├── LICENSE
└── README.md


/LICENSE:
--------------------------------------------------------------------------------
  1 |                     GNU GENERAL PUBLIC LICENSE
  2 |                        Version 3, 29 June 2007
  3 | 
  4 |  Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
  5 |  Everyone is permitted to copy and distribute verbatim copies
  6 |  of this license document, but changing it is not allowed.
  7 | 
  8 |                             Preamble
  9 | 
 10 |   The GNU General Public License is a free, copyleft license for
 11 | software and other kinds of works.
 12 | 
 13 |   The licenses for most software and other practical works are designed
 14 | to take away your freedom to share and change the works.  By contrast,
 15 | the GNU General Public License is intended to guarantee your freedom to
 16 | share and change all versions of a program--to make sure it remains free
 17 | software for all its users.  We, the Free Software Foundation, use the
 18 | GNU General Public License for most of our software; it applies also to
 19 | any other work released this way by its authors.  You can apply it to
 20 | your programs, too.
 21 | 
 22 |   When we speak of free software, we are referring to freedom, not
 23 | price.  Our General Public Licenses are designed to make sure that you
 24 | have the freedom to distribute copies of free software (and charge for
 25 | them if you wish), that you receive source code or can get it if you
 26 | want it, that you can change the software or use pieces of it in new
 27 | free programs, and that you know you can do these things.
 28 | 
 29 |   To protect your rights, we need to prevent others from denying you
 30 | these rights or asking you to surrender the rights.  Therefore, you have
 31 | certain responsibilities if you distribute copies of the software, or if
 32 | you modify it: responsibilities to respect the freedom of others.
 33 | 
 34 |   For example, if you distribute copies of such a program, whether
 35 | gratis or for a fee, you must pass on to the recipients the same
 36 | freedoms that you received.  You must make sure that they, too, receive
 37 | or can get the source code.  And you must show them these terms so they
 38 | know their rights.
 39 | 
 40 |   Developers that use the GNU GPL protect your rights with two steps:
 41 | (1) assert copyright on the software, and (2) offer you this License
 42 | giving you legal permission to copy, distribute and/or modify it.
 43 | 
 44 |   For the developers' and authors' protection, the GPL clearly explains
 45 | that there is no warranty for this free software.  For both users' and
 46 | authors' sake, the GPL requires that modified versions be marked as
 47 | changed, so that their problems will not be attributed erroneously to
 48 | authors of previous versions.
 49 | 
 50 |   Some devices are designed to deny users access to install or run
 51 | modified versions of the software inside them, although the manufacturer
 52 | can do so.  This is fundamentally incompatible with the aim of
 53 | protecting users' freedom to change the software.  The systematic
 54 | pattern of such abuse occurs in the area of products for individuals to
 55 | use, which is precisely where it is most unacceptable.  Therefore, we
 56 | have designed this version of the GPL to prohibit the practice for those
 57 | products.  If such problems arise substantially in other domains, we
 58 | stand ready to extend this provision to those domains in future versions
 59 | of the GPL, as needed to protect the freedom of users.
 60 | 
 61 |   Finally, every program is threatened constantly by software patents.
 62 | States should not allow patents to restrict development and use of
 63 | software on general-purpose computers, but in those that do, we wish to
 64 | avoid the special danger that patents applied to a free program could
 65 | make it effectively proprietary.  To prevent this, the GPL assures that
 66 | patents cannot be used to render the program non-free.
 67 | 
 68 |   The precise terms and conditions for copying, distribution and
 69 | modification follow.
 70 | 
 71 |                        TERMS AND CONDITIONS
 72 | 
 73 |   0. Definitions.
 74 | 
 75 |   "This License" refers to version 3 of the GNU General Public License.
 76 | 
 77 |   "Copyright" also means copyright-like laws that apply to other kinds of
 78 | works, such as semiconductor masks.
 79 | 
 80 |   "The Program" refers to any copyrightable work licensed under this
 81 | License.  Each licensee is addressed as "you".  "Licensees" and
 82 | "recipients" may be individuals or organizations.
 83 | 
 84 |   To "modify" a work means to copy from or adapt all or part of the work
 85 | in a fashion requiring copyright permission, other than the making of an
 86 | exact copy.  The resulting work is called a "modified version" of the
 87 | earlier work or a work "based on" the earlier work.
 88 | 
 89 |   A "covered work" means either the unmodified Program or a work based
 90 | on the Program.
 91 | 
 92 |   To "propagate" a work means to do anything with it that, without
 93 | permission, would make you directly or secondarily liable for
 94 | infringement under applicable copyright law, except executing it on a
 95 | computer or modifying a private copy.  Propagation includes copying,
 96 | distribution (with or without modification), making available to the
 97 | public, and in some countries other activities as well.
 98 | 
 99 |   To "convey" a work means any kind of propagation that enables other
100 | parties to make or receive copies.  Mere interaction with a user through
101 | a computer network, with no transfer of a copy, is not conveying.
102 | 
103 |   An interactive user interface displays "Appropriate Legal Notices"
104 | to the extent that it includes a convenient and prominently visible
105 | feature that (1) displays an appropriate copyright notice, and (2)
106 | tells the user that there is no warranty for the work (except to the
107 | extent that warranties are provided), that licensees may convey the
108 | work under this License, and how to view a copy of this License.  If
109 | the interface presents a list of user commands or options, such as a
110 | menu, a prominent item in the list meets this criterion.
111 | 
112 |   1. Source Code.
113 | 
114 |   The "source code" for a work means the preferred form of the work
115 | for making modifications to it.  "Object code" means any non-source
116 | form of a work.
117 | 
118 |   A "Standard Interface" means an interface that either is an official
119 | standard defined by a recognized standards body, or, in the case of
120 | interfaces specified for a particular programming language, one that
121 | is widely used among developers working in that language.
122 | 
123 |   The "System Libraries" of an executable work include anything, other
124 | than the work as a whole, that (a) is included in the normal form of
125 | packaging a Major Component, but which is not part of that Major
126 | Component, and (b) serves only to enable use of the work with that
127 | Major Component, or to implement a Standard Interface for which an
128 | implementation is available to the public in source code form.  A
129 | "Major Component", in this context, means a major essential component
130 | (kernel, window system, and so on) of the specific operating system
131 | (if any) on which the executable work runs, or a compiler used to
132 | produce the work, or an object code interpreter used to run it.
133 | 
134 |   The "Corresponding Source" for a work in object code form means all
135 | the source code needed to generate, install, and (for an executable
136 | work) run the object code and to modify the work, including scripts to
137 | control those activities.  However, it does not include the work's
138 | System Libraries, or general-purpose tools or generally available free
139 | programs which are used unmodified in performing those activities but
140 | which are not part of the work.  For example, Corresponding Source
141 | includes interface definition files associated with source files for
142 | the work, and the source code for shared libraries and dynamically
143 | linked subprograms that the work is specifically designed to require,
144 | such as by intimate data communication or control flow between those
145 | subprograms and other parts of the work.
146 | 
147 |   The Corresponding Source need not include anything that users
148 | can regenerate automatically from other parts of the Corresponding
149 | Source.
150 | 
151 |   The Corresponding Source for a work in source code form is that
152 | same work.
153 | 
154 |   2. Basic Permissions.
155 | 
156 |   All rights granted under this License are granted for the term of
157 | copyright on the Program, and are irrevocable provided the stated
158 | conditions are met.  This License explicitly affirms your unlimited
159 | permission to run the unmodified Program.  The output from running a
160 | covered work is covered by this License only if the output, given its
161 | content, constitutes a covered work.  This License acknowledges your
162 | rights of fair use or other equivalent, as provided by copyright law.
163 | 
164 |   You may make, run and propagate covered works that you do not
165 | convey, without conditions so long as your license otherwise remains
166 | in force.  You may convey covered works to others for the sole purpose
167 | of having them make modifications exclusively for you, or provide you
168 | with facilities for running those works, provided that you comply with
169 | the terms of this License in conveying all material for which you do
170 | not control copyright.  Those thus making or running the covered works
171 | for you must do so exclusively on your behalf, under your direction
172 | and control, on terms that prohibit them from making any copies of
173 | your copyrighted material outside their relationship with you.
174 | 
175 |   Conveying under any other circumstances is permitted solely under
176 | the conditions stated below.  Sublicensing is not allowed; section 10
177 | makes it unnecessary.
178 | 
179 |   3. Protecting Users' Legal Rights From Anti-Circumvention Law.
180 | 
181 |   No covered work shall be deemed part of an effective technological
182 | measure under any applicable law fulfilling obligations under article
183 | 11 of the WIPO copyright treaty adopted on 20 December 1996, or
184 | similar laws prohibiting or restricting circumvention of such
185 | measures.
186 | 
187 |   When you convey a covered work, you waive any legal power to forbid
188 | circumvention of technological measures to the extent such circumvention
189 | is effected by exercising rights under this License with respect to
190 | the covered work, and you disclaim any intention to limit operation or
191 | modification of the work as a means of enforcing, against the work's
192 | users, your or third parties' legal rights to forbid circumvention of
193 | technological measures.
194 | 
195 |   4. Conveying Verbatim Copies.
196 | 
197 |   You may convey verbatim copies of the Program's source code as you
198 | receive it, in any medium, provided that you conspicuously and
199 | appropriately publish on each copy an appropriate copyright notice;
200 | keep intact all notices stating that this License and any
201 | non-permissive terms added in accord with section 7 apply to the code;
202 | keep intact all notices of the absence of any warranty; and give all
203 | recipients a copy of this License along with the Program.
204 | 
205 |   You may charge any price or no price for each copy that you convey,
206 | and you may offer support or warranty protection for a fee.
207 | 
208 |   5. Conveying Modified Source Versions.
209 | 
210 |   You may convey a work based on the Program, or the modifications to
211 | produce it from the Program, in the form of source code under the
212 | terms of section 4, provided that you also meet all of these conditions:
213 | 
214 |     a) The work must carry prominent notices stating that you modified
215 |     it, and giving a relevant date.
216 | 
217 |     b) The work must carry prominent notices stating that it is
218 |     released under this License and any conditions added under section
219 |     7.  This requirement modifies the requirement in section 4 to
220 |     "keep intact all notices".
221 | 
222 |     c) You must license the entire work, as a whole, under this
223 |     License to anyone who comes into possession of a copy.  This
224 |     License will therefore apply, along with any applicable section 7
225 |     additional terms, to the whole of the work, and all its parts,
226 |     regardless of how they are packaged.  This License gives no
227 |     permission to license the work in any other way, but it does not
228 |     invalidate such permission if you have separately received it.
229 | 
230 |     d) If the work has interactive user interfaces, each must display
231 |     Appropriate Legal Notices; however, if the Program has interactive
232 |     interfaces that do not display Appropriate Legal Notices, your
233 |     work need not make them do so.
234 | 
235 |   A compilation of a covered work with other separate and independent
236 | works, which are not by their nature extensions of the covered work,
237 | and which are not combined with it such as to form a larger program,
238 | in or on a volume of a storage or distribution medium, is called an
239 | "aggregate" if the compilation and its resulting copyright are not
240 | used to limit the access or legal rights of the compilation's users
241 | beyond what the individual works permit.  Inclusion of a covered work
242 | in an aggregate does not cause this License to apply to the other
243 | parts of the aggregate.
244 | 
245 |   6. Conveying Non-Source Forms.
246 | 
247 |   You may convey a covered work in object code form under the terms
248 | of sections 4 and 5, provided that you also convey the
249 | machine-readable Corresponding Source under the terms of this License,
250 | in one of these ways:
251 | 
252 |     a) Convey the object code in, or embodied in, a physical product
253 |     (including a physical distribution medium), accompanied by the
254 |     Corresponding Source fixed on a durable physical medium
255 |     customarily used for software interchange.
256 | 
257 |     b) Convey the object code in, or embodied in, a physical product
258 |     (including a physical distribution medium), accompanied by a
259 |     written offer, valid for at least three years and valid for as
260 |     long as you offer spare parts or customer support for that product
261 |     model, to give anyone who possesses the object code either (1) a
262 |     copy of the Corresponding Source for all the software in the
263 |     product that is covered by this License, on a durable physical
264 |     medium customarily used for software interchange, for a price no
265 |     more than your reasonable cost of physically performing this
266 |     conveying of source, or (2) access to copy the
267 |     Corresponding Source from a network server at no charge.
268 | 
269 |     c) Convey individual copies of the object code with a copy of the
270 |     written offer to provide the Corresponding Source.  This
271 |     alternative is allowed only occasionally and noncommercially, and
272 |     only if you received the object code with such an offer, in accord
273 |     with subsection 6b.
274 | 
275 |     d) Convey the object code by offering access from a designated
276 |     place (gratis or for a charge), and offer equivalent access to the
277 |     Corresponding Source in the same way through the same place at no
278 |     further charge.  You need not require recipients to copy the
279 |     Corresponding Source along with the object code.  If the place to
280 |     copy the object code is a network server, the Corresponding Source
281 |     may be on a different server (operated by you or a third party)
282 |     that supports equivalent copying facilities, provided you maintain
283 |     clear directions next to the object code saying where to find the
284 |     Corresponding Source.  Regardless of what server hosts the
285 |     Corresponding Source, you remain obligated to ensure that it is
286 |     available for as long as needed to satisfy these requirements.
287 | 
288 |     e) Convey the object code using peer-to-peer transmission, provided
289 |     you inform other peers where the object code and Corresponding
290 |     Source of the work are being offered to the general public at no
291 |     charge under subsection 6d.
292 | 
293 |   A separable portion of the object code, whose source code is excluded
294 | from the Corresponding Source as a System Library, need not be
295 | included in conveying the object code work.
296 | 
297 |   A "User Product" is either (1) a "consumer product", which means any
298 | tangible personal property which is normally used for personal, family,
299 | or household purposes, or (2) anything designed or sold for incorporation
300 | into a dwelling.  In determining whether a product is a consumer product,
301 | doubtful cases shall be resolved in favor of coverage.  For a particular
302 | product received by a particular user, "normally used" refers to a
303 | typical or common use of that class of product, regardless of the status
304 | of the particular user or of the way in which the particular user
305 | actually uses, or expects or is expected to use, the product.  A product
306 | is a consumer product regardless of whether the product has substantial
307 | commercial, industrial or non-consumer uses, unless such uses represent
308 | the only significant mode of use of the product.
309 | 
310 |   "Installation Information" for a User Product means any methods,
311 | procedures, authorization keys, or other information required to install
312 | and execute modified versions of a covered work in that User Product from
313 | a modified version of its Corresponding Source.  The information must
314 | suffice to ensure that the continued functioning of the modified object
315 | code is in no case prevented or interfered with solely because
316 | modification has been made.
317 | 
318 |   If you convey an object code work under this section in, or with, or
319 | specifically for use in, a User Product, and the conveying occurs as
320 | part of a transaction in which the right of possession and use of the
321 | User Product is transferred to the recipient in perpetuity or for a
322 | fixed term (regardless of how the transaction is characterized), the
323 | Corresponding Source conveyed under this section must be accompanied
324 | by the Installation Information.  But this requirement does not apply
325 | if neither you nor any third party retains the ability to install
326 | modified object code on the User Product (for example, the work has
327 | been installed in ROM).
328 | 
329 |   The requirement to provide Installation Information does not include a
330 | requirement to continue to provide support service, warranty, or updates
331 | for a work that has been modified or installed by the recipient, or for
332 | the User Product in which it has been modified or installed.  Access to a
333 | network may be denied when the modification itself materially and
334 | adversely affects the operation of the network or violates the rules and
335 | protocols for communication across the network.
336 | 
337 |   Corresponding Source conveyed, and Installation Information provided,
338 | in accord with this section must be in a format that is publicly
339 | documented (and with an implementation available to the public in
340 | source code form), and must require no special password or key for
341 | unpacking, reading or copying.
342 | 
343 |   7. Additional Terms.
344 | 
345 |   "Additional permissions" are terms that supplement the terms of this
346 | License by making exceptions from one or more of its conditions.
347 | Additional permissions that are applicable to the entire Program shall
348 | be treated as though they were included in this License, to the extent
349 | that they are valid under applicable law.  If additional permissions
350 | apply only to part of the Program, that part may be used separately
351 | under those permissions, but the entire Program remains governed by
352 | this License without regard to the additional permissions.
353 | 
354 |   When you convey a copy of a covered work, you may at your option
355 | remove any additional permissions from that copy, or from any part of
356 | it.  (Additional permissions may be written to require their own
357 | removal in certain cases when you modify the work.)  You may place
358 | additional permissions on material, added by you to a covered work,
359 | for which you have or can give appropriate copyright permission.
360 | 
361 |   Notwithstanding any other provision of this License, for material you
362 | add to a covered work, you may (if authorized by the copyright holders of
363 | that material) supplement the terms of this License with terms:
364 | 
365 |     a) Disclaiming warranty or limiting liability differently from the
366 |     terms of sections 15 and 16 of this License; or
367 | 
368 |     b) Requiring preservation of specified reasonable legal notices or
369 |     author attributions in that material or in the Appropriate Legal
370 |     Notices displayed by works containing it; or
371 | 
372 |     c) Prohibiting misrepresentation of the origin of that material, or
373 |     requiring that modified versions of such material be marked in
374 |     reasonable ways as different from the original version; or
375 | 
376 |     d) Limiting the use for publicity purposes of names of licensors or
377 |     authors of the material; or
378 | 
379 |     e) Declining to grant rights under trademark law for use of some
380 |     trade names, trademarks, or service marks; or
381 | 
382 |     f) Requiring indemnification of licensors and authors of that
383 |     material by anyone who conveys the material (or modified versions of
384 |     it) with contractual assumptions of liability to the recipient, for
385 |     any liability that these contractual assumptions directly impose on
386 |     those licensors and authors.
387 | 
388 |   All other non-permissive additional terms are considered "further
389 | restrictions" within the meaning of section 10.  If the Program as you
390 | received it, or any part of it, contains a notice stating that it is
391 | governed by this License along with a term that is a further
392 | restriction, you may remove that term.  If a license document contains
393 | a further restriction but permits relicensing or conveying under this
394 | License, you may add to a covered work material governed by the terms
395 | of that license document, provided that the further restriction does
396 | not survive such relicensing or conveying.
397 | 
398 |   If you add terms to a covered work in accord with this section, you
399 | must place, in the relevant source files, a statement of the
400 | additional terms that apply to those files, or a notice indicating
401 | where to find the applicable terms.
402 | 
403 |   Additional terms, permissive or non-permissive, may be stated in the
404 | form of a separately written license, or stated as exceptions;
405 | the above requirements apply either way.
406 | 
407 |   8. Termination.
408 | 
409 |   You may not propagate or modify a covered work except as expressly
410 | provided under this License.  Any attempt otherwise to propagate or
411 | modify it is void, and will automatically terminate your rights under
412 | this License (including any patent licenses granted under the third
413 | paragraph of section 11).
414 | 
415 |   However, if you cease all violation of this License, then your
416 | license from a particular copyright holder is reinstated (a)
417 | provisionally, unless and until the copyright holder explicitly and
418 | finally terminates your license, and (b) permanently, if the copyright
419 | holder fails to notify you of the violation by some reasonable means
420 | prior to 60 days after the cessation.
421 | 
422 |   Moreover, your license from a particular copyright holder is
423 | reinstated permanently if the copyright holder notifies you of the
424 | violation by some reasonable means, this is the first time you have
425 | received notice of violation of this License (for any work) from that
426 | copyright holder, and you cure the violation prior to 30 days after
427 | your receipt of the notice.
428 | 
429 |   Termination of your rights under this section does not terminate the
430 | licenses of parties who have received copies or rights from you under
431 | this License.  If your rights have been terminated and not permanently
432 | reinstated, you do not qualify to receive new licenses for the same
433 | material under section 10.
434 | 
435 |   9. Acceptance Not Required for Having Copies.
436 | 
437 |   You are not required to accept this License in order to receive or
438 | run a copy of the Program.  Ancillary propagation of a covered work
439 | occurring solely as a consequence of using peer-to-peer transmission
440 | to receive a copy likewise does not require acceptance.  However,
441 | nothing other than this License grants you permission to propagate or
442 | modify any covered work.  These actions infringe copyright if you do
443 | not accept this License.  Therefore, by modifying or propagating a
444 | covered work, you indicate your acceptance of this License to do so.
445 | 
446 |   10. Automatic Licensing of Downstream Recipients.
447 | 
448 |   Each time you convey a covered work, the recipient automatically
449 | receives a license from the original licensors, to run, modify and
450 | propagate that work, subject to this License.  You are not responsible
451 | for enforcing compliance by third parties with this License.
452 | 
453 |   An "entity transaction" is a transaction transferring control of an
454 | organization, or substantially all assets of one, or subdividing an
455 | organization, or merging organizations.  If propagation of a covered
456 | work results from an entity transaction, each party to that
457 | transaction who receives a copy of the work also receives whatever
458 | licenses to the work the party's predecessor in interest had or could
459 | give under the previous paragraph, plus a right to possession of the
460 | Corresponding Source of the work from the predecessor in interest, if
461 | the predecessor has it or can get it with reasonable efforts.
462 | 
463 |   You may not impose any further restrictions on the exercise of the
464 | rights granted or affirmed under this License.  For example, you may
465 | not impose a license fee, royalty, or other charge for exercise of
466 | rights granted under this License, and you may not initiate litigation
467 | (including a cross-claim or counterclaim in a lawsuit) alleging that
468 | any patent claim is infringed by making, using, selling, offering for
469 | sale, or importing the Program or any portion of it.
470 | 
471 |   11. Patents.
472 | 
473 |   A "contributor" is a copyright holder who authorizes use under this
474 | License of the Program or a work on which the Program is based.  The
475 | work thus licensed is called the contributor's "contributor version".
476 | 
477 |   A contributor's "essential patent claims" are all patent claims
478 | owned or controlled by the contributor, whether already acquired or
479 | hereafter acquired, that would be infringed by some manner, permitted
480 | by this License, of making, using, or selling its contributor version,
481 | but do not include claims that would be infringed only as a
482 | consequence of further modification of the contributor version.  For
483 | purposes of this definition, "control" includes the right to grant
484 | patent sublicenses in a manner consistent with the requirements of
485 | this License.
486 | 
487 |   Each contributor grants you a non-exclusive, worldwide, royalty-free
488 | patent license under the contributor's essential patent claims, to
489 | make, use, sell, offer for sale, import and otherwise run, modify and
490 | propagate the contents of its contributor version.
491 | 
492 |   In the following three paragraphs, a "patent license" is any express
493 | agreement or commitment, however denominated, not to enforce a patent
494 | (such as an express permission to practice a patent or covenant not to
495 | sue for patent infringement).  To "grant" such a patent license to a
496 | party means to make such an agreement or commitment not to enforce a
497 | patent against the party.
498 | 
499 |   If you convey a covered work, knowingly relying on a patent license,
500 | and the Corresponding Source of the work is not available for anyone
501 | to copy, free of charge and under the terms of this License, through a
502 | publicly available network server or other readily accessible means,
503 | then you must either (1) cause the Corresponding Source to be so
504 | available, or (2) arrange to deprive yourself of the benefit of the
505 | patent license for this particular work, or (3) arrange, in a manner
506 | consistent with the requirements of this License, to extend the patent
507 | license to downstream recipients.  "Knowingly relying" means you have
508 | actual knowledge that, but for the patent license, your conveying the
509 | covered work in a country, or your recipient's use of the covered work
510 | in a country, would infringe one or more identifiable patents in that
511 | country that you have reason to believe are valid.
512 | 
513 |   If, pursuant to or in connection with a single transaction or
514 | arrangement, you convey, or propagate by procuring conveyance of, a
515 | covered work, and grant a patent license to some of the parties
516 | receiving the covered work authorizing them to use, propagate, modify
517 | or convey a specific copy of the covered work, then the patent license
518 | you grant is automatically extended to all recipients of the covered
519 | work and works based on it.
520 | 
521 |   A patent license is "discriminatory" if it does not include within
522 | the scope of its coverage, prohibits the exercise of, or is
523 | conditioned on the non-exercise of one or more of the rights that are
524 | specifically granted under this License.  You may not convey a covered
525 | work if you are a party to an arrangement with a third party that is
526 | in the business of distributing software, under which you make payment
527 | to the third party based on the extent of your activity of conveying
528 | the work, and under which the third party grants, to any of the
529 | parties who would receive the covered work from you, a discriminatory
530 | patent license (a) in connection with copies of the covered work
531 | conveyed by you (or copies made from those copies), or (b) primarily
532 | for and in connection with specific products or compilations that
533 | contain the covered work, unless you entered into that arrangement,
534 | or that patent license was granted, prior to 28 March 2007.
535 | 
536 |   Nothing in this License shall be construed as excluding or limiting
537 | any implied license or other defenses to infringement that may
538 | otherwise be available to you under applicable patent law.
539 | 
540 |   12. No Surrender of Others' Freedom.
541 | 
542 |   If conditions are imposed on you (whether by court order, agreement or
543 | otherwise) that contradict the conditions of this License, they do not
544 | excuse you from the conditions of this License.  If you cannot convey a
545 | covered work so as to satisfy simultaneously your obligations under this
546 | License and any other pertinent obligations, then as a consequence you may
547 | not convey it at all.  For example, if you agree to terms that obligate you
548 | to collect a royalty for further conveying from those to whom you convey
549 | the Program, the only way you could satisfy both those terms and this
550 | License would be to refrain entirely from conveying the Program.
551 | 
552 |   13. Use with the GNU Affero General Public License.
553 | 
554 |   Notwithstanding any other provision of this License, you have
555 | permission to link or combine any covered work with a work licensed
556 | under version 3 of the GNU Affero General Public License into a single
557 | combined work, and to convey the resulting work.  The terms of this
558 | License will continue to apply to the part which is the covered work,
559 | but the special requirements of the GNU Affero General Public License,
560 | section 13, concerning interaction through a network will apply to the
561 | combination as such.
562 | 
563 |   14. Revised Versions of this License.
564 | 
565 |   The Free Software Foundation may publish revised and/or new versions of
566 | the GNU General Public License from time to time.  Such new versions will
567 | be similar in spirit to the present version, but may differ in detail to
568 | address new problems or concerns.
569 | 
570 |   Each version is given a distinguishing version number.  If the
571 | Program specifies that a certain numbered version of the GNU General
572 | Public License "or any later version" applies to it, you have the
573 | option of following the terms and conditions either of that numbered
574 | version or of any later version published by the Free Software
575 | Foundation.  If the Program does not specify a version number of the
576 | GNU General Public License, you may choose any version ever published
577 | by the Free Software Foundation.
578 | 
579 |   If the Program specifies that a proxy can decide which future
580 | versions of the GNU General Public License can be used, that proxy's
581 | public statement of acceptance of a version permanently authorizes you
582 | to choose that version for the Program.
583 | 
584 |   Later license versions may give you additional or different
585 | permissions.  However, no additional obligations are imposed on any
586 | author or copyright holder as a result of your choosing to follow a
587 | later version.
588 | 
589 |   15. Disclaimer of Warranty.
590 | 
591 |   THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
592 | APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
593 | HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
594 | OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
595 | THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
596 | PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
597 | IS WITH YOU.  SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
598 | ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
599 | 
600 |   16. Limitation of Liability.
601 | 
602 |   IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
603 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
604 | THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
605 | GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
606 | USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
607 | DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
608 | PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
609 | EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
610 | SUCH DAMAGES.
611 | 
612 |   17. Interpretation of Sections 15 and 16.
613 | 
614 |   If the disclaimer of warranty and limitation of liability provided
615 | above cannot be given local legal effect according to their terms,
616 | reviewing courts shall apply local law that most closely approximates
617 | an absolute waiver of all civil liability in connection with the
618 | Program, unless a warranty or assumption of liability accompanies a
619 | copy of the Program in return for a fee.
620 | 
621 |                      END OF TERMS AND CONDITIONS
622 | 
623 |             How to Apply These Terms to Your New Programs
624 | 
625 |   If you develop a new program, and you want it to be of the greatest
626 | possible use to the public, the best way to achieve this is to make it
627 | free software which everyone can redistribute and change under these terms.
628 | 
629 |   To do so, attach the following notices to the program.  It is safest
630 | to attach them to the start of each source file to most effectively
631 | state the exclusion of warranty; and each file should have at least
632 | the "copyright" line and a pointer to where the full notice is found.
633 | 
634 |     <one line to give the program's name and a brief idea of what it does.>
635 |     Copyright (C) <year>  <name of author>
636 | 
637 |     This program is free software: you can redistribute it and/or modify
638 |     it under the terms of the GNU General Public License as published by
639 |     the Free Software Foundation, either version 3 of the License, or
640 |     (at your option) any later version.
641 | 
642 |     This program is distributed in the hope that it will be useful,
643 |     but WITHOUT ANY WARRANTY; without even the implied warranty of
644 |     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
645 |     GNU General Public License for more details.
646 | 
647 |     You should have received a copy of the GNU General Public License
648 |     along with this program.  If not, see <http://www.gnu.org/licenses/>.
649 | 
650 | Also add information on how to contact you by electronic and paper mail.
651 | 
652 |   If the program does terminal interaction, make it output a short
653 | notice like this when it starts in an interactive mode:
654 | 
655 |     <program>  Copyright (C) <year>  <name of author>
656 |     This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
657 |     This is free software, and you are welcome to redistribute it
658 |     under certain conditions; type `show c' for details.
659 | 
660 | The hypothetical commands `show w' and `show c' should show the appropriate
661 | parts of the General Public License.  Of course, your program's commands
662 | might be different; for a GUI interface, you would use an "about box".
663 | 
664 |   You should also get your employer (if you work as a programmer) or school,
665 | if any, to sign a "copyright disclaimer" for the program, if necessary.
666 | For more information on this, and how to apply and follow the GNU GPL, see
667 | <http://www.gnu.org/licenses/>.
668 | 
669 |   The GNU General Public License does not permit incorporating your program
670 | into proprietary programs.  If your program is a subroutine library, you
671 | may consider it more useful to permit linking proprietary applications with
672 | the library.  If this is what you want to do, use the GNU Lesser General
673 | Public License instead of this License.  But first, please read
674 | <http://www.gnu.org/philosophy/why-not-lgpl.html>.
675 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
   1 | Repository to index interesting Capture The Flag tools and other stuff.
   2 | 
   3 | * [Table of Contents](#table-of-contents)   
   4 |    - [Platforms to practice](#platforms-to-practice) 
   5 |    - [Cryptography](#cryptography)
   6 |         * [Main](#main)
   7 |         * [Secondary](#secondary)
   8 |         * [Hashes](#hashes)
   9 |         * [Esoteric Languages](#esoteric-languages)
  10 |    - [Steganography](#steganography)
  11 |    - [OSINT](#osint)
  12 |         * [Threat Hunting](#threat-hunting)
  13 |    - [Forensics](#forensics) 
  14 |    - [Reversing](#reversing)
  15 |    - [Exploiting](#exploiting) 
  16 |    - [Pentesting](#pentesting) 
  17 |         * [Recon](#recon)
  18 |         * [Web](#web)
  19 |         * [Exploit Database](#exploit-database)
  20 |         * [Docker](#docker)
  21 |         * [Credentials](#credentials)
  22 |         * [CVE Database Vulnerabilities](#CVE-Database-Vulnerabilities) 
  23 |         * [Exploitation](#exploitation)
  24 |         * [Active Directory](#active-directory)
  25 |         * [Privilege Escalation](#privilege-escalation)
  26 |           - [Windows](#windows)
  27 |           - [Linux](#linux)
  28 |         * [Legit binaries in a system](#legit-binaries-in-a-system)
  29 |         * [AV bypass](#av-bypass)
  30 |         * [Automatic Frameworks](#automatic-frameworks)
  31 |         * [Mobile](#mobile) 
  32 |         * [Wifi](#wifi)
  33 |         * [Utility](#utility)
  34 |    - [Malware](#malware)
  35 |         * [Online engines](#online-engines)     
  36 |         * [Distros to analyze malware](#distros-to-analyze-malware)
  37 |         * [Tools](#tools)
  38 |         * [Free AVs EDRs and sandboxes](#free-avs-edrs-and-sandboxes)
  39 |         * [Ransomware](#ransomware)
  40 |         * [APTs](#apts)
  41 |         * [Blogs and Information](#blogs-and-information)
  42 |    - [Utility](#utility-1)
  43 |    - [Wikis](#wikis)
  44 |    - [Write-Ups](#write-ups)
  45 |    - [Other tools](#other-tools)
  46 | 
  47 | ## Platforms to practice
  48 | 
  49 | https://ctftime.org/
  50 | 
  51 | https://www.hackthebox.eu/
  52 | 
  53 | https://atenea.ccn-cert.cni.es/home
  54 | 
  55 | https://tryhackme.com/
  56 | 
  57 | https://www.vulnhub.com/
  58 | 
  59 | * Web Hacking challenges: http://webhacking.kr/
  60 | 
  61 | * Platform for learning modern cryptography: https://cryptohack.org/
  62 | 
  63 | * Reversing platform: https://crackmes.one/
  64 | 
  65 | * Forensics Challenges: https://ctf.unizar.es/ && https://freetraining.dfirdiva.com/dfir-ctfs-challenges && https://socvel.com/
  66 | 
  67 | * PicoCTF: https://play.picoctf.org/login
  68 | 
  69 | * Blue team: https://letsdefend.io/
  70 | 
  71 | ## Cryptography
  72 | 
  73 | ### Main
  74 | 
  75 | https://gchq.github.io/CyberChef/
  76 | 
  77 | https://www.dcode.fr/tools-list#cryptography
  78 | 
  79 | * Cipher Identifier and Analyzer: https://www.boxentriq.com/code-breaking/cipher-identifier
  80 | 
  81 | * Data format identifier: https://geocaching.dennistreysa.de/multisolver/
  82 | 
  83 | ### Secondary
  84 | 
  85 | * Automated cryptogram solver (substitution) https://quipqiup.com/
  86 | 
  87 | * Frequency Analysis: https://crypto.interactive-maths.com/frequency-analysis-breaking-the-code.html
  88 | 
  89 | * Brute force Vigenere: https://guballa.de/vigenere-solver
  90 | 
  91 | * RsaCtfTool: https://github.com/Ganapati/RsaCtfTool
  92 | 
  93 | * Decrpyt emoji messages https://cryptoji.com/ & https://cryptii.com/pipes/morse-code-with-emojis
  94 | 
  95 | * Padding-oracle-attacker: https://github.com/KishanBagaria/padding-oracle-attacker
  96 | 
  97 | * Maritime signal flags dictionary: https://en.wikipedia.org/wiki/International_maritime_signal_flags
  98 | 
  99 | * Enigma: https://cryptii.com/
 100 | 
 101 | * Factoring: http://factordb.com/
 102 | 
 103 | * Cryptanalysis recopilation: https://github.com/mindcrypt/Cryptanalysis
 104 | 
 105 | http://rumkin.com/tools/cipher/
 106 | 
 107 | * Real time converter: https://kt.gy/tools.html#conv/ 
 108 | 
 109 | * Simple script to calculate the onion address from a Tor hidden service descriptor or public key: https://gist.github.com/DonnchaC/d6428881f451097f329e (you need to modify the line 14 for working properly "onion_address = hashlib.sha1(key.exportKey('DER')[22:]).digest()[:10]").
 110 | 
 111 | * Speech to text: https://speech-to-text-demo.ng.bluemix.net/
 112 | 
 113 | * Lyrics song: https://codewithrockstar.com/online
 114 | 
 115 | * Online generator md5 hash of a string: http://www.md5.cz/
 116 | 
 117 | ### Hashes
 118 | 
 119 | * Hash DB: https://crackstation.net/
 120 | 
 121 | * Dehashed: https://www.dehashed.com/
 122 | 
 123 | * Cracking Hashes: http://rainbowtables.it64.com/
 124 | 
 125 | * Hash DB: https://www.onlinehashcrack.com/
 126 | 
 127 | * Hash DB: https://md5decrypt.net/en/
 128 | 
 129 | * Hash DB: https://hashkiller.io/
 130 | 
 131 | * Hash DB: https://hashes.com/en/decrypt/hash
 132 | 
 133 | ### Esoteric Languages
 134 | 
 135 | * Ook! esoteric programming language decoder: https://www.dcode.fr/ook-language
 136 | 
 137 | * Brainfuck esoteric programming language decoder: https://www.dcode.fr/brainfuck-language
 138 | 
 139 | * Malboge esoteric programming language decoder: https://www.malbolge.doleczek.pl/
 140 | 
 141 | * COW esoteric programming language: https://frank-buss.de/cow.html
 142 | 
 143 | ## Steganography
 144 | 
 145 | * Exiftool
 146 | 
 147 | * Zsteg 
 148 | 
 149 | * Exiv2
 150 | 
 151 | * Identify -verbose file
 152 | 
 153 | * Magic Numbers Signatures: https://asecuritysite.com/forensics/magic && https://www.garykessler.net/library/file_sigs.html → Hexeditor
 154 | 
 155 | * Binwalk -e image
 156 | 
 157 | * Foremost -i image -o outdir
 158 | 
 159 | * Steghide: http://steghide.sourceforge.net/documentation/manpage_es.php (e.g: steghide extract -sf file , steghide info file)
 160 | 
 161 | * Stegseek: https://github.com/RickdeJager/stegseek (Better than Stegcracker)
 162 | 
 163 | * StegCracker: https://github.com/Paradoxis/StegCracker
 164 | 
 165 | * Deeper steganography analysis tool: https://aperisolve.fr/
 166 | 
 167 | * Spectrum Analyzer: https://academo.org/demos/spectrum-analyzer/
 168 | 
 169 | * Stegsolve: https://github.com/zardus/ctf-tools/blob/master/stegsolve/install (running: java -jar steg_solve.jar)
 170 | 
 171 | * Fourier Transform: http://bigwww.epfl.ch/demo/ip/demos/FFT/ && https://github.com/0xcomposure/FFTStegPic
 172 | 
 173 | * Digital invisible ink stego tool: https://sourceforge.net/projects/diit/
 174 | 
 175 | * Decoding files from 8-bit Atari turbo cassette tapes: https://github.com/baktragh/turbodecoder
 176 | 
 177 | https://incoherency.co.uk/image-steganography/#unhide
 178 | 
 179 | http://exif-viewer.com/
 180 | 
 181 | https://stegonline.georgeom.net/upload
 182 | 
 183 | https://stylesuxx.github.io/steganography/
 184 | 
 185 | https://skynettools.com/free-online-steganography-tools/
 186 | 
 187 | * Morse Code Adaptive Audio Decoder: https://morsecode.world/international/decoder/audio-decoder-adaptive.html
 188 | 
 189 | * Audacity (sudo apt-get install audacity) E.g: https://www.hackiit.cf/write-up-hackiit-ctf-biological-hazard-ii/
 190 | 
 191 | * AudioStego: https://github.com/danielcardeenas/AudioStego
 192 | 
 193 | * Analyze suspicious files and urls to detect stegomalware: https://stegoinspector.com/#/
 194 | 
 195 | * Aurebesh Translator: https://funtranslations.com/aurebesh
 196 | 
 197 | * Bitcoin Steganography: https://incoherency.co.uk/stegoseed/
 198 | 
 199 | * Mojibake Steganography: https://incoherency.co.uk/mojibake/
 200 | 
 201 | * Chess Steganography : https://incoherency.co.uk/chess-steg/
 202 | 
 203 | * Magic Eye Solver / Viewer: https://magiceye.ecksdee.co.uk/
 204 | 
 205 | * QR decoder: https://online-barcode-reader.inliteresearch.com/ && https://zxing.org/w/decode.jspx
 206 | 
 207 | * Stegosuite:  http://manpages.ubuntu.com/manpages/bionic/man1/stegosuite.1.html
 208 | 
 209 | * StegSpy: http://www.spy-hunter.com/stegspydownload.htm
 210 | 
 211 | * StegSecret: http://stegsecret.sourceforge.net/
 212 | 
 213 | * Openstego: https://www.openstego.com/
 214 | 
 215 | * Stegpic: https://domnit.org/stepic/doc/
 216 | 
 217 | * Bytehist: https://www.cert.at/en/downloads/software/software-bytehist
 218 | 
 219 | https://www.bertnase.de/npiet/npiet-execute.php
 220 | 
 221 | * Repair images: https://online.officerecovery.com/es/pixrecovery/
 222 | 
 223 | * Tool for recovering passwords from pixelized screenshots: https://github.com/beurtschipper/Depix
 224 | 
 225 | * Forensic Image Analysis: https://github.com/GuidoBartoli/sherloq
 226 | 
 227 | * Unicode Steganography with Zero-Width Characters: https://330k.github.io/misc_tools/unicode_steganography.html 
 228 | 
 229 | * Stegsnow(Zero-Width Characters): https://pentesttools.net/hide-secret-messages-in-text-using-stegsnow-zero-width-characters/
 230 | 
 231 | * SPAM language or PGP: https://www.spammimic.com/decode.shtml
 232 | 
 233 | * f5stegojs: https://desudesutalk.github.io/f5stegojs/
 234 | 
 235 | * Unshorten links: https://unshorten.it/
 236 | 
 237 | * PNG dump: https://blog.didierstevens.com/2022/04/18/new-tool-pngdump-py-beta/
 238 | 
 239 | ## OSINT
 240 | 
 241 | * Ip information: https://bgp.tools/
 242 | 
 243 | * Ip information: https://www.maxmind.com/en/geoip-demo
 244 | 
 245 | https://sitereport.netcraft.com/? && https://searchdns.netcraft.com/
 246 | 
 247 | * https://iocfeed.mrlooquer.com/
 248 | 
 249 | * https://www.ipaddress.com/
 250 | 
 251 | * GHDB (Google Hacking Database): https://www.exploit-db.com/google-hacking-database
 252 | 
 253 | * Google CheatSheet: https://gist.github.com/sundowndev/283efaddbcf896ab405488330d1bbc06
 254 | 
 255 | https://ciberpatrulla.com/links/
 256 | 
 257 | https://osintframework.com/
 258 | 
 259 | * Tools, flowcharts and cheatsheets to help you do your OSINT research:  https://technisette.com/p/tools
 260 | 
 261 | * Recopilation: https://osint.link/
 262 | 
 263 | * World domain DB: http://web.archive.org/ && https://archive.eu/
 264 | 
 265 | * DNS Search: https://dns.coffee/
 266 | 
 267 | * Cyber Defense Search: https://www.onyphe.io/
 268 | 
 269 | * Abuse Domain,IP: https://www.abuseipdb.com/
 270 | 
 271 | https://dns-lookup.jvns.ca/
 272 | 
 273 | https://www.greynoise.io/
 274 | 
 275 | https://www.brightcloud.com/tools/url-ip-lookup.php
 276 | 
 277 | * Reputation url checker: https://www.urlvoid.com/
 278 | 
 279 | * The search engine for the Internet of Things: https://www.shodan.io/ && All filters cheatseet: https://beta.shodan.io/search/filters
 280 | 
 281 | * IVRE: https://ivre.rocks/
 282 | 
 283 | * Threat Intel Tools: https://cyberfive.uk/threat-intel-tools/
 284 | 
 285 | https://talosintelligence.com/
 286 | 
 287 | * PGP Global Directory: https://keyserver2.pgp.com/vkd/GetWelcomeScreen.event 
 288 | 
 289 | * Hurricane Electric BGP: https://bgp.he.net/
 290 | 
 291 | * Email2PhoneNumber: https://github.com/martinvigo/email2phonenumber
 292 | 
 293 | * Honeypot or not: https://honeyscore.shodan.io/
 294 | 
 295 | https://builtwith.com/
 296 | 
 297 | * Pwn email DB TOR:  http://pwndb2am4tzkvold.onion/
 298 | 
 299 | * Website to check if emails or passwords have been compromised: https://haveibeenpwned.com/
 300 | 
 301 | * Leaks: https://leaks.sh/
 302 | 
 303 | * Pwn DB: https://www.dehashed.com/?__cf_chl_jschl_tk__=ab484f797848c365ec48f7297ac4b9ba4587d775-1625827161-0-ARQgSNH3MSi0R4OUxmHmJCgUIz4nZrldFwXK6QZ21tONCEndyB_ypTCETLDm8vhRWeKD6v_ZraA5mbmvd03j1oeQb7QNsx5pg0lMhaNv2l7aw8DKR4a7ENkylr9knbiDx9X3RVn5AcH2uWuG_yRgk28j6x_zyccpXWc8LsTN9VxXZCZb16SEqwbuLdQ-JjWp0eQIgEMAPkLgosrsZyCdRa0A2mqMu8Mz4g-j4z8xR4v-4tqNwcP_TNtCK74-DIWZ80Zth2At6XizE72m_QifLrQH-gFUWPQ7hMzbNr5ONgZbyTZy_0YQA2SqHS5EUj5duq3WhbHdKEsRzXC6ch1EdQ5GagnSc8fH_NAqrI2aebrGF37HEXWkn7ZwxLGDLPAF63tV-77gQ4xhCnCDJp-vpcs
 304 | 
 305 | * Pwn email DB: https://intelx.io/
 306 | 
 307 | * Pwn email DB: https://cybernews.com/personal-data-leak-check/
 308 | 
 309 | * PwnDB Script: https://github.com/davidtavarez/pwndb
 310 | 
 311 | * Search filtered credentials in plain text: https://esgeeks.com/pwndb-buscar-credenciales-filtradas-texto-plano/
 312 | 
 313 | * Email checker: https://toolbox.googleapps.com/apps/checkmx/
 314 | 
 315 | * Car Recognition: https://carnet.ai/
 316 | 
 317 | * Hour of a picture, sun calculator: https://www.suncalc.org/#/27.6936,-97.5195,3/2024.01.09/09:23/1/3
 318 | 
 319 | * General purpose: https://github.com/Moham3dRiahi/Th3inspector
 320 | 
 321 | * Gooogle Image Search: https://www.google.es/imghp?hl=es , Yandex: https://yandex.com/images/ , Bing: https://www.bing.com/?scope=images&nr=1&FORM=NOFORM
 322 | 
 323 | * Reverse Image Search: https://tineye.com/
 324 | 
 325 | * Tool for tracking the redirection paths of URLs: https://wheregoes.com/
 326 | 
 327 | * Phishing Online Checker: https://easydmarc.com/tools/phishing-url
 328 | 
 329 | * Phishing Domain DB: http://phishtank.org/
 330 | 
 331 | * Phishing Domain DB: https://phishcheck.me/
 332 | 
 333 | * Phishing Research: https://safeweb.norton.com/ , https://isitphishing.org/, https://openphish.com/ && https://opentip.kaspersky.com/.
 334 | 
 335 | * Instagram: https://github.com/th3unkn0n/osi.ig
 336 | 
 337 | * Censys: https://censys.io/ipv4
 338 | 
 339 | * Zoomeye.org: https://www.zoomeye.org/
 340 | 
 341 | * IVRE: https://ivre.rocks/
 342 | 
 343 | * IOT search engine: https://www.thingful.net/
 344 | 
 345 | * Find email addresses related to a domain: https://hunter.io/
 346 | 
 347 | * People search engine: https://thatsthem.com/
 348 | 
 349 | * Fofa search engine: https://fofa.so/ (Similar to Shodan)
 350 | 
 351 | * Graphical OSINT platform: https://www.spiderfoot.net/#
 352 | 
 353 | * Fullhunt: https://fullhunt.io/
 354 | 
 355 | * Code search: https://grep.app/ && https://publicwww.com/
 356 | 
 357 | * Natlas: https://natlas.io/
 358 | 
 359 | * Spur: https://spur.us/
 360 | 
 361 | * Public Wi-Fi database: https://www.mylnikov.org/
 362 | 
 363 | * HTTP headers of a domain: https://www.webconfs.com/http-header-check.php
 364 | 
 365 | * Metadata of public's documents: https://github.com/Josue87/MetaFinder
 366 | 
 367 | * Twitter: https://github.com/twintproject/twint && https://tinfoleak.com/
 368 | 
 369 | * https://github.com/Quantika14/osint-suite-tools
 370 | 
 371 | * Check your OWA (Outlook Web Access): https://checkmyowa.unit221b.com/
 372 | 
 373 | * Whatspp IP Leak: https://github.com/bhdresh/Whatsapp-IP-leak?s=09
 374 | 
 375 | * Book: https://i-intelligence.eu/uploads/public-documents/OSINT_Handbook_2020.pdf
 376 | 
 377 | ### Threat Hunting
 378 |  
 379 | Analysis I: https://centralops.net/co/
 380 | 
 381 | Analaysis II: https://viewdns.info/
 382 | 
 383 | Analysis III: https://sitereport.netcraft.com/
 384 | 
 385 | Analysis IV: https://www.ipaddress.com/
 386 | 
 387 | Malware: https://www.virustotal.com/gui/home/upload & https://opentip.kaspersky.com/
 388 | 
 389 | Reputation: https://talosintelligence.com/, https://www.abuseipdb.com/
 390 | 
 391 | Technology of a domain: https://builtwith.com/
 392 | 
 393 | Tool for tracking the redirection paths of URLs: https://wheregoes.com/
 394 | 
 395 | History of a Domain: https://web.archive.org/
 396 | 
 397 | Real-time blackhole list,ASNs: https://bgp.he.net/
 398 | 
 399 | SSL certificates: https://www.digicert.com/help/
 400 | 
 401 | Redirects: https://lookyloo.circl.lu/
 402 | 
 403 | Phishing Domain DB: http://phishtank.org/
 404 | 
 405 | Phishing Domain DB: https://phishcheck.me/
 406 | 
 407 | Phishing Domains CSV: https://phishstats.info/
 408 | 
 409 | Phishing Research: https://safeweb.norton.com/ , https://isitphishing.org/, https://openphish.com/ && https://opentip.kaspersky.com/.
 410 | 
 411 | Recopilation: https://osintframework.com/
 412 | 
 413 | Email account analysis: curl emailrep.io/john.smith@gmail.com
 414 | 
 415 | ## Forensics
 416 | 
 417 | * Online PCAP Analysis: https://lab.dynamite.ai/
 418 | 
 419 | * Tool to identify strings from a pcap: https://github.com/bee-san/pyWhat. Ex:python3 -m pywhat redteam_test03-10423dd9015c050a40b7ccf2a53f57a9.pcapng > output
 420 | 
 421 | * Advanced PCAP: https://www.kitploit.com/2023/08/bryobio-network-pcap-file-analysis.html
 422 | 
 423 | * Wireshark. Cheat sheet: https://cdn.comparitech.com/wp-content/uploads/2019/06/Wireshark-Cheat-Sheet-1.jpg
 424 | 
 425 | * Volatility. Cheat sheet: https://blog.onfvp.com/post/volatility-cheatsheet/ >>> Malfind,yarascan, Connscan y netscan
 426 | 
 427 | * Foremost
 428 | 
 429 | * Binwalk
 430 | 
 431 | * Autopsy
 432 | 
 433 | * PhotoRec: https://www.cgsecurity.org/wiki/PhotoRec
 434 | 
 435 | * Photo forensics: https://29a.ch/photo-forensics/#forensic-magnifier
 436 | 
 437 | * Recuva: https://www.ccleaner.com/recuva
 438 | 
 439 | * Keys: https://www.nirsoft.net/utils/product_cd_key_viewer.html
 440 | 
 441 | * DDRescue. https://launchpad.net/ddrescue-gui
 442 | 
 443 | * Rescuezilla: https://rescuezilla.com/
 444 | 
 445 | * PolarProxy: https://www.netresec.com/?page=PolarProxy
 446 | 
 447 | * MRC: https://www.magnetforensics.com/resources/magnet-ram-capture/
 448 | 
 449 | * Media acquisition (disk to image): https://guymager.sourceforge.io/
 450 | 
 451 | * Rapidly Search and Hunt through Windows Event Logs: https://github.com/countercept/chainsaw
 452 | 
 453 | * AccessData FTK Imager 
 454 | 
 455 | * EnCase 
 456 | 
 457 | * EaseUS Data Recovery Wizard
 458 | 
 459 | * Testdisk: https://www.cgsecurity.org/wiki/TestDisk_Download
 460 | 
 461 | * MFT_Browser: https://github.com/kacos2000/MFT_Browser
 462 | 
 463 | * Powershell Decoder: https://github.com/R3MRUM/PSDecode, https://github.com/JohnLaTwC/PyPowerShellXray and analysis info: https://darungrim.com/research/2019-10-01-analyzing-powershell-threats-using-powershell-debugging.html
 464 | 
 465 | * PDF analyzer: https://github.com/zbetcheckin/PDF_analysis, https://github.com/DidierStevens/DidierStevensSuite/blob/master/pdfid.py, https://github.com/DidierStevens/DidierStevensSuite/blob/master/pdf-parser.py y https://eternal-todo.com/tools/peepdf-pdf-analysis-tool.
 466 | 
 467 | * Office analyzer: https://github.com/DissectMalware/XLMMacroDeobfuscator, https://github.com/unixfreak0037/officeparser, https://github.com/decalage2/oletools, https://github.com/bontchev/pcodedmp, https://github.com/decalage2/ViperMonkey && https://blog.didierstevens.com/programs/oledump-py/.
 468 | 
 469 | * Extract Unicode-encoded content from a file: https://github.com/DidierStevens/DidierStevensSuite/blob/master/base64dump.py
 470 | 
 471 | * DTMF telephone frecuency: https://unframework.github.io/dtmf-detect/
 472 | 
 473 | * To decrypt WPA keys: pyrit -r "capctura.pcap" analyze
 474 | 
 475 | * Diskeditor: https://www.disk-editor.org/index.html
 476 | 
 477 | * Passware encryption analyzer: https://www.passware.com/encryption-analyzer/
 478 | 
 479 | * Windows Registry Recovery: https://www.softpedia.com/get/Tweak/Registry-Tweak/Windows-Registry-Recovery.shtml
 480 | 
 481 | * xxd command
 482 | 
 483 | * Blue Team Cheat sheet: https://itblogr.com/wp-content/uploads/2020/04/The-Concise-Blue-Team-cheat-Sheets.pdf
 484 | 
 485 | * DFIR cheat sheet: https://www.jaiminton.com/cheatsheet/DFIR/#
 486 | 
 487 | * Parse a user agent: https://developers.whatismybrowser.com/useragents/parse/
 488 | 
 489 | * Grep cheat sheet: https://javiermartinalonso.github.io/linux/2018/01/15/linux-grep-patrones-debug.html
 490 | 
 491 | * Blog: https://www.osintme.com/
 492 | 
 493 | * Regular expressions for grep -Po " " https://www.autoregex.xyz/ && https://regex101.com/ . Cheat sheet: https://cheatography.com/davechild/cheat-sheets/regular-expressions/
 494 | 
 495 | * DFIR Cheatsheet: https://dfircheatsheet.github.io/
 496 | 
 497 | https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/
 498 | 
 499 | https://blog.didierstevens.com/programs/xorsearch/
 500 | 
 501 | Forensics RECOPILATION: https://start.me/p/JDRmPO/recursos-forenses && https://start.me/p/q6mw4Q/forensics
 502 | 
 503 | ## Reversing
 504 | 
 505 | * Binwalk
 506 | 
 507 | * Dotpeek (.NET)
 508 | 
 509 | * Angr(deobfuscated code): https://angr.io/ && https://napongizero.github.io/blog/Defeating-Code-Obfuscation-with-Angr
 510 | 
 511 | * GameBoy debugger: https://bgb.bircd.org/
 512 | 
 513 | * IDA pro. Cheat Sheet: https://www.dragonjar.org/cheat-sheet-ida-pro-interactive-disassembler.xhtml
 514 | 
 515 | * Ollydbg. Cheat Sheet: http://www.ollydbg.de/quickst.htm
 516 | 
 517 | * GDB:  https://gist.github.com/rkubik/b96c23bd8ed58333de37f2b8cd052c30
 518 | 
 519 | * Radare2. Cheat Sheet: https://gist.github.com/williballenthin/6857590dab3e2a6559d7
 520 | 
 521 | * Ghidra. Cheat Sheet: https://hackersfun.com/wp-content/uploads/2019/03/Ghidra-Cheat-Sheet.pdf
 522 | 
 523 | * Immunity Debugger: https://www.immunityinc.com/products/debugger/
 524 | 
 525 | * x64dbg
 526 | 
 527 | * DnSpy https://github.com/dnSpy/dnSpy
 528 | 
 529 | * Binary Ninja: https://binary.ninja/
 530 | 
 531 | * Beginner reversing tool: https://exeinfo-pe.en.uptodown.com/windows
 532 | 
 533 | * Regshot:  https://sourceforge.net/projects/regshot/ (before and after running a binary)
 534 | 
 535 | * CFF explorer: https://download.cnet.com/CFF-Explorer/3000-2383_4-10431156.html
 536 | 
 537 | * Online Disassembler: https://onlinedisassembler.com/static/home/index.html
 538 | 
 539 | * Online Decompiler Explorer: https://dogbolt.org/
 540 | 
 541 | * Online Compiler Explorer: https://godbolt.org/
 542 | 
 543 | * Online .JAR and .Class to Java decompiler:  http://www.javadecompilers.com/
 544 | 
 545 | * Hex editor, disk editor, and memory editor: https://mh-nexus.de/en/downloads.php?product=HxD20
 546 | 
 547 | * Android Decompiler: https://ibotpeaches.github.io/Apktool/
 548 | 
 549 | * Decompile Android files: https://github.com/skylot/jadx
 550 | 
 551 | * Hopper disassembler: https://www.hopperapp.com/
 552 | 
 553 | * List Dynamic Dependencies: Ldd file
 554 | 
 555 | * Unpacking some binaries: Upx -d file
 556 | 
 557 | * Identifying packers: https://github.com/horsicq/Detect-It-Easy
 558 | 
 559 | * Theory: https://0xinfection.github.io/reversing/
 560 | 
 561 | * Intel® 64 and IA-32 Architectures Software Developer’s Manual: https://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-developer-instruction-set-reference-manual-325383.pdf 
 562 | 
 563 | * Tips: https://blog.whtaguy.com/2020/04/guys-30-reverse-engineering-tips-tricks.html
 564 | 
 565 | ## Exploiting
 566 | 
 567 | * Ej1: python -c "print 'A'*150" >>> Then ./binario 150 A
 568 | 
 569 | python -c "print ('A' * 5100)"
 570 | 
 571 | * Ej2: (echo -e "\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x89\xc1\x89\xc2\xb0\x0b\xcd\x80\x31\xc0\x40\xcd\x80"; cat-) | ./binario (Shellcode for x86 32 linux)
 572 | 
 573 | ## Pentesting
 574 | 
 575 | Common ports cheatsheet: https://packetlife.net/media/library/23/common_ports.pdf
 576 | 
 577 | Enumeration cheatsheet: https://pentestwiki.org/enumeration-cheat-sheet/
 578 | 
 579 | ### Recon
 580 | 
 581 | * Nmap. Cheatsheet: https://highon.coffee/blog/nmap-cheat-sheet/ && https://scadahacker.com/library/Documents/Cheat_Sheets/Hacking%20-%20NMap%20Quick%20Reference%20Guide.pdf
 582 | 
 583 | * S.O recon: "version of a service https://launchpad.net/"
 584 | 
 585 | * https://sitereport.netcraft.com/
 586 | 
 587 | * GUI-DNSRecon: https://www.kitploit.com/2023/02/dnsrecon-gui-dnsrecon-tool-with-gui-for.html
 588 | 
 589 | * enum4linux - https://highon.coffee/blog/enum4linux-cheat-sheet/
 590 | 
 591 | Dig: https://cheatography.com/tme520/cheat-sheets/dig/
 592 | 
 593 | wget -nd -r -P /save/location -A jpeg,jpg,bmp,gif,png http://www.somedomain.com
 594 | 
 595 | Recursive file download bypassing robots.txt: wget -e robots=off -drc -l5 domain
 596 | 
 597 | * Scanning with third parties: https://hackertarget.com/nmap-online-port-scanner/, https://www.ipfingerprints.com/, https://spiderip.com/online-port-scan.php, https://portscanner.standingtech.com/ && https://www.yougetsignal.com/tools/open-ports/
 598 | 
 599 | * Scanless project: https://github.com/vesche/scanless
 600 | 
 601 | * List emails from a domain: https://maildump.co/domain-search
 602 | 
 603 | * List domains of a company: Curl https://sonar.omnisint.io/tlds/<company name>
 604 | 
 605 | * SPF,DKIM,DMARC: https://github.com/MattKeeley/Spoofy & https://www.kitploit.com/2023/02/email-vulnerablity-checker-find-email.html & https://github.com/magichk/magicspoofing && https://toolbox.googleapps.com/apps/checkmx/
 606 | 
 607 | * Company hashes & passwords: https://www.dehashed.com/
 608 | 
 609 | * dnsrecon -d dte.local -n IP - https://pentestlab.blog/2012/11/13/dns-reconnaissance-dnsrecon/
 610 | 
 611 | * Biggest DNS historical data: https://securitytrails.com/
 612 | 
 613 | * DNS Host Records: https://hackertarget.com/find-dns-host-records/
 614 | 
 615 | * HTTP Header Analysis Vulnerability Tool: https://dnsdumpster.com/
 616 | 
 617 | * ReconFTW: https://github.com/six2dez/reconftw
 618 | 
 619 | * Autorecon: https://github.com/Tib3rius/AutoRecon
 620 | 
 621 | * OSINT gathering tool: https://github.com/s0md3v/Photon
 622 | 
 623 | * OSINT gathering tool: https://github.com/laramies/theHarvester
 624 | 
 625 | * DNS resolver: https://github.com/d3mondev/puredns
 626 | 
 627 | * Sublist3r: https://github.com/aboul3la/Sublist3r
 628 | 
 629 | * Ffuf: https://github.com/ffuf/ffuf
 630 | 
 631 | * Nuclei: https://github.com/projectdiscovery/nuclei
 632 | 
 633 | * Expired domains: https://www.expireddomains.net/
 634 | 
 635 | ### Web
 636 | 
 637 | * Wappalyzer
 638 | 
 639 | * whatweb -v -a 3 scanme.nmap.org 
 640 | 
 641 | * nmap  -p 80 --script=http-* <IP>
 642 | 
 643 | * HTTP Header Analysis Vulnerability Tool: https://github.com/Aetsu/gethead/blob/gh-pages/gethead.py
 644 | 
 645 | * Feroxbuster
 646 | 
 647 | * Gobuster. Cheat Sheet: https://redteamtutorials.com/2018/11/19/gobuster-cheatsheet/
 648 | 
 649 | * Burpsuite
 650 | 
 651 | * OWASP ZAP, OpenVas, Sparta & Nikto. Cheat Sheet: https://cdn.comparitech.com/wp-content/uploads/2019/07/NIkto-Cheat-Sheet.webp
 652 | 
 653 | * Hydra. Cheat Sheet: hydra -l admin -P /usr/share/wordlists/rockyou.txt IP http-post-form “__csrf_magic=sid%3Ae40fd9611063464c3ff346ffa53b7a28b3cd5971%2C1638348501&usernamefld=admin&passwordfld=^PASS^&login=Sign+In" || patator http_fuzz url=http://IP/ method=POST &usernamefld=admin&passwordfld=FILE0&login=Sign+In' 0=/usr/share/wordlists/rockyou.txt follow=1 accept_cookie=1 -x ignore:fgrep='Username or Password incorrect'
 654 | 
 655 | * hydra -s 22 -l user -P /usr/share/wordlists/rockyou.txt IP -t 4 ssh
 656 | 
 657 | * wfuzz. Cheat Sheet: https://book.hacktricks.xyz/pentesting-web/web-tool-wfuzz
 658 | 
 659 | * 2FA Bypass: https://www.xmind.net/m/8Hkymg/
 660 | 
 661 | * Dirbuster. https://mundo-hackers.weebly.com/dirbuster.html
 662 | 
 663 | * Linkfinder: https://github.com/GerbenJavado/LinkFinder
 664 | 
 665 | * Dirsearch: https://github.com/maurosoria/dirsearch
 666 | 
 667 | * Automated All-in-One OS command injection and exploitation tool: https://github.com/commixproject/commix
 668 | 
 669 | * Automated XSS tool: https://xsser.03c8.net/
 670 | 
 671 | * Automated XSS tool: https://github.com/ssl/ezXSS
 672 | 
 673 | * RECOX: https://github.com/samhaxr/recox/blob/master/recox.sh
 674 | 
 675 | * SQL payload examples: https://github.com/payloadbox/sql-injection-payload-list
 676 | 
 677 | * Command injection: https://github.com/payloadbox/command-injection-payload-list
 678 | 
 679 | * XSS in 2021: https://netsec.expert/posts/xss-in-2021/
 680 | 
 681 | * SSRF Cheatsheet: https://highon.coffee/blog/ssrf-cheat-sheet/#curl-ssrf-wrappers--url-schema
 682 | 
 683 | * WPscan
 684 | 
 685 | * XSS firefox extension searcher: https://addons.mozilla.org/es/firefox/addon/knoxss-community-edition/
 686 | 
 687 | * Inspect HTTP headers: https://requestbin.net/ && https://webhook.site/#!/75039a57-2015-4f74-9612-b762f4353b9b && https://securityheaders.com/?q=domain&followRedirects=on
 688 | 
 689 | https://pentest-tools.com/home
 690 | 
 691 | https://book.hacktricks.xyz/
 692 | 
 693 | http://jsonviewer.stack.hu/
 694 | 
 695 | https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE
 696 | 
 697 | https://jorgectf.gitbook.io/awae-oswe-preparation-resources/
 698 | 
 699 | * Web Tips: https://www.nccgroup.com/globalassets/our-research/uk/images/common_security_issues_in_financially-orientated_web.pdf.pdf
 700 | 
 701 | ### Exploit Database
 702 | 
 703 | * CVE Search: https://github.com/Anonimo501/cve_search
 704 | 
 705 | * https://www.exploit-db.com/
 706 | 
 707 | * SearchSploit. Cheat sheet: https://blog.ehcgroup.io/2018/11/27/01/00/39/4198/como-usar-searchsploit-para-encontrar-exploits/hacking/ehacking/
 708 |  
 709 | * https://cvexploits.io/
 710 | 
 711 | ### Docker
 712 | 
 713 |  Privilege esc: docker run -v /:/mnt --rm -it imagen chroot /mnt sh
 714 | 
 715 | ### Credentials
 716 | 
 717 | * IT Default Creds: https://github.com/ihebski/DefaultCreds-cheat-sheet/blob/main/DefaultCreds-Cheat-Sheet.csv
 718 | * OT Default Creds: https://www.icsrank.com/
 719 | 
 720 | ### CVE Database Vulnerabilities
 721 | 
 722 | https://vulners.com/
 723 | 
 724 | ### Exploitation
 725 | 
 726 | * Online reverse shell generator: https://www.revshells.com/
 727 | 
 728 | * Reverse shell cheatsheet: https://reconshell.com/reverse-shell-cheat-sheet/ && Cheatsheet: https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md
 729 | 
 730 | * Webshells: https://github.com/BlackArch/webshells
 731 | 
 732 | * Popshells: https://github.com/0x00-0x00/ShellPop
 733 | 
 734 | * Upgrading Simple Shells to Fully Interactive TTYs: https://blog.ropnop.com/upgrading-simple-shells-to-fully-interactive-ttys/
 735 | 
 736 | * crackmapexec - https://cheatsheet.haax.fr/windows-systems/exploitation/crackmapexec/
 737 | 
 738 | * Rundll32 commands examples: https://www.jesusninoc.com/04/12/rundll32-commands-for-windows/
 739 | 
 740 | * rdesktop IP, proxychains <rdesktop> IP
 741 | 
 742 | * sqlmap - https://www.security-sleuth.com/sleuth-blog/2017/1/3/sqlmap-cheat-sheet
 743 | 
 744 | * Reverse shell payload generator - Hoaxshell: https://github.com/t3l3machus/hoaxshell
 745 | 
 746 | * Running commands on an Microsoft Exchange: https://github.com/WithSecureLabs/peas
 747 | 
 748 | * Powerglot: https://github.com/mindcrypt/powerglot
 749 | 
 750 | ### Active Directory
 751 |    
 752 | * Network Scanner: https://www.softperfect.com/products/networkscanner/
 753 | 
 754 | * linWinPwn: https://github.com/lefayjey/linWinPwn
 755 | 
 756 | * Mimikatz: https://book.hacktricks.xyz/windows-hardening/stealing-credentials/credentials-mimikatz
 757 | 
 758 | * Crackmapexec: https://cheatsheet.haax.fr/windows-systems/exploitation/crackmapexec/
 759 | 
 760 | * LDAP enumeration: https://pentestwiki.org/enumeration-cheat-sheet/#h-ldap-enumeration
 761 | 
 762 | * Seatbelt check: https://github.com/GhostPack/Seatbelt
 763 | 
 764 | * Bloodhound: https://bloodhound.readthedocs.io/en/latest/index.html
 765 | 
 766 | * Adalanche: https://www.kitploit.com/2021/08/adalanche-active-directory-acl.html
 767 | 
 768 | ### Privilege Escalation
 769 | 
 770 | #### Windows
 771 | 
 772 | sudo apt install peass
 773 | 
 774 | * WinPEAS: https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS  
 775 | 
 776 | * Juicy potato: https://github.com/ohpe/juicy-potato
 777 | 
 778 | * PowerUp: https://github.com/PowerShellMafia/PowerSploit/blob/dev/Privesc/PowerUp.ps1
 779 | 
 780 | #### Linux
 781 | 
 782 | * LinPEAS: https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/linPEAS
 783 | 
 784 | * LinEnum: https://github.com/rebootuser/LinEnum/blob/master/LinEnum.sh
 785 | 
 786 | * BeRoot: https://github.com/AlessandroZ/BeRoot/tree/master/Linux
 787 | 
 788 | ### Legit binaries in a system
 789 | 
 790 | * Lolbas from Windows: https://lolbas-project.github.io/
 791 | 
 792 | * GTFOBins from Unix Systems: https://gtfobins.github.io/
 793 | 
 794 | ### AV bypass
 795 | 
 796 | * Bypass Windows defender with binaries: https://github.com/Bl4ckM1rror/FUD-UUID-Shellcode
 797 | 
 798 | * Shikata ga nai: https://github.com/EgeBalci/sgn
 799 | 
 800 | * AV'S evasion: https://github.com/Veil-Framework/Veil-Evasion
 801 | 
 802 | * Shellter: https://www.kali.org/tools/shellter/
 803 | 
 804 | ### Automatic Frameworks
 805 | 
 806 | * Metasploit. Cheatsheet: https://github.com/k1000o23/cheat_sheets/blob/master/metasploit_cheat_sheet.pdf
 807 | 
 808 | * Kaboom: https://github.com/Leviathan36/kaboom
 809 | 
 810 | * Fsociety framework: https://github.com/Manisso/fsociety
 811 | 
 812 | * Empire. Cheatsheet: https://github.com/HarmJ0y/CheatSheets/blob/master/Empire.pdf
 813 | 
 814 | ### Mobile
 815 | 
 816 | * Mobile Pentest Cheatsheet: https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet && https://github.com/randorisec/MobileHackingCheatSheet
 817 | 
 818 | * Automated  Mobile tools: https://github.com/MobSF/Mobile-Security-Framework-MobSF, https://github.com/SUPERAndroidAnalyzer/super
 819 | 
 820 | * List of Vulnerable Android Applications: https://github.com/netbiosX/Pentest-Bookmarks/blob/master/Training-Labs/Mobile-Testing/Android-Applications.mdown
 821 | 
 822 | * PcapDroid: https://play.google.com/store/apps/details?id=com.emanuelef.remote_capture&hl=es_419&gl=US
 823 | 
 824 | ### Wifi
 825 | 
 826 | * Fing application: https://www.fing.com/
 827 | 
 828 | * Wifi analyzer: https://play.google.com/store/apps/details?id=com.farproc.wifi.analyzer&hl=es&gl=US&pli=1
 829 | 
 830 | * Auditing Wifi: https://github.com/v1s1t0r1sh3r3/airgeddon
 831 | 
 832 | * https://en.kali.tools/?p=244
 833 | 
 834 | * Wifi Crack: https://github.com/s4vitar/wifiCrack
 835 | 
 836 | * Fern: https://github.com/savio-code/fern-wifi-cracker
 837 | 
 838 | * EvilTrust: https://github.com/s4vitar/evilTrust
 839 | 
 840 | * RomBuster: https://github.com/EntySec/RomBuster
 841 | 
 842 | Yersinia
 843 | 
 844 | Bettercap
 845 | 
 846 | Wifi Pineapple
 847 | 
 848 | https://linuxhint.com/how_to_aircrack_ng/
 849 | 
 850 | * PCAP capture crack: https://www.onlinehashcrack.com/
 851 | 
 852 | ### Utility
 853 | 
 854 | * mount -t cifs IP/SharedResource /mnt/smbmounted -o vers=2.1 && * smbclient -U "" -N //IP/SharedResource
 855 | 
 856 | * dpkg -l to list all the installed programs in a virtual machine. Pipe the output in order to search what you want.
 857 | 
 858 | * Msfvenom: https://www.offensive-security.com/metasploit-unleashed/msfvenom/ & https://www.offensive-security.com/metasploit-unleashed/binary-payloads/
 859 | 
 860 | * Nishang: https://github.com/samratashok/nishang
 861 | 
 862 | * Are u block?: https://ippsec.rocks/?#
 863 | 
 864 | * OSCP-style: https://gist.github.com/s4vitar/b88fefd5d9fbbdcc5f30729f7e06826e
 865 | 
 866 | * Pentest-book: https://pentestbook.six2dez.com/ && https://book.hacktricks.xyz/pentesting-methodology
 867 | 
 868 | * Videos: https://www.youtube.com/c/S4viOnLive
 869 | 
 870 | ## Malware
 871 | 
 872 | ### Online engines
 873 | 
 874 | * https://www.filescan.io/
 875 | 
 876 | * Virustotal: https://www.virustotal.com/gui/home/search
 877 | 
 878 | * Online Cuckoo Sandbox: https://sandbox.pikker.ee/
 879 | 
 880 | * APK's: https://mobsf.live/ && https://koodous.com/
 881 | 
 882 | * Joesandbox: https://www.joesandbox.com/#windows
 883 | 
 884 | * Kaspersky: https://opentip.kaspersky.com/
 885 | 
 886 | * Intezer: https://analyze.intezer.com/scan
 887 | 
 888 | * Hybrid Analysis: https://www.hybrid-analysis.com/?lang=es
 889 | 
 890 | * Database of counterfeit-related webs: https://desenmascara.me/
 891 | 
 892 | * ANY.RUN https://any.run/
 893 | 
 894 | https://antiscan.me/
 895 | 
 896 | https://www.virscan.org/
 897 | 
 898 | * Polyswarm: https://polyswarm.network
 899 | 
 900 | https://metadefender.opswat.com/?lang=en
 901 | 
 902 | ### Distros to analyze malware
 903 | 
 904 | * Linux Distro to investigate malware: https://docs.remnux.org/
 905 | 
 906 | * Windows Distro to investigate malware: https://github.com/mandiant/flare-vm
 907 | 
 908 | * https://github.com/LaurieWired/linux_malware_analysis_container
 909 | 
 910 | ### Tools
 911 | 
 912 | * Sysinternals: https://docs.microsoft.com/en-us/sysinternals/
 913 | 
 914 | * Systeminformer: https://systeminformer.sourceforge.io/
 915 | 
 916 | * Capa: https://github.com/mandiant/capa
 917 | 
 918 | * Detect it easy(packer detector): https://en.kali.tools/?p=1644
 919 | 
 920 | * Sysinspector: https://support.eset.com/es/que-es-eset-sysinspector
 921 | 
 922 | * Dependency walker from an executable file: https://www.dependencywalker.com/
 923 | 
 924 | * Autoruns: https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns
 925 | 
 926 | * RAM capturer: https://belkasoft.com/ram-capturer
 927 | 
 928 | * Recopilation: https://github.com/rshipp/awesome-malware-analysis
 929 | 
 930 | * Reverse Engineer's Toolkit: https://github.com/mentebinaria/retoolkit
 931 | 
 932 | * PEstudio: https://www.winitor.com/
 933 | 
 934 | * Malzilla: https://malzilla.org/
 935 | 
 936 | * PROCMON+PCAP: https://www.procdot.com/
 937 | 
 938 | * Analyze APK's: https://github.com/quark-engine/quark-engine && https://github.com/mvt-project/mvt && https://github.com/pjlantz/droidbox
 939 | 
 940 | * XORSearch: https://blog.didierstevens.com/programs/xorsearch/
 941 | 
 942 | * RAT Decoder: https://github.com/kevthehermit/RATDecoders
 943 | 
 944 | * Malwoverview: https://github.com/alexandreborges/malwoverview
 945 | 
 946 | * Binary strings defuser: https://github.com/fireeye/flare-floss
 947 | 
 948 | * Network analysis of malware (emulate HTTP server): https://github.com/felixweyne/imaginaryC2
 949 | 
 950 | * This tool allows you to intercept and redirect all or specific network traffic while simulating legitimate network services: https://github.com/mandiant/flare-fakenet-ng
 951 | 
 952 | ### Free AVs EDRs and Sandboxes
 953 | 
 954 | * ClamAV: https://www.clamav.net/downloads#otherversions
 955 | 
 956 | * MAC AV: https://www.pcrisk.es/mejores-programas-antivirus/8365-combo-cleaner-antivirus-and-system-optimizer-mac
 957 | 
 958 | * Sandbox: https://github.com/CERT-Polska/drakvuf-sandbox
 959 | 
 960 | * DragonFly: https://dragonfly.certego.net/register
 961 | 
 962 | * Offline Sandbox: https://sandboxie-plus.com/downloads/
 963 | 
 964 | * OpenEDR: https://github.com/ComodoSecurity/openedr 
 965 | 
 966 | ### Ransomware
 967 | 
 968 | * Ransomware decryption tools: http://files-download.avg.com/util/avgrem/avg_decryptor_Legion.exe, https://success.trendmicro.com/solution/1114221-downloading-and-using-the-trend-micro-ransomware-file-decryptor, https://www.nomoreransom.org/es/decryption-tools.htmlm, https://www.avast.com/es-es/ransomware-decryption-tools , https://noransom.kaspersky.com/ , https://www.mcafee.com/enterprise/es-es/downloads/free-tools/ransomware-decryption.html, https://www.mcafee.com/enterprise/en-us/downloads/free-tools.html, https://www.emsisoft.com/ransomware-decryption-tools/, https://decoded.avast.io/threatresearch/decrypted-bianlian-ransomware/.
 969 | 
 970 | * General Overview: https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml#
 971 | 
 972 | * Ransomware groups: http://edteebo2w2bvwewbjb5wgwxksuwqutbg3lk34ln7jpf3obhy4cvkbuqd.onion/
 973 | 
 974 | ### APTs
 975 | 
 976 | * Intelligence: https://docs.google.com/spreadsheets/d/1H9_xaxQHpWaa4O_Son4Gx0YOIzlcBWMsdvePFX68EKU/pubhtml# && https://github.com/StrangerealIntel/EternalLiberty/blob/main/EternalLiberty.csv && https://xorl.wordpress.com/
 977 | 
 978 | * Threat Actor Knowledge Graph: https://jupyter.securitybreak.io/graph_TA/index.html
 979 | 
 980 | Are you an APT target? -> https://lab52.io/
 981 | 
 982 | * APT Simulator: https://github.com/NextronSystems/APTSimulator
 983 | 
 984 | ### Blogs and Information
 985 | 
 986 | * Macros: https://blog.didierstevens.com/2021/01/19/video-maldoc-analysis-with-cyberchef/ && https://blog.nviso.eu/2022/04/06/analyzing-a-multilayer-maldoc-a-beginners-guide/
 987 | 
 988 | * Malware examples/binaries: https://bazaar.abuse.ch/, https://github.com/ytisf/theZoo & https://malshare.com/
 989 | 
 990 | ## Utility
 991 | 
 992 | * To bypass some filtered ports: nmap -sSV ...
 993 | 
 994 | * zip2john backup.zip secret.hash
 995 | 
 996 | * john --show secret.hash
 997 | 
 998 | * Hexeditor
 999 | 
1000 | * nc -nlvp URL port
1001 | 
1002 | * Grep
1003 | 
1004 | * rgrep (Recursive grep)
1005 | 
1006 | * awk
1007 | 
1008 | * perl
1009 | 
1010 | * tail / head 
1011 | 
1012 | * curl -Llv domain | curl -b "protected=d41d8cd98f00b204e9800998ecf8427e"(cookie) "domain"
1013 | 
1014 | * Identify -verbose 
1015 | 
1016 | * Hash-identifier
1017 | 
1018 | * cat 'file' | md5sum, sha1sum,sha256sum...
1019 | 
1020 | * echo "string" | base64 -d 
1021 | 
1022 | * Strings 
1023 | 
1024 | * File 
1025 | 
1026 | * Cewl. Cheat sheet: https://null-byte.wonderhowto.com/how-to/hack-like-pro-crack-passwords-part-5-creating-custom-wordlist-with-cewl-0158855/
1027 | 
1028 | * Password Recovery Online : https://www.lostmypass.com/try/
1029 | 
1030 | * Passwords stored in a computer: https://github.com/AlessandroZ/LaZagne
1031 | 
1032 | * Disk Image: https://www.datanumen.com/disk-image-download-thanks/
1033 | 
1034 | * crackzip: https://github.com/Xpykerz/CrackZip
1035 | 
1036 | * zip2john: https://github.com/openwall/john/blob/bleeding-jumbo/src/zip2john.c
1037 | 
1038 | * Common User Passwords Profiler: https://github.com/Mebus/cupp y https://github.com/r3nt0n/bopscrk. 
1039 | 
1040 | * Dig: https://cheatography.com/tme520/cheat-sheets/dig/
1041 | 
1042 | * wget -nd -r -P /save/location -A jpeg,jpg,bmp,gif,png http://www.somedomain.com
1043 | 
1044 | * Recursive file download bypassing robots.txt: wget -e robots=off -drc -l5 domain
1045 | 
1046 | * [ICMP exfiltration] tshark -r 1pcap_test_1c.pcapng -Y "icmp" -Tjson | grep data.data | awk {'print $2'} | cut -c 2-3 | uniq | xxd -r -p 
1047 | 
1048 | * Oneliners: https://linuxcommandlibrary.com/basic/oneliners.html
1049 | 
1050 | * Google information:
1051 |  ![image](https://user-images.githubusercontent.com/74070814/147261470-9a738efb-69de-4b89-98aa-be27a9f83d78.png)
1052 | 
1053 | 
1054 | ## Wikis
1055 | 
1056 | https://github.com/JohnHammond/ctf-katana
1057 | 
1058 | https://github.com/OpenToAllCTF/Tips
1059 | 
1060 | Reversing tutorial: https://github.com/mytechnotalent/Reverse-Engineering-Tutorial
1061 | 
1062 | 
1063 | ## Write-Ups
1064 | 
1065 | https://ctftime.org/writeups
1066 | 
1067 | https://apsdehal.in/awesome-ctf/
1068 | 
1069 | https://jorgectf.gitlab.io/
1070 | 
1071 | https://github.com/0e85dc6eaf/CTF-Writeups
1072 | 
1073 | https://github.com/RazviOverflow/ctfs
1074 | 
1075 | https://github.com/DEKRA-CTF/CTFs/tree/main/2020
1076 | 
1077 | https://medium.com/bugbountywriteup/tryhackme-reversing-elf-writeup-6fd006704148
1078 | 
1079 | https://github.com/W3rni0/ctf_writeups_archive/tree/master/castorsCTF_2020
1080 | 
1081 | 
1082 | ## Other tools
1083 | 
1084 | https://github.com/zardus/ctf-tools
1085 | 
1086 | https://github.com/apsdehal/awesome-ctf
1087 | 
1088 | 


--------------------------------------------------------------------------------