Mac#
Apple macOS.
Software#
This page lists all projects using this programming language or deployment platform. Only the main server-side requirements, packaging or distribution formats are considered.
binwalk#
Binwalk is a fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images.
BurpSuite#
For pentesting web applications. Can replay and modify requests, fuzz request values, proxy between the browser and site, etc.
CUPP#
Common User Password Profiler
Generates password word lists based knowledge known about a user.
Datadog#
Infrastructure monitoring tool.
10 servers free for 2 years via GitHub Education Pack.
Enum_AzureSubdomains#
“A Metasploit Auxiliary module for enumerating public Azure services by locating valid subdomains through various DNS queries.”
Evilginx#
“Evilginx is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection.”
F00L.DE#
Collection of miscellaneous tools such as vigenere cipher cracking, file analysis, etc.
Web App Windows Mac Linux Freeware Source Given with No License
Ghidra#
Suite of tools for software reverse engineering developed by the NSA.
gpp-decrypt#
Ruby script used to decrypt Microsoft Group Policy preferences strings. Included in Kali by default.
Hashcat#
Password hash cracker.
Hydra#
Online password brute-force tool for SSH, RDP, HTTP, etc.
ILSpy#
.NET / Unity decompiler.
John the Ripper#
Password hash cracker.
Metasploit#
“The world’s most used penetration testing framework.”
Nmap#
Network port scanner tool.
oletools#
Python tools to analyze Microsoft OLE2 files (used in Office, Outlook, MSI files).
OpenStego#
Stegonography application for data hiding and watermarking.
OWASP WebGoat#
“WebGoat is a deliberately insecure application that allows interested developers just like you to test vulnerabilities commonly found in Java-based applications that use common and popular open source components.”
OWASP ZAP#
For pentesting web applications. Can replay and modify requests, fuzz request values, proxy between the browser and site, etc.
Pwntools#
Pwntools is a python ctf library designed for rapid exploit development.
sig2n#
Python scripts to perform JWT algorithm confusion.
Usage instructions from PortSwigger here.
tcpdump#
CLI data network packet analyzer. Can dump to pcap files.
VirtualBox#
Virtual machine hypervisor. Generally used to create Kali or Parrot VMs separate from your host operating system.
WhatWeb#
Scans websites to recognize what software is being used to power them.
Wireshark#
Network packet sniffer that can capture from interfaces in real time or read pcap files.