Skip to content

Instantly share code, notes, and snippets.

@MShahine
Last active December 29, 2024 04:59
Show Gist options
  • Save MShahine/c157b904d14a3032cc31084c82050607 to your computer and use it in GitHub Desktop.
Save MShahine/c157b904d14a3032cc31084c82050607 to your computer and use it in GitHub Desktop.
List Of Tools For Hackers And Pentesters . I Turn It To Bash Script So You Need [ git ] To Download All Of them . And Then Go To Eatch Folder And See What Can You Do To MAke It Work.
#!/bin/bash
# Web Application Pentest
clear
echo "[!] Don't Run It As Root Never [!]"
sleep 2
mkdir ~/Tools/Web-Application-Pentest
cd ~/Tools/Web-Application-Pentest
# --------------------------------- #
mkdir ~/Tools/Web-Application-Pentest/Domain-Finding-Enum
mkdir ~/Tools/Web-Application-Pentest/General-Recon
mkdir ~/Tools/Web-Application-Pentest/Git-Specific
mkdir ~/Tools/Web-Application-Pentest/Network-Attacks
mkdir ~/Tools/Web-Application-Pentest/Sniffing-Evaluation-Filtering
mkdir ~/Tools/Web-Application-Pentest/Exploitation-Frameworks
mkdir ~/Tools/Web-Application-Pentest/Credential-Scanner
mkdir ~/Tools/Web-Application-Pentest/Credential-Lookup
mkdir ~/Tools/Web-Application-Pentest/Metadata-Extraction
mkdir ~/Tools/Web-Application-Pentest/Scanners
mkdir ~/Tools/Web-Application-Pentest/Email-Gathering
mkdir ~/Tools/Web-Application-Pentest/Domain-Auth
mkdir ~/Tools/Web-Application-Pentest/Social-Engeneering
mkdir ~/Tools/Web-Application-Pentest/Wordlists-Generator
mkdir ~/Tools/Web-Application-Pentest/Misc
mkdir ~/Tools/Web-Application-Pentest/Azure-Cloud
mkdir ~/Tools/Web-Application-Pentest/Anonymous-Tor
mkdir ~/Tools/Web-Application-Pentest/Exploit-Search
mkdir ~/Tools/Web-Application-Pentest/JMX-Exploitation
mkdir ~/Tools/Web-Application-Pentest/JSON-Web-Token-Analysis
mkdir ~/Tools/Web-Application-Pentest/PHP-Explois
mkdir ~/Tools/Web-Application-Pentest/Bluetooth-LowEnegry
mkdir ~/Tools/Web-Application-Pentest/Wireless-Radio-Exploitation
mkdir ~/Tools/Web-Application-Pentest/OSCP-LIST-Tools-Help
mkdir ~/Tools/Web-Application-Pentest/ASPX-WebShells
mkdir ~/Tools/Web-Application-Pentest/PHP-WebShells
mkdir ~/Tools/Web-Application-Pentest/JSP-WebSehlls
mkdir ~/Tools/Web-Application-Pentest/Tool-List
mkdir ~/Tools/Web-Application-Pentest/Framework-Discovery
mkdir ~/Tools/Web-Application-Pentest/Framework-Scanner
mkdir ~/Tools/Web-Application-Pentest/Web-Vulnerability-Scanner
mkdir ~/Tools/Web-Application-Pentest/Network
mkdir ~/Tools/Web-Application-Pentest/File-Fuzzing
mkdir ~/Tools/Web-Application-Pentest/Crawlers
mkdir ~/Tools/Web-Application-Pentest/Web-Exploitation
# --------------------------------- #
## Domain Finding / Subdomain Enumeration
cd ~/Tools/Web-Application-Pentest/Domain-Finding-Enum
git clone https://github.com/aboul3la/Sublist3r
git clone https://github.com/TheRook/subbrute
git clone https://github.com/michenriksen/aquatone
git clone https://github.com/darkoperator/dnsrecon
git clone https://github.com/fwaeytens/dnsenum
git clone https://github.com/s0md3v/Striker
git clone https://github.com/leebaird/discover
git clone https://github.com/eldraco/domain_analyzer
git clone https://github.com/caffix/amass
git clone https://github.com/subfinder/subfinder
git clone https://github.com/TypeError/domained
git clone https://github.com/SilverPoision/Rock-ON
## General Recon
cd ~/Tools/Web-Application-Pentest/General-Recon
git clone https://github.com/FortyNorthSecurity/EyeWitness
git clone https://github.com/hakluke/theHarvester
## Git Specific
cd ~/Tools/Web-Application-Pentest/Git-Specific
git clone https://github.com/dxa4481/truffleHog
git clone https://github.com/zricethezav/gitleaks
# Network Attacks
cd ~/Tools/Web-Application-Pentest/Network-Attacks
git clone https://github.com/bettercap/bettercap
git clone https://github.com/SpiderLabs/Responder
git clone https://github.com/lgandx/Responder
git clone https://github.com/evilsocket/bettercap
git clone https://github.com/r00t-3xp10it/morpheus
git clone https://github.com/fox-it/mitm6
git clone https://github.com/DanMcInerney/LANs.py
## Sniffing / Evaluation / Filtering
cd ~/Tools/Web-Application-Pentest/Sniffing-Evaluation-Filtering
git clone https://github.com/DanMcInerney/net-creds
git clone https://github.com/lgandx/PCredz
git clone https://github.com/Srinivas11789/PcapXray
# Scanner / Exploitation-Frameworks / Automation
cd ~/Tools/Web-Application-Pentest/Exploitation-Frameworks
git clone https://github.com/threat9/routersploit
git clone https://github.com/nccgroup/autopwn
git clone https://github.com/1N3/Sn1per
git clone https://github.com/byt3bl33d3r/CrackMapExec
git clone https://github.com/Cn33liz/p0wnedShell
git clone https://github.com/archerysec/archerysec
git clone https://github.com/vulnersCom/nmap-vulners
git clone https://github.com/m4ll0k/AutoNSE
git clone https://github.com/v3n0m-Scanner/V3n0M-Scanner
git clone https://github.com/zdresearch/OWASP-Nettacker
## Default Credential Scanner
cd ~/Tools/Web-Application-Pentest/Credential-Scanner
git clone https://github.com/ztgrace/changeme
git clone https://github.com/FortyNorthSecurity/EyeWitness
git clone https://github.com/byt3bl33d3r/WitnessMe
## Default Credential Lookup
cd ~/Tools/Web-Application-Pentest/Credential-Lookup
git clone https://github.com/Viralmaniar/Passhunt
## File Search / Metadata extraction
cd ~/Tools/Web-Application-Pentest/Metadata-Extraction
git clone https://github.com/dafthack/PowerMeta
git clone https://github.com/ElevenPaths/FOCA
## Scanner
cd ~/Tools/Web-Application-Pentest/Scanners
git clone https://github.com/vesche/scanless
git clone https://github.com/1N3/Sn1per
git clone https://github.com/DanMcInerney/pentest-machine
## Email Gathering
cd ~/Tools/Web-Application-Pentest/Email-Gathering
git clone https://github.com/leapsecurity/InSpy
git clone https://github.com/dchrastil/ScrapedIn
git clone https://github.com/SimplySecurity/SimplyEmail
git clone https://github.com/clr2of8/GatherContacts
git clone https://github.com/s0md3v/Zen
git clone https://github.com/m8r0wn/CrossLinked
git clone https://github.com/m4ll0k/Infoga
## Domain Auth + Exploitation
cd ~/Tools/Web-Application-Pentest/Domain-Auth
git clone https://github.com/nyxgeek/o365recon
git clone https://github.com/True-Demon/raindance
git clone https://github.com/dafthack/MailSniper
git clone https://github.com/sensepost/ruler
git clone https://github.com/Greenwolf/Spray
git clone https://github.com/nyxgeek/lyncsmash
git clone https://github.com/byt3bl33d3r/SprayingToolkit
git clone https://github.com/mdsecresearch/LyncSniper
# Social Engeneering
cd ~/Tools/Web-Application-Pentest/Social-Engeneering
git clone https://github.com/kgretzky/evilginx
git clone https://github.com/threatexpress/domainhunter
git clone https://github.com/netevert/dnsmorph
git clone https://github.com/elceef/dnstwist
git clone https://github.com/quickbreach/SMBetray
git clone https://github.com/SteveLTN/https-portal
git clone https://github.com/ryhanson/phishery
git clone https://github.com/Dviros/CredsLeaker
git clone https://github.com/bitsadmin/fakelogonscreen
# Wordlists / Wordlist generators
cd ~/Tools/Web-Application-Pentest/Wordlists-Generator
git clone https://github.com/danielmiessler/SecLists
git clone https://github.com/berzerk0/Probable-Wordlists
git clone https://github.com/govolution/betterdefaultpasslist
git clone https://github.com/insidetrust/statistically-likely-usernames
git clone https://github.com/LandGrey/pydictor
git clone https://github.com/sc0tfree/mentalist
git clone https://github.com/skahwah/wordsmith
git clone https://github.com/1N3/IntruderPayloads
git clone https://github.com/fuzzdb-project/fuzzdb
git clone https://github.com/Bo0oM/fuzz.txt
git clone https://github.com/laconicwolf/Password-Scripts
# MISC
cd ~/Tools/Web-Application-Pentest/Misc
git clone https://github.com/pentestmonkey/gateway-finder
git clone https://github.com/Cybellum/DoubleAgent
git clone https://github.com/ytisf/theZoo
git clone https://github.com/kbandla/APTnotes
git clone https://github.com/WindowsLies/BlockWindows
git clone https://github.com/secrary/InjectProc
git clone https://github.com/AlsidOfficial/WSUSpendu
git clone https://github.com/SigPloiter/SigPloit
git clone https://github.com/virajkulkarni14/WebDeveloperSecurityChecklist
git clone https://github.com/PowerShell/PowerShell
git clone https://github.com/landhb/HideProcess
git clone https://github.com/meliht/Mr.SIP
git clone https://github.com/XiphosResearch/exploits
git clone https://github.com/jas502n/CVE-2019-13272
git clone https://github.com/fox-it/cve-2019-1040-scanner
git clone https://github.com/worawit/MS17-010
git clone https://github.com/DiabloHorn/yara4pentesters
git clone https://github.com/D4Vinci/Cr3dOv3r
git clone https://github.com/a2u/CVE-2018-7600
git clone https://github.com/joxeankoret/CVE-2017-7494
git clone https://github.com/D4Vinci/One-Lin3r
git clone https://github.com/0x00-0x00/ShellPop
git clone https://github.com/Acceis/crypto_identifier
git clone https://github.com/sensepost/UserEnum
git clone https://github.com/LOLBAS-Project/LOLBAS
git clone https://github.com/peewpw/Invoke-BSOD
git clone https://github.com/mtivadar/windows10_ntfs_crash_dos
git clone https://github.com/deepzec/Bad-Pdf PDF
git clone https://github.com/SecureAuthCorp/impacket
git clone https://github.com/blacknbunny/libSSH-Authentication-Bypass
git clone https://github.com/OneLogicalMyth/zeroday-powershell
git clone https://github.com/smicallef/spiderfoot
git clone https://github.com/ShawnDEvans/smbmap
git clone https://github.com/Coalfire-Research/java-deserialization-exploits
git clone https://github.com/RhinoSecurityLabs/GCPBucketBrute
git clone https://github.com/khast3x/h8mail
git clone https://github.com/dirkjanm/adidnsdump
git clone https://github.com/gquere/pwn_jenkins
git clone https://github.com/JavelinNetworks/IR-Tools
git clone https://github.com/taviso/ctftool
git clone https://github.com/jedisct1/dsvpn
git clone https://github.com/GoSecure/dtd-finder
git clone https://github.com/tyranid/DotNetToJScript
git clone https://github.com/cfreal/exploits
git clone https://github.com/adamdriscoll/snek
git clone https://github.com/g0tmi1k/exe2hex
# Azure Cloud Tools
cd ~/Tools/Web-Application-Pentest/Azure-Cloud
git clone https://github.com/hausec/PowerZure
git clone https://github.com/NetSPI/MicroBurst
# Anonymous / Tor Projects
cd ~/Tools/Web-Application-Pentest/Anonymous-Tor
git clone https://github.com/realgam3/pymultitor
git clone https://github.com/Und3rf10w/kali-anonsurf
git clone https://github.com/GouveaHeitor/nipe
git clone https://github.com/cryptolok/GhostInTheNet
git clone https://github.com/DanMcInerney/elite-proxy-finder
# Exploit Search
cd ~/Tools/Web-Application-Pentest/Exploit-Search
git clone https://github.com/vulnersCom/getsploit
git clone https://github.com/1N3/Findsploit
# JMX Exploitation
cd ~/Tools/Web-Application-Pentest/JMX-Exploitation
git clone https://github.com/mogwailabs/mjet
git clone https://github.com/siberas/sjet
# JSON Web Token Analysis / Exploitation
cd ~/Tools/Web-Application-Pentest/JSON-Web-Token-Analysis
git clone https://github.com/ticarpi/jwt_tool
# PHP exploits
cd ~/Tools/Web-Application-Pentest/PHP-Explois
git clone https://github.com/neex/phuip-fpizdam
# Bluetooth / low energy
cd ~/Tools/Web-Application-Pentest/Bluetooth-LowEnegry
git clone https://github.com/ojasookert/CVE-2017-0785
git clone https://github.com/evilsocket/bleah
git clone https://github.com/virtualabs/btlejack
# Wireless / Radio Exploitation
cd ~/Tools/Web-Application-Pentest/Wireless-Radio-Exploitation
git clone https://github.com/mame82/LOGITacker
# OSCP Lists / tools / help
cd ~/Tools/Web-Application-Pentest/OSCP-LIST-Tools-Help
git clone https://github.com/sailay1996/expl-bin
git clone https://github.com/CyDefUnicorn/OSCP-Archives
# ASPX Webshells
cd ~/Tools/Web-Application-Pentest/ASPX-WebShells
git clone https://github.com/antonioCoco/SharPyShell
# PHP WebShells
cd ~/Tools/Web-Application-Pentest/PHP-WebShells
git clone https://github.com/flozz/p0wny-shell
# JSP WebShells
cd ~/Tools/Web-Application-Pentest/JSP-WebSehlls
git clone https://github.com/SecurityRiskAdvisors/cmd.jsp
# Other Tool-Lists / Cheat Sheets
cd ~/Tools/Web-Application-Pentest/Tool-List
git clone https://github.com/Hack-with-Github/Awesome-Hacking
git clone https://github.com/enaqx/awesome-pentest
git clone https://github.com/HarmJ0y/CheatSheets
git clone https://github.com/vysecurity/RedTips
git clone https://github.com/toolswatch/blackhat-arsenal-tools
git clone https://github.com/jivoi/awesome-osint
git clone https://github.com/qazbnm456/awesome-cve-poc
git clone https://github.com/swisskyrepo/PayloadsAllTheThings
git clone https://github.com/dsasmblr/hacking-online-games
git clone https://github.com/meirwah/awesome-incident-response
git clone https://github.com/carpedm20/awesome-hacking
git clone https://github.com/rshipp/awesome-malware-analysis
git clone https://github.com/thibmaek/awesome-raspberry-pi
git clone https://github.com/vitalysim/Awesome-Hacking-Resources
git clone https//github.com/mre/awesome-static-analysis
git clone https://github.com/coreb1t/awesome-pentest-cheat-sheets
git clone https://github.com/infosecn1nja/Red-Teaming-Toolkit
git clone https://github.com/rmusser01/Infosec_Reference
git clone https://github.com/trimstray/the-book-of-secret-knowledge
git clone https://github.com/qazbnm456/awesome-web-security
git clone https://github.com/chryzsh/awesome-windows-security
git clone https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE
git clone https://github.com/We5ter/Scanners-Box
git clone https://github.com/smgorelik/Windows-RCE-exploits
git clone https://github.com/trustedsec/physical-docs
git clone https://github.com/mantvydasb/RedTeam-Tactics-and-Techniques
git clone https://github.com/netbiosX/Checklists
git clone https://github.com/adon90/pentest_compilation
# Framework Discovery
cd ~/Tools/Web-Application-Pentest/Framework-Discovery
git clone https://github.com/Tuhinshubhra/CMSeeK
git clone https://github.com/Dionach/CMSmap
git clone https://github.com/wpscanteam/wpscan
git clone https://github.com/Ekultek/WhatWaf
# Framework Scanner / Exploitation
cd ~/Tools/Web-Application-Pentest/Framework-Scanner
git clone https://github.com/wpscanteam/wpscan
git clone https://github.com/n00py/WPForce
git clone https://github.com/m4ll0k/WPSeku
git clone https://github.com/swisskyrepo/Wordpresscan
git clone https://github.com/rastating/wordpress-exploit-framework
git clone https://github.com/coldfusion39/domi-owned
git clone https://github.com/droope/droopescan# - Drupal
git clone https://github.com/whoot/Typo-Enumerator
git clone https://github.com/rezasp/joomscan
# Web Vulnerability Scanner / Burp Plugins
cd ~/Tools/Web-Application-Pentest/Web-Vulnerability-Scanner
git clone https://github.com/m4ll0k/WAScan
git clone https://github.com/s0md3v/XSStrike
git clone https://github.com/federicodotta/Java-Deserialization-Scanner
git clone https://github.com/d3vilbug/HackBar
git clone https://github.com/gyoisamurai/GyoiThon
git clone https://github.com/snoopysecurity/awesome-burp-extensions
# Network- / Service-level Vulnerability Scanner
cd ~/Tools/Web-Application-Pentest/Network
git clone https://github.com/scipag/vulscan
git clone https://github.com/zdresearch/OWASP-Nettacker
# File / Directory / Parameter discovery
cd ~/Tools/Web-Application-Pentest/File-Fuzzing
git clone https://github.com/OJ/gobuster
git clone https://github.com/nccgroup/dirble
git clone https://github.com/maK-/parameth
git clone https://github.com/s0md3v/Arjun
git clone https://github.com/Cillian-Collins/dirscraper
git clone https://github.com/hannob/snallygaster
git clone https://github.com/maurosoria/dirsearch
git clone https://github.com/s0md3v/Breacher
git clone https://github.com/mazen160/server-status_PWN
# Crawler
cd ~/Tools/Web-Application-Pentest/Crawlers
git clone https://github.com/s0md3v/Photon
git clone https://github.com/kgretzky/dcrawl
# Web Exploitation Tools
cd ~/Tools/Web-Application-Pentest/Web-Exploitation
git clone https://github.com/OsandaMalith/LFiFreak
git clone https://github.com/enjoiz/XXEinjector
git clone https://github.com/tennc/webshell
git clone https://github.com/flozz/p0wny-shell
git clone https://github.com/epinna/tplmap
git clone https://github.com/orf/xcat
git clone https://github.com/almandin/fuxploider
git clone https://github.com/nccgroup/freddy
git clone https://github.com/irsdl/IIS-ShortName-Scanner
git clone https://github.com/frohoff/ysoserial
git clone https://github.com/pwntester/ysoserial.net
git clone https://github.com/internetwache/GitTools
git clone https://github.com/cujanovic/SSRF-Testing
git clone https://github.com/ambionics/phpggc
git clone https://github.com/BuffaloWill/oxml_xxe
git clone https://github.com/tijme/angularjs-csti-scanner
git clone https://github.com/0xacb/viewgen
git clone https://github.com/Illuminopi/RCEvil.NET
# ------------------------------- #
# The End
# ------------------------------- #
cd ~/Tools/Web-Application-Pentest
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment