security.vodka
Yet another security tools list. And just like vodka - use responsibly
Threat Intelligence Feeds
Name | Url | Description |
---|---|---|
Feodo Tracker | https://feodotracker.abuse.ch | abuse.ch feed project |
URLHaus | https://urlhaus.abuse.ch | abuse.ch malicious urls |
OTX | https://otx.alienvault.com | Open Threat Inteligence by AlienVault |
Proofpoint | https://rules.emergingthreats.net | Proofpoint Emerging Threats Rules |
FBI InfraGard | https://www.infragard.org | FBI InfraGard Feed |
BlockList | https://www.blocklist.de/en/index.html | Blocklist fail2ban feed |
DanTV | https://www.dan.me.uk/dnsbl | DNS Blacklist |
CINSscore | https://cinsscore.com | The CINS Score feed |
Vulnerability scanners
Name | Url | Description |
---|---|---|
OpenVAS | https://openvas.org/ | Open Vulnerability Assessment Scanner |
nmap_vulners | https://github.com/vulnersCom/nmap-vulners | NSE script based on Vulners.com API |
Vuls | https://vuls.io/ | Vuls is open-source, agent-less vulnerability scanner |
Security Testing Tools
Name | Url | Description |
---|---|---|
ZAP | https://www.zaproxy.org/ | OWASP Zed Attack Proxy |
w3af | http://w3af.org/ | Web app attack and audit framework |
skipfish | https://github.com/spinkham/skipfish?ref=thechiefio | web app security scanner |
Metasploit | https://www.metasploit.com/ | One of the most popular pentesting frameworks |
Wapiti | https://sourceforge.net/projects/wapiti/files/ | web-app vulnerability scanner |
Wireshark | https://www.wireshark.org/ | Network protocols analyzer |
Wfuzz | https://github.com/xmendez/wfuzz | Web pentesting tool |
Vega | https://subgraph.com/vega/ | Open source web security scanner |
Database pentesting tools
Name | Url | Description |
---|---|---|
sqlmap | https://sqlmap.org/ | SQL pentesting tool |
sqlninja | http://sqlninja.sourceforge.net/ | SQL injection and takeover tool |
Linux distributions focused on pentesting and forensics
Name | Url | Description |
---|---|---|
Backbox Linux | https://linux.backbox.org | penetration testing and security assessment oriented Linux distribution |
BlackArch Linux | https://blackarch.org | Arch Linux-based penetration testing distribution |
Kali | https://www.kali.org | Debian-based pentesting distribution |
Parrot Security | https://parrotlinux.org | The ultimate framework for your Cyber Security operations |
Samurai Web Testing | https://github.com/SamuraiWTF/samuraiwtf | Virtual machines framework for pentesting |
CAINE | https://www.caine-live.net | Ubuntu based live CD for forensic analysis |
NST | http://www.networksecuritytoolkit.org/nst/index.html | Network Security Toolkit |
Fedora Security Spin | https://fedoraproject.org/wiki/Security_Lab | Fedora based live CD for security auditing, forensics and pentesting |
ArchStrike | https://archstrike.org | Arch Linux respository for security professionals |
Cool security-related stuff by even cooler people
Name | Url | Description |
---|---|---|
gtworek | https://github.com/gtworek | Useful stuff for Microsoft security professionals |
k3idii | https://github.com/k3idii | ITSEC & Nuclear Physics! ;) |
mak | https://github.com/mak | |
enaqx | https://github.com/enaqx/awesome-pentest | Penetration testing tools |
arch3rPro | https://github.com/arch3rPro/PentestTools | Pentest Tools |
msm | https://github.com/msm-code/ | msm-code Tools |
CERT Polska | https://github.com/CERT-Polska/ | Polish CERT Team |
Sysadmin stuff
| Name | Url | Description | |——|—–|————-| |oh my tmux | https://github.com/gpakosz/.tmux | Tmux config file by Gregory Pakosz |