Tool
信息收集
GitHack https://github.com/lijiejie/GitHack
抓包工具
Burpsuite
扫描工具
dirsearch https://github.com/maurosoria/dirsearch
subDomainsBrute https://github.com/lijiejie/subDomainsBrute
w9scan https://github.com/boy-hack/w9scan
F-NAScan https://github.com/ywolf/F-NAScan
HScan
nbtscan http://www.unixwiz.net/tools/nbtscan.html
网络嗅探
cain http://www.oxid.it/
Shell工具
Cknife https://github.com/Chora10/Cknife
端口转发
NATBypass https://github.com/cw1997/NATBypass
LCX
Netcat
rtcp https://github.com/knownsec/rtcp
代理工具
reGeorg(socks) https://github.com/sensepost/reGeorg
frp(reverse) https://github.com/fatedier/frp
密码工具
mimikatz https://github.com/gentilkiwi/mimikatz
wce https://www.ampliasecurity.com/research/windows-credentials-editor/\
hashcat https://hashcat.net/hashcat/
无线工具
hcxdumptool https://github.com/ZerBea/hcxdumptool
提权
CVE-2018-8120 [Win32k Elevation of Privilege Vulnerability] (Windows 7 SP1/2008 SP2,2008 R2 SP1) https://github.com/unamer/CVE-2018-8120
CVE-2018-8174 [Windows VBScript Engine Code Vulnerability] (32位 IE浏览器及使用了IE内核的应用程序) https://github.com/Yt1g3r/CVE-2018-8174_EXP
提权补丁对比工具
VPS
https://www.digitalocean.com/products/linux-distribution/ubuntu/
https://lightsail.aws.amazon.com/
环境搭建
ptf(渗透测试框架) https://github.com/trustedsec/ptf
Red Baron(基础设施搭建) https://github.com/Coalfire-Research/Red-Baron
Payload
unicorn(混淆) https://github.com/trustedsec/unicorn
APT渗透
meterpreter
cobalt strike(后期持续渗透) https://www.cobaltstrike.com
隧道
dnscat2(利用dns协议创建加密隧道) https://github.com/iagox86/dnscat2
远控工具
pupy(远程管理和后渗透利用) https://github.com/n1nj4sec/pupy