新闻媒体网站目录
Penetration Testing Tools Cheat Sheet
Welcome to HighOn.Coffee a Security Research and Penetration Testing Site, containing CTF walkthroughs and useful information.Penetration Testing Tools Cheat Sheet https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/
点击进入 - 2022-05-01 - 收藏BeEF - The Browser Exploitation Framework Project
BeEF is a security tool, allowing a penetration tester or system administrator additional attack vectors when assessing the posture of a target
点击进入 - 2022-05-01 - 收藏Wifiphisher 官网
Wifiphisher is a rogue Access Point framework for conducting red team engagements or Wi-Fi security testing. Using Wifiphisher, penetration testers can easily achieve a man-in-the-middle position against wireless clients by performing targeted Wi-Fi association attacks. Wifiphisher can be further used to mount victim-customized web phishing attacks against the connected clients in order to capture credentials (e.g. from third party login pages or WPA/WPA2 Pre-Shared Keys) or infect the victim stations with malwares.
点击进入 - 2022-05-01 - 收藏Sqlmap 官网
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
点击进入 - 2022-05-01 - 收藏OWASP ZAP 官网
ZAP则是OWASP里的工具类项目,也是旗舰项目,全称是OWASP Zed attack proxy,是一款web application 集成渗透测试和漏洞工具,同样是免费开源跨平台的。
点击进入 - 2022-05-01 - 收藏Aircrack-ng 官网
Aircrack-ng is a complete suite of tools to assess WiFi network security.Aircrack-ng是那种,渗透测试人员不仅知道,且只要评估无线网络,就会经常用到的工具。Aircrack-ng是无线评估工具套装,覆盖数据包捕捉和攻击。
点击进入 - 2022-05-01 - 收藏UltraEdit 中文官网
UltraEdit 是一套功能强大的文本编辑器,可以编辑文本、十六进制、ASCII 码,完全可以取代记事本(如果电脑配置足够强大),内建英文单字检查、C++ 及 VB 指令突显,可同时编辑多个文件,而且即使开启很大的文件速度也不会慢。UltraSentry is a privacy tool designed for military-grade file/folder deletion, as well as browser and registry cleanup
点击进入 - 2022-05-01 - 收藏TCPDUMP 官网
This is the home web site of tcpdump, a powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture. Here you can find the latest stable version of tcpdump and libpcap, as well as current development versions, a complete documentation, and information about how to report bugs or contribute patches.
点击进入 - 2022-05-01 - 收藏