Last active
December 29, 2024 04:59
-
-
Save MShahine/c157b904d14a3032cc31084c82050607 to your computer and use it in GitHub Desktop.
List Of Tools For Hackers And Pentesters . I Turn It To Bash Script So You Need [ git ] To Download All Of them . And Then Go To Eatch Folder And See What Can You Do To MAke It Work.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Web Application Pentest | |
| clear | |
| echo "[!] Don't Run It As Root Never [!]" | |
| sleep 2 | |
| mkdir ~/Tools/Web-Application-Pentest | |
| cd ~/Tools/Web-Application-Pentest | |
| # --------------------------------- # | |
| mkdir ~/Tools/Web-Application-Pentest/Domain-Finding-Enum | |
| mkdir ~/Tools/Web-Application-Pentest/General-Recon | |
| mkdir ~/Tools/Web-Application-Pentest/Git-Specific | |
| mkdir ~/Tools/Web-Application-Pentest/Network-Attacks | |
| mkdir ~/Tools/Web-Application-Pentest/Sniffing-Evaluation-Filtering | |
| mkdir ~/Tools/Web-Application-Pentest/Exploitation-Frameworks | |
| mkdir ~/Tools/Web-Application-Pentest/Credential-Scanner | |
| mkdir ~/Tools/Web-Application-Pentest/Credential-Lookup | |
| mkdir ~/Tools/Web-Application-Pentest/Metadata-Extraction | |
| mkdir ~/Tools/Web-Application-Pentest/Scanners | |
| mkdir ~/Tools/Web-Application-Pentest/Email-Gathering | |
| mkdir ~/Tools/Web-Application-Pentest/Domain-Auth | |
| mkdir ~/Tools/Web-Application-Pentest/Social-Engeneering | |
| mkdir ~/Tools/Web-Application-Pentest/Wordlists-Generator | |
| mkdir ~/Tools/Web-Application-Pentest/Misc | |
| mkdir ~/Tools/Web-Application-Pentest/Azure-Cloud | |
| mkdir ~/Tools/Web-Application-Pentest/Anonymous-Tor | |
| mkdir ~/Tools/Web-Application-Pentest/Exploit-Search | |
| mkdir ~/Tools/Web-Application-Pentest/JMX-Exploitation | |
| mkdir ~/Tools/Web-Application-Pentest/JSON-Web-Token-Analysis | |
| mkdir ~/Tools/Web-Application-Pentest/PHP-Explois | |
| mkdir ~/Tools/Web-Application-Pentest/Bluetooth-LowEnegry | |
| mkdir ~/Tools/Web-Application-Pentest/Wireless-Radio-Exploitation | |
| mkdir ~/Tools/Web-Application-Pentest/OSCP-LIST-Tools-Help | |
| mkdir ~/Tools/Web-Application-Pentest/ASPX-WebShells | |
| mkdir ~/Tools/Web-Application-Pentest/PHP-WebShells | |
| mkdir ~/Tools/Web-Application-Pentest/JSP-WebSehlls | |
| mkdir ~/Tools/Web-Application-Pentest/Tool-List | |
| mkdir ~/Tools/Web-Application-Pentest/Framework-Discovery | |
| mkdir ~/Tools/Web-Application-Pentest/Framework-Scanner | |
| mkdir ~/Tools/Web-Application-Pentest/Web-Vulnerability-Scanner | |
| mkdir ~/Tools/Web-Application-Pentest/Network | |
| mkdir ~/Tools/Web-Application-Pentest/File-Fuzzing | |
| mkdir ~/Tools/Web-Application-Pentest/Crawlers | |
| mkdir ~/Tools/Web-Application-Pentest/Web-Exploitation | |
| # --------------------------------- # | |
| ## Domain Finding / Subdomain Enumeration | |
| cd ~/Tools/Web-Application-Pentest/Domain-Finding-Enum | |
| git clone https://github.com/aboul3la/Sublist3r | |
| git clone https://github.com/TheRook/subbrute | |
| git clone https://github.com/michenriksen/aquatone | |
| git clone https://github.com/darkoperator/dnsrecon | |
| git clone https://github.com/fwaeytens/dnsenum | |
| git clone https://github.com/s0md3v/Striker | |
| git clone https://github.com/leebaird/discover | |
| git clone https://github.com/eldraco/domain_analyzer | |
| git clone https://github.com/caffix/amass | |
| git clone https://github.com/subfinder/subfinder | |
| git clone https://github.com/TypeError/domained | |
| git clone https://github.com/SilverPoision/Rock-ON | |
| ## General Recon | |
| cd ~/Tools/Web-Application-Pentest/General-Recon | |
| git clone https://github.com/FortyNorthSecurity/EyeWitness | |
| git clone https://github.com/hakluke/theHarvester | |
| ## Git Specific | |
| cd ~/Tools/Web-Application-Pentest/Git-Specific | |
| git clone https://github.com/dxa4481/truffleHog | |
| git clone https://github.com/zricethezav/gitleaks | |
| # Network Attacks | |
| cd ~/Tools/Web-Application-Pentest/Network-Attacks | |
| git clone https://github.com/bettercap/bettercap | |
| git clone https://github.com/SpiderLabs/Responder | |
| git clone https://github.com/lgandx/Responder | |
| git clone https://github.com/evilsocket/bettercap | |
| git clone https://github.com/r00t-3xp10it/morpheus | |
| git clone https://github.com/fox-it/mitm6 | |
| git clone https://github.com/DanMcInerney/LANs.py | |
| ## Sniffing / Evaluation / Filtering | |
| cd ~/Tools/Web-Application-Pentest/Sniffing-Evaluation-Filtering | |
| git clone https://github.com/DanMcInerney/net-creds | |
| git clone https://github.com/lgandx/PCredz | |
| git clone https://github.com/Srinivas11789/PcapXray | |
| # Scanner / Exploitation-Frameworks / Automation | |
| cd ~/Tools/Web-Application-Pentest/Exploitation-Frameworks | |
| git clone https://github.com/threat9/routersploit | |
| git clone https://github.com/nccgroup/autopwn | |
| git clone https://github.com/1N3/Sn1per | |
| git clone https://github.com/byt3bl33d3r/CrackMapExec | |
| git clone https://github.com/Cn33liz/p0wnedShell | |
| git clone https://github.com/archerysec/archerysec | |
| git clone https://github.com/vulnersCom/nmap-vulners | |
| git clone https://github.com/m4ll0k/AutoNSE | |
| git clone https://github.com/v3n0m-Scanner/V3n0M-Scanner | |
| git clone https://github.com/zdresearch/OWASP-Nettacker | |
| ## Default Credential Scanner | |
| cd ~/Tools/Web-Application-Pentest/Credential-Scanner | |
| git clone https://github.com/ztgrace/changeme | |
| git clone https://github.com/FortyNorthSecurity/EyeWitness | |
| git clone https://github.com/byt3bl33d3r/WitnessMe | |
| ## Default Credential Lookup | |
| cd ~/Tools/Web-Application-Pentest/Credential-Lookup | |
| git clone https://github.com/Viralmaniar/Passhunt | |
| ## File Search / Metadata extraction | |
| cd ~/Tools/Web-Application-Pentest/Metadata-Extraction | |
| git clone https://github.com/dafthack/PowerMeta | |
| git clone https://github.com/ElevenPaths/FOCA | |
| ## Scanner | |
| cd ~/Tools/Web-Application-Pentest/Scanners | |
| git clone https://github.com/vesche/scanless | |
| git clone https://github.com/1N3/Sn1per | |
| git clone https://github.com/DanMcInerney/pentest-machine | |
| ## Email Gathering | |
| cd ~/Tools/Web-Application-Pentest/Email-Gathering | |
| git clone https://github.com/leapsecurity/InSpy | |
| git clone https://github.com/dchrastil/ScrapedIn | |
| git clone https://github.com/SimplySecurity/SimplyEmail | |
| git clone https://github.com/clr2of8/GatherContacts | |
| git clone https://github.com/s0md3v/Zen | |
| git clone https://github.com/m8r0wn/CrossLinked | |
| git clone https://github.com/m4ll0k/Infoga | |
| ## Domain Auth + Exploitation | |
| cd ~/Tools/Web-Application-Pentest/Domain-Auth | |
| git clone https://github.com/nyxgeek/o365recon | |
| git clone https://github.com/True-Demon/raindance | |
| git clone https://github.com/dafthack/MailSniper | |
| git clone https://github.com/sensepost/ruler | |
| git clone https://github.com/Greenwolf/Spray | |
| git clone https://github.com/nyxgeek/lyncsmash | |
| git clone https://github.com/byt3bl33d3r/SprayingToolkit | |
| git clone https://github.com/mdsecresearch/LyncSniper | |
| # Social Engeneering | |
| cd ~/Tools/Web-Application-Pentest/Social-Engeneering | |
| git clone https://github.com/kgretzky/evilginx | |
| git clone https://github.com/threatexpress/domainhunter | |
| git clone https://github.com/netevert/dnsmorph | |
| git clone https://github.com/elceef/dnstwist | |
| git clone https://github.com/quickbreach/SMBetray | |
| git clone https://github.com/SteveLTN/https-portal | |
| git clone https://github.com/ryhanson/phishery | |
| git clone https://github.com/Dviros/CredsLeaker | |
| git clone https://github.com/bitsadmin/fakelogonscreen | |
| # Wordlists / Wordlist generators | |
| cd ~/Tools/Web-Application-Pentest/Wordlists-Generator | |
| git clone https://github.com/danielmiessler/SecLists | |
| git clone https://github.com/berzerk0/Probable-Wordlists | |
| git clone https://github.com/govolution/betterdefaultpasslist | |
| git clone https://github.com/insidetrust/statistically-likely-usernames | |
| git clone https://github.com/LandGrey/pydictor | |
| git clone https://github.com/sc0tfree/mentalist | |
| git clone https://github.com/skahwah/wordsmith | |
| git clone https://github.com/1N3/IntruderPayloads | |
| git clone https://github.com/fuzzdb-project/fuzzdb | |
| git clone https://github.com/Bo0oM/fuzz.txt | |
| git clone https://github.com/laconicwolf/Password-Scripts | |
| # MISC | |
| cd ~/Tools/Web-Application-Pentest/Misc | |
| git clone https://github.com/pentestmonkey/gateway-finder | |
| git clone https://github.com/Cybellum/DoubleAgent | |
| git clone https://github.com/ytisf/theZoo | |
| git clone https://github.com/kbandla/APTnotes | |
| git clone https://github.com/WindowsLies/BlockWindows | |
| git clone https://github.com/secrary/InjectProc | |
| git clone https://github.com/AlsidOfficial/WSUSpendu | |
| git clone https://github.com/SigPloiter/SigPloit | |
| git clone https://github.com/virajkulkarni14/WebDeveloperSecurityChecklist | |
| git clone https://github.com/PowerShell/PowerShell | |
| git clone https://github.com/landhb/HideProcess | |
| git clone https://github.com/meliht/Mr.SIP | |
| git clone https://github.com/XiphosResearch/exploits | |
| git clone https://github.com/jas502n/CVE-2019-13272 | |
| git clone https://github.com/fox-it/cve-2019-1040-scanner | |
| git clone https://github.com/worawit/MS17-010 | |
| git clone https://github.com/DiabloHorn/yara4pentesters | |
| git clone https://github.com/D4Vinci/Cr3dOv3r | |
| git clone https://github.com/a2u/CVE-2018-7600 | |
| git clone https://github.com/joxeankoret/CVE-2017-7494 | |
| git clone https://github.com/D4Vinci/One-Lin3r | |
| git clone https://github.com/0x00-0x00/ShellPop | |
| git clone https://github.com/Acceis/crypto_identifier | |
| git clone https://github.com/sensepost/UserEnum | |
| git clone https://github.com/LOLBAS-Project/LOLBAS | |
| git clone https://github.com/peewpw/Invoke-BSOD | |
| git clone https://github.com/mtivadar/windows10_ntfs_crash_dos | |
| git clone https://github.com/deepzec/Bad-Pdf PDF | |
| git clone https://github.com/SecureAuthCorp/impacket | |
| git clone https://github.com/blacknbunny/libSSH-Authentication-Bypass | |
| git clone https://github.com/OneLogicalMyth/zeroday-powershell | |
| git clone https://github.com/smicallef/spiderfoot | |
| git clone https://github.com/ShawnDEvans/smbmap | |
| git clone https://github.com/Coalfire-Research/java-deserialization-exploits | |
| git clone https://github.com/RhinoSecurityLabs/GCPBucketBrute | |
| git clone https://github.com/khast3x/h8mail | |
| git clone https://github.com/dirkjanm/adidnsdump | |
| git clone https://github.com/gquere/pwn_jenkins | |
| git clone https://github.com/JavelinNetworks/IR-Tools | |
| git clone https://github.com/taviso/ctftool | |
| git clone https://github.com/jedisct1/dsvpn | |
| git clone https://github.com/GoSecure/dtd-finder | |
| git clone https://github.com/tyranid/DotNetToJScript | |
| git clone https://github.com/cfreal/exploits | |
| git clone https://github.com/adamdriscoll/snek | |
| git clone https://github.com/g0tmi1k/exe2hex | |
| # Azure Cloud Tools | |
| cd ~/Tools/Web-Application-Pentest/Azure-Cloud | |
| git clone https://github.com/hausec/PowerZure | |
| git clone https://github.com/NetSPI/MicroBurst | |
| # Anonymous / Tor Projects | |
| cd ~/Tools/Web-Application-Pentest/Anonymous-Tor | |
| git clone https://github.com/realgam3/pymultitor | |
| git clone https://github.com/Und3rf10w/kali-anonsurf | |
| git clone https://github.com/GouveaHeitor/nipe | |
| git clone https://github.com/cryptolok/GhostInTheNet | |
| git clone https://github.com/DanMcInerney/elite-proxy-finder | |
| # Exploit Search | |
| cd ~/Tools/Web-Application-Pentest/Exploit-Search | |
| git clone https://github.com/vulnersCom/getsploit | |
| git clone https://github.com/1N3/Findsploit | |
| # JMX Exploitation | |
| cd ~/Tools/Web-Application-Pentest/JMX-Exploitation | |
| git clone https://github.com/mogwailabs/mjet | |
| git clone https://github.com/siberas/sjet | |
| # JSON Web Token Analysis / Exploitation | |
| cd ~/Tools/Web-Application-Pentest/JSON-Web-Token-Analysis | |
| git clone https://github.com/ticarpi/jwt_tool | |
| # PHP exploits | |
| cd ~/Tools/Web-Application-Pentest/PHP-Explois | |
| git clone https://github.com/neex/phuip-fpizdam | |
| # Bluetooth / low energy | |
| cd ~/Tools/Web-Application-Pentest/Bluetooth-LowEnegry | |
| git clone https://github.com/ojasookert/CVE-2017-0785 | |
| git clone https://github.com/evilsocket/bleah | |
| git clone https://github.com/virtualabs/btlejack | |
| # Wireless / Radio Exploitation | |
| cd ~/Tools/Web-Application-Pentest/Wireless-Radio-Exploitation | |
| git clone https://github.com/mame82/LOGITacker | |
| # OSCP Lists / tools / help | |
| cd ~/Tools/Web-Application-Pentest/OSCP-LIST-Tools-Help | |
| git clone https://github.com/sailay1996/expl-bin | |
| git clone https://github.com/CyDefUnicorn/OSCP-Archives | |
| # ASPX Webshells | |
| cd ~/Tools/Web-Application-Pentest/ASPX-WebShells | |
| git clone https://github.com/antonioCoco/SharPyShell | |
| # PHP WebShells | |
| cd ~/Tools/Web-Application-Pentest/PHP-WebShells | |
| git clone https://github.com/flozz/p0wny-shell | |
| # JSP WebShells | |
| cd ~/Tools/Web-Application-Pentest/JSP-WebSehlls | |
| git clone https://github.com/SecurityRiskAdvisors/cmd.jsp | |
| # Other Tool-Lists / Cheat Sheets | |
| cd ~/Tools/Web-Application-Pentest/Tool-List | |
| git clone https://github.com/Hack-with-Github/Awesome-Hacking | |
| git clone https://github.com/enaqx/awesome-pentest | |
| git clone https://github.com/HarmJ0y/CheatSheets | |
| git clone https://github.com/vysecurity/RedTips | |
| git clone https://github.com/toolswatch/blackhat-arsenal-tools | |
| git clone https://github.com/jivoi/awesome-osint | |
| git clone https://github.com/qazbnm456/awesome-cve-poc | |
| git clone https://github.com/swisskyrepo/PayloadsAllTheThings | |
| git clone https://github.com/dsasmblr/hacking-online-games | |
| git clone https://github.com/meirwah/awesome-incident-response | |
| git clone https://github.com/carpedm20/awesome-hacking | |
| git clone https://github.com/rshipp/awesome-malware-analysis | |
| git clone https://github.com/thibmaek/awesome-raspberry-pi | |
| git clone https://github.com/vitalysim/Awesome-Hacking-Resources | |
| git clone https//github.com/mre/awesome-static-analysis | |
| git clone https://github.com/coreb1t/awesome-pentest-cheat-sheets | |
| git clone https://github.com/infosecn1nja/Red-Teaming-Toolkit | |
| git clone https://github.com/rmusser01/Infosec_Reference | |
| git clone https://github.com/trimstray/the-book-of-secret-knowledge | |
| git clone https://github.com/qazbnm456/awesome-web-security | |
| git clone https://github.com/chryzsh/awesome-windows-security | |
| git clone https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE | |
| git clone https://github.com/We5ter/Scanners-Box | |
| git clone https://github.com/smgorelik/Windows-RCE-exploits | |
| git clone https://github.com/trustedsec/physical-docs | |
| git clone https://github.com/mantvydasb/RedTeam-Tactics-and-Techniques | |
| git clone https://github.com/netbiosX/Checklists | |
| git clone https://github.com/adon90/pentest_compilation | |
| # Framework Discovery | |
| cd ~/Tools/Web-Application-Pentest/Framework-Discovery | |
| git clone https://github.com/Tuhinshubhra/CMSeeK | |
| git clone https://github.com/Dionach/CMSmap | |
| git clone https://github.com/wpscanteam/wpscan | |
| git clone https://github.com/Ekultek/WhatWaf | |
| # Framework Scanner / Exploitation | |
| cd ~/Tools/Web-Application-Pentest/Framework-Scanner | |
| git clone https://github.com/wpscanteam/wpscan | |
| git clone https://github.com/n00py/WPForce | |
| git clone https://github.com/m4ll0k/WPSeku | |
| git clone https://github.com/swisskyrepo/Wordpresscan | |
| git clone https://github.com/rastating/wordpress-exploit-framework | |
| git clone https://github.com/coldfusion39/domi-owned | |
| git clone https://github.com/droope/droopescan# - Drupal | |
| git clone https://github.com/whoot/Typo-Enumerator | |
| git clone https://github.com/rezasp/joomscan | |
| # Web Vulnerability Scanner / Burp Plugins | |
| cd ~/Tools/Web-Application-Pentest/Web-Vulnerability-Scanner | |
| git clone https://github.com/m4ll0k/WAScan | |
| git clone https://github.com/s0md3v/XSStrike | |
| git clone https://github.com/federicodotta/Java-Deserialization-Scanner | |
| git clone https://github.com/d3vilbug/HackBar | |
| git clone https://github.com/gyoisamurai/GyoiThon | |
| git clone https://github.com/snoopysecurity/awesome-burp-extensions | |
| # Network- / Service-level Vulnerability Scanner | |
| cd ~/Tools/Web-Application-Pentest/Network | |
| git clone https://github.com/scipag/vulscan | |
| git clone https://github.com/zdresearch/OWASP-Nettacker | |
| # File / Directory / Parameter discovery | |
| cd ~/Tools/Web-Application-Pentest/File-Fuzzing | |
| git clone https://github.com/OJ/gobuster | |
| git clone https://github.com/nccgroup/dirble | |
| git clone https://github.com/maK-/parameth | |
| git clone https://github.com/s0md3v/Arjun | |
| git clone https://github.com/Cillian-Collins/dirscraper | |
| git clone https://github.com/hannob/snallygaster | |
| git clone https://github.com/maurosoria/dirsearch | |
| git clone https://github.com/s0md3v/Breacher | |
| git clone https://github.com/mazen160/server-status_PWN | |
| # Crawler | |
| cd ~/Tools/Web-Application-Pentest/Crawlers | |
| git clone https://github.com/s0md3v/Photon | |
| git clone https://github.com/kgretzky/dcrawl | |
| # Web Exploitation Tools | |
| cd ~/Tools/Web-Application-Pentest/Web-Exploitation | |
| git clone https://github.com/OsandaMalith/LFiFreak | |
| git clone https://github.com/enjoiz/XXEinjector | |
| git clone https://github.com/tennc/webshell | |
| git clone https://github.com/flozz/p0wny-shell | |
| git clone https://github.com/epinna/tplmap | |
| git clone https://github.com/orf/xcat | |
| git clone https://github.com/almandin/fuxploider | |
| git clone https://github.com/nccgroup/freddy | |
| git clone https://github.com/irsdl/IIS-ShortName-Scanner | |
| git clone https://github.com/frohoff/ysoserial | |
| git clone https://github.com/pwntester/ysoserial.net | |
| git clone https://github.com/internetwache/GitTools | |
| git clone https://github.com/cujanovic/SSRF-Testing | |
| git clone https://github.com/ambionics/phpggc | |
| git clone https://github.com/BuffaloWill/oxml_xxe | |
| git clone https://github.com/tijme/angularjs-csti-scanner | |
| git clone https://github.com/0xacb/viewgen | |
| git clone https://github.com/Illuminopi/RCEvil.NET | |
| # ------------------------------- # | |
| # The End | |
| # ------------------------------- # | |
| cd ~/Tools/Web-Application-Pentest |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment