OSINT framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.
Faker is a Python package that generates fake data for you. Adversaries may use such tools to generate test data, for example when conducting phishing.
DD-WRT is a Linux based alternative OpenSource firmware suitable for a great variety of WLAN routers and embedded systems. The main emphasis lies on providing the easiest possible handling while at the same time supporting a great number of functionalities within the framework of the respective hardware platform used.
mitmproxy is a free and open source interactive HTTPS proxy. You can use it on the command line, through a web interface, or through a Python API.
Dependabot provides automated dependency updates. It is built into GitHub and makes keeping your dependencies up to date quick and easy.
OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. With dozens of vulnerabilities and hints to help the user; this is an easy-to-use web hacking environment designed for labs, security enthusiast, classrooms, CTF, and vulnerability assessment tool targets.
The goal of BDF is to patch executable binaries with user desired shellcode and continue normal execution of the prepatched state.
Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.
Capstone is a lightweight multi-platform, multi-architecture disassembly framework.
EvilTwinFramework is a framework for pentesters that facilitates evil twin attacks as well as exploiting other WiFi vulnerabilities.
Keystone is a lightweight multi-platform, multi-architecture assembler framework.
PiRogue tool suite (PTS) is an open-source tool suite that provides a comprehensive mobile forensic and network traffic analysis platform targeting mobile devices both Android and iOS, internet of things devices (devices that are connected to the user mobile apps), and in general any device using wi-fi to connect to the Internet.
Unicorn is a lightweight multi-platform, multi-architecture CPU emulator framework.
TShark is a command line network protocol analyzer. It lets you capture packet data from a live network, or read packets from a previously saved capture file, either printing a decoded form of those packets to the standard output or writing the packets to a file. TShark's native capture file format is pcapng format, which is also the format used by Wireshark and various other tools.
Vim is a highly configurable text editor built to make creating and changing any kind of text very efficient. It is included as "vi" with most UNIX systems and with Apple OS X. It's widespread availability on UNIX systems means that it's worth knowing how to use it. Sometimes, it is all you'll have available.
Archi is the Open Source modelling toolkit for creating ArchiMate models and sketches. Used by Enterprise Architects everywhere.
CAIRIS stands for Computer Aided Integration of Requirements and Information Security. It is an open source platform for eliciting, specifying, and validating secure and usable systems. It was built from the ground up to support all the elements necessary for usability, requirements, and risk analysis.
dig (domain information groper) is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. Other lookup tools tend to have less functionality than dig.
Frida is a dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers. Inject your own scripts into black box processes. Hook any function, spy on crypto APIs or trace private application code, no source code needed. Edit, hit save, and instantly see the results. All without compilation steps or program restarts.
jq is a lightweight and flexible command-line JSON processor.
Metasploit is the world’s most used penetration testing framework.
A free/libre toolchain for easing several low level tasks like forensics, software reverse engineering, exploiting, debugging etc.
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
Wireshark is the world’s foremost and widely-used network protocol analyzer. It lets you see what’s happening on your network at a microscopic level and is the de facto (and often de jure) standard across many commercial and non-profit enterprises, government agencies, and educational institutions.