References
Contributors
GitBook Desktop Editor
How to GitBook [Videos]
Markdown [Documentations]
Beginner
Sites, Topics and Articles
Hacking Tools built with ruby
Metasploit framework - Exploitation framework [ link ]
Beef framework - XSS framework [ link ]
Arachni - Web Application scanner framework [ link ]
Metasm - Assembly manipulation suite [ link ]
WPscan - WordPress vulnerability scanner [ link ]
WPXF - Wordpress Exploit Framework [ link ]
BufferOverflow kit - Exploitation tool Kit [ link ]
HTTP Traceroute [ link ]
CeWL - Custom Word List generator [ link ]
Ronin - Vulnerability research and exploit development framework [ link ]
Idb - Simplifys some common tasks for iOS pentesting & research [ link ]
Bettercap - Extensible MitM tool and framework [ link ]
WATOBO - The Web Application Security Toolbox [ link ]
Intrigue.io - Open Source project, discovering attack surface through OSINT [ link ]
OhNo - The Evil Image Builder & Meta Manipulator [ link ]
WhatWeb - Website Fingerprinter [ link ]
Relyze - reverse engineer similar to IDA-Pro supports Ruby plugins [ link ]
Capstone - multi-platform, multi-architecture disassembly framework supports Ruby [ link ]
Rabid - A CLI tool and library allowing to simply decode all kind of BigIP cookies [ link ]
Haiti - A CLI tool and library to identify the hash type of a given hash [ link ]
ctf-party - A library to enhance and speed up script/exploit writing for CTF players [ link ]
itdis - A small tool that allows you to check if a list of domains you have been provided is in the scope of your pentest or not. [ link ]
nvd_feed_api - A simple ruby API/library for managing NVD CVE feeds. The API will help you to download and manage NVD Data Feeds, search for CVEs, build your vulnerability assessment platform or vulnerability database. [ link ]
VBSmin - VBScript minifier CLI tool and library [ link ]
Pass Station - CLI & library to search for default credentials among thousands of Products / Vendors [ link ]
vrt-cli - A simple tool to visualize VRT (Vulnerability Rating Taxonomy) from the CLI [ link ]
TLS map - CLI & library for mapping TLS cipher algorithm names: IANA, OpenSSL, GnuTLS, NSS [ link ]
Fingerprinter - CMS/LMS/Library etc Versions Fingerprinter [ link ]
API-fuzzer - API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities [ link ]
oxml_xxe - Tool for embedding XXE/XML exploits into different filetypes (docx/xlsx, odt/ods, svg, xml, etc.) [ link ]
SSRF Proxy - Facilitates tunneling HTTP communications through servers vulnerable to SSRF [ link ]
XXEinjector - Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods [ link ]
envizon - Network visualization & vulnerability management/reporting [ link ]
HellRaiser - Vulnerability Scanner [ link ]
YASUO - A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network [ link ]
Evil-WinRM - WinRM shell for hacking/pentesting enhanced with a lot of features [ link ]
apullo - A scanner for taking basic fingerprints [ link ]
Pipal - Password analyser and statistics generator [ link ]
PacketFu - mid-level packet manipulation library for reading and writing packets to an interface or to a libpcap-formatted file [ link ]
PacketGen - library to generate, send and capture network packets [ link ]
ssllabs.rb - library for Qualys SSL Labs API, SSL/TLS security analysis [ link ]
XSpear - XSS scanning and parameter analysis tool [ link ]
Intrigue Core - framework for discovering attack surface [ link ]
BQM - Deduplicate custom BloudHound queries from different datasets and merge them in one customqueries.json file. [ link ]
DC Detector - Spot all domain controllers in a Microsoft Active Directory environment; find computer name, FQDN, and IP address(es) of all DCs [ link ]
kh2hc - Convert OpenSSH known_hosts file hashed with HashKnownHosts to hashes crackable by Hashcat [ link ]
Source Code Analysis Tools (SAST)
[ADD YOUR RUBY HACKING TOOL HERE!]
Last updated