From 95ea9de79e67c2bafcb864f501d9073cfb7ae9bf Mon Sep 17 00:00:00 2001 From: Mark <55981308+Luci-d@users.noreply.github.com> Date: Mon, 25 Nov 2019 15:37:26 +0200 Subject: [PATCH 01/10] Update README.md changed or removed 404's and added cool service IMHO --- README.md | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 1586270..97e8b8e 100644 --- a/README.md +++ b/README.md @@ -36,12 +36,11 @@ err on the safe side. - [pynids](http://jon.oberheide.org/pynids/): libnids wrapper offering sniffing, IP defragmentation, TCP stream reassembly and port scan detection -- [Dirtbags py-pcap](http://dirtbags.net/py-pcap.html): read pcap - files without libpcap - [flowgrep](http://monkey.org/~jose/software/flowgrep/): grep through packet payloads using regular expressions - [Knock Subdomain Scan](https://github.com/guelfoweb/knock), enumerate subdomains on a target domain through a wordlist +- [Spyse](https://spyse.com/) - all in one recon service for IP, domains, AS, ports, etc... [py wrapper](https://github.com/zeropwn/spyse.py) - [SubBrute](https://github.com/TheRook/subbrute), fast subdomain enumeration tool - [Mallory](https://bitbucket.org/IntrepidusGroup/mallory), extensible @@ -203,7 +202,7 @@ err on the safe side. - [jsunpack-n](https://github.com/urule99/jsunpack-n), generic JavaScript unpacker: emulates browser functionality to detect exploits that target browser and browser plug-in vulnerabilities -- [yara-python](https://github.com/plusvic/yara/tree/master/yara-python): +- [yara-python](https://github.com/VirusTotal/yara-python): identify and classify malware samples - [phoneyc](https://github.com/honeynet/phoneyc): pure Python honeyclient implementation @@ -249,8 +248,6 @@ err on the safe side. - [PyMangle](http://code.google.com/p/pymangle/): command line tool and a python library used to create word lists for use with other penetration testing tools -- [Hachoir](https://bitbucket.org/haypo/hachoir/wiki/Home): view and - edit a binary stream field by field - [py-mangle](http://code.google.com/p/pymangle/): command line tool and a python library used to create word lists for use with other penetration testing tools From 29fece2269f1493c196d11cb6e6c72b04be4edd0 Mon Sep 17 00:00:00 2001 From: Mark <55981308+Luci-d@users.noreply.github.com> Date: Sun, 9 Feb 2020 18:43:38 +0200 Subject: [PATCH 02/10] UPD updated links https://hachoir.readthedocs.io/en/latest/ https://github.com/dirtbags/py-pcap --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 97e8b8e..1d71ae4 100644 --- a/README.md +++ b/README.md @@ -36,6 +36,8 @@ err on the safe side. - [pynids](http://jon.oberheide.org/pynids/): libnids wrapper offering sniffing, IP defragmentation, TCP stream reassembly and port scan detection + [Dirtbags py-pcap](https://github.com/dirtbags/py-pcap): read pcap + files without libpcap - [flowgrep](http://monkey.org/~jose/software/flowgrep/): grep through packet payloads using regular expressions - [Knock Subdomain Scan](https://github.com/guelfoweb/knock), enumerate @@ -248,6 +250,8 @@ err on the safe side. - [PyMangle](http://code.google.com/p/pymangle/): command line tool and a python library used to create word lists for use with other penetration testing tools +- [Hachoir](https://hachoir.readthedocs.io/en/latest/): view and + edit a binary stream field by field - [py-mangle](http://code.google.com/p/pymangle/): command line tool and a python library used to create word lists for use with other penetration testing tools From 10a4e389233609bcd4ca195d4f32c863daf227f2 Mon Sep 17 00:00:00 2001 From: Dirk Loss Date: Mon, 30 Mar 2020 18:25:05 +0200 Subject: [PATCH 03/10] Remove Scapy3k Apparently not maintained anymore. Scapy v2.4+ supports Python 3 now --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 1d71ae4..9ab650d 100644 --- a/README.md +++ b/README.md @@ -20,7 +20,7 @@ err on the safe side. ### Network -- [Scapy](http://secdev.org/projects/scapy), [Scapy3k](http://github.com/phaethon/scapy): send, sniff and dissect +- [Scapy](http://secdev.org/projects/scapy): send, sniff and dissect and forge network packets. Usable interactively or as a library - [pypcap](http://code.google.com/p/pypcap/), [Pcapy](http://oss.coresecurity.com/projects/pcapy.html) and From e8cf781b1c6ce57390d7e0f0112f23d17988228b Mon Sep 17 00:00:00 2001 From: Dirk Loss Date: Fri, 24 Apr 2020 10:42:06 +0200 Subject: [PATCH 04/10] Fix uhooker link (#12) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 9ab650d..2163424 100644 --- a/README.md +++ b/README.md @@ -79,7 +79,7 @@ err on the safe side. x86 disassembling library - [PyDbgEng](http://pydbgeng.sourceforge.net/): Python wrapper for the Microsoft Windows Debugging Engine -- [uhooker](http://oss.coresecurity.com/projects/uhooker.htm): +- [uhooker](https://www.coresecurity.com/corelabs-research/open-source-tools/uhooker): intercept calls to API calls inside DLLs, and also arbitrary addresses within the executable file in memory - [diStorm](http://www.ragestorm.net/distorm/): disassembler library From 6e1ad8f7e614d6a6c5ac7163a941e084c218a6ca Mon Sep 17 00:00:00 2001 From: Pravinkumar Singh <43314676+pandainfosec@users.noreply.github.com> Date: Fri, 2 Oct 2020 10:59:33 +0530 Subject: [PATCH 05/10] Update README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 2163424..5f9279a 100644 --- a/README.md +++ b/README.md @@ -315,6 +315,7 @@ err on the safe side. - [Python Forensics](http://www.sciencedirect.com/science/book/9780124186767) by Chet Hosmer: A Workbench for Inventing and Sharing Digital Forensic Technology - [The Beginner's Guide to IDAPython](https://leanpub.com/IDAPython-Book) by Alexander Hanel +- [Python for Offensive PenTest: A Practical Guide to Ethical Hacking and Penetration Testing Using Python](https://www.amazon.com/Python-Offensive-PenTest-practical-penetration/dp/1788838971) by Hussam Khrais ### Talks, slides and articles From 6771b459987d0f4effffdf9a6b0cc756b2637606 Mon Sep 17 00:00:00 2001 From: Dirk Loss Date: Thu, 2 Jan 2025 16:48:04 +0100 Subject: [PATCH 06/10] Fix the links, remove some obsolete tools This list had been created in 2015/2016. Since then, many tools have moved their homepage or are not longer publicly available. Some of the old links were pointing to dubious sites. This commit fixes most of the links. But I did not check if each tool still relevant, maintained or even compatible with Python 3. Also, I did not check for newer, better tools to add. --- README.md | 155 +++++++++++++----------------------------------------- 1 file changed, 37 insertions(+), 118 deletions(-) diff --git a/README.md b/README.md index 5f9279a..6f3339e 100644 --- a/README.md +++ b/README.md @@ -20,35 +20,28 @@ err on the safe side. ### Network -- [Scapy](http://secdev.org/projects/scapy): send, sniff and dissect +- [Scapy](https://scapy.net): send, sniff and dissect and forge network packets. Usable interactively or as a library -- [pypcap](http://code.google.com/p/pypcap/), - [Pcapy](http://oss.coresecurity.com/projects/pcapy.html) and - [pylibpcap](http://pylibpcap.sourceforge.net/): several different +- [pypcap](https://github.com/dugsong/pypcap), + [Pcapy](https://github.com/helpsystems/pcapy), + [Pcapy-NG](https://github.com/stamparm/pcapy-ng) and + [libpcap](https://pypi.org/project/libpcap/): several different Python bindings for libpcap -- [libdnet](http://code.google.com/p/libdnet/): low-level networking +- [libdnet](https://github.com/ofalk/libdnet/): low-level networking routines, including interface lookup and Ethernet frame transmission - [dpkt](https://github.com/kbandla/dpkt): fast, simple packet creation/parsing, with definitions for the basic TCP/IP protocols - [Impacket](http://oss.coresecurity.com/projects/impacket.html): craft and decode network packets. Includes support for higher-level protocols such as NMB and SMB -- [pynids](http://jon.oberheide.org/pynids/): libnids wrapper offering - sniffing, IP defragmentation, TCP stream reassembly and port scan - detection - [Dirtbags py-pcap](https://github.com/dirtbags/py-pcap): read pcap - files without libpcap -- [flowgrep](http://monkey.org/~jose/software/flowgrep/): grep through - packet payloads using regular expressions - [Knock Subdomain Scan](https://github.com/guelfoweb/knock), enumerate subdomains on a target domain through a wordlist -- [Spyse](https://spyse.com/) - all in one recon service for IP, domains, AS, ports, etc... [py wrapper](https://github.com/zeropwn/spyse.py) - [SubBrute](https://github.com/TheRook/subbrute), fast subdomain enumeration tool -- [Mallory](https://bitbucket.org/IntrepidusGroup/mallory), extensible +- [Mallory](https://github.com/intrepidusgroup/mallory), extensible TCP/UDP man-in-the-middle proxy, supports modifying non-standard protocols on the fly -- [Pytbull](http://pytbull.sourceforge.net/): flexible IDS/IPS testing +- [Pytbull-NG](https://github.com/netrunn3r/pytbull-ng/): flexible IDS/IPS testing framework (shipped with more than 300 tests) - [Spoodle](https://github.com/vjex/spoodle): A mass subdomain + poodle vulnerability scanner @@ -62,36 +55,25 @@ err on the safe side. - [Paimei](https://github.com/OpenRCE/paimei): reverse engineering framework, includes [PyDBG](https://github.com/OpenRCE/pydbg), PIDA, pGRAPH -- [Immunity Debugger](http://debugger.immunityinc.com/): - scriptable GUI and command line debugger -- [mona.py](https://www.corelan.be/index.php/2011/07/14/mona-py-the-manual/): - PyCommand for Immunity Debugger that replaces and improves on - pvefindaddr - [IDAPython](https://github.com/idapython/src): IDA Pro plugin that integrates the Python programming language, allowing scripts to run in IDA Pro -- [PyEMU](http://code.google.com/p/pyemu/): fully scriptable IA-32 +- [PyEMU](hhttps://github.com/codypierce/pyemu/): fully scriptable IA-32 emulator, useful for malware analysis - [pefile](https://github.com/erocarrera/pefile): read and work with Portable Executable (aka PE) files -- [pydasm](http://code.google.com/p/libdasm/source/browse/trunk/pydasm/pydasm.c): - Python interface to the [libdasm](http://code.google.com/p/libdasm/) +- [pydasm](https://github.com/jtpereyda/libdasm/tree/master/pydasm): + Python interface to the [libdasm](https://github.com/jtpereyda/libdasm/tree/master/) x86 disassembling library - [PyDbgEng](http://pydbgeng.sourceforge.net/): Python wrapper for the Microsoft Windows Debugging Engine -- [uhooker](https://www.coresecurity.com/corelabs-research/open-source-tools/uhooker): - intercept calls to API calls inside DLLs, and also arbitrary - addresses within the executable file in memory -- [diStorm](http://www.ragestorm.net/distorm/): disassembler library +- [diStorm](https://github.com/gdabah/distorm): disassembler library for AMD64, licensed under the BSD license - [Frida](http://www.frida.re/): A dynamic instrumentation framework which can inject scripts into running processes - [python-ptrace](http://python-ptrace.readthedocs.org/): debugger using ptrace (Linux, BSD and Darwin system call to trace processes) written in Python -- [vdb / vtrace](http://code.google.com/p/vdebug/): vtrace is a - cross-platform process debugging API implemented in python, and vdb - is a debugger which uses it - [Androguard](https://github.com/androguard/androguard): reverse engineering and analysis of Android applications - [Capstone](http://www.capstone-engine.org/): lightweight @@ -111,96 +93,53 @@ err on the safe side. lop fork server and instrumentation for pure-Python code - [Sulley](https://github.com/OpenRCE/sulley): fuzzer development and fuzz testing framework consisting of multiple extensible components -- [Peach Fuzzing Platform](http://peachfuzz.sourceforge.net/): +- [Peach Fuzzing Platform](https://github.com/MozillaSecurity/peach/): extensible fuzzing framework for generation and mutation based fuzzing (v2 was written in Python) -- [antiparser](http://antiparser.sourceforge.net/): fuzz testing and - fault injection API -- [TAOF](http://sourceforge.net/projects/taof/), (The Art of Fuzzing) - including ProxyFuzz, a man-in-the-middle non-deterministic network - fuzzer -- [untidy](http://untidy.sourceforge.net/): general purpose XML fuzzer +- [untidy](https://github.com/kbandla/python-untidy/): general purpose XML fuzzer - [Powerfuzzer](http://www.powerfuzzer.com/): highly automated and fully customizable web fuzzer (HTTP protocol based application fuzzer) -- [SMUDGE](http://www.fuzzing.org/wp-content/SMUDGE.zip) -- [Mistress](http://www.packetstormsecurity.org/fuzzer/mistress.rar): - probe file formats on the fly and protocols with malformed data, - based on pre-defined patterns -- [Fuzzbox](https://isecpartners.com/tools/application-security/fuzzbox.aspx): - multi-codec media fuzzer -- [Forensic Fuzzing - Tools](https://isecpartners.com/tools/application-security/forensic-fuzzing-tools.aspx): - generate fuzzed files, fuzzed file systems, and file systems - containing fuzzed files in order to test the robustness of forensics - tools and examination systems -- [Windows IPC Fuzzing - Tools](https://isecpartners.com/tools/application-security/windows-ipc-fuzzing-tools.aspx): - tools used to fuzz applications that use Windows Interprocess - Communication mechanisms -- [WSBang](https://www.isecpartners.com/tools/application-security/wsbang.aspx): - perform automated security testing of SOAP based web services - [Construct](http://construct.readthedocs.org/): library for parsing and building of data structures (binary or textual). Define your data structures in a declarative manner -- [fuzzer.py - (feliam)](http://sites.google.com/site/felipeandresmanzano/fuzzer.py?attredirects=0): - simple fuzzer by Felipe Andres Manzano - [Fusil](http://fusil.readthedocs.org/): Python library used to write fuzzing programs ### Web -- [Requests](http://python-requests.org/): elegant and simple HTTP +- [Requests](https://requests.readthedocs.io/): elegant and simple HTTP library, built for human beings - [lxml](http://lxml.de/index.html): easy-to-use library for processing XML and HTML; similar to Requests - [HTTPie](http://httpie.org): human-friendly cURL-like command line HTTP client -- [ProxMon](https://www.isecpartners.com/tools/application-security/proxmon.aspx): - processes proxy logs and reports discovered issues -- [WSMap](https://www.isecpartners.com/tools/application-security/wsmap.aspx): - find web service endpoints and discovery files -- [Twill](http://twill.idyll.org/): browse the Web from a command-line +- [Twill](https://twill-tools.github.io/twill/): browse the Web from a command-line interface. Supports automated Web testing -- [Ghost.py](http://jeanphix.me/Ghost.py/): webkit web client written - in Python -- [Windmill](http://www.getwindmill.com/): web testing tool designed - to let you painlessly automate and debug your web application -- [FunkLoad](http://funkload.nuxeo.org/): functional and load web +- [FunkLoad](https://github.com/nuxeo/FunkLoad): functional and load web tester - [spynner](https://github.com/makinacorpus/spynner): Programmatic web browsing module for Python with Javascript/AJAX support -- [python-spidermonkey](http://code.google.com/p/python-spidermonkey/): - bridge to the Mozilla SpiderMonkey JavaScript engine; allows for the - evaluation and calling of Javascript scripts and functions - [mitmproxy](http://mitmproxy.org/): SSL-capable, intercepting HTTP proxy. Console interface allows traffic flows to be inspected and edited on the fly -- [pathod / pathoc](http://pathod.net/): pathological daemon/client - for tormenting HTTP clients and servers - [spidy](https://github.com/rivermont/spidy/): simple command-line web crawler with page downloading and word scraping ### Forensics - [Volatility](http://www.volatilityfoundation.org/): extract digital artifacts from volatile memory (RAM) samples -- [Rekall](http://www.rekall-forensic.com): +- [Rekall](https://github.com/google/rekall): memory analysis framework developed by Google -- [LibForensics](http://code.google.com/p/libforensics/): library for - developing digital forensics applications - [TrIDLib](http://mark0.net/code-tridlib-e.html), identify file types from their binary signatures. Now includes Python binding -- [aft](http://code.google.com/p/aft/): Android forensic toolkit ### Malware analysis - [pyew](https://github.com/joxeankoret/pyew): command line hexadecimal editor and disassembler, mainly to analyze malware -- [Exefilter](http://www.decalage.info/exefilter): filter file formats +- [Exefilter](https://github.com/decalage2/exefilter): filter file formats in e-mails, web pages or files. Detects many common file formats and can remove active content -- [pyClamAV](http://xael.org/norman/python/pyclamav/index.html): add - virus detection capabilities to your Python software - [jsunpack-n](https://github.com/urule99/jsunpack-n), generic JavaScript unpacker: emulates browser functionality to detect exploits that target browser and browser plug-in vulnerabilities @@ -213,37 +152,22 @@ err on the safe side. ### PDF -- [peepdf](http://eternal-todo.com/tools/peepdf-pdf-analysis-tool): +- [peepdf-3](https://github.com/digitalsleuth/peepdf-3): Python tool to analyse and explore PDF files to find out if they can be harmful - [Didier Stevens' PDF tools](http://blog.didierstevens.com/programs/pdf-tools): analyse, - identify and create PDF files (includes - [PDFiD](http://blog.didierstevens.com/programs/pdf-tools/#pdfid), - [pdf-parser](http://blog.didierstevens.com/programs/pdf-tools/#pdf-parser) - and - [make-pdf](http://blog.didierstevens.com/programs/pdf-tools/#make-pdf) - and mPDF) -- [Opaf](http://code.google.com/p/opaf/): Open PDF Analysis Framework. - Converts PDF to an XML tree that can be analyzed and modified. -- [Origapy](http://www.decalage.info/python/origapy): Python wrapper - for the Origami Ruby module which sanitizes PDF files -- [pyPDF2](http://mstamy2.github.io/PyPDF2/): pure Python PDF toolkit: extract + identify and create PDF files +- [pyPDF](https://pypdf.readthedocs.io/): pure Python PDF toolkit: extract info, spilt, merge, crop, encrypt, decrypt... -- [PDFMiner](http://www.unixuser.org/~euske/python/pdfminer/index.html): +- [pdfminer.six](https://github.com/pdfminer/pdfminer.six): extract text from PDF files -- [python-poppler-qt4](https://github.com/wbsoft/python-poppler-qt4): - Python binding for the Poppler PDF library, including Qt4 support ### Misc -- [InlineEgg](http://oss.coresecurity.com/projects/inlineegg.html): - toolbox of classes for writing small assembly programs in Python -- [Exomind](http://corelabs.coresecurity.com/index.php?module=Wiki&action=view&type=tool&name=Exomind): +- [Exomind](https://github.com/jio-gl/exomind): framework for building decorated graphs and developing open-source intelligence modules and ideas, centered on social network services, search engines and instant messaging -- [RevHosts](http://www.securityfocus.com/tools/3851): enumerate - virtual hosts for a given IP address - [simplejson](https://github.com/simplejson/simplejson/): JSON encoder/decoder, e.g. to use [Google's AJAX API](http://dcortesi.com/2008/05/28/google-ajax-search-api-example-python-code/) @@ -265,37 +189,34 @@ err on the safe side. ### Other useful libraries and tools -- [IPython](http://ipython.scipy.org/): enhanced interactive Python +- [Project Jupyter](https://jupyter.org): enhanced interactive shell with many features for object introspection, system shell access, and its own special command system - [Beautiful Soup](http://www.crummy.com/software/BeautifulSoup/): HTML parser optimized for screen-scraping -- [matplotlib](http://matplotlib.sourceforge.net/): make 2D plots of +- [matplotlib](https://matplotlib.org): make 2D plots of arrays - [Mayavi](http://code.enthought.com/projects/mayavi/): 3D scientific data visualization and plotting - [RTGraph3D](http://www.secdev.org/projects/rtgraph3d/): create dynamic graphs in 3D - [Twisted](http://twistedmatrix.com/): event-driven networking engine -- [Suds](https://fedorahosted.org/suds/): lightweight SOAP client for +- [Suds](https://github.com/suds-community/suds): lightweight SOAP client for consuming Web Services -- [M2Crypto](http://chandlerproject.org/bin/view/Projects/MeTooCrypto): - most complete OpenSSL wrapper -- [NetworkX](http://networkx.lanl.gov/): graph library (edges, nodes) +- [NetworkX](https://networkx.org): graph library (edges, nodes) - [Pandas](http://pandas.pydata.org/): library providing high-performance, easy-to-use data structures and data analysis tools -- [pyparsing](http://pyparsing.wikispaces.com/): general parsing +- [pyparsing](https://pypi.org/project/pyparsing/): general parsing module - [lxml](http://lxml.de/): most feature-rich and easy-to-use library for working with XML and HTML in the Python language -- [Whoosh](https://bitbucket.org/mchaput/whoosh/): fast, featureful +- [Whoosh](https://github.com/whoosh-community/whoosh): fast, featureful full-text indexing and searching library implemented in pure Python - [Pexpect](https://github.com/pexpect/pexpect): control and automate other programs, similar to Don Libes \`Expect\` system -- [Sikuli](http://groups.csail.mit.edu/uid/sikuli/), visual technology +- [SikuliX](https://sikulix.github.io/docs/scripts/python/), visual technology to search and automate GUIs using screenshots. Scriptable in - [Jython](http://www.jython.org/) - [PyQt](http://www.riverbankcomputing.co.uk/software/pyqt) and [PySide](http://www.pyside.org/): Python bindings for the Qt application framework and GUI library @@ -307,11 +228,11 @@ err on the safe side. Python Programming for Hackers and Reverse Engineers. - [Black Hat Python](http://www.nostarch.com/blackhatpython) by Justin Seitz: Python Programming for Hackers and Pentesters -- [Python Penetration Testing Essentials](https://www.packtpub.com/networking-and-servers/python-penetration-testing-essentials) by Mohit: +- [Python Penetration Testing Essentials](https://github.com/PacktPublishing/Python-Penetration-Testing-Essentials-Second-Edition) by Mohit: Employ the power of Python to get the best out of pentesting -- [Python for Secret Agents](https://www.packtpub.com/hardware-and-creative/python-secret-agents) by Steven F. Lott. Analyze, encrypt, and uncover intelligence data using Python -- [Python Web Penetration Testing Cookbook](https://www.packtpub.com/networking-and-servers/python-web-penetration-testing-cookbook/) by Cameron Buchanan et al.: Over 60 Python recipes for web application testing -- [Learning Penetration Testing with Python](https://www.packtpub.com/networking-and-servers/learning-penetration-testing-python) by Christopher Duffy: Utilize Python scripting to execute effective and efficient penetration tests +- [Python for Secret Agents](https://www.packtpub.com/en-us/product/python-for-secret-agents-volume-ii-9781785283406) by Steven F. Lott. Analyze, encrypt, and uncover intelligence data using Python +- [Python Web Penetration Testing Cookbook](https://www.packtpub.com/en-us/product/python-web-penetration-testing-cookbook-9781784399900) by Cameron Buchanan et al.: Over 60 Python recipes for web application testing +- [Learning Penetration Testing with Python](https://www.packtpub.com/en-us/product/learning-penetration-testing-with-python-9781785289552) by Christopher Duffy: Utilize Python scripting to execute effective and efficient penetration tests - [Python Forensics](http://www.sciencedirect.com/science/book/9780124186767) by Chet Hosmer: A Workbench for Inventing and Sharing Digital Forensic Technology - [The Beginner's Guide to IDAPython](https://leanpub.com/IDAPython-Book) by Alexander Hanel @@ -324,10 +245,8 @@ err on the safe side. ### More stuff -- [SecurityTube Python Scripting Expert (SPSE)](http://www.securitytube-training.com/online-courses/securitytube-python-scripting-expert/) is an online course and certification offered by Vivek Ramachandran. -- SANS offers the course [SEC573: Python for Penetration Testers](http://www.sans.org/course/python-for-pen-testers). -- The [Python Arsenal for Reverse Engineering](http://pythonarsenal.erpscan.com/) - is a large collection of tools related to reverse engineering. +- [SecurityTube Python Scripting Expert (SPSE)](https://github.com/ioef/SPSE/) is an online course and certification offered by Vivek Ramachandran. +- SANS offers the course [SEC573: Automating Information Security with Python](https://www.sans.org/cyber-security-courses/automating-information-security-with-python/). - There is a SANS paper about Python libraries helpful for forensic analysis [(PDF)](http://www.sans.org/reading_room/whitepapers/incident/grow-forensic-tools-taxonomy-python-libraries-helpful-forensic-analysis_33453). - For more Python libaries, please have a look at From 57fbde0d6689a10470d054f9d4c4fa2b82f89df9 Mon Sep 17 00:00:00 2001 From: Dirk Loss Date: Thu, 2 Jan 2025 17:11:23 +0100 Subject: [PATCH 07/10] Remove talks section (obsolete) None of these links work anymore --- README.md | 5 ----- 1 file changed, 5 deletions(-) diff --git a/README.md b/README.md index 6f3339e..f2eecc6 100644 --- a/README.md +++ b/README.md @@ -238,11 +238,6 @@ err on the safe side. - [The Beginner's Guide to IDAPython](https://leanpub.com/IDAPython-Book) by Alexander Hanel - [Python for Offensive PenTest: A Practical Guide to Ethical Hacking and Penetration Testing Using Python](https://www.amazon.com/Python-Offensive-PenTest-practical-penetration/dp/1788838971) by Hussam Khrais -### Talks, slides and articles - -- [Python & Reverse Engineering Software](https://bitbucket.org/Alexander_Hanel/papers/raw/afa0228ffc53efc105a1fb632c4296f534a44429/Python%20&%20Reverse%20Engineering%20Software.pdf) by Alexander Hanel -- [Python Arsenal for Reverse Engineering](http://dsec.ru/upload/medialibrary/7d5/7d5e8a49b25b285b37800480a41583f8.pdf) by Dmitriy Evdokimov at RUCTF 2016 - ### More stuff - [SecurityTube Python Scripting Expert (SPSE)](https://github.com/ioef/SPSE/) is an online course and certification offered by Vivek Ramachandran. From 0be506b7f03772365a77b155184e33868fbee3cf Mon Sep 17 00:00:00 2001 From: Dirk Loss Date: Thu, 2 Jan 2025 17:11:50 +0100 Subject: [PATCH 08/10] Add some newer tools --- README.md | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index f2eecc6..c01ae5d 100644 --- a/README.md +++ b/README.md @@ -49,6 +49,8 @@ err on the safe side. enumerate Samba share drives across an entire domain - [Habu](https://github.com/portantier/habu): python network hacking toolkit +- [Mitm6](https://github.com/fox-it/mitm6): IPv6-based MITM tool that exploits IPv6 features to conduct man-in-the-middle attacks +- [AutoRecon](https://github.com/Tib3rius/AutoRecon): Multi-threaded network reconnaissance tool ### Debugging and reverse engineering @@ -86,6 +88,8 @@ err on the safe side. - [CHIPSEC](https://github.com/chipsec/chipsec): framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI), and platform components. +- [Ghidatron](https://github.com/mandiant/Ghidrathon): The FLARE team's open-source extension to add Python 3 scripting to Ghidra. +- [Unicorn Engine](https://www.unicorn-engine.org/): CPU emulator framework with Python bindings ### Fuzzing @@ -123,6 +127,8 @@ err on the safe side. proxy. Console interface allows traffic flows to be inspected and edited on the fly - [spidy](https://github.com/rivermont/spidy/): simple command-line web crawler with page downloading and word scraping +- [https://github.com/TrixSec/waymap](Waymap): web vulnerability scanner built for penetration testers +- [XSStrike](https://github.com/s0md3v/XSStrike): Advanced XSS detection suite ### Forensics @@ -149,6 +155,8 @@ err on the safe side. honeyclient implementation - [CapTipper](https://github.com/omriher/CapTipper): analyse, explore and revive HTTP malicious traffic from PCAP file +- [Cuckoo](https://github.com/cuckoosandbox/cuckoo): Automated malware analysis system +- [CAPE](https://github.com/kevoreilly/CAPEv2): Malware configuration and payload extraction ### PDF @@ -186,6 +194,11 @@ err on the safe side. - [hacklib](https://github.com/leonli96/python-hacklib): Toolkit for hacking enthusiasts: word mangling, password guessing, reverse shell and other simple tools +- [Certipy](https://github.com/ly4k/Certipy): Active Directory Certificate Services enumeration and abuse tool +- [BloodHound.py](https://github.com/fox-it/BloodHound.py): Python-based BloodHound ingestor for Active Directory security assessment +- [Angr](https://github.com/angr/angr): Powerful binary analysis framework for vulnerability research and exploit development +- [ScoutSuite](https://github.com/nccgroup/ScoutSuite): Multi-cloud security auditing tool + ### Other useful libraries and tools @@ -246,4 +259,3 @@ err on the safe side. [(PDF)](http://www.sans.org/reading_room/whitepapers/incident/grow-forensic-tools-taxonomy-python-libraries-helpful-forensic-analysis_33453). - For more Python libaries, please have a look at [PyPI](http://pypi.python.org/pypi), the Python Package Index. - From 77d0de0e832d80364a916192d7dda4aa9d2351df Mon Sep 17 00:00:00 2001 From: Dirk Loss Date: Thu, 2 Jan 2025 17:23:24 +0100 Subject: [PATCH 09/10] Improve sorting --- README.md | 57 ++++++++++++++++++++++++++++--------------------------- 1 file changed, 29 insertions(+), 28 deletions(-) diff --git a/README.md b/README.md index c01ae5d..90053b9 100644 --- a/README.md +++ b/README.md @@ -22,22 +22,28 @@ err on the safe side. - [Scapy](https://scapy.net): send, sniff and dissect and forge network packets. Usable interactively or as a library -- [pypcap](https://github.com/dugsong/pypcap), - [Pcapy](https://github.com/helpsystems/pcapy), - [Pcapy-NG](https://github.com/stamparm/pcapy-ng) and - [libpcap](https://pypi.org/project/libpcap/): several different - Python bindings for libpcap -- [libdnet](https://github.com/ofalk/libdnet/): low-level networking - routines, including interface lookup and Ethernet frame transmission -- [dpkt](https://github.com/kbandla/dpkt): fast, simple packet - creation/parsing, with definitions for the basic TCP/IP protocols - [Impacket](http://oss.coresecurity.com/projects/impacket.html): craft and decode network packets. Includes support for higher-level protocols such as NMB and SMB +- [SMBMap](https://github.com/ShawnDEvans/smbmap): + enumerate Samba share drives across an entire domain +- [dpkt](https://github.com/kbandla/dpkt): fast, simple packet + creation/parsing, with definitions for the basic TCP/IP protocols +- [AutoRecon](https://github.com/Tib3rius/AutoRecon): Multi-threaded network reconnaissance tool +- [Mitm6](https://github.com/fox-it/mitm6): IPv6-based MITM tool that exploits IPv6 features to conduct man-in-the-middle attacks +- [Habu](https://github.com/portantier/habu): + python network hacking toolkit - [Knock Subdomain Scan](https://github.com/guelfoweb/knock), enumerate subdomains on a target domain through a wordlist - [SubBrute](https://github.com/TheRook/subbrute), fast subdomain enumeration tool +- [pypcap](https://github.com/dugsong/pypcap), + [Pcapy](https://github.com/helpsystems/pcapy), + [Pcapy-NG](https://github.com/stamparm/pcapy-ng) and + [libpcap](https://pypi.org/project/libpcap/): several different + Python bindings for libpcap +- [libdnet](https://github.com/ofalk/libdnet/): low-level networking + routines, including interface lookup and Ethernet frame transmission - [Mallory](https://github.com/intrepidusgroup/mallory), extensible TCP/UDP man-in-the-middle proxy, supports modifying non-standard protocols on the fly @@ -45,15 +51,17 @@ err on the safe side. framework (shipped with more than 300 tests) - [Spoodle](https://github.com/vjex/spoodle): A mass subdomain + poodle vulnerability scanner -- [SMBMap](https://github.com/ShawnDEvans/smbmap): - enumerate Samba share drives across an entire domain -- [Habu](https://github.com/portantier/habu): - python network hacking toolkit -- [Mitm6](https://github.com/fox-it/mitm6): IPv6-based MITM tool that exploits IPv6 features to conduct man-in-the-middle attacks -- [AutoRecon](https://github.com/Tib3rius/AutoRecon): Multi-threaded network reconnaissance tool ### Debugging and reverse engineering +- [Frida](http://www.frida.re/): A dynamic instrumentation framework which can + inject scripts into running processes +- [Capstone](http://www.capstone-engine.org/): lightweight + multi-platform, multi-architecture disassembly framework with Python + bindings +- [Unicorn Engine](https://www.unicorn-engine.org/): CPU emulator framework with Python bindings +- [Androguard](https://github.com/androguard/androguard): reverse + engineering and analysis of Android applications - [Paimei](https://github.com/OpenRCE/paimei): reverse engineering framework, includes [PyDBG](https://github.com/OpenRCE/pydbg), PIDA, pGRAPH @@ -71,16 +79,9 @@ err on the safe side. Microsoft Windows Debugging Engine - [diStorm](https://github.com/gdabah/distorm): disassembler library for AMD64, licensed under the BSD license -- [Frida](http://www.frida.re/): A dynamic instrumentation framework which can - inject scripts into running processes - [python-ptrace](http://python-ptrace.readthedocs.org/): debugger using ptrace (Linux, BSD and Darwin system call to trace processes) written in Python -- [Androguard](https://github.com/androguard/androguard): reverse - engineering and analysis of Android applications -- [Capstone](http://www.capstone-engine.org/): lightweight - multi-platform, multi-architecture disassembly framework with Python - bindings - [Keystone](http://www.keystone-engine.org): lightweight multi-platform, multi-architecture assembler framework with Python bindings - [PyBFD](https://github.com/Groundworkstech/pybfd/): Python interface @@ -89,7 +90,6 @@ err on the safe side. security of PC platforms including hardware, system firmware (BIOS/UEFI), and platform components. - [Ghidatron](https://github.com/mandiant/Ghidrathon): The FLARE team's open-source extension to add Python 3 scripting to Ghidra. -- [Unicorn Engine](https://www.unicorn-engine.org/): CPU emulator framework with Python bindings ### Fuzzing @@ -112,6 +112,7 @@ err on the safe side. ### Web +- [XSStrike](https://github.com/s0md3v/XSStrike): Advanced XSS detection suite - [Requests](https://requests.readthedocs.io/): elegant and simple HTTP library, built for human beings - [lxml](http://lxml.de/index.html): easy-to-use library for processing XML and HTML; similar to Requests @@ -128,7 +129,7 @@ err on the safe side. edited on the fly - [spidy](https://github.com/rivermont/spidy/): simple command-line web crawler with page downloading and word scraping - [https://github.com/TrixSec/waymap](Waymap): web vulnerability scanner built for penetration testers -- [XSStrike](https://github.com/s0md3v/XSStrike): Advanced XSS detection suite + ### Forensics @@ -160,6 +161,8 @@ err on the safe side. ### PDF +- [pdfminer.six](https://github.com/pdfminer/pdfminer.six): + extract text from PDF files - [peepdf-3](https://github.com/digitalsleuth/peepdf-3): Python tool to analyse and explore PDF files to find out if they can be harmful - [Didier Stevens' PDF @@ -167,11 +170,11 @@ err on the safe side. identify and create PDF files - [pyPDF](https://pypdf.readthedocs.io/): pure Python PDF toolkit: extract info, spilt, merge, crop, encrypt, decrypt... -- [pdfminer.six](https://github.com/pdfminer/pdfminer.six): - extract text from PDF files ### Misc +- [Angr](https://github.com/angr/angr): Powerful binary analysis framework for vulnerability research and exploit development +- [ScoutSuite](https://github.com/nccgroup/ScoutSuite): Multi-cloud security auditing tool - [Exomind](https://github.com/jio-gl/exomind): framework for building decorated graphs and developing open-source intelligence modules and ideas, centered on social network services, @@ -196,8 +199,6 @@ err on the safe side. reverse shell and other simple tools - [Certipy](https://github.com/ly4k/Certipy): Active Directory Certificate Services enumeration and abuse tool - [BloodHound.py](https://github.com/fox-it/BloodHound.py): Python-based BloodHound ingestor for Active Directory security assessment -- [Angr](https://github.com/angr/angr): Powerful binary analysis framework for vulnerability research and exploit development -- [ScoutSuite](https://github.com/nccgroup/ScoutSuite): Multi-cloud security auditing tool ### Other useful libraries and tools From d0ef08df944c7fb13bc03d0acd3ea082d7fe64b5 Mon Sep 17 00:00:00 2001 From: Jean NZONZIDI Date: Mon, 14 Apr 2025 19:45:15 +0100 Subject: [PATCH 10/10] Update README.md (Fixes #15) --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 90053b9..f88c945 100644 --- a/README.md +++ b/README.md @@ -51,6 +51,7 @@ err on the safe side. framework (shipped with more than 300 tests) - [Spoodle](https://github.com/vjex/spoodle): A mass subdomain + poodle vulnerability scanner +- [BloodHound.py](https://github.com/dirkjanm/BloodHound.py): Python alternative to BloodHound for AD enumeration, Mapping attack paths in AD. ### Debugging and reverse engineering