Pode haver alguns links quebrados, então, por favor, me perdoe. Updated: 2024.8.

14
https://t.me/pugno_yt
Category Tool / Site Comments URL Category Options
Misc. Waybackpack Download the entire Wayback https://github.com/jsvine/waybackpack Attack
Machine archive for a given URL
Fuzzing Peach Fuzz Vulnerability Scanning Framework https://github.com/Caleb1994/peach Defense
Management NetBox IP Address Management (IPAM) and https://github.com/digitalocean/netbox Incident Response
Data Center Infrastructure
Management (DCIM) Tool
Reverse dynStruct Reverse engineering tool for structure https://github.com/ampotos/dynStruct Information Gathering
Engineering recovering and memory usage
analysis
Reverse Androguard Reverse engineering, Malware and https://github.com/androguard/androguard IoT
Engineering goodware analysis of Android
applications
Monitoring Moloch large scale full PCAP capturing, https://github.com/aol/moloch Monitoring
indexing and database system
Misc. mimikittenz A post-exploitation powershell tool https://github.com/putterpanda/mimikittenz Management
for extracting juicy info from memory

Fuzzing winafl A fork of AFL for fuzzing Windows https://github.com/ivanfratric/winafl Reverse Engineering
binaries
Information bearded-avenger CIF v3 -- the fastest way to consume https://github.com/csirtgadgets/bearded-avenger Scanner
Gathering threat intelligence
http://csirtgadgets.org/bearded-
avenger
Misc. T50 The Fastest Packet Injector https://github.com/fredericopissarra/t50 OS
Misc. pysymemu An intel 64 symbolic emulator https://github.com/feliam/pysymemu Misc.
Incident nightHawkResponse Incident Response Forensic https://github.com/biggiesmallsAG/nightHawkRe Unknown
Response Framework sponse
Misc. WhoDat Pivotable Reverse WhoIs / PDNS https://github.com/MITRECND/WhoDat Fuzzing
Fusion with Registrant Tracking &
Alerting plus API for automated
queries (JSON/CSV/TXT)
Attack apt2 automated penetration toolkit https://github.com/MooseDojo/apt2 HoneyPot
Incident AFOT AUTOMATION FORENSICS TOOL https://github.com/harris21/afot Malware
Response FOR WINDOWS
Defense ClamAV AntiVirus https://www.clamav.net/ Phishing
Attack TLS-Attacker Java-based framework for analyzing https://github.com/RUB-NDS/TLS-Attacker Database
TLS libraries. It is developed by the
Ruhr University Bochum
(http://nds.rub.de/) and the
Hackmanit GmbH
(http://hackmanit.de/).
Misc. winfsp Windows File System Proxy - FUSE https://github.com/billziss-gh/winfsp Debug
for Windows
Misc. Snapper A security tool for grabbing https://github.com/dxa4481/Snapper OSINT
screenshots of many web hosts
Misc. OpenTrafficShaper traffic shaping package for Linux https://wiki.opentrafficshaper.org/ Threat Hunting
Information OnionScan investigating the Dark Web https://github.com/s-rah/onionscan Patch
Gathering
OS LionSec Penetration Testing Operating http://lionsec-linux.org/ Vulnerability
system based on Ubuntu
Defense Procfilter A YARA-integrated process denial https://github.com/godaddy/procfilter IoC
framework for Windows
Scanner HellRaiser Vulnerability Scanner https://github.com/m0nad/HellRaiser Archive
Attack QRLJacking Bypass Any QR Login System https://github.com/OWASP/QRLJacking AI
Scanner SSH-AUDIT SSH SERVER AUDITING https://github.com/arthepsy/ssh-audit
Misc. myLG Network Diagnostic Tool http://mylg.io/
Defense flare-fakenet-ng Next Generation Dynamic Network https://github.com/fireeye/flare-fakenet-ng
Analysis Tool
Incident volatility An advanced memory forensics https://github.com/volatilityfoundation/volatility/
Response framework
http://volatilityfoundation.org/
Misc. pDNS2 Passive DNS V2 https://github.com/bez0r/pDNS2
Scanner A2SV Auto Scanning to SSL Vulnerability https://github.com/hahwul/a2sv
Misc. wifi-password 接続中のWiFiパスワードを表示するNo https://github.com/kevva/wifi-password
de.jsライブラリ
Reverse Panopticon A Libre Cross-Platform Disassembler https://panopticon.re/
Engineering
Scanner Raptor Web-based Source Code https://github.com/dpnishant/raptor
Vulnerability Scanner
Reverse Manalyze A static analyzer for PE executables. https://github.com/JusticeRage/Manalyze
Engineering
Attack WiFi-Pumpkin Framework for Rogue Wi-Fi Access https://github.com/P0cL4bs/WiFi-Pumpkin
Point Attack
HoneyPot sshhipot High-interaction MitM SSH honeypot https://github.com/magisterquis/sshhipo

Attack DyMerge Dynamic Dictionary Merger https://github.com/k4m4/dymerge

Scanner LazyMap Automate NMAP Scans and Generate https://github.com/commonexploits/port-scan-
Custom Nessus Policies Automatically automation

Reverse CodeWarrior Just Another Manual Code Analysis https://github.com/CoolerVoid/codewarrior/

Engineering Tool And Static Analysis Tool
Attack GOOGLE_EXPLORER Mass exploitation tool in python https://github.com/anarcoder/google_explorer
Defense FullEventLogView displays in a table the details of all http://www.nirsoft.net/utils/full_event_log_view.h
events from the event logs of tml
Windows
Incident ir-rescue A Windows Batch script to https://github.com/diogo-fernan/ir-rescue
Response comprehensively collect host forensic
data during incident response.
Scanner vuls Vulnerability scanner for https://github.com/future-architect/vuls/
Linux/FreeBSD, agentless, written in
Go https://vuls.io/
Scanner WAS Automatic USB Drive Malware https://github.com/FabioBaroni/WAS
Scanning Tool For The Security-
Minded Person
Incident LiME Linux Memory Extractor https://github.com/504ensicsLabs/LiME
Response
Defense etrace Command-line tool for ETW tracing https://github.com/goldshtn/etrace
on files and real-time events
Scanner NetRipper Smart traffic sniffing for penetration https://github.com/NytroRST/NetRipper
testers
Scanner SSH-Weak-DH SSH Weak Diffie-Hellman Group https://www.kitploit.com/2016/09/ssh-weak-dh-
Identification Tool ssh-weak-diffie-hellman.html
Malware SSMA Simple Static Malware Analyzer https://github.com/secrary/SSMA
Scanner Droid-Hunter Android Application Vulnerability https://github.com/hahwul/droid-hunter
Analysis And Android Pentest Tool
Misc. MFT2CSV Extract $MFT record info and log it to https://github.com/jschicht/Mft2Csv
a csv file.
Misc. analyzeMFT MFT Analysis https://github.com/dkovar/analyzeMFT
Reverse rgat An instruction trace visualisation tool https://github.com/ncatlin/rgat
Engineering for dynamic program analysis
Attack Dracnmap Exploit Network and Gathering https://github.com/screetsec/Dracnmap
Information with Nmap
Phishing King Phisher Phishing Campaign Toolkit https://github.com/securestate/king-phisher
Information datasploit A tool to perform various OSINT https://github.com/upgoingstar/datasploit
Gathering techniques
Incident VolatilityBot An automated memory analyzer for https://github.com/mkorman90/VolatilityBot
Response malware samples and memory dumps

IoT GATTacker BLE (Bluetooth Low Energy) Man-in- https://github.com/securing/gattacker

the-Middle
Scanner OpenDoor OWASP Directory Access Scanner https://github.com/stanislav-web/OpenDoor
Incident RecuperaBit A Tool For Forensic File System https://github.com/Lazza/RecuperaBit
Response Reconstruction
Misc. geoip-attack-map Cyber Security GeoIP Attack Map http://www.kitploit.com/2016/11/geoip-attack-
Visualization map-cyber-security-geoip.html
Incident VolUtility Web App for Volatility framework https://github.com/kevthehermit/VolUtility
Response
Attack WinMACSpoofer Windows Tool For Spoofing The Mac https://github.com/reevesrs24/WinMACSpoofer
Address
Attack brut3k1t Server-side Brute-force Module (ssh, https://github.com/ex0dus-0x/brut3k1t
ftp, smtp, facebook, and more)
Information AIL framework Analysis Information Leak framework https://github.com/CIRCL/AIL-framework
Gathering
Information pystemon Monitoring tool for PasteBin-alike https://github.com/cvandeplas/pystemon/
Gathering sites written in Python. Inspired by
pastemon
http://github.com/xme/pastemon
Scanner idb iOS App Security Assessment Tool https://www.kitploit.com/2016/12/idb-ios-app-
security-assessment-tool.html
Information MISP Threat Intelligence Platform http://www.misp-project.org/
Gathering
Misc. gem GUI for Data Modeling with https://github.com/appbaseio/gem
Elasticsearch
https://opensource.appbase.io/gem
Malware Cosa Nostra A FOSS Graph Based Malware https://github.com/joxeankoret/cosa-nostra
Clusterization Toolkit
Reverse EhTrace ATrace is a tool for tracing execution https://github.com/K2/EhTrace
Engineering of binaries on Windows.
Defense snorby Ruby On Rails Application For https://github.com/Snorby/snorby
Network Security Monitoring
OS Security Onion Linux distro for IDS, NSM, and Log https://github.com/Security-Onion-
Management Solutions/security-onion
https://securityonion.net
Attack WiFiPhisher The Rogue Access Point Framework https://github.com/wifiphisher/wifiphisher
https://wifiphisher.org
Attack Wifi-Dumper dump the wifi profiles and cleartext https://github.com/Viralmaniar/Wifi-Dumper
passwords of the connected access
points on the Windows machine.
Attack Wycheproof Project Wycheproof tests crypto https://github.com/google/wycheproof
libraries against known attacks.
Incident TheHive a Scalable, Open Source and Free https://github.com/TheHive-Project/TheHive
Response Security Incident Response Platform
https://thehive-project.org/

Incident Cortex Analyzers POWERFUL OBSERVABLE https://github.com/TheHive-Project/Cortex-

Response ANALYSIS ENGINE Analyzers
Information CVE-SEARCH a tool to perform local searches for https://github.com/cve-search/cve-search
Gathering known vulnerabilities

https://kalilinuxtutorials.com/cve-
search-tool-vulnerabilities/
Malware Maltelligence Malware Threat Analyst Desktop https://n0where.net/malware-threat-analyst-
maltelligence/
Malware malice VirusTotal Wanna Be - Now with https://github.com/maliceio/malice
100% more Hipster https://malice.io
Attack PowerMemory Exploit the credentials present in files https://github.com/giMini/PowerMemory
and memory
Defense YARA GUI for Windows YARA GUI http://sigint9.github.io/yaragui/
Attack ipv6tools IPv6 Validation Toolkit https://github.com/apg-intel/ipv6tools
IoT waveconverter An Open Source tool for RF reverse https://github.com/paulgclark/waveconverter
engineering.
Information tinfoleak The most complete open-source tool http://www.vicenteaguileradiaz.com/tools/
Gathering for Twitter intelligence analysis
Scanner lunar A UNIX security auditing tool based https://github.com/lateralblast/lunar
on several security frameworks
Phishing FiercePhish A Full-Fledged Phishing Framework https://github.com/Raikia/FiercePhish
To Manage All Phishing Engagements

Defense skydive Open Source Real Time Network https://github.com/skydive-project/skydive

Analyzer
Information fileintel A modular Python application to pull https://github.com/keithjjones/fileintel
Gathering intelligence about malicious files

Scanner linux-exploit-suggester Linux privilege escalation auditing tool https://github.com/mzet-/linux-exploit-suggester

Reverse bokken Bokken is a GUI for radare2. Don't https://github.com/thestr4ng3r/bokken

Engineering use this, use
https://github.com/radareorg/cutter.

Scanner vsaudit VOIP Security Audit Framework https://github.com/eurialo/vsaudit

Incident IOS-TRIAGE INCIDENT RESPONSE TOOL FOR https://github.com/ahoog42/ios-triage
Response IOS DEVICES.
Scanner wafpass WAF Security Benchmark https://github.com/wafpassproject/wafpass
Reverse ELF Parser Cross Platform ELF Analysis https://github.com/jacob-baines/elfparser
Engineering
Scanner Malboxes Builds malware analysis Windows https://github.com/GoSecure/malboxes
VMs
Phishing Mercure Python open-source phishing https://github.com/synhack/mercure/
framework
Scanner phpstan PHP Static Analysis Tool - discover https://github.com/phpstan/phpstan
bugs in your code without running it!

Attack Hashview A web front-end for #password https://github.com/hashview/hashview

#cracking and analytics
Reverse Halcyon First IDE for Nmap Script (NSE) https://github.com/s4n7h0/Halcyon
Engineering Development. https://halcyon-
ide.org/
Defense Hardentools a utility that disables a number of https://github.com/securitywithoutborders/harde
risky Windows features ntools
IoT crackle Crack Bluetooth Smart (BLE) https://github.com/mikeryan/crackle
Encryption
IoT OverThruster HID Attack Payload Generator For https://github.com/RedLectroid/OverThruster
Arduinos
Information INFOGA GATHERING EMAIL INFORMATION https://github.com/m4ll0k/infoga
Gathering TOOL.
Scanner inspeckage Android Package Inspector - dynamic http://ac-pm.github.io/Inspeckage/
analysis with api hooks, start
unexported activities and more
Misc. shootback a reverse TCP tunnel let you access https://github.com/aploium/shootback
target behind NAT or firewall
Defense ossec-hids OSSEC is an Open Source Host- https://github.com/ossec/ossec-hids
based Intrusion Detection System
that performs log analysis, file
integrity checking, policy monitoring,
rootkit detection, real-time alerting
and active response.
http://ossec.github.io
Malware malcontrol Malware Control Monitor Project https://github.com/marcoramilli/malcontrol
Scanner dockerscan Docker security analysis tools https://github.com/cr0hn/dockerscan
Information passivedns A network sniffer that logs all DNS https://github.com/gamelinux/passivedns
Gathering server replies for use in a passive
DNS setup http://gamelinux.org/
Reverse gdbgui A browser-based frontend/gui for https://github.com/cs01/gdbgui/
Engineering GDB
Malware FalconGate A smart gateway to stop hackers and https://github.com/A3sal0n/FalconGate
Malware attacks
Scanner metasploit-framework Penetration Test Tool https://github.com/rapid7/metasploit-framework

Malware cuckoo Cuckoo Sandbox https://cuckoosandbox.org/

Malware docker-cuckoo Cuckoo Sandbox Dockerfile https://github.com/blacktop/docker-cuckoo
HoneyPot mhn Multi-snort and honeypot sensor https://github.com/threatstream/mhn
management (Modern Honey
Network)
Information Yeti Open Distributed Threat Intelligence https://github.com/yeti-platform/yeti
Gathering
Information multiscanner Modular file scanning/analysis https://github.com/mitre/multiscanner
Gathering framework
http://multiscanner.readthedocs.io/
Defense shARP anti-ARP-spoofing application https://github.com/europa502/shARP
software and uses active scanning
method to detect any ARP-spoofing
incidents
Malware DAMM Differential Analysis of Malware in https://github.com/504ensicsLabs/DAMM
Memory
Defense LOGalyze Log Analysis Tool http://www.logalyze.com/
Defense SIEMonster SIEM https://siemonster.com/
Information TweetMonitor Keep an eye on specific keywords https://github.com/upgoingstar/TweetMonitor
Gathering being posted on Twitter
Defense DBShield Database firewall written in Go https://github.com/nim4/DBShield
http://nim4.github.io/DBShield/
Misc. hidviz Tool for in-depth analysis of USB HID https://github.com/ondrejbudai/hidviz/
devices communication
HoneyPot Cowrie Cowrie SSH/Telnet Honeypot https://github.com/micheloosterhof/cowrie
http://www.micheloosterhof.com/cow
rie/
HoneyPot T-Pot Multi-Honeypot Platform http://dtag-dev-sec.github.io/
Scanner OpenVAS Security Scanner http://www.openvas.org/

Installing OpenVAS on Kali Linux

https://hassen-
hannachi.medium.com/installing-
openvas-on-kali-linux-a54baeaf806a
Misc. openvasreporting OpenVAS Reporting: Convert https://github.com/TheGroundZero/openvasrepor
OpenVAS XML report files to reports ting

Unknown Nmap Port Scanner https://nmap.org/

Timing Templates (-T)

https://nmap.org/book/performance-
timing-templates.html
Scanner arachni Web Application Scanner http://www.arachni-scanner.com/

https://github.com/Arachni/arachni/releases
Misc. Invoke-Phant0m The Windows Event Log Killer! https://github.com/hlldz/Invoke-Phant0m
Incident Timeline Explorer Timeline Analysis Tool https://ericzimmerman.github.io/
Response
IoT sniffROM A tool for passive data capture and https://github.com/alainiamburg/sniffROM
reconnaissance of serial flash chips.
It is used in conjunction with a
Saleae logic analyzer to reconstruct
flash memory contents and extract
contextual information about device
operations
Attack KeychainCracker macOS keychain cracking tool https://github.com/macmade/KeychainCracker
IoT PRET Printer Exploitation Toolkit - The tool https://github.com/RUB-NDS/PRET
that made dumpster diving obsolete

Malware FAME Automates Malware Evaluation https://certsocietegenerale.github.io/fame/

https://certsocietegenerale.github.io/
fame/
Information ivre Network recon framework. https://github.com/cea-sec/ivre
Gathering Https://ivre.rocks/
Malware CAPE Malware Configuration And Payload https://github.com/ctxis/CAPE
Extraction
https://cape.contextis.com/analysis

The Malware CAPE: Automated

Extraction of Configuration and
Payloads from Sophisticated
Malware - YouTube
https://www.youtube.com/watch?v=q
EwBGGgWgOM
Malware IRMA IRMA is an asynchronous & https://github.com/quarkslab/irma/
customizable analysis system for
suspicious files.
https://irma.quarkslab.com
Incident VolatilityWorkbench Windows GUI for Volatility memory https://www.osforensics.com/tools/volatility-
Response analysis workbench.html
Incident KaniVola Windows GUI for Volatility memory http://www.kazamiya.net/KaniVola
Response analysis
Incident evolve Web interface for the Volatility https://github.com/JamesHabben/evolve
Response Memory Forensics Framework
Information getsploit Command line utility for searching https://github.com/vulnersCom/getsploit
Gathering and downloading exploits
Scanner Jackhammer A Vulnerability Assessment https://github.com/olacabs/jackhammer
Collaboration Tool
Information domainhunter Checks expired domains for https://github.com/threatexpress/domainhunter
Gathering categorization/reputation and
Archive.org history to determine good
candidates for phishing and C2
domain names
http://threatexpress.com
IoT urh Universal Radio Hacker - investigate https://github.com/jopohl/urh
wireless protocols like a boss
Misc. bingrep Greps through binaries from various https://github.com/m4b/bingrep
OS's and architectures, and colors
them
Attack viproy-voipkit VoIP Pen-Test Kit for Metasploit https://github.com/fozavci/viproy-voipkit
Framework
Misc. sylkie IPv6 address spoofing with the https://github.com/dlrobertson/sylkie
Neighbor Discovery Protocol
http://sylkie.io
Scanner Zeus AWS Auditing & Hardening Tool https://github.com/DenizParlak/Zeus
http://www.denizparlak.com/?p=386

Misc. PPEE (Puppy) Professional PE file Explorer for https://www.mzrst.com/

reversers and malware researchers
Defense hardentools Hardentools is a utility that disables a https://github.com/securitywithoutborders/harde
number of risky Windows features. ntools

IoT apparatus A graphical security analysis tool for https://github.com/Or3stis/apparatus

IoT networks
https://or3stis.github.io/apparatus/
Scanner BoopSuite A Suite of Tools written in Python for https://github.com/MisterBianco/BoopSuite
wireless auditing and security testing.

Incident IRTriage Incident Response Triage - Windows https://github.com/AJMartel/IRTriage

Response Evidence Collection for Forensic
Analysis
Reverse jadx Dex to Java Decompiler https://github.com/skylot/jadx
Engineering
Scanner dockerscan Docker Security Analysis and Hacking https://github.com/cr0hn/dockerscan
Tools
Scanner wpscan WPScan is a black box WordPress https://github.com/wpscanteam/wpscan
vulnerability scanner
https://wpscan.org
Malware BinaryAlert Serverless, Real-time & Retroactive https://github.com/airbnb/binaryalert
Malware Detection
https://binaryalert.io
Scanner DELTA SDN Security Evaluation Framework https://github.com/OpenNetworkingFoundation/D
ELTA
Attack sqlmap Automatic SQL injection and https://github.com/sqlmapproject/sqlmap
database takeover tool
http://sqlmap.org
OS Attify OS Distro for pentesting IoT devices https://github.com/adi0x90/attifyos
Information PasteHunter Scanning pastebin with yara rules https://github.com/kevthehermit/PasteHunter
Gathering
Incident LiMeaide A python application designed to https://github.com/kd8bny/LiMEaide
Response remotely dump RAM of a Linux client
and create a volatility profile for later
analysis on your local host.
https://kd8bny.github.io/LiMEaide/
Information Gichidan CLI wrapper for Ichidan deep-web https://github.com/hIMEI29A/gichidan
Gathering search engine.
Attack Mr.SIP SIP-Based Audit and Attack Tool https://github.com/meliht/mr.sip
Incident OSXAuditor OS X Auditor is a free Mac OS X https://github.com/jipegit/OSXAuditor
Response computer forensics tool
Attack reaver-wps-fork-t6x brute force attack against Wifi https://github.com/t6x/reaver-wps-fork-t6x
Protected Setup (WPS) registrar PINs

Attack SniffAir A framework for wireless pentesting https://github.com/Tylous/SniffAir

IoT icemu Emulate Integrated Circuits at the https://github.com/hsoft/icemu
logic level
Scanner cipherscan A very simple way to find out which https://github.com/mozilla/cipherscan
SSL ciphersuites are supported by a
target.
Reverse radare2 unix-like reverse engineering https://github.com/radare/radare2
Engineering framework and commandline tools
security http://www.radare.org/
Attack CrackMapExec A Swiss Army Knife For Pentesting https://github.com/byt3bl33d3r/CrackMapExec
Networks

CrackMapExec — Ptest Method 1

documentation
https://ptestmethod.readthedocs.io/e
n/latest/cme.html
Attack NetExec NetExec (a.k.a nxc) is a network https://www.netexec.wiki/
service exploitation tool that helps
automate assessing the security of
large networks.
Database dbeaver Free universal database manager and https://github.com/dbeaver/dbeaver
SQL client http://dbeaver.jkiss.org

Database DbVisualizer The universal database tool for https://www.dbvis.com/

developers, DBAs and analysts.
Misc. mimikatz A little tool to play with Windows https://github.com/gentilkiwi/mimikatz
security
http://blog.gentilkiwi.com/mimikatz
Attack bitcracker BitLocker Password Cracking Tool https://github.com/e-ago/bitcracker
(Windows Encryption Tool)
Defense Nzyme WiFi Monitoring, Intrusion Detection https://github.com/lennartkoopmann/nzyme
And Forensics
Misc. dradis-ce Dradis Framework: Colllaboration https://github.com/dradis/dradis-ce
and reporting for IT Security teams
http://dradisframework.org
Misc. Ostinato Network Traffic Generator http://ostinato.org/
Misc. PACKETH Network Traffic Generator http://packeth.sourceforge.net/packeth/Home.ht
ml
IoT can-utils Linux-CAN / SocketCAN user space https://github.com/linux-can/can-utils
applications
Misc. cytrone CyTrONE: Integrated Cybersecurity https://github.com/crond-jaist/cytrone
Training Framework
IoT socketcand a daemon that provides access to https://github.com/dschanoeh/socketcand
CAN interfaces on a machine via a
network interface
IoT Kayak an application for CAN bus diagnosis https://github.com/dschanoeh/Kayak
and monitoring
IoT cameradar Cameradar hacks its way into RTSP https://github.com/Ullaakut/cameradar
videosurveillance cameras
Scanner VHostScan A virtual host scanner that performs https://github.com/codingo/VHostScan
reverse lookups, can be used with
pivot tools, detect catch-all
scenarios, aliases and dynamic
default pages.
Defense Anti-DDOS Anti DDOS | Bash Script Project https://github.com/ismailtasdelen/Anti-DDOS
Scanner changeme A Default Credential Scanner https://github.com/ztgrace/changeme
IoT ICSim Instrument Cluster Simulator https://github.com/zombieCraig/ICSim
IoT python-can-monitor A Python script to display data from a https://github.com/alexandreblin/python-can-
CAN bus monitor
Scanner Seccubbus Easy automated vulnerability https://github.com/schubergphilis/Seccubus
scanning, reporting and analysis
http://www.seccubus.com
Scanner Cloud Security Suite Cloud Security Suite - One stop tool https://github.com/SecurityFTW/cs-suite
for auditing the security posture of
AWS & GCP infrastructure.
Attack Exploit Pack Penetration Testing Framework https://www.kitploit.com/2017/10/exploit-pack-
penetration-testing.html
Scanner docker-onion-nmap Scan .onion hidden services with https://github.com/milesrichardson/docker-
nmap using Tor, proxychains and onion-nmap
dnsmasq in a Docker container
Incident rekall Rekall Memory Forensic Framework https://github.com/google/rekall
Response
Attack sqlmate A friend of SQLmap which will do https://github.com/UltimateHackers/sqlmate
what you always expected from
SQLmap.
Information timeshift System restore tool for Linux. https://github.com/teejee2008/timeshift
Gathering Creates filesystem snapshots using
rsync+hardlinks, or BTRFS
snapshots. Supports scheduled
snapshots, multiple backup levels,
and exclude filters. Snapshots can be
restored while system is running or
from Live CD/USB.
Information twint An advanced Twitter scraping & https://github.com/haccer/twint
Gathering OSINT tool written in Python that
doesn't use Twitter's API, allowing
you to scrape a user's followers,
following, Tweets and more while
evading most API limitations.
Misc. exitmap A fast and modular scanner for Tor https://github.com/NullHypothesis/exitmap
exit relays.
http://www.cs.kau.se/philwint/spoile
d_onions/
IoT vehicle-detection Vehicle detection using machine https://github.com/tatsuyah/vehicle-detection
learning and computer vision
techniques for Udacity's self-driving
car course.
IoT CAN-Denial-of-Service A Stealth, Selective, Link-layer https://github.com/stealthdos/CAN-Denial-of-
Denial-of-Service Attack Against Service
Automotive Networks
HoneyPot Telnet IoT Honeypot Python Telnet Honeypot For Catching https://github.com/Phype/telnet-iot-honeypot
Botnet Binaries
IoT CANToolz Black-box CAN network analysis https://github.com/CANToolz/CANToolz
framework
Misc. EvilURL Generate unicode evil domains for https://github.com/UndeadSec/EvilURL
IDN Homograph Attack and detect
them. https://t.me/UndeadSec
IoT stlink stm32 discovery line linux programmer https://github.com/texane/stlink

Misc. roca ROCA: Infineon RSA key vulnerability http://www.kitploit.com/2017/11/roc-infineon-

https://roca.crocs.fi.muni.cz rsa-vulnerability.html

IoT canmatrix Converting Can (Controller Area https://github.com/ebroecker/canmatrix

Network) Database Formats .arxml
.dbc .dbf .kcd ...
Defense net-Shield An Easy and Simple Anti-DDoS http://www.kitploit.com/2017/11/net-shield-
solution for VPS, Dedicated Servers easy-and-simple-anti-ddos.html
and IoT devices
Incident LINUX-EXPLORER EASY-TO-USE LIVE FORENSICS https://github.com/intezer/linux-explorer
Response TOOLBOX FOR LINUX ENDPOINTS.

Reverse cutter A Qt and C++ GUI for radare2 https://github.com/radareorg/cutter

Engineering reverse engineering framework
Misc. openpilot open source driving agent https://github.com/commaai/openpilot
Reverse scapy-ssl_tls SSL/TLS layers for scapy the https://github.com/tintinweb/scapy-ssl_tls
Engineering interactive packet manipulation tool
IoT firmware-mod-kit Modify Firmware https://github.com/mirror/firmware-mod-kit
Phishing wifiphisher Automated victim-customized https://github.com/wifiphisher/wifiphisher
phishing attacks against Wi-Fi clients

Reverse ProcDump for Linux A Linux version of the ProcDump https://github.com/microsoft/procdump-for-linux

Engineering Sysinternals tool
Defense WAZUH Open Source Host and Endpoint http://wazuh.com/
Security
Incident LinuxTriage R-CSIRT Linux Triage tool https://github.com/Recruit-CSIRT/LinuxTriage
Response
Attack ipv6tools IPv6Tools is a robust modular https://github.com/apg-intel/ipv6tools
framework that enables the ability to
visually audit an IPv6 enabled
network.
HoneyPot bluepot Bluetooth Honeypot https://github.com/andrewmichaelsmith/bluepot/

Attack BtleJuice Framework Bluetooth Smart (LE) Man-in-the- https://github.com/DigitalSecurity/btlejuice

Middle Framework
Misc. ctf-tools Some setup scripts for security https://github.com/zardus/ctf-tools
research tools.
Information GOSINT Open Source Threat Intelligence https://github.com/ciscocsirt/GOSINT
Gathering Gathering and Processing Framework

Misc. CRITs Collaborate Research Into Threats https://crits.github.io/

Incident FIR Fast Incident Response https://github.com/certsocietegenerale/FIR
Response
Incident event2timeline Simple Microsoft Windows sessions https://github.com/certsocietegenerale/event2tim
Response event logs visualization eline
Incident IOC Editor Indicators of Compromise (IOC) Editor https://www.fireeye.com/services/freeware/ioc-
Response editor.html
Incident IOC Finder Indicators of Compromise (IOC) https://www.fireeye.jp/services/freeware/ioc-
Response Finder finder.html
OS FLARE VM Windows-based security distribution https://www.fireeye.com/services/freeware/flare-
designed for reverse engineers, vm.html
malware analysts, incident
responders, forensicators, and
penetration testers. Inspired by open-
source Linux-based security
distributions like Kali Linux, REMnux
and others, FLARE VM delivers a fully
configured platform with a
comprehensive collection of Windows
security tools such as debuggers,
Defense PiKarma Detects wireless network attacks https://github.com/WiPi-Hunter/PiKarma
performed by KARMA module (fake
AP). Starts deauthentication attack
(for fake access point)
Scanner BlueMaho Bluetooth Security Testing Suite https://www.kitploit.com/2017/12/bluemaho-
v090417-bluetooth-security.html
IoT opendbc democratize access to car decoder https://github.com/commaai/opendbc
rings
Reverse Decodify It can detect and decode encoded https://github.com/UltimateHackers/Decodify
Engineering strings, recursively.
Reverse RetDec RetDec is a retargetable machine- https://github.com/avast-tl/retdec
Engineering code decompiler based on LLVM.
https://retdec.com/
Scanner Wapiti The Web-Application Vulnerability https://www.kitploit.com/2018/01/wapiti-300-
Scanner web-application.html
Scanner snmpwn An SNMPv3 User Enumerator and https://github.com/hatlord/snmpwn
Attack tool
Information Recon-ng Full-Featured Web Reconnaissance https://www.kitploit.com/2018/01/recon-ng-full-
Gathering Framework featured-web.html
Scanner archerysec Open Source Vulnerability https://github.com/archerysec/archerysec
Assessment and Management helps
developers and pentesters to perform
scans and manage vulnerabilities.
http://www.archerysec.info/

Attack mitm6 Pwning IPv4 networks via IPv6 https://github.com/fox-it/mitm6/

IoT sdrtrunk Tool For Decoding, Monitoring, https://github.com/DSheirer/sdrtrunk
Recording And Streaming Trunked
Mobile And Related Radio Protocols
Using Software Defined Radios (SDR)

Attack PixieWPS An Offline WPS Brute-force Utility https://github.com/wiire-a/pixiewps/releases

HoneyPot NoPo The NoSQL Honeypot Framework https://github.com/torque59/nosqlpot/
Scanner GTScan The Nmap Scanner for Telco https://github.com/SigPloiter/GTScan
Defense SNORPY Snort rule GUI https://github.com/chrisjd20/Snorpy
IoT firmflaws Firmware analysis website + API https://github.com/Ganapati/firmflaws
Phishing SocialFish Ultimate phishing tool with Ngrok https://github.com/UndeadSec/SocialFish
integrated
Information Social Recon Investigate The Online Presence And https://github.com/famavott/osint-scraper
Gathering Footprint Of Someone
Malware Viper Binary analysis and management https://github.com/viper-framework/viper
framework http://viper.li
https://github.com/viper-
framework/viper
IoT BLEAH A BLE Scanner For "Smart" Devices https://github.com/evilsocket/bleah
Hacking

https://kalilinuxtutorials.com/bleah-
ble-scanner-devices-hacking/
Phishing ReelPhish A Real-Time Two-Factor Phishing https://www.kitploit.com/2018/02/reelphish-real-
Tool time-two-factor-phishing.html
Scanner WIFITE2 AUTOMATED WIRELESSS SECURITY https://github.com/derv82/wifite2
AUDITOR
Information tinfoleak The most complete open-source tool https://github.com/vaguileradiaz/tinfoleak
Gathering for Twitter intelligence analysis
Scanner airodump-scan-visualizer Airodump-ng WiFi Scan Visualizer https://github.com/pentesteracademy/airodump-
scan-visualizer
Attack INTERNAL MONOLOGUE ATTACK RETRIEVING NTLM HASH WITHOUT https://github.com/eladshamir/Internal-
MIMIKATZ. Monologue
Incident GRR Rapid Response Remote Live Forensics For Incident https://github.com/google/grr
Response Response
Attack Infection Monkey An automated pentest tool https://github.com/guardicore/monkey
Scanner PenCrawLer An Advanced Web Crawler And https://github.com/TheM4hd1/PenCrawLer
DirBuster
Scanner DIRB Web Content Scanner http://dirb.sourceforge.net/
Scanner DirBuster a multi threaded java application https://www.owasp.org/index.php/Category:OWA
designed to brute force directories SP_DirBuster_Project
and files names on web/application
servers
Misc. nemesis A command-line network packet https://github.com/troglobit/nemesis
crafting and injection utility
http://troglobit.com/projects/nemesis
/
Monitoring Bro Network Secuirty Monitor https://www.bro.org/
Incident GRR Rapid Response GRR Rapid Response: remote live https://github.com/google/grr
Response forensics for incident response
Information Maltego Information Gathering https://www.paterva.com/web7/
Gathering
IoT binwalk Firmware analysis https://github.com/ReFirmLabs/binwalk
OS Kali Linux OS https://www.kali.org/
OS SIFT OS https://digital-
forensics.sans.org/community/downloads
Monitoring Zabbix Monitoring Tool https://www.zabbix.com/

Zabbixの構築手順～インストールから
基本的な管理機能を全て網羅～
https://liberation-of-se-like-
slaves.net/zabbix-deploy-complete/
Defense Yara a tool aimed at (but not limited to) https://virustotal.github.io/yara/
helping malware researchers to
identify and classify malware samples

Scanner Astra Automated Security Testing For REST https://github.com/flipkart-incubator/astra

API's
Malware anticuckoo A tool to detect and crash Cuckoo https://github.com/David-Reguera-Garcia-
Sandbox Dreg/anticuckoo
Attack routersploit Exploitation Framework for https://github.com/threat9/routersploit
Embedded Devices
Reverse re_lab A portable reverse engineering https://github.com/cboin/re_lab
Engineering environment using docker
IoT Autoware Open-Source To Self-Driving. https://github.com/CPFL/Autoware
OS DEFT Digital Evidence and Forensic Toolkit http://www.deftlinux.net/

Incident PALADIN Forensic Toolkit https://sumuri.com/software/paladin/

Response
OS CAINE Computer Aided Investigative https://www.caine-live.net/
Environment
OS REMnux A Linux Toolkit for Reverse- https://remnux.org/
Engineering and Analyzing Malware
Attack Winpmem memory acquisition tools http://releases.rekall-forensic.com/
Incident F-Response Remote memory acquisition tools https://www.f-response.com/
Response
Monitoring Xplico Network Forensic Analyst Tool https://www.xplico.org/
(NFAT)
Incident Redline This Microsoft Windows application https://www.fireeye.com/services/freeware/redli
Response provides a feature rich platform for ne.html
analyzing memory images.
Reverse PeStudio designed to identify artifacts within https://www.winitor.com/index.html
Engineering the files, such as DLL and other PE
files, indicative of malicious software

Defense arp-validator Security Tool to detect arp poisoning https://github.com/rnehra01/arp-validator

attacks
IoT home-assistant Open-source home automation https://github.com/home-assistant/home-
platform running on Python 3 assistant
https://home-assistant.io
Scanner EternalView All In One Basic Information https://github.com/rpranshu/EternalView
Gathering And Vulnerability
Assessment Tool
IoT GNU Radio a free software development toolkit https://www.gnuradio.org/
that provides signal processing blocks
to implement software-defined radios
and signal-processing systems
IoT SDR Sharp SDR (Software Defined Radio) on https://airspy.com/download/
Windows
Incident Linux Screenshot XWindows Volatility Plugin To Extract X https://github.com/eurecom-
Screenshots From A Memory Dump s3/linux_screenshot_xwindows
Response
Defense Portspoof Enhance Your Systems Security https://github.com/drk1wi/portspoof
Through A Set Of New Camouflage
Techniques
IoT crackle Crack and decrypt BLE encryption https://github.com/mikeryan/crackle
Reverse Resource Hacker designed to be the complete resource http://www.angusj.com/resourcehacker/
editing tool: compiling, viewing,
Engineering
decompiling and recompiling resources
for both 32bit and 64bit Windows
executables.
Monitoring Wireshark Network Packet Capture https://www.wireshark.org/
Scanner w3af Web Application Attack and Audit http://w3af.org/
Framework
Incident dumpit Memory Dump Tool http://www.moonsols.com/index.html
Response
Incident Dumpzilla Extract all forensic interesting https://github.com/Busindre/dumpzilla
information of Firefox, Iceweasel and
Response
Seamonkey browsers
http://www.dumpzilla.org
Incident Memoryze acquire and/or analyze memory images https://www.fireeye.com/services/freeware/memoryz
and on live systems can include the e.html
Response
paging file in its analysis.
Incident FTK Imager a Windows software platform that https://accessdata.com/product-download/
performs a variety of imaging tasks
Response
including acquiring the running memory
of a system.
Incident triage-ir Triage-ir will collect system https://code.google.com/archive/p/triage-
information, network information, ir/downloads
Response
registry hives, disk information and it
will dump memory
Monitoring ProcDOT a new way of visual malware analysis http://www.procdot.com/
Reverse Hex Editor Neo Hex Editor https://www.hhdsoftware.com/free-hex-editor
Engineering
IoT OpenOCD Open On-Chip Debugger http://openocd.org/
IoT baudrate detetermine baudrate https://github.com/devttys0/baudrate
IoT libmpsse Open source library for SPI/I2C control https://github.com/devttys0/libmpsse
via FTDI chips (spiflash.py)
IoT flashrom a utility for identifying, reading, writing, https://www.flashrom.org/Flashrom
verifying and erasing flash chips.

IoT firmware-analysis-toolkit Toolkit to emulate firmware and https://github.com/attify/firmware-analysis-toolkit

analyse it for security vulnerabilities
Scanner masscan TCP port scanner, spews SYN packets https://github.com/robertdavidgraham/masscan
asynchronously, scanning entire
Internet in under 5 minutes.
Defense Snort network intrusion prevention system https://www.snort.org/
(IPS) and network intrusion detection
system (IDS)
Scanner EXPLOIT PACK Penetration Test Tool http://exploitpack.com/
Scanner thc-ipv6 IPv6 attack toolkit https://github.com/vanhauser-thc/thc-ipv6
Scanner sslscan sslscan tests SSL/TLS enabled https://github.com/rbsec/sslscan/
services to discover supported cipher
suites
Misc. John the Ripper Password Cracker http://www.openwall.com/john/
Misc. thc-hydra Password Cracker https://github.com/vanhauser-thc/thc-hydra

hydra | Kali Linux Tools

https://www.kali.org/tools/hydra/
(hydra-gtk は、hydra の GUI版)
Misc. Recuva Recover your deleted files quickly and https://www.ccleaner.com/recuva
easily.
Incident Regshot take a snapshot of your registry and https://sourceforge.net/projects/regshot/
then compare it with a second one -
Response
done after doing system changes or
installing a new software product.
Misc. Sysinternals Suite Trouble Shooting Utility https://learn.microsoft.com/en-gb/sysinternals/
https://learn.microsoft.com/ja-jp/sysinternals/
通が愛用するMicrosoft製便利ツール集
「Windows
Sysinternals」の入れ方と注意点
https://atmarkit.itmedia.co.jp/ait/articles/
2202/10/news029.html
Misc. Cain & Abel password recovery tool and more http://www.oxid.it/cain.html
Misc. Netcat a featured networking utility which http://netcat.sourceforge.net/
reads and writes data across network
connections, using the TCP/IP protocol.

Misc. pwdump Password Dump Tool http://openwall.com/passwords/windows-pwdump

Misc. NetworkMiner a passive network sniffer/packet http://www.netresec.com/?page=NetworkMiner
capturing tool in order to detect
operating systems, sessions,
hostnames, open ports etc. without
putting any traffic on the network.
Scanner DeepExploit Metasploitと機械学習を連携させたツー https://github.com/13o-bbr-
ル。 bbq/machine_learning_security/tree/master/DeepEx
Metasploit Meets Machine Learning ploit
https://www.mbsd.jp/blog/20180228.ht
ml
Management KNOPPIX CD or DVD boot Linux http://www.knopper.net/knoppix/
OS gparted GNOME Partition Editor RHEL,KNOPPIX標準
ディスク上のデータ領域をイメージフ https://github.com/GNOME/gparted
ァイルのままコピー可能
Monitoring Maltrail Malicious Traffic Detection System https://github.com/stamparm/maltrail
Misc. tapioca CERT Tapioca for MITM network https://github.com/CERTCC/tapioca
analysis
https://insights.sei.cmu.edu/cert/2018/0
5/announcing-cert-tapioca-20-for-
network-traffic-analysis.html

Monitoring MRTG The Multi Router Traffic Grapher https://oss.oetiker.ch/mrtg/

(MRTG)はネットワークの負荷を監視す
るツール
Scanner OVALdi an open-source local vulnerability https://www.decalage.info/en/ovaldi
assessment scanner
Scanner joval Joval Open-Source OVAL Scanner https://jovalcm.com/topics/open-source-oval-
scanner/
Misc. RAID Recovery for Windows Recovery for NTFS-formatted https://www.runtime.org/raid-recovery-windows.htm
Windows RAIDs, includes hardware
RAIDs and Windows software RAIDs.
Supports RAID-0 and RAID-5
configurations
Free版もある？
IoT MEAnalyzer Intel Engine Firmware Analysis Tool https://github.com/platomav/MEAnalyzer
IoT Firmwalker IoT Firmware Analysis https://resources.infosecinstitute.com/iot-firmware-
analysis-firmwalker/

https://github.com/craigz28/firmwalker
Monitoring Nagios オープンソースのコンピュータシステ https://www.nagios.org/
ムおよびネットワークの監視のための
アプリケーションソフトウェア
OS Parrot OS 侵入テスト、脆弱性テストなどに使用 https://www.parrotsec.org/
されているディストリビューション

Misc. ngrok ローカルサイトを外部に公開するため https://ngrok.com/

のツール
https://parashuto.com/rriver/tools/secur
e-tunneling-service-ngrok
Scanner GyoiThon A Growing Penetration Test Tool Using https://github.com/gyoisamurai/GyoiThon
Machine Learning

https://www.kitploit.com/2018/05/gyoith
on-growing-penetration-test-tool.html

Monitoring Prometheus Monitoring and alerting toolkit https://prometheus.io/

Misc. Pupy Pupy is an opensource, cross-platform https://github.com/n1nj4sec/pupy
(Windows, Linux, OSX, Android)
remote administration and post-
exploitation tool mainly written in python

Misc. Merlin a cross-platform post-exploitation https://github.com/Ne0nd0g/merlin

HTTP/2 Command & Control server
and agent written in golang.
Scanner nishang PowerShell for penetration testing and https://github.com/samratashok/nishang
offensive security.
Misc. Responder Responder is a LLMNR, NBT-NS and https://github.com/lgandx/Responder
MDNS poisoner, with built-in
HTTP/SMB/MSSQL/FTP/LDAP rogue
authentication server supporting
NTLMv1/NTLMv2/LMv2, Extended
Security NTLMSSP and Basic HTTP
authentication.

Responderで行うLLMNR Poisoning
https://qiita.com/yu1c1yu1c1/items/211d
768eec65aa09d3c9
Misc. rtfm A database of common, interesting or https://github.com/leostat/rtfm
useful commands, in one handy
referable form
https://necurity.co.uk/osprog/2017-02-
27-RTFM-Pythonized/
Information SessionGopher SessionGopher is a PowerShell tool https://github.com/fireeye/SessionGopher
that uses WMI to extract saved
Gathering
session information for remote access
tools such as WinSCP, PuTTY,
SuperPuTTY, FileZilla, and Microsoft
Remote Desktop. It can be run
remotely or locally.
Information Invoke-WCMDump PowerShell Script to Dump Windows https://github.com/peewpw/Invoke-WCMDump
Credentials from the Credential
Gathering
Manager
Information mimipenguin A tool to dump the login password from https://github.com/huntergregal/mimipenguin
the current linux user
Gathering
Scanner linux-exploit-suggester Linux privilege escalation auditing tool https://github.com/mzet-/linux-exploit-suggester
Misc. social-engineer-toolkit The Social-Engineer Toolkit (SET) https://github.com/trustedsec/social-engineer-toolkit
repository from TrustedSec - All new
versions of SET will be deployed here.

Phishing ReelPhish A Real-Time Two-Factor Phishing Tool https://github.com/fireeye/ReelPhish

Misc. GeoLogonalyzer Remote Authentication GeoFeasibility https://github.com/fireeye/GeoLogonalyzer

Tool
Misc. Diskover File System Crawler, Storage Search https://github.com/shirosaidev/diskover
Engine And Analytics Powered By
Elasticsearch
Misc. visualize_logs interactive log visualization https://github.com/keithjjones/visualize_logs
https://securityonline.info/visualize-logs-
interactive-log-visualization/
Scanner Prowler Distributed Network Vulnerability https://github.com/tlkh/prowler
Scanner

https://www.hacking.reviews/2018/05/pr
owler-distributed-network.html

https://tlkh.github.io/prowler/
Information PowerUpSQL PowerUpSQL: A PowerShell Toolkit for https://github.com/NetSPI/PowerUpSQL
Attacking SQL Server
Gathering
Dumping Active Directory Domain Info
– with PowerUpSQL!
https://blog.netspi.com/dumping-active-
directory-domain-info-with-powerupsql/

Attack Empire Empire is a PowerShell and Python https://github.com/EmpireProject/Empire

post-exploitation agent.
http://www.powershellempire.com/

https://www.hacking.reviews/2018/06/e
mpire-gui-empire-client-application.html

Attack Empire 4 a post-exploitation and adversary https://github.com/BC-SECURITY/Empire

emulation framework that is used to aid
Red Teams and Penetration Testers.

Empire: A Powerful Post – Exploitation

Tool
https://www.ciso.inc/blog-posts/empire-
powerful-post-exploitation-tool/

Attack fluxion WPA/WPA2 Cracking Tool https://github.com/FluxionNetwork/fluxion

https://gbhackers.com/cracking-
wpawpa2-passwords-fluxion/
Misc. sigrok signal analysis software suite that https://sigrok.org/
supports various device types (e.g.
logic analyzers, oscilloscopes, and
many more
Misc. PulseView a Qt based logic analyzer, oscilloscope https://sigrok.org/wiki/PulseView
and MSO GUI for sigrok.
Misc. django-DefectDojo Application Vulnerability Correlation https://github.com/DefectDojo/django-DefectDojo
And Security Orchestration Application

https://www.kitploit.com/2018/06/defect
dojo-application-vulnerability.html

Misc. onionshare Securely and anonymously share a file https://github.com/micahflee/onionshare

of any size https://onionshare.org/
Misc. Scapy the Python-based interactive packet https://github.com/secdev/scapy
manipulation program & library
(Supports Python 2 & Python 3)
Monitoring OpenCanary a daemon that runs canary services, http://docs.opencanary.org/en/latest/
which trigger alerts when (ab)used.
Attack BeEF short for The Browser Exploitation https://beefproject.com/
Framework. It is a penetration testing
tool that focuses on the web browser.
Monitoring Nova detects network based reconnaissance http://www.projectnova.org/about/index.html
efforts - denying the attacker access to
real network data while providing false
information regarding the number and
types of systems connected to the
network.
Misc. hostapd a user space daemon for access point http://w1.fi/hostapd/
and authentication servers

hostapd を用いた無線 LAN

アクセスポイントの構築
https://qiita.com/masap/items/de938620
18dc2784a40e
Misc. DumpsterDiver a tool used to analyze big volumes of https://github.com/securing/DumpsterDiver
various file types in search of
hardcoded secret keys (e.g. AWS
Access Key, Azure Share Key or SSH
keys) based on counting the entropy.
Information theHarvester E-mails, subdomains and names https://github.com/laramies/theHarvester
Harvester - OSINT http://www.edge-
Gathering
security.com/
Attack msploitego Pentesting suite for Maltego based on https://github.com/shizzz477/msploitego
data in a Metasploit database

https://www.hacking.reviews/2018/06/m
sploitego-pentesting-suite-for-
maltego.html
Misc. pypykatz Mimikatz implementation in pure Python https://github.com/skelsec/pypykatz

Windows Credential Harvesting Quick

Guide
https://posts.slayerlabs.com/windows-
cred-guide/
Monitoring sharesniffer Network share sniffer and auto- https://github.com/shirosaidev/sharesniffer
mounter for crawling remote file
systems
Misc. Gpredict Satellite Tracking Application https://github.com/csete/gpredict
(http://gpredict.oz9aec.net/)
Attack Viper Bruteforce Password Cracker https://github.com/fm4dd/viper/
https://www.hacking.reviews/2018/06/vi
per-bruteforce-password-cracker.html

Information Omnibus Open Source Intelligence Collection, https://github.com/InQuest/omnibus

Research, And Artifact Management
Gathering
https://www.hacking.reviews/2018/06/o
mnibus-open-source-intelligence.html
Information AIL framework Analysis Information Leak framework https://github.com/CIRCL/AIL-framework/
Gathering
Incident Event Log Explorer Microsoft Windows event logs view & https://eventlogxp.com/ Log Forensics Basic
Response monitor & analyse
Monitoring SAMInside Registry analysis (GUI) ? Registry forensic basic
Monitoring Registry Ripper Registry analysis (GUI) https://github.com/keydet89/RegRipper2.8 Registry forensic basic
Monitoring UserAssist Registry analysis (GUI) https://blog.didierstevens.com/programs/userassist/ Registry forensic basic
*.net Frame work 3.5 installation
required
The UserAssist utility displays a table
of programs executed on a Windows
machine, complete with running count
and last execution date and time.
Database crackstation NT hash library (web site) https://crackstation.net/ memory forensic basic
*windows SAM registory hash
Monitoring log2timeline file Modify, access, change attributes, https://github.com/log2timeline/plaso Log Forensics Basic
create file, monitor timeline
(WindowsOS)
Monitoring photorec Docs, Photo, Video, Music and Archive https://www.cgsecurity.org/wiki/TestDisk_Download Disk Forensics Basic
Recovery
Monitoring bulk_extractor *Java6+ installation required https://github.com/simsong/bulk_extractor Disk Forensics Basic
scans a disk image, a file, or a
directory of files and extracts useful
information without parsing the file
system or file system structures.
Attack BurpSuite Community Edition HTTP Proxy , web applications https://portswigger.net/burp/communitydownload Web(XSS) Basic
Attack&Check (
Scanner,Intruder,Spider,Repeater,Deco
der,Comparer,Sequencer)
Misc. Web Security Academy Free Online Training from PortSwigger https://portswigger.net/web-securit
(オンライン[無償]で、BurpSuiteの勉強
ができます)

Webエンジニアでテッペン取るならPor
tSwiggerでセキュリティを勉強しよう
https://qiita.com/ahera/items/05b026fa6
a0bda3cf473

Attack BApp Store BurpSuite に拡張機能を追加できます https://portswigger.net/bappstore

Bapp Storeを調べてみたよ！
https://www.slideshare.net/slideshow/b
app-store/104443730
Misc. Impacket a collection of Python classes for https://github.com/CoreSecurity/impacket
working with network protocols.
https://www.coresecurity.com/corelabs-
research/open-source-tools/impacket
http://rajhackingarticles.blogspot.com/2
018/06/beginner-guide-to-impacket-
tool-kit.html

Misc. Sslmerge Tool To Help You Build A Valid SSL https://github.com/trimstray/sslmerge

Certificate Chain From The Root
Certificate To The End-User Certificate
https://www.kitploit.com/2018/06/sslmer
ge-tool-to-help-you-build-valid.html

Information probequest Toolkit for Playing with Wi-Fi Probe https://github.com/SkypLabs/probequest

Requests
Gathering
https://probequest.readthedocs.io/en/lat
est/
Misc. PE Linux PE Linux - Linux Privilege Escalation https://github.com/WazeHell/PE-Linux
Tool

https://www.hacking.reviews/2018/06/p
e-linux-linux-privilege-escalation-
tool.html
Monitoring Cyberprobe an open-source distributed architecture https://github.com/cybermaggedon/cyberprobe/
for real-time monitoring of networks
against attack.
https://cyberprobe.trustnetworks.com/
Scanner VOOKI Web Application Vulnerability Scanner https://www.vegabird.com/vooki/

https://www.kitploit.com/2018/06/vooki-
web-application-vulnerability.html
Misc. voltron A hacky debugger UI for hackers https://github.com/snare/voltron
Misc. GDB Dashboard Modular Visual Interface for GDB in https://github.com/cyrus-and/gdb-
Python dashboard/archive/master.zip
https://github.com/cyrus-and/gdb-dashboard/
https://www.hacking.reviews/2018/06/g
db-dashboard-modular-visual-
interface.html
Attack redsnarf a pen-testing / red-teaming tool for https://github.com/nccgroup/redsnarf
retrieving hashes and credentials from
Windows workstations, servers and
domain controllers

https://www.nccgroup.trust/uk/about-
us/newsroom-and-
events/blogs/2016/november/introducin
g-redsnarf-and-the-importance-of-
being-careful/
Misc. vilgrade The update exploitation framework https://github.com/infobyte/evilgrade
Reverse Frick a frida cli for reverse engineer https://github.com/iGio90/frick
Engineering
Attack Airgeddon A Swiss Army WiFi Hacking Tool https://github.com/v1s1t0r1sh3r3/airgeddon

https://latesthackingnews.com/2018/06/
19/airgeddon-a-swiss-army-wifi-
hacking-tool/
Misc. grepcidr Filter IPv4 and IPv6 addresses https://github.com/frohoff/grepcidr
matching CIDR patterns

http://www.pc-tools.net/unix/grepcidr/
Monitoring fail2ban Daemon to ban hosts that cause https://github.com/fail2ban/fail2ban
multiple authentication errors

Protect your server with Fail2ban

https://oastic.com/posts/protect-your-
server-with-fail2ban/
Integrate AbuseIPDB with Fail2ban
https://oastic.com/posts/integrate-
abusedbip-in-fail2ban/
Fuzzing OSS-Fuzz continuous fuzzing of open source https://github.com/google/oss-fuzz
software
Attack bettercap The Swiss Army knife for 802.11, BLE https://github.com/bettercap/bettercap
and Ethernet networks reconnaissance
and attacks.

https://www.bettercap.org/
ペネトレーションツールの紹介 ～bett
ercap編～
https://jpn.nec.com/cybersecurity/blog/2
00403/index.html
Phishing gophish Open-Source Phishing Toolkit https://github.com/gophish/gophish

https://getgophish.com
Attack nishang PowerShell for penetration testing and https://github.com/samratashok/nishang
offensive security.
Misc. Scout2 Security auditing tool for AWS https://github.com/nccgroup/Scout2
environments

https://nccgroup.github.io/Scout2/
Misc. DependencyCheck OWASP dependency-check is a https://github.com/jeremylong/DependencyCheck
software composition analysis utility
that detects publicly disclosed
vulnerabilities in application
dependencies.

https://www.owasp.org/index.php/OWA
SP_Dependency_Check
Reverse edb-debugger edb is a cross platform https://github.com/eteran/edb-debugger
AArch32/x86/x86-64 debugger.
Engineering
Misc. MifareClassicTool An Android NFC-App for reading, https://github.com/ikarus23/MifareClassicTool
writing, analysing, etc. MIFARE Classic
RFID-Tags.
http://publications.icaria.de/mct/

Information trape People tracker on the Internet: Learn to https://github.com/boxug/trape

track the world, to avoid being traced.
Gathering
https://trape.co

Scanner dockerscan Docker security analysis & hacking https://github.com/cr0hn/dockerscan

tools
Scanner needle The iOS Security Testing Framework https://github.com/mwrlabs/needle

http://mobiletools.mwrinfosecurity.com/

Defense suricata Suricata git repository maintained by https://github.com/OISF/suricata

the OISF

http://suricata-ids.org/
Management jackhammer One Security vulnerability https://github.com/olacabs/jackhammer
assessment/management tool to solve
all the security team problems.

https://jch.olacabs.com/userguide
HoneyPot conpot ICS/SCADA honeypot https://github.com/mushorg/conpot
Defense scap-security-guide Baseline compliance content in SCAP https://github.com/OpenSCAP/scap-security-guide
formats

https://www.open-scap.org/security-
policies/scap-security-guide/

HoneyPot honeytrap Advanced Honeypot framework. https://github.com/honeytrap/honeytrap

http://docs.honeytrap.io/docs/home/
Attack aircrack-ng WiFi security auditing tools suite https://github.com/aircrack-ng/aircrack-ng

https://aircrack-ng.org
Defense SELKS A Suricata based IDS/IPS distro https://github.com/StamusNetworks/SELKS

https://www.stamus-
networks.com/open-source/#selks
OS Whonix Whonix is an operating system focused https://github.com/Whonix/Whonix
on anonymity, privacy and security. It's
based on the Tor anonymity network,
Debian GNU/Linux and security by
isolation. DNS leaks are impossible,
and not even malware with root
privileges can find out the user's real IP.

https://www.whonix.org
https://www.whonix.org/wiki/Impressum

HoneyPot dionaea Home of the dionaea honeypot https://github.com/DinoTools/dionaea

https://dionaea.readthedocs.io/
Incident turbinia Automation and Scaling of Digital https://github.com/google/turbinia
Forensics Tools
Response
Misc. spamscope Fast Advanced Spam Analysis Tool https://github.com/SpamScope/spamscope

https://pypi.python.org/pypi/SpamScope

Information TorBoT Deep and Dark Web OSINT Tool https://github.com/DedSecInside/TorBoT

Gathering
Misc. operative-framework-HD the digital investigation framework, you https://github.com/graniet/operative-framework-HD
can interact with websites, email
address, company, people, ip address
... interact with basic/graphical view
and export with XML, JSON

Management dradis-ce Dradis Framework: Colllaboration and https://github.com/dradis/dradis-ce

reporting for IT Security teams

http://dradisframework.org
Information LeakScraper An Efficient Set Of Tools To Process https://github.com/Acceis/leakScraper
And Visualize Huge Text Files
Gathering
Containing Credentials

https://www.hacking.reviews/2018/06/le
akscraper-efficient-set-of-tools-to.html
Information Sandmap a tool supporting network and system https://github.com/trimstray/sandmap
reconnaissance using the massive
Gathering
Nmap engine ( It provides a user-
friendly interface, automates and
speeds up scanning and allows you to
easily use many advanced scanning
techniques) :

Scanner Fuxi Scanner Network Security Vulnerability Scanner https://github.com/jeffzh3ng/Fuxi-Scanner

https://www.kitploit.com/2018/06/fuxi-
scanner-network-security.html

Scanner Striker Striker is an offensive information and https://github.com/s0md3v/Striker

vulnerability scanner.

https://teamultimate.in
Misc. Mquery YARA Malware Query Accelerator https://github.com/CERT-Polska/mquery
(Web Frontend)

https://www.hacking.reviews/2018/06/m
query-yara-malware-query-
accelerator.html
Incident Pdgmail Forensic Tool to Analysis Process https://gbhackers.com/pdgmail-forensic-tool-to-
Memory Dump analysis-process-memory-dump/
Response
Incident Fastir_Collector 証跡の収集ツール https://github.com/SekoiaLab/Fastir_Collector
Response
https://sekoialab.github.io/Fastir_Collect
or/
Attack Zeratool Automatic Exploit Generation (AEG) https://github.com/ChrisTheCoolHut/Zeratool
and remote flag capture for exploitable
CTF problems
Misc. Stego-Toolkit Collection Of Steganography Tools https://github.com/DominicBreuker/stego-toolkit
(Helps With CTF Challenges)

https://www.kitploit.com/2018/06/stego-
toolkit-collection-of.html
Scanner Pspy Monitor Linux Processes Without Root https://github.com/DominicBreuker/pspy
Permissions

https://www.hacking.reviews/2018/06/p
spy-monitor-linux-processes-
without.html
Attack Yersinia for Layer 2 Vulnerability Analysis & DHCP https://github.com/tomac/yersinia
Starvation Attack

https://kalilinuxtutorials.com/yersinia/
Attack Havij Advanced Automated SQL Injection https://www.darknet.org.uk/2010/09/havij-advanced-
Tool automated-sql-injection-tool/

https://kalilinuxtutorials.com/havij-
download-sql-injection/
OS Buscador An OSINT Linux Virtual Machine https://inteltechniques.com/menu.html
Incident pyrebox Python scriptable Reverse Engineering https://github.com/Cisco-Talos/pyrebox
Sandbox, a Virtual Machine
Response
instrumentation and inspection
framework based on QEMU

https://talosintelligence.com/pyrebox

Incident LinuxTriage R-CSIRT Linux Triage tool https://github.com/Recruit-CSIRT/LinuxTriage

Response
https://recruit-
tech.co.jp/blog/2018/06/29/recruit_csirt_
triage/
Misc. Aker SSH Bastion/Jump Host/Jumpserver https://github.com/aker-gateway/Aker

https://www.kitploit.com/2018/06/aker-
ssh-bastionjump-hostjumpserver.html
Misc. Termtosvg A Tool to Record Terminal Session in https://github.com/nbedos/termtosvg
Linux

https://linoxide.com/linux-how-
to/termtosvg-tool-recorder-terminal-
session-linux/
Management Dependency-Track An Intelligent Software Composition https://github.com/DependencyTrack/dependency-
Analysis (SCA) Platform That Allows track
Organizations To Identify And Reduce
Risk From The Use Of Third-Party And
Open Source Components

https://www.kitploit.com/2018/07/depen
dency-track-intelligent-software.html

Management ProbeManager Centralize Management Of Intrusion https://github.com/treussart/ProbeManager

Detection System Like Suricata, Bro,
Ossec...

https://www.kitploit.com/2018/07/probe
manager-centralize-management-
of.html
Incident PcapXray GUI Network Forensics Tool To https://github.com/Srinivas11789/PcapXray
Analysis a Packet Capture Offline
Response
https://gbhackers.com/pcapxray-
network-forensics-tool/
Misc. lbd Tool to Detect Whether a Domain has https://github.com/craig/ge.mine.nu/tree/master/lbd
Load Balancing Enabled

https://kalilinuxtutorials.com/lbd/
Malware Ph0Neutria A Malware Zoo Builder That Sources https://github.com/phage-nz/ph0neutria
Samples Straight From The Wild

https://www.kitploit.com/2018/07/ph0ne
utria-malware-zoo-builder-that.html
Misc. Stunnel encrypt arbitrary TCP connections https://www.stunnel.org/downloads.html
inside SSL

https://securityonline.info/stunnel/
Incident THRecon Threat Hunting Reconnaissance Toolkit https://github.com/TonyPhipps/THRecon
Response
https://www.kitploit.com/2018/07/threco
n-threat-hunting-reconnaissance.html
Information URLextractor Information gathering & website https://github.com/eschultze/URLextractor
reconnaissance | Kali Linux 2018.2
Gathering
https://video.hacking.reviews/2018/07/u
rlextractor-information-gathering.html

Misc. tcpreplay Pcap editing and replay tools for *NIX https://github.com/appneta/tcpreplay
and Windows

https://securityonline.info/tcpreplay-
pcap-editing-replay-tool/
Scanner whatweb Tool to Discover Security https://www.morningstarsecurity.com/research/what
Vulnerabilities With Your Web web
Application

https://kalilinuxtutorials.com/whatweb/
Attack WiFiSuite Enterprise WPA Wireless Tool Suite https://github.com/NickSanzotta/WiFiSuite

https://securityonline.info/wifisuite-
enterprise-wpa-wireless-tool-suite/
Scanner Delta SDN Security Evaluation & Penetration https://github.com/OpenNetworkingFoundation/DELT
Testing Framework A

https://kalilinuxtutorials.com/delta-
framework/
Information EagleEye Stalk your Friends. Find their https://github.com/ThoughtfulDev/EagleEye
Instagram, FB and Twitter Profiles
Gathering
using Image Recognition and Reverse
Image Search.
Misc. ctf-tools Some setup scripts for security https://github.com/zardus/ctf-tools
research tools.
Misc. pureblood A Penetration Testing Framework https://github.com/cr4shcod3/pureblood
created for Hackers / Pentester / Bug
Hunter
Misc. malcom Malware Communication Analyzer https://github.com/tomchop/malcom

https://securityonline.info/malcom-
malware-communication-analyzer/
IoT KillerBee IEEE 802.15.4/ZigBee Security https://github.com/riverloopsec/killerbee
Research Toolkit

https://www.hacking.reviews/2018/07/kil
lerbee-ieee-802154zigbee-security.html
Incident LogonTracer Investigate malicious Windows logon https://github.com/JPCERTCC/LogonTracer
by visualizing & analyzing Windows
Response
event log

https://haxf4rall.com/2018/07/16/logontr
acer-investigate-malicious-windows-
logon-by-visualizing-analyzing-windows-
event-log/
Database DBeaver Free universal database tool and SQL https://github.com/dbeaver/dbeaver
client

http://dbeaver.jkiss.org
https://dbeaver.io/
Information DNS tool display information about your domain https://github.com/42wim/dt
https://securityonline.info/dns-tool/
Gathering
Misc. Etcher Getting started with Etcher.io https://etcher.io/

https://opensource.com/article/18/7/getti
ng-started-etcherio
Management dependency-track intelligent Software Composition https://github.com/DependencyTrack/dependency-
Analysis (SCA) platform track

https://securityonline.info/dependency-
track/
Malware FLOSS Automatically extract obfuscated https://github.com/fireeye/flare-floss
strings from Malware

https://haxf4rall.com/2018/07/17/floss-
automatically-extract-obfuscated-
strings-from-malware/
Monitoring Sagan analyze logs (syslog/event https://github.com/beave/sagan
log/snmptrap/netflow/etc) , real-time
log analysis & correlation engine

https://securityonline.info/sagan-
analyze-logs/
Monitoring sshnotify SSH Login Notification https://github.com/Green-m/sshnotify

https://securityonline.info/sshnotify/
Phishing Camelishing Social Engineering Tool https://github.com/azizaltuntas/Camelishing

https://www.kitploit.com/2018/07/cameli
shing-social-engineering-tool.html
Information SearchSploit find public exploits and corresponding https://github.com/offensive-security/exploit-
vulnerable software database
Gathering
https://github.com/rad10/SearchSploit.py
https://securityonline.info/searchsploit-
find-public-exploits-corresponding-
vulnerable-software/
https://book.hacktricks.xyz/v/jp/generic-
methodologies-and-resources/search-
exploits
Scanner ICScanner Industrial Control Systems Network https://github.com/0xICF/ICScanner
Scanner

https://0xicf.wordpress.com/tools/icscan
ner/
OS Hiren’s BootCD 便利なブートメディア(?) https://www.hirensbootcd.org/
ISOイメージ(?) です。
Misc. KON-BOOT Windows, MacOS https://www.piotrbania.com/all/kon-boot/
パスワードをリセットするツールです
。
Misc. Ophcrack a free Windows password cracker http://ophcrack.sourceforge.net/
based on rainbow tables.
レインボーテーブルを使ったパスワー
ドクラッキングツールです。

Information Nimbostratus fingerprinting and exploiting Amazon https://github.com/andresriancho/nimbostratus

cloud infrastructures
Gathering
http://andresriancho.github.io/nimbostra
tus/
Information WMImplant A WMI Based Agentless Post- https://github.com/FortyNorthSecurity/WMImplant
Exploitation RAT Developed in
Gathering
PowerShell

https://www.fireeye.com/blog/threat-
research/2017/03/wmimplant_a_wmi_b
a.html
Incident Windows-Prefetch-Parser Parse Windows Prefetch files: https://github.com/PoorBillionaire/Windows-Prefetch-
Supports XP - Windows 10 Prefetch file Parser
Response
Information RAWR Rapid Assessment of Web Resources https://github.com/al14s/rawr
Gathering
https://bitbucket.org/al14s/rawr/wiki/Ho
me
Incident rekall Forensic and Incident Response https://github.com/google/rekall
Framework
Response
https://securityonline.info/rekall-
memory-forensic-framework/
IoT webpasori a WebUSB port of libpasori/libpafe https://github.com/muojp/webpasori
Misc. crunch wordlist generator https://sourceforge.net/projects/crunch-
wordlist/files/crunch-wordlist/
Incident Visualize Logs interactive log visualization https://github.com/keithjjones/visualize_logs
Response
https://securityonline.info/visualize-logs-
interactive-log-visualization/
https://keithjjones.github.io/visualize_lo
gs.github.io/
Attack sandmap a tool supporting network and system https://github.com/trimstray/sandmap
reconnaissance using the massive
Nmap engine. It provides a user-
friendly interface, automates and
speeds up scanning and allows you to
easily use many advanced scanning
techniques.
Scanner OWTF Offensive Web Testing Framework https://github.com/owtf/owtf

https://www.kitploit.com/2018/07/owtf-
v24-offensive-web-testing-
framework.html
Misc. IP-Biter The Hacker-friendly E-Mail Tracking https://github.com/damianofalcioni/IP-Biter
Framework

https://kalilinuxtutorials.com/ip-biter-
hacker-e-mail-tracking/
Misc. Lynis Open Source Security Auditing & https://github.com/CISOfy/lynis
Pentesting Tool – A Detailed
Explanation

https://gbhackers.com/lynis-open-
source-security-auditing-tool-a-detailed-
explanation/
Reverse gdb-dashboard Modular visual interface for GDB in https://github.com/cyrus-and/gdb-dashboard
Python
Engineering
Information trape People tracker on the Internet https://github.com/boxug/trape
Gathering
https://securityonline.info/trape-people-
tracker/
Information Shodanwave Tool For Exploring & Obtaining https://github.com/evilsocketbr/shodanwave
Information From Cameras
Gathering
https://kalilinuxtutorials.com/shodanwav
e-exploring-information-cameras/
Misc. Pip3Line The Swiss Army Knife Of Byte https://github.com/metrodango/pip3line
Manipulation

https://www.hacking.reviews/2018/08/pi
p3line-swiss-army-knife-of-byte.html
Attack joffrey stupid MQTT brute forcer https://github.com/zombiesam/joffrey

https://securityonline.info/joffrey-stupid-
mqtt-brute-forcer/
Misc. Reverse proxy grapher graphviz https://github.com/mricon/rev-proxy-grapher
を使っているので、グラフィカルに表
示されて便利そうです。

https://securityonline.info/reverse-proxy-
grapher/
OS dvpd Damn Vulnerable Peripheral Device https://github.com/ji2kumar/dvpd
(DVPD) for Bluetooth LE Device
Hacking learning and practice
Attack RFCrack A Software Defined Radio Attack Tool https://github.com/cclabsInc/RFCrack
Information Sn1per Automated Pentest Recon Scanner https://github.com/1N3/Sn1per
Gathering
https://xerosecurity.com
Scanner Zeus AWS Auditing & Hardening Tool https://securityonline.info/zeus-aws-auditing-
hardening-tool/
Attack Commix Automated All-in-One OS command https://github.com/commixproject/commix
injection and exploitation tool.

http://commixproject.com
Misc. GoCrack Managed Password Cracking Tool https://github.com/fireeye/gocrack

https://securityonline.info/gocrack-
managed-password-cracking-tool/
Misc. Terminalizer Tool to Record Terminal Sessions on https://github.com/faressoft/terminalizer
Linux

https://linoxide.com/linux-how-
to/terminalizer-tool-record-terminal-
session-linux
Incident Guymager free forensic imager for media http://guymager.sourceforge.net/
acquisition
Response
Attack BloodHound グラフ理論にもとづき、Active https://github.com/BloodHoundAD/BloodHound
Directory環境の意図せぬ関係性を明ら
かにするためのツール

BloodHound 2.0
https://posts.specterops.io/bloodhound-
2-0-bc5117c45a99
BloodHound Cypher Cheatsheet
https://hausec.com/2019/09/09/bloodho
und-cypher-cheatsheet/
Attack BloodHound.py A Python based ingestor for https://github.com/dirkjanm/BloodHound.py
BloodHound
Misc. WMD Python framework for IT security tools https://github.com/ThomasTJdev/WMD

https://securityonline.info/wmd-python-
framework-security-toolspython-
framework-pentest/

Scanner WAF Buster Disrupt WAF By Abusing SSL/TLS https://github.com/viperbluff/WAF_buster

Ciphers

https://www.kitploit.com/2018/08/waf-
buster-disrupt-waf-by-abusing.html
Misc. StarWind V2V Converter V2V Converter https://www.starwindsoftware.com/converter
Misc. pfSense World's Most Trusted Open Source https://www.pfsense.org/download/
Firewall

https://www.pfsense.org/
Information GitMiner Tool for advanced mining for content https://github.com/UnkL4b/GitMiner
on Github
Gathering
Misc. Pipal THE password analyser https://github.com/digininja/pipal

https://digi.ninja/projects/pipal.php
Information pwnedOrNot Find Passwords for Compromised https://github.com/thewhiteh4t/pwnedOrNot
Email Accounts
Gathering
https://securityonline.info/pwnedornot/
IoT arduino-cli Arduino command line interface https://github.com/arduino/arduino-cli
Information userrecon Find usernames across over 75 social https://github.com/thelinuxchoice/userrecon
networks
Gathering
https://video.hacking.reviews/2018/08/k
ali-linux-userrecon.html
Reverse arm_now instant setup of virtual machines for https://github.com/nongiach/arm_now
reverse, exploit, fuzzing and
Engineering
programming

https://securityonline.info/arm_now/
Information POOPAK TOR Hidden Service Crawler https://github.com/thelematic/poopak
Gathering
Malware CuckooML Machine Learning for Cuckoo Sandbox https://github.com/honeynet/cuckooml

https://honeynet.github.io/cuckooml/

Incident kraken Cross-platform Yara scanner written in https://github.com/botherder/kraken

Go
Response
Misc. atomic-red-team Small and highly portable detection https://github.com/redcanaryco/atomic-red-team
tests based on MITRE's ATT&CK.
Misc. scap-workbench Assessing Linux Security https://github.com/OpenSCAP/scap-workbench
Configurations with SCAP Workbench

https://avleonov.com/2018/09/01/asses
sing-linux-security-configurations-with-
scap-workbench/
https://www.open-scap.org/tools/scap-
workbench/
Scanner Malspider Web Spidering Framework to Detect https://github.com/ciscocsirt/malspider
Web Compromises

http://www.sectechno.com/malspider-
web-spidering-framework-to-detect-
web-compromises/
Misc. PatrowlEngines Open Source, Free and Scalable https://www.patrowl.io/
Security Operations Orchestration https://github.com/Patrowl/PatrowlDocs
Platform

https://securityonline.info/patrowlengine
s-open-source-free-and-scalable-
security-operations-orchestration-
platform/
Incident SysmonSearch Investigate suspicious activity by https://github.com/JPCERTCC/SysmonSearch
visualizing Sysmon's event log
Response
Sysmonログを可視化して端末の不審な
挙動を調査~SysmonSearch~(2018-09-
06)
https://www.jpcert.or.jp/magazine/acrep
ort-SysmonSearch.html
Monitoring Activitywatch Log what you do on your computer https://github.com/ActivityWatch/activitywatch

http://www.sectechno.com/activitywatch
-log-what-you-do-on-your-computer/

Misc. 0wned Code execution via Python package https://github.com/mschwager/0wned

installation.
Information gobuster Directory/file & DNS busting tool https://github.com/OJ/gobuster/
written in Go
Gathering
Management DEFECTDOJO OpenSource Application Security https://github.com/DefectDojo/django-DefectDojo
Management
The leading application vulnerability
management tool built for DevOps and
continuous security integration.

https://www.defectdojo.org/
Scanner Vulnerability Checker WhiteSourceが無償のオープンソース https://www.whitesourcesoftware.com/vulnerability_c
脆弱性チェックツールをローンチ hecker/
https://www.infoq.com/jp/news/2018/09/
whitesource-free-oss-checking
Misc. MobSF Mobile Security Framework Is An https://github.com/MobSF/Mobile-Security-
Automated All-In-One Mobile Framework-MobSF
Application

https://kalilinuxtutorials.com/mobsf-
mobile-security-framework/
Incident IREC IR Evidence Collector https://binalyze.com/products/irec-free/
Response
http://www.sectechno.com/irec-ir-
evidence-collector/
Incident cyphon Open source incident management https://github.com/dunbarcyber/cyphon
and response platform.
Response
https://www.cyphon.io/
Malware Loki Simple IOC and Incident Response https://github.com/Neo23x0/Loki
Scanner

http://www.sectechno.com/loki-v0-28-2-
simple-ioc-and-incident-response-
scanner/
Malware Rastrea2r Collecting & Hunting for IOCs https://github.com/rastrea2r/rastrea2r

http://www.sectechno.com/rastrea2r-
collecting-hunting-for-iocs/

Malware phoenix Cuckoo Sandbox is an automated https://github.com/SparkITSolutions/phoenix

dynamic malware analysis system
http://www.cuckoosandbox.org
Scanner Nishang Offensive PowerShell for penetration https://github.com/samratashok/nishang
testing and offensive security.
Information dnsdiag DNS Diagnostics and Performance https://dnsdiag.org/
Measurement Tools
Gathering
Scanner ANDRAX Pentesting Platform for Android Devices https://andrax-pentest.org/

Information ADRecon Active Directory gathering information https://github.com/sense-of-security/ADRecon

tool
Gathering
https://securityonline.info/adrecon-
active-directory-gathering-information-
tool/
ADRecon
https://www.cqr.tools/tools/adrecon
Incident userline Query and report user logons relations https://github.com/thiber-org/userline
from MS Windows Security Events
Response
https://securityonline.info/userline/
https://github.com/thiber-org/userline
Information poopak TOR Hidden Service Crawler https://github.com/thelematic/poopak
Gathering
https://securityonline.info/poopak-tor-
hidden-service-crawler/
Scanner prowler AWS Security Best Practices https://github.com/toniblyx/prowler
Assessment, Auditing, Hardening and
Forensics Readiness Tool
OS TSURUGI The new DFIR Linux distribution https://tsurugi-linux.org/index.php
Scanner DeepSearch Advanced Web Dir Scanner https://github.com/m4ll0k/DeepSearch
Misc. twint An advanced Twitter scraping & OSINT https://github.com/twintproject/twint
tool written in Python that doesn't use
Twitter's API, allowing you to scrape a
user's followers, following, Tweets and
more while evading most API
limitations.

Misc. flightsim generate malicious network traffic and https://github.com/alphasoc/flightsim

evaluate controls

https://securityonline.info/flightsim/
Scanner DevAudit Open-source, Cross-Platform, Multi- https://github.com/OSSIndex/DevAudit
Purpose Security Auditing Tool

https://www.hacking.reviews/2018/12/d
evaudit-open-source-cross-
platform.html
Attack RedELK Red Team's SIEM - easy deployable https://github.com/outflanknl/RedELK
tool for Red Teams used for tracking
and alarming about Blue Team
activities as well as better usability in
long term operations.

Incident Mac_apt The Smarter and Faster Approach to https://github.com/ydkhatri/mac_apt

macOS Processing
Response
http://cyberforensicator.com/2018/12/12
/mac_apt-the-smarter-and-faster-
approach-to-macos-processing/
Misc. CapAnalysis Network Forensic Tool https://www.capanalysis.net/ca/

http://www.sectechno.com/capanalysis-
network-forensic-tool/
OS VyOS 仮想ルータ https://vyos.io/
Scanner sagacity vulnerability assessment and https://github.com/cyberperspectives/sagacity
compliance data management tool

https://securityonline.info/sagacity/
Misc. TestDisk Data Recovery Software https://www.cgsecurity.org/wiki/TestDisk

http://www.sectechno.com/testdisk-
data-recovery-software/
HoneyPot SNARE Super Next generation Advanced https://github.com/mushorg/snare
Reactive honEypot : a web application
honeypot sensor attracting all sort of
maliciousness from the Internet
Incident RecoveRx 無料で外付けHDD・USBメモリー・SD https://www.transcend-info.com/Support/Software-4/
カードから削除したファイルを復元で
Response
きる「RecoveRx」
https://gigazine.net/news/20190202-
recoverx/
Misc. freevulnsearch Free and open NMAP NSE script to https://github.com/OCSAF/freevulnsearch
query vulnerabilities via the http://cve-
search.org API
Malware SysmonSearch SysmonSearchを用いて不審な挙動を https://blogs.jpcert.or.jp/ja/2019/01/sysmonsearch2.h
調査 tml
Malware SysmonSearch Investigate Suspicious Account https://blogs.jpcert.or.jp/en/2019/02/sysmonsearch2.
Behaviour Using SysmonSearch html
Defense Pi-Hole A black hole for Internet https://github.com/pi-hole/pi-hole
advertisements (Network-wide ad
blocking via your own Linux hardware)
https://pi-hole.net/
Scanner Taipan Taipan: Web application security https://github.com/enkomio/Taipan
scanner
https://securityonline.info/taipan-web-
application-security-scanner/

Misc. FreeRADIUS A multi-protocol policy server. https://github.com/FreeRADIUS/freeradius-server

https://securityonline.info/freeradius-
server/
https://freeradius.org/
Attack kalel Network Stress Test and Penetration https://github.com/noobscode/kalel
Testing Toolkit
https://securityonline.info/network-
stress-test/
Attack rootOS macOS Root Helper https://github.com/thehappydinoa/rootOS
https://www.hacking.reviews/2019/03/ro
otos-macos-root-helper.html

Misc. CIS CSAT IT Security Assessment Tool https://www.scip.ch/en/?labs.20190314

Information EXIST サイバー脅威情報集約システム https://blog.nicter.jp/2019/03/exist/
Gathering
Scanner Osmedeus Fully automated offensive security tool https://github.com/j3ssie/Osmedeus
for reconnaissance and vulnerability
scanning
Database Vulncode-DB A vulnerable code database https://www.vulncode-db.com/
https://www.evonide.com/vulncode-db-
a-vulnerable-code-database/
Defense phpMussel PHP-based Anti-Virus Anti-Trojan Anti- https://phpmussel.github.io/
Malware Solution
https://www.kitploit.com/2019/03/phpmu
ssel-php-based-anti-virus-anti.html
Scanner ADACLScanner Repo for ADACLScan.ps1 - Your https://github.com/canix1/ADACLScanner
number one script for ACL's in Active
Directory
Debug gdbgui Browser-based frontend to gdb (gnu https://github.com/cs01/gdbgui
debugger). Add breakpoints, view the
stack, visualize data structures, and
more in C, C++, Go, Rust, and Fortran.
Run gdbgui from the terminal and a
new tab will open in your browser.

Misc. Skadi Collect, Process, and Hunt with host https://github.com/orlikoski/Skadi

based data from MacOS, Windows,
and Linux
Debug CocoaDebug iOS Debugging Tool https://github.com/CocoaDebug/CocoaDebug
Monitoring Prometheus monitoring system and time series https://prometheus.io/docs/introduction/overview/
database
https://securityonline.info/prometheus/
Misc. Graylog 3 The next generation of Graylog is here! https://www.graylog.org/
Based on thousands of suggestions
from our community, it comes with a
ton of new features that make your job
faster and easier - from troubleshooting
to threat hunting to compliance.
Whether you’re an Enterprise customer
or an Open Source user, you’ll find
plenty of reasons to upgrade.

Malware mkYARA Writing YARA rules for the lazy analyst https://github.com/fox-it/mkyara
https://blog.fox-
it.com/2019/03/28/mkyara-writing-yara-
rules-for-the-lazy-analyst/

Phishing Miteru An experimental phishing kit detection https://github.com/ninoseki/miteru

tool
https://securityonline.info/miteru/
Defense Dejavu Open Source Deception Framework https://github.com/bhdresh/Dejavu
https://securityonline.info/dejavu/
Misc. Findsploit Find exploits in local and online http://www.sectechno.com/findsploit-find-exploits-in-
databases local-and-online-databases/

Misc. GNS3 「Graphical Network https://www.gns3.com/software

Simulator（GNS3）」とは、クロスプ
ラットフォームのグラフィカルネット
ワークシミュレータです。
GNS3を使えば、Cisco
IOS、Juniper、MikroTik、Arista、およ
びVyattaなどの実際のネットワークオ
ペレーティングシステムを使い、仮想
ネットワークをPC上で設計およびテス
トを行うことができます。
https://qiita.com/v_avenger/items/1f726
OPNsense® e936b45056527a6
Open Source Firewall - High-end https://opnsense.org/
Defense
Security Made Easy
Monitoring Swordphish Phishing Awareness Tool https://github.com/certsocietegenerale/swordphish-
http://www.sectechno.com/swordphish- awareness
phishing-awareness-tool/
Incident OSFMount Mount Disk Images & Create RAM https://www.osforensics.com/tools/mount-disk-
Drives images.html
Response
Management LogESP LogESP: Open Source SIEM (Security https://github.com/dogoncouch/LogESP
Information and Event Management
system).
https://securityonline.info/security-
information-event-management-system/

Management Skadi Collect, Process, and Hunt with host https://github.com/orlikoski/Skadi

based data from MacOS, Windows,
and Linux • Penetration Testing
https://securityonline.info/skadi-collect-
process-and-hunt-with-host-based-
data-from-macos-windows-and-linux/
Misc. Sh00t Platform for Manual Security Testers &
Bug Hunters | SecTechno https://github.com/pavanw3b/sh00t
http://www.sectechno.com/sh00t-
platform-for-manual-security-testers-
bug-hunters/
OS SigintOS Signal Intelligence Linux Distribution https://www.sigintos.com/
https://haxf4rall.com/2019/04/22/siginto
s/
Scanner Osmedeus Fully Automated Offensive Security https://github.com/j3ssie/Osmedeus
Tool For Reconnaissance And
Vulnerability Scanning
https://www.hacking.reviews/2019/04/o
smedeus-fully-automated-
offensive_27.html
Misc. YETI and Elastic Stack Threat Hunting using YETI and Elastic YETI
Stack https://yeti-platform.github.io/
https://blog.ensilo.com/threat-hunting-
tips YetiToElastic: YETI (Your Everyday Threat
Intelligence) Integration to Elastic Stack
https://github.com/BreakingMalwareResearch/YetiTo
Elastic
Malware MalConfScan Volatility plugin for extracts https://github.com/JPCERTCC/MalConfScan
configuration data of known malware

Malware MalConfScan-with-Cuckoo Cuckoo Sandbox plugin for extracts https://github.com/JPCERTCC/MalConfScan-with-

configuration data of known malware Cuckoo
OSINT Twint An Advanced Twitter Scraping And https://github.com/twintproject/twint
OSINT Tool
https://www.hacking.reviews/2019/05/t
wint-advanced-twitter-scraping-and.html
Misc. HxD Hex and Disk Editor https://mh-nexus.de/en/hxd/
http://www.sectechno.com/hxd-hex-
and-disk-editor/
Information Twint Twitter Scraping & OSINT Intelligence https://github.com/twintproject/twint
Tool - Techincidents
Gathering
https://kalilinuxtutorials.com/twint-
twitter-osint-intelligence/

Incident Response autotimeliner Automagically extract forensic timeline https://github.com/andreafortuna/autotimeliner

from volatile memory dump
https://securityonline.info/autotimeliner/

Attack WiFiBroot A WiFi Pentest Cracking tool for https://github.com/hash3liZer/WiFiBroot

WPA/WPA2
https://securityonline.info/wifibroot/
Monitoring Pacbot Platform For Continuous Compliance https://github.com/tmobile/pacbot
Monitoring, Compliance Reporting And
Security Automation For The Cloud
https://www.hacking.reviews/2019/05/p
acbot-platform-for-continuous.html

Information Horn3t Powerful Visual Subdomain https://github.com/janniskirschner/horn3t

Enumeration At The Click Of A Mouse
Gathering
https://www.hacking.reviews/2019/05/h
orn3t-powerful-visual-subdomain.html
Incident Response Windows Forensic Toolchest (WFT) Live Response Toolkit http://www.foolmoon.net/security/wft/index.html
http://www.sectechno.com/windows-
forensic-toolchest-wft-live-response-
toolkit/
Misc. tracy finding all sinks and sources of a web https://github.com/nccgroup/tracy
application
https://www.prodefence.org/tracy-v0-6-
1-releases-finding-all-sinks-and-
sources-of-a-web-application-2/

OS FreePBX a web-based open source GUI https://www.freepbx.org/

(graphical user interface) that controls
and manages Asterisk (PBX), an open
source communication server.
Management netbox IP address management (IPAM) and https://github.com/digitalocean/netbox
data center infrastructure management
(DCIM) tool.
Misc. Auto Screen Capture for Windows Auto Screen Capture for Windows - https://sourceforge.net/projects/autoscreen/
gHacks Tech News
https://www.ghacks.net/2019/06/24/aut
o-screen-capture-for-windows/
Misc. InfectionMonkey Breach and Attack Simulation Tool to https://github.com/guardicore/monkey
Evaluate the Security of your Network
https://haxf4rall.com/2019/06/29/infectio
nmonkey/
Incident Response MIG Real-time IR and Investigation Platform https://github.com/mozilla/mig
http://www.sectechno.com/mig-real-
time-ir-and-investigation-platform/

Monitoring Sooty The SOC Analysts all-in-one CLI tool to https://github.com/TheresAFewConors/Sooty

automate and speed up workflow.

OSINT Project iKy Email Information Gathering Tool with https://kennbroorg.gitlab.io/ikyweb/

a Visual Interface
https://haxf4rall.com/2019/07/01/project
-iky/
OSINT SpiderFoot the most complete OSINT collection https://github.com/smicallef/spiderfoot
and reconnaissance tool.
http://www.spiderfoot.net/
Management VulnWhisperer Create Actions from Vulnerability Data https://github.com/HASecuritySolutions/VulnWhisper
http://www.sectechno.com/vulnwhisper er
er-create-actions-from-vulnerability-
data/

Incident Rifiuti2 Windows Recycle Bin analyser https://abelcheung.github.io/rifiuti2/

https://haxf4rall.com/2019/07/05/rifiuti2-
Response
windows-recycle-bin-analyser/
https://github.com/abelcheung/rifiuti2
Monitoring ActivityWatch Time-Tracking Application with a Focus https://github.com/ActivityWatch/activitywatch
on Extensibility and Privacy
https://haxf4rall.com/2019/07/05/activity
watch-time-tracking-app/
Misc. net-creds Sniffs Sensitive Data from interface or https://github.com/DanMcInerney/net-creds
pcap
http://www.sectechno.com/net-creds-
sniffs-sensitive-data-from-interface-or-
pcap/
Misc. PCredz extracts Credit card numbers, https://github.com/lgandx/PCredz
NTLM(DCE-RPC, HTTP, SQL, LDAP,
etc), Kerberos (AS-REQ Pre-Auth
etype 23), HTTP Basic, SNMP, POP,
SMTP, FTP, IMAP, etc from a pcap file
or from a live interface.
OSINT OpenCTI Open Cyber Threat Intelligence https://opencti-platform.github.io/docs/getting-
Platform started/introduction
Incident Response Skadi DFIR Framework to Collect Process https://www.skadivm.com/
and Hunt
http://www.sectechno.com/skadi-dfir-
framework-to-collect-process-and-hunt/

OSINT RedHunt-OS Adversary Emulation & Threat Hunting https://github.com/redhuntlabs/RedHunt-OS

VM
http://sectechno.com/redhunt-os-v2-
adversary-emulation-threat-hunting-vm/

Scanner NetScanTools Set of Network Security Tools https://www.netscantools.com/nstpromain.html

https://sectechno.com/netscantools-set-
of-network-security-tools/
Misc. NirLauncher Collection of more than 200 portable https://launcher.nirsoft.net/
utilities from NirSoft
Misc. navi An interactive cheatsheet tool for the https://github.com/denisidoro/navi
command-line
Misc. Cloud-Security-Research Cloud-related research releases from https://github.com/RhinoSecurityLabs/Cloud-
the Rhino Security Labs team. Security-Research
Misc. MemProcFS The Memory Process File System https://github.com/ufrisk/MemProcFS
Information pOSINT Gather Open-Source Intelligence using https://github.com/ecstatic-nobel/pOSINT
PowerShell
Gathering
OSINT FinalRecon OSINT Tool for All-In-One Web https://github.com/thewhiteh4t/FinalRecon
Reconnaissance
https://sectechno.com/finalrecon-osint-
tool-for-all-in-one-web-reconnaissance/

Incident ManaTI A Web-Based Tool To Assist The https://github.com/stratosphereips/Manati

Work Of The Intuitive Threat Analysts
Response
https://www.kitploit.com/2019/10/manati
-web-based-tool-to-assist-work-of.html

Misc. Fenrir Simple Bash IOC Scanner https://github.com/Neo23x0/Fenrir

https://www.kitploit.com/2019/10/fenrir-
simple-bash-ioc-scanner.html
Incident Eric Zimmerman's tools Useful tools for IR https://ericzimmerman.github.io/
Response
Misc. PatrOwl Smart and Scalable Security https://github.com/Patrowl/PatrowlDocs
Operations Orchestration Platform
https://haxf4rall.com/2019/10/07/patrowl
-smart-and-scalable-security-
operations-orchestration-platform/
https://www.patrowl.io/
Information Recsech Web Reconnaissance Tools https://github.com/radenvodka/Recsech
https://sectechno.com/recsech-web-
Gathering
reconnaissance-tools/
Defense Unfetter Discover and analyze gaps in your https://github.com/unfetter-discover/unfetter
security posture.
https://nsacyber.github.io/unfetter/
Incident Volatility 3.0 development Memory Forensics Tool (Ver. 3) https://github.com/volatilityfoundation/volatility3/
Response
Incident Volumetric a web-based GUI for the volatility3 https://github.com/volatilityfoundation/volumetric
library
Response
Incident AVML Acquire Volatile Memory for Linux https://github.com/microsoft/avml
Response
IoT IoT-Implant-Toolkit Toolkit For Implant Attack Of IoT https://github.com/arthastang/IoT-Implant-Toolkit
Devices
Scanner Prowler CIS Based AWS Account Hardening https://github.com/toniblyx/prowler
Tool
https://sectechno.com/prowler-cis-
based-aws-account-hardening-tool/
Attack RedCloud Powerful Red Team Infrastructure https://github.com/khast3x/Redcloud
deployment using Docker
https://haxf4rall.com/2019/10/31/redclo
ud/
OSINT ThreatIngestor Extract And Aggregate Threat https://github.com/InQuest/ThreatIngestor
Intelligence
https://www.kitploit.com/2019/10/threati
ngestor-extract-and-aggregate.html
Defense Antimeter Monitor and kill meterpreter session https://www.mertsarica.com/antimeter-tool/
Defense antipwny A host based IDS written in C# https://github.com/rvazarkar/antipwny
Targetted at Metasploit
Misc. LaZagne Credentials recovery project https://github.com/AlessandroZ/LaZagne

LaZagneを使用してWindows10に保存
されているパスワードを根こそぎ奪う
方法
https://security-
record.com/entry/2023/08/13/230455
Incident DFIRtriage Digital Forensic Acquisition Tool For https://github.com/travisfoley/dfirtriage
Windows Based Incident Response
Response
https://www.kitploit.com/2019/11/dfirtria
ge-digital-forensic-acquisition.html
IoT kamerka Build interactive map of cameras from https://github.com/woj-ciech/kamerka
Shodan
IoT Kamerka-GUI Ultimate IoT/Industrial Control Systems https://github.com/woj-ciech/Kamerka-GUI
reconnaissance tool
https://securityonline.info/kamerka-gui/

IoT FACT_core Firmware Analysis and Comparison https://github.com/fkie-cad/FACT_core/

Tool
IoT FACT_analysis-plugin_CVE-lookup FACT analysis plug-in that maps https://github.com/fkie-cad/FACT_analysis-
software version to cves plugin_CVE-lookup
https://github.com
Misc. DMDE DM Disk Editor and Data Recovery https://dmde.com/
Software
https://sectechno.com/dmde-dm-disk-
editor-and-data-recovery-software/
Information Instant Data Scraper データ スクレイピングに便利な https://chrome.google.com/webstore/detail/instant-
Chrome 拡張機能 です data-scraper/ofaokhiedipichpaobibbnahnkdoiiah
Gathering
Reverse Sourcetrail free and open-source interactive https://github.com/CoatiSoftware/Sourcetrail
source explorer:
Engineering
https://www.sourcetrail.com/
Misc. SigintOS Signal Intelligence Linux Distribution https://www.sigintos.com/
Scanner Vistumbler Open Source WiFi scanner and https://www.vistumbler.net/
channel scanner for windows
Monitoring ROCK NSM An open source Network Security http://rocknsm.io/
Monitoring platform.
Management Aaia AWS Identity and Access Management https://github.com/rams3sh/Aaia
Visualizer and Anomaly Finder
https://securityonline.info/aaia-
visualizing-aws-iam/
Management netbox IP address management (IPAM) and https://github.com/netbox-community/netbox
data center infrastructure management
(DCIM) tool
Incident Beagle an incident response and digital https://github.com/yampelo/beagle
forensics tool which transforms security
Response
logs and data into graphs.
Incident Skadi Collect, Process, and Hunt with host https://github.com/orlikoski/Skadi
based data from MacOS, Windows,
Response
and Linux
Incident turbinia Automation and Scaling of Digital https://github.com/google/turbinia
Forensics Tools
Response
Incident CyLR Live Response Collection Tool https://github.com/orlikoski/CyLR
Response
Incident CDQR The Cold Disk Quick Response https://github.com/orlikoski/CDQR
(CDQR) tool is a fast and easy to use
Response
forensic artifact parsing tool that works
on disk images, mounted drives and
extracted artifacts from Windows,
Linux, MacOS, and Android devices
Fuzzing fuzzowski the Network Protocol Fuzzer that we https://github.com/nccgroup/fuzzowski
will want to use.
Misc. CVE Api Parse & filter the latest CVEs from https://github.com/Beyarz/Cve-api
cve.mitre.org
https://www.kitploit.com/2020/02/cve-
api-parse-filter-latest-cves-from.html
Management Spacewalk Free & Open Source Linux Systems https://github.com/spacewalkproject/spacewalk
Management
https://spacewalkproject.github.io/
Monitoring Grafana The open source analytics and https://github.com/grafana/grafana
monitoring solution for every database
https://grafana.com/
Scanner Dirble Fast Directory Scanning and Scraping https://github.com/nccgroup/dirble
Tool
https://sectechno.com/dirble-fast-
directory-scanning-and-scraping-tool/
Reverse gdb-frontend an easy, flexible and extensionable gui https://github.com/rohanrhu/gdb-frontend
debugger.
Engineering
https://oguzhaneroglu.com/projects/gdb
-frontend/
OS CSI Linux Designed by Investigators for https://csilinux.com/
Investigators

OSINT Investigations Made Simple:

Installing CSI Linux On VirtualBox
https://publication.osintambition.org/osi
nt-investigations-made-simple-
installing-csi-linux-on-virtualbox-
61fb280c9009
CSI Linux: Linux Distribution for Cyber
and OSINT Investigation
https://hackernoon.com/csi-linux-linux-
distribution-for-cyber-and-osint-
wxHexEditor investigation
Hex Editor / Disk Editor for Huge Files https://github.com/EUA/wxHexEditor
Misc.
or Devices on Linux, Windows and
MacOSX
https://www.kitploit.com/2020/04/wxhex
editor-hex-editor-disk-editor-for.html

Misc. BruteShark Network Analysis Tool https://github.com/odedshimon/BruteShark

Debug API Monitor Spy on API Calls and COM Interfaces http://www.rohitab.com/apimonitor
Misc. Ventoy A new bootable USB solution. https://github.com/ventoy/Ventoy
Multi ISO + Softwares (All In One)
Misc. Threat Dragon Online Threat Modelling Tool from https://github.com/mike-goodwin/owasp-threat-
OWASP dragon
https://sectechno.com/threat-dragon-
online-threat-modelling-tool-from-
owasp/
Threat Hunting Grafiki Threat Hunting tool about Sysmon and https://github.com/lucky-luk3/Grafiki
graphs
Misc. wordlist_generator Unique wordlist generator of unique https://github.com/SomeKirill/wordlist_generator/
wordlists.
Misc. darkshot Lightshot scraper on steroids with OCR. https://github.com/mxrch/darkshot

Threat Hunting ThreatPursuit VM A Threat Intelligence and Hunting https://github.com/fireeye/ThreatPursuit-VM

Virtual Machine
https://www.fireeye.com/blog/threat-
research/2020/10/threatpursuit-vm-
threat-intelligence-and-hunting-virtual-
machine.html
Misc. Screen Translator 翻訳機能付きの OCR ツール https://github.com/OneMoreGres/ScreenTranslator/
https://www.gigafree.net/tool/ocr/Scree
n-Translator.html
Malware OpenEDR Open Source Endpoint Detection and https://github.com/ComodoSecurity/openedr
Response
https://openedr.com/
Misc. blender オープンソースの統合型3DCGソフト https://www.blender.org/
ウェアの一つであり、3Dモデリング、
モーショングラフィックス、アニメー
ション、シミュレーション、レンダリ
ング、デジタル合成
(コンポジット)などの機能を備えている

Misc. ArchiveBox Open source self-hosted web https://github.com/ArchiveBox/ArchiveBox

archiving. Takes URLs/browser
history/bookmarks/Pocket/Pinboard/etc.
, saves HTML, JS, PDFs, media, and
more...
(色々と、アーカイブできそうです)
Misc. FreshRSS a self-hosted RSS feed aggregator like https://github.com/FreshRSS/FreshRSS
Leed or Kriss Feed.
(RSS
利用者には、便利なツールだと思いま
す。ただ、サーバーを立てるので、少
し、手間がかかるかも)

Misc. ThreatMapper Identify vulnerabilities in running https://github.com/deepfence/ThreatMapper

containers, images, hosts and
repositories
Misc. chipsec Platform Security Assessment https://github.com/chipsec/chipsec
Framework
Malware halogen Automatically create YARA rules from https://github.com/target/halogen
malicious documents.
Misc. NtHiM Now, the Host is Mine! - Super Fast https://github.com/TheBinitGhimire/NtHiM
Sub-domain Takeover Detection!
Information OnionSearch a script that scrapes urls on different https://github.com/megadose/OnionSearch
.onion search engines.
Gathering
Misc. Malcolm a powerful, easily deployable network https://github.com/cisagov/Malcolm
traffic analysis tool suite for full packet
capture artifacts (PCAP files) and Zeek
logs.
Incident Sparrow to help detect possible compromised https://github.com/cisagov/Sparrow
accounts and applications in the
Response
Azure/m365 environment.
Incident CHIRP A forensic collection tool written in https://github.com/cisagov/CHIRP
Python.
Response
Misc. capa capa detects capabilities in executable https://github.com/fireeye/capa
files. You run it against a PE file or
shellcode and it tells you what it thinks
the program can do. For example, it
might suggest that the file is a
backdoor, is capable of installing
services, or relies on HTTP to
communicate.
Malware Malwoverview a first response tool used for threat https://github.com/alexandreborges/malwoverview
hunting and offers intel information
from Virus Total, Hybrid Analysis,
URLHaus, Polyswarm, Malshare, Alien
Vault, Malpedia, ThreatCrowd,
Valhalla, Malware Bazaar, ThreatFox
and it is able to scan Android devices
against VT and HA.
Misc. vulnerablecode A free and open vulnerabilities https://github.com/nexB/vulnerablecode
database and the packages they
impact. And the tools to aggregate and
correlate these vulnerabilities.
Information darkdump Search The Deep Web Straight From https://github.com/josh0xA/darkdump
Your Terminal
Gathering
Misc. Shuffle Automation An Open Source SOAR solution https://shuffler.io/
Defense KubeArmor Container-aware Runtime Security https://github.com/accuknox/KubeArmor
Enforcement System https://kubearmor.com/
Misc. CANalyse A Vehicle Network Analysis And Attack https://github.com/KartheekLade/CANalyse
Tool
https://www.hacking.reviews/2021/05/c
analyse-vehicle-network-analysis-
and.html
Scanner red-detector Scan your EC2 instance to find its https://github.com/lightspin-tech/red-detector
vulnerabilities using Vuls
(https://vuls.io/en/)
Information Mihari A framework for continuous OSINT https://github.com/ninoseki/mihari
based threat hunting
Gathering
Phishing SniperPhish The Web-Email Spear Phishing Toolkit https://github.com/GemGeorge/SniperPhish
Misc. Janssen the world's fastest cloud native identity https://github.com/JanssenProject/home
and access management platform

Misc. cartography Cartography is a Python tool that https://github.com/lyft/cartography

consolidates infrastructure assets and
the relationships between them in an
intuitive graph view powered by a
Neo4j database.
Misc. grapl Graph platform for Detection and https://github.com/grapl-security/grapl
Response
Misc. Judge Jury And Executable A file system forensics analysis https://github.com/AdamWhiteHat/Judge-Jury-and-
scanner and threat hunting tool. Scans Executable
file systems at the MFT and OS level
and stores data in SQL, SQLite or
CSV. Threats and data can be probed
harnessing the power and syntax of
SQL.
Misc. Inkscape a Free and open source vector https://inkscape.org/
graphics editor for GNU/Linux,
Windows and MacOS X.
Misc. NocoDB Turns any MySQL, PostgreSQL, SQL https://github.com/nocodb/nocodb
Server, SQLite & MariaDB into a smart-
spreadsheet. Free & Open Source.
https://www.nocodb.com/

Vulnerability Vulnerability Database 脆弱性情報の更新頻度も高そうです https://osv.dev/list

Vulnerability CVE Details https://www.cvedetails.com/vulnerability-
脆弱性情報 search.php
Vulnerability CVE Search 脆弱性情報 https://www.cvebase.com/cve
Vulnerability CVE-Search - CIRCL 脆弱性情報 https://cve.circl.lu/
Vulnerability NVD - Search and Statistics 脆弱性情報 https://nvd.nist.gov/vuln/search
Vulnerability JVN iPedia - https://jvndb.jvn.jp/
脆弱性対策情報データベース 脆弱性情報
Vulnerability X-Force Exchange Search https://exchange.xforce.ibmcloud.com/search/%23
脆弱性情報 vulnerability
Vulnerability CXSECURITY.COM 脆弱性情報 https://cxsecurity.com/
Vulnerability Show Common Vulnerabilities and https://cxsecurity.com/cve/
Exposures - CXSecurity.com 脆弱性情報
Vulnerability Known Exploited Vulnerabilities https://www.cisa.gov/known-exploited-
Catalog | CISA 脆弱性情報 vulnerabilities-catalog
Vulnerability Open Source Vulnerability Database https://www.whitesourcesoftware.com/vulnerabilit
| WhiteSource 脆弱性情報 y-database/
Vulnerability OpenCVE 脆弱性情報 https://www.opencve.io/cve
Vulnerability Published | Zero Day Initiative https://www.zerodayinitiative.com/advisories/publi
脆弱性情報 shed/
Vulnerability Upcoming | Zero Day Initiative https://www.zerodayinitiative.com/advisories/upco
脆弱性情報 ming/
Vulnerability Seebug 脆弱性情報 https://www.seebug.org/
Vulnerability Snyk Vulnerability Database 脆弱性情報 https://security.snyk.io/
Vulnerability Threat Intelligence Feed 脆弱性情報 https://proteuscyber.com/threat-intelligence
Vulnerability VulDB Live Recent 脆弱性情報 https://vuldb.com/?live.recent
Vulnerability Vulmon 脆弱性情報 https://vulmon.com/
Vulnerability Vulnerability Database 脆弱性情報 https://www.cybersecurity-help.cz/vdb/
Vulnerability VULNERABILITY LAB 脆弱性情報 https://www.vulnerability-lab.com/
Vulnerability Vulners - Vulnerability Data Base 脆弱性情報 https://vulners.com/
Vulnerability Vumetric Cybersecurity Portal 脆弱性情報 https://cyber.vumetric.com/vulns/
Vulnerability CVE Trends 脆弱性情報 https://cvetrends.com/
Patch ZDI Microsoft 月次パッチ情報 https://www.zerodayinitiative.com/blog/
Patch Bleeping Computer Microsoft 月次パッチ情報 https://www.bleepingcomputer.com/
Patch SANS Internet Storm Center Microsoft 月次パッチ情報 https://isc.sans.edu/diary/
Patch Microsoft Patch Tuesday by Microsoft 月次パッチ情報 https://patchtuesdaydashboard.com/
Morphus Labs
IoC ioccheck IoC（Indicator of https://github.com/ranguli/ioccheck
Compromise）「セキュリティ侵害イン
ジケーター」
IoC AlienVault IoC（Indicator of https://otx.alienvault.com/browse/pulses
Compromise）「セキュリティ侵害イン
ジケーター」
IoC AlienVault - OTX IoC（Indicator of https://otx.alienvault.com/
Compromise）「セキュリティ侵害イン
ジケーター」
IoC ThreatMiner.org IoC（Indicator of https://www.threatminer.org/
Compromise）「セキュリティ侵害イン
ジケーター」
IoC ThreatFox IoC（Indicator of https://threatfox.abuse.ch/
Compromise）「セキュリティ侵害イン
ジケーター」
IoC InQuest Labs - InQuest.net IoC（Indicator of https://labs.inquest.net/
Compromise）「セキュリティ侵害イン
ジケーター」
IoC Alerts and advisories - Canadian IoC（Indicator of https://cyber.gc.ca/en/alerts-advisories
Centre for Cyber Security Compromise）「セキュリティ侵害イン
ジケーター」
IoC threatABLE IoC（Indicator of https://www.threatable.io/
Compromise）「セキュリティ侵害イン
ジケーター」
IoC Check IoC IoC（Indicator of https://www.threatstop.com/check-ioc
Compromise）「セキュリティ侵害イン
ジケーター」
Information Case management (MISP MISP 関連 https://medium.com/@ibrahim.ayadhi/case-
Gathering インストール) management-20d8fd815ee2
Information MISP Project MISP 関連 https://www.misp-project.org/
Gathering
Information MISP Online MISP 関連 https://misppriv.circl.lu/
Gathering
Information MISP (Github) MISP 関連 https://github.com/MISP/MISP
Gathering
Information MISP (VM) MISP 関連 https://www.circl.lu/misp-images/latest/
Gathering
Misc. Tor-IP-Addresses/tor-exit-nodes.lst Tor の Exit ノードリスト https://github.com/SecOps-Institute/Tor-IP-
Addresses/blob/master/tor-exit-nodes.lst
Phishing 0xSI_f33d - Portugal Abuse Open Phishing 関連 https://feed.seguranca-informatica.pt/index.php
Feed
Phishing dnstwist Phishing 関連 https://dnstwist.it/
Phishing PhishTank Phishing 関連 https://phishtank.org/
Phishing OpenPhish Phishing 関連 https://openphish.com/
Phishing ISIT Phishing? Phishing 関連 https://isitphishing.org/
Phishing MetaDefender Cloud Phishing 関連 https://metadefender.opswat.com/jp/
Phishing Phishing Email Templates Phishing 関連 https://caniphish.com/free-phishing-test/phishing-
email-templates
Phishing CheckPhish Phishing 関連 https://checkphish.ai/
Information ACT ACT 関連 https://github.com/mnemonic-no/act-platform
Gathering
Information ACT | Demo ACT 関連 https://act-eu1.mnemonic.no/
Gathering
Information ACT | Demo 2 ACT 関連 https://act-eu2.mnemonic.no/
Gathering
Information act/virtual-appliance ACT 関連 https://github.com/mnemonic-
Gathering no/act/blob/master/virtual-appliance.md
OSINT aguse.jp Web サイト調査 https://www.aguse.jp/
OSINT urlscan.io Web サイト調査 https://urlscan.io/
OSINT urlquery.net Web サイト調査 https://urlquery.net/
OSINT Sucuri SiteCheck Web サイト調査 https://sitecheck.sucuri.net/
OSINT URLVoid Web サイト調査 https://www.urlvoid.com/
OSINT AbuseIPDB Web サイト調査 https://www.abuseipdb.com/
Misc. Threat Group Cards: A Threat Actor Threat Actor (攻撃者 グループ) https://apt.etda.or.th/cgi-bin/aptgroups.cgi
Encyclopedia
Misc. APT Groups and Operations - Threat Actor (攻撃者 グループ) https://docs.google.com/spreadsheets/u/1/d/1H9_
Google ドライブ xaxQHpWaa4O_Son4Gx0YOIzlcBWMsdvePFX68EKU
/pubhtml#
Malware ANY.RUN マルウェア解析 https://any.run/
Malware AV-ATLAS マルウェア情報 他 https://portal.av-atlas.org/
Malware CERT.PL>_ Malware Database マルウェア データベース https://mwdb.cert.pl/login
Malware OSINT.DigitalSide.it - Report List マルウェア データベース https://osint.digitalside.it/report/
Malware Intezer Analyze マルウェア解析 https://analyze.intezer.com/
Malware Joe Sandbox マルウェア解析 https://www.joesandbox.com/
Malware MalShare マルウェア検索、マルウェア https://www.malshare.com/search.php
データベース 他
Malware MalwareBazaar マルウェア データベース https://bazaar.abuse.ch/browse/
Malware Ransomware - DeepWeb ランサムウェア情報 https://darkfeed.io/indexransomware/?__cf_chl_m
intelligence Feed anaged_tk__=pmd_kvsFYbj8qtY8aecbEfke8AS7h8
bZXVf787TPiqH_W5U-1632737476-0-
gqNtZGzNAvujcnBszRM9
Malware RansomWiki - DeepWeb ランサムウェア情報 https://darkfeed.io/ransomwiki/
intelligence Feed
Malware VirusTotal マルウェア解析、情報 他 https://www.virustotal.com/gui/home/search
Malware HYBRID-ANALYSIS マルウェア解析 https://www.hybrid-analysis.com/?lang=ja
Malware Yaraify YARA を活用したマルウェア解析 他 https://yaraify.abuse.ch/
Archive Wayback Machine アーカイブ 関連 http://archive.org/
Archive Browser Caching Checker アーカイブ 関連 https://www.giftofspeed.com/cache-checker/
Archive ArchiveBox アーカイブ 関連 https://github.com/ArchiveBox/ArchiveBox
Archive archiv.today アーカイブ 関連 https://archive.ph/
Archive 魚拓 アーカイブ 関連 https://megalodon.jp/
Archive Archive-It - Web Archiving Services アーカイブ 関連 https://archive-it.org/
for Libraries and Archives
OSINT Bellingcat's Online Investigation 各種 OSINT ツール/サイト 情報 https://docs.google.com/spreadsheets/d/18rtqh8E
Toolkit G2q1xBo2cLNyhIDuK9jrPGwYr9DI2UncoqJQ/edit#
gid=930747607
OSINT OSINT Framework 各種 OSINT ツール/サイト 情報 https://osintframework.com/
OSINT SecurityTrails OSINT 関連 https://securitytrails.com/
OSINT Intelligence X OSINT 関連 https://intelx.io/
OSINT mmhdan OSINT 関連 https://mmhdan.herokuapp.com/
OSINT Netlas: OSINT 関連 https://app.netlas.io/responses/
OSINT OSINT Dojo 各種 OSINT ツール/サイト 情報 https://www.osintdojo.com/resources/
OSINT OSINT Resource List 各種 OSINT ツール/サイト 情報 https://start.me/p/rx6Qj8/nixintel-s-osint-
resource-list
OSINT OSINTによるセキュリティ情報調査方 各種 OSINT ツール/サイト 情報 https://qiita.com/osada/items/c75c34ce716ee4ffba
法まとめ - Qiita 8f
OSINT Maltiverse IoC 検索 他 https://maltiverse.com/search
OSINT Pulsedive IoC 検索 他 https://pulsedive.com/
OSINT OSINT tools for investigating Twitter ユーザー名検索 https://www.aware-online.com/en/osint-
usernames tools/twitter-search-tool/
OSINT 普段の調査で利用するOSINTまとめ - 各種 OSINT ツール/サイト 情報 https://qiita.com/00001B1A/items/4d8ceb53993d3
Qiita 217307e
OSINT IntelTechniques Address Search 各種 OSINT ツール/サイト 情報 https://inteltechniques.com/tools/Address.html
Tool
OSINT OSINT Cheatsheet (sites,tools) 各種 OSINT ツール/サイト 情報 https://medium.com/@R00tendo/osint-
cheatsheet-7a9cb9dee28
OSINT Censys OSINT サイト https://search.censys.io/
OSINT BinaryEdge OSINT サイト https://app.binaryedge.io/services/query
OSINT Shodan OSINT サイト https://shodan.io
OSINT Blueliv community OSINT サイト https://community.blueliv.com/#!/timeline
OSINT ZoomEye OSINT サイト https://www.zoomeye.org/
OSINT fofa OSINT サイト https://fofa.info/
OSINT Threat Crowd メンテナンス中 (2023.10.1) https://www.threatcrowd.org/
OSINT Intelx パスワード漏洩関連 https://intelx.io/
OSINT LeakIX パスワード漏洩関連 https://leakix.net/
OSINT DeHashed パスワード漏洩関連 https://dehashed.com/
OSINT LEAKED.SITE パスワード漏洩関連 https://leaked.site/index.php?home/
OSINT LeakCheck パスワード漏洩関連 https://leakcheck.io/
OSINT LeakCheck パスワード漏洩関連 https://leakcheck.net/
OSINT Have I Been Pwned パスワード漏洩関連 https://haveibeenpwned.com/
OSINT BugMeNot: share logins パスワード漏洩関連 http://bugmenot.com/
OSINT BREACHDIRECTORY パスワード漏洩関連 https://breachdirectory.org/
OSINT SpyCloud パスワード漏洩関連 https://spycloud.com/
OSINT LeakCheck パスワード漏洩関連 https://leakcheck.net/
OSINT PSBDMP パスワード漏洩関連 https://psbdmp.ws/
OSINT IntelX (別名: Intelligence X) パスワード漏洩関連 https://intelx.io/
OSINT HudsonRock パスワード漏洩関連 https://www.hudsonrock.com/
OSINT Leak-Lookup パスワード漏洩関連 https://leak-lookup.com/
OSINT Hackcheck パスワード漏洩関連 https://hackcheck.io/
OSINT LeakPeek パスワード漏洩関連 https://leakpeek.com/
OSINT BuiltWithテクノロジ検索 テクノロジー調査 https://builtwith.com/ja/
OSINT Find out what websites are built テクノロジー調査 https://www.wappalyzer.com/
with - Wappalyzer
OSINT SSL Server Test SSL / TLS 調査関連 https://www.ssllabs.com/ssltest/index.html
OSINT TLS Checker - Instant Results | SSL / TLS 調査関連 https://www.cdn77.com/tls-test
CDN77.com
OSINT TLS Checker | Site24x7 Tools SSL / TLS 調査関連 https://www.site24x7.com/tools/tls-checker.html
OSINT Certificate Checker - Godaddy SSL / TLS 調査関連 https://ssltools.godaddy.com/views/certChecker
OSINT crt.sh | Certificate Search SSL / TLS 調査関連 https://crt.sh/
OSINT Entrust Certificate Search SSL / TLS 調査関連 https://ui.ctsearch.entrust.com/ui/ctsearchui
OSINT SSL Scanner SSL / TLS 調査関連 https://ssltools.com/
OSINT SSLyze SSL / TLS 調査関連 https://hackertarget.com/ssl-check/
OSINT SSL Certificate Checker - Diagnostic SSL / TLS 調査関連 https://www.digicert.com/help/
Tool | DigiCert.com
OSINT SSLチェック【証明書・プロトコル・暗 SSL / TLS 調査関連 https://www.cman.jp/network/support/ssl.html
号スイート確認】
OSINT Free SSL Web Server Tester • SSL / TLS 調査関連 https://www.wormly.com/test_ssl/
Wormly Monitoring
OSINT Scan TLS heath and configuration - SSL / TLS 調査関連 https://geekflare.com/tools/tls-scanner
Geekflare Tools
OSINT Test TLS SSL / TLS 調査関連 https://testtls.com/
OSINT SSL/TLS Certificate Test Tool SSL / TLS 調査関連 https://network-tools.webwiz.net/ssl-certificate-
checker.htm
OSINT Self Signed Certificate Checker SSL / TLS 調査関連 https://securityforeveryone.com/tools/self-signed-
certificate-checker
Misc. DarkTracer メンテナンス中 (2023.10.1) https://darktracer.com/
Misc. FireHOL IP Lists | IP Blacklists | IP IP Feeds http://iplists.firehol.org/
Blocklists | IP Reputation
Misc. GreyNoise Visualizer 各種 IoC、セキュリティ情報 https://viz.greynoise.io/cheat-sheet/tags
OSINT OpenCTI OpenCTI 関連 https://github.com/OpenCTI-Platform/opencti
OSINT OpenCTI - Demo OpenCTI 関連 https://demo.opencti.io/
OSINT OpenCTI - connectors OpenCTI 関連 https://github.com/OpenCTI-Platform/connectors
OSINT OpenCTIのインストール(I) OpenCTI 関連 https://security.sios.com/security/opencti-install-1-
20211027.html
OSINT OpenCTIのインストール(2) OpenCTI 関連 https://security.sios.com/security/opencti-install-2-
20211101.html
OSINT OpenCTI - Virtual machine template OpenCTI 関連 https://www.notion.so/Virtual-machine-template-
1789b4442b414dbf87f748db51c85aa5
Malware OneNoteAnalyzer A C# based tool for analysing malicious https://github.com/knight0x07/OneNoteAnalyzer
OneNote documents
OSINT MISP デモサイト 自動ログインのため、ID/Pass https://demo.misp-community.org
は不要です
Monitoring Arkime (アルキメ) a large-scale, open-source, indexed https://arkime.com/
packet capture and search tool
Monitoring Arkime デモサイト ID/Pass = arkime/arkime https://demo.arkime.com/?date=-1
Misc. threatfeeds.io Free threat intelligence feeds https://threatfeeds.io/
Information grafeo Open platform for modelling, collection https://github.com/mnemonic-no/grafeo
and exchange of knowledge
Gathering
(旧名称: ACT = Semi-Automated
Cyber Threat Intelligence (ACT))
https://github.com/mnemonic-no/act
Information grafeo デモサイト ACT 関連 https://act.mnemonic.no/
Gathering
IoC ioclists Hosted IP, Domain, and Hash Blocklists https://ioclists.com/

Vulnerability OSV Vulnerability Database https://osv.dev/list

Misc. Open RPA Free Open Source Enterprise Grade https://github.com/open-rpa/OpenRPA
RPA
AI BurpGPT A Burp Suite extension that integrates https://github.com/aress31/burpgpt
OpenAI's GPT to perform an additional https://burpgpt.app/
passive scan for discovering highly
bespoke vulnerabilities, and enables
running traffic-based analysis of any
type.
Vulnerability kev_checker A basic Python program to check https://github.com/santosomar/kev_checker
Cybersecurity & Infrastructure Security
Agency (CISA) Known Exploited
Vulnerabilities (KEV) Catalog

AI PentestGPT A GPT-empowered penetration testing https://github.com/GreyDGL/PentestGPT

tool
AI ChatGPT 人工知能チャットボットであり、生成A https://chat.openai.com/
Iの一種。原語のGenerative Pre-trained
Transformerとは、「生成可能な事前学
習済み変換器」という意味

AI ChatGPT Enterprise セキュアな企業用 ChatGPT https://openai.com/blog/introducing-chatgpt-

enterprise
AI Bard Google's ChatGPT ? https://bard.google.com/chat
AI Microsoft Bing AI Microsoft's ChatGPT ? https://www.bing.com/search?q=Bing+AI&showconv
=1&FORM=hpcodx
AI Canva プレゼン資料作成、画像生成 など https://www.canva.com/
Misc. DeepL翻訳 翻訳ツール https://www.deepl.com/ja/translator
AI Gamma App Generate AI Presentations, Webpages https://gamma.app/
& Docs
AI Bingチャットエンタープライズ 仕事のためのAIを活用したチャット https://www.microsoft.com/ja-jp/edge/bing/chat-
enterprise
AI Bing Image Creator 画像生成 AI https://www.microsoft.com/ja-
jp/edge/features/image-creator
https://cn.bing.com/create
https://www.bing.com/create?cc=jp
AI Midjourney 画像生成 AI https://www.midjourney.com/home/
AI WormGPT ChatGPT for Hackers and Cybercrime https://wormgpt.co/
Misc. Shuffle A general purpose security automation https://github.com/Shuffle/Shuffle
platform. Our focus is on collaboration
and resource sharing.
Misc. shuffler Open Source SOAR https://shuffler.io/
IoT EMBArk The firmware security scanning https://github.com/e-m-b-a/embark
environment
IoT EMBA The security analyzer for embedded https://github.com/e-m-b-a/emba
device firmware
Misc. CryptoHack A fun, free platform for learning https://cryptohack.org/
cryptography
Misc. XSinator XS-Leak Browser Test Suite https://xsinator.com/
OSINT Lampyre Data analysis & OSINT tool for https://lampyre.io/
everyone
Information EXIST with MISP Auto-Installer EXIST = EXternal Information https://soji256.medium.com/exist-with-misp-auto-
Gathering aggregation System against cyber installer-b151dcd4bebd
Threat https://github.com/nict-csl/exist
Attack Web Security Academy Free Online Training from PortSwigger https://portswigger.net/web-security
トレーニング用資料とラボを楽しめま
す。
ラボに、問題があり、その解説動画も
あるので、嬉しいです。
(無料ユーザー登録が必要)

Incident Digital-Forensics-Lab Free Hands-On Digital Forensics Labs https://kalilinuxtutorials.com/digital-forensics-lab/

Response
OSINT TorBot Dark Web OSINT Tool https://github.com/DedSecInside/TorBot
https://hakin9.org/torbot-open-source-intelligence-
tool-for-the-dark-web/
Scanner Reporting Tool for Azure (CRT) CrowdStrike Launches Free Tool to https://github.com/CrowdStrike/CRT
Identify & Mitigate Risks in Azure
Active Directory
https://www.crowdstrike.com/blog/crow
dstrike-launches-free-tool-to-identify-
and-help-mitigate-risks-in-azure-active-
directory/
Misc. Awesome Vehicle Security 車関連のいろんなリンクがあって、楽 https://github.com/jaredthecoder/awesome-vehicle-
しいです security
Misc. Exercise in a Box - NCSC.GOV.UK 下記のような Exercise https://www.ncsc.gov.uk/information/exercise-in-a-
を楽しめます（事前ユーザ登録必要） box
）
・A ransomware attack delivered by a
phishing email
・Mobile phone theft and response
・Insider Threat resulting in a Data
Breach
・Supply Chain Ransomware Attack
・他
Misc. S1EM This project is a SIEM with SIRP and https://github.com/V1D1AN/S1EM
Threat Intel, all in one.
Misc. Wazuh SIEM OpenCTI Threat Intel Integration https://socfortress.medium.com/wazuh-siem-opencti-
threat-intel-integration-4cb1a3810250
Misc. 汽车安全 Car Security https://delikely.github.io/2099/01/01/automotive-
へのリンクが豊富で、楽しいです security/
Misc. FreeDOS The FreeDOS Project https://www.freedos.org/
Monitoring SysmonForLinux Linux 用の Sysmon https://github.com/Sysinternals/SysmonForLinux
Misc. Windows10・11のゴッドモード活用 God Mode の設定方法など https://windowsfaq.net/windows/setting/how-to-
ガイド enable-god-mode/
Monitoring epagneul Graph Visualization for windows event https://github.com/jurelou/epagneul
logs
Vulnerability ochrona-cli A command line tool for detecting https://github.com/ochronasec/ochrona-cli
vulnerabilities in Python dependencies
and doing safe package installs
Monitoring Open-Vehicle-Monitoring-System-3 The OVMS is an all open source https://github.com/openvehicles/Open-Vehicle-
vehicle remote monitoring, diagnosis Monitoring-System-3
and control system.
Attack attack-flow ATT&CK Flow helps executives, SOC https://github.com/center-for-threat-informed-
managers, and defenders easily defense/attack-flow
understand how attackers compose
ATT&CK techniques into attacks by
developing a representation of attack
flows, modeling attack flows for a small
corpus of incidents, and creating
visualization tools to display attack
flows.
Information geowifi Search WiFi geolocation data by https://github.com/GONZOsint/geowifi
Gathering BSSID and SSID on different public
databases.
Vulnerability cvelist Pilot program for CVE submission https://github.com/CVEProject/cvelist
through GitHub
Attack DeTT&CT Mapping detection to MITRE ATT&CK https://blog.nviso.eu/2022/03/09/dettct-mapping-
detection-to-mitre-attck/
https://github.com/rabobank-cdc/DeTTECT
OSINT Osintgram Osintgram is a OSINT tool on https://github.com/Datalux/Osintgram
Instagram. It offers an interactive shell
to perform analysis on Instagram
account of any users by its nickname
Misc. HackBrowserData Decrypt passwords/cookies and more https://github.com/moonD4rk/HackBrowserData
OSINT Uncoder CTI Free Cyber Threat Intelligence Data https://cti.uncoder.io/
Converter
Scanner ScoutSuite Multi-Cloud Security Auditing Tool https://github.com/nccgroup/ScoutSuite
Misc. freeCodeCamp プログラミングを無料で学ぶ: https://www.freecodecamp.org/japanese/
多忙な人々のためのプログラミング講
座
Defense D3FEND Matrix MITRE D3FEND™ https://d3fend.mitre.org/
IoT FirmWire a full-system baseband firmware https://github.com/FirmWire/FirmWire
emulation platform for fuzzing,
debugging, and root-cause analysis of
smartphone baseband firmwares
Attack attack-control-framework-mappings Security control framework mappings https://github.com/center-for-threat-informed-
to MITRE ATT&CK provide a critically defense/attack-control-framework-mappings
important resource for organizations to
assess their security control coverage
against real-world threats and provide
a bridge for integrating ATT&CK-based
threat information into the risk
management process.
Misc. PASTA1.0 PASTA: Portable Automotive Security https://github.com/pasta-auto/PASTA1.0
Testbed with Adaptability
OSINT MISP - Training Materials MISP - Open Source Threat https://www.circl.lu/services/misp-training-materials/
Intelligence Platform & Open https://github.com/misp/misp-training
Standards For Threat Information
Sharing - Training Materials
OSINT MISP Playbooks MISP playbooks address common use- https://github.com/misp/misp-playbooks
cases encountered by SOCs, CSIRTs
or CTI teams to detect, react and
analyse specific intelligence received
by MISP.
Misc. open-rpa/docker Open RPA (Docker版) https://github.com/open-rpa/docker
Scanner SCNR 「SCNR」は、Web Application SCNR
スキャナ「Arachini」の後継ですが、以 https://ecsypno.com/
前は、バグなのかどうか不明ですが、 SCNR - Download
インストールできませんでした。 https://downloads.ecsypno.com/
OSINT Vehicle-based OSINT Investigations Vehicle-based OSINT Investigations https://digitalinvestigator.blogspot.com/2023/01/vehic
le-based-osint-investigations.html
Misc. OpenTrafficShaper an opensource traffic shaping platform https://wiki.opentrafficshaper.org/
for Linux
Misc. Dejavu Open Source Deception Framework https://github.com/bhdresh/Dejavu
Misc. PentesterAcademy Attack-Defense コンテンツが充実しています https://attackdefense.pentesteracademy.com/
Labs!
OSINT Vehicle-OSINT-Collection A comprehensive list of tools that can https://github.com/TheBurnsy/Vehicle-OSINT-
be used for finding information related Collection
to a specific vehicle.
Misc. The Ultimate List of SANS Cheat 各種 Cheat https://www.sans.org/blog/the-ultimate-list-of-sans-
Sheets シートをダウンロードできます cheat-sheets/
OSINT Lyzem Telegram Search Engine https://lyzem.com/
Attack Keyless-repeater devices Code-grabbers | Jammers | Key https://kodgrabber.club/
programmers
Information MISP Latest VM image download https://vm.misp-project.org/latest/
Gathering
Malware yaralyzer Visually inspect and force decode https://github.com/michelcrypt4d4mus/yaralyzer
YARA and regex matches found in
both binary and text data. With Colors.

Incident SANS FOR572: Advanced Network SOF-ELK® (Security Operations and https://for572.com/
Response Forensics: Threat Hunting, Analysis, Forensics Elasticsearch, Logstash, SOF-ELK Download - VM
and Incident Response Short Link Kibana) https://for572.com/sof-elk-vm
Library
Attack Flipper Zero Portable Multi-tool Device for Geeks https://flipperzero.one/
Vulnerability CVE-Vulnerability-Information- Downloads Information from NIST https://github.com/trinitor/CVE-Vulnerability-
Downloader (CVSS), first.org (EPSS), and CISA Information-Downloader
(Exploited Vulnerabilities) and
combines them into one list. Reports
from vulnerability scanners like
OpenVAS can be enriched with this
information to prioritize remediation.
The repository also contains a PowerBI
template to show how such a
dashboard can be created.
OS EasyNAS 家庭用または小規模オフィス用のスト https://easynas.org/
レージ管理システムです。
OpenSuSEとBTRFSを用いており、安
定性、パフォーマンスの可用性に優れ
、商用NASに見られない機能も含みま
す。
IoT IoTSecurity101 A Curated list of IoT Security https://github.com/V33RU/IoTSecurity101
Resources
Misc. RedTeam-Physical-Tools A curated list of tools that are https://github.com/DavidProbinsky/RedTeam-
commonly used in the field for Physical Physical-Tools
Security, Red Teaming, and Tactical
Covert Entry.
AI ChatGPT plugins ChatGPT plugins https://openai.com/blog/chatgpt-plugins
Monitoring SELKS a free and open source Debian-based https://github.com/StamusNetworks/SELKS
IDS/IPS/Network Security Monitoring
platform
(A Suricata based IDS/IPS/NSM distro)

S - Suricata IDPS/NSM
E - Elasticsearch
L - Logstash
K - Kibana
S - Scirius
Defense waf-bypass Check your WAF before an attacker https://github.com/nemesida-waf/waf-bypass
does
OSINT seekr A multi-purpose OSINT toolkit with a https://github.com/seekr-osint/seekr
neat web-interface.
Misc. SLSA Supply-chain Levels for Software https://slsa.dev/
Artifacts https://github.com/slsa-framework/slsa
OSINT awesome-hacker-search-engines A curated list of awesome search https://github.com/edoardottt/awesome-hacker-
engines useful during Penetration search-engines
testing, Vulnerability assessments,
Red/Blue Team operations, Bug
Bounty and more
Phishing CheckPhish Real-time URL and Website Sandbox https://checkphish.ai/
Archive waybackurls Fetch all the URLs that the Wayback https://github.com/tomnomnom/waybackurls
Machine knows about for a domain
AI LocalAI Self-hosted, community-driven simple https://github.com/go-skynet/LocalAI
local OpenAI-compatible API written in
go. Can be used as a drop-in
replacement for OpenAI, running on
CPU with consumer-grade hardware.
API for ggml compatible models, for
instance: llama.cpp, alpaca.cpp,
gpt4all.cpp, vicuna, koala, gpt4all-j,
cerebras
OSINT SOCRadar LABS Account Breach, IoC, CVE and more https://socradar.io/labs/
OSINT Criminal IP(クリミナルアイピー) サイバー脅威検索エンジン https://www.criminalip.io/ja
AI awesome-chatgpt-prompts This repo includes ChatGPT prompt https://github.com/f/awesome-chatgpt-prompts
curation to use ChatGPT better.
AI ChatGPT_DAN ChatGPT DAN, Jailbreaks prompt https://github.com/0xk1h0/ChatGPT_DAN
AI PrivateGPT 完全オフラインで動作してプライバシ https://github.com/imartinez/privateGPT
ーを守ってくれるチャットAI「Private
GPT」を使ってみた - GIGAZINE
https://gigazine.net/news/20230522-
private-gpt/
Incident varc Volatile Artifact Collector collects a https://github.com/cado-security/varc
Response snapshot of volatile data from a
system. It tells you what is happening
on a system, and is of particular use
when investigating a security incident.
Misc. AWSGoat A Damn Vulnerable AWS Infrastructure https://github.com/ine-labs/AWSGoat

Incident iLEAPP iOS Logs, Events, And Plist Parser https://github.com/abrignoni/iLEAPP

Response
OSINT Database Search - Illicit Services (面白いサイトで、蓄積・保存している https://search.illicit.services/
OSINT データも多そうです)
(検索結果が、Maltego
のようなので、関連性なども確認でき
そうです)
Misc. can2 an open source logic analyzer decoder https://canislabs.com/can2/
for CAN
Fuzzing PreSiFuzz Hack Computer Chips https://github.com/IntelLabs/PreSiFuzz
Malware YAMA カスタマイズ可能なマルウェア検知ツ https://blogs.jpcert.or.jp/ja/2023/08/yama.html
ール
Incident chainsaw Rapidly Search and Hunt through https://github.com/WithSecureLabs/chainsaw
Response Windows Forensic Artefacts
Misc. latma (Lateral movement analyzer) collects authentication logs from the https://github.com/silverfort-open-source/latma
domain and Azure AD environments
and searches for potential lateral
movement attacks and suspicious
activity, the lateral movement can be in
the AD environment or between cloud
and on-prem.
Vulnerability Vulnerability Management Introduction & How to use vulnshot.com https://vulnshot.com/
https://kresec.medium.com/introduction
-how-to-use-vulnshot-com-
bca87223fab9

Vulnerability Dependency-Track A Practical Approach to SBOM - https://dependencytrack.org/

Dependency-Track
https://itnext.io/a-practical-approach-to-
sbom-in-ci-cd-part-ii-deploying-
dependency-track-18fbb54d83b9
Attack Attack Flow Analyzing and visualizing cyberattacks https://mitre-engenuity.org/cybersecurity/center-for-
using Attack Flow threat-informed-defense/our-work/attack-flow/
https://systemweakness.com/analyzing-
and-visualizing-cyberattacks-using-
attack-flow-4ccad73c1e8a
Misc. ATT&CK Powered Suit Accelerating your ATT&CK workflow: https://mitre-engenuity.org/cybersecurity/center-for-
Getting started with the ATT&CK threat-informed-defense/attack-powered-suit/
Powered Suit
https://medium.com/@lerikson/accelera
ting-your-att-ck-workflow-getting-
started-with-the-att-ck-powered-suit-
5e270aeb0e04
Defense caldera Automated Adversary Emulation https://github.com/mitre/caldera
Platform

Detecting and hunting AD Attacks

using MITRE Caldera™
https://medium.com/@DefenderX/detec
ting-and-hunting-ad-attacks-using-
mitre-caldera-3bd24b928329
Incident DFIR-IRIS Open Source Incident Response https://dfir-iris.org/
Response Platform
OSINT Criminal IP(クリミナルアイピー) IT資産検索 https://www.criminalip.io/ja/asset
OSINT Hunter Search Engine https://hunter.how/
OSINT Open Source Surveillance 楽しそうな OSINT サイトです https://www.os-surveillance.io/
Misc. Carpunk The CAN Injection Toolkit https://github.com/souravbaghz/Carpunk
Incident dfir-toolkit CLI tools for forensic investigation of https://github.com/dfir-dd/dfir-toolkit
Response Windows artifacts
Vulnerability Pentest-Ground 実験できる・遊べる脆弱性サイト https://pentest-ground.com/
OSINT GVision a reverse image search app that use https://github.com/GONZOsint/gvision
Google Cloud Vision API to detect
landmarks and web entities from
images, helping you gather valuable
information quickly and easily.
Misc. YouTube デュアル字幕 YouTube閲覧時に、便利です。特に、 https://chromewebstore.google.com/detail/hkbdddpie
英語が聞き取れない場合、英語と日本 mdeibjoknnofflfgbgnebcm
語の字幕が表示されます。ただ、誤訳
も多いので注意が必要です
Misc. tmux tmux is a terminal multiplexer: it https://github.com/tmux/tmux
enables a number of terminals to be
created, accessed, and controlled from
a single screen. tmux may be detached
from a screen and continue running in
the background, then later reattached.

便利な点
・画面分割できる
・sshセッションが切れてjobが停止す
ることが防げる

Introduction to tmux - YouTube

https://www.youtube.com/watch?v=Lqe
hvpe_djs
とほほのtmux入門 -
とほほのWWW入門
https://www.tohoho-
web.com/ex/tmux.html
Misc. smbclient ftp-like client to access SMB/CIFS https://www.samba.org/samba/docs/current/man-
resources on servers html/smbclient.1.html

smbclient_cheatsheet
https://github.com/irgoncalves/smbclient
_cheatsheet
https://www.willhackforsushi.com/sec50
4/SMB-Access-from-Linux.pdf
Misc. SMBMap enumerate samba share drives across https://github.com/ShawnDEvans/smbmap
an entire domain.
Scanner onesixtyone Fast SNMP Scanner https://github.com/trailofbits/onesixtyone
Information Gobuster Directory/File, DNS and VHost busting https://github.com/OJ/gobuster
Gathering tool written in Go

Gobuster CheatSheet
https://3os.org/penetration-
testing/cheatsheets/gobuster-
cheatsheet/#available-modes
Information SecLists SecLists is the security tester's https://github.com/danielmiessler/SecLists
Gathering companion. It's a collection of multiple
types of lists used during security
assessments, collected in one place.
List types include usernames,
passwords, URLs, sensitive data
patterns, fuzzing payloads, web shells,
and many more.
Information WhatWeb Next generation web scanner https://github.com/urbanadventurer/WhatWeb
Gathering https://www.whatweb.net/ https://morningstarsecurity.com/research/whatweb

Misc. PayloadsAllTheThings A list of useful payloads and bypass for https://github.com/swisskyrepo/PayloadsAllTheThing

Web Application Security and s/tree/master
Pentest/CTF

Reverse Shell Cheat Sheet

https://github.com/swisskyrepo/Payload
sAllTheThings/blob/master/Methodolog
y%20and%20Resources/Reverse%20S
hell%20Cheatsheet.md
Misc. HighOne.Coffee Reverse Shell Cheat Sheet: PHP, https://highon.coffee/blog/reverse-shell-cheat-sheet/
Python, Powershell, Bash, NC, JSP,
Java, Perl
Misc. LinEnum Scripted Local Linux Enumeration & https://github.com/rebootuser/LinEnum
Privilege Escalation Checks
Misc. linuxprivchecker a Linux Privilege Escalation Check https://github.com/sleventyeleven/linuxprivchecker
Script
Misc. Seatbelt Seatbelt is a C# project that performs a https://github.com/GhostPack/Seatbelt
number of security oriented host-
survey "safety checks" relevant from
both offensive and defensive security
perspectives.
Misc. JAWS JAWS - Just Another Windows (Enum) https://github.com/411Hall/JAWS
Script
Misc. PEASS-ng PEASS - Privilege Escalation https://github.com/peass-ng/PEASS-ng
Awesome Scripts SUITE (with colors)
Misc. linPEAS Linux Privilege Escalation Awesome https://github.com/peass-ng/PEASS-
Script ng/tree/master/linPEAS
Attack IppSec - YouTube HTB (Hack The Box) の攻略動画 https://www.youtube.com/channel/UCa6eh7gCkpPo
5XXUDfygQQA
IppSec - 動画検索サイト
https://ippsec.rocks/
Misc. chisel a fast TCP/UDP tunnel, transported https://github.com/jpillora/chisel
over HTTP, secured via SSH.

HTB Dante Skills: Network Tunneling

Part 2
https://cybergladius.com/htb-dante-
skills-network-tunneling-part-2/
Misc. Ligolo An advanced, yet simple, tunneling tool https://github.com/nicocha30/ligolo-ng
that uses TUN interfaces.

Pivoting through network with ease!

https://4pfsec.com/ligolo
Ligolo-ng — Pivoting, Reverse Shells
and File Transfers
https://arth0s.medium.com/ligolo-ng-
pivoting-reverse-shells-and-file-
transfers-6bfb54593fa5
OSINT domain.glass From AAAA to WHOIS https://domain.glass/
Free DNS Record, IP address
hostname, and WHOIS lookup
information
OSINT Public Buckets by GrayhatWarfare Private and Public SSH Keys Leaked https://buckets.grayhatwarfare.com/
なども情報収集可能

Grayhatwarfare
https://grayhatwarfare.com/
Attack impacket a collection of Python classes for https://github.com/fortra/impacket
working with network protocols.

Impacket Guide: SMB/MSRPC

https://www.hackingarticles.in/impacket
-guide-smb-msrpc/
samrdump.py
https://github.com/fortra/impacket/blob/
master/examples/samrdump.py
Information enum4linux-ng A next generation version of https://github.com/cddmp/enum4linux-ng
Gathering enum4linux (a Windows/Samba
enumeration tool) with additional
features like JSON/YAML export.
Aimed for security professionals and
CTF players.
Defense ssh-audit SSH server & client security auditing https://github.com/jtesta/ssh-audit
(banner, key exchange, encryption,
mac, compression, compatibility,
security, etc)
Attack evil-winrm The ultimate WinRM shell for https://github.com/Hackplayers/evil-winrm
hacking/pentesting

[How to] Evil-WinRM: A Tool for

Windows Remote Management
Exploitation
https://vk9-sec.com/how-to-evil-winrm-
a-tool-for-windows-remote-
management-exploitation/
Evil-WinRMを使ったWindows
OS環境のリモート探索 #Windows
https://qiita.com/v_avenger/items/78b32
OSINT waybackurls 3d5e30276a20735
Fetch all the URLs that the Wayback https://github.com/tomnomnom/waybackurls
Machine knows about for a domain

Waybackurls: A Powerful Tool for

Cybersecurity Professionals to
Enhance Reconnaissance and Identify
Potential Vulnerabilities
https://medium.com/@cuncis/waybacku
rls-a-powerful-tool-for-cybersecurity-
professionals-to-enhance-
reconnaissance-and-identify-
6a25031f4a1c
Attack wafw00f identify and fingerprint Web Application https://github.com/EnableSecurity/wafw00f
Firewall (WAF) products protecting a
website.
Information aquatone A Tool for Domain Flyovers https://github.com/michenriksen/aquatone
Gathering
Aquatone: Installation Guide, Usage
and Examples
https://securitytrails.com/blog/aquatone
Fuzzing FFuF Fast web fuzzer written in Go https://github.com/ffuf/ffuf

FFUF 使い方
https://qiita.com/sathukin/items/1218a0
6981da40c0a131
WEBファジングツール FFUFのすゝめ
https://jpn.nec.com/cybersecurity/blog/2
10604/index.html
Scanner ZAP: Zed Atttack Proxy Web App Scanner. (Free and Open https://www.zaproxy.org/
Source)

【OWASP
ZAP】インストールと基本的な使い方
【Web脆弱性診断】
https://chigusa-web.com/blog/owasp-
zap-install/
Attack ZAP Marketplace 上記 ZAP に拡張機能を追加できます https://www.zaproxy.org/addons/
IoT EMBA EMBA - The firmware security analyzer https://github.com/e-m-b-a/emba

https://www.securefirmware.de/

IoT EMBArk The firmware security scanning https://github.com/e-m-b-a/embark

environment
Scanner Nessus Essentials 脆弱性診断ツール「Nessus」の非商用 https://community.tenable.com/s/article/Nessus-
版（商用版には、Professeional版とEx Essentials?language=en_US
pert版がある）

【セキュリティ】脆弱性診断ツール「
Nessus」使ってみた
https://techblog.gmo-
ap.jp/2023/12/09/nessus/
Misc. PowerSploit A PowerShell Post-Exploitation https://github.com/PowerShellMafia/PowerSploit
Framework
(Note: This project is no longer
supported)

PowerUp.ps1
https://github.com/PowerShellMafia/Po
werSploit/blob/master/Privesc/PowerUp
.ps1
Misc. SharpView .NET port of PowerView https://github.com/dmchell/SharpView

PowerView.ps1
https://github.com/PowerShellMafia/Po
werSploit/blob/master/Recon/PowerVie
w.ps1
Misc. PowerUp a clearinghouse of common Windows https://raw.githubusercontent.com/PowerShellMafia/
privilege escalation PowerSploit/master/Privesc/PowerUp.ps1
vectors that rely on misconfigurations.
See README.md for more information.

Misc. SharpUp a C# port of various PowerUp https://github.com/GhostPack/SharpUp

functionality.
Misc. smbserver.py pythonで簡易サーバを立てて簡単にフ https://github.com/fortra/impacket/blob/master/exam
ァイル転送 ples/smbserver.py
https://qiita.com/Hashibirokou/items/5fb
b2e94ca42434e4575
Misc. uploadserver Python's http.server extended to https://github.com/Densaugeo/uploadserver
include a file upload page
Misc. wsgidav A generic and extendable WebDAV https://github.com/mar10/wsgidav
server based on WSGI

Linuxで簡易WebDAVサーバ構築
https://qiita.com/Brad-
55/items/5b596b76ef7dc1be9a39
Misc. xfreerdp X Window -
Systemで動作するRDP（Remote
Desktop Protocol）クライアント

FreeRDP-User-Manual
https://github.com/awakecoding/FreeR
DP-
Manuals/blob/master/User/FreeRDP-
User-Manual.markdown
xfreerdp - Man Page
https://www.mankier.com/1/xfreerdp
Misc. rdesktop X Window https://github.com/rdesktop/rdesktop
Systemで動作するRDP（Remote
Desktop Protocol）クライアント

rdesktop: A Remote Desktop Protocol

Client
http://www.rdesktop.org/
Misc. remmina X Window https://remmina.org/
Systemで動作するRDP（Remote
Desktop Protocol）クライアント

How To Install remmina on Kali Linux

https://www.geeksforgeeks.org/how-to-
install-remmina-on-kali-linux/
OSINT GPS jamming map Flightradar24、GPSジャミングを受け https://www.flightradar24.com/data/gps-jamming
ている地域を可視化した「GPSジャミ
ングMAP」を公開：GPSジャミングを
どのように可視化したのか
https://atmarkit.itmedia.co.jp/ait/articles/
2404/16/news012.html
Attack LOLBAS Living Off the Land Binaries And https://lolbas-project.github.io/
Scriptsの略称

Windowsなどのオペレーティング
システム上に存在する、正規のビルト
インされた署名済みのバイナリやスク
リプトを指し、攻撃者が悪意のあるコ
マンドを実行したり、存在を維持した
り、検知を回避するために利用されま
す。
LOLBASにより、攻撃者は攻撃を存続
し、特権を昇格させることがでできま
す。

Living off the land

というサイバー攻撃の方法論
https://jpn.nec.com/cybersecurity/blog/2
20916/index.html
Attack GTFOBins a curated list of Unix binaries that can https://gtfobins.github.io/
be used to bypass local security
restrictions in misconfigured systems.
GTFOBinsは、誤った設定のシステム
でローカルなセキュリティ制限を回避
するために使用できるUnixアプリケー
ションのリストです。このリストを利
用することで、特権昇格・ファイルの
転送・リバースシェルの起動などの作
業が容易にできる場合があります。
GTFOBinsを利用したLinuxの権限昇格
【sudo編】
https://gintachan.com/gtfobins-linux-
privs-sudo/
Attack msfvenom metasploitのモジュールの一つでペイロ https://github.com/rapid7/metasploit-
ードをコマンドで作成できるツール framework/blob/master/msfvenom

msfvenomを使ってペイロードを作成し
侵入テストを行う
https://qiita.com/seiteisama/items/a2e3f
0d6ade54214f8d8
MSFVenom - CheatSheet
https://book.hacktricks.xyz/v/jp/generic-
methodologies-and-
resources/shells/msfvenom
Incident ICSpector Microsoft ICSpector (ICS Forensics https://github.com/microsoft/ics-forensics-tools
Response Tools framework) is an open-source
forensics framework that enables the
analysis of Industrial PLC metadata
and project files.

​Investigating Industrial Control

Systems using Microsoft’s ICSpector
open-source framework
https://techcommunity.microsoft.com/t5/
security-compliance-and-
identity/investigating-industrial-control-
systems-using-microsoft-s/ba-
p/4120580
Vulnerability Cyber Security Awareness OASIS CSAF TC(Technical https://github.com/csalab-id/csaf
Framework (CSAF) Committee): Supporting version control
for Work Product artifacts developed
by members of TC, including prose
specifications and secondary artifacts
like meeting minutes and productivity
code
https://github.com/oasis-tcs/csaf

Common Security Advisory Framework

(CSAF)
https://oasis-open.github.io/csaf-
Attack Web Shell documentation/index.html
a browser-based shell session we can https://github.com/jbarcia/Web-
use to interact with the underlying Shells/tree/master/laudanum
operating system of a web server.

webshellで出来ることの検証
https://qiita.com/WhatRune/items/f8958
1fb6b4041d7c68a
Attack WhiteWinterWolf's PHP web shell wwwolf’s PHP webshell user’s guide https://github.com/WhiteWinterWolf/wwwolf-php-
https://www.whitewinterwolf.com/posts/ webshell
2017/12/02/wwwolfs-php-webshell-
users-guide/
Attack nishang Offensive PowerShell for red team, https://github.com/samratashok/nishang
penetration testing and offensive
security.

Nishang: A Post-Exploitation
Framework
https://www.infosecinstitute.com/resour
ces/penetration-testing/nishang-a-post-
exploitation-framework/
Nishang | Infrastructure penetration
testing notes
https://infra.newerasec.com/infrastructu
Monitoring NetBrain re-testing/tools/nishang
ノーコード https://www.netbraintech.com/
ネットワーク自動化プラットフォーム

NetBrain 次世代 | 製品の概要

https://www.netbraintech.com/ja/intent-
based-automation-system/
Misc. draw.io フローチャートやオフィスのレイアウ https://app.diagrams.net/
トなど図を作成できる高機能のツール

【動画付き】 draw.io 使い方まとめ

〜エンジニアでなくても使えるTips集
〜
https://qiita.com/G-
awa/items/8fd414700b68b2bcafcc
Misc. Conferences BlackHat https://github.com/onhexgroup/Conferences
などのセキュリティカンファレンスの
スライドコレクション
Scanner pgdsat PostgreSQL Database Security https://github.com/HexaCluster/pgdsat
Assessment Tool
Misc. OpenSLO Open specification for defining and https://github.com/OpenSLO/OpenSLO
expressing service level objectives
(SLO)

サービスレベル目標
(SLO)、それに関連するリソースの記述
形式を標準化する試み
OpenSLO
https://openslo.com/
Misc. Hashcat World's fastest password cracker https://hashcat.net/

hashcatの使い方｜ハッシュ値のクラッ
キング
https://qiita.com/labpixel/items/881103d
a50cd725b6254
rule_based_attack [hashcat wiki]
https://hashcat.net/wiki/doku.php?id=rul
e_based_attack
example_hashes [hashcat wiki]
https://hashcat.net/wiki/doku.php?id=ex
Misc. DefaultCreds-cheat-sheet ample_hashes
One place for all the default credentials https://github.com/ihebski/DefaultCreds-cheat-sheet
to assist the Blue/Red teamers
activities on finding devices with default
password
Misc. LaZagne Credentials recovery project https://github.com/AlessandroZ/LaZagne
Misc. firefox_decrypt a tool to extract passwords from https://github.com/unode/firefox_decrypt
Mozilla (Firefox™, Waterfox™,
Thunderbird®, SeaMonkey®) profiles
Misc. Invoke-TheHash PowerShell Pass The Hash Utils https://github.com/Kevin-Robertson/Invoke-TheHash

NTLM | Japanese
https://book.hacktricks.xyz/v/jp/windows
-hardening/ntlm
Attack Reverse Shell Generator Online - Reverse Shell Generator https://www.revshells.com/
Attack Rubeus C# toolkit for Kerberos interaction and https://github.com/GhostPack/Rubeus
abuses

A Detailed Guide on Rubeus

https://www.hackingarticles.in/a-
detailed-guide-on-rubeus/
Misc. KeyTabExtract Extracts Key Values from .keytab files https://github.com/sosdave/KeyTabExtract

Linux Active Directory

https://book.hacktricks.xyz/linux-
hardening/privilege-escalation/linux-
active-directory
Misc. FileInfo.com The File Format Database https://fileinfo.com/
Misc. Password Strength Meter Password Test https://www.passwordmonster.com/
Misc. 1Password Password Generator - Strong, Random https://1password.com/password-generator/
Passwords
IoT Hardware Hacking Cheatsheet Hardware Hacking Cheatsheet https://github.com/arunmagesh/hw_hacking_cheatsh
infograph eet
Scanner Zmap-ProxyScanner A Thread Safe fast way to find proxies. https://github.com/Yariya/Zmap-ProxyScanner
Find 2000-5000 working
http,socks4,socks5 proxies in one scan.

Monitoring pcap-did-what Analyze pcaps with Zeek and a https://github.com/hackertarget/pcap-did-what

Grafana Dashboard
Attack red_team_attack_lab Red Team Attack Lab for TTP testing https://github.com/Marshall-
& research Hallenbeck/red_team_attack_lab?tab=readme-ov-file

Attack ntlm_relay_gat a powerful tool designed to automate https://github.com/ad0nis/ntlm_relay_gat

the exploitation of NTLM relays using
ntlmrelayx.py
Misc. QCSuper a tool communicating with Qualcomm- https://github.com/P1sec/QCSuper
based phones and modems, allowing
to capture raw 2G/3G/4G radio frames,
among other things.
OSINT GeoSpy GeoSpy + OpenStreetMap search = https://geospy.web.app/
super power
https://publication.osintambition.org/geo
spy-openstreetmap-search-super-
power-a5c0a4028cdc
A 1-minute way to geolocate road
signs that show the distance to the
nearest cities
https://publication.osintambition.org/a-1-
minute-way-to-geolocate-road-signs-
that-show-the-distance-to-the-nearest-
OSINT Bellingcat OpenStreetMap search cities-9e8d4d08b93b
Bellingcat OpenStreetMap search https://osm-search.bellingcat.com/
Phishing phishurl-list Phishing URL dataset from https://github.com/JPCERTCC/phishurl-list
JPCERT/CC

Phishing URL Data Statistic

https://jpcertcc.github.io/phishurl-list/
Malware DarkFeed DeepWeb Cyber intelligence Feed and https://darkfeed.io/
Ransomware Monitor

LastWeek – DarkFeed
https://darkfeed.io/LastWeek/
OSINT TweetFeed Indicators Of Compromise (IOCs) https://tweetfeed.live/
shared by infosec community
OSINT deepdarkCTI Collection of Cyber Threat Intelligence https://github.com/fastfire/deepdarkCTI
sources from the deep and dark web
Misc. Windrecorder a memory search app by records https://github.com/yuka-friends/Windrecorder
everything on your screen in small size,
to let you rewind what you have seen,
query through OCR text or image
description, and get activity statistics.

PCの操作をすべて録画＆文字起こしし
て過去の操作を丸ごと検索可能にする
アプリ「Windrecorder」
https://gigazine.net/news/20240506-
windrecorder-record-screen-ocr/
Attack linWinPwn a bash script that streamlines the use https://github.com/lefayjey/linWinPwn
of a number of Active Directory tools
OSINT Shadowserver Shinkholes, Scans, Honeypots, DDoS, https://dashboard.shadowserver.org/
ICS/OT, Web CVEs などの情報
Threat Hunting kunai Threat-hunting tool for Linux https://github.com/kunai-project/kunai

Using your MISP IoCs in Kunai (the

open source EDR for Linux)
https://www.misp-
project.org/2024/04/19/Using-Your-
MISP-IoCs-in-Kunai.html/
Misc. Corellium Virtual Hardware https://www.corellium.com/

Step by Step Complete Beginners

guide of iOS penetration testing with
corellium
https://infosecwriteups.com/step-by-
step-complete-beginners-guide-of-ios-
penetration-testing-with-corellium-
2b9e9c6382c2
OSINT Predicta Search Reverse email or phone number lookup https://www.predictasearch.com/

Vulnerability CISA Vulnrichment A repo to conduct vulnerability https://github.com/cisagov/vulnrichment

enrichment.
Misc. Sixo Online APK Analyzer APK Analyzer https://sisik.eu/apk-tool
Database SQL Server Management Studio an integrated environment for https://learn.microsoft.com/en-
(SSMS) managing any SQL infrastructure, from us/sql/ssms/download-sql-server-management-
SQL Server to Azure SQL Database. studio-ssms

Attack Medusa a speedy, parallel, and modular, login https://github.com/jmk-foofus/medusa

brute-forcer

A Detailed Guide on Medusa

https://www.hackingarticles.in/a-
detailed-guide-on-medusa/
Attack crowbar brute forcing tool that can be used https://github.com/galkan/crowbar
during penetration tests. It is developed
to support protocols that are not
currently supported by thc-hydra and
other popular brute forcing tools.

Remote Desktop (RDP)- Brute Force

Attack
https://medium.com/@idan_malihi/remo
te-desktop-rdp-brute-force-attack-
f5484d8cf6a3
Information fierce A DNS reconnaissance tool for locating https://github.com/mschwager/fierce
Gathering non-contiguous IP space

DNS Enumeration with Fierce in

Backtrack and Kali Linux
http://www.behindthefirewalls.com/2013
/06/dns-enumeration-with-fierce-in.html
Information subfinder Fast passive subdomain enumeration https://github.com/projectdiscovery/subfinder
Gathering tool

サブドメイン列挙ツール「subfinder」
を試した
https://blog.motikan2010.com/entry/202
3/06/29/サブドメイン列挙ツール「subf
inder」を試した
Information DNSDumpster dns recon and research, find and https://dnsdumpster.com/
Gathering lookup dns records
Information Sublist3r Fast subdomains enumeration tool for https://github.com/aboul3la/Sublist3r
Gathering penetration testers

OSINT Tools: Sublist3r

https://www.quantusintel.group/osint/osi
nt-tools-sublist3r/
Attack can-i-take-over-xyz "Can I take over XYZ?" — a list of https://github.com/EdOverflow/can-i-take-over-xyz
services and how to claim
(sub)domains with dangling DNS
records.
OSINT MX Lookup Tool Check your DNS MX Records online - https://mxtoolbox.com/
MxToolbox
Attack o365spray Username enumeration and password https://github.com/0xZDH/o365spray
spraying tool aimed at Microsoft O365

Password Spraying Office 365

https://www.pwndefend.com/2023/01/1
1/password-spraying-office-365/
Spraying the Microsoft Cloud
https://blueteamops.medium.com/sprayi
ng-in-the-microsoft-cloud-f2348ab4790
Misc. MailSniper a penetration testing tool for searching https://github.com/dafthack/MailSniper
through email in a Microsoft Exchange
environment for specific terms
(passwords, insider intel, network
architecture information, etc.). It can be
used as a non-administrative user to
search their own email, or by an
administrator to search the mailboxes
of every user in a domain.

Introducing MailSniper: A Tool For

Searching Every User’s Email for
Sensitive Data
https://www.blackhillsinfosec.com/introd
ucing-mailsniper-a-tool-for-searching-
every-users-email-for-sensitive-data/

Attack CredKing Password spraying using AWS https://github.com/ustayready/CredKing

Lambda for IP rotation
Attack CredMaster Refactored & improved CredKing https://github.com/knavesec/CredMaster
password spraying tool, uses FireProx
APIs to rotate IP addresses, stay
anonymous, and beat throttling

🔥#CredMaster 🔥. <Easy &

Anonymous #Password_Spraying>
https://medium.com/@josicaleksandar9
81/credmaster-69778e857ee0
Misc. socat 2つのストリーム間のデータ転送を行う https://linux.die.net/man/1/socat
コマンドラインツール

socatを使ってさまざまな通信をリレー
する
https://zenn.dev/mai/articles/3fc341887
1c85d
Misc. PuTTY Windows環境でよく使われるターミナ https://www.putty.org/
ルソフト（SSH, Telnet 接続など） https://www.chiark.greenend.org.uk/~sgtatham/putty/
latest.html
Windowsでsshクライアント「PuTTY
」を使う
https://atmarkit.itmedia.co.jp/ait/articles/
1006/25/news095.html
Misc. Plink UNIX の ssh https://www.chiark.greenend.org.uk/~sgtatham/putty/
に似たコマンドラインの接続ツール latest.html

コマンドラインの接続ツール Plink
を使う
https://www.ranvis.com/doc/putty/man/p
link.html
Misc. Tera Term ターミナルソフト。オリジナルの Tera https://teratermproject.github.io/
Term Pro 2.3 の原作者公認の後継版

新人エンジニアのための Tera Term

入門
https://tech.quickguard.jp/posts/tera-
term/
Misc. Proxifier プロキシクライアント。HTTPS、SOC https://www.proxifier.com/
KS(v4,
v5)に対応しており、Ruleを設定するこ
とで任意のアプリケーションを任意の
プロキシ経由で接続可能

How to Use Proxifier: Instructions & 4

Common Scenarios - Proxyway
https://proxyway.com/guides/how-to-
use-proxifier
[小ネタ？] Windows
10でSOCKSプロキシサーバーを利用す
る方法
https://dev.classmethod.jp/articles/tips-
for-using-socks-proxy-on-windows10/
Misc. sshuttle Linux, MacOS, https://github.com/sshuttle/sshuttle
FreeBSDをサポートするSSH越しにリ
モートネットワークへのアクセスを可
能にするソフトウェアです。実態とし
ては、LinuxであればiptablesをMacOS
ではipfwを利用して、リモートネット
ワーク宛てのパケットをSSHコネクシ
ョンを張ったトンネルを通してアクセ
スできるように設定してくれるソフト
ウェアです。
今までSSH Port
Forwardingを1ポートずつ設定や起動を
していた人も多いかと思います。sshutt
leを利用するとリモート先のネットワ
ークを指定するだけで、あとは全部よ
しなにやってくれるようになります。

SSHだけで簡易VPNが構築できる「ssh
uttle」が便利
https://hiroki.jp/sshuttle
sshuttleで簡易VPN的環境の構築
https://cloudfish.hatenablog.com/entry/2
020/03/12/084826
Misc. rpivot socks4 reverse proxy for penetration https://github.com/klsecservices/rpivot
testing

Web Server Pivoting with Rpivot

http://michalszalkowski.com/security/piv
oting-tunneling-port-forwarding/web-
server-pivoting-with-rpivot/
A Red Teamer's guide to pivoting
https://artkond.com/2017/03/23/pivoting
-guide/
Misc. dnscat2 to create an encrypted command-and- https://github.com/iagox86/dnscat2
control (C&C) channel over the DNS
protocol

DNScat2: Application Layer C&C

https://www.hackingarticles.in/dnscat2-
application-layer-cc/
Misc. ptunnel-ng Tunnel TCP connections through ICMP. https://github.com/utoni/ptunnel-ng

Pivoting and Tunneling for OSCP and

beyond (Cheat Sheet)
https://medium.com/@saintlafi/pivoting-
and-tunneling-for-oscp-and-beyond-
cheat-sheet-3435d1d6022
Attack kerbrute A tool to perform Kerberos pre-auth https://github.com/ropnop/kerbrute
bruteforcing

A Detailed Guide on Kerbrute

https://www.hackingarticles.in/a-
detailed-guide-on-kerbrute/
Active Directory Workshop — Kerbrute
Password Spray & Kerbrute Roasting
(Pt.7)
https://medium.com/@e.escalante.jr/act
ive-directory-workshop-kerbrute-
password-spray-kerbrute-roasting-pt-7-
OSINT linkedin2username 677d3eba7dd0
Generate username lists for companies https://github.com/initstring/linkedin2username
on LinkedIn

linkedin2username - Penetration
Testing Tools
https://www.geeksforgeeks.org/linkedin
2username-penetration-testing-tools/
Attack Inveigh conducts spoofing attacks and https://github.com/Kevin-Robertson/Inveigh
hash/credential captures through both
packet sniffing and protocol specific
listeners/sockets

Capturing & Relaying Net-NTLM

Hashes Without Kali Linux Using
Inveigh
https://infinitelogins.com/2020/11/16/ca
pturing-relaying-net-ntlm-hashes-
without-kali-linux-using-inveigh/
Misc. windapsearch enumerate users, groups and https://github.com/ropnop/windapsearch
computers from a Windows domain
through LDAP queries.

[How to] windapsearch

https://vk9-sec.com/how-to-
windapsearch/
Attack DomainPasswordSpray a password spray attack against users https://github.com/dafthack/DomainPasswordSpray
of a domain. By default it will
automatically generate the userlist from
the domain. BE VERY CAREFUL NOT
TO LOCKOUT ACCOUNTS!

Password Spraying
https://www.sevenlayers.com/index.php
/303-password-spraying
Attack Snaffler a utility designed for penetration testers https://github.com/SnaffCon/Snaffler
and red team professionals to uncover
valuable information, including
credentials and other sensitive data,
within extensive Windows and Active
Directory environments.

Snaffler
https://www.cqr.tools/tools/snaffler
Misc. Setspn Reads, modifies, and deletes the https://learn.microsoft.com/en-us/previous-
Service Principal Names (SPN) versions/windows/it-pro/windows-server-2012-r2-
directory property for an Active and-2012/cc731241(v=ws.11)
Directory service account.

SPN重複について調べてみた。
https://qiita.com/nahanaha/items/9eb4df
b6c4a4a211af42
Attack PetitPotam PoC tool to coerce Windows hosts to https://github.com/topotam/PetitPotam
authenticate to other machines via MS-
EFSRPC EfsRpcOpenFileRaw or other
functions.

PetitPotam – NTLM Relay to AD CS

https://pentestlab.blog/2021/09/14/petit
potam-ntlm-relay-to-ad-cs/
Attack PKINITtools Tools for Kerberos PKINIT and relaying https://github.com/dirkjanm/PKINITtools
to AD CS

NTLM relaying to AD CS - On
certificates, printers and a little hippo
https://dirkjanm.io/ntlm-relaying-to-ad-
certificate-services/
Attack gpp-decrypt Tool to parse the Group Policy https://github.com/t0thkr1s/gpp-decrypt
Preferences XML file which extracts
the username and decrypts the
cpassword attribute.

GPP Attacks: AD Post Compromise

Attack
https://stridergearhead.medium.com/gp
p-attacks-ad-post-compromise-attack-
44c7f447fb65
Misc. AD Explorer an advanced Active Directory (AD) https://learn.microsoft.com/en-
viewer and editor. us/sysinternals/downloads/adexplorer

Using Microsoft AD Explorer for

common admin tasks
https://www.techtarget.com/searchwind
owsserver/tutorial/Using-Microsoft-AD-
Explorer-for-common-admin-tasks
Information PingCastle an audit tool that helps you build a https://www.pingcastle.com/
Gathering prioritised list of issues that need
addressing in Active Directory

Brand new forest, PingCastle

https://marklewis.blog/2020/02/20/brand
-new-forest-pingcastle/
Information Group3r Find vulnerabilities in AD Group Policy, https://github.com/Group3r/Group3r
Gathering but do it better than Grouper2 did.

BloodHound & Other AD Enum Tools

https://book.hacktricks.xyz/v/jp/windows
-hardening/active-directory-
methodology/bloodhound
OSINT FullHunt Expose Your Attack Surface https://fullhunt.io/
Incident ZANSIN 実際のサイバー攻撃を想定したインシ https://github.com/ZANSIN-sec/ZANSIN
Response デント・レスポンスを体験するための
トレーニングツール
envisioned as a GROUNDBREAKING
cybersecurity training tool designed to
equip users against the ever-escalating
complexity of cyber threats. It achieves
this by providing learners with a
platform to engage in simulated
cyberattack scenarios, supervised and
designed by experienced pentesters.

セキュリティトレーニング・ツール"ZA
NSIN"の公開
https://www.mbsd.jp/research/2024051
6/zansin/
Incident EnableWindowsLogSettings Documentation and scripts to properly https://github.com/Yamato-
Response enable Windows event logs. Security/EnableWindowsLogSettings

大和セキュリティによる、DFIRと脅威
ハンティングのためのWindowsイベン
トログ設定のガイド
https://github.com/Yamato-
Security/EnableWindowsLogSettings/bl
ob/main/README-Japanese.md
OSINT OriON a virtual machine in Spanish that https://github.com/Cl4r4-5/OriON
incorporates several tools for Open
Source Intelligence (OSINT) on people.

https://github.com/Cl4r4-
5/OriON/blob/main/readme_english.pdf

Attack squeegee A collection of tools using OCR to https://github.com/OOAFA/squeegee

extract potential usernames from RDP
screenshots.

Introducing Squeegee: The Microsoft

Windows RDP Scraping Utility - Black
Hills Information Security
https://www.blackhillsinfosec.com/introd
ucing-squeegee-the-microsoft-windows-
rdp-scraping-utility/
Malware YARA-X The pattern matching swiss knife for https://virustotal.github.io/yara-x/
malware researchers, and everyone
else.

YARA is dead, long live YARA-X ~

VirusTotal Blog
https://blog.virustotal.com/2024/05/yara
-is-dead-long-live-yara-x.html
Monitoring HE 3D Network Map Hurricane Electric 社が提供する 3D https://he.net/3d-map/
Network Map
Misc. Hurricane Electric BGP Toolkit IP https://bgp.he.net/
アドレス、AS番号などが表示されます

OSINT ViewDNS.info Your one source for DNS related tools https://viewdns.info/

Monitoring trufflehog Find and verify secrets https://github.com/trufflesecurity/truffleHog

trufflehogでGitリポジトリにクレデンシ
ャルが混入していないか検査する
https://gri.jp/media/entry/24382
Scanner fping a program to send ICMP echo probes https://github.com/schweikert/fping
to network hosts, similar to ping, but
much better performing when pinging
multiple hosts.
https://fping.org/
Scanner hping3 任意のTCP/IPパケットを作成して送信 https://github.com/jnbdz/hping3
することができるコマンド http://www.hping.org/ (アクセス不可能)

hping3コマンドの使い方
https://hana-
shin.hatenablog.com/entry/2022/03/05/
214824
Misc. Mergely Compare files and find differences https://editor.mergely.com/
online

ブラウザで2つのコードの差分（diff）
を表示できるMergelyを使ってみよう
https://blog.proglus.jp/5112/
Misc. OpenSearch open source search and analytics suite https://opensearch.org/
that makes it easy to ingest, search, https://github.com/opensearch-project
visualize, and analyze data.

Getting started - OpenSearch

Documentation
https://opensearch.org/docs/latest/abou
t/

■日本語検索
お金をかけずにサーバーの勉強をしよ
う-
OpenSearchで日本語の検索をする -
https://subro.mokuren.ne.jp/0930.html
OpenSearchで日本語の検索ができるよ
うにする
https://zenn.dev/tamanugi/articles/6623
0d8d685dc5
ElasticSearch（OpenSearch）の日本語
の全文検索設定【雑メモ】
https://zenn.dev/koniman/articles/25815
Misc. paiza.IO ブラウザでプログラミング・実行がで https://paiza.io/ja
きる「オンライン実行環境」
Database SQL Fiddle Online SQL Compiler for learning & https://sqlfiddle.com/
practice
Database SQLZoo SQLの練習問題 https://sqlzoo.net/wiki/SQL_Tutorial
Database SQLab SQLの練習ができる学習サービス https://sqlab.net/
Misc. Ahmia Search Tor Hidden Services https://ahmia.fi/

TorのOnion
Serviceのクリアネット用検索エンジン
である。VPNおよびTorとともに、通常
のWebコンテンツの約10倍の大きさで
あると報告されているダークネットを
検索する為に用いられる
Misc. ParseHub Free web scraping - The most powerful https://www.parsehub.com/
web scraper

ノーコードでデータ収集が可能なツー
ル【parsehub】
https://4b-media.net/parsehub/
Misc. Arc Web ブラウザ https://arc.net/

世界で話題のブラウザ「Arc」が便利す
ぎたので魅力を解説する
https://qiita.com/ruitomo/items/cc444c6
e4393568ee5b2
Defense AppLocker MicrosoftがWindowsやWindows https://learn.microsoft.com/en-
Server向けに提供している機能であり us/windows/security/application-security/application-
、ユーザーが実行できるアプリとファ control/windows-defender-application-
イルを制御するためのもの control/applocker/what-is-applocker

Active Directory を使用した AppLocker

設定方法
https://jpwinsup.github.io/blog/2022/09/
09/UserInterfaceAndApps/AppLocker/A
ppLocker-AD/AppLocker-AD/
Misc. ActiveDirectory Module The Active Directory module for https://learn.microsoft.com/en-
Windows PowerShell is a PowerShell us/powershell/module/activedirectory/
module that consolidates a group of
cmdlets. You can use these cmdlets to
manage your Active Directory domains,
Active Directory Lightweight Directory
Services (AD LDS) configuration sets,
and Active Directory Database
Mounting Tool instances in a single,
self-contained package.
Misc. LDAP OID Reference Guide OID = Object identifiers https://ldap.com/ldap-oid-reference-guide/

Global OID reference database

https://oidref.com/
Malware Kaspersky Virus Removal Tool Free https://www.kaspersky.com/downloads/free-virus-
のウイルス除去ツール（Kaspersky社） removal-tool
Windows 版と Linux 版

Kaspersky releases free tool that scans

Linux for known threats
https://www.bleepingcomputer.com/new
s/software/kaspersky-releases-free-
tool-that-scans-linux-for-known-threats/
OSINT phoneinfoga Information gathering framework for https://github.com/sundowndev/phoneinfoga
phone numbers

Phoneinfoga: A phone number OSINT

framework
https://medium.com/osint-
ambition/phoneinfoga-a-phone-number-
osint-framework-day15-of-
30daysofosint-450a43d19737
Misc. JMOOC 無料で学べる日本最大のオンライン大 https://www.jmooc.jp/
学講座（MOOC）
Misc. Udemy オンラインコース https://www.udemy.com/
Misc. カーンアカデミー 無料のオンラインコース，レッスン， https://ja.khanacademy.org/
練習問題

英語の下記「Khan
Academy」の方がコースが豊富
Misc. Khan Academy Free Online Courses, Lessons & https://www.khanacademy.org/
Practice
Misc. HTB Academy Online Cybersecurity Courses & https://academy.hackthebox.com/
Certifications

ハンズオンもできて、面白い。コンテ
ンツも読みやすく、分かりやすいです
。ハンズオンで質問があれば、Discord
で質疑応答してもらえます。
Misc. OffSec Infosec & Cybersecurity Training https://www.offsec.com/

ハンズオンもできて、面白い。ハンズ
オンで質問があれば、Discord
で質疑応答してもらえます。OSCP
資格と連動しています。
Misc. SANS Institute Cyber Security Courses Online & In https://www.sans.org/cyber-security-courses/
Person
Misc. Coursera Degrees, Certificates, & Free Online https://www.coursera.org/
Courses
Misc. edX オンラインコース https://www.edx.org/
Attack PowerUpSQL Cheat Sheet PowerUpSQL Cheat Sheet · the most https://github.com/NetSPI/PowerUpSQL/wiki/Power
common PowerUpSQL functions used UpSQL-Cheat-Sheet
during pentests.

PowerUpSQL: A PowerShell Toolkit for

Attacking SQL Server
https://github.com/NetSPI/PowerUpSQ
L
Information adidnsdump Active Directory Integrated DNS https://github.com/dirkjanm/adidnsdump
Gathering dumping by any authenticated user
Misc. smbclient-ng a fast and user friendly way to interact https://github.com/p0dalirius/smbclient-ng
with SMB shares.
Misc. Building a Virtual Security Home Lab Part 1 - Network Topology https://infosecwriteups.com/building-a-virtual-
security-home-lab-part-1-network-topology-
a373f93e342b
Misc. Building a Virtual Security Home Lab Part 2 - pfSense Setup & Configuration https://infosecwriteups.com/building-a-virtual-
security-home-lab-part-2-pfsense-setup-
configuration-ddd7ccba8651
Misc. Building a Virtual Security Home Lab Part 3 - Kali Linux Setup https://infosecwriteups.com/building-a-virtual-
security-home-lab-part-3-kali-linux-setup-
3ed92a5b863c
Misc. Building a Virtual Security Home Lab Part 4 - pfSense Firewall Configuration https://infosecwriteups.com/building-a-virtual-
security-home-lab-part-4-pfsense-firewall-
configuration-529f4ee2fd33
Misc. Building a Virtual Security Home Lab Part 5 - Cyber Range Setup https://infosecwriteups.com/building-a-virtual-
security-home-lab-part-5-cyber-range-setup-
4c2c66cf5672
Misc. Building a Virtual Security Home Lab Part 6 - Active Directory Lab Setup - https://infosecwriteups.com/building-a-virtual-
Part 1 security-home-lab-part-6-active-directory-lab-setup-
part-1-315716fd51e1
Misc. Building a Virtual Security Home Lab Part 7 - Active Directory Lab Setup - https://infosecwriteups.com/building-a-virtual-
Part 2 security-home-lab-part-7-active-directory-lab-setup-
part-2-f203002a40b2
Misc. Building a Virtual Security Home Lab Part 8 - Malware Analysis Lab Setup https://infosecwriteups.com/building-a-virtual-
security-home-lab-part-8-malware-analysis-lab-
setup-acf84c665770
Misc. Building a Virtual Security Home Lab Part 9 - Tsurugi Linux (DFIR) Setup https://infosecwriteups.com/building-a-virtual-
security-home-lab-part-9-tsurugi-linux-dfir-setup-
7ab0f423a594
Misc. Building a Virtual Security Home Lab Part 10 - Splunk Setup & Configuration https://infosecwriteups.com/building-a-virtual-
security-home-lab-part-10-splunk-setup-
configuration-080921e083f8
Misc. Building a Virtual Security Home Lab Part 11 - Transferring Files to Malware https://infosecwriteups.com/building-a-virtual-
Analysis Lab security-home-lab-part-11-transferring-files-to-
malware-analysis-lab-408e7a591ebb
Misc. FoxyProxy Standard Firefox https://addons.mozilla.org/en-
の限定的なプロキシ機能を置き換える US/firefox/addon/foxyproxy-standard/
、高度なプロキシ管理ツール https://addons.mozilla.org/ja/firefox/addon/foxyproxy-
standard/
FoxyProxy Standard
インストール＆設定
https://qiita.com/nilfigo/items/c8b5e832
1e63531640a9
Attack proxychains a tool that forces any TCP connection https://github.com/haad/proxychains
made by any given application to follow
through proxy like TOR or any other
SOCKS4, SOCKS5 or HTTP(S) proxy.
Supported auth-types: "user/pass" for
SOCKS4/5, "basic" for HTTP.
多段のプロキシサーバを経由して、接
続したい端末と任意のプログラムの通
信をすることができます。この機能を
用いることで、複数のネットワークセ
グメントにまたがる端末の検査が可能
となります。

How To Set Up Proxy Chains In

Kali/Parrot Linux
https://medium.com/@blog.yomesh/ho
w-to-set-up-proxy-chains-in-kali-parrot-
linux-3ca66656f769
Misc. cupp Common User Passwords Profiler https://github.com/Mebus/cupp
(CUPP)

Kali Linux
2021.1でCUPPを使用し人に関する情
報に基づくパスワードリストの生成
https://ethicalhacking.hatenablog.com/e
ntry/generating-a-password-list-based-
on-information-about-a-person-using-
cupp-in-kali-linux-2021-1/
Misc. RSMangler RSMangler will take a wordlist and https://github.com/digininja/RSMangler
perform various manipulations on it
similar to those done by John the
Ripper with a few extras.
Misc. Mentalist a graphical tool for custom wordlist https://github.com/sc0tfree/mentalist
generation. It utilizes common human
paradigms for constructing passwords
and can output the full wordlist as well
as rules compatible with Hashcat and
John the Ripper.
Misc. username-anarchy Username tools for penetration testing https://github.com/urbanadventurer/username-
anarchy
Attack identYwaf Blind WAF identification tool https://github.com/stamparm/identYwaf
Attack XSStrike Most advanced XSS scanner. https://github.com/s0md3v/XSStrike
Attack BruteXSS a tool written in python simply to find https://github.com/rajeshmajumdar/BruteXSS
XSS vulnerabilities in web application.
This tool was originally developed by
Shawar Khan in CLI. I just redesigned
it and made it GUI for more
convienience.
Attack xsser Cross Site "Scripter" (aka XSSer) is an https://github.com/epsylon/xsser
automatic -framework- to detect,
exploit and report XSS vulnerabilities in
web-based applications.
Attack phpbash A semi-interactive PHP shell https://github.com/Arrexel/phpbash
compressed into a single file.
Attack Bashfuscator A fully configurable and extendable https://github.com/Bashfuscator/Bashfuscator
Bash obfuscation framework. This tool
is intended to help both red team and
blue team.
Attack Invoke-DOSfuscation Cmd.exe Command Obfuscation https://github.com/danielbohannon/Invoke-
Generator & Detection Test Harness DOSfuscation
Misc. EyeWitness to take screenshots of websites, https://github.com/RedSiege/EyeWitness
provide some server header info, and
identify default credentials if possible.
Scanner droopescan A plugin-based scanner that aids https://github.com/SamJoan/droopescan
security researchers in identifying
issues with several CMSs, mainly
Drupal & Silverstripe.
Scanner JoomlaScan A free software to find the components https://github.com/drego85/JoomlaScan
installed in Joomla CMS, built out of
the ashes of Joomscan.
Scanner joomscan OWASP Joomla Vulnerability Scanner https://github.com/OWASP/joomscan
Project https://www.secologist.com/

Management osTicket Support Ticketing System https://osticket.com/

OSINT Epieos the ultimate OSINT tool (Email and https://epieos.com/
Phone)
OSINT holehe holehe allows you to check if the mail https://github.com/megadose/holehe
is used on different sites like twitter,
instagram and will retrieve information
on sites with the forgotten password
function.
OSINT socialscan Python library for accurately querying https://github.com/iojw/socialscan
username and email usage on online
platforms
Monitoring pspy Monitor linux processes without root https://github.com/DominicBreuker/pspy
permissions
Management kubeletctl A client for kubelet https://github.com/cyberark/kubeletctl
Vulnerability Watson Enumerate missing KBs and suggest https://github.com/rasta-mouse/Watson
exploits for useful Privilege Escalation
vulnerabilities
Attack wesng Windows Exploit Suggester - Next https://github.com/bitsadmin/wesng
Generation
Vulnerability 脆弱性 セキュリティ更新プログラム ガイド - https://msrc.microsoft.com/update-guide/vulnerability
Microsoft
Malware lnkbomb Malicious shortcut generator for https://github.com/dievus/lnkbomb
collecting NTLM hashes from insecure
file shares.
Management mRemoteNG Multi-Remote Next Generation https://mremoteng.org/
Connection Manager
Misc. mRemoteNG-Decrypt Python script to decrypt passwords https://github.com/haseebT/mRemoteNG-Decrypt
stored by mRemoteNG
Misc. SlackExtract A PowerShell script to download all https://github.com/clr2of8/SlackExtract
files, messages and user profiles that a
user has access to in slack.
Misc. Cookie-Editor A safe cookie editor for Chrome, https://cookie-editor.com/
Firefox, Safari, Edge and Opera
Misc. SharpChromium .NET 4.0 CLR Project to retrieve https://github.com/djhohnstein/SharpChromium
Chromium data, such as cookies,
history and saved logins.
Misc. restic Fast, secure, efficient backup program https://github.com/restic/restic

Misc. EOL (Windows / Office) End Of Life Dates for Microsoft https://michaelspice.net/windows/end-of-life-
Windows and Office microsoft-windows-and-office/
Misc. ソフトウェア (Windows) Software (Windows) Download https://www.microsoft.com/ja-jp/software-download/
のダウンロード https://www.microsoft.com/en-
us/software-download/
Monitoring Packetbeat Elasticsearchを活用したネットワーク https://www.elastic.co/jp/beats/packetbeat
分析
Misc. cherrytree A hierarchical note taking application, https://www.giuspen.com/cherrytree/
featuring rich text and syntax
highlighting, storing data in either a
single file (xml or sqlite) or multiple files
and directories.
Misc. Obsidian the private and flexible writing app that https://obsidian.md/
adapts to the way you think.
Misc. unredacter Never ever ever use pixelation as a https://github.com/bishopfox/unredacter
redaction technique
Misc. DPAT Domain Password Audit Tool for https://github.com/clr2of8/DPAT
Pentesters
Misc. writehat A pentest reporting tool written in https://github.com/blacklanternsecurity/writehat
Python. Free yourself from Microsoft
Word.
Misc. pwndoc Pentest Report Generator https://github.com/pwndoc/pwndoc
Misc. Ghostwriter The SpecterOps project management https://github.com/GhostManager/Ghostwriter
and reporting engine
Misc. Dradis Community Edition Reporting Tools/Findings Database https://dradis.com/ce/
Misc. VECTR a tool that facilitates tracking of your https://github.com/SecurityRiskAdvisors/VECTR
red and blue team testing activities to
measure detection and prevention
capabilities across different attack
scenarios
Misc. AttackForge Pentest Management and Reporting https://attackforge.com/
(Paid)
Misc. PlexTrac Pentest Reporting and Collaboration https://plextrac.com/
Platform (Paid)
Misc. Rootshell Vulnerability Management? (Paid) https://www.rootshellsecurity.net/why-rootshell/
Misc. Greenshot making screenshots you can get on https://getgreenshot.org/
your Windows PC.
Misc. 10 Minute Mail Free Anonymous Temporary email https://10minutemail.com/
Information RSS Guard Feed reader (and podcast player) https://github.com/martinrotter/rssguard
Gathering which supports RSS/ATOM/JSON and
many web-based feed services.
Phishing 迷惑メール.jp 迷惑メールの共有・検索 https://meiwakumail.jp/
Misc. cobalt 無料でYouTubeやX(旧Twitter)の動画を https://cobalt.tools/
URLをコピペしてダウンロードできる
「cobalt」
https://gigazine.net/news/20240610-
cobalt/
Misc. Rufus 起動可能なUSBドライブを簡単に作成 https://rufus.ie/ja/
できます

様々な OS のブート USB

を、素早く作成する！「Rufus」
https://www.gigafree.net/system/os/Ruf
us.html
Misc. RustDesk An open-source remote desktop, and https://github.com/rustdesk/rustdesk
alternative to TeamViewer.

https://rustdesk.com/
OSINT Obsidian Mastering Cyber Threat Intelligence https://obsidian.md/
with Obsidian
https://bank-
security.medium.com/mastering-cyber-
threat-intelligence-with-obsidian-
cef6052a0d02
Malware GMER Rootkit Detector and Remover http://www.gmer.net/

ルートキットをスキャンする（GMER)
https://iroiro-
memo.hatenablog.com/entry/20131015/
1381845342

Misc. PC Hunter displays low-level Windows system https://www.ghacks.net/2014/07/11/pc-hunter-

information reveals-many-low-level-windows-system-information/

PC Hunter
を用いてカーネルに登録されているコ
ールバックを確認
https://troushoo.blog.fc2.com/blog-
entry-409.html
Attack Brute Ratel C4 レッドチームおよび敵対的攻撃シミュ https://bruteratel.com/
レーションツール

ペンテストツールBrute Ratel C4:

脅威アクターによるレッドチームツー
ル悪用
https://unit42.paloaltonetworks.jp/brute-
ratel-c4-tool/
Misc. gsecdump Dump credentials from memory https://web.archive.org/web/20150606043951if_/http
://www.truesec.se/Upload/Sakerhet/Tools/gsecdump
atomic-threat- -v2b5.exe
coverage/Atomic_Threat_Coverage/Trig
gers/T1003.md at master · atc-
project/atomic-threat-coverage · GitHub
https://github.com/atc-project/atomic-
threat-
coverage/blob/master/Atomic_Threat_C
overage/Triggers/T1003.md
gsecdump
https://jpcertcc.github.io/ToolAnalysisRe
sultSheet_jp/details/gsecdump.htm
OSINT Phonebook.cz ドメイン、メールアドレスを検索可能 https://phonebook.cz/
(検索には、Intelligence X
のアカウントが必要[無料])

Intelligence X
https://intelx.io/

OSINT Clearbit Connect メールアドレスの検索が可能な https://clearbit.com/resources/tools/connect

Google Chrome
拡張機能。ただし、あまりヒットしな
い。（私の検索の仕方が悪いだけかも
）
OSINT LeakCheck リーク情報（メールアドレス、ユーザ https://leakcheck.io/
名）を検索するサイト
OSINT Snusbase リーク情報（メールアドレス、IPアド https://www.snusbase.com/
レス、名前など）を検索するサイト

OSINT Namechk Username and Domain Name Checker https://namechk.com/

- Search All Domain Names and User
Names to see if they're available

Scanner Advanced Port Scanner ネットワークコンピューターのあいて https://www.advanced-port-scanner.com/jp/

いるポートを迅速に検索し、検出され
たポートで実行されているプログラム
のバージョンを取得するための無料ネ
ットワークスキャナー
Misc. AdFind Command line Active Directory query https://www.joeware.net/freetools/tools/adfind/
tool. Mixture of ldapsearch, search.vbs,
ldp, dsquery, and dsget tools with a ton
of other cool features thrown in for
good measure. This tool proceeded
dsquery/dsget/etc by years though I did
adopt some of the useful stuff from
those tools.

Exploring AdFind: The Command-Line

Tool for Mastering Active Directory
https://medium.com/@focusfaithfirst/ex
ploring-adfind-the-command-line-tool-
for-mastering-active-directory-
00bbafa97346
Misc. Rclone a command-line program to manage https://rclone.org/
files on cloud storage.

Rcloneの使い方まとめてみた
https://qiita.com/mochinoki/items/c0809
d75ba9228cb54b6
Misc. Megatools command line client for Mega.nz https://megatools.megous.com/
Misc. GoodSync 簡単にファイルのバックアップや同期 https://www.goodsync.com/jp
が可能
Misc. WinSCP MS-Windows上で動く https://winscp.net/eng/docs/lang:jp
オープンソースでグラフィカルなFTP
、FTPS、SFTPクライアントプログラ
ム
Misc. FileZilla The free FTP solution https://filezilla-project.org/
Misc. OpenPLC Open-source PLC Software https://autonomylogic.com/

OpenPLCによるラダー・プログラムの
作成方法
https://interface.cqpub.co.jp/2021plc06/

Misc. OpenCore Legacy Patcher サポート対象外の古いMacに新しいOS https://dortania.github.io/OpenCore-Legacy-Patcher/

をインストールできるようにするオー
プンソースユーティリティ

古いMacにmacOS
Venturaをインストール
https://www.maclab.tokyo/document/ma
cos-ventura-oclp/9169/
Misc. JMOOC - 世界中の大学によるコンピュータサイ https://www.jmooc.jp/
無料で学べる日本最大のオンライン エンス・プログラミング講座が日本語
大学講座（MOOC） で学べる
「MOOC」（大規模公開オンライン講
座）サイトまとめ 2024年版
https://www.itmedia.co.jp/news/articles/
2408/07/news100.html
OS DragonOS SDR関連ソフトがプリインストールさ https://cemaxecuter.com/
れたUbuntu ～DragonOS～

DragonOS - Linux distribution for Radio

Hacking
https://en.iguru.gr/dragonos-linux-
dianomi-gia-radio-hacking/
SDR関連ソフトがプリインストールさ
れたLinux ディストリビューションの
"DragonOS" を試す。
http://mikioblog.dolphinsystem.jp/2021/
06/sdrlinux-dragonos.html