= Tools list = (Credits to ka0labs blog.ka0labs.net and some others) = Reversing / Exploiting = == Multiplatform == - [$] IDA Pro - gdb - PEDA - pyGDB - r2 - Hopper - XXD == Windows == - Inmunity + Mona.py - Olly - Ollydump - APImonitor - http://www.rohitab.com/apimonitor === .NET === - ILSpy - https://github.com/icsharpcode/ILSpy - dotPeek - https://www.jetbrains.com/decompiler/ - JustDecompile - http://www.telerik.com/products/decompiler.aspx == Linux / OSX == - Checksec.sh - https://github.com/slimm609/checksec.sh - Qira - https://github.com/BinaryAnalysisPlatform/qira == Android == - jadx - Apkstudio - AndroGuard - Xposed Framework - IntentFuzzer - Qark - MobSF - https://github.com/ajinabraham/Mobile-Security-Framework-MobSF == iOS == - Cycript - gdb - Clutch - [$] Flex - ROPGadget = Stego = - DTMF (http://dialabc.com/sound/detect/) - Audacity - GIMP - Outguess - Steghide - PNGCheck - Stegsolve - Zsteg - StegDetect - Baudline = Web = - SQLMap - Live HTTP Headers // Add-on para firefox - Burp Suite - Nikto - DirBuster - IIS ShortName Scanner // https://github.com/irsdl/iis-shortname-scanner/ - mysqlUDF (https://github.com/mysqludf/lib_mysqludf_sys) = Network = - Wireshark - tcpdump - NetWorkMiner = Cracking / cryptotools = - HashPump - John The Ripper - HashCat - Trucrack - SIPCrack - Hash Algorithm Identifier ( https://github.com/AnimeshShaw/Hash-Algorithm-Identifier ) - Aircrack - Auto analysis of ciphertext - https://quipqiup.com/ - Cryptool - http://rumkin.com/tools/ - Identifying Unknown Ciphers - http://practicalcryptography.com/cryptanalysis/text-characterisation/identifying-unknown-ciphers/ = Dictionaries = - www.skullsecurity.org - red.cow.cat/dicts = Forensics = - BinWalk - Autopsy - Volatility - Peepdf - Foremost - Scalpel