├── .gitignore ├── src ├── __init__.py ├── pyutils │ ├── __init__.py │ ├── __pycache__ │ │ └── __init__.cpython-38.pyc │ ├── brain_cli.py │ ├── config.py │ └── func.py ├── requirements.txt ├── .DS_Store ├── bashutils │ ├── custom_installers.sh │ ├── banner.sh │ ├── utils.sh │ ├── cli.sh │ └── func.sh ├── brain.py └── core.sh ├── tools ├── wordlists.json ├── raw-github.txt ├── binaries.txt ├── releases.txt ├── bash-files.txt ├── wordlists.txt ├── packages.txt └── tools.json ├── .DS_Store ├── os └── kali │ └── packages.txt ├── images ├── script_execution.png └── hackarsenaltoolkit.png ├── hackarsenal.sh └── README.md /.gitignore: -------------------------------------------------------------------------------- 1 | TODO -------------------------------------------------------------------------------- /src/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /src/pyutils/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /src/requirements.txt: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tools/wordlists.json: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/xtormin/HackArsenalToolkit/HEAD/.DS_Store -------------------------------------------------------------------------------- /src/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/xtormin/HackArsenalToolkit/HEAD/src/.DS_Store -------------------------------------------------------------------------------- /tools/raw-github.txt: -------------------------------------------------------------------------------- 1 | https://raw.githubusercontent.com/altjx/ipwn/master/iSMTP/iSMTP.py -------------------------------------------------------------------------------- /os/kali/packages.txt: -------------------------------------------------------------------------------- 1 | html2text 2 | exiftool 3 | pdfgrep 4 | ntpdate 5 | snmp-mibs-downloader 6 | checksec 7 | ghex -------------------------------------------------------------------------------- /images/script_execution.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/xtormin/HackArsenalToolkit/HEAD/images/script_execution.png -------------------------------------------------------------------------------- /images/hackarsenaltoolkit.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/xtormin/HackArsenalToolkit/HEAD/images/hackarsenaltoolkit.png -------------------------------------------------------------------------------- /tools/binaries.txt: -------------------------------------------------------------------------------- 1 | securesocketfunneling/ssf,ssf- 2 | cytopia/pwncat,pwncat 3 | vivami/SauronEye,SauronEye 4 | AlessandroZ/LaZagne,lazagne -------------------------------------------------------------------------------- /src/pyutils/__pycache__/__init__.cpython-38.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/xtormin/HackArsenalToolkit/HEAD/src/pyutils/__pycache__/__init__.cpython-38.pyc -------------------------------------------------------------------------------- /tools/releases.txt: -------------------------------------------------------------------------------- 1 | OJ/gobuster,gobuster-linux-amd64 2 | michenriksen/aquatone,aquatone_linux_amd64 3 | bettercap/bettercap,bettercap_linux_amd64_ 4 | NickstaDB/BaRMIe,BaRMIe_ 5 | michelin/ChopChop,ChopChop_linux_amd64 6 | bettercap/bettercap,bettercap_linux_amd64_ -------------------------------------------------------------------------------- /tools/bash-files.txt: -------------------------------------------------------------------------------- 1 | https://portswigger.net/burp/releases/download?product=community&version=2020.8.1&type=Linux 2 | https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb 3 | https://raw.githubusercontent.com/killswitch-GUI/SimplyEmail/master/setup/oneline-setup.sh -------------------------------------------------------------------------------- /hackarsenal.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | source src/bashutils/banner.sh 4 | source src/core.sh 5 | 6 | ### BANNER (I know, this is obvious xD) 7 | banner 8 | 9 | ### Check root priv 10 | check_root_priv 11 | 12 | ### PYTHON SETUP 13 | python_setup 14 | 15 | ### CREATE AND PARSE INFORMATION 16 | python3 src/brain.py 17 | 18 | ### DOWNLOAD AND INSTALL PROGRAMS 19 | main -------------------------------------------------------------------------------- /tools/wordlists.txt: -------------------------------------------------------------------------------- 1 | https://github.com/danielmiessler/SecLists.git 2 | https://github.com/kennyn510/wpa2-wordlists.git 3 | https://github.com/jeanphorn/wordlist.git 4 | https://github.com/govolution/betterdefaultpasslist.git 5 | https://github.com/Dormidera/WordList-Compendium.git 6 | https://github.com/kaonashi-passwords/Kaonashi.git 7 | https://github.com/FlameOfIgnis/Pwdb-Public.git -------------------------------------------------------------------------------- /src/bashutils/custom_installers.sh: -------------------------------------------------------------------------------- 1 | wpscan_installer(){ 2 | cd $TOOLS_PATH/wpscan/ 3 | sudo gem install bundler && bundle config set without 'test development' 4 | cd $SCRIPT_PATH 5 | } 6 | 7 | i_theHarvester(){ 8 | cd $TOOLS_PATH/theHarvester/ 9 | python3 -m pip install -r requirements/base.txt 10 | sudo python3 setup.py install 11 | cd $SCRIPT_PATH 12 | } -------------------------------------------------------------------------------- /src/bashutils/banner.sh: -------------------------------------------------------------------------------- 1 | banner() { 2 | cat <<-EOF 3 | 4 | ▄▀▀▀▀▀▄▒▒▒▒▒▄▄▄▄▄▒▒▒ 5 | ▐░▄░░░▄░▌▒▒▄█▄█▄█▄█▄▒ 6 | ▐░▀▀░▀▀░▌▒▒▒▒▒░░░▒▒▒▒ 7 | ▀▄░═░▄▀▒▒▒▒▒▒░░░▒▒▒▒ 8 | ▐░▀▄▀░▌▒▒▒▒▒▒░░░▒▒▒▒ 9 | █░█ 10 | █▀▄ 11 | ▒█░▒█ █▀▀█ █▀▀ ▀░▀ ░█▀▀█ █▀▀█ █▀▀ █▀▀ █▀▀▄ █▀▀█ █░░ 12 | ▒█▀▀█ █▄▄█ █░░ ▒█▄▄█ █▄▄▀ ▀▀█ █▀▀ █░░█ █▄▄█ █░░ 13 | ▒█░▒█ ▀░░▀ ▀▀▀ ▒█░▒█ ▀░▀▀ ▀▀▀ ▀▀▀ ▀░░▀ ▀░░▀ ▀▀▀ 14 | 15 | Github: https://github.com/j4ckmln/hackarsenaltoolkit 16 | By: @j4ckmln 17 | 18 | EOF 19 | } -------------------------------------------------------------------------------- /src/bashutils/utils.sh: -------------------------------------------------------------------------------- 1 | decompress(){ 2 | f_type=$(file -b $1 | cut -d' ' -f1) 3 | if [[ $f_type == "Zip" ]]; then 4 | unzip $1 5 | elif [[ $f_type == "7-zip" ]]; then 6 | 7z e $1 7 | elif [[ $f_type == "PE32" ]]; then 8 | sudo cp $1 $BINARIES_PATH 9 | else 10 | echo "" 11 | fi 12 | } 13 | 14 | i_bin(){ 15 | f_type=$(file -b $1 | cut -d' ' -f1) 16 | if [[ $f_type == "ELF" ]]; then 17 | chmod +x $1 ; sudo cp $1 /usr/bin/$1 18 | fi 19 | } -------------------------------------------------------------------------------- /src/pyutils/brain_cli.py: -------------------------------------------------------------------------------- 1 | import sys 2 | import argparse 3 | 4 | parser = argparse.ArgumentParser(add_help = True, description = '%(prog)s is a simple wordlist merger.') 5 | 6 | parser.add_argument('-r','--reset', 7 | help = 'Delete folders created and files downloaded', 8 | nargs = '+', default = None) 9 | parser.add_argument('-f','--forgot-me', 10 | help = 'Delete and remove all - This is so dangerour', 11 | default = None) 12 | 13 | def get(): 14 | return parser.parse_args() 15 | 16 | def help(): 17 | return parser.print_help(sys.stderr) -------------------------------------------------------------------------------- /src/pyutils/config.py: -------------------------------------------------------------------------------- 1 | import os 2 | 3 | ### INIT SCRIPT VARIABLES 4 | USERNAME = os.getlogin() 5 | SCRIPT_PATH = os.getcwd() 6 | 7 | ### INIT TOOLKIT FOLDERS 8 | TOOLS_PATH = "/usr/share/tools" 9 | WORDLIST_PATH = "/usr/share/wordlists" 10 | BINARIES_PATH = "/usr/share/binaries" 11 | RELEASES_PATH = "/usr/share/releases" 12 | RELEASES_TMP = "/tmp/releases_download" 13 | 14 | ### INIT MAIN FOLDERS 15 | MAIN_FOLDERS = (TOOLS_PATH, WORDLIST_PATH, BINARIES_PATH, RELEASES_PATH, RELEASES_TMP) 16 | 17 | ### INIT TOOLKIT LISTS 18 | PACKAGES_LIST = SCRIPT_PATH + "/tools/packages.txt" 19 | GIT_TOOLS_LIST = "/tmp/github.txt" 20 | TOOLS_JSON = SCRIPT_PATH + "/tools/tools.json" 21 | GIT_WORDLISTS_LIST = SCRIPT_PATH + "/tools/wordlists.txt" 22 | RELEASES_LIST = SCRIPT_PATH + "/tools/releases.txt" 23 | BINARIES_LIST = SCRIPT_PATH + "/tools/binaries.txt" 24 | BASH_LIST = SCRIPT_PATH + "/tools/bash-files.txt" -------------------------------------------------------------------------------- /tools/packages.txt: -------------------------------------------------------------------------------- 1 | git 2 | python3 3 | python3-pip 4 | python2.7 5 | net-tools 6 | tmux 7 | nmap 8 | ncrack 9 | zip 10 | tree 11 | curl 12 | ssh 13 | sshfs 14 | curlftpfs 15 | p7zip-full 16 | chromium 17 | chromium-bsu 18 | wget 19 | dnsenum 20 | hydra 21 | dnsmap 22 | dnsrecon 23 | arp-scan 24 | netdiscover 25 | wireshark 26 | rdesktop 27 | smbclient 28 | postgresql 29 | python3-ldap3 30 | python3-yaml 31 | python3-impacket 32 | exiftool 33 | fcrackzip 34 | tor 35 | proxychains 36 | aircrack-ng 37 | netdiscover 38 | nikto 39 | recon-ng 40 | smbmap 41 | sqlmap 42 | hashcat 43 | john 44 | hexedit 45 | libcurl4-openssl-dev 46 | make 47 | zlib1g-dev 48 | gawk 49 | ipython3 50 | g++ 51 | gcc 52 | libreadline6-dev 53 | libssl-dev 54 | libyaml-dev 55 | libsqlite3-dev 56 | sqlite3 57 | autoconf 58 | libgdbm-dev 59 | libncurses5-dev 60 | automake 61 | libtool 62 | bison 63 | pkg-config 64 | ruby 65 | ruby-bundler 66 | ruby-dev 67 | gem -------------------------------------------------------------------------------- /src/brain.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | 3 | try: 4 | import os 5 | import json 6 | import getpass 7 | import subprocess 8 | from pyutils.config import * 9 | from pyutils.func import * 10 | except ImportError as ie: 11 | print(ie) 12 | 13 | def prompt_sudo(): 14 | out = 0 15 | if os.geteuid() != 0: 16 | msg = "[sudo] password for %u:" 17 | out = subprocess.check_call("sudo -v -p '%s'" % msg, shell=True) 18 | return out 19 | 20 | def main(): 21 | 22 | ### CHECK ROOT PRIVILEGES 23 | if prompt_sudo() != 0: 24 | print(''' 25 | |+| Installation require root privileges 26 | Try again with sudo: sudo bash hackarsenal.sh\n 27 | ''') 28 | 29 | ### CREATE MAIN FOLDERS 30 | create_directories(MAIN_FOLDERS) 31 | 32 | ### CHANGE PERMISSIONS BY LOGGED USER 33 | change_permissions(MAIN_FOLDERS,USERNAME) 34 | 35 | ### PARSE JSON TOOLS 36 | create_txt_from_json(TOOLS_JSON,"url",GIT_TOOLS_LIST) 37 | 38 | if __name__ == "__main__": 39 | try: 40 | main() 41 | except Exception as e: 42 | print(e) -------------------------------------------------------------------------------- /src/bashutils/cli.sh: -------------------------------------------------------------------------------- 1 | 2 | usage(){ 3 | # HEEEEEELP message 4 | cat <<-'EOF' 5 | Usage: $SCRIPTNAME 6 | 7 | SCANMAP description 8 | 9 | OPTIONS: 10 | -h --help Show this help information 11 | -v --reset-folders Delete created directories and reinstall and download script resources (tools, wordlists, binaries, etc.) 12 | 13 | EXAMPLES: 14 | 15 | # Install toolkit 16 | sudo bash hackarsenal.sh 17 | 18 | # Delete created directories (reset) 19 | sudo bash hackarsenal.sh -r 20 | 21 | EOF 22 | } 23 | 24 | cli(){ 25 | # Translate --long-options to -l short options 26 | local arg= 27 | for arg; do 28 | local delim="" 29 | case $arg in 30 | --help) args="${args}-h";; 31 | --reset-folders) args="${args}-r";; 32 | *) [[ "${arg:0:1}" == "-" ]] || delim="\"" 33 | args="${args}${delim}${arg}${delim} ";; 34 | esac 35 | done 36 | 37 | #Reset the positional parameters to the short options 38 | eval set -- $args 39 | 40 | # Args actions 41 | while getopts "hr" OPTION ; do 42 | case $OPTION in 43 | h) 44 | usage 45 | exit 0 46 | ;; 47 | r) 48 | echo "holii" 49 | sudo rm -rf $TOOLS_PATH $WORDLIST_PATH $BINARIES_PATH $RELEASES_PATH $RELEASES_TMP 50 | ;; 51 | esac 52 | done 53 | } 54 | 55 | -------------------------------------------------------------------------------- /src/bashutils/func.sh: -------------------------------------------------------------------------------- 1 | source src/bashutils/utils.sh 2 | 3 | gitclone_to_path(){ 4 | cd $1 5 | for url in $(cat $2); do git clone $url ; done 6 | cd $SCRIPT_PATH 7 | } 8 | 9 | install_packages(){ 10 | sudo apt install $1 -y 11 | } 12 | 13 | download_github_release(){ 14 | local owner 15 | local file 16 | 17 | cd $1 18 | for i in $(cat $2); do 19 | owner=$(echo $i | cut -d',' -f1) 20 | file=$(echo $i | cut -d',' -f2) 21 | tool_name=$(echo $owner | cut -d'/' -f2) 22 | tool_dir=$1/$tool_name 23 | mkdir -p $tool_dir 24 | cd $tool_dir 25 | echo "|+| Downloading $tool_name from $owner repository" 26 | for i in $(curl -s https://api.github.com/repos/$owner/releases/latest | grep $file | cut -d : -f2,3 | tr -d \", | grep ^.http) 27 | do echo $i | wget -qi - 28 | done 29 | done 30 | cd $SCRIPT_PATH 31 | } 32 | 33 | dw_inst_bash(){ 34 | cd $RELEASES_TMP 35 | for i in $(cat $BASH_LIST); do 36 | 37 | curl $i > install && chmod 755 install && ./install 38 | done 39 | cd $SCRIPT_PATH 40 | } 41 | 42 | i_release(){ 43 | 44 | for i in $(ls $RELEASES_TMP/*/*); do 45 | cd $RELEASES_PATH 46 | decompress $i 47 | cd $SCRIPT_PATH 48 | done 49 | for i in $(ls $RELEASES_TMP); do 50 | cd $RELEASES_PATH 51 | i_bin $i 52 | cd $SCRIPT_PATH 53 | done 54 | 55 | } -------------------------------------------------------------------------------- /src/pyutils/func.py: -------------------------------------------------------------------------------- 1 | try: 2 | import os 3 | import json 4 | import shutil 5 | import subprocess 6 | from pathlib import Path 7 | from subprocess import Popen, PIPE, STDOUT, check_call 8 | 9 | except ImportError as ie: 10 | print(ie) 11 | 12 | def create_directories(folders): 13 | print("|+| Creating main folders") 14 | for i in folders: 15 | try: 16 | Path(i).mkdir(parents=True, exist_ok=True) 17 | print(" |+| Folder " + i + " created") 18 | 19 | except Exception as e: 20 | print(" |-| Error creating " + i + " folder") 21 | print(e) 22 | 23 | def change_permissions(folders,user): 24 | try: 25 | aux = user + ':' + user 26 | for folder in folders: 27 | subprocess.call(['chown', '-R', aux, folder]) 28 | except Exception as e: 29 | print(e) 30 | 31 | def read_file(f): 32 | try: 33 | f = open(f) 34 | text = [] 35 | return f.read() 36 | f.close() 37 | except Exception as e: 38 | print(e) 39 | 40 | def write_file(outputfile, text): 41 | try: 42 | f = open(outputfile, 'w') 43 | f.write(text) 44 | f.close() 45 | except Exception as e: 46 | print(e) 47 | 48 | def read_json(f): 49 | with open(f) as json_f: 50 | data = json.load(json_f) 51 | return data 52 | 53 | def create_txt_from_json(json_f,key,out_txt): 54 | data = read_json(json_f) 55 | output = "" 56 | for i in data: 57 | for k,v in i.items(): 58 | if k == key: 59 | output = output + v + "\n" 60 | write_file(out_txt, output) 61 | 62 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ![HackArsenal Header](/images/hackarsenaltoolkit.png) 2 | # Hacking Arsenal Toolkit Setup 3 | 4 | Are you tired of install the same hacking tools in every system different of kali linux? This tool is for you xD 5 | 6 | This is a custom hacking toolkit for pentesting and red team. 7 | This repo automate the installation of hacking tools, from system packages, github releases, scripts, etc. 8 | Created for ubuntu and debian systems. 9 | 10 | You could fork this project and custom your own arsenal too. 11 | 12 | > By default this is a hacking tools repo, but you can add any resource that you want. 13 | 14 | This create four main folders: 15 | 16 | Directory | Description 17 | ---------------------|------------ 18 | /usr/share/tools | Tools from github 19 | /usr/share/wordlists | Wordlists 20 | /usr/share/releases | Releases (Decompressed and installed) 21 | /usr/share/binaries | Tools for install in victim systems 22 | 23 | **Any contribution of cool tools are welcome :sparkles:** 24 | 25 | ## Install 26 | ``` 27 | sudo bash hackarsenal.sh 28 | ``` 29 | ![Script execution](/images/script_execution.png) 30 | 31 | # TODO 32 | - [ ] Hacking tool and resources db categorized (in progress) 33 | - [ ] Add more tools, binaries and wordlists 34 | - [ ] Windows, arch, ... Toolkit Arsenal version 35 | - [ ] Clean and improve code (this is a little spaguetti xD) 36 | - [ ] Docker hackarsenal 37 | 38 | # Social 39 | 40 | * Linkedin: [https://www.linkedin.com/in/xtormin/](https://www.linkedin.com/in/xtormin/). 41 | * Twitter: [https://twitter.com/xtormin](https://twitter.com/xtormin). 42 | * Youtube: [https://www.youtube.com/channel/UCZs7q5QeyXS5YmUq6lexozw](https://www.youtube.com/channel/UCZs7q5QeyXS5YmUq6lexozw). 43 | * Instagram: [https://www.instagram.com/xtormin/](https://www.instagram.com/xtormin/). -------------------------------------------------------------------------------- /src/core.sh: -------------------------------------------------------------------------------- 1 | source src/bashutils/cli.sh 2 | source src/bashutils/func.sh 3 | source src/bashutils/custom_installers.sh 4 | 5 | check_root_priv(){ 6 | if [ "$EUID" -ne 0 ];then 7 | echo "Please run as root" 8 | exit 9 | fi 10 | } 11 | 12 | python_setup(){ 13 | ### UPDATE REPOSITORIES 14 | echo "|+| Updating repositories" 15 | sudo apt update -y 16 | 17 | ### INSTALL PYTHON TO EXECUTE PARSER PROGRAM 18 | sudo apt install python3 python3-pip -y 19 | 20 | ### INSTALL REQUIREMENTS 21 | sudo python3 -m pip install -r src/requirements.txt 22 | } 23 | 24 | main(){ 25 | pwd 26 | ### INIT SCRIPT VARIABLES 27 | readonly SCRIPT_NAME="$(basename "$0")" 28 | readonly SCRIPT_PATH="$(dirname "$(readlink -f "$0")")" 29 | readonly ARGS="$@" 30 | 31 | ### INIT TOOLKIT VARIABLES 32 | TOOLS_PATH="/usr/share/tools" 33 | WORDLIST_PATH="/usr/share/wordlists" 34 | BINARIES_PATH="/usr/share/binaries" 35 | RELEASES_PATH="/usr/share/releases" 36 | RELEASES_TMP="/tmp/releases_download" 37 | USERNAME=$(whoami) 38 | 39 | GIT_TOOLS_LIST="/tmp/github.txt" 40 | GIT_WORDLISTS_LIST="$SCRIPT_PATH/tools/wordlists.txt" 41 | RELEASES_LIST="$SCRIPT_PATH/tools/releases.txt" 42 | BINARIES_LIST="$SCRIPT_PATH/tools/binaries.txt" 43 | BASH_LIST="$SCRIPT_PATH/tools/bash-files.txt" 44 | PACKAGES_ARRAY=$(cat $SCRIPT_PATH/tools/packages.txt | tr '\r\n' ' ') 45 | 46 | ### ARGUMENTS 47 | cli $ARGS 48 | 49 | ### INSTALL PACKAGES 50 | install_packages "${PACKAGES_ARRAY}" 51 | 52 | ### DOWNLOAD GIT RESOURCES 53 | # Usage: gitclone_to_path path_to_save_repos git_url_list.txt 54 | gitclone_to_path $TOOLS_PATH $GIT_TOOLS_LIST 55 | gitclone_to_path $WORDLIST_PATH $GIT_WORDLISTS_LIST 56 | 57 | ### DOWNLOAD RELEASES 58 | # Download release from github 59 | # Usage: download_release path_to_save_releases releases_list 60 | download_github_release $RELEASES_TMP $RELEASES_LIST 61 | download_github_release $BINARIES_PATH $BINARIES_LIST 62 | 63 | # INSTALL BINARIES 64 | i_release 65 | 66 | # DOWNLOAD AND INSTALL BASH FILES 67 | dw_inst_bash 68 | 69 | # CUSTOM INSTALLS 70 | wpscan_installer 71 | 72 | cat <<-EOF 73 | 74 | Your new arsenal directories: 75 | |+| $TOOLS_PATH - Tools from github 76 | |+| $WORDLIST_PATH - Wordlists 77 | |+| $RELEASES_PATH - Releases (Decompressed and installed) 78 | |+| $BINARIES_PATH - Tools for install in victim systems 79 | 80 | EOF 81 | } -------------------------------------------------------------------------------- /tools/tools.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "url": "https://github.com/cddmp/enum4linux-ng.git", 4 | "type" : "tool", 5 | "phase" : "enumeration", 6 | "protocol" : "smb", 7 | "mode" : "active", 8 | "tags" : "" 9 | }, 10 | { 11 | "url": "https://github.com/ShawnDEvans/smbmap.git", 12 | "type" : "tool", 13 | "phase" : "enumeration", 14 | "protocol" : "smb", 15 | "mode" : "active", 16 | "tags" : "" 17 | }, 18 | { 19 | "url": "https://github.com/TheRook/subbrute.git", 20 | "type" : "tool", 21 | "phase" : "enumeration", 22 | "protocol" : "dns", 23 | "mode" : "active", 24 | "tags" : "osint" 25 | }, 26 | { 27 | "url": "https://github.com/laramies/theHarvester.git", 28 | "type" : "tool", 29 | "phase" : "enumeration", 30 | "protocol" : "", 31 | "mode" : "active", 32 | "tags" : "osint,emails,names,subdomains,ips,urls" 33 | }, 34 | { 35 | "url": "https://github.com/LandGrey/pydictor.git", 36 | "type" : "tool", 37 | "phase" : "any", 38 | "protocol" : "", 39 | "mode" : "passive", 40 | "tags" : "" 41 | }, 42 | { 43 | "url": "https://github.com/sqlmapproject/sqlmap.git", 44 | "type" : "tool", 45 | "phase" : "explotation", 46 | "protocol" : "http", 47 | "mode" : "active", 48 | "tags" : "" 49 | }, 50 | { 51 | "url": "https://github.com/laramies/theHarvester.git", 52 | "type" : "tool", 53 | "phase" : "enumeration", 54 | "protocol" : "", 55 | "mode" : "passive", 56 | "tags" : "" 57 | }, 58 | { 59 | "url": "https://github.com/bitsadmin/wesng.git", 60 | "type" : "tool", 61 | "phase" : "post-exploitation,privilege escalation", 62 | "protocol" : "", 63 | "mode" : "", 64 | "tags" : "" 65 | }, 66 | { 67 | "url": "https://github.com/rebootuser/LinEnum.git", 68 | "type" : "tool", 69 | "phase" : "post-exploitation,post-enumeration,privilege escalation", 70 | "protocol" : "", 71 | "mode" : "", 72 | "tags" : "" 73 | }, 74 | { 75 | "url": "https://github.com/rokups/virtual-reality.git", 76 | "type" : "tool", 77 | "phase" : "persistence,post-exploitation", 78 | "protocol" : "", 79 | "mode" : "", 80 | "tags" : "" 81 | }, 82 | { 83 | "url": "https://github.com/cytopia/pwncat.git", 84 | "type" : "tool", 85 | "phase" : "enumeration,post-exploitation,lateral movement", 86 | "protocol" : "", 87 | "mode" : "", 88 | "tags" : "" 89 | }, 90 | { 91 | "url": "https://github.com/PowerShellMafia/PowerSploit.git", 92 | "type" : "tool", 93 | "phase" : "post-exploitation", 94 | "protocol" : "", 95 | "mode" : "", 96 | "tags" : "" 97 | }, 98 | { 99 | 100 | "url": "https://github.com/sense-of-security/ADRecon.git", 101 | "type" : "tool", 102 | "phase" : "enumeration,post-enumeration,post-exploitation", 103 | "protocol" : "", 104 | "mode" : "", 105 | "tags" : "" 106 | }, 107 | { 108 | "url": "https://github.com/vivami/SauronEye.git", 109 | "type" : "tool", 110 | "phase" : "enumeration,post-exploitation", 111 | "protocol" : "", 112 | "mode" : "", 113 | "tags" : "" 114 | }, 115 | { 116 | "url": "https://github.com/Tuhinshubhra/CMSeeK.git", 117 | "type" : "tool", 118 | "phase" : "enumeration", 119 | "protocol" : "", 120 | "mode" : "active", 121 | "tags" : "cms,wordpress,joomla,drupal" 122 | }, 123 | { 124 | "url": "https://github.com/sensepost/reGeorg.git", 125 | "type" : "tool", 126 | "phase" : "pivoting,persistence,post-exploitation", 127 | "protocol" : "http", 128 | "mode" : "active", 129 | "tags" : "tunnel,http" 130 | }, 131 | { 132 | "url": "https://github.com/securesocketfunneling/ssf.git", 133 | "type" : "tool", 134 | "phase" : "pivoting,persistence,post-exploitation", 135 | "protocol" : "http", 136 | "mode" : "active", 137 | "tags" : "tunnel,http" 138 | }, 139 | { 140 | "url": "https://github.com/outflanknl/RedELK.git", 141 | "type" : "tool", 142 | "phase" : "post-exploitation", 143 | "protocol" : "", 144 | "mode" : "", 145 | "tags" : "" 146 | }, 147 | { 148 | "url": "https://github.com/sullo/nikto.git", 149 | "type" : "tool", 150 | "phase" : "enumeration", 151 | "protocol" : "http,https", 152 | "mode" : "active", 153 | "tags" : "" 154 | }, 155 | { 156 | "url": "https://github.com/thewhiteh4t/pwnedOrNot.git", 157 | "type" : "tool", 158 | "phase" : "enumeration", 159 | "protocol" : "", 160 | "mode" : "pasive", 161 | "tags" : "leaks,credentials,passwords,osint" 162 | }, 163 | { 164 | "url": "https://github.com/davidtavarez/pwndb.git", 165 | "type" : "tool", 166 | "phase" : "enumeration", 167 | "protocol" : "", 168 | "mode" : "", 169 | "tags" : "leaks,credentials,passwords,osint,tor" 170 | }, 171 | { 172 | "url": "https://github.com/harleo/knockknock.git", 173 | "type" : "tool", 174 | "phase" : "enumeration", 175 | "protocol" : "dns", 176 | "mode" : "pasive", 177 | "tags" : "reverse lookup,osint" 178 | }, 179 | { 180 | "url": "https://github.com/n1nj4sec/pupy.git", 181 | "type" : "tool", 182 | "phase" : "post-exploitation,persistence", 183 | "protocol" : "", 184 | "mode" : "", 185 | "tags" : "" 186 | }, 187 | { 188 | "url": "https://github.com/wpscanteam/wpscan.git", 189 | "type" : "tool", 190 | "phase" : "enumeration", 191 | "protocol" : "http", 192 | "mode" : "", 193 | "tags" : "" 194 | }, 195 | { 196 | "url": "https://github.com/pentestmonkey/unix-privesc-check.git", 197 | "type" : "tool", 198 | "phase" : "post-enumeration,privilege escalation,post-exploitation", 199 | "protocol" : "", 200 | "mode" : "", 201 | "tags" : "" 202 | }, 203 | { 204 | "url": "https://github.com/hausec/ADAPE-Script.git", 205 | "type" : "tool", 206 | "phase" : "enumeration,post-enumeration,privilege escalation,post-exploitation", 207 | "protocol" : "", 208 | "mode" : "", 209 | "tags" : "" 210 | }, 211 | { 212 | "url": "https://github.com/mostaphabahadou/postenum.git", 213 | "type" : "tool", 214 | "phase" : "enumeration,post-enumeration", 215 | "protocol" : "", 216 | "mode" : "", 217 | "tags" : "" 218 | }, 219 | { 220 | "url": "https://github.com/SpiderLabs/Responder.git", 221 | "type" : "tool", 222 | "phase" : "enumeration,post-enumeration", 223 | "protocol" : "", 224 | "mode" : "", 225 | "tags" : "" 226 | }, 227 | { 228 | "url": "https://github.com/GhostPack/Rubeus.git", 229 | "type" : "tool", 230 | "phase" : "post-exploitation,post-enumeration", 231 | "protocol" : "kerberos", 232 | "mode" : "", 233 | "tags" : "" 234 | }, 235 | { 236 | "url": "https://github.com/AlessandroZ/LaZagne.git", 237 | "type" : "tool", 238 | "phase" : "post-exploitation,post-enumeration", 239 | "protocol" : "", 240 | "mode" : "", 241 | "tags" : "" 242 | }, 243 | { 244 | "url": "https://github.com/EmpireProject/Empire.git", 245 | "type" : "tool", 246 | "phase" : "post-exploitation", 247 | "protocol" : "", 248 | "mode" : "", 249 | "tags" : "" 250 | }, 251 | { 252 | "url": "https://github.com/S3cur3Th1sSh1t/WinPwn.git", 253 | "type" : "tool", 254 | "phase" : "post-enumeration,post-exploitation", 255 | "protocol" : "", 256 | "mode" : "", 257 | "tags" : "" 258 | }, 259 | { 260 | "url": "https://github.com/SimplySecurity/SimplyEmail.git", 261 | "type" : "tool", 262 | "phase" : "enumeration", 263 | "protocol" : "", 264 | "mode" : "passive", 265 | "tags" : "" 266 | }, 267 | { 268 | "url": "https://github.com/Hackplayers/Salsa-tools.git", 269 | "type" : "tool", 270 | "phase" : "persistence", 271 | "protocol" : "", 272 | "mode" : "", 273 | "tags" : "" 274 | }, 275 | { 276 | "url": "https://github.com/Kudaes/LOLBITS.git", 277 | "type" : "tool", 278 | "phase" : "persistence,C&C", 279 | "protocol" : "", 280 | "mode" : "", 281 | "tags" : "" 282 | }, 283 | { 284 | "url": "https://github.com/sensepost/reGeorg.git", 285 | "type" : "tool", 286 | "phase" : "persistence", 287 | "protocol" : "", 288 | "mode" : "", 289 | "tags" : "" 290 | }, 291 | { 292 | "url": "https://github.com/itm4n/PrivescCheck.git", 293 | "type" : "tool", 294 | "phase" : "privilege escalation", 295 | "protocol" : "", 296 | "mode" : "", 297 | "tags" : "" 298 | }, 299 | { 300 | "url": "https://github.com/mzet-/linux-exploit-suggester.git", 301 | "type" : "tool", 302 | "phase" : "post-exploitation,privilege escalation", 303 | "protocol" : "", 304 | "mode" : "", 305 | "tags" : "" 306 | }, 307 | { 308 | "url": "https://github.com/nccgroup/GTFOBLookup.git", 309 | "type" : "tool", 310 | "phase" : "post-exploitation,privilege escalation", 311 | "protocol" : "", 312 | "mode" : "", 313 | "tags" : "" 314 | }, 315 | { 316 | "url": "https://github.com/ztgrace/changeme.git", 317 | "type" : "tool", 318 | "phase" : "enumeration", 319 | "protocol" : "http,https", 320 | "mode" : "", 321 | "tags" : "" 322 | }, 323 | { 324 | "url": "https://github.com/InfosecMatter/default-http-login-hunter.git", 325 | "type" : "tool", 326 | "phase" : "enumeration", 327 | "protocol" : "http,https", 328 | "mode" : "", 329 | "tags" : "" 330 | }, 331 | { 332 | "url": "https://github.com/FortyNorthSecurity/EyeWitness.git", 333 | "type" : "tool", 334 | "phase" : "enumeration", 335 | "protocol" : "http,https", 336 | "mode" : "", 337 | "tags" : "" 338 | }, 339 | { 340 | "url": "https://github.com/Screetsec/TheFatRat.git", 341 | "type" : "tool", 342 | "phase" : "post-exploitation,persistence,C&C", 343 | "protocol" : "", 344 | "mode" : "", 345 | "tags" : "av evasion" 346 | }, 347 | { 348 | "url": "https://github.com/paranoidninja/CarbonCopy.git", 349 | "type" : "tool", 350 | "phase" : "post-exploitation", 351 | "protocol" : "", 352 | "mode" : "", 353 | "tags" : "av evasion" 354 | }, 355 | { 356 | "url": "https://github.com/Arvanaghi/CheckPlease.git", 357 | "type" : "tool", 358 | "phase" : "post-exploitation", 359 | "protocol" : "", 360 | "mode" : "", 361 | "tags" : "sandbox evasion" 362 | }, 363 | { 364 | "url": "https://github.com/christophetd/spoofing-office-macro.git", 365 | "type" : "tool", 366 | "phase" : "exploitation,phishing,social engineering", 367 | "protocol" : "", 368 | "mode" : "", 369 | "tags" : "malware" 370 | }, 371 | { 372 | "url": "https://github.com/infosecn1nja/MaliciousMacroMSBuild.git", 373 | "type" : "tool", 374 | "phase" : "exploitation,phishing,social engineering", 375 | "protocol" : "", 376 | "mode" : "", 377 | "tags" : "malware" 378 | }, 379 | { 380 | "url": "https://github.com/outflanknl/EvilClippy.git", 381 | "type" : "tool", 382 | "phase" : "exploitation,phishing,social engineering", 383 | "protocol" : "", 384 | "mode" : "", 385 | "tags" : "" 386 | }, 387 | { 388 | "url": "https://github.com/antonioCoco/Mapping-Injection.git", 389 | "type" : "tool", 390 | "phase" : "exploitation,phishing,social engineering", 391 | "protocol" : "", 392 | "mode" : "", 393 | "tags" : "malware" 394 | }, 395 | { 396 | "url": "https://github.com/CCob/SharpBlock.git", 397 | "type" : "tool", 398 | "phase" : "exploitation,phishing,social engineering", 399 | "protocol" : "", 400 | "mode" : "", 401 | "tags" : "malware,edr bypass,dll" 402 | }, 403 | { 404 | "url": "https://github.com/bats3c/Ghost-In-The-Logs.git", 405 | "type" : "tool", 406 | "phase" : "post-exploitation", 407 | "protocol" : "", 408 | "mode" : "", 409 | "tags" : "log evasion,sysmon,windows event logging" 410 | }, 411 | { 412 | "url": "https://github.com/hasherezade/exe_to_dll.git", 413 | "type" : "tool", 414 | "phase" : "persistence", 415 | "protocol" : "", 416 | "mode" : "passive", 417 | "tags" : "malware" 418 | }, 419 | { 420 | "url": "https://github.com/sensepost/kwetza.git", 421 | "type" : "tool", 422 | "phase" : "exploitation", 423 | "protocol" : "", 424 | "mode" : "", 425 | "tags" : "android" 426 | }, 427 | { 428 | "url": "https://github.com/eldraco/domain_analyzer.git", 429 | "type" : "tool", 430 | "phase" : "enumeration", 431 | "protocol" : "http,https,dns", 432 | "mode" : "active,passive", 433 | "tags" : "" 434 | }, 435 | { 436 | "url": "https://github.com/dafthack/PowerMeta.git", 437 | "type" : "tool", 438 | "phase" : "enumeration", 439 | "protocol" : "", 440 | "mode" : "passive", 441 | "tags" : "metadata" 442 | }, 443 | { 444 | "url": "https://github.com/laramies/metagoofil.git", 445 | "type" : "tool", 446 | "phase" : "enumeration", 447 | "protocol" : "", 448 | "mode" : "passive", 449 | "tags" : "metadata" 450 | }, 451 | { 452 | "url": "https://github.com/pwnfoo/NTLMRecon.git", 453 | "type" : "tool", 454 | "phase" : "post-enumeration", 455 | "protocol" : "", 456 | "mode" : "", 457 | "tags" : "" 458 | }, 459 | { 460 | "url": "https://github.com/hatlord/snmpwn.git", 461 | "type" : "tool", 462 | "phase" : "enumeration", 463 | "protocol" : "snmp", 464 | "mode" : "", 465 | "tags" : "" 466 | }, 467 | { 468 | "url": "https://github.com/sensepost/xrdp.git", 469 | "type" : "tool", 470 | "phase" : "enumeration", 471 | "protocol" : "", 472 | "mode" : "", 473 | "tags" : "rdp,x11" 474 | }, 475 | { 476 | "url": "https://github.com/BusesCanFly/PRETty.git", 477 | "type" : "tool", 478 | "phase" : "enumeration,exploitation", 479 | "protocol" : "", 480 | "mode" : "", 481 | "tags" : "printer" 482 | }, 483 | { 484 | "url": "https://github.com/quentinhardy/msdat.git", 485 | "type" : "tool", 486 | "phase" : "enumeration,exploitation", 487 | "protocol" : "", 488 | "mode" : "", 489 | "tags" : "bd,mssql" 490 | }, 491 | { 492 | "url": "https://github.com/sensepost/SPartan.git", 493 | "type" : "tool", 494 | "phase" : "enumeration,exploitation", 495 | "protocol" : "", 496 | "mode" : "", 497 | "tags" : "sharepoint" 498 | }, 499 | { 500 | "url": "https://github.com/Kan1shka9/Finger-User-Enumeration.git", 501 | "type" : "tool", 502 | "phase" : "enumeration", 503 | "protocol" : "finger", 504 | "mode" : "active", 505 | "tags" : "finger,usernames" 506 | }, 507 | { 508 | "url": "https://github.com/sc0tfree/mentalist.git", 509 | "type" : "tool", 510 | "phase" : "enumeration", 511 | "protocol" : "", 512 | "mode" : "passive", 513 | "tags" : "wordlist,generator" 514 | }, 515 | { 516 | "url": "https://github.com/digininja/CeWL.git", 517 | "type" : "tool", 518 | "phase" : "enumeration", 519 | "protocol" : "", 520 | "mode" : "passive", 521 | "tags" : "wordlist,generator" 522 | }, 523 | { 524 | "url": "https://github.com/laconicwolf/Password-Scripts.git", 525 | "type" : "tool", 526 | "phase" : "enumeration", 527 | "protocol" : "", 528 | "mode" : "", 529 | "tags" : "passwords,wordlist,brute" 530 | }, 531 | { 532 | "url": "https://github.com/D4Vinci/One-Lin3r.git", 533 | "type" : "tool", 534 | "phase" : "", 535 | "protocol" : "", 536 | "mode" : "", 537 | "tags" : "shell,one liner," 538 | }, 539 | { 540 | "url": "https://github.com/xmendez/wfuzz.git", 541 | "type" : "tool", 542 | "phase" : "enumeration", 543 | "protocol" : "", 544 | "mode" : "", 545 | "tags" : "web application,fuzzer" 546 | }, 547 | { 548 | "url": "https://github.com/maurosoria/dirsearch.git", 549 | "type" : "tool", 550 | "phase" : "enumeration", 551 | "protocol" : "http", 552 | "mode" : "", 553 | "tags" : "web application,discover directory" 554 | }, 555 | { 556 | "url": "https://github.com/swisskyrepo/SSRFmap.git", 557 | "type" : "tool", 558 | "phase" : "enumeration,exploitation", 559 | "protocol" : "", 560 | "mode" : "", 561 | "tags" : "ssrf,web application,fuzzer" 562 | }, 563 | { 564 | "url": "https://github.com/NickstaDB/BaRMIe.git", 565 | "type" : "tool", 566 | "phase" : "enumeration,exploitation", 567 | "protocol" : "http,java-rmi", 568 | "mode" : "active", 569 | "tags" : "rmi,web application" 570 | }, 571 | { 572 | "url": "https://github.com/BishopFox/rmiscout.git", 573 | "type" : "tool", 574 | "phase" : "enumeration,exploitation", 575 | "protocol" : "http,java-rmi", 576 | "mode" : "active", 577 | "tags" : "rmi,web application" 578 | } 579 | ] --------------------------------------------------------------------------------