List of applications

This is my categorization for a lot of interesting webs and applications. Feel free to contribute (in the last section you can see how)

Android

• Andriller: Android Forensic Tools

Ansible

• Awesome Ansible: List of Ansible resources
• Awesome Ansible: List of Ansible resources

Ceh

• Certified Ethical Hacker (CEH) online practice exam: Practice exam for the CEH.

Cheatsheets

• Slyth11907 CheatSheets: CheatSheets to help for OSCP preparation.

Crawler

• HTTrack: Web crawler to mirror a remote page

Devops

• Ansible: Simple but powerful provisioning tool.
• Chef: Provisioning tool based on recipes.
• Puppet: Declarative provisioning tool.
• Salt Stack: Remote code execution and provisioning tool.

Dns

• Dnslog: Allows to create temporal subdomains, logging all accesses
• Ping.eu: Collection of network tools to be run remotely from the web.

Documentation

• eGarante: Digital certification of files, emails, etc. to exchange information

Dorks

• DorkMe: Tool designed with the purpose of making easier the searching of vulnerabilities with Google Dorks, such as SQL Injection vulnerabilities.
• GitMiner: Tool for advanced mining for content on Github

Email

• Email Tracker Pro: Tool to extract details about email headers.
• Getnada: Anonymous emails
• Minimail: Anonymous emails
• mxtoolbox: Web tool to list MX records for a domain in priority order.
• Tempail: Anonymous emails

Exam

• Test your Sysadmin Skills: A collection of *nix Sysadmin Test Questions and Answers for Interview/Exam (2018 Edition). Test your knowledge in different fields with these Q/A.

Fingerprint

• wafw00f: Identify and fingerprint Web Application Firewall (WAF) products protecting a website.

Firewall

• wafw00f: Identify and fingerprint Web Application Firewall (WAF) products protecting a website.

Forensic

• Andriller: Android Forensic Tools
• eGarante: Digital certification of files, emails, etc. to exchange information

Images

• Tineye: Search images in Internet.

Insecure

• Zone-H: Hacked sites compilation

Learning

• Adon90 pentest_compilation: Compilation of commands, tips and scripts to help throughout Vulnhub, Hackthebox, OSCP and real scenarios
• Burntmybagel OSCP-Prep: List of resources to prepare OSCP exam.
• Certified Ethical Hacker (CEH) online practice exam: Practice exam for the CEH.
• Rewardone OSCPRepo: A list of commands, scripts, resources, and more gathered to consolidate for use as OSCP study material
• Test your Sysadmin Skills: A collection of *nix Sysadmin Test Questions and Answers for Interview/Exam (2018 Edition). Test your knowledge in different fields with these Q/A.

Malware

• VXVault: Page to get malware for investigation purposes.

Metadata

• Exiftool: platform-independent Perl library plus a command-line application for reading, writing and editing meta information in a wide variety of files
• Foca: Fingerprinting Organizations with Collected Archives: is a tool used mainly to find metadata and hidden information in the documents its scans
• Metagoofil: information gathering tool designed for extracting metadata of public documents.

Meterpreter

• Hershell: Simple TCP reverse shell written in Go.

Monitoring

• Homer: SIP / VoIP Packet Capture & Monitoring.

Network

• ActiveWhois: Network tool for Windows to find any information about the owners of IP address or Internet domain
• Fping: Program to send ICMP echo probes to network hosts, similar to ping, but much better performing when pinging multiple hosts- Homer: SIP / VoIP Packet Capture & Monitoring.
• Internic Whois Search: Entrypoint to search information about Whois
• Ping.eu: Collection of network tools to be run remotely from the web.
• traceroute: Tool to print the route packets trace to network host.
• tracert: Traceroute for Windows.
• Whatweb: Identify the technology stack that powers a website and explore the Web of Things.
• whois: Internet domain name and network number directory service
• Whoises: Entrypoint to search information about Whois

Nslookup

• dig: network administration command-line tool for querying Domain Name System (DNS) servers.
• DNSenum: Multithreaded perl script to enumerate DNS information of a domain and to discover non-contiguous ip blocks
• dnsrecon: DNS Enumeration Script
• mxtoolbox: Web tool to list MX records for a domain in priority order.
• nslookup: Network administration command-line tool available for many computer operating systems for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record.
• Ping.eu: Collection of network tools to be run remotely from the web.

Oscp

• Adon90 pentest_compilation: Compilation of commands, tips and scripts to help throughout Vulnhub, Hackthebox, OSCP and real scenarios
• Burntmybagel OSCP-Prep: List of resources to prepare OSCP exam.
• Rewardone OSCPRepo: A list of commands, scripts, resources, and more gathered to consolidate for use as OSCP study material
• Slyth11907 CheatSheets: CheatSheets to help for OSCP preparation.

Osint

• ActiveWhois: Network tool for Windows to find any information about the owners of IP address or Internet domain
• Automater: URL/Domain, IP Address, and Md5 Hash OSINT tool aimed at making the analysis process easier for intrusion Analysts.
• Awesome OSINT: This is a maintained collection of free actionable resources for those conducting OSINT investigations.
• dig: network administration command-line tool for querying Domain Name System (DNS) servers.
• DNSenum: Multithreaded perl script to enumerate DNS information of a domain and to discover non-contiguous ip blocks
• dnsrecon: DNS Enumeration Script
• DorkMe: Tool designed with the purpose of making easier the searching of vulnerabilities with Google Dorks, such as SQL Injection vulnerabilities.
• Email Tracker Pro: Tool to extract details about email headers.
• Exiftool: platform-independent Perl library plus a command-line application for reading, writing and editing meta information in a wide variety of files
• Foca: Fingerprinting Organizations with Collected Archives: is a tool used mainly to find metadata and hidden information in the documents its scans
• Fping: Program to send ICMP echo probes to network hosts, similar to ping, but much better performing when pinging multiple hosts- GitMiner: Tool for advanced mining for content on Github
• HTTrack: Web crawler to mirror a remote page
• Internic Whois Search: Entrypoint to search information about Whois
• Maltego: Visual link analysis tool with tons of plugins to perform data mining and information gathering
• Metagoofil: information gathering tool designed for extracting metadata of public documents.
• Metasploit: Penetration testing framework
• Monitis traceroute: Visual Traceroute tool.
• mxtoolbox: Web tool to list MX records for a domain in priority order.
• MyIPSuite: Tool to track information about a web. May be discontinued.
• nslookup: Network administration command-line tool available for many computer operating systems for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record.
• One million tweet map: Web to search in tweeter and see the twit location realtime.
• Ping.eu: Collection of network tools to be run remotely from the web.
• recon-ng: Tool for gathering information with Metasploit look & feel.
• Spider Foot: reconnaissance tool that automatically queries over 100 public data sources (OSINT) to gather intelligence on IP addresses, domain names, e-mail addresses, names and more.
• theHarvester: Tool for gathering subdomain names, e-mail addresses, virtual hosts, open ports/ banners, and employee names from different public sources
• Whatweb: Identify the technology stack that powers a website and explore the Web of Things.
• whois: Internet domain name and network number directory service
• Whoises: Entrypoint to search information about Whois

Pentesting

• Metasploit: Penetration testing framework

Ping

• Fping: Program to send ICMP echo probes to network hosts, similar to ping, but much better performing when pinging multiple hosts

Provisioning

• Ansible: Simple but powerful provisioning tool.
• Chef: Provisioning tool based on recipes.
• Puppet: Declarative provisioning tool.
• Salt Stack: Remote code execution and provisioning tool.

Python

• Learn python: collection of Python scripts that are split by topics and contain code examples with explanations, different use cases and links to further readings.

Search engine

• Shodan: Search engine by devices properties: IP, protocols, ports, ...
• Tineye: Search images in Internet.

Security

• Automater: URL/Domain, IP Address, and Md5 Hash OSINT tool aimed at making the analysis process easier for intrusion Analysts.
• Awesome OSINT: This is a maintained collection of free actionable resources for those conducting OSINT investigations.
• Burp Suite: Security tool that helps to find vulnerabilities in web applications.
• Certified Ethical Hacker (CEH) online practice exam: Practice exam for the CEH.
• Dnslog: Allows to create temporal subdomains, logging all accesses
• eGarante: Digital certification of files, emails, etc. to exchange information
• Exiftool: platform-independent Perl library plus a command-line application for reading, writing and editing meta information in a wide variety of files
• Foca: Fingerprinting Organizations with Collected Archives: is a tool used mainly to find metadata and hidden information in the documents its scans
• GitMiner: Tool for advanced mining for content on Github
• Hershell: Simple TCP reverse shell written in Go.
• Maltego: Visual link analysis tool with tons of plugins to perform data mining and information gathering
• Metagoofil: information gathering tool designed for extracting metadata of public documents.
• Metasploit: Penetration testing framework
• One million tweet map: Web to search in tweeter and see the twit location realtime.
• OWASP ZAP: Security tool that helps to find vulnerabilities in web applications.
• Ping.eu: Collection of network tools to be run remotely from the web.
• recon-ng: Tool for gathering information with Metasploit look & feel.
• Shodan: Search engine by devices properties: IP, protocols, ports, ...
• Spider Foot: reconnaissance tool that automatically queries over 100 public data sources (OSINT) to gather intelligence on IP addresses, domain names, e-mail addresses, names and more.
• theHarvester: Tool for gathering subdomain names, e-mail addresses, virtual hosts, open ports/ banners, and employee names from different public sources
• Tineye: Search images in Internet.
• VXVault: Page to get malware for investigation purposes.
• wafw00f: Identify and fingerprint Web Application Firewall (WAF) products protecting a website.
• Whatweb: Identify the technology stack that powers a website and explore the Web of Things.

Spider

• Whatweb: Identify the technology stack that powers a website and explore the Web of Things.

Testing

• Burp Suite: Security tool that helps to find vulnerabilities in web applications.
• OWASP ZAP: Security tool that helps to find vulnerabilities in web applications.

Traceroute

• Monitis traceroute: Visual Traceroute tool.
• Ping.eu: Collection of network tools to be run remotely from the web.
• traceroute: Tool to print the route packets trace to network host.
• tracert: Traceroute for Windows.

Tutorial

• Learn python: collection of Python scripts that are split by topics and contain code examples with explanations, different use cases and links to further readings.

Virtual machine

• ADGuard: ISOs and virtual machines with Windows.
• Microsoft Virtual Machines: Windows virtual machines provided by Microsoft for different hypervisors, like Virtualbox, VMWare, HyperV or Parallels.

Voip

• Homer: SIP / VoIP Packet Capture & Monitoring.

Web

• ActiveWhois: Network tool for Windows to find any information about the owners of IP address or Internet domain
• Automater: URL/Domain, IP Address, and Md5 Hash OSINT tool aimed at making the analysis process easier for intrusion Analysts.
• Burp Suite: Security tool that helps to find vulnerabilities in web applications.
• dig: network administration command-line tool for querying Domain Name System (DNS) servers.
• DNSenum: Multithreaded perl script to enumerate DNS information of a domain and to discover non-contiguous ip blocks
• dnsrecon: DNS Enumeration Script
• Exiftool: platform-independent Perl library plus a command-line application for reading, writing and editing meta information in a wide variety of files
• Foca: Fingerprinting Organizations with Collected Archives: is a tool used mainly to find metadata and hidden information in the documents its scans
• Hershell: Simple TCP reverse shell written in Go.
• Internic Whois Search: Entrypoint to search information about Whois
• Maltego: Visual link analysis tool with tons of plugins to perform data mining and information gathering
• Metagoofil: information gathering tool designed for extracting metadata of public documents.
• Monitis traceroute: Visual Traceroute tool.
• MyIPSuite: Tool to track information about a web. May be discontinued.
• nslookup: Network administration command-line tool available for many computer operating systems for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record.
• OWASP ZAP: Security tool that helps to find vulnerabilities in web applications.
• Ping.eu: Collection of network tools to be run remotely from the web.
• Spider Foot: reconnaissance tool that automatically queries over 100 public data sources (OSINT) to gather intelligence on IP addresses, domain names, e-mail addresses, names and more.
• wafw00f: Identify and fingerprint Web Application Firewall (WAF) products protecting a website.
• Whatweb: Identify the technology stack that powers a website and explore the Web of Things.
• whois: Internet domain name and network number directory service
• Whoises: Entrypoint to search information about Whois

Whois

• ActiveWhois: Network tool for Windows to find any information about the owners of IP address or Internet domain
• Internic Whois Search: Entrypoint to search information about Whois
• Ping.eu: Collection of network tools to be run remotely from the web.
• whois: Internet domain name and network number directory service
• Whoises: Entrypoint to search information about Whois

Contribute

Three easy steps:

• Edit the apps.yaml file. It is very easy. Try to reuse as many tags as possible. New apps must be inserted at the end.
• Run make. This will download the taggeator.py program and will execute it overriding the README.md file.
• Make a pull-request.