InfoSec Ninjas 資安忍者

Arsenal For Web Penetration Testing



Build your own Web Penetration Testing arsenal with Ubuntu 14.04 LTS Desktop. Less is more ....

You can either install The Pentesters Framework (PTF) or the tools below.

For network and wireless penetration testing tools, please refer to BackBox Linux, Kali Linux, Pentoo, BlackArch Linux or ArchStrike Linux and etc.

Information Gathering

Passive
Recon-ng
Spiderfoot

Active
Masscan
NMap


CMS

CMSMap


Vulnerability Scanner

Arachni


Proxy and Exploitation

Burp Suite
BurpKit
ZAP
HconSTF
Commix


Brute Forcing

THC-Hydra
John

Password List
Skull Security
SecLists


Database

SQLMap
NoSQLMap


Webshell

Weevely
Webshell collections
NetCat


Social Engineering

SET
BeEF


Exploit Framework

Metasploit Framework


Linux Local Privilege Escalation

unix-privesc-check
LinEnum
Unix Privilege Escalation Exploits Pack


Post Exploitation

Post Exploitation Linux Toolkit
Diamorphine


Bypass Techniques

Basic to Advanced WAF Bypassing Methods
SQLi WAF Bypassing


Others

checksec.sh
Cheat Sheet



Samiux

Back