Merge pull request #80 from ThePorgs/dev-images

Add tools list for Exegol image 3.1.6

Author: Dramelac

source/assets/installed_tools/lists/ad_3.1.6_amd64.csv

@@ -0,0 +1,51 @@
+Tool,Link,Description
+asdf,https://github.com/asdf-vm/asdf,Extendable version manager with support for ruby python go etc
+autorecon,https://github.com/Tib3rius/AutoRecon,Multi-threaded network reconnaissance tool which performs automated enumeration of services.
+bloodhound,https://github.com/BloodHoundAD/BloodHound,Active Directory security tool for reconnaissance and attacking AD environments.
+bloodhound.py,https://github.com/fox-it/BloodHound.py,BloodHound ingestor in Python.
+cloudfail,https://github.com/m0rtem/CloudFail,a reconnaissance tool for identifying misconfigured CloudFront domains.
+coercer,https://github.com/p0dalirius/coercer,DFS-R target coercion tool
+CyberChef,https://github.com/gchq/CyberChef/,The Cyber Swiss Army Knife
+droopescan,https://github.com/droope/droopescan,Scan Drupal websites for vulnerabilities.
+drupwn,https://github.com/immunIT/drupwn,Drupal security scanner.
+enum4linux-ng,https://github.com/cddmp/enum4linux-ng,Tool for enumerating information from Windows and Samba systems.
+evilwinrm,https://github.com/Hackplayers/evil-winrm,Tool to connect to a remote Windows system with WinRM.
+exegol-history,https://github.com/ThePorgs/Exegol-history,Credentials management for Exegol
+eyewitness,https://github.com/FortyNorthSecurity/EyeWitness,a tool to take screenshots of websites / provide some server header info / and identify default credentials if possible.
+fcrackzip,https://github.com/hyc/fcrackzip,Password cracker for zip archives.
+ffuf,https://github.com/ffuf/ffuf,Fast web fuzzer written in Go.
+firefox,https://www.mozilla.org,A web browser
+fzf,https://github.com/junegunn/fzf,🌸 A command-line fuzzy finder
+gf,https://github.com/tomnomnom/gf,A wrapper around grep to avoid typing common patterns
+gittools,https://github.com/internetwache/GitTools,A collection of Git tools including a powerful Dumper for dumping Git repositories.
+hashcat,https://hashcat.net/hashcat,A tool for advanced password recovery
+hydra,https://github.com/vanhauser-thc/thc-hydra,Hydra is a parallelized login cracker which supports numerous protocols to attack.
+impacket,https://github.com/ThePorgs/impacket,Set of tools for working with network protocols (ThePorgs version).
+john,https://github.com/openwall/john,John the Ripper password cracker.
+joomscan,https://github.com/rezasp/joomscan,A tool to enumerate Joomla-based websites
+jwt,https://github.com/ticarpi/jwt_tool,a command-line tool for working with JSON Web Tokens (JWTs)
+mdcat,https://github.com/swsnr/mdcat,Fancy cat for Markdown
+metasploit,https://github.com/rapid7/metasploit-framework,A popular penetration testing framework that includes many exploits and payloads
+neo4j,https://github.com/neo4j/neo4j,Database.
+neovim,https://neovim.io/,hyperextensible Vim-based text editor
+netexec,https://github.com/Pennyw0rth/NetExec,Network scanner (Crackmapexec updated).
+nmap,https://nmap.org,The Network Mapper - a powerful network discovery and security auditing tool
+nuclei,https://github.com/projectdiscovery/nuclei,A fast and customizable vulnerability scanner that can detect a wide range of issues / including XSS / SQL injection / and misconfigured servers.
+proxychains,https://github.com/rofl0r/proxychains,Proxy chains - redirect connections through proxy servers.
+pyftpdlib,https://github.com/giampaolo/pyftpdlib/,Extremely fast and scalable Python FTP server library
+responder,https://github.com/lgandx/Responder,a LLMNR / NBT-NS and MDNS poisoner.
+seclists,https://github.com/danielmiessler/SecLists,A collection of multiple types of lists used during security assessments
+simplyemail,https://github.com/SimplySecurity/SimplyEmail,a scriptable command line tool for sending emails
+smbclient,https://github.com/samba-team/samba,SMBclient is a command-line utility that allows you to access Windows shared resources
+smbmap,https://github.com/ShawnDEvans/smbmap,A tool to enumerate SMB shares and check for null sessions
+sqlmap,https://github.com/sqlmapproject/sqlmap,Sqlmap is an open-source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws
+sslscan,https://github.com/rbsec/sslscan,a tool for testing SSL/TLS encryption on servers
+subfinder,https://github.com/projectdiscovery/subfinder,Tool to find subdomains associated with a domain.
+testssl,https://github.com/drwetter/testssl.sh,a tool for testing SSL/TLS encryption on servers
+theharvester,https://github.com/laramies/theHarvester,Tool for gathering e-mail accounts / subdomain names / virtual host / open ports / banners / and employee names from different public sources
+wafw00f,https://github.com/EnableSecurity/wafw00f,a Python tool that helps to identify and fingerprint web application firewall (WAF) products.
+waybackurls,https://github.com/tomnomnom/waybackurls,Fetch all the URLs that the Wayback Machine knows about for a domain.
+weevely,https://github.com/epinna/weevely3,a webshell designed for post-exploitation purposes that can be extended over the network at runtime.
+weevely,https://github.com/epinna/weevely3,a webshell designed for post-exploitation purposes that can be extended over the network at runtime.
+wpscan,https://github.com/wpscanteam/wpscan,A tool to enumerate WordPress-based websites
+ysoserial,https://github.com/frohoff/ysoserial,A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

source/assets/installed_tools/lists/ad_3.1.6_arm64.csv

@@ -0,0 +1,51 @@
+Tool,Link,Description
+asdf,https://github.com/asdf-vm/asdf,Extendable version manager with support for ruby python go etc
+autorecon,https://github.com/Tib3rius/AutoRecon,Multi-threaded network reconnaissance tool which performs automated enumeration of services.
+bloodhound,https://github.com/BloodHoundAD/BloodHound,Active Directory security tool for reconnaissance and attacking AD environments.
+bloodhound.py,https://github.com/fox-it/BloodHound.py,BloodHound ingestor in Python.
+cloudfail,https://github.com/m0rtem/CloudFail,a reconnaissance tool for identifying misconfigured CloudFront domains.
+coercer,https://github.com/p0dalirius/coercer,DFS-R target coercion tool
+CyberChef,https://github.com/gchq/CyberChef/,The Cyber Swiss Army Knife
+droopescan,https://github.com/droope/droopescan,Scan Drupal websites for vulnerabilities.
+drupwn,https://github.com/immunIT/drupwn,Drupal security scanner.
+enum4linux-ng,https://github.com/cddmp/enum4linux-ng,Tool for enumerating information from Windows and Samba systems.
+evilwinrm,https://github.com/Hackplayers/evil-winrm,Tool to connect to a remote Windows system with WinRM.
+exegol-history,https://github.com/ThePorgs/Exegol-history,Credentials management for Exegol
+eyewitness,https://github.com/FortyNorthSecurity/EyeWitness,a tool to take screenshots of websites / provide some server header info / and identify default credentials if possible.
+fcrackzip,https://github.com/hyc/fcrackzip,Password cracker for zip archives.
+ffuf,https://github.com/ffuf/ffuf,Fast web fuzzer written in Go.
+firefox,https://www.mozilla.org,A web browser
+fzf,https://github.com/junegunn/fzf,🌸 A command-line fuzzy finder
+gf,https://github.com/tomnomnom/gf,A wrapper around grep to avoid typing common patterns
+gittools,https://github.com/internetwache/GitTools,A collection of Git tools including a powerful Dumper for dumping Git repositories.
+hashcat,https://hashcat.net/hashcat,A tool for advanced password recovery
+hydra,https://github.com/vanhauser-thc/thc-hydra,Hydra is a parallelized login cracker which supports numerous protocols to attack.
+impacket,https://github.com/ThePorgs/impacket,Set of tools for working with network protocols (ThePorgs version).
+john,https://github.com/openwall/john,John the Ripper password cracker.
+joomscan,https://github.com/rezasp/joomscan,A tool to enumerate Joomla-based websites
+jwt,https://github.com/ticarpi/jwt_tool,a command-line tool for working with JSON Web Tokens (JWTs)
+mdcat,https://github.com/swsnr/mdcat,Fancy cat for Markdown
+metasploit,https://github.com/rapid7/metasploit-framework,A popular penetration testing framework that includes many exploits and payloads
+neo4j,https://github.com/neo4j/neo4j,Database.
+neovim,https://neovim.io/,hyperextensible Vim-based text editor
+netexec,https://github.com/Pennyw0rth/NetExec,Network scanner (Crackmapexec updated).
+nmap,https://nmap.org,The Network Mapper - a powerful network discovery and security auditing tool
+nuclei,https://github.com/projectdiscovery/nuclei,A fast and customizable vulnerability scanner that can detect a wide range of issues / including XSS / SQL injection / and misconfigured servers.
+proxychains,https://github.com/rofl0r/proxychains,Proxy chains - redirect connections through proxy servers.
+pyftpdlib,https://github.com/giampaolo/pyftpdlib/,Extremely fast and scalable Python FTP server library
+responder,https://github.com/lgandx/Responder,a LLMNR / NBT-NS and MDNS poisoner.
+seclists,https://github.com/danielmiessler/SecLists,A collection of multiple types of lists used during security assessments
+simplyemail,https://github.com/SimplySecurity/SimplyEmail,a scriptable command line tool for sending emails
+smbclient,https://github.com/samba-team/samba,SMBclient is a command-line utility that allows you to access Windows shared resources
+smbmap,https://github.com/ShawnDEvans/smbmap,A tool to enumerate SMB shares and check for null sessions
+sqlmap,https://github.com/sqlmapproject/sqlmap,Sqlmap is an open-source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws
+sslscan,https://github.com/rbsec/sslscan,a tool for testing SSL/TLS encryption on servers
+subfinder,https://github.com/projectdiscovery/subfinder,Tool to find subdomains associated with a domain.
+testssl,https://github.com/drwetter/testssl.sh,a tool for testing SSL/TLS encryption on servers
+theharvester,https://github.com/laramies/theHarvester,Tool for gathering e-mail accounts / subdomain names / virtual host / open ports / banners / and employee names from different public sources
+wafw00f,https://github.com/EnableSecurity/wafw00f,a Python tool that helps to identify and fingerprint web application firewall (WAF) products.
+waybackurls,https://github.com/tomnomnom/waybackurls,Fetch all the URLs that the Wayback Machine knows about for a domain.
+weevely,https://github.com/epinna/weevely3,a webshell designed for post-exploitation purposes that can be extended over the network at runtime.
+weevely,https://github.com/epinna/weevely3,a webshell designed for post-exploitation purposes that can be extended over the network at runtime.
+wpscan,https://github.com/wpscanteam/wpscan,A tool to enumerate WordPress-based websites
+ysoserial,https://github.com/frohoff/ysoserial,A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

source/assets/installed_tools/lists/full_3.1.6_amd64.csv

@@ -0,0 +1,69 @@
+Tool,Link,Description
+arsenal,https://github.com/Orange-Cyberdefense/arsenal,Powerful weapons for penetration testing.
+asdf,https://github.com/asdf-vm/asdf,Extendable version manager with support for ruby python go etc
+assetfinder,https://github.com/tomnomnom/assetfinder,Tool to find subdomains and IP addresses associated with a domain.
+carbon14,https://github.com/Lazza/carbon14,OSINT tool for estimating when a web page was written.
+Censys,https://github.com/censys/censys-python,An easy-to-use and lightweight API wrapper for Censys APIs
+constellation,https://github.com/constellation-app/Constellation,Find and exploit vulnerabilities in mobile applications.
+creds,https://github.com/ihebski/DefaultCreds-cheat-sheet,One place for all the default credentials to assist pentesters during an engagement. This document has several products default login/password gathered from multiple sources.
+CyberChef,https://github.com/gchq/CyberChef/,The Cyber Swiss Army Knife
+dnsenum,https://github.com/fwaeytens/dnsenum,dnsenum is a tool for enumerating DNS information about a domain.
+exegol-history,https://github.com/ThePorgs/Exegol-history,Credentials management for Exegol
+exifprobe,https://github.com/hfiguiere/exifprobe,Exifprobe is a command-line tool to parse EXIF data from image files.
+exiftool,https://github.com/exiftool/exiftool,ExifTool is a Perl library and command-line tool for reading / writing and editing meta information in image / audio and video files.
+finalrecon,https://github.com/thewhiteh4t/FinalRecon,A web reconnaissance tool that gathers information about web pages
+findomain,https://github.com/findomain/findomain,The fastest and cross-platform subdomain enumerator.
+firefox,https://www.mozilla.org,A web browser
+fzf,https://github.com/junegunn/fzf,🌸 A command-line fuzzy finder
+GeoPincer,https://github.com/tloja/GeoPincer,GeoPincer is a script that leverages OpenStreetMap's Overpass API in order to search for locations.
+gf,https://github.com/tomnomnom/gf,A wrapper around grep to avoid typing common patterns
+githubemail,https://github.com/paulirish/github-email,a command-line tool to retrieve a user's email from Github.
+GoMapEnum,https://github.com/nodauf/GoMapEnum,Nothing new but existing techniques are brought together in one tool.
+goshs,https://github.com/patrickhener/goshs,Goshs is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S with either self-signed certificate or user provided certificate and you can use HTTP basic auth.
+gron,https://github.com/tomnomnom/gron,Make JSON greppable!
+h8mail,https://github.com/khast3x/h8mail,Email OSINT and breach hunting.
+holehe,https://github.com/megadose/holehe,mail osint tool finding out if it is used on websites.
+ignorant,https://github.com/megadose/ignorant,holehe but for phone numbers.
+imagemagick,https://github.com/ImageMagick/ImageMagick,ImageMagick is a free and open-source image manipulation tool used to create / edit / compose / or convert bitmap images.
+ipinfo,https://github.com/ipinfo/cli,Get information about an IP address or hostname.
+linkedin2username,https://github.com/initstring/linkedin2username,Generate a list of LinkedIn usernames from a company name.
+maigret,https://github.com/soxoj/maigret,Collects information about a target email (or domain) from Google and Bing search results
+maltego,https://www.paterva.com/web7/downloads.php,A tool used for open-source intelligence and forensics
+mdcat,https://github.com/swsnr/mdcat,Fancy cat for Markdown
+MurMurHash,https://github.com/QU35T-code/MurMurHash,This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
+neovim,https://neovim.io/,hyperextensible Vim-based text editor
+ngrok,https://github.com/inconshreveable/ngrok,Expose a local server behind a NAT or firewall to the internet
+objectwalker,https://github.com/p0dalirius/objectwalker,A python module to explore the object tree to extract paths to interesting objects in memory.
+osrframework,https://github.com/i3visio/osrframework,Include references to a bunch of different applications related to username checking / DNS lookups / information leaks research / deep web search / regular expressions extraction and many others.
+phoneinfoga,https://github.com/sundowndev/PhoneInfoga,Information gathering & OSINT framework for phone numbers.
+photon,https://github.com/s0md3v/Photon,a fast web crawler which extracts URLs / files / intel & endpoints from a target.
+pwndb,https://github.com/davidtavarez/pwndb,A command-line tool for searching the pwndb database of compromised credentials.
+pwnedornot,https://github.com/thewhiteh4t/pwnedOrNot,Check if a password has been leaked in a data breach.
+pyftpdlib,https://github.com/giampaolo/pyftpdlib/,Extremely fast and scalable Python FTP server library
+pymeta,https://github.com/m8sec/pymeta,Google and Bing scraping osint tool
+recon-ng,https://github.com/lanmaster53/recon-ng,External recon tool.
+recondog,https://github.com/s0md3v/ReconDog,a reconnaissance tool for performing information gathering on a target.
+rlwrap,https://github.com/hanslub42/rlwrap,rlwrap is a small utility that wraps input and output streams of executables / making it possible to edit and re-run input history
+rsync,https://packages.debian.org/sid/rsync,File synchronization tool for efficiently copying and updating data between local or remote locations
+searchsploit,https://gitlab.com/exploit-database/exploitdb,A command line search tool for Exploit-DB
+shellerator,https://github.com/ShutdownRepo/Shellerator,a simple command-line tool for generating shellcode
+Sherlock,https://github.com/sherlock-project/sherlock,Hunt down social media accounts by username across social networks.
+simplyemail,https://github.com/SimplySecurity/SimplyEmail,a scriptable command line tool for sending emails
+spiderfoot,https://github.com/smicallef/spiderfoot,A reconnaissance tool that automatically queries over 100 public data sources
+subfinder,https://github.com/projectdiscovery/subfinder,Tool to find subdomains associated with a domain.
+sublist3r,https://github.com/aboul3la/Sublist3r,a Python tool designed to enumerate subdomains of websites.
+theharvester,https://github.com/laramies/theHarvester,Tool for gathering e-mail accounts / subdomain names / virtual host / open ports / banners / and employee names from different public sources
+tig,https://github.com/jonas/tig,Tig is an ncurses-based text-mode interface for git.
+tor,https://github.com/torproject/tor,Anonymity tool that can help protect your privacy and online identity by routing your traffic through a network of servers.
+toutatis,https://github.com/megadose/Toutatis,Toutatis is a tool that allows you to extract information from instagrams accounts such as e-mails / phone numbers and more.
+trevorspray,https://github.com/blacklanternsecurity/TREVORspray,TREVORspray is a modular password sprayer with threading SSH proxying loot modules / and more
+TriliumNext,https://github.com/TriliumNext/Notes,Personal knowledge management system (successor to Trilium).
+uberfile,https://github.com/ShutdownRepo/Uberfile,Uberfile is a simple command-line tool aimed to help pentesters quickly generate file downloader one-liners in multiple contexts (wget / curl / powershell / certutil...). This project code is based on my other similar project for one-liner reverseshell generation Shellerator.
+uploader,https://github.com/Frozenka/uploader,Tool for quickly downloading files to a remote machine based on the target operating system
+waybackurls,https://github.com/tomnomnom/waybackurls,Fetch all the URLs that the Wayback Machine knows about for a domain.
+wesng,https://github.com/bitsadmin/wesng,WES-NG is a tool based on the output of Windows's systeminfo utility which provides the list of vulnerabilities the OS is vulnerable to including any exploits for these vulnerabilities.
+whatportis,https://github.com/ncrocfer/whatportis,Command-line tool to lookup port information
+whois,https://packages.debian.org/sid/whois,See information about a specific domain name or IP address.
+Yalis,https://github.com/EatonChips/yalis,Yet Another LinkedIn Scraper
+youtubedl,https://github.com/ytdl-org/youtube-dl,Download videos from YouTube and other sites.
+yt-dlp,https://github.com/yt-dlp/yt-dlp,A youtube-dl fork with additional features and fixes