Awesome Hacking

A curated list of awesome Hacking. Inspired by awesome-machine-learning

If you want to contribute to this list (please do), send me a pull request or contact me @carpedm20

For a list of free hacking books available for download, go here

Table of Contents

• System
  • Tutorials
  • Tools
  • Docker
  • General
• Reverse Engineering
  • Tutorials
  • Tools
  • General
• Web
  • Tools
  • General
• Network
  • Tools
• Forensic
  • Tools
• Cryptography
  • Tools
• Wargame
  • System
  • Reverse Engineering
  • Web
  • Cryptography
  • Bug bounty
• CTF
  • Competition
  • General
• OS
  • Online resources
• Post exploitation
  • tools
• ETC

System

Tutorials

• Corelan Team's Exploit writing tutorial
• Exploit Writing Tutorials for Pentesters
• Understanding the basics of Linux Binary Exploitation

Tools

• Metasploit A computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.
• mimikatz - A little tool to play with Windows security

Docker Images for Penetration Testing & Security

• docker pull kalilinux/kali-linux-docker official Kali Linux
• docker pull owasp/zap2docker-stable - official OWASP ZAP
• docker pull wpscanteam/wpscan - official WPScan
• docker pull pandrew/metasploit - docker-metasploit
• docker pull citizenstig/dvwa - Damn Vulnerable Web Application (DVWA)
• docker pull wpscanteam/vulnerablewordpress - Vulnerable WordPress Installation
• docker pull hmlio/vaas-cve-2014-6271 - Vulnerability as a service: Shellshock
• docker pull hmlio/vaas-cve-2014-0160 - Vulnerability as a service: Heartbleed
• docker pull opendns/security-ninjas - Security Ninjas
• docker pull usertaken/archlinux-pentest-lxde - Arch Linux Penetration Tester
• docker pull diogomonica/docker-bench-security - Docker Bench for Security
• docker pull ismisepaul/securityshepherd - OWASP Security Shepherd
• docker pull danmx/docker-owasp-webgoat - OWASP WebGoat Project docker image
• docker-compose build && docker-compose up - OWASP NodeGoat
• docker pull citizenstig/nowasp - OWASP Mutillidae II Web Pen-Test Practice Application
• docker pull bkimminich/juice-shop - OWASP Juice Shop

General

• Exploit database - An ultimate archive of exploits and vulnerable software

Reverse Engineering

Tutorials

• Lenas Reversing for Newbies
• Malware Analysis Tutorials: a Reverse Engineering Approach

Tools

Disassemblers and debuggers

• IDA - IDA is a Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger
• OllyDbg - A 32-bit assembler level analysing debugger for Windows
• x64dbg - An open-source x64/x32 debugger for Windows
• radare2 - A portable reversing framework
• plasma - Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.
• ScratchABit - Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API
• Capstone

Decompilers

• JVM-based languages

• Krakatau - the best decompiler I have used. Is able to decompile apps written in Scala and Kotlin into Java code. JD-GUI and Luyten have failed to do it fully.

• JD-GUI

• procyon

  • Luyten - one of the best, though a bit slow, hangs on some binaries and not very well maintained.

• JAD - JAD Java Decompiler (closed-source, unmaintained)

• JADX - a decompiler for Android apps. Not related to JAD.

• .net-based languages

  • dotPeek - a free-of-charge .NET decompiler from JetBrains
  • ILSpy - an open-source .NET assembly browser and decompiler
  • dnSpy - .NET assembly editor, decompiler, and debugger

• native code

  • Hopper - A OS X and Linux Disassembler/Decompiler for 32/64-bit Windows/Mac/Linux/iOS executables.
  • cutter - a decompiler based on radare2.
  • retdec
  • snowman
  • Hex-Rays

Deobfuscators

• de4dot - .NET deobfuscator and unpacker.
• JS Beautifier
• JS Nice - a web service guessing JS variables names and types based on the model derived from open source.

Other

• nudge4j - Java tool to let the browser talk to the JVM
• dex2jar - Tools to work with Android .dex and Java .class files
• androguard - Reverse engineering, malware and goodware analysis of Android applications
• antinet - .NET anti-managed debugger and anti-profiler code
• UPX - the Ultimate Packer (and unpacker) for eXecutables

Execution logging and tracing

• Wireshark - A free and open-source packet analyzer
• tcpdump - A powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture
• mitmproxy - An interactive, SSL-capable man-in-the-middle proxy for HTTP with a console interface
• Charles Proxy - A cross-platform GUI web debugging proxy to view intercepted HTTP and HTTPS/SSL live traffic
• usbmon - USB capture for Linux.
• USBPcap - USB capture for Windows.
• dynStruct - structures recovery via dynamic instrumentation.
• drltrace - shared library calls tracing.

Binary files examination and editing

Hex editors

• HxD - A hex editor which, additionally to raw disk editing and modifying of main memory (RAM), handles files of any size
• WinHex - A hexadecimal editor, helpful in the realm of computer forensics, data recovery, low-level data processing, and IT security
• wxHexEditor
• Synalize It/Hexinator -

Other

• Binwalk - Detects signatures, unpacks archives, visualizes entropy.
• Veles - a visualizer for statistical properties of blobs.
• Kaitai Struct - a DSL for creating parsers in a variety of programming languages. The Web IDE is particulary useful fir reverse-engineering.
• Protobuf inspector
• DarunGrim - executable differ.
• DBeaver - a DB editor.
• Dependencies - a FOSS replacement to Dependency Walker.
• PEview - A quick and easy way to view the structure and content of 32-bit Portable Executable (PE) and Component Object File Format (COFF) files
• BinText - A small, very fast and powerful text extractor that will be of particular interest to programmers.

General

• Open Malware

Web

Tools

• sqlmap - Automatic SQL injection and database takeover tool
• NoSQLMap - Automated NoSQL database enumeration and web application exploitation tool.
• tools.web-max.ca - base64 base85 md4,5 hash, sha1 hash encoding/decoding
• VHostScan - A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages.
• SubFinder - SubFinder is a subdomain discovery tool that discovers valid subdomains for any target using passive online sources.
• badtouch - Scriptable network authentication cracker

General

• Strong node.js - An exhaustive checklist to assist in the source code security analysis of a node.js web service.

Network

Tools

• NetworkMiner - A Network Forensic Analysis Tool (NFAT)
• Paros - A Java-based HTTP/HTTPS proxy for assessing web application vulnerability
• pig - A Linux packet crafting tool
• ZAP - The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications
• mitmsocks4j - Man-in-the-middle SOCKS Proxy for Java
• ssh-mitm - An SSH/SFTP man-in-the-middle tool that logs interactive sessions and passwords.
• nmap - Nmap (Network Mapper) is a security scanner
• Aircrack-ng - An 802.11 WEP and WPA-PSK keys cracking program
• Nipe - A script to make Tor Network your default gateway.
• Habu - Python Network Hacking Toolkit
• Wifi Jammer - Free program to jam all wifi clients in range
• Firesheep - Free program for HTTP session hijacking attacks.
• Scapy - A Python tool and library for low level packet creation and manipulation
• Amass - In-depth subdomain enumeration tool that performs scraping, recursive brute forcing, crawling of web archives, name altering and reverse DNS sweeping
• sniffglue - Secure multithreaded packet sniffer

Forensic

Tools

• Autopsy - A digital forensics platform and graphical interface to The Sleuth Kit and other digital forensics tools
• sleuthkit - A library and collection of command-line digital forensics tools
• EnCase - The shared technology within a suite of digital investigations products by Guidance Software
• malzilla - Malware hunting tool

Cryptography

Tools

• xortool - A tool to analyze multi-byte XOR cipher
• John the Ripper - A fast password cracker
• Aircrack - Aircrack is 802.11 WEP and WPA-PSK keys cracking program.

Wargame

System

• OverTheWire - Semtex
• OverTheWire - Vortex
• OverTheWire - Drifter
• pwnable.kr - Provide various pwn challenges regarding system security
• Exploit Exercises - Nebula
• SmashTheStack

Reverse Engineering

• Reversing.kr - This site tests your ability to Cracking & Reverse Code Engineering
• CodeEngn - (Korean)
• simples.kr - (Korean)
• Crackmes.de - The world first and largest community website for crackmes and reversemes.

Web

• Hack This Site! - a free, safe and legal training ground for hackers to test and expand their hacking skills
• Hack The Box - a free site to perform pentesting in a variety of different systems.
• Webhacking.kr
• 0xf.at - a website without logins or ads where you can solve password-riddles (so called hackits).
• Gruyere
• Others

Cryptography

• OverTheWire - Krypton

Bug bounty

• Awesome bug bounty resources by EdOverflow

Bug bounty - Earn Some Money

• Bugcrowd
• Hackerone

CTF

Competition

• DEF CON
• CSAW CTF
• hack.lu CTF
• Pliad CTF
• RuCTFe
• Ghost in the Shellcode
• PHD CTF
• SECUINSIDE CTF
• Codegate CTF
• Boston Key Party CTF
• ZeroDays CTF
• Insomni’hack
• Pico CTF
• prompt(1) to win - XSS Challeges

General

• Hack+ - An Intelligent network of bots that fetch the latest InfoSec content.
• CTFtime.org - All about CTF (Capture The Flag)
• WeChall
• CTF archives (shell-storm)
• Rookit Arsenal - OS RE and rootkit development
• Pentest Cheat Sheets - Collection of cheat sheets useful for pentesting
• Movies For Hackers - A curated list of movies every hacker & cyberpunk must watch.

OS

Online resources

• Security related Operating Systems @ Rawsec - Complete list of security related operating systems
• Best Linux Penetration Testing Distributions @ CyberPunk - Description of main penetration testing distributions
• Security @ Distrowatch - Website dedicated to talking about, reviewing and keeping up to date with open source operating systems

Post exploitation

tools

• empire - A post exploitation framework for powershell and python.
• silenttrinity - A post exploitation tool that uses iron python to get past powershell restrictions.

ETC

• SecTools - Top 125 Network Security Tools