网络安全工具整理汇总

练习平台

（1）WebGoat

https://github.com/WebGoat/WebGoat

https://github.com/WebGoat/WebGoat-Legacy

（2）DVWA

https://github.com/RandomStorm/DVWA

（3）sqli-labs

https://github.com/Audi-1/sqli-labs

（4）vulnerable-node

https://github.com/cr0hn/vulnerable-node

扫描器

（1）Nmap

https://github.com/nmap/nmap

（2）本地网络扫描器

https://github.com/SkyLined/LocalNetworkScanner

（3）漏洞路由扫描器

https://github.com/jh00nbr/Routerhunter-2.0

（4）子域名扫描器

https://github.com/lijiejie/subDomainsBrute

（5）BBScan

https://github.com/lijiejie/BBScan

（6）Scanners Box

https://github.com/We5ter/Scanners-Box

WEB工具

（1）webshell

https://github.com/tennc/webshell

（2）hackUtils

https://github.com/brianwrf/hackUtils

（3）渗透小工具

https://github.com/rootphantomer/hacktoolsfor_me

（4）XSSReceiver

https://github.com/firesunCN/BlueLotus_XSSReceiver

（5）xssor

https://github.com/evilcos/xssor

（6）commix

https://github.com/stasinopoulos/commix

（7）sqlmap

https://github.com/sqlmapproject/sqlmap

（8）sqli-hunter

https://github.com/zt2/sqli-hunter

（9）Cknife

https://github.com/Chora10/Cknife

（10）GitHack

https://github.com/lijiejie/GitHack

（11）beef

https://github.com/beefproject/beef

（12）WAFNinja

https://github.com/khalilbijjou/WAFNinja

（13）httpie

https://github.com/jkbrzt/httpie

（14）firebug

https://github.com/firebug/firebug

（15）ModSecurity

https://github.com/SpiderLabs/ModSecurity

Windows渗透工具

（1）mimikatz

https://github.com/gentilkiwi/mimikatz

（2）PowerSploit

https://github.com/PowerShellMafia/PowerSploit

（3）PowerShell

https://github.com/clymb3r/PowerShell

FUZZ

（1）https://github.com/xmendez/wfuzz

（2）https://github.com/lijiejie/htpwdScan

漏洞利用

（1）Msf

https://github.com/rapid7/metasploit-framework

（2）pocscan

https://github.com/erevus-cn/pocscan

（3）Pocsuite

https://github.com/knownsec/Pocsuite

（4）Beebeeto

https://github.com/n0tr00t/Beebeeto-framework

（5）其他

https://github.com/offensive-security/exploit-database

https://github.com/80vul/phpcodz

https://github.com/frohoff/ysoserial

https://github.com/foxglovesec/JavaUnserializeExploits

https://github.com/CaledoniaProject/jenkins-cli-exploit

https://github.com/hxer/vulnapp

https://github.com/GoSecure/php7-opcache-override

https://github.com/XcodeGhostSource/XcodeGhost

密码破解

（1）https://github.com/shinnok/johnny

（2）https://github.com/AlessandroZ/LaZagne

二进制

（1）binwalk

https://github.com/devttys0/binwalk

（2）binmap

https://github.com/quarkslab/binmap

（3）rp

https://github.com/0vercl0k/rp

（4）badger

https://github.com/lillypad/badger

（5）amoco

https://github.com/bdcht/amoco

（6）peda

https://github.com/longld/peda

（7）billgates-botnet-tracker

https://github.com/ValdikSS/billgates-botnet-tracker

（8）RATDecoders

https://github.com/kevthehermit/RATDecoders

（9）angr

https://github.com/angr/angr

（10）pysonar2

https://github.com/yinwang0/pysonar2

（11）etacsufbo

https://github.com/ChiChou/etacsufbo

（12）rop-tool

https://github.com/t00sh/rop-tool

其他

（1）wafw00f

https://github.com/EnableSecurity/wafw00f

（2）Sreg（社工用）

https://github.com/n0tr00t/Sreg

（3）gitscan

https://github.com/sea-god/gitscan

（4）GitHarvester

https://github.com/metac0rtex/GitHarvester

（5）隐写检测

https://github.com/abeluck/stegdetect

○

○

Pikachu~

Charles