1、Android,iOS和移動黑客
易受攻擊的iOS應用程序:Swift版
https://github.com/prateek147/DVIA-v2
2、代碼評估
OWASP依賴性檢查
https://github.com/jeremylong/DependencyCheck
美洲獅掃描
https://github.com/pumasecurity/puma-scan
3、加密
DeepViolet:SSL / TLS掃描API和工具
https://github.com/spoofzu/DeepViolet
4、數據取證和事件響應
初學者到專家
https://github.com/bro/bro
CyBot:開源威脅情報聊天機器人
https://github.com/CylanceSPEAR/CyBot
LogonTracer
https://github.com/JPCERTCC/LogonTracer
rastrea2r(重新加載!):用Gusto和Style收集和狩獵IOC
https://github.com/rastrea2r/rastrea2r
RedHunt OS(VM):用於對手仿真和威脅搜索的虛擬機
https://github.com/redhuntlabs/RedHunt-OS
5、剝削與道德黑客
AVET:AntiVirus Evasion Tool
https://github.com/govolution/avet
DSP:Docker安全遊樂場
https://github.com/giper45/DockerSecurityPlayground
hideNsneak:攻擊混淆框架
https://github.com/rmikehodges/hideNsneak
梅林
https://github.com/Ne0nd0g/merlin
RouterSploit
https://github.com/threat9/routersploit
6、硬件/嵌入式
ChipWhisperer
https://github.com/newaetech/chipwhisperer
JTAGulator :揭開硬件安全的致命弱點
https://github.com/grandideastudio/jtagulator
Micro-Renovator:將處理器固件帶入代碼
https://github.com/syncsrc/MicroRenovator
TumbleRF:RF模糊變得容易
https://github.com/riverloopsec/tumblerf
Walrus:充分利用您的卡片克隆設備
https://github.com/TeamWalrus/Walrus
7、物聯網
物聯網設備的可擴展動態分析框架
https://github.com/sycurelab/DECAF
BLE CTF項目
https://github.com/hackgnar/ble_ctf
WHID注射器和WHID Elite:新一代HID攻擊性設備
https://github.com/whid-injector/WHID
8、惡意軟件防禦
爲每位安全研究人員提供高級深度學習分析平臺
https://github.com/intel/Resilient-ML-Research-Platform
EKTotal
https://github.com/nao-sec/ektotal
固件審計:Blue Teams和DFIR的平臺固件安全自動化
https://github.com/PreOS-Security/fwaudit
MaliceIO
https://github.com/maliceio/malice
目標 – 參見MacOS安全工具
https://github.com/objective-see
9、惡意軟件進攻
BloodHound 1.5
https://github.com/BloodHoundAD/BloodHound
10、網絡攻擊
軍械庫
https://github.com/depthsecurity/armory
Chiron:一種先進的IPv6安全評估和滲透測試框架
https://github.com/aatlasis/Chiron
DELTA:SDN安全評估框架
https://github.com/OpenNetworkingFoundation/DELTA
Mallet:任意協議的攔截代理
https://github.com/sensepost/mallet
PowerUpSQL:用於在企業環境中攻擊SQL Server的PowerShell工具包
https://github.com/NetSPI/PowerUpSQL
WarBerryPi
https://github.com/secgroundzero/warberry
11、網絡防禦
ANWI(全新無線IDS):5美元的WIDS
https://github.com/SanketKarpe/anwi
CHIRON:基於家庭的網絡分析和機器學習威脅檢測框架
https://github.com/jzadeh/chiron-elk
雲安全套件:AWS / GCP / Azure安全審計的一站式工具
https://github.com/SecurityFTW/cs-suite
DejaVu:一個開源欺騙框架
https://github.com/bhdresh/Dejavu
O12、SINT – 開源智能
DataSploit 2.0
https://github.com/DataSploit/datasploit
Dradis 框架:瞭解如何將報告時間縮短一半
https://github.com/dradis/dradis-ce
13、逆向工程
Snake:惡意軟件存儲動物園
https://github.com/countercept/snake
14、智能電網/工業安全
GRFICS :工業控制模擬的圖形現實主義框架
https://github.com/djformby/GRFICS
15、漏洞評估
用於機器學習模型的對抗魯棒性工具箱
https://github.com/IBM/adversarial-robustness-toolbox
Android動態分析工具(ADA)
https://github.com/ANELKAOS/ada
射箭:開源漏洞評估和管理
https://github.com/archerysec/archerysec
boofuzz
https://github.com/jtpereyda/boofuzz
BTA
https://github.com/airbus-seclab/bta
深度利用
https://github.com/13o-bbr-bbq/machine_learning_security/tree/master/DeepExploit
Halcyon IDE:適用於Nmap腳本開發人員
https://github.com/s4n7h0/Halcyon
SimpleRisk
https://github.com/simplerisk
TROMMEL
https://github.com/CERTCC/trommel
16、Web AppSec
看看NGINX的ModSec 3.0:軟件Web應用程序防火牆
https://github.com/SpiderLabs/ModSecurity
Astra:REST API的自動安全測試
https://github.com/flipkart-incubator/Astra
Burp Replicator:自動化複雜漏洞的複製
https://github.com/PortSwigger/replicator
OWASP進攻性Web測試框架
https://github.com/owtf/owtf
OWASP JoomScan項目
https://github.com/rezasp/joomscan
WSSAT
https://github.com/YalcinYolalan/WSSAT
2018黑帽大會工具清單-Blackhat
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.