├── .gitignore
├── README.md
└── images
    └── hand_logo_black.png


/.gitignore:
--------------------------------------------------------------------------------
1 | .idea/*


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | # **Penetrum LLC** <img src="https://penetrum.com/res/img/hand_logo_black.png" width=50 height=50 />
  2 | 
  3 | ###### Contact information: <br> Email: contact@penetrum.com <br> Phone Number: +1 (703) 268-4350
  4 | 
  5 | ----
  6 | 
  7 | Here at Penetrum LLC we are strong believers in the opensource community. We think knowledge should be free and everyone should have the best tools to do the job at their fingertips. Everyone should have affordable security at all times, and should be able to protect their presences and assets online without having to pay for it. That's why we decided to come up with a list of tools to help with security implementations, auditing, penetration testing, server management, and much more. Enjoy!
  8 |   
  9 |   
 10 | - Project Management: 
 11 | 	- Trello https://trello.com/en-US
 12 | 	- MeisterTask https://www.meistertask.com/
 13 | 	- Wrike https://www.wrike.com/
 14 | 	- Bitrix24 https://www.bitrix24.com/
 15 | 	- Teamwork Projects https://www.teamwork.com/project-management-software/
 16 | 	- Todoist https://todoist.com/?lang=en
 17 | 	- Zenkit https://zenkit.com/en/
 18 | 	- Wekan https://wekan.github.io
 19 | 	- Taskade https://www.taskade.com
 20 | 	
 21 | - Asset Management/Supply Chain Management: 
 22 | 	- Snipe-IT https://github.com/snipe/snipe-it
 23 | 	- Ralph https://github.com/allegro/ralph
 24 | 	- Open Boxes https://github.com/openboxes/openboxes
 25 | 	- Spiceworks https://www.spiceworks.com
 26 | 	
 27 | - Vulnerability Management:
 28 | 	- Faraday https://github.com/infobyte/faraday
 29 | 	- Archery Sec https://github.com/archerysec/archerysec
 30 | 	- Jackhammer https://github.com/olacabs/jackhammer
 31 | 	- Watchdog https://github.com/flipkart-incubator/watchdog
 32 | 	- OpenVAS https://sectools.org/tool/openvas/
 33 | 	
 34 | - Containter Related Scanning: 
 35 | 	- Trivy https://github.com/knqyf263/trivy
 36 | 	
 37 | - Docker UI: 
 38 |     - Cockpit Docker https://cockpit-project.org/guide/133/feature-docker.html
 39 |     - lazydocker https://github.com/jesseduffield/lazydocker/blob/master/README.md
 40 | 	
 41 | 
 42 | - Configuration Management: 
 43 | 	- MGMT https://github.com/purpleidea/mgmt 
 44 | 	- Chef https://downloads.chef.io/
 45 | 	- Puppet https://puppet.com/download-open-source-puppet
 46 | 	- CFengine https://cfengine.com/product/free-download/
 47 | 	- Juju https://github.com/juju/juju
 48 | 	- Rudder https://www.rudder.io/en/
 49 | 	- Ansible https://www.ansible.com/
 50 | 	- Terraform https://www.terraform.io/downloads.html
 51 | 	- Vagrant https://www.vagrantup.com/downloads
 52 | 	- Bcfg2 http://bcfg2.org/download/
 53 | 	- Saltstack https://www.saltstack.com
 54 | 	- Cockpit https://cockpit-project.org/
 55 | 	
 56 | - SIEM: 
 57 | 	- OSSEC https://www.ossec.net/
 58 | 	- WAZUH  https://wazuh.com/
 59 | 	- ZEEK  https://www.zeek.org/
 60 | 	- EventLog360 https://www.manageengine.com/log-management/download.html
 61 | 	- Alient Vault - OSSIM https://www.alienvault.com/products/ossim
 62 | 	
 63 | - VPN: 
 64 | 	- OpenVPN https://openvpn.net/
 65 | 	- Check out https://www.vpnbook.com/
 66 | 	- Libreswan VPN https://libreswan.org/
 67 | 	- strongSwan https://www.strongswan.org/
 68 | 	- OpenConnect http://www.infradead.org/openconnect/ 
 69 | 	- Social VPN http://ipop-project.org/
 70 | 	- SoftEther VPN https://www.softether.org/
 71 | 	- Tinc VPN http://www.tinc-vpn.org/
 72 | 	- Proton VPN https://protonvpn.com/
 73 | 
 74 | - End Point: 
 75 | 	- Redline https://www.fireeye.com/services/freeware/redline.html
 76 | 	
 77 | - Linux & Windows System Hardener: 
 78 | 	- Lynis https://github.com/CISOfy/lynis
 79 | 	- Microsoft Attack Surface Analyzer https://github.com/microsoft/AttackSurfaceAnalyzer
 80 | 	- Microsoft Baseline Security Analyzer https://www.microsoft.com/en-us/download/details.aspx?id=19892
 81 | 	- Bastille https://github.com/BastilleBSD/bastille
 82 | 	- JShielder https://github.com/Jsitech/JShielder
 83 | 	- nixarmor https://github.com/emirozer/nixarmor
 84 | 	- Zeus (AWS) https://github.com/DenizParlak/Zeus
 85 | 	- Docker-bench (Docker) https://github.com/docker/docker-bench-security
 86 | 
 87 | - Linux Login Protection: 
 88 | 	- Fail2Ban  https://www.fail2ban.org/
 89 | 	- DenyHosts https://github.com/denyhosts/denyhosts
 90 | 	- SSHGuard https://www.sshguard.net/
 91 | 
 92 | - IP Blacklists and Domains: 
 93 | 	- Ultimate.Hosts.Blacklist https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist
 94 | 	- IPSet Firehol https://github.com/firehol/blocklist-ipsets
 95 | 	- Project Honeypot https://www.projecthoneypot.org/list_of_ips.php
 96 | 	- CryptoLocker https://data.netlab.360.com/feeds/dga/cryptolocker.txt
 97 | 	- BadIPs https://www.badips.com/get/list/any/2?age=7d
 98 | 	
 99 | - Proxies: 
100 | 	- Squid Proxy http://www.squid-cache.org/
101 | 	- HAProxy http://www.haproxy.org/
102 | 	- Swiper Proxy https://swiperproxy.github.io/
103 | 	- DNSCrypt Proxy  https://github.com/jedisct1/dnscrypt-proxy
104 | 	- NGinx https://www.nginx.com
105 | 	- ThrottleProxy https://github.com/mistakster/throttle-proxy
106 | 	
107 | - Socks Server: 
108 | 	- Shadowsocks https://shadowsocks.org/
109 | 	- Dante https://github.com/notpeter/dante
110 | 	- microsocks https://github.com/rofl0r/microsocks
111 | 
112 | - HTTP Tunnel:
113 | 	- Tinyproxy https://tinyproxy.github.io/
114 | 	- mitmproxy https://mitmproxy.org/ < -- HTTPS 
115 | 	- OpenProxy https://openproxy.space/
116 | 	- Privoxy https://www.privoxy.org/
117 | 
118 | - FTP Proxy:
119 | 	- ftp.proxy http://www.ftpproxy.org/
120 | 	
121 | - DNS Proxy: 
122 | 	- dnsmasq  http://www.thekelleys.org.uk/dnsmasq/
123 | 
124 | - Server/Network Monitoring: 
125 | 	- Netdata https://github.com/netdata/netdata
126 | 	- Ganglia http://ganglia.info/
127 | 	- Spiceworks https://www.capterra.com/p/79191/Spiceworks-IT-Desktop/
128 | 	- Free Database Performance Analyzer https://www.solarwinds.com/free-tools/database-performance-analyzer-free?CMP=ORG-BLG-DNS
129 | 	- WMI Monitor https://www.solarwinds.com/free-tools/wmi-monitor?CMP=ORG-BLG-DNS
130 | 	- Wireshark https://www.wireshark.org
131 | 	- TCPDump 
132 | 	- NetMonitor https://www.microsoft.com/en-US/download/details.aspx?id=4865 
133 | 	- NetMiner - http://www.netminer.com/main/main-read.do
134 | 	- NetMon - https://www.nagios.org/downloads/
135 | 	- Wireless Network Watcher https://www.nirsoft.net/utils/wireless_network_watcher.html
136 | 	- AdapterWatch https://www.nirsoft.net/utils/awatch.html
137 | 	- DNSDataView https://www.nirsoft.net/utils/dns_records_viewer.html
138 | 	- MyLastSearch  https://www.nirsoft.net/utils/my_last_search.html
139 | 	- SniffPass https://www.nirsoft.net/utils/password_sniffer.html
140 | 	
141 | - Network Intrusion Detection System (NIDS): 
142 | 	- Bro Logs https://www.bro.org/
143 | 	- Snort https://github.com/snort3/snort3
144 | 	- Pulled Pork https://github.com/shirkdog/pulledpork
145 | 	- SSHGaurd https://github.com/atenart/sshguard
146 | 	- Suricata https://suricata-ids.org
147 | 	
148 | - Host Intrustion Detection System (HIDS): 
149 | 	- Tripwire https://github.com/Tripwire
150 | 	- Stealth https://github.com/fbb-git/stealth
151 | 	- Ossec	https://www.ossec.net
152 | 	- Samhain - https://la-samhna.de/samhain/s_download.html
153 | 	
154 | - Monitoring and Logging:
155 | 	- justniffer https://github.com/onotelli/justniffer
156 | 	- httpry https://github.com/jbittel/httpry
157 | 	- ngrep https://github.com/jpr5/ngrep
158 | 	- passivedns https://github.com/gamelinux/passivedns
159 | 	- sgan https://github.com/agrimgupta92/sgan
160 | 	- regshot https://sourceforge.net/projects/regshot/
161 | 	- greylog https://www.graylog.org/ 
162 | 	- Logstash https://www.elastic.co/products/logstash
163 | 	- Flume  https://flume.apache.org/
164 | 	- LOGalyze http://www.logalyze.com/
165 | 	- Syslog-ng https://www.syslog-ng.com/products/open-source-log-management/
166 | 	- Greylog2
167 | 	- Logstash
168 | 	- Lumberjack - https://sourceforge.net/projects/lumberjack/
169 | 	- RabbitMQ - https://www.rabbitmq.com/management-cli.html
170 | 	- ZeroMQ - http://zeromq.org
171 | 	
172 | - Anti-Virus: 
173 | 	- ClamAV https://www.clamav.net/
174 | 	- Sophos https://www.sophos.com/en-us/products/free-tools.aspx
175 | 	- F-Protection https://www.f-secure.com/us-en/home/products/anti-virus
176 | 	- Comodo https://personalfirewall.comodo.com/
177 | 	- 360 Total Security https://www.360totalsecurity.com/en/ 
178 | 	- PFSense https://www.pfsense.org/download/
179 | 	- CyberGod https://github.com/VISWESWARAN1998/CyberGod-KSGMPRH
180 | 	- Bank_Mitigation https://github.com/CoolerVoid/bank_mitigations
181 | 	- Fortress https://github.com/essandess/macOS-Fortress
182 | 	- PeekabooAV https://github.com/scVENUS/PeekabooAV
183 | 	
184 | - Anti-USB: 
185 | 	- USBKill https://github.com/hephaest0s/usbkill
186 | 	
187 | - Infrastructure Evaluation/Simulation: 
188 | 	- Infection Monkey https://www.guardicore.com/infectionmonkey/ 
189 | 	- Threatcare https://www.threatcare.com/
190 | 	- NeSSi2 http://www.nessi2.de/index.html
191 | 	- Caldera https://github.com/mitre/caldera
192 | 	- MalwLess https://github.com/n0dec/MalwLess
193 | 	
194 | 	
195 | - Malware Scans: 
196 | 	- RKHunter http://rkhunter.sourceforge.net/
197 | 	- GEMR http://www.gmer.net/
198 | 	- Rootkit Revealer https://docs.microsoft.com/en-us/sysinternals/downloads/rootkit-revealer
199 | 	- chkrootkit http://www.chkrootkit.org/
200 | 	- Magneto https://github.com/gwillem/magento-malware-scanner
201 | 	- Aibolit  https://github.com/gregzem/aibolit
202 | 	- Hijackthis  https://github.com/dragokas/hijackthis
203 | 	- Malware Finder https://github.com/HookJordan/MalwareFinder 
204 | 		
205 | 	
206 | -  Anti-Spam: 
207 | 	- Spam Assassins https://spamassassin.apache.org/
208 | 	- Mail Cleaner https://www.mailcleaner.org/
209 | 	- Scrollout http://www.scrolloutf1.com/
210 | 	- Proxmox https://www.proxmox.com/en/proxmox-mail-gateway
211 | 	- OrangeAssassin https://orangeassassin.org/
212 | 	- RSpamD https://rspamd.com/
213 | 	
214 | - Threat Intelligence: 
215 | 	- Inquest Labs https://labs.inquest.net/
216 | 	- abuse.ch https://abuse.ch/
217 | 	- Emerging Threats  https://rules.emergingthreats.net/
218 | 	- PhishTank https://www.phishtank.com/
219 | 	- AutoShun https://www.autoshun.org/
220 | 	- MISP - Open Source Threat Intelligence Platform  https://github.com/MISP/MISP
221 | 	- YETI https://yeti-platform.github.io/
222 | 	- MalC0de http://malc0de.com/dashboard/
223 | 	- Flight Sim Geerate Bad Traffic Flight https://github.com/alphasoc/flightsim
224 | 	- NSAuditor - https://download.cnet.com/Nsauditor-Network-Security-Auditor/3000-2653_4-10321567.html
225 | 	- MTA - Microsoft Threat Analyzer https://www.microsoft.com/en-us/download/details.aspx?id=44226
226 | 	- security-onion https://securityonion.net/
227 | 	- ActorTrackr https://github.com/jalewis/actortrackr
228 | 	- AiEngine https://gi thub.com/camp0/aiengine
229 | 	- Automater https://github.com/1aN0rmus/TekDefense-Automater
230 | 	- bro-intel-generator  https://github.com/exp0se/bro-intel-generator
231 | 	- GoatRider https://github.com/BinaryDefense/goatrider
232 | 	- Omnibus https://github.com/InQuest/omnibus
233 | 	- poortego https://github.com/mgeide/poortego
234 | 	- QRadio https://github.com/QTek/QRadio
235 | 	- Redline https://www.fireeye.com/services/freeware/redline.html
236 | 	- RITA https://github.com/activecm/rita
237 | 	- HostHunter https://github.com/SpiderLabs/HostHunter
238 | 	- Combine  https://github.com/mlsecproject/combine
239 | 	- Cyphon https://www.cyphon.io/
240 | 	
241 | - Web-Application Firewall: 
242 | 	- ModSecurity https://github.com/SpiderLabs/ModSecurity
243 | 	- NAXSI https://github.com/nbs-system/naxsi
244 | 	- sql_firewall https://github.com/uptimejp/sql_firewall
245 | 	- ironbee https://github.com/ironbee/ironbee
246 | 	- WebKnight https://www.aqtronix.com
247 | 	- Shadow Daemon - https://shadowd.zecure.org/overview/introduction/
248 | 	- W00fWaf https://github.com/EnableSecurity/wafw00f
249 | 	- OpenWAF https://github.com/titansec/OpenWAF
250 | 
251 | - Free Compliance Scaning:
252 | 	- OpenSCAP https://github.com/OpenSCAP
253 | 	
254 | - Disk Image Creation Tools: 
255 | 	- AccessData FTK Imager https://github.com/MrMugiwara/FTK-imager-OSX
256 | 	- Bitscout https://github.com/vitaly-kamluk/bitscout
257 | 	- GetData Forensic Imager http://www.forensicimager.com/
258 | 	- Magnet Acquire https://www.magnetforensics.com/products/magnet-acquire/
259 | 	- ODIN - http://odin-win.sourceforge.net/
260 | 	- CloneZilla http://clonezilla.org/
261 | 	
262 | 	
263 | - Network Analysis: 
264 |     - Xplico http://www.xplico.org/download
265 | 	- Spiceworks Inventory https://www.spiceworks.com/download/inventory/
266 | 	- GraphTool  https://graph-tool.skewed.de/
267 | 	- KeyPlayer https://cran.r-project.org/web/packages/keyplayer/index.html
268 | 	- NDTV https://cran.r-project.org/web/packages/ndtv/index.html
269 | 	- Walktrap https://www-complexnetworks.lip6.fr/~latapy/PP/walktrap.html
270 | 	- Connvitals https://github.com/Comcast/connvitals
271 | 	- IVRE https://ivre.rocks/
272 | 	
273 | - Evidence Collection: 
274 | 	- bulk_extractor https://github.com/simsong/bulk_extractor
275 | 	- cold disk quick response  https://github.com/orlikoski/CDQR
276 | 	- ir-rescue  https://github.com/diogo-fernan/ir-rescue
277 | 	- Grr https://github.com/google/grr
278 | 	- CimSweep https://github.com/PowerShellMafia/CimSweep
279 | 	- Encrypted Disk Collector https://www.magnetforensics.com/free-tool-encrypted-disk-detector/
280 | 	- Magnet RamCapture https://www.magnetforensics.com/free-tool-magnet-ram-capture/
281 | 	- Network Miner https://www.netresec.com/?page=NetworkMiner
282 | 	- NFI Defraser https://sourceforge.net/projects/defraser/
283 | 	- ExifTools https://www.sno.phy.queensu.ca/~phil/exiftool/
284 | 	- Toolsley https://www.toolsley.com/
285 | 	- DumpZilla https://www.dumpzilla.org/
286 | 	- Broswer History https://www.nirsoft.net/utils/browsing_history_view.html
287 | 	 
288 | - Log Analysis Tools
289 | 	- Lorg https://github.com/jensvoid/lorg 
290 | 	- Logdissect https://github.com/dogoncouch/logdissect
291 | 	- StreamAlert https://github.com/airbnb/streamalert
292 | 	- SysmonSearch https://github.com/JPCERTCC/SysmonSearch
293 | 
294 | - File System Analysis/Imager: 
295 | 	- The Sleuth Kit (+Autopsy) http://www.sleuthkit.org/
296 | 	- FTK Imager https://accessdata.com/product-download
297 | 	 
298 | - Metadata Analysis: 
299 | 	- Exiftool https://www.sno.phy.queensu.ca/~phil/exiftool/
300 | 	- JustMeta https://github.com/FortyNorthSecurity/Just-Metadata
301 |   - Collection https://github.com/metadatacenter/metadata-analysis-tools
302 |   - TensorFlow Based https://github.com/tensorflow/metadata 
303 |   
304 | - Memory Analysis Tools: 
305 | 	- Evolve  https://github.com/JamesHabben/evolve
306 | 	- LiME https://github.com/504ensicsLabs/LiME
307 | 	- Volatility https://www.volatilityfoundation.org/
308 | 	- VolDiff https://github.com/aim4r/VolDiff
309 | 	- WindowsSCOPE  http://www.windowsscope.com/
310 | 
311 | - Memory Imaging Tools:
312 | 	- Belkasoft Live RAM Capturer https://belkasoft.com/ram-capturer
313 | 	- Linux Memory Grabber https://github.com/halpomeranz/lmg
314 | 	- Magnet RAM Capture  https://www.magnetforensics.com/resources/magnet-ram-capture/
315 | 	- OSForensics https://www.osforensics.com/download.html
316 | 	- Memoryze https://www.fireeye.com/services/freeware/memoryze.html
317 | 	- RAMMap https://docs.microsoft.com/en-us/sysinternals/downloads/rammap
318 | 
319 | - MSSP: 
320 | 	- TheHive  https://github.com/TheHive-Project/TheHive
321 | 
322 | - OSX Evidence Collection: 
323 | 	- Knocknock https://github.com/synack/knockknock
324 | 	- mscOS Artifact Parsing Tool (mac_apt)
325 | 	- OSX Auditor https://github.com/jipegit/OSXAuditor
326 | 	- OSX Collector https://github.com/Yelp/osxcollector
327 | 	- Shims (SDB Parser) https://tzworks.net/prototype_page.php?proto_id=33
328 | 	- SDB-Explorer https://github.com/evil-e/sdb-explorer
329 | 
330 | 
331 | - Incident Response Operating System:
332 | 	- DEFT http://www.deftlinux.net/download/
333 | 	- Plainsight http://www.plainsight.info/download.html
334 | 	- HBCD https://www.hirensbootcd.org/download/
335 | 	
336 | - Sandbox: 
337 | 	- Falcon Sandbox https://github.com/PayloadSecurity/VxAPI
338 | 	- Spender Sandbox https://github.com/spender-sandbox
339 | 	- Sandboxie https://www.sandboxie.com/DownloadSandboxie
340 | 	
341 | 	
342 | - Automated Triaging: 
343 | 	- PE Studio https://www.winitor.com/
344 | 	- FAME - https://github.com/certsocietegenerale/fame
345 | 	- VIPER https://github.com/viper-framework/viper
346 | 	- MalwOverview https://github.com/alexandreborges/malwoverview
347 | 
348 | - Online Sandbox: 
349 |     - Malcore https://penetrum.com/upload
350 | 	- Any.run https://any.run/ 
351 | 	- Hybrid-Analysis https://www.hybrid-analysis.com/
352 | 	
353 | - IOC Scanner: 
354 | 	- Fenrir  https://github.com/Neo23x0/Fenrir
355 | 	- Forager https://github.com/opensourcesec/Forager
356 | 	- Loki https://github.com/Neo23x0/Loki
357 | 	- Fast IR https://github.com/SekoiaLab/Fastir_Collector 
358 | 	- Zimmermans Toolkit https://ericzimmerman.github.io/#!index.md
359 | 	- Didier Stevens Toolkit https://blog.didierstevens.com/my-software/
360 | 	
361 | - DNS:
362 | 	- Bind https://www.isc.org/downloads/bind/
363 | 	- djbdns http://cr.yp.to/djbdns.html
364 | 	- Designate - https://wiki.openstack.org/wiki/Designate
365 | 	- dnsmasq - http://www.thekelleys.org.uk/dnsmasq/doc.html
366 | 	- knot - https://www.knot-dns.cz/ 
367 | 


--------------------------------------------------------------------------------
/images/hand_logo_black.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Penetrum-Security/Security-List/f0e23527a866751d3dc3b8bec476e84fbddd520b/images/hand_logo_black.png


--------------------------------------------------------------------------------