SecurityTools - User contributions [en]

Glossary

2026-03-30T22:54:26Z

RagManX: Add GRC, need to fill explanation subsection for GRC.

;Blue Team
: Security team members who emphasize defensive security practices such as digital forensics and incident response
;Buffer Overflow
: An attack on an application where more data is sent than the program is prepared to accept, resulting in unexpected application behavior. The concept was possibly first explained in great detail in [http://www.phrack.org/issues/49/16.html Phrack issue 49] way back in 1996 by well-known hacker Aleph1 in his article "[https://inst.eecs.berkeley.edu/~cs161/fa08/papers/stack_smashing.pdf Smashing the Stack for Fun and Profit]"
;[https://www.cloudflare.com/learning/cloud/what-is-the-cloud/ Cloud]
: A software platform where another organization supports/manages the software and data storage online that in the past would have been maintained in-house. Sometimes derisively stated as "just someone else's computer" (although ZDNet points out why [https://www.zdnet.com/article/stop-saying-the-cloud-is-just-someone-elses-computer-because-its-not/ this is actually incorrect])
: [[File:There-is-no-cloud-sticker.jpg|alt=There is no cloud. It's someone else's computer.|none|thumb|179x179px]]
:
;Cross-Site Scripting (XSS)
: A web-based attack in which unsanitized inputs to the server results in unexpected behavior by the web client. For a greater discussion of Cross-Site Scripting, [https://cybr.com/courses/cross-site-scripting-xss-the-2021-guide/ see Cybr.com's XSS 2021 Guide]
;Database
: A means of storing data in a format which allows easier retrieval and analysis
;DFIR (Digital Forensics and Incident Response)
: The combined effect of examining digital media for evidence of unintended alteration and the response to the findings of that analysis
;Digital Forensics
: The method of examining digital media for evidence of malfeasance
;EDR (Endpoint Detection Response)
: The practice of detecting and responding to threats on your network or system
;Fuzzing
: The automated testing of security systems through submission of random, unexpected, or invalid data as inputs to a system designed to accept user data. For a more detailed explanation, please [https://patricegodefroid.github.io/public_psfiles/Fuzzing-101-CACM2020.pdf read this article (PDF)] from Patrice Godefroid
;'''GRC (Governance, Risk, and Compliance)'''
;HIBP (Have I Been Pwned?)
: A [https://haveibeenpwned.com/ password security website] run by Troy Hunt, it's most well known for tracking security leaks like the RockYou password leak from 2012 (see below) as well as offering a web interface to test visitors' passwords to see if they have been leaked online at some point
;Incident Response
: The response to attacks or malware by the security team
;OSInt (Open-Source Intelligence)
: The use of freely available resources to gather information about a target. Highly recommended considering [https://cylect.io/ Cylect.io] as a jumping-off point for your OSInt research. Alternatively, view [https://osintframework.com/ the OSInt Framework] for link after link of guidance to further research tools
;MDR (Managed Detection and Response)
: A managed security service where your assets are monitored 24/7 (and you are notified if needed) by SOC staff
;Packet Capture
: The gathering of network traffic for analysis by a [[network protocol analyzer]]
;Penetration Testing (PenTesting)
: The red team practice of simulating actions of an external attacker but in a more controlled manner. This concept is written up well in the Cisco product & service explanation, [https://www.cisco.com/c/en/us/products/security/what-is-pen-testing.html covering methods and types of pentesting]
;Purple Team
: A security team with members focusing on both Red Team and Blue Team practices
;Red Team
: Security team members who emphasize offensive security practices such as penetration testing
;RockYou
: A company which once developed MySpace widgets and other social networks, they are responsible for [https://techcrunch.com/2009/12/14/rockyou-hack-security-myspace-facebook-passwords/ one of the largest password leaks ever released] onto the Internet
;[https://www.oracle.com/applications/what-is-saas/ SaaS (Software as a Service)]
: A cloud-based software delivery model in which the cloud provider develops and maintains cloud application software, provides automatic software updates, and makes software available to its customers via the internet on a pay-as-you-go basis
;[https://en.wikipedia.org/wiki/Security_information_and_event_management SIEM (Security Information and Event Management)]
: Real-time analysis of security alerts generated by applications and network hardware
;[https://www.ibm.com/topics/security-operations-center SOC (Security Operations Center)]
: An in-house or outsourced team of IT security professionals that monitors an organization’s entire IT infrastructure, 24/7, to detect cybersecurity events in real time and address them as quickly and effectively as possible.
;Structured Query Language (SQL)
: The most commonly used means of interacting with a database, SQL is the language used to access, process, or update information in a relational database
;SQL Injection (SQLi)
: A web attack which uses unsanitized user input to push SQL statements through a web server in order to corrupt a database or extract information from a database. A [https://www.w3schools.com/sql/sql_injection.asp brief write-up of how this can be done] is available from w3schools, and [https://cybr.com/courses/injection-attacks-the-free-guide/ a free course on SQLi] as well as other injection methods is available from Cybr
;[https://www.microsoft.com/en-us/security/business/security-101/what-is-xdr XDR (Extended Detection and Response)]
: An SaaS tool that combines prevention, detection, investigation, and response, providing visibility, analytics, correlated incident alerts, and automated responses to improve data security and combat threats. See also the [https://www.paloaltonetworks.com/cyberpedia/what-is-xdr Palo Alto Networks definition of XDR].

Useful websites

2025-11-12T21:47:38Z

RagManX: Added roadmap.sh link for cyber-security guidance.

Below are many websites which provide useful information for security practitioners and those learning about security. This topic is going to eventually get unmanageable, and will need reorganized and broken down into some categories. However, until I start filling in more valuable sites, I'm not sure how I'm going to break it down. Expect format changes in the future.

*[https://adsecurity.org/ AD Security] - An infrequently updated but useful guide to attacking and defending Active Directory
* [https://github.com/fabacab/awesome-cybersecurity-blueteam Awesome Cybersecurity Blue Team] - A GitHub page loaded with resources for [[blue team]] specialists.
*DFIR Diva's [https://dfirdiva.com/ Digital Forensics and Incident Response Blog] - Geared towards beginners, this links free and affordable training, resources, and a job board
*[https://github.com/DFIRmadness/5pillars/blob/master/5-Pillars.md Five Pillars of an Information/Cyber Security Professional] - A guide to the five key areas of proficiency necessary to excel in security
*The [https://old.reddit.com/r/hacking/wiki/index hacking sub-reddit wiki] - Much of the collected wisdom and guidance of /r/hacking, with a glossary, movie recommendations, an FAQ, hacking resources, and so much more. Well worth leaving this page to peruse
*[https://book.hacktricks.xyz/ HackTricks] - A penetration testing, red team testing, and [[CTF]] tips project which aims to offer free quality hacking resources to all the world, so people can learn for free the latest techniques in cybersecurity
*[https://haveibeenpwned.com/ Have I Been Pwned?] - A site for checking whether your email or password is in a data breach
* [https://ired.team/ ired.team] is a collection of notes on red teaming and offensive security which could be useful to practitioners just getting into this area of security
* [https://lolbas-project.github.io/# LOLBAS] - Living off the Land Binaries, Scripts, and Libraries - A site dedicated to helping you take advantage of common tools that might already be loaded on your target system
*[https://github.com/m0nad/awesome-privilege-escalation m0nad's Awesome Privilege Escalation] - A collection of Linux, Windows, Docker, and Cloud privilege escalation tips
*[https://github.com/carlospolop/PEASS-ng/tree/master PEASS-ng] - The Privilege Escalation Awesome Scripts SUITE new generation - a collection of macOS, Linux, and Windows tools to help you escalate your privileges once you gain a foothold on a system. Get some guidance on privilege escalation techniques, including use of PEASS-ng tools, from the [https://book.hacktricks.xyz/linux-hardening/privilege-escalation Linux privilege escalation]and [https://book.hacktricks.xyz/windows-hardening/checklist-windows-privilege-escalation Windows privilege escalation] subsections of HackTricks
*https://roadmap.sh/cyber-security - Cyber-security roadmap - a guide on getting into cyber-security
*[https://www.shodan.io/ Shodan] web search engine - "Shodan is the world's first search engine for Internet-connected devices. Discover how Internet intelligence can help you make better decisions."
* [https://www.vulnhub.com/ Vulnhub] - A collection of intentionally vulnerable, downloadable virtual machines to practice your security skills
*[https://www.vx-underground.org/ VX-Underground] - The largest collection of malware source code, samples, and papers on the internet. For more information, also follow [https://twitter.com/vxunderground the vx-underground Twitter account]

Joplin

2025-11-03T01:21:15Z

RagManX: Initial description with slight "More Information" detail.

=== Description ===
[https://joplinapp.org/ Joplin] is an open-source, multi-pane note-taking application available for Windows, Linux, FreeBSD, macOS, Android, and iOS. It even comes in a portable version which you can run from a USB key on Windows, so you can carry all your notes with you.

=== Tool Type ===

* Markdown editor
* [[Note-taking applications]]

=== More Information ===

* Additional, [https://discourse.joplinapp.org/t/unofficial-alternative-joplin-distributions/23703 unofficial installation methods and distributions]
* Joplin's social media presence [https://bsky.app/profile/joplinapp.bsky.social on BlueSky]
*

=== Sample Use/Screenshots ===

*

=== Similar Tools ===

* [[Obsidian]]
* [[CherryTree]]
* [[Trilium Notes]]
* [[Microsoft OneNote]]
* [[SimpleNote]]
* [[Notion]]
* [[Zim]]
* [[Evernote]]
* [[AnyType]]

Online Training sites

2024-11-06T21:53:24Z

RagManX: Add Low Level Academy's programming courses to the site list.

Below are listed online CyberSec training sites in no particular order which offer video training courses to help you advance your knowledge and career.

* [https://cybr.com/courses/ Cybr]
* [https://academy.tcm-sec.com/courses/ TheCyberMentor Academy]
* [https://academy.ehacking.net/courses Ethical Hacking Academy]
* [https://courses.stationx.net/ The StationX Cyber Security School]
* [https://my.ine.com/ INE]
* [https://0verfl0w.podia.com/malware-analysis-course 0verfl0w's Beginner Malware Analysis Course]
*[https://learnsecurity.amazon.com/ Amazon's Cybersecurity Awareness training] is now available for free to everyone
*[https://www.udemy.com/courses/search/?src=ukw&q=cybersecurity Udemy offers hundreds of video courses] covering general cybersecurity, ethical hacking, security or networking certifications, and so much more
*[https://courses.tib3rius.com/ Tib3rius has courses] on Linux and Windows privilege escalation techniques
*[https://lowlevel.academy/ Low Level Academy] offers programming courses in ARM Assembly, C, and Network coding. Lifetime access for one price (currently 20% off until November 28<sup>th</sup>)

File:There-is-no-cloud-sticker.jpg

2024-11-02T16:19:46Z

RagManX: Image stating "There is no cloud. It's just someone else's computer"

== Summary ==
Image stating "There is no cloud. It's just someone else's computer"

DirBuster JF

2024-11-02T04:56:49Z

RagManX: Initial page creation. Still need to add to the More Information section - coming soon.

=== Description ===
[https://sourceforge.net/projects/dirbuster/files/DirBuster%20Source/1.0-RC1/ DirBuster] (James Fischer) is a [[fuzzer]] used for locating typically hidden web pages. This is the version included by default in [[Kali|Kali Linux]], and differs in implementation from [[DirBuster_1llusion|Dirbuster]] (Mr1llusion) while offering similar capabilities from the command line.

=== Tool Type ===

* [[Fuzzer]]

=== More Information ===

=== Sample Use/Screenshots ===

* Here is the help output from running '''dirbuster -h''' from the command line
[[File:DirBuster_(James_Fisher)_-_Help_Output.png|600]]
* Alternatively, you can run DirBuster in graphical mode, giving you the following interface
[[File:DirBuster_(James_Fisher)_-_GUI.jpg|600]]
* If you need information about some available Word Lists fir DirBuster, you can click the '''List Info''' button in the GUI
[[File:DirBuster_(James_Fisher)_-_WordList_Details.jpg|600]]

=== Similar Tools ===
* [[DirB]]
* [[DirBuster 1lussion|DirBuster]] (Mr1llusion)
* [[Ffuf_-_Fuzz_Faster_U_Fool|ffuf]]
* [[wfuzz]]

File:DirBuster (James Fisher) - WordList Details.jpg

2024-11-02T04:35:45Z

RagManX: A brief description of the word lists included with James Fisher's DirBuster package on Kali Linux.

== Summary ==
A brief description of the word lists included with James Fisher's DirBuster package on Kali Linux.

File:DirBuster (James Fisher) - GUI.jpg

2024-11-02T04:34:02Z

RagManX: The graphical interface for James Fisher's DirBuster in Kali Linux.

== Summary ==
The graphical interface for James Fisher's DirBuster in Kali Linux.

File:DirBuster (James Fisher) - Help Output.png

2024-11-02T04:12:19Z

RagManX: Help output on the command line from James Fisher's DirBuster included with Kali Linux

== Summary ==
Help output on the command line from James Fisher's DirBuster included with Kali Linux

File:DirBuster (James Fisher) - GUI.png

2024-11-02T04:08:44Z

RagManX: The graphical interface for James Fisher's DirBuster included with Kali Linux

== Summary ==
The graphical interface for James Fisher's DirBuster included with Kali Linux

Free and Open-Source Software

2024-11-02T03:52:26Z

RagManX: /* D */ Clean up extraneous keystrokes in dirb description.

Free and Open-Source Software ([[FOSS]]) is software that is [[wikipedia:Free_software|Free Software]] and [[wikipedia:Open-source_software|Open-Source Software]]. There is so much FOSS in the security domain that I believe this warrants its own wiki page.

=== A ===

* [[Advanced Policy Firewall]] (apf) - A [[NetFilter]] firewall command-line management tool similar to [[IPTables]]
* [[Advanced Port Scanner]] - A graphical port scanner for Windows which has the capability of identifying programs running on listening ports
* [[AirCrack-NG]] - A complete suite of tools to assess WiFi network security
* [[Angry IP Scanner]] - A port and host scanner for Windows.
* [[AutoRecon]] - A multi-threaded network reconnaisance tool intended to save time in penetration testing environments and CTFs

=== B ===

* [[Burp Suite|Burp Suite Community Edition]] - Web Application testing software
=== C ===

* [[Cain and Abel]] - A freely available Windows password sniffer and cracker

=== D ===

* [[dirb]] - A CLI [[Fuzzer|fuzzing tool]] for finding hidden web objects based on dictionary attacks
* [[dirb-gendict]] - A command line tool for generating dictionaries to be used with the above [[dirb]] tool
* [[DirBuster JF|DirBuster]] (James Fischer) - A Java-based, [[Fuzzer|fuzzing tool]] with a graphical interface used for finding hidden URIs/web resources
* [[DirBuster 1llusion|DirBuster]] (Mr1llusion) - A Python script [[Fuzzer|fuzzing tool]] used for finding hidden URIs/web resources from the command line

=== E ===

* [[EtherApe]] - A graphical network monitor and sniffer
* [[Ettercap]] - A suite of tools for Man-in-the-Middle (MITM) attacks

=== F ===

* [[ffuf - Fuzz Faster U Fool]] - A fast web [[fuzzer]] written in Go
* [[Firewall-cmd]] - The command-line client for the firewalld daemon
* [[Firewall builder]] - A no-longer-maintained graphical interface to manage Netfilter/iptables, ipfw, PF, Cisco PIX, and other firewall rules
* [[froggy]] - A subdomain enumeration tool

=== G ===

* [[Garud]] - An automated reconnaisance tool which enumerates a target and all sub-domains and finds low-hanging fruit
* [[GoBuster]] - A [[Brute Forcer|brute-forcing]] tool finding for hidden URIs, cloud hosts, DNS subdomains, and more
* [[Gufw]] - A graphical interface for managing [[Uncomplicated Firewall]] rules

=== H ===

* [[Hashcat]] - A multi-operating system, high-speed password recovery tool
* [[Hash Suite]] - A Windows-based high-performance password cracker
* [[httpx]] - A fast HTTP toolkit

=== I ===

* [[INetSim]] - A suite of tools for simulating Internet services to test network behavior of tools or unknown software
* [[IPTables]] - The userspace command line program used to configure Linux 2.4.x and later packet filtering rulesets

=== J ===

* [[John the Ripper]] - A multi-platform password cracker

=== K ===

* [[Kismet]] - A suite of tools for wireless sniffing, network and device detection, and wardriving

=== L ===

* [[L0phtCrack]] - An open-source password hash cracker
* [[Lynis]] - An open-source security auditing tool for Unix-based operating systems

=== M ===

* [[Maltego|Maltego Community Edition]] - An open-source intelligence and graphical link analysis tool
* [[MASSSCAN]] - An extremely high-speed port scanner. Most famously used for scanning the entire internet in mere minutes
* [[mdk3]] - A tool for exploiting common IEEE 802.11 protocol weaknesses
* [[Medusa]] - The massively speedy, highly parallel, modular login brute-forcing password cracker

=== N ===

* [[NCrack]] - A high-speed, multi-platform network authentication cracking tool
* [[NetCat]] - A networking utility which reads and writes data across network connections, using the [[wikipedia:Internet_protocol_suite|TCP/IP protocol]]
* [[NetStumbler]] - A Windows-based wireless network detection tool used for wardriving and WiFi mapping
* [[NFTables]] - The newer [[NetFilter]] userspace program replacing [[IPTables]] for Linux firewall management
* [[Nikto]] - A free command-line utility vulnerability scanner
* [[NMap]] - A network discovery and security auditing port/host scanner

=== O ===

* [[OpenVAS]] - A full-featured vulnerability scanner forked from the [[Nessus]] code base in 2006
* [[ophCrack]] - An open-source Windows-password cracking program
* [[Oracle VirtualBox]] - An open-source system virtualization tool
* [[OSSEC]] - A free Host Intrusion Detection System (HIDS) tool

=== P ===

* [[p0f]] - An open-source, passive-listening traffic fingerprinting tool for Unix-based systems
* [[PimpMyKali]] - A script for fixing Kali virtualized system problems
* [[Port Authority]] - An [https://www.android.com/ Android based], high-speed scanner that allows you to quickly discover hosts on your network and will display useful network information about your device and other hosts
* [[PortQry]] - A command-line port scanner which runs on Windows 2000 based servers
* [[PortQryUI]] - A graphical interface the the above-listed [[PortQry]] tool
* [[pwncat]] - A post-exploit tool for streamlining red team operations

=== Q ===

=== R ===

* [[Raccoon]] - An offensive security tool for reconnaissance and information gathering

=== S ===

* [[SMap]] - A command-line options compatible replacement for [[NMap]] powered for the [https://www.shodan.io/ Shodan] port scanning API
* [[Snort|Snort (Community Ruleset)]] - A free and open-source network intrusion detection system (NIDS) and intrusion prevention system (IPS)

=== T ===

* [[tcpdump]] - A powerful command-line packet analyzer
* [[TCP Port Scanner]] - An application that uses high-speed [[wikipedia:Transmission_Control_Protocol#Connection_establishment|SYN]] scanning to find open ports on a network
* [[Test My Defenses]] - A free website by ZScaler to test and advise on how to improve your protection against Ransomware
* [[THC-Hydra]] - A [[wikipedia:GNU_General_Public_License|GPLed]] proof-of-concept password cracking tool

=== U ===

* [[Uncomplicated Firewall]] (UFW) - A command-line tool for managing NetFilter firewalls, available in Ubuntu and Debian distributions
=== V ===

=== W ===

* [[Wfuzz]] - A [[Fuzzer|fuzzing tool]] for finding hidden web resources
* [[Wireshark]] - The world’s foremost, widely-used network protocol analyzer

=== X ===

=== Y ===

* [[Yuki Chan The Auto Pentest]] - A Linux-based automated penetration testing tool to audit standard security settings

=== Z ===

* [[ZAProxy|Zed Attack Proxy]] - The world's most widely used web application scanner

Ffuf - Fuzz Faster U Fool

2024-11-01T04:37:11Z

RagManX: Add help text output PDF and explainer text.

=== Description ===
[https://github.com/ffuf/ffuf Fuzz Faster U Fool] is a Go program used for [[Fuzzing definition|fuzzing]] HTTP GET and POST parameters. It is used for discovering elements and content within web applications, such as subdirectories or subdomains.

=== Tool Type ===

* [[Fuzzer]]

=== More Information ===

* [https://codingo.io/tools/ffuf/bounty/2020/09/17/everything-you-need-to-know-about-ffuf.html Everything you need to know about ffuf]
* A [https://www.youtube.com/watch?v=aN3Nayvd7FU video guide to using ffuf] from InsiderPhD on YouTube
{{#ev:youtube|aN3Nayvd7FU|667x400}}
* A video [https://www.youtube.com/watch?v=N1VurPV0s0o comparison and explainer on the differences] between ffuf and [[wfuzz]]
{{#ev:youtube|N1VurPV0s0o|667x400}}
* An [https://cybersecnerds.com/ffuf-everything-you-need-to-know/ installation and use guide] for ffuf
* And [https://mikekitckchan.medium.com/holy-ffuf-a-beginner-guide-to-fuzz-with-ffuf-4bc6a66b5391 one last guide to ffuf], this one designed for beginners to fuzzing

=== Sample Use/Screenshots ===

* Seen below is a run of '''ffuf''' targeted at a local [[Metasploitable]] virtual machine, with colorized output (-c option)
[[File:Ffuf-colorized-run.png|600px]]
* Here is the output from '''ffuf -h''', showing the standard command help printout
<pdf>File:Ffuf_standard_help_text.pdf</pdf>

=== Similar Tools ===

* [[DirB]]
* [[DirBuster JF|DirBuster]] (James Fischer)
* [[DirBuster 1lussion|DirBuster]] (Mr1llusion)
* [[wfuzz]]

File:Ffuf standard help text.pdf

2024-11-01T04:28:14Z

RagManX: Standard output from "ffuf -h" command run.

== Summary ==
Standard output from "ffuf -h" command run.

Ffuf - Fuzz Faster U Fool

2024-11-01T04:26:02Z

RagManX: /* Sample Use/Screenshots */ Playing with image display configuration

=== Description ===
[https://github.com/ffuf/ffuf Fuzz Faster U Fool] is a Go program used for [[Fuzzing definition|fuzzing]] HTTP GET and POST parameters. It is used for discovering elements and content within web applications, such as subdirectories or subdomains.

=== Tool Type ===

* [[Fuzzer]]

=== More Information ===

* [https://codingo.io/tools/ffuf/bounty/2020/09/17/everything-you-need-to-know-about-ffuf.html Everything you need to know about ffuf]
* A [https://www.youtube.com/watch?v=aN3Nayvd7FU video guide to using ffuf] from InsiderPhD on YouTube
{{#ev:youtube|aN3Nayvd7FU|667x400}}
* A video [https://www.youtube.com/watch?v=N1VurPV0s0o comparison and explainer on the differences] between ffuf and [[wfuzz]]
{{#ev:youtube|N1VurPV0s0o|667x400}}
* An [https://cybersecnerds.com/ffuf-everything-you-need-to-know/ installation and use guide] for ffuf
* And [https://mikekitckchan.medium.com/holy-ffuf-a-beginner-guide-to-fuzz-with-ffuf-4bc6a66b5391 one last guide to ffuf], this one designed for beginners to fuzzing

=== Sample Use/Screenshots ===

* Seen below is a run of '''ffuf''' targeted at a local Metasploitable virtual machine, with colorized output (-c option)
[[File:Ffuf-colorized-run.png|600px]]

=== Similar Tools ===

* [[DirB]]
* [[DirBuster JF|DirBuster]] (James Fischer)
* [[DirBuster 1lussion|DirBuster]] (Mr1llusion)
* [[wfuzz]]

Ffuf - Fuzz Faster U Fool

2024-11-01T04:25:13Z

RagManX: Clean up File insertion mistake which prevented from image from displaying.

=== Description ===
[https://github.com/ffuf/ffuf Fuzz Faster U Fool] is a Go program used for [[Fuzzing definition|fuzzing]] HTTP GET and POST parameters. It is used for discovering elements and content within web applications, such as subdirectories or subdomains.

=== Tool Type ===

* [[Fuzzer]]

=== More Information ===

* [https://codingo.io/tools/ffuf/bounty/2020/09/17/everything-you-need-to-know-about-ffuf.html Everything you need to know about ffuf]
* A [https://www.youtube.com/watch?v=aN3Nayvd7FU video guide to using ffuf] from InsiderPhD on YouTube
{{#ev:youtube|aN3Nayvd7FU|667x400}}
* A video [https://www.youtube.com/watch?v=N1VurPV0s0o comparison and explainer on the differences] between ffuf and [[wfuzz]]
{{#ev:youtube|N1VurPV0s0o|667x400}}
* An [https://cybersecnerds.com/ffuf-everything-you-need-to-know/ installation and use guide] for ffuf
* And [https://mikekitckchan.medium.com/holy-ffuf-a-beginner-guide-to-fuzz-with-ffuf-4bc6a66b5391 one last guide to ffuf], this one designed for beginners to fuzzing

=== Sample Use/Screenshots ===

* Seen below is a run of '''ffuf''' targeted at a local Metasploitable virtual machine, with colorized output (-c option)
[[File:Ffuf-colorized-run.png|600px||left]]

=== Similar Tools ===

* [[DirB]]
* [[DirBuster JF|DirBuster]] (James Fischer)
* [[DirBuster 1lussion|DirBuster]] (Mr1llusion)
* [[wfuzz]]

Ffuf - Fuzz Faster U Fool

2024-11-01T04:23:16Z

RagManX: Added screenshot showing actual run of ffuf

=== Description ===
[https://github.com/ffuf/ffuf Fuzz Faster U Fool] is a Go program used for [[Fuzzing definition|fuzzing]] HTTP GET and POST parameters. It is used for discovering elements and content within web applications, such as subdirectories or subdomains.

=== Tool Type ===

* [[Fuzzer]]

=== More Information ===

* [https://codingo.io/tools/ffuf/bounty/2020/09/17/everything-you-need-to-know-about-ffuf.html Everything you need to know about ffuf]
* A [https://www.youtube.com/watch?v=aN3Nayvd7FU video guide to using ffuf] from InsiderPhD on YouTube
{{#ev:youtube|aN3Nayvd7FU|667x400}}
* A video [https://www.youtube.com/watch?v=N1VurPV0s0o comparison and explainer on the differences] between ffuf and [[wfuzz]]
{{#ev:youtube|N1VurPV0s0o|667x400}}
* An [https://cybersecnerds.com/ffuf-everything-you-need-to-know/ installation and use guide] for ffuf
* And [https://mikekitckchan.medium.com/holy-ffuf-a-beginner-guide-to-fuzz-with-ffuf-4bc6a66b5391 one last guide to ffuf], this one designed for beginners to fuzzing

=== Sample Use/Screenshots ===

* Seen below is a run of '''ffuf''' targeted at a local Metasploitable virtual machine, with colorized output (-c option)
[[:File:Ffuf-colorized-run.png]]

=== Similar Tools ===

* [[DirB]]
* [[DirBuster JF|DirBuster]] (James Fischer)
* [[DirBuster 1lussion|DirBuster]] (Mr1llusion)
* [[wfuzz]]

File:Ffuf-colorized-run.png

2024-11-01T04:17:55Z

RagManX: Screenshot of ffuf run against Metasploitable server, with colorized output.

== Summary ==
Screenshot of ffuf run against Metasploitable server, with colorized output.

Note-taking applications

2024-10-31T16:29:28Z

RagManX: Add "AnyType" editor internal link

Note-taking is such an important part of information security that it is hard to advance your skills without a good note-taking application. I'm still finding which one suits me best, but below are all the tools I'm working with or reading about in an attempt to find what best suits my style. I will point out that there are many, many more note-taking applications than these listed. I am simply starting with the list of tools I have used or will be trying out.

* [[Joplin]]
* [[Obsidian]]
* [[CherryTree]]
* [[Trilium Notes]]
* [[Microsoft OneNote]]
* [[SimpleNote]]
* [[Notion]]
* [[Zim]]
* [[Evernote]]
* [[AnyType]]

NMap

2024-10-30T19:49:16Z

RagManX: Put PDF on line below mention of the file.

=== Description ===
The [[SecurityTools:About|inspiration behind this wiki]], [https://nmap.org/ NMap is a port and host scanning tool] which rapidly and relatively safely scans networked systems for security auditing purposes. It supports variable scanning speeds, host operating system (OS) detection, and a vibrant support community which helps improve the tool regularly. NMap runs on all major operating systems and includes a [https://nmap.org/zenmap/ graphical scan management tool] for GUI-based systems.

=== Tool Type ===

* [[Port Scanner]]

=== More Information ===

* [https://www.udemy.com/course/the-complete-nmap-ethical-hacking-course-network-security/ The Complete NMap Ethical Hacking course] on Udemy - A video guide to getting the most out of NMap from StationX's Nathan House
* A [https://www.freecodecamp.org/news/what-is-nmap-and-how-to-use-it-a-tutorial-for-the-greatest-scanning-tool-of-all-time/ short tutorial on running NMap] from FreeCodeCamp
* [https://www.tutorialspoint.com/nmap-cheat-sheet An NMap cheat sheet], collecting the most common flags into a shortened guide
* The [https://www.amazon.com/Nmap-Network-Scanning-Official-Discovery/dp/0979958717/?tag=securitytoo08-20 official NMap scanning guide book]
* Another [http://hackingdefined.org/ NMap cheat sheet from HackingDefined] that's worth checking out
<pdf>File:nmap-cheat-sheet.pdf</pdf>

=== Similar Tools ===

* [[Advanced Port Scanner]]
* [[Angry IP Scanner]]
* [[MASSSCAN]]
* [[NetCat]]
* [[Network Scanner]]
* [[Port Authority]]
* [[PortQry]] and [[PortQryUI]]
* [[SMap]]
* [[TCP Port Scanner]]

Books

2024-10-30T16:27:51Z

RagManX: /* E */ Remove online Ethical Hacking guide-book, as site is now defunct.

A non-exhaustive list of books covering a broad range of subjects which will interest security learners and practitioners.

=== A ===

* [https://nostarch.com/bughunter A Bug Hunter's Diary] - No longer available from the publisher as a printed book, this e-book is a guide to finding and testing bugs in the applications we run and the security implications of those bugs.

=== B ===

* [https://www.amazon.com/Basics-Hacking-Penetration-Testing-Ethical/dp/0124116442/?tag=securitytoo08-20 The Basics of Hacking and Penetration Testing, 2nd Edition] - An introduction to the steps used in performing a penetration test or practicing ethical hacking.
* [https://amzn.to/3vLTL7s Blue Team Field Manual (BTFM)] - A Cybersecurity Incident Response Guide that aligns with the NIST Cybersecurity Framework.

=== C ===

* [https://www.amazon.com/CompTIA-Security-Certification-Guide-SY0-601/dp/1260464008/?tag=securitytoo08-20 CompTIA Security+ All-in-One Exam Guide, 6th Edition] - A complete guide to studying for and passing your CompTIA Security+ certification test.
* [https://github.com/opsdisk/the_cyber_plumbers_handbook/ The Cyber Plumber's Handbook] - The definitive guide to Secure Shell (SSH) tunneling, port redirection, and bending traffic like a boss, plus a purchasable [https://opsdisk.gumroad.com/l/cphlab lab guide and hands-on interactive lab] for practicing what you learn.

=== D ===

=== E ===

=== F ===

* [https://www.amazon.com/exec/obidos/ASIN/0321268172/?tag=securitytoo08-20 File System Forensic Analysis] - An in-depth guide to the specifics of file systems and low-level forensic analysis.
* [https://link.springer.com/book/10.1007/978-1-4842-6189-7 Firewalls Don't Stop Dragons] - A step-by-step guide to computer security and privacy for non-techies.

=== G ===

* [https://www.amazon.com/gp/product/B081Y5262X/?tag=securitytoo08-20 Getting Started Becoming the Master Hacker] - OccupyTheWeb's guide to all things hacking. It introduces the reader to the basics needed to become a master hacker. (Also available at OTW's [https://www.hackers-arise.com/online-store Hacker's Arise online store]).
* [https://nostarch.com/GhidraBook The Ghidra Book] - A comprehensive guide to the NSA's reverse-engineering tool (also [https://www.amazon.com/Ghidra-Book-Definitive-Guide/dp/1718501021/?tag=securitytoo08-20 available from Amazon]).

=== H ===

* [https://www.amazon.com/Hacker-Playbook-3-Book/dp/B0883B694R/?tag=securitytoo08-20 The Hacker Playbook (3 book collection)] - A step-by-step guide to the “game” of penetration hacking that features hands-on examples and helpful advice from the top of the field. I have all three books, and each is worth getting.
* [https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441/?tag=securitytoo08-20 Hacking, the Art of Exploitation, 2nd Edition] - A hacker's guide to programming and then using that knowledge to exploit applications as well as cover your tracks and break into wireless networks.
* [https://nostarch.com/cybersecurityreallyworks How Cybersecurity Really Works] - A beginner's guide to the basics of security without being too technical.

=== I ===

=== J ===

=== K ===

=== L ===

* [https://www.amazon.com/Linux-Basics-Hackers-Networking-Scripting/dp/1593278551/ Linux Basics for Hackers] - A guidebook to learning the basics of Linux a hacker needs to know, through working with [[Kali Linux]].

=== M ===

* [https://www.amazon.com/Metasploit-Penetration-Testers-David-Kennedy/dp/159327288X/?tag=securitytoo08-20 Metasploit: The Penetration Tester's Guide] - The authoritative guide to the [[Metasploit|Metasploit Framework]] (also [https://nostarch.com/metasploit available directly from the publisher]).

=== N ===

* [https://www.amazon.com/Nmap-Network-Scanning-Official-Discovery/dp/0979958717/ Nmap Network Scanning]: The Official Nmap Project Guide to Network Discovery and Security Scanning - The definitive guide to [[nmap]], but the tool's author, Fyoder.

=== O ===

* [https://www.amazon.com/Open-Source-Intelligence-Techniques-Information/dp/B08RRDTFF9/?tag=securitytoo08-20 Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information] - Yes, the title is a mouhtful. This is one of the top books on OSInt practices.

=== P ===

* [https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641/?tag=securitytoo08-20 Penetration Testing: A Hand-On Introduction to Hacking] - An introduction to the core skills and techniques that every pentester needs (also [https://nostarch.com/pentesting available directly from the publisher]).
* [https://www.amazon.com/Practical-Packet-Analysis-Wireshark-Real-World/dp/1593278020/?tag=securitytoo08-20 Practical Packet Analysis, 3rd Edition: Using Wireshark to Solve Real-World Network Problems] - A guide to making sense of [[Wireshark]] packet captures, IPv6 and SMTP, plus help on the powerful command line packet analyzers [[tcpdump]] and TShark.
* [https://nostarch.com/nsm The Practice of Network Security Monitoring] - A detailed manual on what to watch for to help you detect and defend against intrusions on your network.
* [https://amzn.to/3vNBlDi Purple Team Field Manual (PTFM)] - The purple team field manual is a manual for all security professionals and integrates red and blue team methodologies.

=== Q ===

=== R ===

* [https://nostarch.com/bughunting Real-World Bug Hunting] - A hands-on guide to discovering and misusing software bugs.
* [https://amzn.to/3vKTDFm Red Team Field Manual (RTFM)] - A thorough reference guide for serious Red Team members who routinely find themselves on a mission without Google or the time to scan through a man page.

=== S ===

=== T ===

* [https://www.amazon.com/Tribe-Hackers-Blue-Team-Cybersecurity-ebook/dp/B08GC1QHGY/?tag=securitytoo08-20 Tribe of Hackers Blue Team] - A guide to defensive security from some of the biggest names in the field.
* [https://www.amazon.com/Tribe-Hackers-Red-Team-Cybersecurity/dp/1119643325/?tag=securitytoo08-20 Tribe of Hackers Red Team] - A guide to offensive security from some of the biggest names in the field.
* [https://www.amazon.com/Tribe-Hackers-Security-Leaders-Cybersecurity/dp/1119643775/?tag=securitytoo08-20 Tribe of Hackers Security Leaders] - A guide to what CISSPs, CISOs, and other security leaders need to know to build solid cybersecurity teams and keep organizations secure.

=== U ===

=== V ===

=== W ===

* [https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470/?tag=securitytoo08-20 The Web Application Hacker's Handbook, 2nd Edition] - Your guide to finding and exploiting vulnerabilities in online applications.
* [https://amzn.to/2XTBrwQ Wireshark 101: Essential Skills for Network Analysis - 2nd Edition] - Step-by-step instructions on the key functions and features of Wireshark.

=== X ===

=== Y ===

=== Z ===

Ffuf - Fuzz Faster U Fool

2024-03-31T21:31:38Z

RagManX: Fix video window location layout.

=== Description ===
[https://github.com/ffuf/ffuf Fuzz Faster U Fool] is a Go program used for [[Fuzzing definition|fuzzing]] HTTP GET and POST parameters. It is used for discovering elements and content within web applications, such as subdirectories or subdomains.

=== Tool Type ===

* [[Fuzzer]]

=== More Information ===

* [https://codingo.io/tools/ffuf/bounty/2020/09/17/everything-you-need-to-know-about-ffuf.html Everything you need to know about ffuf]
* A [https://www.youtube.com/watch?v=aN3Nayvd7FU video guide to using ffuf] from InsiderPhD on YouTube
{{#ev:youtube|aN3Nayvd7FU|667x400}}
* A video [https://www.youtube.com/watch?v=N1VurPV0s0o comparison and explainer on the differences] between ffuf and [[wfuzz]]
{{#ev:youtube|N1VurPV0s0o|667x400}}
* An [https://cybersecnerds.com/ffuf-everything-you-need-to-know/ installation and use guide] for ffuf
* And [https://mikekitckchan.medium.com/holy-ffuf-a-beginner-guide-to-fuzz-with-ffuf-4bc6a66b5391 one last guide to ffuf], this one designed for beginners to fuzzing

=== Sample Use/Screenshots ===

* Coming soon

=== Similar Tools ===

* [[DirB]]
* [[DirBuster JF|DirBuster]] (James Fischer)
* [[DirBuster 1lussion|DirBuster]] (Mr1llusion)
* [[wfuzz]]

AutoRecon

2024-03-31T21:30:02Z

RagManX: Correct Video screen layout locations.

=== Description ===
[https://github.com/Tib3rius/AutoRecon AutoRecon] is a [https://www.python.org/ Python]-based network reconnaissance tool which automates target service enumeration. Intended as a time-saving tool for pentesting environments, AutoRecon performs port- and service-detection scans as well as deeper service enumeration on listening ports.

=== Tool Type ===

* [[Reconnaissance|Reconnaissance Tool]]

=== More Information ===

* A video guide to [https://www.youtube.com/watch?v=m5Onw7XedHc using AutoRecon from the tool's creator]:
{{#ev:youtube|m5Onw7XedHc|667x480}}
* Another video [https://www.youtube.com/watch?v=t5RK3hW4zOI guide to using AutoRecon] effectively:
{{#ev:youtube|t5RK3hW4zOI|667x480}}
* A short guide to [https://latesthackingnews.com/2019/08/04/autorecon-an-open-source-enumeration-tool/ downloading and using] AutoRecon

=== Similar Tools ===

* [[Reconnoitre]]
* [[ReconScan]]
* [[bscan]]

Snort

2023-10-02T02:49:10Z

RagManX: Added Screenshots and Similar Tools section, plus one additional More Information link

=== Description ===
[https://snort.org/ Snort] is the foremost open-source Intrusion Prevention System ([[IPS]]) in the world. It is an intrusion prevention system capable of real-time traffic analysis and packet logging. Snort is freely downloadable from [https://snort.org/ the Snort home page], with the difference between the free and commercial versions being the rulesets used by the tool. [https://snort.org/products#rule_subscriptions Ruleset annual pricing] is $29.99 for individuals or $399 per sensor for businesses. You can run a Snort sensor on the community ruleset, but you get the latest updates 30 days after paid subscribers do.

=== Tool Type ===

* [[Intrusion Prevention System|Intrusion Prevention System (IPS)]]
* [[Intrusion Detection System|Intrusion Detection System (IDS)]]
* [[Network protocol analyzer]]

=== More Information ===

* Your starting point for rule creation, tool installation, and troubleshooting documentation is [https://snort.org/documents the official Snort documentation page]
* Learn more about creating rules with [https://resources.infosecinstitute.com/topic/snort-rules-workshop-part-one/ this step-by-step illustrated guide], including a tip for viewing packet captures via [[Wireshark]]
* Another guide to [https://linuxhint.com/intrusion_detection_snort_tutorial/ installing and configuring Snort and all the necessary support tools] from LinuxHint
* A tutorial on how to [https://www.hackers-arise.com/post/2018/11/16/snort-basics-how-to-read-and-write-snort-rules-part-1 read and write Snort rules], focusing on learning how to evade the system
* [https://kalilinuxtutorials.com/how-to-use-snort/ Another guide to running Snort], whether as an Intrusion Prevention System or a simple packet sniffer

=== Sample Use/Screenshots ===

* [[File:Snort Man Page Intro.png|alt=Snort man page|none|thumb|Snort man page]]Here is the man page's opening, showing just the available options for running Snort
* [[File:Snort alert fast sample logfile.png|none|thumb]]A sample of /var/log/snort/snort.alert.fast output from a recently started Snort instance

* [[File:Snort bad traffic rules.png|alt=Snort bad traffic default rules|none|thumb|Snort bad traffic rules]]A sample of Snort rules, this from the bad-traffic default rules

=== Similar Tools ===

* [[AIDE]]
* [[ESET Protect Advanced]]
* [[OSSEC]]
* [[SolarWinds Security Event Manager]]
* [[Zeek]]

File:Snort bad traffic rules.png

2023-10-02T02:37:28Z

RagManX:

Snort bad traffic rules

File:Snort alert fast sample logfile.png

2023-10-02T02:29:53Z

RagManX:

snort.alert.fast logfile sample

File:Snort Man Page Intro.png

2023-10-02T02:26:05Z

RagManX:

Screenshot of the Snort man page

SMap

2023-09-28T01:38:36Z

RagManX: /* More Information */ Add inline YouTube video for SMap introduction.

=== Description ===

[https://github.com/0xSojalSec/Smap-shodan SMap] is a drop-in replacement for [[NMap]] which uses the same command line options and generates the same style output as NMap. The difference is SMap uses [https://www.shodan.io Shodan's] free scanning API to gather its data, which means no actual contact with the target system(s) occurs. Since SMap uses the same command line options, you can use variable scanning speeds and host operating system (OS) detection just like you can with NMap. Additionally, only the command line flags -p, -h, -o*, and -iL are actually recognized and used. All other flags are ignored.

=== Tool Type ===

* [[Port Scanner]]

=== More Information ===

* The [https://github.com/0xSojalSec/Smap-shodan/blob/main/README.md README Usage section] for SMap, offering sample scan options
* A [https://github.com/0xSojalSec/Smap-shodan#usage list of considerations] to think about before using SMap instead of NMap
* A slightly [https://a-arich.com/ficavawu/smap-a-drop-in-replacement-for-nmap-powered-by-shodan-io/?ref=rp more in-depth guide] on getting SMap installed, up, and running on a Linux system
* An [https://allabouttesting.org/nmap-cheat-sheet/ NMap cheat sheet] which is also mostly applicable to SMap
* A complete list of [https://api.shodan.io/shodan/ports the 1237 ports SMap scans] by default
* A video [https://www.youtube.com/watch?v=PYVml5MF44A&pp=ygULc2hvZGFuIHNtYXA%3D introduction to SMap] {{#ev:youtube|PYVml5MF44A|667x400}}

=== Similar Tools ===

* [[Advanced Port Scanner]]
* [[Angry IP Scanner]]
* [[MASSSCAN]]
* [[NetCat]]
* [[NetScanTools Pro]]
* [[Network Scanner]]
* [[Port Authority]]
* [[PortQry]] and [[PortQryUI]]
* [[TCP Port Scanner]]

SMap

2023-09-28T01:37:50Z

RagManX: Expand on tool functionality/description, add more "More Information"

=== Description ===

[https://github.com/0xSojalSec/Smap-shodan SMap] is a drop-in replacement for [[NMap]] which uses the same command line options and generates the same style output as NMap. The difference is SMap uses [https://www.shodan.io Shodan's] free scanning API to gather its data, which means no actual contact with the target system(s) occurs. Since SMap uses the same command line options, you can use variable scanning speeds and host operating system (OS) detection just like you can with NMap. Additionally, only the command line flags -p, -h, -o*, and -iL are actually recognized and used. All other flags are ignored.

=== Tool Type ===

* [[Port Scanner]]

=== More Information ===

* The [https://github.com/0xSojalSec/Smap-shodan/blob/main/README.md README Usage section] for SMap, offering sample scan options
* A [https://github.com/0xSojalSec/Smap-shodan#usage list of considerations] to think about before using SMap instead of NMap
* A slightly [https://a-arich.com/ficavawu/smap-a-drop-in-replacement-for-nmap-powered-by-shodan-io/?ref=rp more in-depth guide] on getting SMap installed, up, and running on a Linux system
* An [https://allabouttesting.org/nmap-cheat-sheet/ NMap cheat sheet] which is also mostly applicable to SMap
* A complete list of [https://api.shodan.io/shodan/ports the 1237 ports SMap scans] by default
* A video [https://www.youtube.com/watch?v=PYVml5MF44A&pp=ygULc2hvZGFuIHNtYXA%3D introduction to SMap]

=== Similar Tools ===

* [[Advanced Port Scanner]]
* [[Angry IP Scanner]]
* [[MASSSCAN]]
* [[NetCat]]
* [[NetScanTools Pro]]
* [[Network Scanner]]
* [[Port Authority]]
* [[PortQry]] and [[PortQryUI]]
* [[TCP Port Scanner]]

Ffuf - Fuzz Faster U Fool

2023-09-27T23:35:33Z

RagManX: Change Tool Type from Web Fuzzer to Fuzzer, add DirB to Similar Tools.

=== Description ===
[https://github.com/ffuf/ffuf Fuzz Faster U Fool] is a Go program used for [[Fuzzing definition|fuzzing]] HTTP GET and POST parameters. It is used for discovering elements and content within web applications, such as subdirectories or subdomains.

=== Tool Type ===

* [[Fuzzer]]

=== More Information ===

* [https://codingo.io/tools/ffuf/bounty/2020/09/17/everything-you-need-to-know-about-ffuf.html Everything you need to know about ffuf]
* A [https://www.youtube.com/watch?v=aN3Nayvd7FU video guide to using ffuf] from InsiderPhD on YouTube {{#ev:youtube|aN3Nayvd7FU|667x400}}
* A video [https://www.youtube.com/watch?v=N1VurPV0s0o comparison and explainer on the differences] between ffuf and [[wfuzz]] {{#ev:youtube|N1VurPV0s0o|667x400}}
* An [https://cybersecnerds.com/ffuf-everything-you-need-to-know/ installation and use guide] for ffuf
* And [https://mikekitckchan.medium.com/holy-ffuf-a-beginner-guide-to-fuzz-with-ffuf-4bc6a66b5391 one last guide to ffuf], this one designed for beginners to fuzzing

=== Sample Use/Screenshots ===

* Coming soon

=== Similar Tools ===

* [[DirB]]
* [[DirBuster JF|DirBuster]] (James Fischer)
* [[DirBuster 1lussion|DirBuster]] (Mr1llusion)
* [[wfuzz]]

Tool Types

2023-09-27T23:32:53Z

RagManX: Change "Web Fuzzer" to "Fuzzer", move its location in the list.

===Tool Types ===
*[[Disassembler]]
*[[Fuzzer]]
*[[Intrusion Prevention System (IPS)]]
*[[Intrusion Detection System (IDS)]]
*[[Network protocol analyzer]]
*[[Packet Filter]]
*[[Password Cracker]]
*[[Port Scanner]]
*[[Virtualization]]
*[[Vulnerability Scanner]]
*[[Web Proxy]]

Free and Open-Source Software

2023-09-27T23:01:17Z

RagManX: Change all references to "Web Fuzzer" to "Fuzzer" and change text description to "fuzzing tool"

Free and Open-Source Software ([[FOSS]]) is software that is [[wikipedia:Free_software|Free Software]] and [[wikipedia:Open-source_software|Open-Source Software]]. There is so much FOSS in the security domain that I believe this warrants its own wiki page.

=== A ===

* [[Advanced Policy Firewall]] (apf) - A [[NetFilter]] firewall command-line management tool similar to [[IPTables]]
* [[Advanced Port Scanner]] - A graphical port scanner for Windows which has the capability of identifying programs running on listening ports
* [[AirCrack-NG]] - A complete suite of tools to assess WiFi network security
* [[Angry IP Scanner]] - A port and host scanner for Windows.
* [[AutoRecon]] - A multi-threaded network reconnaisance tool intended to save time in penetration testing environments and CTFs

=== B ===

* [[Burp Suite|Burp Suite Community Edition]] - Web Application testing software
=== C ===

* [[Cain and Abel]] - A freely available Windows password sniffer and cracker

=== D ===

* [[dirb]] - A CLI [[Fuzzer|fuzzing t]]<nowiki/>[[Fuzzer|ool]] for finding hidden web objects based on dictionary attacks
* [[dirb-gendict]] - A command line tool for generating dictionaries to be used with the above [[dirb]] tool
* [[DirBuster JF|DirBuster]] (James Fischer) - A Java-based, [[Fuzzer|fuzzing tool]] with a graphical interface used for finding hidden URIs/web resources
* [[DirBuster 1llusion|DirBuster]] (Mr1llusion) - A Python script [[Fuzzer|fuzzing tool]] used for finding hidden URIs/web resources from the command line

=== E ===

* [[EtherApe]] - A graphical network monitor and sniffer
* [[Ettercap]] - A suite of tools for Man-in-the-Middle (MITM) attacks

=== F ===

* [[ffuf - Fuzz Faster U Fool]] - A fast web [[fuzzer]] written in Go
* [[Firewall-cmd]] - The command-line client for the firewalld daemon
* [[Firewall builder]] - A no-longer-maintained graphical interface to manage Netfilter/iptables, ipfw, PF, Cisco PIX, and other firewall rules
* [[froggy]] - A subdomain enumeration tool

=== G ===

* [[Garud]] - An automated reconnaisance tool which enumerates a target and all sub-domains and finds low-hanging fruit
* [[GoBuster]] - A [[Brute Forcer|brute-forcing]] tool finding for hidden URIs, cloud hosts, DNS subdomains, and more
* [[Gufw]] - A graphical interface for managing [[Uncomplicated Firewall]] rules

=== H ===

* [[Hashcat]] - A multi-operating system, high-speed password recovery tool
* [[Hash Suite]] - A Windows-based high-performance password cracker
* [[httpx]] - A fast HTTP toolkit

=== I ===

* [[INetSim]] - A suite of tools for simulating Internet services to test network behavior of tools or unknown software
* [[IPTables]] - The userspace command line program used to configure Linux 2.4.x and later packet filtering rulesets

=== J ===

* [[John the Ripper]] - A multi-platform password cracker

=== K ===

* [[Kismet]] - A suite of tools for wireless sniffing, network and device detection, and wardriving

=== L ===

* [[L0phtCrack]] - An open-source password hash cracker
* [[Lynis]] - An open-source security auditing tool for Unix-based operating systems

=== M ===

* [[Maltego|Maltego Community Edition]] - An open-source intelligence and graphical link analysis tool
* [[MASSSCAN]] - An extremely high-speed port scanner. Most famously used for scanning the entire internet in mere minutes
* [[mdk3]] - A tool for exploiting common IEEE 802.11 protocol weaknesses
* [[Medusa]] - The massively speedy, highly parallel, modular login brute-forcing password cracker

=== N ===

* [[NCrack]] - A high-speed, multi-platform network authentication cracking tool
* [[NetCat]] - A networking utility which reads and writes data across network connections, using the [[wikipedia:Internet_protocol_suite|TCP/IP protocol]]
* [[NetStumbler]] - A Windows-based wireless network detection tool used for wardriving and WiFi mapping
* [[NFTables]] - The newer [[NetFilter]] userspace program replacing [[IPTables]] for Linux firewall management
* [[Nikto]] - A free command-line utility vulnerability scanner
* [[NMap]] - A network discovery and security auditing port/host scanner

=== O ===

* [[OpenVAS]] - A full-featured vulnerability scanner forked from the [[Nessus]] code base in 2006
* [[ophCrack]] - An open-source Windows-password cracking program
* [[Oracle VirtualBox]] - An open-source system virtualization tool
* [[OSSEC]] - A free Host Intrusion Detection System (HIDS) tool

=== P ===

* [[p0f]] - An open-source, passive-listening traffic fingerprinting tool for Unix-based systems
* [[PimpMyKali]] - A script for fixing Kali virtualized system problems
* [[Port Authority]] - An [https://www.android.com/ Android based], high-speed scanner that allows you to quickly discover hosts on your network and will display useful network information about your device and other hosts
* [[PortQry]] - A command-line port scanner which runs on Windows 2000 based servers
* [[PortQryUI]] - A graphical interface the the above-listed [[PortQry]] tool
* [[pwncat]] - A post-exploit tool for streamlining red team operations

=== Q ===

=== R ===

* [[Raccoon]] - An offensive security tool for reconnaissance and information gathering

=== S ===

* [[SMap]] - A command-line options compatible replacement for [[NMap]] powered for the [https://www.shodan.io/ Shodan] port scanning API
* [[Snort|Snort (Community Ruleset)]] - A free and open-source network intrusion detection system (NIDS) and intrusion prevention system (IPS)

=== T ===

* [[tcpdump]] - A powerful command-line packet analyzer
* [[TCP Port Scanner]] - An application that uses high-speed [[wikipedia:Transmission_Control_Protocol#Connection_establishment|SYN]] scanning to find open ports on a network
* [[Test My Defenses]] - A free website by ZScaler to test and advise on how to improve your protection against Ransomware
* [[THC-Hydra]] - A [[wikipedia:GNU_General_Public_License|GPLed]] proof-of-concept password cracking tool

=== U ===

* [[Uncomplicated Firewall]] (UFW) - A command-line tool for managing NetFilter firewalls, available in Ubuntu and Debian distributions
=== V ===

=== W ===

* [[Wfuzz]] - A [[Fuzzer|fuzzing tool]] for finding hidden web resources
* [[Wireshark]] - The world’s foremost, widely-used network protocol analyzer

=== X ===

=== Y ===

* [[Yuki Chan The Auto Pentest]] - A Linux-based automated penetration testing tool to audit standard security settings

=== Z ===

* [[ZAProxy|Zed Attack Proxy]] - The world's most widely used web application scanner

Cain and Abel

2023-09-27T22:53:11Z

RagManX: Changed latest release timing from hard-coded "8 years ago" to more general April 2014, which is still accurate.

=== Description ===
[https://web.archive.org/web/20190603235413/http://www.oxid.it/cain.html Cain and Abel] is a no-longer-developed [[Free and Open-Source Software|freeware]] password recovery tool for Windows. The last stable version, released April 2014, is version 4.9.56.

=== Tool Type ===

* [[Password Cracker]]

=== More Information ===

===Similar tools===

* [[Hash Suite]]
* [[John the Ripper]]
* [[L0phtCrack]]
* [[Medusa]]
* [[NCrack]]
* [[ophCrack]]
* [[THC-Hydra]]

Free and Open-Source Software

2023-09-27T20:49:40Z

RagManX: Add multiple fuzzers and internal links under the letter "D"

Free and Open-Source Software ([[FOSS]]) is software that is [[wikipedia:Free_software|Free Software]] and [[wikipedia:Open-source_software|Open-Source Software]]. There is so much FOSS in the security domain that I believe this warrants its own wiki page.

=== A ===

* [[Advanced Policy Firewall]] (apf) - A [[NetFilter]] firewall command-line management tool similar to [[IPTables]]
* [[Advanced Port Scanner]] - A graphical port scanner for Windows which has the capability of identifying programs running on listening ports
* [[AirCrack-NG]] - A complete suite of tools to assess WiFi network security
* [[Angry IP Scanner]] - A port and host scanner for Windows.
* [[AutoRecon]] - A multi-threaded network reconnaisance tool intended to save time in penetration testing environments and CTFs

=== B ===

* [[Burp Suite|Burp Suite Community Edition]] - Web Application testing software
=== C ===

* [[Cain and Abel]] - A freely available Windows password sniffer and cracker

=== D ===

* [[dirb]] - A CLI [[web fuzze]]<nowiki/>r for finding hidden web objects based on dictionary attacks
* [[dirb-gendict]] - A command line tool for generating dictionaries to be used with the above [[dirb]] tool
* [[DirBuster JF|DirBuster]] (James Fischer) - A Java-based, [[web fuzzer]] with a graphical interface used for finding hidden URIs/web resources
* [[DirBuster 1llusion|DirBuster]] (Mr1llusion) - A Python script [[web fuzzer]] used for finding hidden URIs/web resources from the command line

=== E ===

* [[EtherApe]] - A graphical network monitor and sniffer
* [[Ettercap]] - A suite of tools for Man-in-the-Middle (MITM) attacks

=== F ===

* [[ffuf - Fuzz Faster U Fool]] - A fast web fuzzer written in Go
* [[Firewall-cmd]] - The command-line client for the firewalld daemon
* [[Firewall builder]] - A no-longer-maintained graphical interface to manage Netfilter/iptables, ipfw, PF, Cisco PIX, and other firewall rules
* [[froggy]] - A subdomain enumeration tool

=== G ===

* [[Garud]] - An automated reconnaisance tool which enumerates a target and all sub-domains and finds low-hanging fruit
* [[GoBuster]] - A [[Brute Forcer|brute-forcing]] tool finding for hidden URIs, cloud hosts, DNS subdomains, and more
* [[Gufw]] - A graphical interface for managing [[Uncomplicated Firewall]] rules

=== H ===

* [[Hashcat]] - A multi-operating system, high-speed password recovery tool
* [[Hash Suite]] - A Windows-based high-performance password cracker
* [[httpx]] - A fast HTTP toolkit

=== I ===

* [[INetSim]] - A suite of tools for simulating Internet services to test network behavior of tools or unknown software
* [[IPTables]] - The userspace command line program used to configure Linux 2.4.x and later packet filtering rulesets

=== J ===

* [[John the Ripper]] - A multi-platform password cracker

=== K ===

* [[Kismet]] - A suite of tools for wireless sniffing, network and device detection, and wardriving

=== L ===

* [[L0phtCrack]] - An open-source password hash cracker
* [[Lynis]] - An open-source security auditing tool for Unix-based operating systems

=== M ===

* [[Maltego|Maltego Community Edition]] - An open-source intelligence and graphical link analysis tool
* [[MASSSCAN]] - An extremely high-speed port scanner. Most famously used for scanning the entire internet in mere minutes
* [[mdk3]] - A tool for exploiting common IEEE 802.11 protocol weaknesses
* [[Medusa]] - The massively speedy, highly parallel, modular login brute-forcing password cracker

=== N ===

* [[NCrack]] - A high-speed, multi-platform network authentication cracking tool
* [[NetCat]] - A networking utility which reads and writes data across network connections, using the [[wikipedia:Internet_protocol_suite|TCP/IP protocol]]
* [[NetStumbler]] - A Windows-based wireless network detection tool used for wardriving and WiFi mapping
* [[NFTables]] - The newer [[NetFilter]] userspace program replacing [[IPTables]] for Linux firewall management
* [[Nikto]] - A free command-line utility vulnerability scanner
* [[NMap]] - A network discovery and security auditing port/host scanner

=== O ===

* [[OpenVAS]] - A full-featured vulnerability scanner forked from the [[Nessus]] code base in 2006
* [[ophCrack]] - An open-source Windows-password cracking program
* [[Oracle VirtualBox]] - An open-source system virtualization tool
* [[OSSEC]] - A free Host Intrusion Detection System (HIDS) tool

=== P ===

* [[p0f]] - An open-source, passive-listening traffic fingerprinting tool for Unix-based systems
* [[PimpMyKali]] - A script for fixing Kali virtualized system problems
* [[Port Authority]] - An [https://www.android.com/ Android based], high-speed scanner that allows you to quickly discover hosts on your network and will display useful network information about your device and other hosts
* [[PortQry]] - A command-line port scanner which runs on Windows 2000 based servers
* [[PortQryUI]] - A graphical interface the the above-listed [[PortQry]] tool
* [[pwncat]] - A post-exploit tool for streamlining red team operations

=== Q ===

=== R ===

* [[Raccoon]] - An offensive security tool for reconnaissance and information gathering

=== S ===

* [[SMap]] - A command-line options compatible replacement for [[NMap]] powered for the [https://www.shodan.io/ Shodan] port scanning API
* [[Snort|Snort (Community Ruleset)]] - A free and open-source network intrusion detection system (NIDS) and intrusion prevention system (IPS)

=== T ===

* [[tcpdump]] - A powerful command-line packet analyzer
* [[TCP Port Scanner]] - An application that uses high-speed [[wikipedia:Transmission_Control_Protocol#Connection_establishment|SYN]] scanning to find open ports on a network
* [[Test My Defenses]] - A free website by ZScaler to test and advise on how to improve your protection against Ransomware
* [[THC-Hydra]] - A [[wikipedia:GNU_General_Public_License|GPLed]] proof-of-concept password cracking tool

=== U ===

* [[Uncomplicated Firewall]] (UFW) - A command-line tool for managing NetFilter firewalls, available in Ubuntu and Debian distributions
=== V ===

=== W ===

* [[Wfuzz]] - A web application security assessment tool
* [[Wireshark]] - The world’s foremost, widely-used network protocol analyzer

=== X ===

=== Y ===

* [[Yuki Chan The Auto Pentest]] - A Linux-based automated penetration testing tool to audit standard security settings

=== Z ===

* [[ZAProxy|Zed Attack Proxy]] - The world's most widely used web application scanner

Ffuf - Fuzz Faster U Fool

2023-09-27T20:35:20Z

RagManX: Add /* Sample Use */ and /* Similar Tools */ sections with minor content.

=== Description ===
[https://github.com/ffuf/ffuf Fuzz Faster U Fool] is a Go program used for [[Fuzzing definition|fuzzing]] HTTP GET and POST parameters. It is used for discovering elements and content within web applications, such as subdirectories or subdomains.

=== Tool Type ===

* [[Web fuzzer]]

=== More Information ===

* [https://codingo.io/tools/ffuf/bounty/2020/09/17/everything-you-need-to-know-about-ffuf.html Everything you need to know about ffuf]
* A [https://www.youtube.com/watch?v=aN3Nayvd7FU video guide to using ffuf] from InsiderPhD on YouTube {{#ev:youtube|aN3Nayvd7FU|667x400}}
* A video [https://www.youtube.com/watch?v=N1VurPV0s0o comparison and explainer on the differences] between ffuf and [[wfuzz]] {{#ev:youtube|N1VurPV0s0o|667x400}}
* An [https://cybersecnerds.com/ffuf-everything-you-need-to-know/ installation and use guide] for ffuf
* And [https://mikekitckchan.medium.com/holy-ffuf-a-beginner-guide-to-fuzz-with-ffuf-4bc6a66b5391 one last guide to ffuf], this one designed for beginners to fuzzing

=== Sample Use/Screenshots ===

* Coming soon

=== Similar Tools ===

* [[DirB|DirBuster]] (James Fischer)
* [[DirBuster]] (Mr1llusion)
* [[wfuzz]]

Burp Suite

2023-09-25T14:05:30Z

RagManX: Added inline YouTube video tag for John Hammond's intro

=== Description ===

Burp Suite is a free and commercial testing toolkit/proxy used for verifying web application security. It is available in the [https://portswigger.net/burp/communitydownload Burp Suite Community Edition] for free and the [https://portswigger.net/burp/pro Burp Suite Professional] version for $399/year.

=== Tool Type ===

* [[Web Proxy]]

=== More Information ===

* For training on Burp Suite check out [https://portswigger.net/ PortSwigger]'s [https://portswigger.net/training Web Security Academy]
* YouTube security educator John Hammond offers [https://www.youtube.com/watch?v=G3hpAeoZ4ek a half-hour introduction to Burp Suite] Community Edition {{#ev:youtube|G3hpAeoZ4ek|667x400}}
* Here's [https://www.softwaretestinghelp.com/burp-suite-tutorial/ a lengthy introduction to Burp Suite] to help you get started with the tool
* Labelled a cheat sheet, but still lengthy, there is [https://www.comparitech.com/net-admin/burp-suite-cheat-sheet/ this briefer guide to Burp Suite] from Comparitech
* eSecurityPlanet with a right-to-the-meat-of-things [https://www.esecurityplanet.com/networks/getting-started-with-burp-suite-pentest-tutorial/ starter tutorial to Burp Suite use] against the [[Juice Shop]] application

=== Similar Tools ===
*[[Acunetix]]
*[[ZAProxy|Zed Application Proxy]]

Burp Suite

2023-09-25T14:04:30Z

RagManX: Added "More Information" on Burp Suite with plenty of external links. First mention of Juice Shop on this wiki.

=== Description ===

Burp Suite is a free and commercial testing toolkit/proxy used for verifying web application security. It is available in the [https://portswigger.net/burp/communitydownload Burp Suite Community Edition] for free and the [https://portswigger.net/burp/pro Burp Suite Professional] version for $399/year.

=== Tool Type ===

* [[Web Proxy]]

=== More Information ===

* For training on Burp Suite check out [https://portswigger.net/ PortSwigger]'s [https://portswigger.net/training Web Security Academy]
* YouTube security educator John Hammond offers [https://www.youtube.com/watch?v=G3hpAeoZ4ek a half-hour introduction to Burp Suite] Community Edition
* Here's [https://www.softwaretestinghelp.com/burp-suite-tutorial/ a lengthy introduction to Burp Suite] to help you get started with the tool
* Labelled a cheat sheet, but still lengthy, there is [https://www.comparitech.com/net-admin/burp-suite-cheat-sheet/ this briefer guide to Burp Suite] from Comparitech
* eSecurityPlanet with a right-to-the-meat-of-things [https://www.esecurityplanet.com/networks/getting-started-with-burp-suite-pentest-tutorial/ starter tutorial to Burp Suite use] against the [[Juice Shop]] application

=== Similar Tools ===
*[[Acunetix]]
*[[ZAProxy|Zed Application Proxy]]

Port Authority

2023-09-25T02:15:16Z

RagManX: Initial Port Authority page creation.

=== Description ===
[https://github.com/aaronjwood/PortAuthority Port Authority is a ''very'' fast port scanner] written for Android tablets and phones. It can perform host discovery in just a few seconds, and scan ports 1-65535 for a single host in as little as 30 seconds. As it is open source, you can download and install it from the [https://play.google.com/store/apps/details?id=com.aaronjwood.portauthority.free Google Play Store] or [https://f-droid.org/app/com.aaronjwood.portauthority F-Droid] for free (although there is [https://play.google.com/store/apps/details?id=com.aaronjwood.portauthority.donate a donate version] if you want to support the author). The tool offers built-in DNS lookups, MAC address vendor detection, and custom port range scans, among a host of other features.

=== Tool Type ===

* [[Port Scanner]]

=== More Information ===

* The [https://forum.xda-developers.com/t/app-4-0-port-authority-a-very-fast-port-scanner.3150999/ XDA-Developer's thread announcing Port Authority] by the author

=== Sample Use/Screenshots ===

* [[File:Port Authority Basic Interface.png|alt=The basic Port Authority user interface.|none|thumb|The basic Port Authority user interface.]]
* [[File:Port Authority Port Range Interface.png|alt=The Port Authority port range selection interface.|none|thumb|The Port Authority port range selection interface.]]

=== Similar Tools ===

* [[Advanced Port Scanner]]
* [[Angry IP Scanner]]
* [[MASSSCAN]]
* [[NetCat]]
* [[Network Scanner]]
* [[NMap]]
* [[PortQry]] and [[PortQryUI]]
* [[TCP Port Scanner]]
* [[SMap]]

File:Port Authority Port Range Interface.png

2023-09-25T02:12:57Z

RagManX:

The two scrolling selectors for choosing a port range to scan.

File:Port Authority Basic Interface.png

2023-09-25T02:11:13Z

RagManX:

The basic layout of the Port Authority interface.

NetFilter

2023-09-25T00:08:36Z

RagManX: Change "Headers" to "Sub-heading 1" to match the appearance of other wiki pages.

=== Description ===
NetFilter is an Open-Source project which provides the packet filtering framework for Linux kernels 2.4 and higher. It is typically associated with the [[iptables]] and [[nftables]] tools. It supports packet filtering, network address and port translation, packet logging, user-space packet queuing and other packet mangling. NetFilter is the successor to [[wikipedia:Ipchains|ipchains]].

=== Tool Type ===
* [[Packet Filter]]

=== More Information ===
* DigitalOcean with [https://www.digitalocean.com/community/tutorials/a-deep-dive-into-iptables-and-netfilter-architecture a nice deep dive on the differences] between NetFilter and [[iptables]]/[[nftables]] and how they work together to provide firewalling services
* The [https://netfilter.org/documentation/ official NetFilter documentation page], with loads of links to additional information
* An [https://linux-kernel-labs.github.io/refs/heads/master/labs/networking.html in-depth, technical review of NetFilter], including code samples and labs for greater understanding

=== Similar Tools ===

Online Training sites

2023-09-24T20:54:41Z

RagManX: Added link to Tib3rius' offerings on Windows and Linux privilege escalation.

Useful websites

2023-09-24T19:56:41Z

RagManX: Expanded HackTricks explainer text based on creator's Twitter bio.

Below are many websites which provide useful information for security practitioners and those learning about security. This topic is going to eventually get unmanageable, and will need reorganized and broken down into some categories. However, until I start filling in more valuable sites, I'm not sure how I'm going to break it down. Expect format changes in the future.

*[https://adsecurity.org/ AD Security] - An infrequently updated but useful guide to attacking and defending Active Directory
* [https://github.com/fabacab/awesome-cybersecurity-blueteam Awesome Cybersecurity Blue Team] - A GitHub page loaded with resources for [[blue team]] specialists.
*DFIR Diva's [https://dfirdiva.com/ Digital Forensics and Incident Response Blog] - Geared towards beginners, this links free and affordable training, resources, and a job board
*[https://github.com/DFIRmadness/5pillars/blob/master/5-Pillars.md Five Pillars of an Information/Cyber Security Professional] - A guide to the 5 key areas of proficiency necessary to excel in security
*The [https://old.reddit.com/r/hacking/wiki/index hacking sub-reddit wiki] - Much of the collected wisdom and guidance of /r/hacking, with a glossary, movie recommendations, an FAQ, hacking resources, and so much more. Well worth leaving this page to peruse
*[https://book.hacktricks.xyz/ HackTricks] - A penetration testing, red team testing, and [[CTF]] tips project which aims to offer free quality hacking resources to all the world, so people can learn for free the latest techniques in cybersecurity
* [https://haveibeenpwned.com/ Have I Been Pwned?] - A site for checking whether your email or password is in a data breach
* [https://lolbas-project.github.io/# LOLBAS] - Living off the Land Binaries, Scripts, and Libraries - A site dedicated to helping you take advantage of common tools that might already be loaded on your target system
*[https://github.com/m0nad/awesome-privilege-escalation m0nad's Awesome Privilege Escalation] - A collection of Linux, Windows, Docker, and Cloud privilege escalation tips
*[https://github.com/carlospolop/PEASS-ng/tree/master PEASS-ng] - The Privilege Escalation Awesome Scripts SUITE new generation - a collection of macOS, Linux, and Windows tools to help you escalate your privileges once you gain a foothold on a system. Get some guidance on privilege escalation techniques, including use of PEASS-ng tools, from the [https://book.hacktricks.xyz/linux-hardening/privilege-escalation Linux privilege escalation]and [https://book.hacktricks.xyz/windows-hardening/checklist-windows-privilege-escalation Windows privilege escalation] subsections of HackTricks
*[https://www.shodan.io/ Shodan] web search engine - "Shodan is the world's first search engine for Internet-connected devices. Discover how Internet intelligence can help you make better decisions."
* [https://www.vulnhub.com/ Vulnhub] - A collection of intentionally vulnerable, downloadable virtual machines to practice your security skills
*[https://www.vx-underground.org/ VX-Underground] - The largest collection of malware source code, samples, and papers on the internet. For more information, also follow [https://twitter.com/vxunderground the vx-underground Twitter account]

Useful websites

2023-09-24T19:51:40Z

RagManX: Add PEASS-ng GitHub page, with additional links to guidance on using escalation tools

Below are many websites which provide useful information for security practitioners and those learning about security. This topic is going to eventually get unmanageable, and will need reorganized and broken down into some categories. However, until I start filling in more valuable sites, I'm not sure how I'm going to break it down. Expect format changes in the future.

*[https://adsecurity.org/ AD Security] - An infrequently updated but useful guide to attacking and defending Active Directory
* [https://github.com/fabacab/awesome-cybersecurity-blueteam Awesome Cybersecurity Blue Team] - A GitHub page loaded with resources for [[blue team]] specialists.
*DFIR Diva's [https://dfirdiva.com/ Digital Forensics and Incident Response Blog] - Geared towards beginners, this links free and affordable training, resources, and a job board
*[https://github.com/DFIRmadness/5pillars/blob/master/5-Pillars.md Five Pillars of an Information/Cyber Security Professional] - A guide to the 5 key areas of proficiency necessary to excel in security
*The [https://old.reddit.com/r/hacking/wiki/index hacking sub-reddit wiki] - Much of the collected wisdom and guidance of /r/hacking, with a glossary, movie recommendations, an FAQ, hacking resources, and so much more. Well worth leaving this page to peruse
*[https://book.hacktricks.xyz/ HackTricks] - Penetration testing, red team testing, and [[CTF]] tips
* [https://haveibeenpwned.com/ Have I Been Pwned?] - A site for checking whether your email or password is in a data breach
* [https://lolbas-project.github.io/# LOLBAS] - Living off the Land Binaries, Scripts, and Libraries - A site dedicated to helping you take advantage of common tools that might already be loaded on your target system
*[https://github.com/m0nad/awesome-privilege-escalation m0nad's Awesome Privilege Escalation] - A collection of Linux, Windows, Docker, and Cloud privilege escalation tips
*[https://github.com/carlospolop/PEASS-ng/tree/master PEASS-ng] - The Privilege Escalation Awesome Scripts SUITE new generation - a collection of macOS, Linux, and Windows tools to help you escalate your privileges once you gain a foothold on a system. Get some guidance on privilege escalation techniques, including use of PEASS-ng tools, from the [https://book.hacktricks.xyz/linux-hardening/privilege-escalation Linux privilege escalation]and [https://book.hacktricks.xyz/windows-hardening/checklist-windows-privilege-escalation Windows privilege escalation] subsections of HackTricks
*[https://www.shodan.io/ Shodan] web search engine - "Shodan is the world's first search engine for Internet-connected devices. Discover how Internet intelligence can help you make better decisions."
* [https://www.vulnhub.com/ Vulnhub] - A collection of intentionally vulnerable, downloadable virtual machines to practice your security skills
*[https://www.vx-underground.org/ VX-Underground] - The largest collection of malware source code, samples, and papers on the internet. For more information, also follow [https://twitter.com/vxunderground the vx-underground Twitter account]

Useful websites

2023-09-24T19:33:01Z

RagManX: Add LOLBAS GitHub site, link to page.

Below are many websites which provide useful information for security practitioners and those learning about security. This topic is going to eventually get unmanageable, and will need reorganized and broken down into some categories. However, until I start filling in more valuable sites, I'm not sure how I'm going to break it down. Expect format changes in the future.

*[https://adsecurity.org/ AD Security] - An infrequently updated but useful guide to attacking and defending Active Directory
* [https://github.com/fabacab/awesome-cybersecurity-blueteam Awesome Cybersecurity Blue Team] - A GitHub page loaded with resources for [[blue team]] specialists.
*DFIR Diva's [https://dfirdiva.com/ Digital Forensics and Incident Response Blog] - Geared towards beginners, this links free and affordable training, resources, and a job board
*[https://github.com/DFIRmadness/5pillars/blob/master/5-Pillars.md Five Pillars of an Information/Cyber Security Professional] - A guide to the 5 key areas of proficiency necessary to excel in security
*The [https://old.reddit.com/r/hacking/wiki/index hacking sub-reddit wiki] - Much of the collected wisdom and guidance of /r/hacking, with a glossary, movie recommendations, an FAQ, hacking resources, and so much more. Well worth leaving this page to peruse
*[https://book.hacktricks.xyz/ HackTricks] - Penetration testing, red team testing, and [[CTF]] tips
* [https://haveibeenpwned.com/ Have I Been Pwned?] - A site for checking whether your email or password is in a data breach
* [https://lolbas-project.github.io/# LOLBAS] - Living off the Land Binaries, Scripts, and Libraries - A site dedicated to helping you take advantage of common tools that might already be loaded on your target system
*[https://github.com/m0nad/awesome-privilege-escalation m0nad's Awesome Privilege Escalation] - A collection of Linux, Windows, Docker, and Cloud privilege escalation tips.
*[https://www.shodan.io/ Shodan] web search engine - "Shodan is the world's first search engine for Internet-connected devices. Discover how Internet intelligence can help you make better decisions."
* [https://www.vulnhub.com/ Vulnhub] - A collection of intentionally vulnerable, downloadable virtual machines to practice your security skills
*[https://www.vx-underground.org/ VX-Underground] - The largest collection of malware source code, samples, and papers on the internet. For more information, also follow [https://twitter.com/vxunderground the vx-underground Twitter account]

EtherApe

2023-09-24T17:57:59Z

RagManX: Add in-line EtherApe screenshot to /* More Information */ section

=== Description ===
[https://etherape.sourceforge.io/ EtherApe is a graphical network monitoring tool] for Unix and Unix-like operating systems. It is used for viewing network traffic visually. This means the more "talkative" a node is, the bigger its representation, and node and link colors show the most used protocol. While originally created as an etherman clone, it has since evolved to have some unique features. In addition to running as an active network capture tool, it can also read [[tcpdump]] capture files.

=== Tool Type ===

* [[Network protocol analyzer]]

=== More Information ===

* Get [https://etherape.sourceforge.io/introduction.html additional information on EtherApe's features] from the tool's home page
* [[File:EtherApe-v0 9 3 Screenshot.png|alt=EtherApe v0.9.3 screenshot|none|thumb|EtherApe v0.9.3 screenshot]]Take a look at [https://etherape.sourceforge.io/images/v0.9.3.png a screenshot of EtherApe] for version 0.9.3
* Although it's not difficult to install, if you need help getting EtherApe on [[Kali|Kali Linux]], there's [https://installati.one/install-etherape-kalilinux/ a tutorial for that]
* Account IT Best Practices has this [https://www.youtube.com/watch?v=mtxCsaiOins brief video guide to identifying network traffic] with EtherApe {{#ev:youtube|mtxCsaiOins|667x400}}
* A slightly outdated but still accurate [https://www.unixmen.com/install-graphical-network-monitor-etherape-on-ubuntu-linux-16/ guide to installing and using EtherApe] from unixmen

=== Similar Tools ===

* [[netsniff-ng]]
* [[ngrep]]
* [[tcpdump]]
* [[Wireshark]]

Virtual Machines

2023-09-24T14:37:33Z

RagManX: Replace OWASP Web Application Testing Environment with OWASP Broken Web Applications Project, correct internal link.

Many vendors provide downloadable virtual machines to use as practice targets or as attack hosts. Below are a collection of systems you can download and run on your primary system.

* [[Metasploitable]]
* [[Metasploitable 2]]
* [[Metasploitable 3]]
* [[Kali]]
* [[Parrot OS]]
* [[Windows]]
* [[OWASP Broken Web Applications Project]]
*[[FLARE VM]]

=== Hypervisors ===
In addition to the above-listed downloadable virtual machines (VMs), you will need some type of VM management tool. For more information on '''what''' a hypervisor is, please see [https://phoenixnap.com/kb/what-is-hypervisor-type-1-2 this article from phoenixNAP]. Below are the currently available hypervisors for managing your VMs.

* [[VMWare|VMWare Player]]
* [[VMWare|VMWare Workstation Pro]]
* [[VMWare|VMWare Fusion]]
* [[VMWare|VMWare VSphere withESXi]]
* [[Oracle VirtualBox]]
* [[Hyper-V|Microsoft Hyper-V]]
* [[KVM]]
* [[Virtual PC|Windows Virtual PC]]
* [[Parallels]]

Metasploitable 2

2023-09-24T14:17:37Z

RagManX: Add links to compressed file extraction tools

Metasploitable2 is the second incarnation of an intentionally vulnerable, Linux-based virtual machine used for practicing penetration testing and security research. The tool is [https://docs.rapid7.com/metasploit/metasploitable-2/ lightly documented at Rapid7's website], which contains links to download the VM. To get the tool, you first need to register at the source site, then download an 800 MB file. Once downloaded, extract with [https://7-zip.org/ 7-zip], [https://github.com/M2Team/NanaZip NanaZip], or [https://duckduckgo.com/?q=compressed+file+extractor&t=newext&atb=v384-1&ia=web a similar tool] and import in VMWare or VirtualBox. To get started with breaking into the Metasploitable2 machine, check out [https://docs.rapid7.com/metasploit/metasploitable-2-exploitability-guide/ the Exploitability guide] from Rapid7. For help setting up Metasploitable2 in VirtualBox, check out [https://www.geeksforgeeks.org/how-to-install-metasploitable-2-in-virtualbox/ this blog post from Geeks for Geeks]. If you'd rather use the tool from VMWare, take a look at [https://www.exploit-db.com/docs/english/44040-the-easiest-metasploit-guide-you%E2%80%99ll-ever-read.pdf Exploit-DB's Easiest Metasploit guide] ever.

THC-Hydra

2023-09-24T13:23:10Z

RagManX: /* Similar Tools */ Correct missing HashCat on-site missing link.

=== Description ===
[https://github.com/vanhauser-thc/thc-hydra thc-hydra] is a modular, parallelized network logon cracking tool. It supports a great many networking protocols, such as POP3, FTP, SMTP, SMB, and SSH (v1 and v2), and is available on all major operating systems.

=== Tool Type ===

* [[Password Cracker]]

=== More Information ===

* A brief [https://www.cyberpunk.rs/password-cracker-thc-hydra introduction to thc-hydra], including basic installation and use examples from CyberPunk
* The Kali tools website has [https://www.kali.org/tools/hydra/ a short introduction to thc-hydra], including tool use examples and subtool (dpl4hydra, xhydra, hydra-wizard, and more) functions
* Automate the Planet gives us a [https://www.automatetheplanet.com/thc-hydra-password-cracking-by-examples/ thc-hydra examples write-up], including installation in brief for Windows
* Watch a [https://www.youtube.com/watch?v=z4_oqTZJqCo&pp=ygUJdGhjLWh5ZHJh video introduction to thc-hydra] from Network Chuck {{#ev:youtube|z4_oqTZJqCo|667x400}}
* Get a [https://www.bookofnetwork.com/hacking-tutorials/THC-Hydra step-by-step walkthrough of using the graphical tool xhydra] to brute-force an SSH login on a remote server
* [https://www.freecodecamp.org/news/how-to-use-hydra-pentesting-tutorial/ A practical tutorial to installing] and running thc-hydra on a Linux system from FreeCodeCamp
* Another guide to [https://kalilinuxtutorials.com/thc-hydra/ installing, running, and viewing output for thc-hydra] on Kali Linux Tutorials

=== Sample Use/Screenshots ===
[[File:XHydra GUI.png|alt=xHydra GUI|none|thumb|The xHydra GUI]]
[[File:Hydra Default Usage.png|alt=The thc-hydra main program usage/help output|none|thumb|The thc-hydra main program usage/help output.]]
[[File:Hydra Retrieve Default Password List.png|none|thumb]]

=== Similar Tools ===

* [[AirCrack-NG]]
* [[Cain and Abel]]
* [[Hashcat|HashCat]]
* [[Hash Suite]]
* [[John the Ripper]]
* [[L0phtcrack]]
* [[Medusa]]
* [[ncrack]]
* [[ophcrack]]

THC-Hydra

2023-09-24T13:22:02Z

RagManX: /* More Information */ Add inline YouTube video for Network Chuck

=== Description ===
[https://github.com/vanhauser-thc/thc-hydra thc-hydra] is a modular, parallelized network logon cracking tool. It supports a great many networking protocols, such as POP3, FTP, SMTP, SMB, and SSH (v1 and v2), and is available on all major operating systems.

=== Tool Type ===

* [[Password Cracker]]

=== More Information ===

* A brief [https://www.cyberpunk.rs/password-cracker-thc-hydra introduction to thc-hydra], including basic installation and use examples from CyberPunk
* The Kali tools website has [https://www.kali.org/tools/hydra/ a short introduction to thc-hydra], including tool use examples and subtool (dpl4hydra, xhydra, hydra-wizard, and more) functions
* Automate the Planet gives us a [https://www.automatetheplanet.com/thc-hydra-password-cracking-by-examples/ thc-hydra examples write-up], including installation in brief for Windows
* Watch a [https://www.youtube.com/watch?v=z4_oqTZJqCo&pp=ygUJdGhjLWh5ZHJh video introduction to thc-hydra] from Network Chuck {{#ev:youtube|z4_oqTZJqCo|667x400}}
* Get a [https://www.bookofnetwork.com/hacking-tutorials/THC-Hydra step-by-step walkthrough of using the graphical tool xhydra] to brute-force an SSH login on a remote server
* [https://www.freecodecamp.org/news/how-to-use-hydra-pentesting-tutorial/ A practical tutorial to installing] and running thc-hydra on a Linux system from FreeCodeCamp
* Another guide to [https://kalilinuxtutorials.com/thc-hydra/ installing, running, and viewing output for thc-hydra] on Kali Linux Tutorials

=== Sample Use/Screenshots ===
[[File:XHydra GUI.png|alt=xHydra GUI|none|thumb|The xHydra GUI]]
[[File:Hydra Default Usage.png|alt=The thc-hydra main program usage/help output|none|thumb|The thc-hydra main program usage/help output.]]
[[File:Hydra Retrieve Default Password List.png|none|thumb]]

=== Similar Tools ===

* [[AirCrack-NG]]
* [[Cain and Abel]]
* HashCat
* [[Hash Suite]]
* [[John the Ripper]]
* [[L0phtcrack]]
* [[Medusa]]
* [[ncrack]]
* [[ophcrack]]

THC-Hydra

2023-09-24T13:20:28Z

RagManX: Setup initial hydra details page. Add more information links, plus the new screenshots section for the tool

=== Description ===
[https://github.com/vanhauser-thc/thc-hydra thc-hydra] is a modular, parallelized network logon cracking tool. It supports a great many networking protocols, such as POP3, FTP, SMTP, SMB, and SSH (v1 and v2), and is available on all major operating systems.

=== Tool Type ===

* [[Password Cracker]]

=== More Information ===

* A brief [https://www.cyberpunk.rs/password-cracker-thc-hydra introduction to thc-hydra], including basic installation and use examples from CyberPunk
* The Kali tools website has [https://www.kali.org/tools/hydra/ a short introduction to thc-hydra], including tool use examples and subtool (dpl4hydra, xhydra, hydra-wizard, and more) functions
* Automate the Planet gives us a [https://www.automatetheplanet.com/thc-hydra-password-cracking-by-examples/ thc-hydra examples write-up], including installation in brief for Windows
* Watch a [https://www.youtube.com/watch?v=z4_oqTZJqCo&pp=ygUJdGhjLWh5ZHJh video introduction to thc-hydra] from Network Chuck
* Get a [https://www.bookofnetwork.com/hacking-tutorials/THC-Hydra step-by-step walkthrough of using the graphical tool xhydra] to brute-force an SSH login on a remote server
* [https://www.freecodecamp.org/news/how-to-use-hydra-pentesting-tutorial/ A practical tutorial to installing] and running thc-hydra on a Linux system from FreeCodeCamp
* Another guide to [https://kalilinuxtutorials.com/thc-hydra/ installing, running, and viewing output for thc-hydra] on Kali Linux Tutorials

=== Sample Use/Screenshots ===
[[File:XHydra GUI.png|alt=xHydra GUI|none|thumb|The xHydra GUI]]
[[File:Hydra Default Usage.png|alt=The thc-hydra main program usage/help output|none|thumb|The thc-hydra main program usage/help output.]]
[[File:Hydra Retrieve Default Password List.png|none|thumb]]

=== Similar Tools ===

* [[AirCrack-NG]]
* [[Cain and Abel]]
* HashCat
* [[Hash Suite]]
* [[John the Ripper]]
* [[L0phtcrack]]
* [[Medusa]]
* [[ncrack]]
* [[ophcrack]]