Tools Used In Hacking or CTF

1. CyberChef :- https://gchq.github.io
NOTE:- The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis.

2. For Scan Online:-  https://www.nmmapper.com/   
3.FOR CODE UNDERSTANDING:-
 Code Understanding Tools 

4.FOR PAYLOADS:- PayloadforAllthings

5.FOR OPEN REDIRECTION:-
 balajianbalagan/lazy-open-redirect-vuln-automation
         
6. WP SCANNER:-  
14 Best WordPress Security Scanners for Detecting Malware and Hacks (wpbeginner.com)

7.This is my day-to-day hacking tool stack:- 
hakluke 👨‍💻🚀 on Twitter: "This is my day-to-day hacking tool stack: 🛠️ Burp 🛠️ Nmap 🛠️ Httpx 🛠️ @securitytrails 🛠️ @Shodanhq 🛠️ @spiderfoot 🛠️ My own tools (mostly open source on github) 🛠️ Everything by @projectdiscoveryio 🛠️ Everything by @tomnomnom That covers about 99% of my hacking 🤷‍♂️" / Twitter 

8.https://awesomeopensource.com/projects/bugbounty  :-
https://awesomeopensource.com/projects/bugbounty
   9.COMMON PORTS IN NETWORKING
                 Ports 1 - 1024 (vmaxx.net)
  10.TO VIEW DATABASE FILE ONINE
https://sqliteviewer.app/   

Burp

Nmap 

Httpx

@securitytrails 

@Shodanhq 

@spiderfoot

 My own tools (mostly open source on github)

 Everything by @projectdiscoveryio 

Everything by @tomnomnom

 

11.There are some excellent tools for defeating RSA challenges in CTFs, and my personal favorite is https://github.com/Ganapati/RsaCtfTool which has worked very well for me. I’ve also had some success with https://github.com/ius/rsatool.

 

12.

privilege escalation is such a large topic that it would be impossible to do it proper justice in this type of room. However, it is a necessary topic that must be covered, so rather than making a task with questions, I shall provide you all with some resources.

General:

https://github.com/swisskyrepo/PayloadsAllTheThings (A bunch of tools and payloads for every stage of pentesting)

Linux:

https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/ (a bit old but still worth looking at)

https://github.com/rebootuser/LinEnum (One of the most popular priv esc scripts)

https://github.com/diego-treitos/linux-smart-enumeration/blob/master/lse.sh (Another popular script)

https://github.com/mzet-/linux-exploit-suggester (A Script that's dedicated to searching for kernel exploits)

https://gtfobins.github.io (I can not overstate the usefulness of this for priv esc, if a common binary has special permissions, you can use this site to see how to get root perms with it.)

Windows:

https://www.fuzzysecurity.com/tutorials/16.html  (Dictates some very useful commands and methods to enumerate the host and gain intel)

https://github.com/PowerShellEmpire/PowerTools/tree/master/PowerUp (A bit old but still an incredibly useful script)

https://github.com/411Hall/JAWS (A general enumeration script)