Zaproxy - An easy to use integrated penetration testing tool for finding vulnerabilities

•    Java

The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox.

caldera - An automated adversary emulation system

•    Python

CALDERA is an automated adversary emulation system that performs post-compromise adversarial behavior within Windows Enterprise networks. It generates plans during operation using a planning system and a pre-configured adversary model based on the Adversarial Tactics, Techniques & Common Knowledge (ATT&CK™) project. These features allow CALDERA to dynamically operate over a set of systems using variable behavior, which better represents how human adversaries perform operations than systems that follow prescribed sequences of actions. CALDERA is useful for defenders who want to generate real data that represents how an adversary would typically behave within their networks. Since CALDERA's knowledge about a network is gathered during its operation and is used to drive its use of techniques to reach a goal, defenders can get a glimpse into how the intrinsic security dependencies of their network allow an adversary to be successful. CALDERA is useful for identifying new data sources, creating and refining behavioral-based intrusion detection analytics, testing defenses and security configurations, and generating experience for training.

Sqlmap - Automatic SQL injection and database takeover tool

•    Python

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

Nogotofail - Network Security Testing Tool

•    Python

Nogotofail is a network security testing tool designed to help developers and security researchers spot and fix weak TLS/SSL connections and sensitive cleartext traffic on devices and applications in a flexible, scalable, powerful way. It includes testing for common SSL certificate verification issues, HTTPS and TLS/SSL library bugs, SSL and STARTTLS stripping issues, cleartext issues, and more.

Beef - Browser Exploitation Framework

•    Javascript

BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser.

OneFuzz - A self-hosted Fuzzing-As-A-Service platform

•    Rust

OneFuzz framework, an open source developer tool to find and fix bugs at scale. Fuzz testing is a highly effective method for increasing the security and reliability of native code—it is the gold standard for finding and removing costly, exploitable security flaws. Traditionally, fuzz testing has been a double-edged sword for developers: mandated by the software-development lifecycle, highly effective in finding actionable flaws, yet very complicated to harness, execute, and extract information from.

Kubescape is the first tool for testing if Kubernetes is deployed securely as defined in Kubernetes Hardening Guidance by NSA and CISA

•    Go

Kubescape is the first tool for testing if Kubernetes is deployed securely as defined in Kubernetes Hardening Guidance by NSA and CISA Tests are configured with YAML files, making this tool easy to update as test specifications evolve.

Metasploit Framework - World's most used penetration testing software

•    Ruby

Metasploit, helps verify vulnerabilities and manage security assessments. It makes it easy to automate all phases of a penetration test, from choosing the right exploits to streamlining evidence collection and reporting.

Pown.js - Security testing and exploitation toolkit built on top of Node.js and NPM

•    Javascript

Pown.js is a security testing and exploitation toolkit built on top of Node.js and NPM. Unlike traditional security tools like Metasploits, Pown.js considers frameworks to be an anti-pattern. Therefore, each module in Pown is in fact a standalone NPM module allowing greater degree of reuse and flexibility. Creating new modules is a matter of publishing to NPM and tagging it with the correct tags. The rest is handled automatically.

habu - Python Network Hacking Toolkit

•    Python

I'm developing Habu to teach (and learn) some concepts about Python and Network Hacking. These are basic functions that help with some tasks for Ethical Hacking and Penetration Testing.

apk-medit - memory search and patch tool on debuggable apk without root & ndk

•    Go

Apk-medit is a memory search and patch tool for debuggable apk without root & ndk. It was created for mobile game security testing. Many mobile games have rooting detection, but apk-medit does not require root privileges, so memory modification can be done without bypassing the rooting detection. Memory modification is the easiest way to cheat in games, it is one of the items to be checked in the security test. There are also cheat tools that can be used casually like GameGuardian. However, there were no tools available for non-root device and CUI. So I made it as a security testing tool. The version that targets iOS apps is aktsk/ipa-medit.

Taipan - Web application security scanner

•    F#

If you want to try the dev version of Taipan without to wait for an official release, you can download the build version. This version is built every time that a commit is done and the build process is not broken. You can download it from the Artifacts Directory.

input-field-finder - Spiders given URLs for input fields.

•    Go

Spiders the domain of a single URL or a set or URLs and prints out all <input> elements found on the given domain and scheme (http/https). Input fields are the most common vector/sink for web application vulnerabilities. I wrote this tool to help automate the reconnaissance phase when testing web applications for security vulnerabilities.

asoc-devops-tooling - This project will provide DevOps automation in the form of snippets, sample apps, and plugins in support of integrating with IBM Application Security on Cloud for automated security scans of software projects using popular tools and frameworks across the DevOps landscape

•    Groovy

This project will provide DevOps automation in the form of snippets, sample apps, and plugins in support of integrating with IBM Application Security on Cloud for automated security scans of software projects using popular tools and frameworks across the DevOps landscape. SaaS solution helping teams perform static, dynamic and mobile application security testing in the Cloud, letting you detect and fix security vulnerabilities early in the DevOps pipeline.

owasp-zap-glue-ci-images - Ready to use images of Zap and Glue, especially for CI integration.

•    Shell

OWASP Zap is a great security tool that can easily be used in a CI/CD environment. Glue is another tool from OWASP that aimed to ease the integration of security tools into CI. You can read more in this blog post, where I've explained how to easily integrate Zap and Glue into CI/CD pipeline and build a valuable security tests. This repo contains images that make the process of integrating Zap and Glue into the ci simpler, by setting up various configuration that are required for the integration. The code is based on the work done by Nataly Shrits, on Tweek project.

honggfuzz-rs - Fuzz your Rust code with Google-developped Honggfuzz !

•    Rust

Honggfuzz is a security oriented fuzzer with powerful analysis options. Supports evolutionary, feedback-driven fuzzing based on code coverage (software- and hardware-based).

watchdog - Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

•    Python

Watchog is an integration of open source security tools aimed to provide a holistic security view for a given domain/IP. The way Watchdog is built, it can be used by product security teams, red teams and also by bug bounty hunters to get a 360° view of any Internet property it scans. Given a list of domains/IP's it has the capability to perform a network scan, feed the output to open source web app scanners like Google's skip-fish and wapiti, perform tech stack analysis and determine if the stack has any known CVE’s. WatchDog has the ability to scan all endpoints and perform technology version analysis on the services it detects and map this information with it’s rich CVE database maintained and updated locally.

boxxy-rs - Linkable sandbox explorer

•    Rust

"If you implement boundaries and nobody is around to push them, do they even exist?". Have you ever wondered how your sandbox looks like from the inside? Tempted to test if you can escape it, if only you had a shell to give it a try? boxxy is a library that can be linked into a debug build of an existing program and drop you into an interactive shell. From there you can step through various stages of your sandbox and verify it actually contains™. Just put a dev-dependencies in your Cargo.toml and copy examples/boxxy.rs to your examples/ folder. Modify to include your sandbox.

mobsf-ci - All that is required to run MobSF in the ci

•    Shell

This repo contains all the is required to run MobSF in the CI. MobSF is a security tool that can scan APK/IPA and report various security issues. By running it in the CI, you can find those issues earlier, and fix them. To learn more about what it MobSF and what it can detect, checkout the blog post. To parse the report, use Glue - see in the next section how.

HolisticInfoSec-For-WebDevelopers-Fascicle2 - :books: IoT :lock: Mobile :books:

The contents of Fascicle 2 that's a work in progress is listed below, and can be found at the books landing page. If there is something you would like to see included in this fascicle, please submit an issue for consideration.