0Day Windows 2020

0Day Windows 2020

############################
# VIP Tools
############################

Acunetix
Hotspot Shield
AppSpider 7
L0phtCrack 7 (Win64)
Asoftis IP Changer
Metasploit Console
Maltego xl
Avira Phantom VPN
Metasploit Web UI.url
Betternet
Micro Focus Fortify Audit Workbench
BlackBullet 2.1.6
Micro Focus Fortify Custom Rules Editor
BlackBullet 2.5.1
Micro Focus Fortify Scan Wizard
BurpSuite
Micro Focus Fortify-rule-dencrypt
CCProxy
Nessus Pro
Charles Proxy
Netsparker
Checkmarx Audit
Nipper Studio
Checkmarx Portal.url
OpenBullet
ChrisPC Anonymous Proxy Pro
Proxifier
Core Impact 19.1
ProxyCap
Elcomsoft Wireless Security Auditor
ReadyAPI
ExploitPack 14.0
WebCruiserWVS
Freedome
WebInspect 20.1.0
Gather Proxy
binaryninja
HCL AppScan Standard
cobaltstrike4.0


############################
# Antivirus Evasion Tools
############################

AVIATOR_x64
PSAttack
AVIator- Antivirus Evasion Project
PowerLessShell
CheckPlease
PowerShdll
DefenderCheck
PowerShell Armoury-Evading anti-virus
DotNetToJScript
StarFighters
Invoke-CradleCrafter
SysWhispers-AV-EDR evasion
Invoke-DOSfuscation
demiguise
Invoke-Obfuscation
nps
Invoke-Phant0m
pafishmacro
Macro Pack-Automatize Obfuscation & Generation of MS Office
tvasion - Anti virus evasion
PSAmsi
xencrypt-Anti-virus evasion Tool

############################
# Exploitation Tools
############################
ADAPE
PrivExchange
Access Metasploit Web UI.urlPrivescCheck Win -Privilege Escalation Enumeration
BSQLGUI
Privilege-Escalation-Awesome-Scripts-Suite
BetterBackdoor-create & Control a backdoor
ROADtools - Azure AD Exploration Framework
CVE-2019-1040-Scanner
ROADtools-GUI - Azure AD Exploration Framework
Chisel - Fast TCP tunnel over HTTP
RedTeam CSharp Scripts
Core Impact
RedTeam Powershell Scripts
CrackMapExecWin
Red_Team - Useful Scripts
CredsLeaker-credentials stealer
ReverseTCPShell- PowerShell ReverseTCP Shell
DAMP
RottenPotatoNG
DSSS-sql-injection
SQLmap
Dumpert
Sharp-Suite
Evil-Winrm-Ultimate WinRM shell for pentesting
SharpClipHistory
EvilClippy
SharpExchangePriv
EvilURL- Generate unicode domains
SharpExec
Eviloffice
SharpSploit
Exchange-AD-Privesc
Shellerator-bind-reverse shell Generater
ExploitMyUnion
Shuriken-XSS
ExploitPack 14.0
SpoolSample
GadgetToJScript
UACME
Generate-Macro
VBscan
GhostPackWebCruiserWVS
Goby - Attack surface mapping
WinScanX GUI
Invoke-ACLPwn
Windows Exploit Suggester
Invoke-DCOM
XSS-Loader Tools
Invoke-GoFetch
XSSpwn
Invoke-PSImage
XSSsniper
Invoke-PowerThIEf
XSStrike
Jalesc-Linux Privileges Escalating
hjsplit
Metasploitimpacket-examples-windows
Metasploit Console
jsql-injection-GUI
Meterpeter-C2 Powershell Command & Control Framework
juicy-potato
MicroBurst - PowerShell Toolkit for Attacking Azure
kali-windows-binaries
Nessus Pro.urllsassy-Extract credentials from lsass remotely
NetshHelperBeacon
luckystrike
Nikto
metatwin
NoSQLMap
mimikatz
Orca
nc
PSReflect
nc64
Pivotsuite - Network Pivoting Toolkit
nishang
PowerLurk
pattern_create
PowerPriv
pattern_offset
PowerSharpPack-Usefull offensive CSharp Projects
ruler
PowerShell-Suite
subdomain-bruteforcer(SubBrute)
PowerSploit
vssown
PowerUpSQL
vulcan
PowerZure- Assessing Azure security
wePWNise

############################
# Information Gathering
############################

ADACLScanner
ADExplorer
ADOffline
ADRecon
AWSBucketDump
Active Directory Tools
AdFind-Command line Active Directory query
Administrative Tools
Amass
Aquatone - Tool for Domain Flyovers
Aquatone
Asset Finder
Atscan - Advanced dork Search
Atscan
BaseQuery- Organize public combo-lists & data breaches
BeRoot
Bettercap
BloodHound
Bloodhound-Custom-Queries
BridgeKeeper-Scrape employee names
Bucket-Stream-Find Amazon S3 Bucket
Cansina - Web Content Discovery
Censys Subdomain Finder
Cheat Sheets Repositories
CloudBunny-Find the real IP behind WAF
Cloud_Enum-Multi-cloud OSINT
Cloudfail
Cloudflare Resolver-bust
Cloudmare
CrossLinked- LinkedIn enumeration tool
DNS Recon
DirBuster
Dirble- WebSite Directory Scanning
Dirsearch- Web path scanner
Droopescan
Dump Users
Email extractor
Email-verify
EmailHarvester
EyeWitness
FOCA
Fierce - DNS reconnaissance Tool
Fierce
FinalRecon- All-In-One Web Reconnaissance
Findomain
Fprobe-Scan Domains Subdomains for http-https
Get-ReconInfo
Git-Hound
Git-Leak
GitHack-Git folder disclosure exploit
GitMiner-Advanced mining for content Github
Github-Dork
Gitrob
Gobuster
Goby - Attack surface mapping
Gowitness-Web screenshot Utility
Hunter
InSpy - LinkedIn enumeration
IoTSeeker
Kicks3-S3 bucket finder
Lazagne- Credentials recovery
Leetlinked - Scraping tool for LinkedIn
LinkedIn Recon Tool -LinkedInt
LittleBrother-Information gathering (OSINT)
MSOLSpray - A Password Spraying Tool
Maltego
Mass-Maillist-Cleaner
Masscan
NetRipper
Nirsoft Launcher
Nmap - Zenmap GUI
OSINT Websites.url
OneForAll - Subdomain Scanner
Pacu -  AWS exploitation framework
Pathbrute-Directory Discovery Tool
Photon-fast crawler designed for OSINT
PowerView
PowerView_dev
Privesc
Prowl -  Email harvesting tool
R3con1z3r-Web information gathering
RastLeak - Find leak information
Recon-Dog
Recon-ng
Reconspider-Advanced (OSINT)
Recurse Buster
Red Rabbit
RedRabbit-Red Team PowerShell Script
S3Scanner- Scan s3 buckets for security issues
SSL-Scan
ScrapedIn- LinkedIn Scraper
Searchsploit
SharpHound
SharpHound.ps1
SharpView
Sherlock-Find usernames across social networks
ShodanSploit
Shuffledns- Enumerate valid subdomains
Slurp- Enumerates S3 buckets
Snoop - Nickname Search Tools OSINT
Spaghetti
SpiderFoot
SpoolerScanner
Sub Finder
SubOver-Subdomain Takeover Tool
Sublist3r
Sudomy-Powerful Subdomain Enumeration
Turbolist3r
URLCrazy
Watson
WhatBreach-OSINT tool to find breached
WhatWAF
WhatWeb
WhatsMyName- User Enumeration
WinScanX GUI
WinScanX-CL
Windows Exploit Suggester
XCTR-Hacking-Tools
browseList
ffuf - Fuzz Faster
gau (GetAllURLs)
git Graber
gowitness
h8mail- Email OSINT and breach hunting
hakrevdns - Reverse DNS lookups
hping
httprecon
httprobe - Scan Domains Subdomains for http-https
identYwaf
inSp3ctor-AWS S3 Bucket Finder
mimikatz
nbtscan
nc
nc64
netscan
nmap
pockint
recon-ng - Web
s3recon-Amazon S3 bucket finder and crawler
shhgit-Find GitHub secrets
sqlcmd
srvinfo
sslyze
subDomainsBrute
subdomain-bruteforce
subjack-Subdomain Takeover tool
theHarvester
trufflehog- Searches through git repositories for secrets
wafw00f
wePWNise
winfo
zenmap

############################
# Mobile Security Tools
############################

APK Easy Tool
Frida-kill
appmon
APK Editor Studio
Frida-ls-devices
dex2jar
Android Debug Bridge (adb)
Frida-ps
dex2smali
Apkid
Frida-trace
frida-objection
Apktool
Frida
frida-pygmentize
BurpSuite
GDA-android-reversing-Tool
jadx-gui
Bytecode-Viewer
Mobile Security Framework (MobSF)
luyten
DB Browser for SQLite
Multi-Drive
vulnerable apk
Drozer
Nox
Frida-discover
OWASP ZAP Proxy


############################
# Networking Attack
############################

Bettercap
Jumpstart
RouterScan
ettercapNG
BeyondTrustDiscoveryTool
MultiRelay
RunFinger-Python
nc
Cain
Nessus Pro.url
SSH Scan
nc64
Dumpper
NetworkMiner
SSL-Strip
netscan
Evil FOCA
Nirsoft Launcher
SnmpWalk
snmptest
FindSQLSrv-Python
Nsauditor
Waircut
sslyze
Goby - Attack surface mapping
Responder-Python
WinScanX GUI
Icmp-Redirect-Python
Responder
Wireshark

############################
# Password Attacks
############################

ADFSpray - MS Password Spray Attack
KeeThief
ASREPRoast
Kraken-Password crack RAR ZIP 7z
BlackBullet 2.1.6
L0phtCrack 7 (Win64)
BlackBullet 2.5.1
LAPSToolkit
BruteXMLRPC
MSOLSpray - A Password Spraying Tool
Bruter
MailSniper
Cain
Md5Cracker
CeWL-Creating Custom Wordlists
OpenBullet
Check-LocalAdminHash
Password Recovery
CredNinja
Patator - Brute-force
Crunch
RiskySPN
DSInternals
SessionGopher
DomainPasswordSpray
Smtp-Cracker
Fast-RDP-Bruteforce
WinScanX GUI
Get-LAPSPasswords
WinScanX-CL
Go-jwt-cracker
XBruteForcer (CMS)
Hash-Buster- Online Crack hashes
XMLrpc-bruteforcer
Hash-identifier
cap2hccap
Hashcat CLI
cap2hccapx
Hashcat GUI
jwtcat - Cracking JSON Web Token
IMAP Bruteforce
mimikatz.x64
Internal-Monologue
mimikatz.x86
Inveigh
mimikittenz
Invoke-TheHash
pydictor-dictionary builder for brute-force
John the Ripper
rainbowcrack-cl
John the Ripper GUI
rcrack-gui
KeeFarce
thc-hydra-BruteForce


############################
# Reverse Engineering
############################
APK Easy Tool
Extractor
Unpacker
ollydbg
Apktool
IDA Pro 32
binaryninja
dnSpy-x86
windbgx64
Binwalk
IDA Pro 64
de4dot-net35-x64
dnSpy
windbgx86
Bytecode-Viewer
ResourceHacker
de4dot-net35
jadx-gui
x32dbg
Trial-Reset
de4dot-net45-x64
luyten
x64dbg

- Dotnet
AntiTampRem
DotNET Tracer x64
ExtremeDumper x64
StringDecryptor
AntiTamperKiller
DotNET Tracer x86
Kripto v1.0 Deobfuscator
Universal_Fixer
ConfuserEx AntiDump Fixer
ExtremeDumper x32
MegaDumper
Universal_Fixer_NoFuser3

- Extractor
InnoExtractor
InstallShield mini Extractor
LFS Setup Extractor
UniExtract
lessmsi-gui

- Unpacker
Armageddon
EnigmaVBUnpacker
RL!dePeCompact 2.x
UntElock 0.98+
Aspack
Exe2Aut v0.11
UPXEasyGUI
upx_unpacker
De4dot
MART!K UnPacker
Unpacker_PECompact

############################
# Web Application Attack
############################

Acunetix
Recurse Buster
AppSpider 7
SPartan-Sharepoint fingerprinting and attack Tool
Aquatone
SQLMap-GUI
Arjun
SQLi-Hunter-SQLMAP API wrapper
Atlas-Quick SQLMap Tamper Suggester
SQLmap
Atscan
SSL-Scan
BSQLGUI
SSRFmap-SSRF Scanner
BruteXMLRPC
Scrawlr
BruteXSS
See-SURF- find potential SSRF parameters
BurpSuite
Shuriken-XSS
CMSeeK- CMS Detection and Exploitation suite
SleuthQL
Cansina - Web Content Discovery
Spaghetti
Commix
TestSSL.sh
Corsy-CORS Misconfiguration Scanner
VBscan
DSSS-sql-injection
WAScan
Dalfox - XSS Scanning
WPScan-WordPress Vulnerability Scanner
DirBuster
Wapiti-Web Vulnerability Scanner
Dirble- WebSite Directory Scanning
WebCruiserWVS
Dirsearch- Web path scanner
WebInspect 20.1.0
Droopescan
Weblogic-Scanner
ExploitMyUnion
WhatWAF
Eyewitness
WhatWeb
Findom-XSS
Wordpress Exploit Framework
FireFox-Pentesting
XBruteForcer (CMS)
Fuxploider-File upload scanner and exploitation
XMLrpc-bruteforcer
Golismero
XSS-Freak
Gowitness-Web screenshot utility
XSS-Loader Tools
HCL AppScan Standard
XSSfork - XSS Vulnerability Scan
Havij
XSSpwn
IIS-ShortName-Scanner
XSSsniper
IIS-Shortname-Scan (Python)
XSStrike
Joomscan
XSpear-XSS Scanning
Link JS Find - Extract URL Websites
dotdotpwn - Directory Traversal Fuzzer
LinkFinder
ffuf - Fuzz Faster
Netsparker
httprecon
Nikto
identYwaf
NoSQLMap
jsql-injection-GUI
Nuclei - Web Scanner based on templates
jwtcat - Cracking JSON Web Token
OWASP ZAP Proxy
pentest-tools
Quick-SQL
sslyze
R3con1z3r-Web information gathering
wafw00f
ReadyAPI 2.8.2
wfuzz


############################
# Vulnerability Analysis
############################

AD Control Paths
SSL-Scan
BSQLGUI
Searchsploit
DSSS-sql-injection
Shuriken-XSS
Droopescan
SleuthQL
Egress-Assess
Spaghetti
ExploitMyUnion
TestSSL.sh
Golismero
VBscan
Grouper2
WAScan
Joomscan
WebCruiserWVS
Nessus Pro
Weblogic-Scanner
Nikto
WinScanX GUI
NoSQLMap
WinScanX-CL
NtdsAudit
XSS-Freak
OWASP Mutillidae- Vulnerable web-application
XSS-Loader Tools
OWASP ZAP Proxy
XSSpwn
PowerSharpPack-Usefull offensive CSharp Projects
XSSsniper
PwnedPasswordsNTLM
XSStrike
SMBGhost-CVE-2020-0796
XSpear-XSS Scanning
SQLMap-GUI
bWAPP- vulnerable web-application
SQLmap
jsql-injection-GUI
SSH Scan
zBang

############################
# Malware Analysis
############################

Autoruns
KillSwitch
Task Explorer x64
dnSpy
Binwalk
LockHunter
Task Explorer
exeinfope
Comodo Cleaning Essentials
Microsoft Sysinternals
UPXEasyGUI
exiftool
CrowdInspect
PE Detective
UniExtract
loki-upgrader
CrowdInspect64
PPEE
VirusTotal Uploader 2.2
loki
Detect It Easy
Process Hacker 2
Volatility-CL
ollydbg
FLOSS
ProcessActivityView
VolatilityWorkbench-gui
pdbripper
FolderChangesView
ProcessHacker
Winja (VirusTotal Uploader)
pestudio
HijackCleaner64
Regshot-x64-ANSI
Wireshark
peview
ILProtectorUnpacker
Regshot-x64-Unicode
apateDNS
windump
IREC-1.9.16
RunPEDetector32
dnSpy-x86

############################
# Wordlists
############################

Payload-List
PayloadsAllTheThings
Probable-Wordlists
RobotsDisallowed
SecLists
fuzzdb

############################
# Proxy and Privacy Tools
############################

Asoftis IP Changer
Freedome
Proxifier
Tor Browser
Avira Phantom VPN
Gather Proxy
Proxy-Scraper
W10Privacy
Betternet
Hotspot Shield
ProxyCap
WPD
ChrisPC Anonymous Proxy Pro
OOSU10
Simple DnsCrypt
YogaDNS

############################
# Utility Tools
############################

Active Presenter - Screen Recoreder
HTTP File Server (HFS)
ShareX
AnyDesk
HeidiSQL
Simple DnsCrypt
Bandizip
HostsFileEditor
Start Tor Browser
Boxstarter Shell
HxD
Task Explorer x64
CCleaner
IObit Uninstaller
Task Explorer
CFF Explorer
KeePass 2
ThemeTool
Charles Proxy
KeepNote
Tor Browser
Chrome -with XSS Auditor disabled
KeepPass
Wireshark
Chrome
MarkdownEdit
YogaDNS
CyberChef
Microsoft Edge
hjsplit
DB Browser for SQLite
Neo4j_start.bat
neo4j-community
Docker Desktop
Neo4j_stop.bat
ngrok- reverse proxy
Driver Booster 7
NetworkMiner
notepad++
Email extractor
Nirsoft Launcher
peview
FLOSS
OpenVPN GUI
services
Fiddler
PE Detective
shellcode_launcher
FireFox-Pentesting
ProcessHacker
vlc
Firefox
RunAsDate
uTorrent
Google Chrome
ScreenToGif
Greenshot
Search Everything
Essential NetTools
NetLimiter 4

############################
# Wireless Attacks
############################

Airbase-ng
Airventriloquist-ng
Kstats
WifiInfoView.exe
Aircrack-ng-GUI
Besside-ng
Makeivs-ng
WirelessNetView.exe
Aircrack-ng
Bettercap
Packetforge-ng
Wireshark
Airdecap-ng
Buddy-ng
RouterScan
Wpaclean
Airdecloak-ng
Cain
SSL-Strip
ettercapNG
Aireplay-ng
Dumpper
Tkiptun-ng
ivstools
Airodump-ng
Easside-ng
WNetWatcher.exe
wifi-perfiles
Airolib-ng
Elcomsoft Wireless Security Auditor
Waircut
Airserv-ng
Evil FOCA
Wesside-ng
Airtun-ng
Jumpstart
WifiChannelMonitor

############################
# Stress Testing
############################
DDos-Attack (Python)
Slowloris HTTP DoS IPv6
DDos-Attackv1 (Python)
Slowloris HTTP DoS
HostDown- DDos Attack
THC-SSL-Dos
Impulse Denial-of-service ToolKit
TheDoomsday- Test DOS sustainablity
Perl Flood Script (DDoS)
WhatWAF
Priv8-ddos
identYwaf
Saddam-DDoS Amplification Tool
wafw00f