis tool.
Hachoir – Python library to view and edit a binary stream as tree of fields and tools for metadata extraction.
UFONet – Abuses OSI layer 7 HTTP to create/manage ‘zombies’ and to conduct different attacks using; GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.
社会工程学工具
Social Engineer Toolkit (SET) – Open source pentesting framework designed for social engineering featuring a number of custom attack vectors to make believable attacks quickly.
King Phisher – Phishing campaign toolkit used for creating and managing multiple simultaneous phishing attacks with custom email and server content.
Evilginx – MITM attack framework used for phishing credentials and session cookies from any Web service.
wifiphisher – Automated phishing attacks against WiFi networks.
Catphish – Tool for phishing and corporate espionage written in Ruby.
逆向分析工具
IDA Pro – Windows, GNU/Linux or macOS hosted multi-processor disassembler and debugger.
National Vulnerability Database (NVD) – United States government’s National Vulnerability Database provides additional meta-data (CPE, CVSS scoring) of the standard CVE List along with a fine-grained search engine.
US-CERT Vulnerability Notes Database – Summaries, technical details, remediation information, and lists of vendors affected by software vulnerabilities, aggregated by the United States Computer Emergency Response Team (US-CERT).
Full-Disclosure – Public, vendor-neutral forum for detailed discussion of vulnerabilities, often publishes details before many other sources.
Bugtraq (BID) – Software security bug identification database compiled from submissions to the SecurityFocus mailing list and other sources, operated by Symantec, Inc.
Exploit-DB – Non-profit project hosting exploits for software vulnerabilities, provided as a public service by Offensive Security.
Microsoft Security Bulletins – Announcements of security issues discovered in Microsoft software, published by the Microsoft Security Response Center (MSRC).
Packet Storm – Compendium of exploits, advisories, tools, and other security-related resources aggregated from across the industry.
CXSecurity – Archive of published CVE and Bugtraq software vulnerabilities cross-referenced with a Google dork database for discovering the listed vulnerability.
SecuriTeam – Independent source of software vulnerability information.
Vulnerability Lab – Open forum for security advisories organized by category of exploit target.
Zero Day Initiative – Bug bounty program with publicly accessible archive of published security advisories, operated by TippingPoint.
Vulners – Security database of software vulnerabilities.
Inj3ct0r (Onion service) – Exploit marketplace and vulnerability information aggregator.
CTF Field Guide – Everything you need to win your next CTF competition.
ARIZONA CYBER WARFARE RANGE – 24×7 live fire exercises for beginners through real world operations; capability for upward progression into the real world of cyber warfare.
Cybrary – Free courses in ethical hacking and advanced penetration testing. Advanced penetration testing courses are based on the book ‘Penetration Testing for Highly Secured Enviroments’.
Computer Security Student – Many free tutorials, great for beginners, $10/mo membership unlocks all content.
