Miscellaneous

Links in here either need to be organized, or are here until there are enough links on the subject to merit their own file.

Forensic

An open source tool for collaborative forensic timeline analysis.

IOCs

Awesome list of IOCs (Indicator of Compromise)

targetedthreats

Collection of IOCs related to targeting of civil society. With reports, incomplete indicators and Snort rules.

Networking

A python program to create a fake AP and sniff data.

Visualize network topologies and provides graph statistics based on pcap files. It should be possible to determine key topological nodes or data exfiltration attempts more easily.

A tool to extract credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.

Proxies & Reverse Proxies

cloud-proxy creates multiple DO droplets and then starts local socks proxies using SSH.

Firecat is a penetration testing tool that allows you to punch reverse TCP tunnels out of a compromised network.

A reverse proxy that provides authentication with Google, Github or other provider.

The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.

Socks4 reverse proxy for penetration testing.

Publications

Zines and other online things.

Hack with Github

A curated collection of free Security and Pentesting ebooks.

Scanners

Scans popular websites to see supplied credentials have been reused on any other sites.

A passive scanning tool for finding expired domain vulnerabilities while you browse.

Undefined

AIMSICD (Android IMSI Catcher Detector)

An Android app to detect IMSI-Catchers.

Create On Demand OpenVPN Endpoints on AWS.

Awesome Exploit Development

Awesome list for exploit dev.

Awesome Remote Job

Awesome list for remote jobs.

Fully static, unprivileged, self-contained, containers as executable binaries.

Cheap EMUlator: lightweight multi-architecture assembly playground.

A framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI), and platform components.

Paid service to monitor, notify and delete your online presence.

A post-exploitation agent which uses Dropbox Infrastructure for command and control operations.

A list of various hardening guides compiled by ERNW.

macOS Security and Privacy Guide

A practical guide to securing macOS.

PCILeech uses PCIe hardware devices to read and write from the target system memory. This is achieved by using DMA over PCIe. No drivers are needed on the target system.

A collective list of free JSON APIs for use in web development.

A CTF framework and exploit development library.

A web framework that allows performing periodic syncs of data sources and performing analysis on the identified results.

Security Guid for Developers

Don't be a bad dev.

A tool for passive data capture and reconnaissance of serial flash chips. It is used in conjunction with a Saleae logic analyzer to reconstruct flash memory contents and extract contextual information about device operations.

Run a webserver and sshd on the same port.

static binaries

Various *nix tools built as statically-linked binaries.

Universal Serial aBUSe is a project to demonstrate the risks of hardware bypasses of software security by Rogan Dawes at SensePost.

[Using Nmap and Socat to Get Around Public Internet Port Restrictions]http://mikeferrier.com/2013/07/13/using-nmap-and-socat-to-get-around-public-internet-port-restrictions/

Pivotable Reverse WhoIs / PDNS Fusion with Registrant Tracking & Alerting plus API for automated queries (JSON/CSV/TXT).

Jam all wifi clients/routers.