Outils à découvrir

• https://gchq.github.io/CyberChef/
• http://www.openvas.org/
• https://www.peerlyst.com/posts/the-complete-list-of-infosec-related-cheat-sheets-claus-cramon?lipi=urn%3Ali%3Apage%3Ad_flagship3_feed%3BwVllQAZDT4%2BVZ9OpqQD%2FcQ%3D%3D
• http://samair.ru/proxy/
• http://www.kitploit.com/2017/07/hydra-86-fast-and-flexible-network.html
• https://cirt.net/Nikto2
• https://github.com/rand0m1ze/ezsploit
• https://github.com/lennartkoopmann/nzyme
• https://portswigger.net/burp/
• http://search.carrot2.org/stable/search
• https://www.fireeye.com/cyber-map/threat-map.html
• http://map.norsecorp.com/#/
• http://rafale.org/
• ++ https://github.com/UnaPibaGeek/ctfr
• ++ mitmproxy : https://www.trustwave.com/Resources/SpiderLabs-Blog/Intercepting-SSL-And-HTTPS-Traffic-With-mitmproxy-and-SSLsplit/
• https://www.kitploit.com/2017/12/hyperfox-httphttps-mitm-proxy-and.html ← MITM!!
• https://github.com/RKX1209/kernel_exploit_world
• https://cybermap.kaspersky.com/stats/
• Tester de proxy ?
• https://crt.sh/
• https://github.com/0x4D31/awesome-threat-detection
• https://github.com/0x4D31/awesome-threat-detection
• http://torstatus.blutmagie.de/ip_list_exit.php/Tor_ip_list_EXIT.csv
• https://torflow.uncharted.software/#?ML=-43.2421875,16.720385051694,3
• https://requestb.in/ ← pour récupérer les cookie d'un site tiers via une XSS
• http://cyborg.ztrela.com/tools/
• http://rada.re/r/pics.html
• https://wtf.horse/2017/09/28/how-to-install-bleah-on-kali-linux/
• http://resources.infosecinstitute.com/use-firefox-browser-as-a-penetration-testing-tool-with-these-add-ons/
• https://vpn.ccrypto.org/
• http://www.forensicswiki.org/wiki/Libewf
• https://n0where.net/create-a-fake-ap-and-sniff-data-mitmap/
• https://github.com/hteso/iaito
• https://retdec.com
• https://pentestmag.com/product/creating-exploit-payloads-msfvenom-w31/
• Envoit de fichier anonyme ?
• https://hashcat.net/hashcat/
• https://n0where.net/open-source-osint-assistant-datasploit/
• http://amanda.secured.org/tools/
• http://securityaffairs.co/wordpress/60290/intelligence/nsa-github-account.html
• https://github.com/k4m4/onioff
• https://github.com/1N3/Findsploit
• https://practicalmalwareanalysis.com/fakenet/
• http://www.inetsim.org/features.html
• https://n0where.net/open-source-intelligence-automation-spiderfoot/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+n0where+%28CyberPunk%29
• https://vuldb.com/fr/?
• https://www.kali-linux.fr/tutoriels
• https://www.shodan.io/
• https://binary.ninja/
• https://crackstation.net/
• https://isc.sans.edu/tools/reversehash.html (reverse md5 ou sha1)
• http://www.synacktiv.com/fr/ressources.html
• https://www.cvedetails.com/
• TCP à travers DNS
• 15 vulnérabilité légale
• example pratique
• https://www.phrozensoft.com/freeware
• trouver le mot de passe vigenère cisco 7 : http://www.authsecu.com/decrypter-dechiffrer-cracker-password-cisco-7/script-password-cisco-7-launcher.php
• https://n0where.net/edit-and-replay-network-traffic-tcpreplay/
• https://www.undernews.fr/comparatifs-vpn
• https://kitctf.de/
• https://github.com/aboul3la/Sublist3r
• https://web.uppersafe.com/
• changer hostname: http://naeh.net/changer-le-hostname-dun-serveur-sous-debian/
• changer mac adresse : http://www.tux-planet.fr/modifier-ladresse-mac-dune-carte-reseau-sous-linux/
• https://legalhackers.com/
• https:​www.redpacketsecurity.com * http:​www.pentest-standard.org/​index.php/​Main_Page
• https://intel.malwaretech.com/
• http://www.kitploit.com/2017/06/pret-printer-exploitation-toolkit.html?utm_source=dlvr.it&utm_medium=twitter
• Base de donnée d'exploit : https://www.exploit-db.com/
• http://backgroundchecks.org/justdeleteme/
• https://github.com/rapid7/metasploit-framework
• https://www.bettercap.org/index.html#document-intro
• https://n0where.net/open-source-firewall-opnsense/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+n0where+%28CyberPunk%29
• https://github.com/Hironsan/BossSensor
• https://github.com/GNUFreetalk (client Jabber XMPP via terminal)
• https://securityheaders.io/?q=wiki.bruno-tatu.com&hide=on&followRedirects=on
• https://tamentis.com/
• http://www.kame.net/newsletter/20001119/
• https://ivre.rocks/
• https://n0where.net/professional-wifi-cracker-fluxion/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+n0where+%28CyberPunk%29
• https://www.dyne.org/software/tomb/
• http://www.hackingtutorials.org/exploit-tutorials/mingw-w64-how-to-compile-windows-exploits-on-kali-linux/
• https://wikileaks.org/ciav7p1/
• https://amiunique.org/fp

sqlmap -u "https://wiki.bruno-tatu.com/doku.php?id=wiki:cluster-ceph-kraken" --dbs --referer="http://wiki.bruno-tatu.com:80/doku.php" --user-agent="Opera/9.80 (X11; Linux i686; U; de) Presto/2.2.15 Version/10.00"
proxychains nc -nv 10.0.70.145 6697
pngcheck file.png
foremost -r file.png
md5sump file.png
fcracjzip -u -D -p /path/wordlist.txt file.zip
mount file.iso /mnt -o loop
base64 -d encoded > decoded
binwalk (binwalk -e 10_of_clubs.wav)
wfuzz -c --follow --hc 404 -z file,/path/wordlist.txt http://10.0.70.134:3500/FUZZ
apt install secure-delete && srm -rf /folder