Skip to content

Latest commit

 

History

History
129 lines (105 loc) · 2.05 KB

README.md

File metadata and controls

129 lines (105 loc) · 2.05 KB

A comprehensive list of the tools that I use as part of my cybersecurity toolkit.

OSINT

  • Spiderfoot OSINT
  • Shodan
  • Maltego
  • TheHarvester

Red Team

Scanning Tools

  • Masscan
  • Cewl
  • OpenVAS
  • Zmap

Web Application Analysis

  • Burp Suite
  • Nikto
  • SQL Map
  • OWASP ZAP
  • WPScan

Network Penetration Testing

  • Nmap
  • Wireshark
  • Netcat
  • Hydra
  • Nessus
  • John the Ripper
  • Metasploit
  • Tcpdump

Wireless Penetration Testing

  • WiFite
  • Aircrack-ng
  • Kismet

Cloud Security Testing

  • Scout Suite
  • Pacu
  • CloudSploit
  • Cloud Security Suite
  • AWS Security Toolkit

Social Engineering Tools

  • GoPhish
  • Social-Engineer Toolkit (SET)
  • King Phisher

Blue Team

Data Visualization and Logging

  • Splunk
  • ELK Stack (Elasticsearch, Logstash, Kibana)
  • Graylog
  • Grafana

Endpoint Monitoring

  • VMWare Carbon Black
  • Velociraptor
    • Within velociraptor, Artifact collection and deployment is super powerful.
  • OSSEC
  • CrowdStrike Falcon

Network Monitoring

  • Corelight
  • Zeek
  • Wireshark

Malware Analysis

  • Mr. Majestic
  • Yara
  • Cuckoo Sandbox
  • Ghidra

Forensics

  • Volatility (Used for memory forensics)
  • Regshot (Registry Forensics)
  • Autopsy
  • FTK Imager
  • binwalk
  • exiftool

Incident Response

  • MISP (threat intelligence and sharing platform)
  • TheHive (scalable 4-in-1 open source platform designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents)

Security Orchestration, Automation, and Response (SOAR)

  • Demisto
  • Swimlane
  • Siemplify

Security Information and Event Management (SIEM)

  • QRadar
  • LogRhythm
  • AlienVault OSSIM

Threat Intelligence

  • ThreatConnect
  • Anomali ThreatStream
  • Recorded Future

Vulnerability Management

  • OpenVAS
  • Nessus
  • Nexpose

Security Configuration Management

  • Ansible
  • Chef
  • Puppet

Firewall and IDS/IPS

  • pfSense
  • Snort
  • Suricata

Password Cracking

  • Hashcat
  • John the Ripper

Digital Forensics

  • SIFT Workstation
  • GRR (Google Rapid Response)

Network Traffic Analysis

  • Moloch
  • Zeek (formerly Bro)